
FAQ from Guccifer 2.0 - koolba
https://guccifer2.wordpress.com/2016/06/30/faq/
======
rdtsc
Based on what I've read there is a high chance he is from Moldova, and now
works for one of the big IT companies. Probably in his mid 30s. Lives in US or
Canada.

A few things point to it:

* He thinks Moldova is part of Romania. That is a contentious issue. He mentioned it specifically. To do so, they'd have to care about it a bit. Doesn't like the Russians it seems, that hints to it as well.

* He listed possibilities about how someone could be a hacker not just be part of the Russian FSB -- working for a multi-national IT company.

* Age based on what he considers are typical "cool" role models for this age. He listed Rambo and Terminator -- those were the typical boys' role models growing up in the early 90s in Eastern Europe (especially ex-Soviet Union).

* Cares and knows about DNC and specific candidates. Guessing they are following the election process, so probably live in US or Canada.

~~~
jontas
I was struck by his correct usage of "its" and "it's". That is something many
native english speakers do not get right. He clearly speaks and writes english
very well or has someone editing his posts. That would agree with your
suggestion he is living in the US or Canada.

~~~
IshKebab
That might be something that foreign speakers find easier to get right because
they have to actively learn it, and the words are more different in other
languages so they wouldn't confuse the concepts.

~~~
weinzierl
Absolutely, but in my opinion it has more to do whether you learn to speak
before you know how to spell and write or vice versa. Homonyms or near
homonyms like "it's" and "its" or "their", "they're" and "there" are just
different things for second-language speakers. For me as a non-native speaker
it's a miracle how someone could ever spell "definitely" the wrong way.

His writing lacks the typical mistakes Eastern Europeans often make when
writing English prose, namely omitting the indefinite article. If you look
closely he might be overcompensating, for example:

    
    
        I’ve already said about the software vulnerabilities
    

I'm not a native English speaker myself but isn't the article superfluous
here? The next one is more obvious:

    
    
       But I made some conclusions from the Marcel’s story

~~~
arcticfox
Actually the article in "the software vulnerabilities" is pretty useful, since
he's referring to the specific vulnerabilities that let him in to the DNC. You
could potentially gather that from context, but to my native ear the article
sounds better.

The second example is, as you say, an obvious mistake.

------
jswny
Seems like this Guccifer 2.0 figure really is just in this for the fame and
glory. No real hacker with a different agenda would reveal so much about
him/herself (assuming the info is true). It puzzles me. It's almost as if this
new Guccifer wants to be caught just like the last one. As if his prosecution
by the FBI will finally validate his status as a great hacker, the one who
hacked the DNC amid one of the most historic elections in US history.

~~~
rdtsc
Far fetched speculation, I wonder if FBI specifically instructed those who
were hacked to tell the world it is the evil Russians. It played well with
their victim's PR story (it is understandably we couldn't resist such a
powerful enemy) but it also worked to flush him out with a blog post like
this.

Say, they suspected he was Romanian or from Moldova (a lot of Moldovans do not
like the Russian govt.) so telling the world "this was a Russian super-hacker"
was a way to get him angry and force him to try to repair his image so to
speak.

I think in the end because of of that blog post he might have revealed too
much and is at a greater risk of getting caught now than he suspects.

------
Someone1234
While most of what he said strikes me as "likely true" this struck me as being
utter nonsense:

> The DNC had NGP VAN software installed on their system so I used the 0-day
> exploit and then deployed my backdoor.

The NGP VAN is a service, not a piece of software, and most of the software
NGP provide isn't internet accessible. Plus there's also the sticky issue of
how he would get ahold of it to fuzz it.

On this issue I believe CrowdStrike. He purchased malware on the black market
($1.5K per this FAQ) and then emailed it to tons of people at the DNC until
some moron clicked.

This FAQ has a few obvious lies like that in it, like his poor English is
another obvious lie since they are so inconsistent with it.

I think they read about the NGP VAN and then made up the zero day story to
make themselves seem more badass. This individual strikes me as your typical
script kiddy, in particular considering how much they glorify Guccifer (1) who
themselves was a script kiddy.

PS - Crowdstrike are still wrong about the Russian intelligence claims, they
never had one shred of proof, even after posting their supposed "proof" it was
all just generic hacktools and things you can buy on Tor.

