Reply to Obama Admin under pressure to provide "hacking" proof

Forum Index » Political Discussion

Reply to "Obama Admin under pressure to provide "hacking" proof"

Subject:

Emoticons





More smilies

Text Color: Font: Close Marks

[quote=jsteele][quote=Anonymous][quote=jsteele][quote=Anonymous]CERT had released the report and has IPs - which mean squat
https://www.us-cert.gov/security-publications/GRIZZLY-STEPPE-Russian-Malicious-Cyber-Activity

IP addresses are interchangeable and can be spoofed.  Even the CERT report and DHS provides no concrete evidence.  It's circumstantial at best and certainly nothing concrete.

And everyone is running around saying 'look at this definite proof this was Russian State Actors.'

Its circumstantial, at best. IPs and methods associated with previous hacks that are believed to be Russian sponsored but also not proven to be Russian sponsored.

I'd sincerely hope that the agencies looking into this have better evidence, they just can't release it without harming their efforts. Its either that or they are bluffing for political leverage of some form.
[/quote]

Had you read the thread, you would see that not everyone is &quot;running around saying 'look at this definite proof this was Russian State Actors.'&quot; I have repeatedly pointed to the deficiencies of the report. That said, you are wrong in your conclusions about IP addresses. While they can be spoofed, they cannot be spoofed in many of the applications in which they were used in this attack. More importantly, the key evidence that would tie this attack to specific actors would not be forensic information simply showing the source of the attacks, but actual captured communications that showed the entire communications chain (e.g. attacker -&gt; proxy -&gt; victim). It may well be the dilemma facing the intelligence services is how to release proof without simultaneously how much Internet data is being routinely captured.
[/quote]

You're naive to think that if VPNs or proxies were used the original attackers will be traced.  Chances are those endpoints are behind a secure system or a VPN provider that doesn't retain logs.  A lot of the malware used is on the black market or phishing attacks.  Poor security and stupid staffers (like Podesta) were the way in.

[/quote]

You don't appear to have much understanding of the type of traffic monitoring that is possible. Let's turn to Edward Snowden for some highlights (as revealed in Glenn Greenwald's book):

http://www.infoworld.com/article/2608141/internet-privacy/snowden--the-nsa-planted-backdoors-in-cisco-products.html

"Greenwald reveals that a program called X-KEYSCORE allows 'real-time' monitoring of a person's online activities, enabling the NSA to observe emails and browsing activities as they happen, down to the keystroke"

But, you say, the hackers used VPNs. Well:

"Routers, switches, and servers made by Cisco are booby-trapped with surveillance equipment that intercepts traffic handled by those devices and copies it to the NSA's network, the book states."

and:

http://arstechnica.com/security/2015/10/backdoor-infecting-cisco-vpns-steals-customers-network-passwords/

"Backdoor infecting Cisco VPNs steals customers’ network passwords"

It is very likely that the NSA has been exploiting this vulnerability and that VPNs are minimal defense against the government.

To be clear, I don't know what evidence the government has and, as a result, I am not ready to believe the assertions unless/until they are substantiated. But, while it is easy for hackers to hide their tracks when attacking you or me, it is a different story when the NSA gets their teeth into it.

[/quote]

Options

	Disable HTML in this message
	Disable BB Code in this message
	Disable smilies in this message

Review message

Search Recent Topics Hottest Topics