Russian Group That Hacked DNC Used NSA Attack Code In Attack On Hotels (arstechnica.com) 197
An anonymous reader quotes a report from Ars Technica: A Russian government-sponsored group accused of hacking the Democratic National Committee last year has likely been infecting other targets of interest with the help of a potent Windows exploit developed by, and later stolen from, the National Security Agency, researchers said Friday. Eternal Blue, as the exploit is code-named, is one of scores of advanced NSA attacks that have been released over the past year by a mysterious group calling itself the Shadow Brokers. It was published in April in the group's most damaging release to date. Its ability to spread from computer to computer without any user action was the engine that allowed the WCry ransomware worm, which appropriated the leaked exploit, to shut down computers worldwide in May. Eternal Blue also played a role in the spread of NotPetya, a follow-on worm that caused major disruptions in June. Now, researchers at security firm FireEye say they're moderately confident the Russian hacking group known as Fancy Bear, APT 28, and other names has also used Eternal Blue, this time in a campaign that targeted people of interest as they connected to hotel Wi-Fi networks. In July, the campaign started using Eternal Blue to spread from computer to computer inside various staff and guest networks, company researchers Lindsay Smith and Ben Read wrote in a blog post. While the researchers didn't directly observe those attacks being used to infect guest computers connected to the network, they said a related campaign from last year used the control of hotel Wi-Fi services to obtain login credentials from guest devices.
Demoncrats lost their sense of humor (Score:5, Insightful)
His name is Seth Rich. But you probably know him as Russia.
All while the CNN fact-checks the president during Korean negotiations: "no, no, Trump lied, our nukes are actually old and weak, and not modernized as he claimed."
Re: (Score:3, Informative)
it has been determined that the "hackers" downloaded the DNC emails at a rate of 22 MEGABYTES per second. This sort of connection isnt available across the atlantic, and isnt available from any ISP in the States.
But such a connection IS available with a local area network, and further such a speed happens to coincide with the write speed of a large USB thumb drive.
Re: Demoncrats lost their sense of humor (Score:1)
Re: (Score:3, Insightful)
I'm supposed to believe that somewhere, there is a "time stamps in the metadata" entry listing the exact time of the start, and end, of the file transfer, allowing its speed to be calculated. A speed from which you're inferring it must have been an internal transfer because back in the dark ages of 2016 and 'delivery overheads', it could never have made it across the atlantic at 20 MB/sec?
But that same log file entry doesn't contain anything useful like the destination IP address?
I find this implausible. Th
Re: (Score:2)
Re:Demoncrats lost their sense of humor (Score:4, Interesting)
176Mbps isn't implausible for an upload speed, either. Residential synchronous 1GBps+ fiber lines are not uncommon in cities; surely a ritzy hotel hosting VIPs would have a decent pipe. And as you said, the person on the other end would only need a halfway decent download speed.
176MBps is also not at all unreasonable for a cross-Atlantic connection, but hackers with any skill or resources would likely use a machine in the target country as a proxy for attacks, so it's not even relevant.
In other words, the speed doesn't say anything. It's certainly no proof of an 'inside job' like the alt-right brigading is trying to message.
Re: (Score:2)
Re: (Score:1)
Since reading comprehension does not appear to be your forte, or your are intentionally trying to distort, let me point out to you the report that I read a while ago by the forensic analyst didn't say "23MB/s therefore DNC inside leaker". It explained what programs could have been involved in constructing the initial archive. It's all evidence together that strongly points out that the initial copy came from inside.
By pointing out 23MB/s is possible speed on the internet, focusing solely on that, and then i
Re: (Score:2)
I think you're applying the razor incorrectly. I'll agree that a direct copy to a usb stick was likely, but was that the original copy? I know of no evidence.
I can't choose between "somebody snuck in and copied it onto a usb stick" and "it was copied off somewhere, and sometime later THAT version was copied to a usb stick". Perhaps I'm missing relevant information, but I doubt it. I suspect that the information to make a decision isn't available.
P.S.: What relevance does trans-Atlantic communication sp
Re: (Score:3)
When message threads get flooded with posts echoing a single narrative with the same flawed arguments, I call it brigading because that's what it is: An attempt to artificially create a 'consensus' so that dissenters are not heard, dismissed as fringe elements, or discouraged to the point of self-censorship.