~~~
schneidmaster
> The DNC had NGP VAN software installed on their system so I used the 0-day
> exploit and then deployed my backdoor.

I was the tech director for Bernie 2016, and this part tripped my bullshit
meter as well. The VAN is a SaaS, not an on-premise solution. The DNC has some
servers that have tight integrations with VAN (e.g. direct db access as
opposed to using the API) but saying they had "NGP VAN software installed on
their system" is a stretch at best, and those certainly aren't the same
servers that the DNC uses to store their oppo research and such.

NGP-VAN does run on Azure though, FWIW. I don't know what OS the DNC's servers
run on, but it wouldn't shock me if it was Windows as well.

If I had to guess, this whole part is a red herring. I'm sure either guccifer
social-engineered folks at the DNC and/or the DNC was storing their oppo
research on old servers with shitty security. The NGP VAN was an easy name to
throw out and divert attention since their own security issues have been well-
publicized in the past.

~~~
fapjacks
This is totally off-topic, but I tried a few times to get a hold of someone
(anyone really) in the campaign to volunteer my technical skills, and every
person I talked to was like "Yeah, that sounds awesome! Call this person and
say you want to volunteer!" And that other person was just someone in charge
of phonebanking and only knew other phonebanking volunteers. It was tedious
and impossible to get escalated to someone that might be more useful.

~~~
schneidmaster
Well, part of my job description involved helping to organize tech volunteers,
so I guess at the end of the day that falls on me. Really it's a general
problem with a widely distributed yet generally meagerly staffed campaign.
There's a lot of autonomy with regional/field staffers and in turn they don't
necessarily know about everything going on at the national core (where our
digital/tech efforts happened). The way to help was primarily either through
finding a project to help with at
[https://github.com/Bernie-2016](https://github.com/Bernie-2016) or getting
involved with Coders for Sanders
([https://coders.forsanders.com);](https://coders.forsanders.com\);) I
originally was a volunteer with CFS and then joined the campaign full-time
after completing a few larger volunteer projects for them. But of course
there's no way for a random person wanting to get involved to really know
that. I'm rambling now; I don't have a good answer per se, other than that I'm
sorry you had a bad experience and I wish we'd found a way to solve this
problem.

Somewhat related, I've started helping out a bit with an OSS project called
Code Corps that may help with this sort of thing in the future. The basic idea
is that you input your interests (education, environment, economy, etc.) and
your tech skills and then get matched with political/nonprofit orgs that need
your skills. [https://www.codecorps.org/](https://www.codecorps.org/),
[https://github.com/code-corps](https://github.com/code-corps)

~~~
fapjacks
Cool project! Thanks for the links!

------
awinder
"You asked me several times if I’m a man or a woman. I’m a man. I’ve never met
a female hacker of the highest level. Girls, don’t get offended, I love you."

Oof.

~~~
cloakandswagger
Oof? Every other day on HackerNews I see a new post about the dearth of women
in tech and how dire the "shortage" is.

If there are substantially fewer women in tech, why is it unreasonable to
think there are practically no skilled female hackers?

(And note that when I use the term 'hacker' I'm referring to the illegal,
blackhat variety, not the 'I turned my oven into a WiFi hotspot!' kind)

~~~
mikeash
Two reasons come to mind.

First, "there aren't many" is _vastly_ different statement from "there aren't
any." It's not clear which category "I've never met" falls into, but it's easy
to take it the wrong way.

Second, that whole thing is completely unnecessary. The answer could end at
"I'm a man" and be done. He seems to feel a need not only to state his
maleness, but to point out that the question is stupid because it's not
possible for him to be a women given his skill.

