| Hi! I've barely scratched the surface here, and intend to continue, but it's been awhile and I want to honor your efforts here with a progress report. While I am critical, I have not yet come to any overall conclusion about everything you have presented here. These are just some observations and comments about one article, the Vice article. I really want to stress that my pushback is not a refutation of the argument as a whole. >> Yes, but it's not what CrowdStrike, ThreatConnect, Secureworks, Fidelis, or FireEye do. Their business is to perform computer security investigations. Why would they jeopardize their business by publishing lies? << This is not very convincing, to me. I don't think speculating on why someone would lie is fruitful. People and organizations lie or are mistaken all the time. In following the rabbit-hole of the vice article ([7], above) I found this [1] "A security firm made headlines earlier this month when it boasted it had thwarted plans by organized Russian cyber criminals to launch an attack against multiple US-based banks. But a closer look at the details behind that report suggests the actors in question were relatively unsophisticated Nigerian phishers who’d simply registered a bunch of new fake bank Web sites.... Colorado Springs, Colo.-based security vendor root9B, which touts a number of former National Security Agency (NSA) and Department of Defense cybersecurity experts among its ranks." Why would a security firm with NSA and DoD experts exaggerate or be mistaken about a Russian hacking intrusion? Again, I don't care to speculate, but for our purposes it's enough to note that people and organizations do lie, or exaggerate, or are mistaken, and get headlines anyway from credulous media outlets Speaking of rabbit holes, let's compare the coverage of the DNC hack to the coverage of the German Bundestag attack. This article [2] is very straight-forward. The investigator lays out the report clearly without lots and lots and lots of footnotes and testimonials and circumstantial, distracting links. I urge you do read it. It's quite short. The evidence is there, in the report. The language is simple. Russian hackers may have been behind the malware used in the attack on the Bundestag left. Could I read a such a clear and unadorned report about the DNC hack? Let us contrast it to the link-flood above, and in the Vice article ([7], above) and in all of the coverage of the DNC hack. Perhaps there is a simple report like [2] that lays out the evidence clearly, but if so it is buried beneath baffling bullshit. It's almost as if the analogy of [2] does not actually exist anywhere, and the link-flood is an attempt to convince us that where there is smoke there's fire, and somewhere there must be hard evidence. Specifically, let's unpack the Vice article a little bit. It takes 11 or so paragraphs to get to this, which arguably should have led the article: "One of the strongest pieces of evidence linking GRU to the DNC hack is the equivalent of identical fingerprints found in two burglarized buildings: a reused command-and-control address—176.31.112[.]10—that was hard coded [a] in a piece of malware found both in the German parliament as well as on the DNC's servers. Russian military intelligence was identified [b] by the German domestic security agency BfV as the actor responsible [c] for the Bundestag breach. The infrastructure behind the fake MIS Department domain was also linked to the Berlin intrusion through at least one other element, a shared [d] SSL certificate." [a] https://twitter.com/RidT/status/751325844002529280 [b] https://www.wirtschaftsschutz.info/SharedDocs/Kurzmeldungen/... [c] https://www.spiegel.de/consent-a-?targetUrl=https%3A%2F%2Fww... [d] https://twitter.com/RidT/status/752528393678225408 (I use letters, because I want to make a clear distinction between my links/footnotes versus those of Vice) (Note that the shared SSL certificate, mentioned in Vice and [2], is also mentioned in Krebs On Security [1] - and rejected there as evidence of Russian hackers) It should have led with its strongest evidence. Why didn't it? I have supplied three footnotes, one of them to a very clear example of the kind of evidence or report I am looking for. This single Vice article, by contrast, provides no less than four in this single paragraph alone, never mind the entire article which is replete with them. Let's go through them [Comment too long, continuing here https://news.ycombinator.com/item?id=24834762 ] |