A different take on Russian Hacks- a look at the 13 page report discussed in Congress Thursday Jan 5th 2017
I always thought it strange that a "government source" would bother with a little piss ant (Podessa) at the DNC on minor atrocities by global kakistocractic standards.
Not exactly the leg up kind of info a foreign government would be looking for.
This is a new investigation into the supposed Russian Hack...a review of the 13 page report given and discussed in Congress Thursday.
The League of Power.
"Tech Journal Casts Doubt on Dems' Russian Hacking Claims"
"Democratic Party claims about Russian hacking interfering in the election of 2016 continue to make the news. A recent article in the respected computer journal Ars Technica discussed supposed attempts on the part of the Russian government to interfere with the election. The article claims that the evidence the government provided in a Joint Analysis Report (JAR) filed by the FBI and the Department of Homeland Security (DHS) is inconclusive and technically inaccurate."
"The report's 13 pages offer no smoking guns and mostly rehash statements put out by private-sector companies with no further evidence provided to back them up. In fact, the report doesn't specifically mention the Democratic National Committee (DNC) or the Democratic Party at all."
"While a number of such companies have claimed the Russian government was responsible, people close to the leaks say they were the product of "lone wolf" attacks; individual security professionals say there's no way to verify the true origins of the hacking".
"The report teases readers with contentions that it reveals secret "tradecraft and techniques" used by Russian hackers, but analysts say these techniques are generic and used by all state-sponsored computer hacking groups."
"This ultimately seems like a very rushed report put together by multiple teams working different data sets and motivations," stated Robert Lee, the founder and CEO of security firm Dragos. "It's my opinion and speculation that there were some really good government analysts and operators contributing to this data, and then, report reviews, leadership approval processes and sanitation processes stripped out most of the value and left behind a very confusing report trying to cover too much while saying too little.""
""Lee noted that the report confused the names of known hacker groups APT28 and APT29, which sometimes go by the names Sofacy, Sednit, Sandworm, CozyBear and others, with the names of malware codes such as Havex and BlackEnergy. It even misused the name of a hacker capability called Powershell Backdoor. These incorrect references lead many security professionals to believe the report was not prepared by experts and may have been rushed to publication."
"In fact, the report's poor technical grasp, if anything, proves President-Elect Donald Trump's assertions that the intelligence community's capabilities may be lacking, to the extent that any of their expertise was actually used compiling the report."
"According to Rob Graham, the CEO of Errata Security, one of the "indicators of compromise" (IOCs) listed in the report was "PAS TOOL WEB KIT," which is a utility used by hundreds and perhaps even thousands of hackers in Ukraine and Russia, most of whom have no affiliation whatsoever with the government of either of those countries."
"IOCs are what security experts use to know if a network has been broken into by outside groups or systems. "In other words, these rules can be a reflection of the fact that the [U.S.] government has excellent information for attribution," Graham said. "Or, it could be a reflection that [it's] got only weak bits and pieces. It's impossible for us outsiders to tell.""
"Jeffrey Carr, an industry security consultant, said that he doubts the attacks that affected the DNC originated from Russian hackers because they used the same malware that affected Germany's Bundestag parliament and the French television network TV5Monde."
"While researchers at security firm Crowdstrike believe this is a clue that points to Russia because other actors wouldn't have the combined resources and motivation to attack all these targets, Carr pointed out that the source code for the malware was independently obtainable from an antivirus software provider called ESET."
""If ESET [can have] it, so can others," Carr wrote. "It's both foolish and baseless to claim, as CrowdStrike does, that X-Agent is used solely by the Russian government when the source code is there for anyone to find and use at will.""
"The doubts expressed by Carr, Graham and Lee show that when the government takes its proprietary research and subsequently makes it public for the world at large to see, large gaps of knowledge are often displayed. In fact, it's arguable that the so-called "experts" that the government employs for its defensive cyber warfare capabilities — depending on which agency is being discussed — may be anything but expert. The report's vagueness and lack of specificity leave it sounding more like a brief catalog of innuendo than an indictment."
"This isn't the first time the government has shown itself to possibly employ novices when it comes to detecting hacking. The attack on Sony Pictures Entertainment by North Korea in 2014 also revealed an aggregation of incompetency and ineptitude that led to incorrect conclusions, finger-pointing and embarrassment for a number of U.S. government agencies."
