Dangerous Pseudo-Science in Cyber Security

Note: this isn’t our normal fare on WUWT, but we do occasionally carry political pieces. What makes this interesting is that Steve McIntyre (ClimateAudit) is involved in researching it. -Anthony

Guest Essay Leo Goldstein, Science for Humans and Freedom Institute

The CrowdStrike Con

CrowdStrike is the network security company, that was called by the DNC when it suspected a breach in its network in early May of 2016. CrowdStrike announced that there were at least two breaches by “two separate Russian intelligence-affiliated adversaries” — Fancy Bear (APT28) and Cozy Bear (APT29). CrowdStrike even suggested that Fancy Bear belongs to GRU (Russian military intelligence) and Cozy Bear belongs to FSB (Federal Security Service, replacement of KGB). The DNC was satisfied with CrowdStrike service and refused to let the FBI examine its servers, surprising even James Comey.  All data and alleged malware samples that were given to the FBI, CIA, NSA, DNI, other security companies, and the public came from CrowdStrike. There is something fishy in this, isn’t it? Especially when we learn that

 In my opinion: CrowdStrike is a fraud

From its beginning in 2012, CrowdStrike has been using fraudulent attribution methodology to attract publicity, to confuse customers, and to alarm potential customers. Alarmism and fraud were hallmarks of Obama’s administration. CrowdStrike’s close relationship with the Obama administration, especially FBI Director Robert Mueller (until 2013), and rotating door between them ensured not only impunity, but quick success. CrowdStrike was valued at $3B in the last investment round, and closed around June 16.

Since around 2005, corporations and government agencies faced a new kind of cyberthreat: external intrusions into their networks followed by data theft. Technological solutions have failed.  The intrusions usually started when hackers obtained some insider’s password or tricked a user into installing malware on his or her computer inside of the network. Malware components are frequently the same or similar, because hackers sell code to each other and frequently open source it. The hackers are caught only rarely. A hacker anywhere in the world can use an intermediate computer anywhere else in the world. The Obama administration had other priorities than securing U.S. networks.

Volunteers and security companies classified hackers’ methods and malware families.  In 2011, Dmitri Alperovitch, a former VP of threat research in McAfee, came up with a trick. He announced: “You don’t have a malware problem, you have an adversary problem.” He claimed that advanced malware families are unique to hacker groups, and that the hacker groups can be identified by the kind of malware they use. This was a false statement. Alperovitch doubled down by claiming that he could identify a foreign government behind most intrusions. Thus, he moved the discussion from the technical realm into the political one. In his first attribution he pointed finger at China. Later, Alperovitch even claimed to know which unit of PLA had committed intrusion, and the DOJ indicted its officers!

It was patently absurd and Alperovitch had to struggle. He started one company, then joined the board of another one until he met a person who fell for his trick: Shawn Henry. He was the executive assistant director to Robert Mueller, who appointed him in 2010. By that time, Mueller already had a solid track record of incompetence and self-service: he missed 9/11 and botched an anthrax investigation, but mastered the use of “process crimes” against white collar defendants (such as Martha Stuart), and created a cachet of FBI cadres personally loyal to him. In March 2012, Mueller’s appointee Shawn Henry retired from the FBI to join Alperovitch and George Kurtz in CrowdStrike. With such connections, the business was booming. Shawn Henry is current president of CrowdStrike Services & CSO.

Alperovitch also became a media star. When a big data loss is announced, nobody wants to listen to technical details. People want to know whodunnit. Honest cybersecurity experts did not know. Alperovitch claimed he did and was always able to point a finger at the governments of China, Russia, Iran, or North Korea. Some of these attributions might have been accidentally correct. It is possible that CrowdStrike clients liked this approach as well. Being hacked by China or Russia sounds better than being hacked by an unknown guy in the Bahamas or some other exotic location. Of course, CrowdStrike was embraced by the Obama administration, and enjoyed all the perks that came from this embrace.

Alperovitch did not make a secret of his method. When CrowdStrike encountered a new type of malware, the first thing it did was a national attribution, which was reflected in the name of the group, and alleged having exclusive possession of it. For example, alleged Russian groups were given a name ending with Bear. Thus, the national attribution is made first and could not be changed no matter how much contrary evidence accumulates later.

The revolving door between CrowdStrike and Obama administration also deserves mention. For example, Steven Chabinsky, a Deputy Assistant Director of the FBI Cyber Division under Robert Mueller, was hired by Crowdstrike in September 2012.  He became CrowdStrike’s general counsel and chief risk officer. On April 13, 2016, he has been appointed by Obama to the Commission on Enhancing National Cybersecurity (press release). It was two or three weeks before the DNC invited CrowdStrike to investigate and/or to make a cover story of the DNC data leak.

The Hillary Campaign

Note that the date when CrowdStrike was called in and other factual details differ between the stories told by CrowdStrike in 2016 and by the DNC in a lawsuit filed on April 20, 2018 (Democratic National Committee v. the Russian Federation, General Staff of the Armed Forces of the Russian Federation … Donald J. Trump for President Inc. …). The date was May 6 according to CrowdStrike and April 28 according to the DNC. This is how dumb the Democratic Party became; not surprising that it has selected Michael Mann as the climate advisor and Dmitri Alperovitch as the cybersecurity advisor. According to CrowdStrike, within 10 seconds its software “found” the culprit. The lot fell on the Russian government.

The DNC was unmoved. It knew that Putin preferred Democrats to Republicans. The Obama administration had just accommodated Putin’s unprovoked aggression against Ukraine. Putin annexed the Crimean Peninsula and occupied the most industrially developed areas of Ukraine without much reaction from the U.S. Compare that to the U.S. reaction in 2008 when Russia clashed with Georgia after the latter shelled Russian forces there. George W. Bush sent a destroyer with “humanitarian aid,” which I think was an overreaction. Trump promised, and proved, to be a stronger president than Bush.  Hillary was not just accommodating to Russia.  On the photos of Hillary and Putin together, she looks like his girlfriend. Not to mention Uranium One and other love stories.

Hillary knew that Putin would hold her back. On June 14, 2016, the DNC coordinated a Washington Post article about a security breach in the DNC and a simultaneous publication of alleged technical details by CrowdStrike. Both laid blame squarely on the Russian government. The Russian government denied responsibility, as expected. The WaPo article claimed that no donor information had been accessed and only a few documents had been stolen, including an opposition research on Trump. The next day the mentioned opposition research was posted on the web by somebody calling himself Guccifer 2.0.

When journalists looked at this document they discovered an error message in Russian. The fifth estate (acting more like the fifth column) wrote that that was a proof that the Russian government had been behind the intrusion. The ultra-sophisticated GRU hackers made a mistake by copying and pasting the content of the original file on a computer with default Russian language settings! The journalists writing on the subject did not give a thought to the fact that Russian is the native language to tens of millions of people outside of Russia. Those who did probably decided not to write about it at all.

The opposition research file with “Russian fingerprints” might had been forged by the DNC or CrowdStrike and fed to the purported hackers with two purposes: to bring attention to the content (i.e., smears) against Trump, and to prove the “Russian connection.” That suggests that somebody involved (in the DNC or CrowdStrike) did not believe in the Russian connection from the beginning.

By its own admission, CrowdStrike watched over the activities of two teams of alleged Russian government hackers from May 6 until early June. Such behavior doesn’t make sense. Even given the infinite trust Hillary had in Putin, the DNC’s IT department should have shut down the Internet connection immediately, then changed all passwords and sanitized all computers.  Apparently, in 2016 Obama’s friends felt they didn’t need to make their lies believable.  If somebody didn’t believe, it was his problem.

But the only meaningful question is who released the DNC’s dirty laundry to the public, not whether the DNC had been hacked, by whom, or how many times. Some think the documents were originally leaked by DNC staffer Seth Rich, who was later murdered. The first document dump had a bad surprise for the DNC – files with the names and other information of the donors. Something went not according to plan.

Between June 18 and July 14, Guccifer 2.0 published multiple documents from the DNC network, and these documents were doing real harm to Hillary. At this point, even somebody trusting CrowdStrike would understand that the documents were not coming from the Russian government. Remember how Russia released the eavesdropping recording from the U.S. Embassy in Ukraine, following 2014 invasion of Crimea?  It posted a single recorded conversation between the top U.S. diplomat for Europe Victoria Nuland and the Ambassador to Ukraine Geoffrey Pyatt on YouTube, then used a third party to bring attention to that video. The advantages of a small release: no risk that the important document gets lost among many unimportant ones; the sources and methods are less likely to be compromised; other documents remain hidden for future use, and the target is kept in dark about the extent of the data loss. The bulk release is typical of individual leakers or hackers. The DNC probably cultivates atmosphere of blind trust, because Hillary seemed to continue believing that Russia had leaked those documents.

Hillary felt betrayed by Putin. Hell hath no fury like hers. Hillary and the Democratic Party started accusing Russia and Putin of all thinkable and unthinkable crimes, attempting to re-start the Cold War with a single purpose – to remain in power. That brings to mind the words of one of the largest Democrat donors and climate alarmists Tom Steyer in an interview with Rolling Stone: “Maybe we can have, like, a nuclear war and then we get a real course correction.” Two years have passed, but who knows how long they’ve been dreaming about a nuclear war. Before Trump, Steyer was equally obsessed with carbon dioxide.

Within less than six months from July to December 2016, the electronic media, joined at the hips with the DNC, entirely rewrote the history of Hillary-Putin relationships. Even many conservative writers forgot that Hillary started to malign Russia and Putin in July 2016 after the alleged hacking and leaking of the DNC documents. Hillary had excellent relationships with Putin before the leak. The DNC leak caused Hillary’s hostility towards Putin and Russia, not the other way around. That’s easy to see with Google Trends, as shown below.

The “consensus” around the DNC leaks attribution was manufactured through circular reasoning. CrowdStrike published samples of malware, which it had allegedly found on the DNC servers, and some security firms supported its baseless attribution claims to scare up some business and to stay in good grace with putative winners of future elections.  Later, Obama’s cadres in the DNI, CIA, and FBI used the same compromised data to compose an intelligence community assessment, falsely claiming that the Russian government interfered in the 2016 elections against Hillary.  An unclassified version of it has been published on January 6, 2017. The FBI and CIA expressed high confidence in the assessment, but the NSA distinguished itself by expressing only moderate confidence.

Steve McIntyre Weighs in

Steve McIntyre performed some analyses and wrote about the DNC leak in ClimateAudit. I cannot express it better, so I quote:

https://climateaudit.org/2017/09/02/email-dates-in-the-wikileaks-dnc-archive/

Yesterday, Scott Ritter published a savage and thorough critique of the role of Dmitri Alperovitch and Crowdstrike, who are uniquely responsible for the attribution of the DNC hack to Russia. Ritter calls it “one of the greatest cons in modern American history”.  Ritter’s article gives a fascinating account of an earlier questionable incident in which Alperovitch first rose to prominence – his attribution of the “Shady Rat” malware to the Chinese government at a time when there was a political appetite for such an attribution.

There were no fewer than 14409 emails in the Wikileaks archive dating after Crowdstrike’s installation of its security software. In fact, more emails were hacked after Crowdstrike’s discovery on May 6 than before. Whatever actions were taken by Crowdstrike on May 6, they did nothing to stem the exfiltration of emails from the DNC.

Isn’t it fun to work with a security company like this? I couldn’t care less what security companies the DNC uses to secure its own network, but Obama’s administration gave CrowdStrike government contracts. It also allowed countless leaks of confidential information from supposedly secure government networks – hardly a coincidence.

https://climateaudit.org/2018/03/24/attribution-of-2015-6-phishing-to-apt28/

In two influential articles in June 2016, immediately following the Crowdstrike announcement, SecureWorks (June 16 here and June 26 here) purported to connect the DNC hack to a 2015-6 phishing campaign which they attributed to APT28. …

Attribution of the phishing campaign to APT28 was therefore done on the basis of infrastructure connections. But while there is an infrastructure association to APT28 but there is also an association to a prominent crimeware gang.

APT stands for Advanced Persistent Threat. APT28 is Fancy Bear.

https://climateaudit.org/2017/10/06/whiskers-on-software-part-1/

In Crowdstrike’s original announcement that “Russia” had hacked the DNC, Dmitri Alperovitch said, on the one hand, that the “tradecraft” of the hackers was “superb” and their “operational security second none” and, on the other hand, that Crowdstrike had “immediately identified” the “sophisticated adversaries … I draw the contrast to draw attention to the facial absurdity of Crowdstrike’s claim that the tradecraft of the DNC hackers was “superb” – how could it be “superb” if Crowdstrike was immediately able to attribute them?

In fact, when one looks more deeply into the issue, it would be more accurate to say that the clues left by the DNC hackers to their “Russian” identity were so obvious as to qualify for inclusion in the rogue’s gallery of America’s Dumbest Criminals, criminals like the bank robber who signed his own name to the robbery demand.