~~~
cmdrfred
I wonder what institutional barriers keep women from hacking. As lack of
interest is often dismissed as an explanation.

~~~
mikeash
I'm sure lack of interest is a big reason, but that just changes the question
to, _why_ is there a lack of interest?

Personally, I think it's because so much of this activity happens online, and
online communities are still often extremely misogynistic. Women interested in
participating in such communities often have to hide who they are lest they be
faced with an endless cavalcade of "tits or gtfo" and unsolicited dick
pictures and other aggressive behavior.

------
cdubzzz
> Opposite to her, Donald Trump has earned his money himself. And at least he
> is sincere in what he says. His position is straight and clear.

This must be satire...

~~~
vec
"Build a wall across the Mexican border and force the Mexican's to pay for it"
is an extremely clear proposal, and it's been repeated often enough that I'm
willing to believe that Mr. Trump sincerely believes it's what we should do.

That doesn't make it, y'know, actually feasible, or a remotely good idea even
if it were.

~~~
cdubzzz
Is that an actual proposal of his? I would call "force the Mexicans to pay for
it" anything but clear, hah.

Admittedly I have basically zero knowledge of either presidential bid, the
"Donald Trump has earned his money himself" part was what really made me think
this must be a joke.

~~~
Uhhrrr
The leverage to be used is to threaten to block remittances from Mexicans in
the US back to their families. This makes up a large part of Mexico's economy.
It could certainly work.

Guccifer 2.0 actually criticizes Trump on immigration in the very next line,
though. So it's a pox on both the Clinton and the Trump houses.

~~~
vec
Blocking remittances is probably impossible. Even if you could shut down all
the direct channels for money to flow from US nationals to Mexican nationals,
which you can't, it's trivial to either send easily resellable goods like gift
cards or to transmit the money to some third party in a neutral country who
agrees to forward it on for a small fee.

Even if it were possible, blocking remittances is probably illegal under our
free trade agreements with Mexico. Any attempt short of pulling out of NAFTA
is all but guaranteed to be tied up in courts for years before it could
possibly go into effect.

And even if it were legal, a huge disruption to trade is all but guaranteed to
cost the economy vastly more than the cost of just doing it ourselves (even
assuming we actually wanted to).

All of which is before you even consider the internal politics of getting the
US congress to pass a bill in the first place, or of convincing the Mexican
government to roll over and accept a huge insult without requiring anything in
return.

There is essentially no realistic model under which "it could certainly work".
It's a feel-good idea that falls apart with the smallest amount of critical
analysis. It's a childish conception of international relations, and any
attempt to actually implement it is all but guaranteed to both fail miserably
and make absolutely everybody worse off in the process.

~~~
Torgo
You're not looking at this as part of a comprehensive policy. If you bypass
normal remittances, you out of the frying pan and into the fire of processes
that make your illegal status visible to the federal government through KYC
and all the "soft" rules that are in place that track people that use gift
cards, etc. If someone had the political will, it would be trivially easy to
identify practically all illegal immigrants who operate in the country and use
any mechanism to store or transfer money. You don't even have to be more
"evil." The processes and information are all already in place. Just a man
willing to use them would have to be placed into a position of power.

Even if you're legal, as soon as you bypassed the remittances law you probably
committing half a dozen other crimes, that are easily tracked.

Regardless if this is a "good idea" or not, it is very, very feasible.

------
shritesh
This Twitter analysis on the FAQ is worth following:
[https://twitter.com/pwnallthethings/status/74848214296815616...](https://twitter.com/pwnallthethings/status/748482142968156160)

~~~
rdtsc
All guessing of course, but disagree with the insinuation it points to
Russians still.

\- Rambo is not just a lame attempt at sprinkling in an American cultural
reference. It is exactly what an Easter European boy in his 30s would have
been looking up to back in the day.

\- Other than just Russian security services can find translators. English
speaking / translating ability is not a rare, expert-only domain. Could have
asked a friend.

I guess at the end of the day, nobody likes to be hacked by a random loner
guy. It feels more validating to be targeted by KGB's successor. As it
explains away the security failures -- "Well these people torture and kill,
should be glad we only got hacked by them, could have been a lot worse ...".

------
randomname2
How does this square with the generally accepted view [1] it was the Russian
security services?

[1] [http://motherboard.vice.com/read/guccifer-20-is-likely-a-
rus...](http://motherboard.vice.com/read/guccifer-20-is-likely-a-russian-
government-attempt-to-cover-up-their-own-hack)

