barbos
Contributor
They have not released tools yet.So anyway, Wikileaks released a lot of stuff that could get people killed. Are they liable for this?
They have not released tools yet.So anyway, Wikileaks released a lot of stuff that could get people killed. Are they liable for this?
So anyway, Wikileaks released a lot of stuff that could get people killed. Are they liable for this? This isn't some sort of bullet point list with critical information redacted to prevent other people/organizations from getting to use the tech as well. They put it all out there. For anyone to use until the holes can be plugged up. It isn't as if Wikileaks sent it to Apple and Samsung, etc... as a paper to let them know this was being used to exploit their tech. We aren't talking embarrassing emails, we are talking about being able to exploit a whole lot of electronic devices.
This action can create a lot of harm, and Wikileaks is guilty of putting it all out there. What can be done? What should be done? While Wikileaks had dropped in my favor several years ago, and I was suspicious whether they could remain a moral advocate for getting out the truth, they are now heading into dangerous territory of becoming advocates for chaos. They were very reckless here, and for what gain? No one gains by them doing it this way.
I'm curious, what methods of espionage should the CIA be limited to?The CIA doesn't care about your car today. But what about when they catch wind that you run a forum for people who in general dislike the government and on which there are people who argue consistently that even if they did care about your car, they shouldn't have the power to act on that?
Hold this thought until some random punks start murdering people with their own cars.
And let me get it straight, you are OK with CIA killing journalists which look into their business?
Phishing is not the only way to hack things.
You don't seem too sure.They seem to be uninterested in doing such things, and instead prefer to listen in on conversations.
One of the former NSA/CIA directors was on Colbert. Steve was very soft on him to say the least. Former CIA guy repeated their standard song "We don't spy on americans, we only spy on these bad guys from abroad" .... and congress, and when we want to spy on Americans we ask British for that or to hell with British we spy on them ourselves. Of course the topic of CIA actively trying to degrade security of everything in order to spy better was not mentioned.
One of the former NSA/CIA directors was on Colbert. Steve was very soft on him to say the least. Former CIA guy repeated their standard song "We don't spy on americans, we only spy on these bad guys from abroad" .... and congress, and when we want to spy on Americans we ask British for that or to hell with British we spy on them ourselves. Of course the topic of CIA actively trying to degrade security of everything in order to spy better was not mentioned.
Open secret - the night show hosts generally discuss what the topics will be with their guests. Most folks who have/had clearance are very cautious about these interviews, since a bad misstep can land them in prison. It's generally softballs or nothing when it comes to these guys.
And no, this isn't actually them "actively degrading" security. They will certainly take advantage of any weakness they know of, and I think it's foolish for any tech industry to rely on the CIA to inform them of any security flaw in their product - in fact, it's so foolish that I think they don't actually do it.
Does the CIA spy on Americans? Generally, no. Again, that's generally a waste of time. Never confuse this with a claim that they work for the best of every American individually - much less that they work for anyone who isn't American.
[Of course the CIA spies on who it wants to.
I know that. It was one hell of a softball.One of the former NSA/CIA directors was on Colbert. Steve was very soft on him to say the least. Former CIA guy repeated their standard song "We don't spy on americans, we only spy on these bad guys from abroad" .... and congress, and when we want to spy on Americans we ask British for that or to hell with British we spy on them ourselves. Of course the topic of CIA actively trying to degrade security of everything in order to spy better was not mentioned.
Open secret - the night show hosts generally discuss what the topics will be with their guests. Most folks who have/had clearance are very cautious about these interviews, since a bad misstep can land them in prison. It's generally softballs or nothing when it comes to these guys.
According to Snowden they actually do. They actively inject their code into everything they can.And no, this isn't actually them "actively degrading" security.
NSA, CIA, same thing. NSA asks british when they need to spy on americans, that way it looks legal. Of course they did not ask British when they decided to spy on Congress.They will certainly take advantage of any weakness they know of, and I think it's foolish for any tech industry to rely on the CIA to inform them of any security flaw in their product - in fact, it's so foolish that I think they don't actually do it.
