[ipython]

You’re doing your own hand waving. Why does a computer in Venezuela make the trail go cold? I could have an agent working for me passing me customer lists from Venezuelian colo facilities. Combine that with knowledge of known shell entities who also operate from other points of presence and I can make inferences. If I want I could then use offensive techniques to own the middle box and enhance my confidence level by observing traffic/stored data on that machine.

Look I can’t summarize how threat actor attribution works in a hacker news comment. Does that mean the people who do it are quacks? Nope. I know people who do it, who build tools to help, and they are exceptionally sharp technical minds.

And I see you have casually dismissed an entire industry because you may not understand how someone could draw conclusions from imperfect data?

Hate to say it but this happens all day every day as human existence is filled with imperfect data. Not everything can be summarized in a neat mathematical form.

Does that mean you don’t try? I choose to try my best and continually improve methods. Otherwise what’s the point? Just give up because we can’t model human behavior and geopolitics as a pure functional state machine?

[rightbyte]

Sure I am not claiming that you can't figure out who or where the hackers are. I am claiming that you more or less have to arrest them and get their computers to be even remotely sure, and that it is trivial to frame hackers or "frame" the plot of dirt where they are located, for a hack. Especially so, when the victim can shift blame to CYA.

If the methodology is secret because secret, I as a observer just assumes everything is made up. It is way to convenient for Microsoft to shift blame. There is this smell of the Clinton email leak again.

I mean, you I presume, and I, are programmers. How ludacris would it be to claim it is not a miracle the computer it even boots? It is black box upon black box and the "pink elephant behind my back", in the world of computing, is real.

[ipython]

I’m not sure how this shifts blame? In my opinion the blame sits squarely on the shoulders of the entity whose systems were exploited. Microsoft is responsible for the security of their systems, full stop. Doesn’t matter if the GRU did it or some random guy in Venezuela.

How do you know Microsoft was even “hacked”? I mean if you want to get super pedantic about this, I haven’t personally seen any proof.

So yes while a computer provides a convenient mathematical abstraction upon which we can reason, we aren’t talking about how a computer boots. We are talking about figuring out - within a certain confidence level - the group of individuals that likely carried out an attack. We are now firmly outside the scope of the neat little mathematical abstraction of the machine. Even within a machine, there’s more nondeterminism than you or I would like to admit. But that’s a topic for another day.

The methodology is not secret, you can google for threat actor attribution. Private companies do this work as well as governments. You are welcome to go join one of those companies or organizations to learn how it works and work to improve the process if you are so passionate about it!

You are the one putting some political agenda on this. China, Russia, as well as North Korea, Israel, Iran, and many other countries have robust offensive cyber capabilities. Attribution is not an exact science, and if you actually read any raw intelligence report it is clearly marked with a confidence level for that exact reason.

[willcipriano]

> you can google for threat actor attribution.

I've had a interesting life. I'm a expert in not getting "attributed" if you will. No need.

> Private companies do this work as well as governments.

It's mostly private snake oil vendors.

Famously the FBI used a conclusion a private company, hired by a presidential campaign made, as a pretext to engage in surveillance on their primary opponents campaign a few elections ago. They did no forensics themselves. They didn't even get the full report and what they got was heavily redacted![0]

[0]https://consortiumnews.com/2019/06/17/fbi-never-saw-crowdstr...

[ipython]

So once again you turn this back into a Hillary Clinton conspiracy theory. I guess theres no moving on from something that happened seven years ago now. Last I checked, the guy who was running against her won and Obama peacefully transferred power to him.

Glad you’ve had an interesting life! Best of luck in your future endeavours.

[probably_satan]

He's probably spot on, btw.

[probably_satan]

Lots of Clinton associates also worked for Microsoft. My guess is that Microsoft and the Clintons/Obama/libs sold the country out to China and are now trying to play victim.

I'm a-political but this is the pattern I see.