"At that time, it was also the FBI that made the original accusation against North Korea. But many security experts said that the evidence pointing to the Hermit Kingdom was circumstantial. Security consultant Lucas Zichkowsky declared, "State-sponsored attackers don't create cool names for themselves like 'Guardians of Peace' and promote their activity to the public." Writer Kim Zetter at Wired magazine termed the American government's evidence "flimsy.""
"To be fair, the government may be shy in many cases to reveal its sources and its methods of detection in such cases. Also, it's possible that more in-depth technical evidence that's classified may be being presented to Congress while not being revealed to the public."
"But based on the data provided in the JAR report, there's nothing that could definitively be used to make the case the Obama administration is attempting to claim; most computer security specialists could shoot holes in the government's allegations ten feet wide. In fact some of the evidence points to origins of lone wolfs or activists from other country's governments (i.e. North Korea or China or one of the Baltic state government agencies)."
"Therefore, the argument that the Obama administration and the Democrats are clinging to is unsound; it doesn't pass the smell test."
"So rather than a fact, what they've presented thus far is a theory. Of course, if the government does take retaliatory action, it wouldn't be the first time that it acted based on theories rather than facts, but with a Republican majority in both houses of Congress and a Republican president about to take office, it's doubtful this report and its accusations will go much further, barring additional evidence being proffered."
Regards,
Mark Patricks
Not exactly the leg up kind of info a foreign government would be looking for.
This is a new investigation into the supposed Russian Hack...a review of the 13 page report given and discussed in Congress Thursday.
The League of Power.
"Tech Journal Casts Doubt on Dems' Russian Hacking Claims"
"Democratic Party claims about Russian hacking interfering in the election of 2016 continue to make the news. A recent article in the respected computer journal Ars Technica discussed supposed attempts on the part of the Russian government to interfere with the election. The article claims that the evidence the government provided in a Joint Analysis Report (JAR) filed by the FBI and the Department of Homeland Security (DHS) is inconclusive and technically inaccurate."
"The report's 13 pages offer no smoking guns and mostly rehash statements put out by private-sector companies with no further evidence provided to back them up. In fact, the report doesn't specifically mention the Democratic National Committee (DNC) or the Democratic Party at all."
"While a number of such companies have claimed the Russian government was responsible, people close to the leaks say they were the product of "lone wolf" attacks; individual security professionals say there's no way to verify the true origins of the hacking".
"The report teases readers with contentions that it reveals secret "tradecraft and techniques" used by Russian hackers, but analysts say these techniques are generic and used by all state-sponsored computer hacking groups."
"This ultimately seems like a very rushed report put together by multiple teams working different data sets and motivations," stated Robert Lee, the founder and CEO of security firm Dragos. "It's my opinion and speculation that there were some really good government analysts and operators contributing to this data, and then, report reviews, leadership approval processes and sanitation processes stripped out most of the value and left behind a very confusing report trying to cover too much while saying too little.""
""Lee noted that the report confused the names of known hacker groups APT28 and APT29, which sometimes go by the names Sofacy, Sednit, Sandworm, CozyBear and others, with the names of malware codes such as Havex and BlackEnergy. It even misused the name of a hacker capability called Powershell Backdoor. These incorrect references lead many security professionals to believe the report was not prepared by experts and may have been rushed to publication."
"In fact, the report's poor technical grasp, if anything, proves President-Elect Donald Trump's assertions that the intelligence community's capabilities may be lacking, to the extent that any of their expertise was actually used compiling the report."
"According to Rob Graham, the CEO of Errata Security, one of the "indicators of compromise" (IOCs) listed in the report was "PAS TOOL WEB KIT," which is a utility used by hundreds and perhaps even thousands of hackers in Ukraine and Russia, most of whom have no affiliation whatsoever with the government of either of those countries."
"IOCs are what security experts use to know if a network has been broken into by outside groups or systems. "In other words, these rules can be a reflection of the fact that the [U.S.] government has excellent information for attribution," Graham said. "Or, it could be a reflection that [it's] got only weak bits and pieces. It's impossible for us outsiders to tell.""
"Jeffrey Carr, an industry security consultant, said that he doubts the attacks that affected the DNC originated from Russian hackers because they used the same malware that affected Germany's Bundestag parliament and the French television network TV5Monde."