~~~
Kristine1975
That article seems to be mostly speculation, though. Maybe Guccifer is a
Russian, but not affiliated with the Russian government (aka Putin aka Ivan
the Terrible).

But apparently this is The Cold War 2.0, and whenever Russians may be
involved, this means that the Russian government is involved...

~~~
jn1234
It would appear that different people wrote different parts of this. The
English goes from fluent to almost Google translatese ("inside the network to
stay stealth.") in talking about the actual hack. This would suggest that an
organization or at least multiple people were involved.

[https://twitter.com/pwnallthethings/status/74848214296815616...](https://twitter.com/pwnallthethings/status/748482142968156160)

------
fapjacks
I'm surprised at how many people are "trusting the client" here. Analyzing
what is being said, as though any of it were the truth. As if the FSB couldn't
type all this up just as easily as some thirty year old single guy from
Moldova. Not only that, but this is so over the top ("I'm the best hacker
ever!!!one") that I'm surprised people are taking it seriously. To me, this
really just sounds like someone or some group of people trying to make
themselves sound like a hacker, complete with hacker folk heroes like Snowden
and Assange.

------
chasing
> As for me, I see great differences between Hillary Clinton and Donald Trump.
> Hillary seems so much false to me, she got all her money from political
> activities and lobbying, she is a slave of moguls, she is bought and sold.
> She never had to work hard and never risked everything she had. Her words
> don’t meet her actions. And her collision with the DNC turned the primaries
> into farce.

> Opposite to her, Donald Trump has earned his money himself. And at least he
> is sincere in what he says. His position is straight and clear.

So... good hacker. Crappy political commentator.

~~~
meritt
1) Compile a bunch of publicly available information into a large package and
"leak" it. Call it a hack.

2) Call yourself Guccifer 2.0

3) Post a well-written-in-English FAQ that conveniently attacks Clinton with
the same tired shit meanwhile praising Trump.

This is some extremely thinly veiled bullshit.

~~~
ultramancool
He definitely doesn't sing Trump's praises that much. In fact in the very next
sentence he says he disagrees with him on some pretty key issues of his
platform.

------
rrggrr
This feels state-sponsored, perhaps a product of Russia. Catching my
attention:

* Emphasis on disparaging Clinton is interesting as current Admin policy is decidedly (and effectively) counter to Russian interests.

* Referring to Intel community using the reverent European bureaucratic term "Special Services".

* The boastful lone hacker, but calls himself Guccifer 2.0. Obligatory reference to Lazar midway through the manifesto.

* Real political and security drama in the UK and Europe, but focuses on a comparatively boring Clinton campaign, dropping leaks just as a stumbling Trump campaign needs them the most - and all the while Trump, who is largely reviled in Europe, is praised in the FAQ.

I'd be amused to learn this was homegrown. I have the increasing sense the
Clintons made more than their share of powerful enemies at home as I begin to
read the "Crisis of Character" book.

------
Exuma
Who is Guccifer?

~~~
echelon
He's a hacker who perhaps most notably claimed to have hacked into Hillary
Clinton's private email server.

[https://en.wikipedia.org/wiki/Guccifer](https://en.wikipedia.org/wiki/Guccifer)

------
tacos
Yup, not buying it. Too cutesy, too impersonal, too obvious. This is a team
effort. And not a very good one.

~~~
Kristine1975
Maybe he used that style on purpose to mislead any adversaries?

------
guard-of-terra
What's he notable for?

This guy's writing reminds me of Bill Cipher uncomfortably.