To make matters even more puzzling, an identically stupid and equally provocative hack, using an identical piece of software, had been carried out against the German Bundestag in 2015.

Bundestag fire!

https://climateaudit.org/2017/10/10/part-2-the-tv5-monde-hack-and-apt28/

“Re-reading the two stages of contemporary articles, the first analyses of malware, linking back to malware known in Arabic language forums, to IP addresses in Iraq and Algeria and to jihadi-sympathizing hackers, are much more specific than the subsequent analyses attributing the hack to APT28, which did not present a single technical detail (hash, IP address etc.) It is also frustrating and troubling that the proponents of APT28 attribution did not discuss and refute the seemingly plausible connections to jihadi sources. It is also troubling that so much emphasis in contemporary discussion of FireEye’s analysis incorrectly associated the Cyrillic characters previously described by FireEye in October 2014 with the TV5 Monde incident.

 Second, the confidence of attribution to APT28 was dramatically aggrandized in subsequent reporting, fostered in part by inaccurate original reporting.  Contrary to newspaper reports, Trend Micro did not attribute the seizure of TV5 facilities to APT28. Its assessment was indeterminate, weakly preferring that the seizure was separate from APT28 eavesdropping.”

https://climateaudit.org/2017/10/02/guccifer-2-from-january-to-may-2016/

 “To my eye, there is convincing evidence that G2 actually hacked Democrat Party computers from at least January 2016 on. This is inconsistent with Adam Carter’s theory that G2 was a false flag operation by Crowdstrike and the DNC – the metadata points to too early a start to support such a theory. G2 metadata also points too early for G2 to be a false flag by Fancy Bear/APT28 who are said to have gained access only in April 2016.”

See more at https://climateaudit.org/?s=crowdstrike and https://climateaudit.org/?s=guccifer.

Details

History Rewriting

The following Google Trends graph shows the ratio of Google searches for Putin and Russia over time. The number of searches is a proxy for the ratio of mentions in the media.  The media was totally on Hillary’s side. She controlled the media narrative on Russia and Putin. The red line for Russia stays low in the range of 30-40% from the beginning of 2016 until the week of July 24. Discovery of the data leak is not noticeable. Even announcement of DNC hacking by Russia on June 14 coincides with only little bump for Russia searches. The lines for both Putin and Russia go up on the week of July 24, after Hillary became angry with continuing publication of the leaked documents and decided to connect Putin to Trump, and to malign them together. From the early October until after the elections the searches for Russia and Putin stay at abnormally high level.  Searches for Putin reach peak on the election week, starting at November 6.

Anybody can search MSM websites and see many articles from August – November of 2016, alleging that Trump is associated with Putin and that Hillary would “hold Putin accountable” for something.

Note also that John Brennan made a friendly visit to his colleagues in Moscow in March 2016. That shows that neither the Obama administration nor Brennan considered Russia an adversary at that time. Just few months later, all hell had broken loose. The article The Kremlin Really Believes That Hillary Wants to Start a War With Russia (Foreign Policy, September 7, 2016) is a reminder:

“If Hillary Clinton is elected president, the world will remember Aug. 25 as the day she began the Second Cold War.

In a speech last month nominally about Donald Trump, Clinton called Russian President Vladimir Putin the godfather of right-wing, extreme nationalism. To Kremlin-watchers, those were not random epithets. Two years earlier, in the most famous address of his career, Putin accused the West of backing an armed seizure of power in Ukraine by “extremists, nationalists, and right-wingers.” Clinton had not merely insulted Russia’s president: She had done so in his own words.

Worse, they were words originally directed at neo-Nazis. In Moscow, this was seen as a reprise of Clinton’s comments comparing Putin to Hitler. It injected an element of personal animus into an already strained relationship — but, more importantly, it set up Putin as the representative of an ideology that is fundamentally opposed to the United States.

… To Russian ears, Clinton seemed determined in her speech to provide this missing ingredient for bipolar enmity, painting Moscow as the vanguard for racism, intolerance, and misogyny around the globe.

The nation Clinton described was unrecognizable to its citizens. Anti-woman? Putin’s government provides working mothers with three years of subsidized family leave. Intolerant? The president personally attended the opening of Moscow’s great mosque. Racist? Putin often touts Russia’s ethnic diversity. To Russians, it appeared that Clinton was straining to fabricate a rationale for hostilities.

That fear [that Hillary might attempt a “regime change” in Russia] was heightened when Clinton surrogate Harry Reid, the Senate minority leader, recently [August 30, 2016] accused Putin of attempting to rig the U.S. election through cyberattacks. That is a grave allegation — the very kind of thing a President Clinton might repeat to justify war with Russia.”

At that time, Putin might have switched his preference from Hillary to Trump. Russian officials probably expressed such preference unofficially — exactly as Hillary wanted. That doesn’t mean Putin was aiding Trump. The Russian government should have thought there was a change in American policy, largely independent of who would win elections. Everyone was sure Hillary would win. Putin did not have a chance to change that. It would be unwise for Putin to even attempt – almost inevitable failure would earn him shrill retaliation, and almost impossible success would only make the adversary stronger. But the show was probably convincing enough even for honest intelligence officers.

Relationships with Russia were already bad in September, but that wasn’t enough for Democrats. To support Hillary, the Obama administration (with John Kerry as Secretary of State) turned minor disagreements with Russia into a conflict. October 12, 2016, CNN:

“It’s not a new Cold War. It’s not even a deep chill. It’s an outright conflict.

US-Russia relations have deteriorated sharply amid a barrage of accusations and disagreements, raising the stakes on issues ranging from the countries’ competing military operations in Syria, disputes over Eastern European independence and escalating cyber breaches.

Washington publicly accused the Kremlin of cyberattacks on election systems and the democracy itself last Friday. That came after talks on a Syria ceasefire broke down as US officials suggested Russia be investigated for war crimes in the besieged city of Aleppo. Moscow has steadfastly denied that it’s meddling in the US presidential election. … Democratic presidential nominee Hillary Clinton has pointed to the hacks as evidence that Russia favors her GOP opponent, Donald Trump. Appearing at an investment forum in Moscow on Wednesday, Russian President Vladimir Putin dismissed that charge. … Meanwhile, Moscow abruptly left a nuclear security pact, citing US aggression, and moved nuclear-capable Iskandar missiles to the edge of NATO territory in Europe. Its officials have openly raised the possible use of nuclear weapons.

And that’s just the highlight reel.”

At the time, the MSM attributed that confrontation to Russian military activity in Syria. In fact, the Democratic Party was fanning flames of war to stay in power.  Besides the Democrats’ obscurantism, obsession with political power, and “by any means necessary” attitude, much of this madness has been driven by puny conmen like Michael Mann and Dmitri Alperovitch.

Attribution Fallacies

Attribution of sophisticated network intrusions to specific actors is universally accepted as a very difficult problem. CrowdStrike and similar “solutions peddlers” usually build their case on a chain of very weak assumptions. Russia is home to some of the most sophisticated computer hackers in the world.  The first target on which they try their exploits is Russian banks.  Their skills and malware code become available to the Russian government when they are caught, or even before that. But they are also available to anybody in the world ready to pay cash. The following parameters and assumptions cannot be used for attribution of intrusions to specific actors.

A) Malware Origin

  1. Malware is frequently attributed to Russia because Russian words or Cyrillic fonts are found in it, or in earlier versions of it. But Russian is the mother language for many people born and living in Ukraine, Belarus, Kazakhstan, Estonia, Latvia, and Lithuania, and tens of millions of emigrants all over the world, including the U.S.
  2. An even more stupid and incompetent attribution attempt is the use of malware compilation time and finding that malware has been compiled at the working hours (like 8am to 6pm) for Moscow. In fact:
    • Software compilation and build can be scheduled for any time.
    • Software companies do builds either continuously or overnight.
    • Programmers and hackers rarely work at traditional 9-to-6 schedules.
    • Computers building malware can be set to any time, language, and country settings.
    • Russia spans eleven hourly time zones, so almost any time is working hours somewhere in Russia.

There is nothing easier for a sophisticated hacker group than to build malware on a computer with Russian settings and/or other Russian fingerprints to lead investigators astray. An analyst sees what a sophisticated adversary wants him to see.

B) Targets

Theoretically, in some cases it’s possible to make an attribution of hacking with certain malware type to a specific government based on the attacked targets. This approach was used to allege that malware from APT28 and APT29, allegedly found on the DNC network, belongs to the Russian government because it was used in the past to attack its targets of interest. But this claim is based on data cherry-picking. The same malware was known to attack all kinds of targets, from banks to national Olympic committees. The majority of reported targets were in Russia. Russia attacks Russia – how foolish is that? Wide range of targets demonstrates activities of multiple hacking groups, some of which possibly working for governments. Security researchers engaged in attribution typically make their mind up early, and then look only at the cases that confirm their hypothesis. Security companies are interested only in attacks on large or rich organizations that can be convinced to purchase their services, and such organizations are easy to declare to be of interest to Russia. Most cyber-attacks are not reported at all. But even the cherry-picked list of incidents suggests that the attribution is incorrect.

C) It’s hard to believe that a government-backed hackers’ group would be using the same malware for years, long after it had been detected, analyzed, and publicly attributed to it.  Here, I mean that malware remains the same even after enhancements and modifications – if it can be identified as a derivative of the original.  I would expect any such group to continuously develop new and more effective “products” that bear no resemblance to the previous ones. At least, they can change existing code to remove the published identifiers. CrowdStrike and few copycats presumedly tracked APT28 and APT29 from 2008.

D) Circular referencing and bandwagon effect.

The MSM frequently alleges that the “DNC hack” has been confirmed by multiple private security companies, and then by the Intelligence Community Assessment (ICA) from January 6, 2017.  In fact, all these confirmations based on data from the same source – CrowdStrike. Some companies and government agencies also relied on its analysis. Other companies jumped on the train with similar flawed attribution methodologies – a bandwagon effect. Actual reports from companies other than CrowdStrike included limitations, qualifications, conditions, and/or limited confidence in the findings. Of course, these nuances were lost in the general media coverage. The readers and viewers were left with wrong impression that all these assessments were independent and unconditional. After ICA publication, cybersecurity companies started to refer to ICA as the ultimate source of authority. In fact, even Obama’s request for ICA was highly prejudicial, demanding “intelligence report assessing Russian activities and intentions in recent U.S. elections.” Thus, Obama has already decided that significant “Russian activities in recent U.S. elections” had taken place, and the intelligence agencies were requested to elaborate on the thesis. Some say that ICA was prepared in violation of existing rules, and was unduly influenced by John Brennan, who had been acting against Trump since at least August 2016. (https://americaoutloud.com/u-s-intelligence-communitys-contrived-intelligence-assessment/)

The following is an example of a circular evidence trail by a security professional and a corporate officer who does agree with the attribution of the DNC leak to Russian government:

 Difficulty Level – EXTREME: Why is attribution such a challenge?

“When I was serving in cybersecurity in the Department of the Defense, the main lesson I learned was that you can never truly achieve a high-level of confidence in who is attacking you without the triangulation of multiple intelligence sources.

… when you look closely at the evidence that both of these outstanding organizations found in their investigations, they could all potentially be ‘false flags,’ planted by an advance targeted threat actor emulating the capabilities of these supposed Russian actors.”

So what switched him from skepticism to alarmism?

“… the public case made that Russian influence is behind the activity at the DNC has a few holes, but our government, on both sides of the political aisle, seem to be very sure of that conclusion. Based on sheer faith, I will take our government at its word …”

That’s it – sheer faith! The sheer faith is supported by an analysis made by SecureWorks and ICA, which used purported evidence received from CrowdStrike. The sheer faith leads him to affirm the initial detection and attribution by CrowdStrike. BTW, the Republican side of the aisle is represented by Senator Burr, RINO-NC.

Most attribution theories cannot be tested. In the science, such theories are called unfalsifiable, and, therefore, unscientific. But in one rare case, CrowdStrike theory alleging Russian hacking of Ukrainian howitzer control software has been checked – and found false. CrowdStrike retracted its claims in this specific case without any other consequences.

John Brennan, Obama’s CIA Director

The January 2017 assessment makes heavy emphasis on supposedly superb “sources, tradecraft, and analytic work” used by the FBI and CIA. But the words of John Brennan show a different picture.

Brennan Delivers Remarks at the Center for Strategic & International Studies Global Security Forum 2015:

“When CIA analysts look for deeper causes of this rising instability, they find nationalistic, sectarian, and technological factors that are eroding the structure of the international system. They also see socioeconomic trends, the impact of climate change, and other elements that are cause for concern. Let me touch upon a couple of them.

Mankind’s relationship with the natural world is aggravating these problems and is a potential source of crisis itself. Last year was the warmest on record, and this year is on track to be even warmer.