As far as the evidence goes, the blogger did good forensic work, but finding conclusions from something like this is a Rorschach test; it's easy to see what we want to see. We fall into logical fallacies
Agree with all but one point (Score:1)
My personal take is that none of the evidence is sufficient proof of the "hacker's" identity, but whoever did it was quite lazy. If they were trying to hide their fingerprints, they did a singularly bad job of it. That by itself leans me slightly toward the 'Russia' theory: The DNC would have a lot more to lose if their supposed conspiracy (complete with murder) was unmasked, while Russia would lose nothing but a little international respect they didn't have to begin with.
The DNC has not been nearly as good as they think they are in terms of hiding their actions. They have gotten away with so much because of people in political positions than being clever. Lynch on the tarmac, Comey's indictment and subsequent dismissal of all charges, DWS email chain/IT guy, Abedin/Wiener, Rice/Holder etc... using easy to track fake names in communications, Clinton's Server, Benghazi, Holder's Fast&Furious, etc...
The public is outraged because so much has been outed with no criminal a
Re: (Score:2)
OMG 22 MB/s! Is this satire someone marked as insightful?
Re: (Score:2)
Determined by who? And how?
Re: (Score:1)
Re: (Score:2)
next time, try repeating RATIONAL BULLSHIT
Re:Demoncrats lost their sense of humor (Score:4, Insightful)
Or are you claiming the CIA is full of liberals (are you actually stupid enough to repeat that lie?)
Science (Score:2)
You do realize that there has been no independent verification of any data in the paid-for report right? No law enforcement agency, not the FBI (not in CIAs jurisdiction), has been allowed to review any information used to create the report.
Saying that the report looks right assumes that the facts are correct, and that is where law enforcement agencies have no such verification. That is why the FBI requested, and to my knowledge still has an open request, to examine the DNC servers.
So again, could they be
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Simply read the CIA conclusion, NOT based on a "Paid for" news article.
Wrong.
Re: (Score:2)
Re: (Score:2)
Take it up with the CIA
Re: (Score:3)
The CIA is no hotbed of liberals, and claiming this mystery "hand selected group" without proof is a lie
Are you admitting you lied?
Re: (Score:1, Insightful)
Your points are well taken. The fundamental facts of the whole Russia hacked the DNC narrative have never been questioned or put under scrutiny. There are many reasons for this, the primary one being that most of the media is a mouthpiece for the Democratic party. One can laugh at that, but this is the sort of shit that happens when a democracy does not have a free and fair press.
Propaganda Basics (Score:3, Insightful)
Your points are well taken. The fundamental facts of the whole Russia hacked the DNC narrative have never been questioned or put under scrutiny. There are many reasons for this, the primary one being that most of the media is a mouthpiece for the Democratic party. One can laugh at that, but this is the sort of shit that happens when a democracy does not have a free and fair press.
Actually the narrative is questioned, which is why you see the allegation come out and vanish almost as quickly. The narrative will be repeated and repeated until people get tired of pushing back and we end up with white washed history.
Repeat a lie long enough and loud enough and eventually the people will believe it. Not an exact quote of Goebbels, Mussolini, Stalin, Lenin, Pot, Mao, etc.. but the basic premise of their propaganda machines.
Re: (Score:1)
It's not about making us believe it today, it's about making people believe it in the future when there's nothing left of the evidence that contradicts it. Just stick with the Russia story long enough and hopefully history will remember the Trump administration as being associated with Russia. That's all they want. They don't care if you or I believe it today. They're making archive material. The more chaff they produce the harder it is to find the wheat.
Re: (Score:2)
The fundamental facts of the whole Russia hacked the DNC narrative have never been questioned or put under scrutiny. .
Except for Trump's CIA and FBI and NSA that is!
Re: FTFY (Score:2)
Show me.
Re: Easy (Score:3)
for all the rational world I think you should heed the words "Stuff it"!!
Re: (Score:3)
Yeah, doesn't sound like Trump at all.
Re: (Score:2)
Really poor form to play the DNC themed challenge, quite clearly the "It's all Russia's fault" is a joint scam of the DNC and the RNC, well at least establishment deep staters working both sides of the aisle. That is the real problem, this crap is clearly coming out from Republicans and Democrats and as Republican are the clear political majority across the board, this is their scam in reality, they are in control and working hand in hand with corporate Democrats. Clearly the neocons and the neolibs are on
Re: (Score:2)
Where are the prosecutions of clearly corrupt Democrats by the clear majority Republicans
Which democrats in particular would you like to be prosecuted?
