[thraway2016]

It's not just Schneier. Seems that nearly everybody in infosec is convinced of Russia's complicity in everything from the DNC leaks, to Vault7, to ShadowBrokers, and now allegedly the Macron campaign.

Listening to the RiskyBusiness podcast, for instance, it's incredibly obvious that the community is fully in the tank for the Russian attribution hypothesis, and habitually carries the water for FiveEyes IC.

Meanwhile, we mere plebs have very little evidence to judge the community's beliefs by, other than blind faith in, say, CrowdStrike.

If the infosec community would like to actually state their case to the plebs, I would love to hear it. But all I've ever been able to find is "the phishing email is a little similar to something produced by APT28, and there was an IP once used by FancyBear like 5 years ago, so it's 99.9999% certainly Russia".

And nobody seems to care enough about those outside the community to even try to state the case.

[jwtadvice]

I wouldn't characterize everything-is-Russia complicity as an infosec community consensus. I'm in the infosec industry and disagree. In fact, my colleagues and coworkers tend to have far more nuanced and informed positions than what mass media has inappropriately characterized as the infosec consensus.

I remember when Wasthington Post and others were claiming that Russia had hacked voting machines and that the infosec community agreed with that. All kinds of researchers reached out to complain but their voices were never heard. Instead the story was quietly dropped when it turned out it was PR and propaganda bullshit.

I'm sorry that you have an impression that there's an infosec consensus on this.

It doesn't exist.

[thraway2016]

Thanks for your response. I'm peripherally interested in application security, so I've followed SwiftOnSecurity, the grugq, HN's very own tqbf, 0x00string, xntrik, matt blaze, etc. I also listen to Risky Business, LiquidMatrix, cyberwire, etc.

My impression based on following "thought leaders" and listening to the most highly-regarded podcasts is that the community is, in fact, exactly as I described. (even the recent appointment of IC shill Jeff Man as a regular on Paul's Security Weekly has dramatically shifted his show in that direction.)

If you don't mind, can you recommend other people to follow/listen to that might balance out the impression I have received? Thanks.

[cyber_gr1zzly]

In terms of the NatSec - which has a broad overlap with InfoSec on twitter: pwnallthethings, shaneharris, jimsciutto, josephfcox, etc. all provide useful insight.

Broadly though, punditry shouldn't be used as a proxy for consensus.

[daddyo]

I thought pwnallthethings is also in the Russians-did-it camp.

DNC hack: https://twitter.com/pwnallthethings/status/74319706484310425... "Gosh, I wonder what outlet Russian intelligence is going to use to launder these stolen documents."

Podesta Hack: 14 year old hackers vs. Russian Intelligence

https://twitter.com/pwnallthethings/status/81662561706823680... "How many accounts did this "14 year old" hack? About 1800. In 2015. Who were these accounts? Mil, govt personnel in the West, defence cos, journos critical of govt in Russia etc"

DNC hack connected to German government hack

https://twitter.com/pwnallthethings/status/75689252388524032... "Reminder: Malware control servers used in DNC hack were also used in the hack on Bundestag linked to Russian intel."

Influencing politics

https://arstechnica.com/security/2016/06/guccifer-leak-of-dn... ""There's also the fact that the hacker is publishing documents at all, which rules out lots of nation-states," the PwnAllTheThings researcher told Ars in a private message. "China, for example, would happily spy on the DNC to try and get the Trump oppo [opposition] research to support their foreign policy objectives, but they wouldn't publish the documents to influence the election.""

[snowwrestler]

pwnallthethings has also gone through great pains to walk through the evidence (much of it public) and analysis that informs their opinion of attribution.

[jwtadvice]

I follow a number of the podcasts, blogs and outlets that you've listed and have a different impression entirely.

So I don't really know how to resolve that for you.

[nunobrito]

"Russians" seems to be the answer for mainstream media that forgets the ongoing internal power fight between FBI/CIA/NSA. This just got worse and more divided since the election cycle.

The infosec community does not has a "consensus". If the article writer wanted to do something useful, please consider a deeper investigation and pressure the alphabet agencies to work together rather than against each one another.

[snowwrestler]

Thanks for your skepticism of Russian attribution, thraway2016, account created November 25, 2016.