Extreme weather, along with public policies affecting food and water supplies, can worsen or create humanitarian crises. Of most immediate concern, sharply reduced crop yields in multiple places simultaneously could trigger a shock in food prices with devastating effect, especially in already fragile regions such as Africa, the Middle East, and South Asia. Compromised access to food and water greatly increases the prospect for famine and deadly epidemics.”

This passage demonstrates traitorcraft rather than tradecraft. Sources are replaced by UN agencies’ policy papers and analytic work is replaced by credo quia absurdum.  But James Clapper is even worse.

James Clapper, Obama’s DNI Director

James Clapper appears clean before his appointment as DNI Director in 2010. For six years, Clappers signed the Statement for the Record on the Worldwide Threat Assessment of the US Intelligence Community for the Senate Select Committee on Intelligence. In Obama’s second term, Clapper started including in them the alleged climate change threat. Climate change was mentioned:

2014 statement (Clapper):  once

2015 statement (Clapper):  4 times

2016 statement (Clapper):  8 times, including the following passage:

 “Environmental Risks and Climate Change

 Extreme weather, climate change, environmental degradation, related rising demand for food and water, poor policy responses, and inadequate critical infrastructure will probably exacerbate—and potentially spark—political instability, adverse health conditions, and humanitarian crises in 2016. Several of these developments, especially those in the Middle East, suggest that environmental degradation might become a more common source for interstate tensions. We assess that almost all of the 194 countries that adopted the global climate agreement at the UN climate conference in Paris in December 2015 view it as an ambitious and long-lasting framework. 

  • The UN World Meteorological Organization (WMO) report attributes extreme weather events in the tropics and sub-tropical zones in 2015 to both climate change and an exceptionally strong El Niño that will probably persist through spring 2016. An increase in extreme weather events is likely to occur throughout this period, based on WMO reporting. Human activities, such as the generation of greenhouse gas emissions and land use, have contributed to extreme weather events including more frequent and severe tropical cyclones, heavy rainfall, droughts, and heat waves, according to a November 2015 academic report with contributions from scientists at the National Oceanic and Atmospheric Administration (NOAA). Scientists have more robust evidence to identify the influence of human activity on temperature extremes than on precipitation extremes. 
  • The Paris climate change agreement establishes a political expectation for the first time that all countries will address climate change. The response to the deal has been largely positive among government officials and nongovernmental groups, probably because the agreement acknowledges the need for universal action to combat climate change along with the development needs of lower-income countries. However, an independent team of climate analysts and the Executive Secretary of the UN climate forum have stated that countries’ existing national plans to address climate change will only limit temperature rise to 2.7 degrees Celsius by 2100.”

This asinine opinion, attributed to the intelligence community by James Clapper, adds injury to insult by referring to UN bodies four times, each time taking them as sources of authority.

The following statements were made by Clapper in person at Intelligence and National Security Alliance (https://www.insaonline.org) conference in September 2016 (https://archive.is/J32Hm):

“In the coming decades, an underlying meta‐driver of unpredictable instability will be, I believe, climate change. Major population centers will compete for ever‐diminishing food and water resources and governments will have an increasingly difficult time controlling their territories.”

“Well, I alluded to that briefly in my remarks, and I do think climate change is going to be an underpinning for a lot of national security issues. The effect on climate, which drives so many things ‐‐ availability of basics like water and food, and other resources, which are increasingly going to become matters of conflict, and already are, between and among countries. And so this is going to give rise to national security insight that we’ll need to understand this and hopefully help anticipate it. So I think climate change over time is going to have a (inaudible) effect on our national security picture.”

Thus, James Clapper lost his mind and/or integrity even before he gave DNI approval to CrowdStrike claims.  He continues leveraging climate alarmism to against national security — https://climateandsecurity.org/tag/james-clapper/.

Remarks

Frauds like CrowdStrike were common under Obama’s administration. Theranos, a purported blood testing innovator, raised more than $700 Million between 2011 and 2017 and was valued at $9B at some point.  In 2011, the Theranos founder recruited George Shultz, a Secretary of State in Reagan administration and currently “a senior statesman with a climate solution,” as a board member. He brought on more high level political figures. Theranos’ founder Elizabeth Holmes even secured support from Bill Clinton. She also wanted to save the planet from climate change! Theranos never had a working product, technology, or even competent R&D, but politics easily prevailed over technology and science in those years. Investment poured in, Walgreens signed a contract and built in-store booths for Theranos’ blood tests. In 2015, Obama’s FDA approved the non-existent Theranos’ blood testing device!  Fortune wrote that Ms. Holmes, a university drop out, was an inventor in 26 patents issued to Theranos. Today, Theranos’ fraud is revealed, but Ms. Holmes walked away with hardly a slap on the wrist.

Google (Alphabet) is an investor in CrowdStrike, having participated in at least three investment rounds in 2015, 2017, and June 2018. Google fails to disclose this and other conflicts of interest in search results related to the companies in which it invests.

Google, Facebook, and Twitter had an opportunity and incentives to use their knowledge and experience in cyber security to explain to the public and Congress the folly of the Russian attribution of the DNC leak and related conspiracy theories when they were called to testify before Congress.  They had access to the same information that I do, and Google also had insider’s information about CrowdStrike. Nevertheless, they chose to lie to Congress and the public, and put their weight behind the conspiracy theories, even to the point of accepting a partial blame for the alleged “Russian” actions.

In 2011, Dmitri Alperovitch founded Asymmetric Cyber Operations LLC. Then he joined the board of CounterTack, a cybersecurity firm. MSM usually omits these details of his career.

In February 2017, CrowdStrike sued testing company NSS Labs, apparently to prevent the publication of the NSS Labs test results for a CrowdStrike product. The lawsuit was dismissed.

Following the apparent success of the CrowdStrike fraud, other security companies started to make dubious attributions. Examples are FireEye (FYEY) and SecureWorks (SCWX). When describing APTs, SecureWorks advices incorrectly to “Focus on the ‘who’ not the ‘what’.” For most organizations, the question who is unhelpful, because the answer is anybody or everybody. The network security should be able to handle a threat from anybody, proportionally to the value of the information on the network.  This is the same as in the physical security. We don’t ask who when we lock the doors. We lock the doors to protect against all thieves, rather than asking who.

Alperovitch is a fellow of Atlantic Council. I don’t think this is a major factor – his motives are financial gain, and, possibly, media attention.

Here, the word hacker is used in its common meaning — somebody who accesses computer systems without authorization. Initially, it meant something like a darn good programmer, especially in the Linux community.

Other sources of data and analysis of the DNC leaks:

Opinion:

https://medium.com/homefront-rising/dumbstruck-how-crowdstrike-conned-america-on-the-hack-of-the-dnc-ecfa522ff44f

Disclosure

I hold short positions in (bet against) the Google stock.

Other reading

 

  1. Jeffrey Carr, The DNC Breach and the Hijacking of Common Sense, June 19-21, 2016

 “Attribution is hard enough without cybersecurity companies picking the evidence they need to support the conclusion that they want with threat actor models that are completely devoid of common sense. We can do better.”

  1. Jeffrey Carr, Faith-based Attribution, July 10, 2016

“It’s important to know that the process of attributing an attack by a cybersecurity company has nothing to do with the scientific method. Claims of attribution aren’t testable or repeatable because the hypothesis is never proven right or wrong.”

“When it comes to cybersecurity estimates of attribution, no one holds the company that makes the claim accountable because there’s no way to prove whether the assignment of attribution is true or false unless …”

  1. Jeffrey Carr, FBI/DHS Joint Analysis Report: A Fatally Flawed Effort, December 2016

 “A common misconception of “threat group” is that refers to a group of people. It doesn’t.”

Unlike Crowdstrike, ESET doesn’t assign APT28/Fancy Bear/Sednit to a Russian Intelligence Service or anyone else for a very simple reason.”

“In fact, the source code for X-Agent, which was used in the DNC, Bundestag, and TV5Monde attacks, was obtained by ESET as part of their investigation!”

  1. Bitdefender, APT28 Under the Scope, 2015

We have reasons to believe that the operators of the APT28 network are either Russian citizens or citizens of a neighboring country that speak Russian.”

The emphasis is mine. Attacked countries, in the decreasing order of vulnerabilities according to the report: Ukraine, Spain, Russia, UK, Romania, Bulgaria, US, Canada, Portugal, Italy, and Mexico.  Why would Russia attack Russia?

  1. Forbes, Security Advice From The CEO Of The World’s Newest Unicorn – CrowdStrike, May 2017

CrowdStrike CEO George Kurtz about their attribution of the alleged DNC breach: “That work raised our profile considerably, solving a high profile problem, separating us from a crowded field in the security space.

Given such stunning success, it is quite natural that CrowdStrike doesn’t want to admit to the fraud in their detection and attribution!

  1. https://www.cyberscoop.com/failed-lawsuit-trailed-crowdstrike-rsa/

 “Crowdstrike became one of the most famous brands in the cybersecurity industry last year after securing a contract with the Democratic National Committee.”

  1. https://www.nytimes.com/2016/10/21/us/private-security-group-says-russia-was-behind-john-podestas-email-hack.html

At the start of 2014, President Obama assigned his trusted counselor, John D. Podesta, to lead a review of the digital revolution, its potential and its perils. When Mr. Podesta presented his findings five months later, he called the internet’s onslaught of big data ‘a historic driver of progress.’

What a joke!

Advertisements

210
Leave a Reply

58 Comment threads
152 Thread replies
3 Followers
 
Most reacted comment
Hottest comment thread
86 Comment authors

  Subscribe  
newest oldest most voted
Notify of
rms

Thanks for publishing. Very important.

Warren in New Zealand

Thank you

Warren

Thank you

JaneHM

There’s an odd New Zealand angle to this : Podesta was phished from a Tokelau address. Tokelau is a New Zealand territory. Yes it’s easy to get an address in Tokelau but New Zealand is part of Five Eyes (the US-Australia-NZ-UK-Canada signals intelligence/ survelliance alliance), so it’s hard to believe they don’t know who the Podesta phisher was.

simple-touriste

Hug? How do you know where the server was? Do you have an IP?

Or do you believe that any domain name placed under a ccTLD (country code Top Level Domain) has both its NS (name server) and Web server in that specific country?

No. And yes. There is a New Zealand, (and Australian) angle, but…

Podesta was apparently phished from IP 134.249.139.239 (Ukraine, kyivstar.net broadband) It’s a *mobile* broadband provider, so potentially a physical mobile phone.

They chose this provider because previously that year some base-stations of Kyivstar in Donbass had been seized by Russian separatists. So they were trying to imply a Russian controlled operation. BUT the location of that IP is not in the separatist areas.

Then we have the Registration of DCLeaks. It’s to a privacy service registered to PO Box 16, Nobby Beach, Queensland Australia. It really is a physical PO box. It’s the registration address of thousands of dodgy sites (like the Muslim Brotherhood). That’s the final registration. The original one (2012, maybe 2010) was to Ronald Vanyur of Huntington Beach California.

The New Zealand angle is the SOA (Start of Authority) for actblues[.]com, which is claimed to be implicated in the DCCC hack. The SOA gives fisterboks[@]email.com and nameserver ititch[.]com which is 103.6.212.252 in New Zealand.

Also links to Malaysia, France, and of course USA.

But not Russia.

michel

The site

https://defycccc.com/

does not seem to exist.

Also, a search for Science and Humans Freedom Institute doesn’t bring up any hits.

kev1701e
Scarface

Things are starting to make sense now, thanks!

Alan Tomalty

Shows that changes in government democracies is crucial for the search for the truth In a one party system the truth doesn’t exist.

Richard Patton

That’s why, even though I am Republication, I am worried about the seeming death wish of the Democratic party. If they keep on with their stupidity there will (effectively) be only one party in this country, and that is very bad.

PATTON sez:
“That’s why, even though I am Republication,
I am worried about the seeming death wish of the Democratic party.”

It’s REPUBLICANS you are a member of,
not Republications?
and the other party is the DEMO-CRAPS,
er, I mean the DEMOCRAT party,
not the “Democratic” party.

The Democrats are acting so dumb,
with their love of socialism,
and their wish for open borders,
they make Trump sound like a
diplomat and a genius.

michel

The link should be

https://defyccc.com/

It had one too many ‘c’s in it as posted.

The other one has a page come up in Bizpedia – just that they are a Delaware registered corporation.

Revised quote:

“Being hacked by China or Russia sounds better than being hacked by some 12-year-old geeky kid from his parents’ basement.”

joelobryan

Being hacked by Russia is better than having a 27-yr old Bernie supporter DNC staffer, disgusted by the obvious bias against Bernie in the DNC, come forward as the DNC insider hack source.

Greg

It never was a “hack”. The initial DNC release just before primary which Clinton rigged, came from a leak. Assange has clearly stated that the material came from a leak and not a hacked source.