Re: (Score:2)
'ER', all the ones who have broken the law, same as for the Republicans, just as for all corrupt politicians all over the Globe? I want to see all corrupt politicians across the entire globe prosecuted and just as cool to start with corrupt US Democrats as anyone else ;).
Re: (Score:2)
Re: (Score:1)
Not that you probably need reminding, but your completely phony outrage - all meant to distract from why the Democrats have actually lost nearly a thousand legislative seats, most of the governorships, both houses of congress, the White House, the Supreme Cou
Why can't they offer some proof or evidence?! (Score:1)
What I don't get about this whole "Russia" narrative is why the fuck the leftists can't provide any evidence or proof.
It has been, what, almost 8 months since Trump was inaugurated. It has been about 10 months since he was elected. That's plenty of time for some real evidence to be presented.
Yet all we get are questionable accusations from leftist talking heads.
Where is the goddamn evidence?! Where is the goddamn proof?!
More and more this is looking like a "Boy-who-thinks-he's-a-girl-and-surgically-alters-h
BeauHD, What I Need to Understand is This: (Score:2)
Re: (Score:1)
Here [g-2.space] is some pretty strong evidence that it was an inside leak. Much stronger than anything the IC ever provided pinning it on Russia.
Re: (Score:2)
There's evidence that it was a Russian hack, but there isn't proof. And there isn't proof that there wasn't a Russian hack. Why would you expect evidence of either?
For that matter, saying it was internal corruption isn't proof that it wasn't masterminded by Russia. Or that it was. Why would you expect it to be?
Most things aren't really determinable. Now ask yourself why it matters. Some things are known, like that Trump publicly asked the Russians to hack the Democrats, and that Russia took all reason
Re: (Score:2)
Re: (Score:2)
AFter all, the first attempted murder of a sitting Congressperson was the RIGHTARD who shot Gabby Giffords and murdered 3 other people, time to put the right in their own concentration camps!
GAS UP!!!!(sarcasm flag set)
Which is it??! (Score:5, Insightful)
Headline: Russian Group that hacked the DNC...
First Sentence: A Russian government-sponsored group accused of hacking the Democratic National Committee...
Did they hack it, or are they accused of hacking it?
There was no "Russian" hack on the DNC. (Score:1)
There is zero evidence that there was a hack on the DNC. None. Nada. Zippo.
Furthermore, the DNC has refused to allow access to their servers suggesting that there is a great deal of "politics" involved in the claim.
And we know via Wikileaks' Podesta emails that the DNC had a leak problem.
Additionally, Assange has said that the leaker was American, and suggested that it was an insider. He also strongly suggested that insider was Seth Rich -- the technical/systems director for the DNC. (Which would make sense
Re: (Score:1, Insightful)
They did not hack it [g-2.space] and yes they are accused of doing it. It's pretty conclusively an inside leak and a (inept) coverup blaming it on the Russians.
Re: (Score:2)
AFAIK the results of the FBI raid on Manasfort's home have not been publicly revealed. *I* sure don't know what they found, and I don't believe you do either.
I find Trump's public actions to be consistent with the claim that he was sponsored in some way by Russia. But given his personality that's not proof that he was. He has long had worship attitude towards dictators and tyrants, so it could just be hero worship. Neither choice causes me to thing better of him. There was speculation before the electi
Fix the shitty, deceptive headline, /. editors! (Score:5, Insightful)
I'm not a Trump supporter, but this submission headline is really shitty and deceptive.
Here's what it currently is, in case the editors do get off of their asses and fix it:
There's no "alleged" or "accused" or "thought to have" in there. It's stating that some vague, unnamed Russian group did engage in some sort of an attack. It's stating it as if it has been proven, when it hasn't been.
But the first goddamn sentence of the summary contradicts that by at least indicating there's only an accusation so far [emphasis added]:
Fix this shit up, /. editors. It just gives fuel to the pro-Trump crowd when you make stupid and sloppy mistakes like this.