"While researchers at security firm Crowdstrike believe this is a clue that points to Russia because other actors wouldn't have the combined resources and motivation to attack all these targets, Carr pointed out that the source code for the malware was independently obtainable from an antivirus software provider called ESET."
""If ESET [can have] it, so can others," Carr wrote. "It's both foolish and baseless to claim, as CrowdStrike does, that X-Agent is used solely by the Russian government when the source code is there for anyone to find and use at will.""
"The doubts expressed by Carr, Graham and Lee show that when the government takes its proprietary research and subsequently makes it public for the world at large to see, large gaps of knowledge are often displayed. In fact, it's arguable that the so-called "experts" that the government employs for its defensive cyber warfare capabilities — depending on which agency is being discussed — may be anything but expert. The report's vagueness and lack of specificity leave it sounding more like a brief catalog of innuendo than an indictment."
"This isn't the first time the government has shown itself to possibly employ novices when it comes to detecting hacking. The attack on Sony Pictures Entertainment by North Korea in 2014 also revealed an aggregation of incompetency and ineptitude that led to incorrect conclusions, finger-pointing and embarrassment for a number of U.S. government agencies."
"At that time, it was also the FBI that made the original accusation against North Korea. But many security experts said that the evidence pointing to the Hermit Kingdom was circumstantial. Security consultant Lucas Zichkowsky declared, "State-sponsored attackers don't create cool names for themselves like 'Guardians of Peace' and promote their activity to the public." Writer Kim Zetter at Wired magazine termed the American government's evidence "flimsy.""
"To be fair, the government may be shy in many cases to reveal its sources and its methods of detection in such cases. Also, it's possible that more in-depth technical evidence that's classified may be being presented to Congress while not being revealed to the public."
"But based on the data provided in the JAR report, there's nothing that could definitively be used to make the case the Obama administration is attempting to claim; most computer security specialists could shoot holes in the government's allegations ten feet wide. In fact some of the evidence points to origins of lone wolfs or activists from other country's governments (i.e. North Korea or China or one of the Baltic state government agencies)."
"Therefore, the argument that the Obama administration and the Democrats are clinging to is unsound; it doesn't pass the smell test."
"So rather than a fact, what they've presented thus far is a theory. Of course, if the government does take retaliatory action, it wouldn't be the first time that it acted based on theories rather than facts, but with a Republican majority in both houses of Congress and a Republican president about to take office, it's doubtful this report and its accusations will go much further, barring additional evidence being proffered."
Regards,
Mark Patricks
Tillerson, now testifying in front of Congress, is showing lack of knowledge of foreign affairs, particularly as regards the Donbas and Crimea. He may be talking down to the imbecilic members of Congress. In any event, this tells you why America will not be taking a leadership role in the world in the future. America is showing weakness, not resolve. Just as Congress has for the last 8 years.
Did you know that the KPSU (Communist Party of the Soviet Union) was outlawed after the collapse of the USSR, but that that decision was overturned?
Tell me this, whose info on his net worth do you believe? And because you want to believe that Putin is a thug and corrupt. The old YOUR daddy is more corrupt than MY daddy infantile refrain.
But yes, those were bad examples. None of those examples, except Trump, I cited, has done anything for America, compared to what Putin has done for Russia. If you want to talk productive, (you mentioned how Trump acquired his wealth) it is nothing to what Putin has done for the Russian Federation.
Neither Putin nor I will allow Russia, nor the Russian people, to become communist again. Everyone once in a while I send emails to Comrade Zyuganov reminding him of that. It's about time for a new one. Watch out, Comrade.
Can you understand why so-called news stories of Putin's net worth (or any other condemnation of him) is meaningless to me? And who are you to determine their truth value?
You picked a bad example.
Your bias is not only untenable, it is irritating.
His true "net worth" is priceless.
Can you tell me that?
Besides you, who would want me to believe he is not tyrannical, I don't know or care what others want me to believe.
Anyway, that dacha is appealing.
Thanks for the link and your effort to get at the truth.
If what you said, is true, perhaps there is, even in Russia, the concept of "eminent" domain. Why would you think it is only Putin's decision to do so? You have a perverted sense of what is going on in Russia today, or what has been going on in Russia for the past 25 years. Get jiggy with it.
By the by, Colorado, as far as I know, has been the only site nominated for the Winter Olympics, where the people voted against hosting it. In the 1970's.
https://yro.slashdot.org/story/16/12/...
Load more comments...