JohnB

Exactly. It makes it sound like the it takes the resources of a shady government department to crack your security rather than a slightly soft cheeseball.

Philip Schaeffer

Ah, it’s Ari Halperin, or at least that’s what he called himself here in the past:

https://wattsupwiththat.com/2016/07/21/ooops-not-al-31-scientific-societies-actually-signed-the-aaas-consensus-letter/

He managed to run the headline here “Ooops! Not all 31 scientific societies actually signed the AAAS ‘consensus’ letter”, on the basis of nothing more than the fact that not everyone he wrote to responded to his questions.

Yeah well… I’d take anything this guy says with a grain of salt.. or a few million grains possibly.

Hugs

#1 It’s Leo Goldstein, where did you see Ari’s name?

#2 It’s not ‘nothing more’, but I think Ari was getting wrong what ‘signed’ means these days.

#3 Ari’s piece was very educative. The signatories felt threatened.

#4 bon appetit

Terry Martin

I wouldn’t bother with “Philip Schaeffer” or whatever he calls himself. It appears to be a trollbot. I don’t think the bot actually read the most excellent article it linked to.

He’s a real person, I’ve conversed with him, however his viewpoints posted here are indeed often bot-like.

DEEBEE

But Anthony, the “screed” should have been edited better to try to keep down, the leaps of faith.

“#1 It’s Leo Goldstein, where did you see Ari’s name?”

From the byline of one of his articles here
“Leo Goldstein researches and writes about climate alarmism, and its interconnection with other social ills. Until recently, Leo Goldstein wrote under the pen name Ari Halperin.”

Philip Schaeffer

Yes, and he has written here under the name Ari Halperin in the past, which I find interesting given what Anthony says about anonymous cowards.

I’d love to see you guys try and identify a real bot. That would be hilarious in comparison to what I write.

Yeah, I know, it’s just a throwaway insult, but it is pretty dumb.

Philip Schaeffer

Has it been made clear to the readers of WUWT Ari and Leo are the same person so that they know they are hearing from the same person when they read articles here under either name, or did the names just change discretely?

[yes, Mr Goldstein requested that WUWT change his name from the pen name “Ari Halperin” to his real name “Leo Goldstein” -mod]

Philip Schaeffer

Aaaaaaand, I’m on moderation. Lol. Touched a raw nerve there I think.

(There is nothing in the Mod Bin showing it) MOD

Philip Schaeffer

well, i just got the same waiting for moderation message again.

edit: Nope, gone this time. One of the messages I just posted is still gone. I got the same message, waiting on moderation.

I think someone else might have got a bit annoyed with me. To moderation, then disappeared.

I think there might be two hands at work here, not knowing what the other is doing.

For a few mins there everything was going to moderation, now it’s back to normal.

Philip Schaeffer

The message you just responded to got that awaiting moderation message, and didn’t show up immediately.

Philip Schaeffer

You know that, but did the readers of WUWT ever get told that the articles here by Ari Halperin are actually by Leo Goldstein?

Philip Schaeffer

Sorry, I think my last comment disappeared. He told you, but did you tell the readers of WUWT so they would know that articles here under the name Ari Halperin are actually by the same Leo Goldstein who wrote this article?

Philip Schaeffer

I mean, it seems to be news to some of them, like they heard it for the first time from me. So, did WUWT tell it’s readers who he really was, or just change the names without informing readers of what happened?

Philip Schaeffer

“yes, Mr Goldstein requested that WUWT change his name from the pen name “Ari Halperin” to his real name “Leo Goldstein””

I didn’t ask if he told you. I asked if you have informed your readers so they know who they were reading under the name Ari Halperin, and that it was actually the same person as they are reading now, Leo Goldstein?

[Mr. Goldstein made a statement some time back to that effect. You seem to be the only person concerned about it -MOD]

Philip Schaeffer

Sigh, the path of conversation would be a lot clearer without that bout of moderation in the middle to confuse things.

That some of the message above can’t be edited any more, but ones further above them still can is proof that moderation was happening. Any comment on that?

[Sometimes comments get flagged by wordpress. If you don’t want to have the occasional inconvenience then simply don’t comment and take that risk. -MOD]

Philip Schaeffer

“[Sometimes comments get flagged by wordpress. If you don’t want to have the occasional inconvenience then simply don’t comment and take that risk. -MOD]”

Lol, it’s OK. I’ll accept that it was just coincidence that all my messages suddenly went to moderation in the middle of a discussion that may annoy some people at WUWT. And that some of them stayed missing, and that one of the mods seemed to have a different idea of what was going on than the other.

Philip Schaeffer

I didn’t ask if he has ever stated anything about his name change. I didn’t ask if he told you about the name change. I asked if you have ever informed your readers of this. Did he make his statement here? After all, you are now carrying articles from him under two different names. And that on a site with a strong position against anonymous cowards.

Putting his real name on his last article here would be a good start. But that’s just my opinion 🙂

I have to admit, I’m a little surprised that I’m the only one here who cares given the scorn put on anonymous cowards round this place.

[Mr. Halperin makes it clear he uses a pen name, and he makes it clear on his website defyccc.com that he posts articles at WUWT and gives their titles and links. He’s put a defyccc.com in every story I’ve seen. Seems to be much ado about nothing on your part. -MOD]

Philip Schaeffer

OK, I can let it go, but can you please actually answer the question. Why bother replying to me twice with answers to other questions, but not the one I asked? Anyway, up yo you if you answer, as I have now been told to drop it, and we all know what happens next if you don’t.

[“we all know what happens next if you don’t.” Is that some sort of threat? -MOD]

Philip Schaeffer

A threat? I can’t put anyone on permanent moderation, or ban them. That’s what happens to people here who don’t drop issues when told to.

[Mostly it happens to people who are rude and insulting, and/or use expletives, and violate the published blog policy. https://wattsupwiththat.com/policy/ Thread bombing is one of the things that can earn permanent moderation. -MOD]

Philip Schaeffer

Look, I’m happy to let this slide, but there would be three less posts from me if you’d just said “No” when I asked if you told your readers about the name change. And less posts again if moderation hadn’t complicated things.

As far as I’m concerned, so long as people here know they are the same person (and from some of the comments they obviously didn’t), then it’s all good and I need say no more.

[Thanks, as mentioned earlier, Mr. Goldstein made a statement about it here. Not every commenter may have read it. We have no control over that -MOD]

paul courtney

Thanks, Phil. Sixteen posts and (clutch pearls tightly, now) moderation because you refuse to do your own research about what can or can’t be found here. Your future posts will give me a chuckle as I recall this string of clutched pearls.

Mr. Schaefer is in fact a concern troll. He has a long history of whining about the way he thinks WUWT should be run. He simply doesn’t like this website, so tries to tear it down. In reality he’s little more than an ankle biter.

He rails about this one issue, because that’s all he’s got.

Funny though, he never demands name accountability from other blogs, like his Australian mate “Sou” at Hotwhopper who NEVER uses her real name Miriam O’Brien… when she writes derogatory and defamatory posts….mostly about me and other people who publish here. Mr. Schaefer’s OK with that sort of behavior under pen names…apparently, because we never see him at that website trying to tell Ms. O’Brien how bad that sort of behavior is.

Mr. Schaefer had been on permanent moderation at WUWT because nearly his entire comment history consisted of trying to tell everybody how WUWT should be run according to his viewpoint. The rest were just jabs. AFAIK, he
hasn’t contributed anything positive to any discussion here. When I switched to the new server, I wiped the slate clean, that included him.

Some people have returned to their typical patterns, others have learned from their past bad behavior and have cleaned up their act.

We often get over 1000 comemnts a day, most go through with no issue, some get flagged moderation, some end up in the trash because they look like spam or have links to websites that are dangerous. The wordpress server flags comments regularly and the moderation staff and I have to clear valid comments regularly. It happens to everybody who regularly comments here. Grousing about it doesn’t help.

And I’m not even sure Philip Schaefer is his real name. Given the way he preaches here, it could be a nom de plume. For all I know, he could be Miriam O’Brien, trying to stir the pot here so that she can get choice comments to frame derogatorily at her HotWhoppette website…its what she does, and she’s become essentially an Internet stalker of me personally. Someday, Ms. O’Brien will be in for an ugly legal surprise.

Mr. Schaefer (if that is your real name) if you want to go back on permanent moderation, keep doing what you’re doing to the point of it becoming what would be considered thread bombing.

If you want to get along in this community, try another tact. Your choice, but bear in mind that in my policy page, I reserve the right to refuse service to anyone. I’m not required to post your comments.

Mr. Schaefer, there’s no need to respond. I’m not interested in a discussion with you. Good day sir (or madam).

“Grousing about it doesn’t help.”

Grousing is the American way !

I love it when people use uncommon words
like “grousing” or “whippersnapper”
or “lollygagging”.

Also, after criticizing someone online,
one should always close with:
“Have a nice day”.

Philip Schaeffer

paul courtney said:

“Thanks, Phil. Sixteen posts and (clutch pearls tightly, now) moderation because you refuse to do your own research about what can or can’t be found here. Your future posts will give me a chuckle as I recall this string of clutched pearls.”

I was told:

“[Sometimes comments get flagged by wordpress. If you don’t want to have the occasional inconvenience then simply don’t comment and take that risk. -MOD]”

So, nothing to do with what research I did or didn’t do. WordPress has no comprehension of such things.

But I can’t really talk to you about is because that can then be used as a reason to put me on permanent moderation. Yah know, thread bombing and all.

Philip Schaeffer

But I can’t really talk to you about is because that can then be used as a reason to put me on permanent moderation. Yah know, thread bombing and all.

So after posting dozens of comments in a row, AKA “thread bombing”, and complaining that the VOLUNTEER moderators are not immediately approving your next steaming pile of … words … now you are whining that you “can’t really talk” about some random thing for fear of being put on permanent moderation???

Gotta say, I’m astounded that Anthony has been generous enough to allow you another chance. And I’m even more amazed that, having been given such a second chance, you are doing your very best to get put back on permanent moderation.

Me, I’d have planted your face in the pavement after about the eighth useless comment in a row, but then I’m a semi-reformed cowboy, and Anthony is a gentleman … however, even he has his limits.

My advice? Stop talking about process, about moderation, about how long it takes for your comments to appear, about people who don’t care about your dumb questions … and start talking about the ISSUES UNDER CONSIDERATION. You know. Like the rest of us do.

Your endless whining is unseemly …

w.

Jeff

The extent and damage caused by computer hacking is exaggerated IMO.
The media is a willing participant in the hype.
And they always first interview experts from security companies who obviously want to talk it up, to increase business for themselves.

Sam C Cogar

The extent and damage caused by computer hacking is exaggerated IMO.

Jeff, the extent of the per se “hacking” of Hillary Clinton’s unprotect basement “server” is not only un-exaggerated, ….. it is the worstest case ever of US secret and/or classified data/info being easily accessible to any programmer, anywhere on earth, with “smarts” enough to access it.

Hillary’s unprotect basement “server” was an “open door” to hundreds of other government “servers”, …… to anyone that wanted to “get in”.

Tom Abbott

According to testimony at a congressional hearing, at least one foreign actor was able to download almost every email Hillary had on her illegal server. Louis Gomert said the unnamed hacker had transferred all but about 10 of Hillary’s emails to another location.

It’s a pretty good bet that if one foreign actor was able to get into Hillary’s server, then others probably did, too.

So at least one of our foreign enemies has a full set of Hillary’s deleted emails.

How secure is your setup if a phishing ploy can manage to hack into it? Answer: It’s not secure at all. Lamebrains!

Jeff

No-one actually used the email information to harm the US.
“while some of the emails contained information that the government considered classified to the highest levels, the information was “innocuous” and not “particularly sensitive” because the emails discussed matters that were simultaneously available in the public domain—such as in newspapers”

Sam C Cogar

Jeff – July 13, 2018 5:45 pm

No-one actually used the email information to harm the US.

Jeff, why do you persist in making such asinine and silly statements?

GETTA clue, …… Jeff, …… given the fact that it was Hillary’s “private server” and situate in her private residence ………. then you can “bet you last $100 that her hubby Bill, … daughter Chelsea, ….. son-in law, ……along with a dozen or so other relatives, friends, etc., …….used that same server for their IP address for connection their PC’s, I-phones, etc. to the Internet ……. because it wouldn’t cost them a single penny to do so ………… and that was an equally IMPORTANT reason why Hillary et el had to smash her I-phones, I-pads, etc., ……. plus delete everything off of the “server” storage before she would let any ”outsider” have access to said server.

Don’t forget, Bill Clinton was “making cash deals” with foreign entities, …… the same as Hillary was doing.

C1ue

Cyber crime is a $1.5 trillion industry.
You are totally wrong.
The cybersecurity vendors exaggerate how much their products and services help, and also the focus on what cyber risks people and businesses should focus on, but the problem is enormous and undisputed.