Wont happen. (Score:1)
This is the interweb. Driving clicks is what matters. Turn off the adblock and see what shit pops up on Slashdot - like that Taboola clickbait shit nonsense.
Turn it back on and see the other ads that stick around.
Our comments just fed into their business model, btw.
Your ONLY recourse is just stop coming to this website.
Actually, ALL websites that have this news aggregation commenting shit are garbage. It's a complete waste of time, does nothing to inform us, and the commenting is just folks shouting at ea
Fun fact (Score:1)
Fun fact [dailymail.co.uk], not only is it not proven that Russia hacked the DNC. There isn't a SINGLE witness who has analysed the DNC hacked servers that is willing to say Russia did it while under oath.
Thats right kiddies. Not only have they not shown proof, but they don't have a single expert willing to say it happened. I know you think the FBI and NSA are on it, but under oath Comey said the FBI did not look at DNC servers and only Crowdstrike did, and Crowdstrike is now unwilling to say Russia did it. When asked wh
Re: (Score:2)
If you want to see analysis and evidence that comes pretty close to proof that it was an internal leak, look here. [g-2.space]
Re: Fix the shitty, deceptive headline, /. editors (Score:2, Insightful)
Because the US media made the accusation in the first place while all evidence points in the other direction. There is no evidence the Russians were even involved much less that they run this particular hacker collective.
The claim that an NSA exploit was used but the NSA exploit wasn't even released until earlier this year. So either the NSA aided and abetted the "Russians" or the story is just spin.
From what I understand (Score:2)
Re: (Score:2)
Come on, don't be so harsh, BeauHD did the best he can. Give him a prize for trying, instead, so he doesn't feel left out.
Ah, I see what you did!
"...left out..."
Quite droll.
The price of ambient authority (Score:3)
The NSA has known for decades that computing systems using a model of ambient authority are insecure. It is my theory that they have promoted this model to allow them to make their work easier. If the worlds computers managed resources in the same manner we manage money, electricity, or any other scarce resource, almost none of this would have happened, and Trillions would have been saved.
Re: (Score:2)
How we handle money.......so you are saying have a double-entry bookkeeping system for file permissions?
Re: (Score:2)
If you're making a purchase, you could hand the person your wallet (along with your entire life savings), and hope they remove the right amount before handing it back.... or you could just hand them a suitable amount of cash... the amount you hand over is the maximum you could lose.
In a similar fashion, capability based security never, ever, trusts a program to be honest and only touch the resources you wanted it to use. Instead of letting it have access to everything (ambient authority), you let it have
Re: (Score:2)
I'm not entirely convinced (tentatively). It seems to some degree you are trying to sandbox something, but privilege escalation exploits are all over the place in OSes.
Re: (Score:2)
I have not seen any evidence of that however the NSA did control the IPSEC committee and took steps to make sure IPSEC in the form of ubiquitous opportunistic encryption would not be adopted.
Just stop right there (Score:2)
A Russian government-sponsored group accused of hacking the Democratic National Committee last year
You can just stop right there. I have been following the news coverage on everything to do with Russia and from what I have seen there is absolutely nothing worth mentioning regarding any connection between the Russians and the DNC or any other Democrat politician or candidate. The DNC was not hacked and what they did with torpedoing the Sanders campaign and colluding^W coordinating with the Clinton campaign during the debate run-ups was perfectly legitimate and in fact done in a spirit of patriotism.
Now,
Re: (Score:1)
Here is Adam Carter's Evidence> [g-2.space]
This is what actual evidence and analysis looks like. Unlike what was presented by the Intelligence Community. I'd like to see someone send a 2 gigabyte file archive from DC to Romania via VPN in 87 seconds, even today. Until I see proof that that's even possible, I'm going with Adam Carter.
Re: (Score:2)
When the NSA can't keep it in their pants... (Score:5, Insightful)
Hack was probably a leak (Score:1)
https://www.thenation.com/arti... [thenation.com]
Really this is all a cover up for the real scandal which is that the Hillary camp stole the nomination from Bernie. That act got the Bernie people to leak DNC emails which they had access to... and now the DNC is blaming the consequences of their own corruption on Russia... which has lead to sanctions on Russia and all sorts of diplomatic consequences. The impact of Russia or any hack on the election is at best dubious.