Does the CIA spy on Americans? Generally, no. Again, that's generally a waste of time. Never confuse this with a claim that they work for the best of every American individually - much less that they work for anyone who isn't American.
https://arstechnica.com/security/20...p-research-has-a-russians-fingerprints-on-it/Refresh my memory with a link.Some of the evidence of Russian involvement is in the leaked documents themselves.
That is not proof of any single incident of alleged Russian hacking is done by CIA. If you want to stretch it, that doesn't even suggest that the method has ever been used in the real world (though it probably has been).Well, documents in the leak suggest that CIA hackers do try to make it look like it's Russians doing the hacking.Only way to plant that evidence is by doing it before the leak, which would be bizarre.
And they could have staged the moon landing. Doesn't mean that it happened.And they could be "pre-planting" "russian" hackers everywhere just in case. They have a budget. They could be hacking DNC for their own purposes. Former CIA people could be doing it too. And the fact that it looked like russians means that it was made to look like that. The fact is, if CIA (and FSB for that matter) wanted they could frame anyone, and that poor bastard will go to prison for the rest of his life.
Furthermore, this latest CIA leak of hacking methods is probably valid (Snowden seems to think so), but it has absolutely nothing to do with DNC.
Did you read the article? I wouldn't call it "hacking". The computers in question were CIA computers that were reserved for the senate committee's use. Some CIA employees snooped around and checked which databases they had accessed and even eamils sent from those machines. But nothing that actually required "hacking", because CIA already had access to these computers. It was of course not acceptable in any way, but this is more like breach of contract and violation of trust between CIA and the Intelligence Committee, rather than violation of the laws prohibiting domestic surveillance.CIA prohibited from collecting intelligence at home. But not from hacking Senate Intelligence Committee?
CIA admits it broke into Senate computers; senators call for spy chief’s ouster
An internal CIA investigation confirmed allegations that agency personnel improperly intruded into a protected database used by Senate Intelligence Committee staff to compile a scathing report on the agency’s detention and interrogation program, prompting bipartisan outrage and at least two calls for spy chief John Brennan to resign.
I remember that now. "Feliks Edmundovich" part suggests that these "hackers" are most likely have no connection to the government. Too humorous for FSB/KGB/NKVD/GRU. None of the clues exclude someone intentionally trying to make it look like russians did it. Article itself says that.https://arstechnica.com/security/20...p-research-has-a-russians-fingerprints-on-it/Refresh my memory with a link.
The clues come from the edits and releases made by the leaker, not from original documents of course, but nevertheless it would be impossible for CIA to "plant" anything like this after the fact. They would have to either embed documents edited with Russian-language computers into the leaked files themselves, or hack Guccifer and/or wikileaks to put the evidence in. Which would make no sense.
True, but it puts forensic research in doubt.That is not proof of any single incident of alleged Russian hacking is done by CIA. If you want to stretch it, that doesn't even suggest that the method has ever been used in the real world (though it probably has been).Well, documents in the leak suggest that CIA hackers do try to make it look like it's Russians doing the hacking.Only way to plant that evidence is by doing it before the leak, which would be bizarre.
And they could have staged the moon landing. Doesn't mean that it happened.And they could be "pre-planting" "russian" hackers everywhere just in case. They have a budget. They could be hacking DNC for their own purposes. Former CIA people could be doing it too. And the fact that it looked like russians means that it was made to look like that. The fact is, if CIA (and FSB for that matter) wanted they could frame anyone, and that poor bastard will go to prison for the rest of his life.
Furthermore, this latest CIA leak of hacking methods is probably valid (Snowden seems to think so), but it has absolutely nothing to do with DNC.