Jeff

“Cyber crime is a $1.5 trillion industry.”
For the “cybersecurity vendors” yes probably.

dodgy geezer

Real attribution is very rarely possible if you are dealing with an experienced attacker.

The problem is that computer messages do carry an awful lot of metadata describing their origin and path to the recipient. In the early days of computer security this was used to convict people – and the attackers learned rapidly. So nowadays this metadata will routinely be spoofed, and passed through zombied machines to disguise the real point of origin.

Of particular interest is the ability to trace-route IP packets. If a police force can access all the jumps a packet has taken, they should be able to find the originator. So an obvious response is to route a malicious attack through machines under the jurisdiction of a government hostile to your victim – because then the victim’s police force will probably not be able to get permission to examine those machines.

For example, if I were to attack the WUWT web site from a site in Boston, I would be very likely to be traced rapidly. If I were to route the attack through a machine in France, it would take longer for the FBI to contact the French Sûreté Nationale, but eventually a trace would go in.

However, if I were to route through North Korea, it’s unlikely that the US authorities would get any co-operation. However, it’s probably quite difficult to zombie a NK machine. Russia and China would be the obvious choices – and they have the benefit that no US authorities will look any further, because blaming Russia and China is very politically acceptable…

Very interesting. Yes, its hard to say who’s behind anything these days, and 97% likely that who your are led to believe is, isn’t….

Long off topic stream of consciousness
…Interestingly the last part of the article touches on security experts being at the least naïve about climate change – but this is something that has happened over the last 50 years in a general way.

Two centuries ago all educated people had probably had very similar educations. Since then human knowledge of the written kind and skill sets of the academic kind have mushroomed, and today there is little chance that even a very well educated person has – for example – both in depth understanding of Internet sand IT security and a solid background in say the history of Thailand, or the ability to speak Estonian (which is by the way the language of Estonia, mostly).

This is what leads to the terribly embarrassing spectacle of Experts in one field making dumb fools of themselves in another, It also leads to some serious political chicanery.

Because today people think that because they have reasonably high IQs and have been to one of the increasingly dumbed down Universities’ their <beliefs and their received wisdom carry greater weight than the opinions of the ordinary man, and this gives them the right, if not the duty, to press on regardless of the opinions of the plebs.

Sound familiar?

And this is the problem. Received wisdom does not make you wise. Merely full of other people’s knowledge. What makes you wise is the ability to go back to first principles and check that knowledge against the data for yourself, until you know that it can be trusted – and that is of course what we regular readers here like to do. Check out received wisdom to see if it is, not to put too fine a point on it – utter bunk.

So I personally like to read an article I understand, rather than one covered in reference to learned papers that I cannot.

However there are a lot of people – especially in the Left, who will never admit that they do not really understand, and be humble enough to go back, cudgel their brains and try and learn enough of a new discipline to actually go back to enough first principles to validate or invalidate a particular claim. Peer review is supposed to cover that, but scientists are no longer adversarial with each other. Everybody needs the job and publishing papers is how you keep it. A tacit agreement not to trash a colleagues paper means he will support yours in due course.

So the appeal to authority – the expert – and the authentication of that expert by peer review, that used to carry some weight, is now no more than the monkey-talk of Kipling’s bandar log. Consensus Truth – “We all say so, so it must be true”.

And in academia at least that has been amplified by the way in which salaries and careers are tied to government grants, and the publishing of papers in journals. Western academia today is socialist because it’s funded by government. And it cannot afford to contradict the government too far.

All these facts are conducive to the development of a sort of socialised world view that is a-scientific. People have to have a picture of the world to operate against, and that picture is now controlled at the government end by public sector employment, and at the media end by commercial forces. It by and large doesn’t have to be true, just plausible. And if it appeals to the ego, and flatters the insecurities of a lot of people who have qualifications that in another agee they would not, its going to be so much more successful…at selling a political position or a product.

I don’t know what to do about this. In my life, born just post WWII – there was a lot of honesty back then, and huge respect for the ‘boffins’ who had created jet aircraft, radar, and we much later discovered, the digital computer.

All that vanished at the end of the cold war. Lacking an existential threat, who needs intelligent people? Smart people went into banking or marketing or politics to make money for themselves, not to protect their nation. Or do science.

So ‘boffins’ became second or third rate brains (or in Mann’s case 4th rate) whose desire to acquire that respect was unmatched by their ability to deserve it. And there is no test of their quality save the accolades of equally incompetent peers. Ships will not go down, aircraft will not crash, because e.g. Mann Got It Wrong.

And as I pointed out, critical review is something few can do. If they have the intellect, they may not have the understanding and the toolset. And even fewer will want to do, if it threatens their income.

Where this leads me, is not a place I want to go. I understand, I think why we have all this incompetence everywhere, why huge swathes of otherwise moderately intelligent people believe in stuff, that they have been told, that is dangerously wrong, but extremely useful to those promulgating the message. Because no situation has arisen where possession of such a view means they die before procreating!|

Darwin rules, OK?

Summer time, and the living is easy, so why not daydream yourself into a fantasy?.

Or is winter coming?

If Nature throws us a curved ball and we are too stupid to catch it…goodnight Vienna.

The smart ones will survive and be respected…

In Idiocracy, a man smart enough arrives and is respected. If no one smart arrives, society collapses. Joseph Tainter’s interesting work ‘the collapse of complex societies’ posits a hypothesis that societies that start off by exploiting a particular ecological or sometimes political niche, organise and develop structures to maximise the benefits of these niches and then fail because as the resource runs out or the political situation changes they have no response but ‘more of the same’ – more bureaucracy, more structure, more organisation – when sometimes what works better is to go back to first principles – say peasant farming – and start again. Or at least that is all they are capable of.

Isn’t that the Green position – ¨We can’t cope with technology, we want to go back to being hunter gatherers” – tacit admissions that they are in fact too stupid to live in an advanced technological society, and it scares them?

Then we have those in between, who have competency but not universal competency, which is where we came in. The astrophysicist who knows models, but nothing about climate, who endorses climate change, The biologist, who knows a lot about life, but not a damned thing about models or statistics. Or the geologist, who knows a lot about past CO2 and temperature and cries ‘foul’ but is shouted down because he knows nothing about models or climate.

IN comfortable times when it doesn’t matter, BS will flourish. BS leads to people not being competent to meet external events. Lack of competency to meet external events leads to general lowering of standards of living until the people get upset and somehow randomly select leaders until they find one with some degree of competency, laud him and thereby recover. Or they don’t and go down before the barbarians who are at least competent at being barbarians.

In other words stupidity and incompetence and groupthink are natural things. It is only necessary for most people to know how to procreate. And no one likes Cassandras. Only when the chips are down do we value the competent and the super competent. And generalised incompetence leads eventually to the chips being down.

It is rather like climate. Being stupid dumb and comfortable is where we want to be, but being stupid dumb and comfortable means the tiger can creep up on us, and then we need to suddenly get smart , kill the tiger, and relax into being stupid dumb and comfortable all over again. But the tiger has killed the dumbest ones.

Its a negative-feedback-with-lag system. Just like climate, and such systems are only quasi stable and are somewhat chaotic.

So I think – i hope – we are just about to pass Peak Stupidity. What comes next is a harder set of times for people where they need to get smarter. If they do, OK. If they don’t. Bye bye Kansas.

Apologies for that. But beyond all the stuff that gets covered here, I ponder what the pattern is. The pattern of social and psychological ideas and tensions, that could lead to someone tasked with national security being so mistaken about stuff outside his remit.

ЯΞ√ΩLUT↑☼N

If only all grabbermints could force-feed their citizens Ritalin. But like Pravda, the fake-news-gushing MSM is the next best thing.

+100

Geoff Sherrington

Leo Smith,
Your synthesis is the closest I have read to my own ruminations, thank you.
It gives a credible alternative to the conspiracy theory ridicule that sceptics suffer but I don’t consider plausible. These patterns of thought contagion you describe are common. They do not need an exceptional topic like global warming to make them happen.
A present concern I have here in Australia is about the nature and quality of the people selected by some unclear process to represent Australia in places like international policy forums. In our military we have a senior officer recently retired and seeking media, who has been through sex change. Or main rep at the Paris climate fest has also just been through sex change. His/her friends are unusual if you search the Net and speculate. In a recent WUWT thread on the retirement of the head of the green climate fund I did some quick bio research and concluded I did not like to be represented by that guy. Some time back we corporately lost a court case when the majority judge who had been president of a green group expressed unquestioned obedience to a UN treaty, this on World Heritage. I could give more examples of the nature of top participants in the climate business having led lives so unusual that you wonder if they have a chip on the shoulder that they seek public forgiveness for because of their 100% dedication to causes that were initially unpopular. Do you see any similarities to your people in similar positions? Extremely odd lives is how I would summarise, even anti-social with hostility to those who would criticise, plus extreme gullibility.
Sorry, but you have found one of my hobby horses. Geoff.

Very interesting thoughts Mr. Smith – thank you.

When I compare recent generations to my father’s generation, aka the Great Generation, it is clear that the population is getting much stupider. Based on fundamentals, this will continue until we have a Darwin event and the stupidest die off.

The Great Generation fought and won WW2, won the Peace, and then won the Cold War. This enabled the current feeble-minded generations to flourish, and the Millennials and the Snowflakes are the culmination of this regressive process.

I recently posted this premise. It does not JUST apply to global warming alarmism – it applies to all the many manias of the idiot political left.

“Global warming hysteria is promoted by scoundrels and believed by imbeciles.”
– Allan MacRae

“go back to being hunter gatherers” – tacit admissions that they are in fact too stupid to live in an advanced technological society”

Wait a second. You need a great deal of very specialized local knowledge and a lot of health, some strengths and substantial luck to survive as a hunter-gatherer. Moderns who temporarily try survive in such a lifestyle quickly discover they can’t hack it even for very short periods.

Ditto for being a peasant farmer. People who have lived in rural areas where people hunt and grow some of their own food slightly understand this–but urbanites hardly ever have even a clue.

Tom in Florida

Yes, if they cannot order it online with an app they don’t know what to do next.

Joe Crawford

Leo Smith,
Thank you. That’s whole piece is probably the best description of the current state of mankind’s intellectual capacity and its usage that I have read. In it, you said:

“In other words stupidity and incompetence and groupthink are natural things. It is only necessary for most people to know how to procreate. And no one likes Cassandras. Only when the chips are down do we value the competent and the super competent. And generalised incompetence leads eventually to the chips being down.”

That goes right along with another of my favorite quotes that Severian said here back in 2009:

“I’ve made the observation many times that no civilization or culture seems capable of surviving prosperity. It seems to allow these kinds of inanities to run loose unchecked, people take their eyes off the ball so to speak when it isn’t a matter of day to day hardship and life or death struggles. Relaxation and freedom from want seem to breed complacency and immaturity.”

You have nothing to apologize for, and you have my thanks as well as the thanks of others. We have seen this movie before, those of us old enough to have seen it then and wise enough to remember our history, when our ancestors also saw this movie and told us about it.

My only quibble is that our concern about climate is a bit misplaced. Climates are determined by the weather and it is the weather that we live in and must survive today, in order to see tomorrow. Climates are also local, just like weather is local. Global ‘averages’ without ranges can, have, and will be misused by those who seek power over others. Weather is a damped-driven deterministic system that shows mathematical chaos. Conditions matter and conditions are almost never exactly the same in one location over time.

John in NZ

Excellent.

If I was Putin, I would have tried to get Hillary elected.

ozspeaksup

yeah she n he do an awful lot for “donations” from their “friends”
funny how the slushfunds become hush funds?
i read bummers started one of his own too
I dont think Putin gave much of a damn either way
endless tiresome “exceptionalism” gets pretty stale.

I found the article quite hard to follow because it jumped around in time. So I made a timeline. It helps (I think) to understand a lot, but not everything:
Jan 2015 – DNC leaks to Wikileaks start, but at a very low level.
Mar 2016 – John Brennan (Dem) makes friendly visit to Moscow.
Apr 28 2016 – The leaks have continued at a very low level.
Apr 29 – 425 emails are leaked. DNC notice suspicious activity.
Apr 30+ – Leaks continue at high level.
May 4 – DNC call in CrowdStrike.
May 5 – CrowdStrike install software.
May 6 – CrowdStrike identify “Russia” as hacker.
May 3rd week – Leaks up to ~1500/day.
May 25 – Leaks have continued at a high level since Apr 29.
May 26 onwards – No leaks
Jun 10-12 – CrowdStrike “cleanse” the DNC system.
Jun 14 – DNC announces the hack and blames Russia.
Jun 15 – First document (“opposition research”) released by “Guccifer 2.0”.
Jun 18-Jul 14 – Guccifer 2.0 releases more documents, damaging Hillary.
Jul 24 – Hillary starts to malign Russia.
Aug 25 – Hillary makes very aggressive anti-Russia speech.
Aug 30 – Harry Reid accuses Putin of attempting to rig the US election.
Oct 7 – Obama publicly accuses The Kremlin of cyberattacks on US election systems and the democracy itself.