Fact is that the Dems got split by a corrupt primary fol
Re: (Score:1)
Here is Adam Carter's evidence and analysis [g-2.space] that The Nation article is based on. It's pretty damned legit.
Re: (Score:2)
That's an amazing link you posted. Thank you very much for sharing it. Do you have any other sources that you'd recommend I look at on this issue or any other? Just an amazing link. Thank you again.
Re: (Score:2)
I'm not sure if you're being sincere or sarcastic. But yes, I can provide a link to forensicator's [wordpress.com] analysis, which was the other source that was used for the article. He deals mostly with the issue of transfer speeds and why it's doesn't appear to be possible to transmit as fast as the DNC did.
Re: (Score:2)
Quite sincere, thanks for your link. :)
Re: (Score:2)
Sorry use this [wordpress.com] one.
Re: (Score:2)
Clearly, you did not look at the analysis presented in the supplied link.
Re: (Score:2)
inb4 "The Nation is part of the Vast Right-Wing Conspiracy" posts.
Re: (Score:2)
I would never impugn The Nation, though I don't have to agree with every contributor.
Patrick Lawrence is the author of Somebody Else’s Century: East and West in a Post-Western World, Time No Longer: America After the American Century, and After Exceptionalism, and his columns for Salon and The Nation quite consistently praise the East and Russia and attack the West, Liberals, and "Imperialists" . From the initial reports of the DNC hack he's been putting out articles that it was an inside job and clai
Re: (Score:2)
Really this is all a cover up for the real scandal which is that the Hillary camp stole the nomination from Bernie.
I don't know why the simple math of the nomination process befuddles so many people so greatly. Hillary won more states in the primaries and caucuses. That is how you win the nomination.
Fact is that the Dems got split by a corrupt primary
What was corrupt about it? People showed up and voted in the primaries and caucuses. Many precincts around the country had record high turnouts. Many states where the primaries and caucuses tend to not matter at all (due to being too late in the order) had competitive votes and did matter.
Bernie did not get as man
Re: (Score:2)
There were a series of allegations by the Bernie campaign... one is information was being leaked by the DNC from the Bernie Campaign to Hillary. I could go get a list of these things if you want. There was a lot of shady shit about the Hillary campaign.
Stuff in this for example:
http://www.huffingtonpost.com/... [huffingtonpost.com]
As to her qualifications, her popularity figures, ability to speak publicly, her charisma which is relevant to people wanting to win an election, etc... none of it was very good. But whatever... run h
Re: (Score:2)
There were a series of allegations by the Bernie campaign... one is information was being leaked by the DNC from the Bernie Campaign to Hillary
That is all that there was ... allegations. People can level all the allegations they want. At the end of the day Hillary received more votes than Bernie and in so doing she earned the nomination. The primaries and caucuses are run by the individual precincts within the districts within the states. The DNC does not have a way to manipulate those results as they are counted by the precincts.
Have you seen Bernie himself level any complaints against the process? No, because he understands how it work
Re: (Score:2)
Have you seen Bernie himself level any complaints against the process? No, because he understands how it works. He didn't get as many voters out to earn the nomination as she did. It doesn't matter if DNC leaders personally liked one candidate over another, they only get one vote.
He did draw attention to the problem of superdelegates, most of which were lined up for Clinton before the primaries even started. Despite the media repeatedly being told not to report unpledged delegates in the totals they kept doing so anyway, and this made it look like Clinton had a greater lead than she actually did.
Re: (Score:2)
Have you seen Bernie himself level any complaints against the process? No, because he understands how it works. He didn't get as many voters out to earn the nomination as she did. It doesn't matter if DNC leaders personally liked one candidate over another, they only get one vote.
He did draw attention to the problem of superdelegates
The superdelegates ultimately made no difference in the nomination; if there were none at all Hillary still would have won the nomination. There is a definite argument for them being generally un-democratic but they did not change the outcome of the nominating process.
Despite the media repeatedly being told not to report unpledged delegates in the totals they kept doing so anyway, and this made it look like Clinton had a greater lead than she actually did.
I saw plenty of media outlets reporting both with and without the superdelegate totals. My state was moderately late in the process and the superdelegate numbers did not discourage any voters I knew from going to the caucus.
Re: (Score:2)
So your argument is that the republicans are trying to gerrrymander with Voter ID laws?...