Metadata suggests that it took only 30 minutes to go from a DNC tech/data strategy consultant creating documents to Guccifer2.0 tainting them - all occurring on a date that Guccifer2.0 claimed to be after he was locked out of the DNC Network - occurring on the same day that Guccifer2.0 emerged
The point that I’m trying to make is that if anyone in Russia wanted to spear phish employees of the DNC, then creating a @yandex.com email address instead of a @yandex.ru email address is not only unnecessary extra effort but it makes absolutely no sense. You don’t gain anything operationally. You’ve used Yandex. You might as well paint a big red R on your forehead.
However, you know what does make sense?
That the person who opened the account DOESN’T SPEAK RUSSIAN!
He went with Yandex.com because all analysis stops with merely the name of a Russian company, a Russian IP address, or a Russian-made piece of malware. To even argue that a Russian intelligence officer let alone a paranoid Russian mercenary hacker would prefer a Yandex.com email to a Yandex.ru email is mind-numbingly batshit insane.
I have no idea who created hi.mymail@yandex.com to spear phish Billy Rhinehart, but I bet you $100 that he wasn’t Russian.
Or Who In Russian Intelligence Doesn’t Speak Russian?
Interesting, I tried to read metadata for one of the doc files and it confirmed what they say except Feliks Edmundovich is not shown but I think it's because I don't have russian configured. If what they say about Warren Flood is true (being kicked out off of DNC network around that time) then he could be Guccifer2.0 or leaked it to him.There is quite a bit about the hacks/leaks that is strange.
Guccifer2.0: Game Over
and
The Yandex Domain Problem
The point that I’m trying to make is that if anyone in Russia wanted to spear phish employees of the DNC, then creating a @yandex.com email address instead of a @yandex.ru email address is not only unnecessary extra effort but it makes absolutely no sense. You don’t gain anything operationally. You’ve used Yandex. You might as well paint a big red R on your forehead.
However, you know what does make sense?
That the person who opened the account DOESN’T SPEAK RUSSIAN!
He went with Yandex.com because all analysis stops with merely the name of a Russian company, a Russian IP address, or a Russian-made piece of malware. To even argue that a Russian intelligence officer let alone a paranoid Russian mercenary hacker would prefer a Yandex.com email to a Yandex.ru email is mind-numbingly batshit insane.
I have no idea who created hi.mymail@yandex.com to spear phish Billy Rhinehart, but I bet you $100 that he wasn’t Russian.
Or Who In Russian Intelligence Doesn’t Speak Russian?
This blunder was published in arstechnica and regurgitated ad-infinitum by the clueless and expert alike.
Although this would turn out to be Tait’s mistake — his own copy of MS Office had converted the Russian error messages back to English, a blunder he refuses to acknowledge — it would highlight a curious inconsistency in Guccifer2’s documents, and point the way to a much more interesting and complicated explanation.
So it‘s’ clear that meta-data was deliberately altered and documents were deliberately pasted into a ‘Russianified’ word document with Russian language settings and style headings. Maybe on a VM — a Mac VM in the case of donors.xlsx? Or is this more untrustworthy meta-data?
So I think we can say for certain that the author wanted the Russian elements to be found. Like, really desperately by the looks of things.
LOL, they suggest what I suggested earlier in this threadGuccifer2 was a rushed emergency response by the DNC or by CrowdStrike (aka cyber arm of the Atlantic Council) or both, after the announcement of impending leaks, to create a ‘deception story’ providing narrative weighted links between the ‘Russian malware’ found in the DNC servers, and Wikileaks. And ultimately, to render the prospect of an independent leaker irrelevant.
That's not an anonymous opinion, that's anonymous argument. And you clearly don't have an answer, not even anonymous answer.If we can't trust an anonymous opinion on a site that has no editorial control, who can we trust?
Not every troll has to be addressed. But true, I do not have a counter-argument because I did not bother reading the article due to its dubious source. If there is a specific point that tupac or you want to address, it would be better to summarize it here shortly.That's not an anonymous opinion, that's anonymous argument. And you clearly don't have an answer, not even anonymous answer.If we can't trust an anonymous opinion on a site that has no editorial control, who can we trust?
Russians had no reasons to tamper with documents, they would simply damped them "as is".