Tom Abbott

“Oct 7 – Obama publicly accuses The Kremlin of cyberattacks on US election systems and the democracy itself.”

Obama was told about Russian hacking long before Oct 2016, yet he did nothing to stop it.

Tom in Florida

This was the planned insurance policy in they very unlikely event (in their eyes) that Hillary lost.

ЯΞ√ΩLUT↑☼N

Excellent article.

I must put my hand up tho.. It woz me wot dunnit. I don’t run a firewall or any security/antivirus at all, so most mornings I have to brush off the entire Russian security alphabets, DNC party criminals (hi Hillary, how’s things lately?), FBI, CIA and the odd Islamic terrorist bomb complete with ticking timer, which are crawling over my laptop like ants and bouncing secrets to and from each other, just to get something done.. Gerroff! [swipe]..

/sarc

But it’s true, I don’t run firewall or antivirus. On that subject, I once bought McAfee. Worst decision ever! It would monitor and poke into everything you did, such as check every executable you run, even if you quit and ran the executable seconds later. It also couldn’t be paused or quit, unless I manually ended the McAfee task.

I might as well keep all the secret service alphabets using my ‘puter, since they don’t interfere as much, really.. 😉

Susan

This might be more convincing if the author deleted the implications that Hillary’s motivations and thought processes were a known fact. When I see that I lump the whole piece under ‘conspiracy theory ‘ as a matter of course.

Hillary’s motivations are very clear as demonstrated by her entire life actions.
POWER AT ANY COST.

Susan

That is supposition and suggests bias. When these things appear in a historical article it raises very large red flags – as in danger warnings, I should add, given the context.

We don’t need Baroness Von Pantsuit to provide a notarized affidavit admitting that the reason she had an illegal email server in her bathroom to cover up bribes that she was soliciting as SoS via the Clinton Crime Family Foundation to know that’s what was going on given all of the known facts. Her life’s actions speak for themselves.

peyelut

You might rely on common sense – it is often the truest compass available.

Michael 2

Well of course it is a conspiracy theory! I look forward to the movie!

Directed by the guy that caused the Benghazi attack?????

Tom Abbott

I think he is busy planning on making another hateful video (see Susan Rice).

” To thine own self, be true ”
It’s hard to tell where or when people cross the line and start believing their own lies in their own self interest.
At different levels, there are unbreakable codes, and networks that are not available to the public. I assume that everything that is on the web is an open book. Everything.

Had some experience with birdstrike. Got a frantic call from someone in the company claiming a program I’d written was malware. Same network traffic from a scripted language was ignored, but flagged by a compiled one. So I’ll let you decide what that means.

commieBob

Same network traffic from a scripted language was ignored, but flagged by a compiled one.

Sounds like complete BS meaningless drivel to me.

Michael 2

Scripted languages are executed by a host; “svchost” in Windows for instance. Start up Task Manager and you’ll see many processes from “svchost” well each of them is running a script. If you allow svchost to do anything, it can do everything!

But if you compile the program now it runs as “itself” and is not recognized by your anti-virus program.

commieBob

Sorry, that is simply not true. Anti-virus scanners check all kinds of files including .EXE and .COM files which are almost always compiled. link

Technically compilation and interpretation aren’t necessary. I could write machine code, which wouldn’t be compiled, which would execute as a .COM but only to win a sizable bet. link

David A Smith

This is a report on a press conference that happened this week related to this subject: https://www.youtube.com/watch?v=EBILe_zFN-Y

This is a more full version: https://www.youtube.com/watch?v=odeiBxOYKmQ

Take it with reasonable skepticism, but worth noting imo.

RAH

I still believe that it was an inside job carried out by a person or persons angry about the way Bernie Sanders was treated during the primary.

sycomputing

Attribution seems silly in the first place. Malware code is no different than any other software, i.e., it’s bought and sold as a commodity.

So what if the original coder was Russian or a Russian speaker? All that gets you is the original coder was “Russian or a Russian speaker.”

mikebartnz

I wish people would stop confusing *hacker* with *cracker*.

Philip Schaeffer

Yeah, not just you on that one.

Joe Crawford

Especially when they don’t come from Georgia:<)

Indeed. I’d say that the proper term should be computer cracker, akin to safe cracker.

PHEW !!!!! Quite a read.
Many,many interesting thoughts.

Philip Schaeffer

Lol, “he’s a nut, he’s a loon, he’s crazy as a coconut”

More importantly for the standards around here, he was an anonymous coward for a long time.

I have no idea what that is supposed to mean.

Philip Schaeffer

Lol, “he’s a nut, he’s a loon, he’s crazy as a coconut”

More importantly for the standards around here, he was an anonymous coward for a long time.

I have no idea who “he” is supposed to be. I have no idea whose words you are quoting.

Finally, the “standards around here” don’t say a single word about “cowards”, anonymous or otherwise.

Philip, you’re bucking for permanent moderation with this ugly anonymous scattergun BS.

w.

Tom in Florida

So I buy a set of carving knives from Walmart. I give those to my daughter as a present. She uses them for a while but finds better knives and buys those. She then sells her Walmart knives at a yard sale. A woman buys the knives from that yard sale and takes them home. Two weeks later that woman’s 15 year old son uses one of the knives to kill the neighbor’s teenager who had been bullying him.
Headline: “15 year old uses knife bought at Walmart to commit murder”
Reaction: “Walmart guilty of selling knives to 15 year olds.”

excellent analysis, thanks for doing the heavy lifting and putting it all together

Russell Robles-Thome

The assessment that jihadi groups may be implicated in the hack is significant. The house have also been suffering from an ‘IT’ debacle where a family of related staff from Pakistan have been running around congress making thousands of unauthorised accesses to congressional accounts. At one point an entire server went missing! Key individals have since fled to Pakistan. Debbie Wasserman-Schultz was seen threatening (and screaming at) police to recover a laptop held as evidence in the case. More at https://www.nationalreview.com/2017/07/debbie-wasserman-schultz-pakistani-computer-guys-bank-fraud/

and all over the web.

The devil is in the detail here, and I don’t know if one can legitimately join these two particular dots.

But here is some speculation anyway. I can imagine that DWS would have a good reason to lose her composure if she thought she had lost evidence which would confirm that democrats had been hacked by Pakistan, not Russia, and that the trigger for the Mueller enquiry was false.

Loren Wilson

The most interesting detail in the Pakistani family IT case (the lead figure employed most of his family in the IT work at a salary that I would be happy to live on) is that all charges against his wife were dismissed, and he pled guilty to one count of lying on a loan application. The only rational explanation I can think of is that he has been given a slap on the wrist in exchange for providing evidence about something else more important.

jorgekafkazar

Or in exchange for not revealing something more important.

Tom in Florida

The stench of the Obama/Clinton abuses of power is overwhelming.

Tom Halla

Interesting piece. The whole Obama/Clinton situation has gone to a point where Shonda Rimes would consider the plot incredible.

R. Shearer

Perhaps the Dems should have hired a crack IT team from, let’s say, Pakistan.

Presuming they (the DNC) would be interested in admitting the truth.

I cracked a rib laughing so hard at that idea

Mark - Helsinki

Correction. The Georgian military started shelling civilian areas, after being promised backing from the US state dept

bonbon

A lot to read there. What’s missing as usual more important : no mention of Obama’s Maidan cookie revolution by Nuland and Christopher Steele ( the very same). Nuland et al boasting how they funded a Bandera putsch, regime change with an openly nazi regime now in place.
Crimea decided to vote back to Russia, there was no annexation, no military assault. In other words the neocons were nicely made complete fools of. No doubt some will try to used this to sabotage Helsinki, but how about another game-changer anyone?
Kiev has hit the headlines again with news that Soros OSF had 150 people in the overthrow .
“Black Cube” turns up again, maybe worth tracing with the above….

bonbon

And no mention of Vaul 7 , the CIA’s toolkit for just such obfuscation and attribution., and Marble Framework? Ask William Binney and Ray Mc Govern, VIPS veterans.

Ric Haldane

I saw an interview on the news some time ago. A man that looked at the DNC server said that the download speed was much too fast to have used the internet. I can only assume that interview is out there somewhere. That may explain one breach. It is so easy to plant clues. Download speed is hard to fake.

Michael 2

The internet doesn’t have a “speed”. It has whatever you are willing to pay for.

Robert Michael Hope

False.

bonbon

That was William Binney, NSA whistleblower, designer of Thin Thread, VIPS veteran.
Easy to find. USB stick bandwidth against any kind of WLAN or LAN wins. Count the GB.

Philip Schaeffer

How many USB sticks have you used that can transfer data at 1 gigabyte per second?

<—- looks at 10 Gbps switch in rack.

Philip Schaeffer

Have a look at this: https://www.thenation.com/article/a-leak-or-a-hack-a-forum-on-the-vips-memo/#vips-dissent

There is a link to it from the original article at the nation: https://www.thenation.com/article/a-new-report-raises-big-questions-about-last-years-dnc-hack/

It includes the dissenting position from other members of the same group, VIPS.

Have you considered what they have to say?

Philip Schaeffer

I saw that interview, and the man talking said that it wasn’t possible to move data between countries at a speeds slower that what I’ve moved data between countries. After that point his other credentials and experience didn’t really count. I already knew that his basic position was wrong.

He may know a lot about many things, but modern internet infrastructure isn’t one of them.

Do you suppose that the DNC was running off an ADSL modem?

old construction worker

We Are a Nation (U.S.) of laws. No one is above the law. If we continue down the path where “Elected Elites” and un-elected Bureaucrats are not brought to justice “Equal Under the Law” means nothing, we have no laws .

Crispin in Waterloo

The USA is a nation of lawyers.
You have to have a lawyer.
Lawyers are unequal.

Good luck.

Richard of NZ

To a large extent the expression “We Are a Nation (U.S.) of laws” has the addendum “but many (most) are ignored”. It is the consistent application of the laws which is important.

Tom in Florida

Or as has been said many times, everyone is equal but some are more equal than others.

Reg Nelson

It was clear watching the Strzok congressional hearing yesterday, that the Dems don’t want the Mueller investigation to ever end, at least not until after the Midterm elections. Because Russia is really all they have at this point. That, and fake pictures of separated immigrant toddlers.

Kaiser Derden

Initially, it meant something like a darn good programmer, especially in the Linux community.

Actually it started out just like it is now … somebody who accesses computer systems without authorization … there where hackers long before Linux was even a twinkle in anyone’s eye …

simple example the movie War Games (1983) … Linux created 1991 …

but the rest of the article is spot on … well done …

Reg Nelson

Many years ago, I read a really good book: The Cuckoo’s Egg: Tracking a Spy Through the Maze of Computer Espionage.

I highly recommend it if you are interested in the topic.

https://www.amazon.com/Cuckoos-Egg-Tracking-Computer-Espionage/dp/1416507787

hunter

How deeply disturbing.
Just when it looks like Trump is the problem, facts emerhe and prove him correct.
These corrupt, mentally inbred wealthy bureaucrats need to go.
ASAP.

Michael 2

“wealthy bureaucrats need to go.”

Go where? With that kind of money they go where they wish.

hunter

lol, good piint.
“Jail” comes to mind.
Almost rhymes with “hell”

dmacleo

https://krebsonsecurity.com/tag/crowdstrike/

krebs has mentioned oddities with them before

Philip

“12 RUSSIANS CHARGED WITH HACKING DNC, STATE ELECTIONS” – Drudge.

Be interesting to see how this meshes with this article.

OK S.

My, how convenient with Trump and Putin meeting this week

One could almost conclude that there’s money to be made in endless war.

Philip Schaeffer

Wasn’t Gowdy yelling at people recently to get on with making indictments immediately?

OK S.

I don’t know, but how convenient it is that they indicted residents of a foreign country where they have no authority.

The last time they indicted Russians in this affair, the Russians asked for disclosure. I wonder how that finally turned out?

Philip Schaeffer

Convenient that they’re in a foreign country? Who woulda thunk it, that Russian hackers would be in Russia?

Gowdy meant real indictments about real crimes, and not trumped up evidence/crimes.

Philip Schaeffer

Lol, how long did Gowdy investigate Benghazi without result?

Reg Nelson

Lol, did you really think Loretta Lynch would ever indict HRC, despite the numerous felonies she committed, if so you are truly delusional.

paul courtney

Phil: Not without result, he got the usual result of a congressional investigation into mendacious people in a corrupt administration that the press protects.

Tom Abbott

Gowdy was calling on Mueller to show evidence Trump has committed a crime or otherwise, shut the investigation down.

They have nothing on Trump. They can’t even run a successful frame job on him using the power of the U.S. government. Although it would have been successful except for the fact that Trump is as clean as the wind-driven snow, and they can’t nail him on anything.