Integrity. Think about it.
Re: (Score:2)
The GOP uses gerrymandering and voter restriction in parallel. The latter is what they sell under "voter ID" and "election integrity" mantras, though ultimately they have the same effect as they both aspire to disenfranchise voters and minimize - or complete cancel - the value of a single vote from people who would ordinarily not vote GOP. As we've seen time and time again when the popular vote is counted the GOP seldom wins, they have
Re: (Score:2)
So your argument is that only the GOP gerrymanders?
You clearly didn't work on that integrity thing... tragic.
Re: (Score:2)
A Russian group didn't hack the DNC (Score:1)
Forensicator and Adam Carter have provided much stronger evidence and analysis that is was a leak from the inside and a coverup that tried to pin it on the Russians. Look here with an open mind> [g-2.space]
Re: (Score:2)
No, you are incorrect. The DNC leaks had not to do with a spear phishing attack. You are confusing these events with the leak of John Podesta's personal gmail account which is alleged to be the result of a spear phishing attack.
1) No one is alleging that an insider used a spear phishing attacks to obtain the DNC materials that were leaked. You are confused.
2. Outside of Google Fiber, 200Mbps was not obtainable in the US in mid 2016, and Google Fiber was not available in Washington DC where the DNC server
Re: (Score:2)
Re: A spearphishing attack (Score:2)
I have yet to see anyone show that it is possible to transfer 2 gigabytes of data in 87 seconds or less via VPN, from DC to Romania, using any type of connection.
Re: (Score:2)
You can't sit there and claim I said things I didn't.
What hack? (Score:2)
Re: (Score:1)
The evidence and analysis [g-2.space] that report is based on. Pretty legit.
Has Slashdot jumped the shark? (Score:3)
Fake news. Somebody here is feeding an agenda, not searching for the truth.
Stop with this Russian Conspiracy Theory! (Score:2)
SubjectIsSubject (Score:2)
Did the NSA not have a tool that signs malware with the code of known groups as a way of implicating them and not the NSA? This tool simply existing calls into question pretty much any "hacker group did such and such". Unless that group claims responsibility, then we can't be really sure who did what.
Punish Russia for Electing Trump!! Oust the Bozo!! (Score:1)
At what point is does it become self-inflicted? (Score:2)
For all those people that continue to use Windows, really how bad does it have to get before you finally switch to something better/more secure?
"Fancy Bear, APT 28" are we so sure??? (Score:3)
I am becoming less convinced that the work attributed to "Fancy Bear, APT 28" are in fact Russian. We've already exposed NSA/CIA as acting in disguise as foreign entities.
The irony, is for all the talk of Russian interference. We have done the exact thing in Russia's elections and dozens of other nations. We're the biggest hypocrites. Lastly, the majority of hacking and election tampering was done by the DNC to impede Bernie Sanders and prevent him from winning the nomination.
Re: (Score:1)
It's bitztream the autism-hating, custom EpiPen-hating, Musk-hating, Qualcomm-hating, Firefox tabs-hating Slashdot troll!
Score:-15, Pwned (Score:1)
Witness BitZtream getting pwned! [slashdot.org]... twice [slashdot.org].....three times! [slashdot.org]
So (Score:2)
Re: (Score:2)
fuck failing slashdot, i don't need to read this crap.
So why do you read it?
Last I heard, reading Slashdot was voluntary. Clue: you can even read some threads and not others! 8-)
Re: (Score:2)
We have to put up with your climate change stuff. The least you can do is to suck it up for an occasional Russian hacker story.
Re: (Score:1)
I don't know if it was Seth Rich, but it's pretty clear it was a leak from within the DNC. Evidence and Analysis> [g-2.space]
Re:leak not hack (Score:4, Funny)
Here [g-2.space] is the analysis that that article is based on. Looks pretty legit.
Re: (Score:2)
All you have are accusations from the DNC, of course!
And an odd refusal on the DNC's part to allow the FBI to ever even touch the infrastructure in question. The only people who've had their hands on the server from which the information was copied were hired (and reliably partisan) consultants who scrubbed for malware and insist it must have been a hack. The people clinging to "Trump and the Russians hacked the DNC!" have reached the laughably delusional stage of this. Well, it would be laughable if the consequences of this phony narrative - as it relates t