But, I suppose Mueller can drag the investigation on endlessly if that’s his aim. I saw today where Mueller’s public support had dropped seven points in the last week, and that drop took place among Democrats who were polled (Republicans already have a very low opinion of the Mueller investigation). Even Democrats are starting to see there is no “there” there.

Philip Schaeffer

How long did watergate take? How long did Gowdy spend investigating Benghazi?

What’s that? Much much longer than Mueller has taken so far, in the first case to bring down a president, and in Gowd’s case, much much longer to not end up with anyone being indicted.

And he’s the one complaining loudest!

Philip Schaeffer

Sorry, *Gowdy’s

This is more interesting:
Muller indicts company not in business.

https://www.dailywire.com/news/30556/disaster-mueller-indicted-russian-company-didnt-ryan-saavedra

Krudd Gillard of the Commondebt of Australia

Exactly! This latest lot of indictments is more of the same. What would be really funny would be if the Russians turned up to defend themselves and we then get a repeat of the prosecution (Mueller) running away from court when told to put up.

beng135

Thanks for posting this — perfectly appropriate. Will draw trolls out of the shadows, but exposure of trolls to sunlight is never a bad thing.

AndyL
Philip Schaeffer

That certainly makes for interesting reading.

Well, just finished reading it… wow, things are about to get interesting! Like, really interesting.

Philip Schaeffer

Lol, it’s an indictment. Not a list of evidence. And exactly what the the National Security Division for if not stuff like this?

simple-touriste

What’s an indictment?

How is “an indictment” different from the rambling of another random ideatorial blog writer?

Philip Schaeffer

Hmm.. Trump was told a week ago by Rosenstein that this was about to happen. I can’t help but wonder if the timing of this article by Ari Halperin, sorry, Leo Goldstein, has anything to do with that?

Coincidence? Quite possibly. But it certainly does make you think.

sycomputing

“Coincidence? Quite possibly. But it certainly does make you think.”

You mean because you suspect that Ari Halperin has an inside line to Trump/Mueller/Rosenstein and he’s desperate to counter this indictment with his article?

Philip Schaeffer

I was thinking more along of the lines of a useful nutcase being tipped off by pro Trump forces, that this might be a good time to muddy the waters.

sycomputing

Because in your view, the waters are so clear they need to be muddied?

Philip Schaeffer

Do the waters have to be crystal clear before muddying the waters becomes useful? Most people aren’t aware of most of the stuff we’ve been talking about here.

sycomputing

“Do the waters have to be crystal clear before muddying the waters becomes useful? ”

Well if the waters are already muddy…

Philip Schaeffer

Yeah, cause there are only two states. Crystal clear and muddy. And they apply equally to people regardless of knowledge and insight.

sycomputing

“Yeah, cause there are only two states. Crystal clear and muddy.”

But you argued the following:

“Do the waters have to be crystal clear before muddying the waters becomes useful?”

Asking if the waters “have to be crystal clear before…” presupposes they aren’t, hence don’t you contradict yourself?

Moreover, I’ve read through your various other comments regarding Ari (Leo Goldstein) Halperin. You don’t offer any substantive criticism of the article’s conclusions itself, rather, you seem to object on the basis that the author is untrustworthy. In other words, you attack the man rather than his argument, a textbook example of the ad hominem logical fallacy.

In which case, why shouldn’t I believe Mr. Halperin and conclude it is you who is attempting to “muddy the waters?” Mr. Halperin has presented substantive evidence for his claims, none of which (in my opinion) is unreasonable. You, on the other hand, have argued against the man rather than his argument. Hence, as it stands now the waters are clear on Mr. Halperin’s side and it would appear the best evidence anyone has regarding your side is that you’ve contradicted yourself (now twice).

By claiming it’s the author who’s attempting to muddy the waters without objecting to any of his conclusions substantively, with all due respect, you seem to have made yourself an hypocrite, while at the same time contradicting your own argument. Who would believe you or take you seriously in such a case?

I recommend you pen your own article contradicting the claims of the author’s with your own evidence and submit it for review here. I’m sure Mr. Watts would consider it.

Philip Schaeffer

There is no Mr. Halperin. It’s a made up name. His name is Leo Goldstein.

You suggest that my view is that the waters are so clear that they need to be muddied.

“Because in your view, the waters are so clear they need to be muddied?”

I say that muddying the waters is still a useful tactic even if they weren’t crystal clear to start with. It’s all relative. If you are targeting an audience that doesn’t have all the information or understanding, then what is clear is less important than what they believe.

What they come to believe may not be what has the strongest evidence, because in less than perfectly clear water, it’s easier to lean towards what you already thought was true than what the evidence really supports..

Or something. I’m not that eloquent right now.

Philip Schaeffer

Especially if they are about to get some new information. It doesn’t even matter what it is, so long as it dilutes whatever understanding might be gained from the new information coming out.

Again, it may be coincidence, but it sure is convenient timing.

paul courtney

Phil says, “I was thinking of a useful nutcase….” Now Phil, nobody thinks you’re useful.
So you think Leo is a tool of Trump, deployed now because it “may be a good time” to “muddy the waters”. You think Trump would use a climate skeptic blog to launch this disinformation campaign, for maximum saturation. And Leo is a conspiracy nut? Was “projecting” one of Saul Alinsky’s rules, Phil?

Philip Schaeffer

Well, were talking about a guy who managed to run the headline here

“Ooops! Not all 31 scientific societies actually signed the AAAS ‘consensus’ letter”

With the sole bit of actual evidence for his lengthy arguments being that not everyone he emailed actually responded to him. No one said to him “you’re right, we didn’t sign that”. The organizations that did respond said “yes, we signed it”. Others didn’t answer.

Conclusion… Not everyone signed it!

Not very scientific. He doesn’t say it casts doubt. His headline directly states that not all of the 31 scientific societies actually signed the letter.

Johann Wundersamer

The Obama administration had just accommodated Putin’s unprovoked aggression against Ukraine.
_____________________________________________________

Unprovoked?

When ex-DDR citizen Angela ‘Angie’ Merkel commanded by Obama government and CIA was leading in Georgia tank gunning the sleeping city of Tzchinvaly.

Provoking Russia with embodying the failed, corrupted states Romania and Bulgaria into the EU – which the EU till today neither needs nor can bear. To be honest.

The same with the golden gates of Kiev and and black sea ports of Crimea.

Unprovoked? You’re telling me.

AndyL

How dare the EU provoke the Mother Russia by inviting two independent countries that were not even part of the USSR to join it?

bonbon

How dare Britain run for the exit. Someone is just not getting it. Brexit+, Trump, just dared Peace, imagine that, without permission from London. And to add insult to injury, will make a deal with Russia, a good thing!
Mrs. May’s Gov’t is running for the exit. Does anyone in the new EU states read the papers? Who knows what Romania or Bulgaria make of this as they take deliveries of Patriot missile batteries.

Tom Abbott

I thought Trump gave Teresa May a pretty good vote of confidence today.

kramer

From the ultra-left thenation.com, they wrote an article that says a bunch of highly qualified experts looked into the DNC hack on July 5th. One of their results (from the article:

There was no hack of the Democratic National Committee’s system on July 5 last year—not by the Russians, not by anyone else. Hard science now demonstrates it was a leak—a download executed locally with a memory key or a similarly portable data-storage device. In short, it was an inside job by someone with access to the DNC’s system.

Some more excerpts:

“Qualified experts working independently of one another began to examine the DNC case immediately after the July 2016 events. Prominent among these is a group comprising former intelligence officers, almost all of whom previously occupied senior positions. Veteran Intelligence Professionals for Sanity (VIPS), founded in 2003, now has 30 members, including a few associates with backgrounds in national-security fields other than intelligence. The chief researchers active on the DNC case are four: William Binney, formerly the NSA’s technical director for world geopolitical and military analysis and designer of many agency programs now in use; Kirk Wiebe, formerly a senior analyst at the NSA’s SIGINT Automation Research Center; Edward Loomis, formerly technical director in the NSA’s Office of Signal Processing; and Ray McGovern, an intelligence analyst for nearly three decades and formerly chief of the CIA’s Soviet Foreign Policy Branch. Most of these men have decades of experience in matters concerning Russian intelligence and the related technologies. This article reflects numerous interviews with all of them conducted in person, via Skype, or by telephone.”

“Forensicator’s first decisive findings, made public in the paper dated July 9, concerned the volume of the supposedly hacked material and what is called the transfer rate—the time a remote hack would require. The metadata established several facts in this regard with granular precision: On the evening of July 5, 2016, 1,976 megabytes of data were downloaded from the DNC’s server. The operation took 87 seconds. This yields a transfer rate of 22.7 megabytes per second.

These statistics are matters of record and essential to disproving the hack theory. No Internet service provider, such as a hacker would have had to use in mid-2016, was capable of downloading data at this speed.”

https://www.thenation.com/article/a-new-report-raises-big-questions-about-last-years-dnc-hack/

Since I’ve saved this article, theNation (last time i looked at the story on their web site about 5 or so weeks ago) has added many paragraphs to it that seems to try and dispel or lessen the imp ace of the original article.

This is a cluster-eff for the dems that hasn’t gone away yet.

FWIW, I’ve been enjoying lots of popcorn on this event over the last 8 or so months!
Thanks Anthony and Steve McIntyre for even more good popcorn enjoyment time! : )

Philip Schaeffer

“Since I’ve saved this article, theNation (last time i looked at the story on their web site about 5 or so weeks ago) has added many paragraphs to it that seems to try and dispel or lessen the imp ace of the original article.”

Have you followed the link from that article to the statements from the dissenting members of VIPS, the organization who released the document you link to at the nation?

https://www.thenation.com/article/a-leak-or-a-hack-a-forum-on-the-vips-memo/#vips-dissent

Surely you aren’t just going to take the bit you like the sound of and completely dismiss the other part?

This is stuff from members of the organization who produced the document you are relying on here. Not people from the nation. I assume you’ll take it equally seriously.

George O'Har

This article is excellent, especially since Rosenstein just this day indicted a bunch of specific Russians. Again, this is all circular reasoning. They are in the indictment accused of hacking into state elections. How? Since when have even electronic voting setups been connected to a network? I seem to recall that 3 states made this claim way back when, then more piled on, then they all went away when it was pointed out to them that what they claimed was an electronic impossibility.

AndyL

Why not read the indictment? It’s all spelled out. The interference with elections is in paragraphs 69 onwards.

sycomputing

I read the entire indictment. It isn’t “spelled out” at all. It’s told as a story that makes claims without any evidence.

That’s why people facetiously say that prosecutors can indict ham sandwiches via the grand jury process.

AndyL

Oops – I didn’t check who wrote the first post and who responded – now corrected.

Anyway, George O’Har claimed it can’t be true because it was an “electronic impossibility”. He obviously hadn’t read the indictment.

Now Sycomputing is just saying that the indictment doesn’t contain all the backing evidence. We’ll see.

sycomputing

“Now Sycomputing is just saying that the indictment doesn’t contain all the backing evidence. We’ll see.”

Actually if you’d read the indictment as you said you had, then you wouldn’t question my contention that the evidence backing the claims isn’t there.

If it is there, where is it?

If by “[w]e’ll see,” you mean during or after the prosecutorial phase, then we won’t see unless a miracle occurs and Russia extradites these individuals to the United States for trial.

Given the miracle doesn’t happen (and he’s betting it won’t), Mueller will have maintained some semblance of justifying his existence, since he won’t ever be forced to present any actual evidence that ties any of the so-called, “Conspirators” to the “crimes” he claims they committed. He will always be able to claim, “See! They did it.”

Moreover, there will always be (at least in the Tin Foil Hat Progressive crowd and those of their betters who prey upon their mental illness regarding Donald Trump) the shadow of “collusion” or whatever other nifty little nefarious nonsense these ilk will eagerly choose to believe by faith.

AndyL

Of course all the evidence isn’t there. It is an indictment. Not the prosecution case.

I strongly expect the evidence (or lack of it) will come out at some point. That’s what I meant by ‘we’ll see’. My view is that the FBI won’t create something out of nothing in such a sensitive case. The Tin Foil brigade are those who think they would.

sycomputing

“My view is that the FBI won’t create something out of nothing in such a sensitive case.”

But they’ve already created lots of somethings out of nothing. All of the indictments so far have one, some or all of the following characteristics:

1) Nothing whatsoever to do with Donald Trump and Russian “collusion,” which, ostensibly, was the reason Mueller was appointed.

2) They’re against foreign actors having nothing to do with Donald Trump and Russian “collusion,” and that cannot be prosecuted unless the foreign actors submit to the prosecution.

3) They’re against American actors for “crimes” having nothing to do with the 2016 election campaign, i.e., Donald Trump and Russian “collusion.”

But you would argue the above isn’t the FBI creating something out of nothing?

AndyL

Mueller’s remit is to investigate “Russian interference with the 2016 Presidential Election”. Possible collusion is also listed, but is not the only or even the main purpose of the investigation.

You must be Rosenstein’s cousin or something AndyL

Tom Abbott

Rosenstein also said there was no evidence that the Russian hacking had any effect on the vote.

AndyL

“evidence”

Tom in Florida

There is a huge difference in actually interfering with an election, such as vote tampering and such, and adding political commentary against a candidate. No where, NO WHERE, was any vote changed, denied or otherwise interfered with. If the Russians, or anyone else for that matter, express opinion, release documents or do anything to try to influence the opinions of voters that is perfectly legit. Politicians and supports of a candidate have been doing it forever, even to the point of making misleading statements or being loose with the truth. If those things were criminal, then every politician would be in jail (not a bad idea though).

Here we go everyone. Look at how the Democrats are playing this ongoing game, …http://www.foxnews.com/politics/2018/07/13/democrats-urge-trump-to-cancel-putin-summit-after-indictment-russian-intel-officers.html

Another phony indictment to back up this phony Russian collusion story, and all timed to try and disrupt what the President is doing at the moment. They are fricking relentless in their deceit.

Gerald Machnee

I think I agree with this. It looks like the timing was done to wreck Trump’s meeting with Putin.
I do not see anything in the Winnipeg papers.

Tom Abbott

There is no way Hillary Clinton would have started a war with Russia. She’s stupid, but she’s not that stupid.

The idea that Hillary is hawkish is ridiculous. This is just a lie put out by her minions to make her look tough and presidential. She was all for cutting and running out of Iraq before the Bush “Surge” got things under control. Just like every other Liberal appeaser Democrat.

Greg in Houston

This is a very good post, but needs a one page summary with bullets. It’s way too long for anyone to appreciate and fully understand.

Regarding the July 24 2016 spike in Google Trends: I found a plausible explanation: There was a major publishing by WikiLeaks of the emails from the DNC email leak on July 22, after they were published by DCLeaks in June and earlier in July. This was not mentioned in the Mike Jonas timeline of relevant events. This had to do with emails with dates from January to May 2016. The Wikipedia article for “2016 Democratic National Committee email leak” in combination with this WUWT article gives me an impression that there are sides of the story that are not being told by everyone I hear telling the story.

Regarding: “Intolerant? The president personally attended the opening of Moscow’s great mosque.”:

Russia under Putin is only selectively tolerant. Note a Russian law enacted a little over 2 years ago regarding homosexuality. And Putin seems to not have much of a problem with Russia’s heavily-Muslim Chechnya recently engaging in a pogrom against gay people. Chechnya’s head, Ramzan Kadyrov, said that Chechnya has no gay men, because their own families would kill them. Oh so like Iran! The recent Russian law makes me skeptic of the Russian statement that “Officials in Moscow were sceptical”, copied/pasted from the Wikipedia article on Anti-gay purges in Chechnya.

joelobryan

And then there is this:
“The FBI’s Washington Field Office is offering a reward of up to $10,000 for information leading to the recovery of stolen weapons. On Sunday, July 10, 2016, between 12:00 a.m. and 2:00 a.m., unknown subjects burglarized an FBI special agent’s vehicle and removed a secured gun lock box which contained weapons and other equipment. The vehicle was parked in the H Street Corridor near H and Seventh Streets, N.E., in Washington, D.C. The lock box, which contained the items listed below, was fitted for authorized use in a government vehicle.

– Glock-22 handgun .40 caliber, Serial Number RYE448”
source: https://www.fbi.gov/contact-us/field-offices/washingtondc/news/press-releases/fbi-offers-up-to-10000-reward-to-recover-stolen-weapons

And this:
“Julian Assange, the WikiLeaks editor, further stoked speculation that Rich might have been involved in the DNC hack by referencing the murder, unprompted, on a Dutch news program.

“Our whistleblowers go to significant efforts to get us material and often [face] very significant risks. A 27-year-old that works for the DNC was shot in the back, murdered just a few weeks ago for unknown reasons, as he was walking down the street in Washington, D.C.,” Assange said.”
source: https://www.washingtonpost.com/lifestyle/style/seth-rich-wasnt-just-another-dc-murder-victim-he-was-a-meme-in-the-weirdest-presidential-election-of-our-times/2017/01/18/ee8e27f8-dcc0-11e6-918c-99ede3c8cafa_story.html

Nothing Julian Assange has ever said or posted via his Wikileaks site has turned out to be wrong or fake. Nothing.

The Deep State is covering up a horrible crime, a murder of a young man, who likely was sending DNC materials Rich gathered from the DNC servers to Wikileaks via a Courier.

Kim Dotcom of NZ also has said this same thing.
https://twitter.com/kimdotcom/status/969402082385002496?lang=en.

The Washington DC police are not investigating the Seth Rich murder. It has gone cold. They wll not release the autopsy, but “unnamed sources” have siad the autopsy recovered at least one .40 caliber bullet consistent with being fired from a Glock model 22, .40 caliber.

If indeed Rich was downloading stuff from the DNC server and funneling it to Wikileaks in June 2016, then the FBi and CrowdStrike were likely aware of some of this suspicious activity. The CIA certainly is monitoring everything it can from Julian Assange and his Wikileaks associates.

When you get into the FBI weapons locker theft from the FBI agents official vehicle, it becomes even more suspicious. The FBI agent whose weapons were allegedly stolen was having an overnight visit with a ladyfriend about 2 miles from where Rich was murdered but within easy walking distance of the bars and hang-outs Rich used that night. Interestingly, the car alarm was not activated by the break in and it would have taken considerable force to completely remove the bolted, locked weapons locker from the vehicle. That was not a mere act of vandalism.
more info: http://www.washingtonpost.com/wp-dyn/content/article/2007/01/18/AR2007011801209.html

The name of the FBI agent Matthew Laidr. His ladyfriend, Anne Marie Malacha was a Senior Vice President at Dezenhall, a well-known public relations firm and crisis management consultant headquartered in Washington, D.C.

Malacha’s firm has it mission statement as:
“Dezenhall’s mission is to help our clients survive a reputational crisis, an adverse public policy change, unwanted or unwarranted government scrutiny, a competitor attack or a public disclosure that threatens their ability to operate. We are known for managing acute corporate and litigation controversies, mounting effective marketplace defenses, driving policy and regulatory changes that are advantageous to our clients’ bottom lines and turning back chronic, agenda-driven attacks that threaten reputations, brands and industries at large.

We believe in discretion at all times. Our clients face some of the most intense – and often unfair – controversies in their personal or corporate histories. We work to help our clients resolve issues before they become public controversies. For that reason, we hold the counselor-client relationship as a sacred trust: we do not disclose our client list, announce our new business wins or publicly discuss client case histories without permission.

Dezenhall’s was likely contracted by either the Hillary campaign or the DNC to help find and ID the internal hacker and not let this damage her fight with Bernie Supporters at the upcoming DNC Presidential nominating convention.

So were the two people following Seth Rich SA Laird and Ms Malacha. A moment of panic when they realized Seth Rich was on to them following him that night?

AndyL

Tin hats for sale in the aisle on the right

joelobryan

So who murdered Seth Rich?
Two shots to the back.
A street thug who took nothing from him?

There are video snips from security cameras showing the legs of two people who appear to be following him that night. He was certainly likely under surveillance by the FBI as a potential inside source of DNC leaks.

His attempt to call his father at 2am indicates he was worried about something. He probably realized he was under surveillance.

And then there’s John Podesta’s email where he vows that insiders caught leaking should be made an example of.

Autopsy reports are normally not released except by request of next of kin or to comply with a subpoena, although they generally become public record 50 years later. And what would happen if this one gets released to the public? It would get treated like Obama’s birth certificate if it supported the Washington DC police department’s position that the murder was a mere robbery attempt going wrong, or didn’t support Democratic party skullduggery as the reason for the murder.

joelobryan

In my post with 4 URL links, the fourth one is obviously incorrect, it links to an 2007 theft. I made a mistake and grabbed an older Google search link when switching back and forth between open tabs.

The correct URL to the WaPo article on the FBI weapons theft is here:
https://www.washingtonpost.com/local/fbi-searching-for-weapons-stolen-in-northeast-washington/2016/07/22/1d8d2b5e-5011-11e6-a422-83ab49ed5e6a_story.html

Firey

Haven’t charges now been laid against against 12 Russians. Where is that heading?

Tom in Florida

No where. It is just another political stunt by Mueller and gang at the time when Trump is meeting with Putin. It is like AGW…. those that want to believe do and you cannot change their mind no mater what the facts are. But unlike AGW, this is about the overthrow of a constitutionally elected President.

AndyL

It works both ways:
those that want to believe do and those that don’t want to believe don’t.
“You cannot change their mind no mater what the facts are” – the last bit is certainly true.

paul courtney

AndyL: “It works both ways” indeed! What works best?

AndyL

Both the same. Too much partisanship resulting in people believing conspiracies rather than evidence.

Ian Macdonald

There are a number of IT security issues which could be seen as scams. Google’s attempt to force all webmasters to use HTTPS encryption is one such. Notably, many of the press releases advocating this have come from the encryption certificate issuers themselves. Which is not unlike Greenpeace fossil fuel protests being backed by wind turbine consortia.

As with climate change, this takes a minor risk or effect and conflates it into a massive one. Theoretically, data carriers could carry out malicious acts on data in transit, but in practice there are very few recorded instances of such. Probably, because most data carriers are trustworthy. (surprise)

On a broader scale there are enough serious security issues in IT that spending so much money and effort on this trivial risk is extremely bad policy. (And if it is allegedly so serious, how come we’ve been using the Web since 1993 without it coming to the fore earlier?)

Meanwhile, there are negative consequences. The existence of Let’s Encrypt makes subterfuge such as spoof sites easy. Previously the crook would have had to buy a certificate in order to use SSL, and it’s unlikely a cert would have been issued for a domain name that’s an obvious attempt to spoof a known brand. So in fact this ‘HTTPS everywhere’ initiative actually makes banking and e-commerce sites LESS safe to use.

There is also, of course, the cost. I wouldn’t even like to hazard a guess at the global expenditure on HTTPS and certificates.

If you raise this issue on any IT security site, you just get Google’s own spiel parroted back at you. Often, with some anger that you dared question it. Which is very like the response you get from climate alarmists, is it not?

Ethan Brand

Interesting article, and more interesting comments! Admit to being completely lost as to what is or is not really happening. To see if I can find any solid footing, I started by reading the actual indictment issued on July 13, 2018 (link in the comments, or google it…be sure you are looking at the actual document).

First flag…page 6, paragraph 21. Basically it is alleged that the GRU sent a spoofing email to the Chairman of the Clinton Campaign instructing them to change their password via an embedded link. Apparently they did so, allowing the GRU access to 50k or so emails.

Wow…let me get this right…a person selected to Chair the Presidential Campaign for one of the most import positions on the planet apparently did not have the common sense to not fall for one of the most common and widely advertised methods for gaining access to personal information? You do not need a GRU to orchestrate this….a hack shop in a kids basement would suffice. Maybe that is the whole point.

Assuming the allegation is true….it would be all downhill from there. Unfortunately does not do anything to bolster my confidence in the folks involved.

There are many contributors and commentors on WUWT that likely have the ability to make some sense of the whole mess….please don’t be shy! I really don’t even know where to start…given the above indictment item.

Tom in Florida

I still haven’t figured out if those angry at the alleged Russian hacking are angry at the hacking or that their friends in the DNC got exposed. The release of the information contained in the “stolen” documents has never been attacked as untrue. So I suppose the national media is angry because hackers did the job they should have been doing.

AndyL

*everybody* should be angry at the hacking

Tom in Florida

And “everyone” should be angry at the sloppy protections used by those who were hacked. I find more fault with failing to protect your servers than with those who are attempting the hacking.

AndyL

That’s like saying the biggest issue with Watergate was that they didn’t have better locks.

Tom Abbott

” I find more fault with failing to protect your servers than with those who are attempting the hacking.”

Me, too. Instead of worrying about the Russian hacking, they should be securing their servers.

Every national actor on the planet, including the USA, is hacking and cracking constantly and the idea that requesting the hackers to stop will accomplish anything is just silly.

Computer security should not be based on wishful thinking.

And why are our electric utilities hooked up to the internet? We’re getting lazy.

AndyL

Tom: I agree. And US Government should take the lead with strong and urgent action.

Tom Abbott

Podesta got the phishing email to change his password, as you describe. Podesta then checked with his IT security person about the link, and the security person told him *not* to click on it, but the reply to Podesta used confusing language and Podesta thought the security person meant it was okay to click on it and he did, and the hacker was in!

A really dumb mistake.

simple-touriste

I shouldn’t have to ask “an IT person”. He should know that going directly to the right website known by the user is the good solution in each and every case.