
As Democrats gather, allegations of Russian subplot raise intrigue - jboydyhacker
http://www.nytimes.com/2016/07/25/us/politics/donald-trump-russia-emails.html?hp&action=click&pgtype=Homepage&clickSource=story-heading&module=first-column-region&region=top-news&WT.nav=top-news
======
gtrubetskoy
From NYT I'd expect something better than "Evidence so far suggests" with zero
evidence presented.

Anyone who's done anything related to security knows that it's impossible to
discern much from any trace of an attack left behind - at best you might have
IPs of proxy servers they used and you might be able to figure out the
vulnerability exploited, but if the attackers were any good (and they're
saying "evidence" suggests it's government agency level type stuff) - there is
no chance they'd leave anything behind other than false traces to confuse the
investigation.

Real evidence would be a corroborated confession, but even an excerpt of logs
and/or a little description of what happened other than the "Cozy Bear" story
would be great.

So basically someone hacks the DNC servers (and my guess would be that it
should be trivial given that this is primarily a volunteer-operated
organization), and NYT blames it on GRU. Because being hacked by Russia is
cool, compared to being hacked by a nobody because your security is sloppy.

BTW - crowdstrike.com was registered in 2010 with GoDaddy, not exactly trust
inspiring.

~~~
mc32
I imagine it's more politically motivated than "we don't want them to look
like amateurs" but rather, look who is helping Trump, that bad Putin fellow.
The unsaid part is, "we don't want someone Putin favors in the white house,
make sure you vote for Clinton."

As others have pointed out, it's at least curious that when the Sony hack
happened, and the administration came out a few weeks later and declared it
was North Korea, lots of InfoSec stood up and said, wait, it's not that
clear... We're not so sure... But here there is no such doubt, at least yet
being raised --which is an interesting difference.

~~~
Lordarminius
> it's at least curious that when the Sony hack happened...

Not only the attribution is dubious. The whole thing stank down to the timing.
My theory is that the Sony hack brouhaha was raised for the specific purpose
of obscuring and deflecting attention from the Senate report on torture
released on 9/12/2014.

------
alexmingoia
There's zero proof of this assertion in the article... But hey whatever
deflects blame and attention from the corruption in the DNC.

~~~
daxorid
Many people in infosec (epitomized by the Swift On Security account) normally
circumspect and cautious about attribution, are claiming with 100% certainty
that Putin is behind the leaks.

Politics have a tendency to really mess with a person's nominal judgement.

~~~
Teever
Do you have any evidence of this?

I don't understand why the Russians would be capable of obtaining this data
yet not able to release it without revealing that they were the source.

Unless it was their motivation to be linked to it -- but what does that gain
them?

It seems like the more likely story is that all of this talk about the
Russians is just a method of misdirecting people to discuss the theoretical
Russian link but not the documents themselves.

~~~
daxorid
You may have misunderstood me. I am saying that while attribution is a very
tricky, difficult business fraught with guesswork and spectra of
probabilities, in this one instance a ton of infosec people are throwing their
typical caution about attribution out the window to claim full confidence in
attribution to Putin on the basis of a shared IP address in France and a
Romanian who says Guccifer2 doesn't write like a Romanian.

It is a great demonstration of what politics does to the minds of nominally
cautious, reasonable people.

~~~
Teever
Thanks for the clarification.

That makes a lot more sense.

------
rdtsc
I don't buy it. This is a typical tactic -- "Oh look we were hacked by ex-
Soviet supervillains, nobody could have resisted this attack."

When we got what looks like a FAQ blog post from Guccifer 2.0 (
[https://guccifer2.wordpress.com/2016/06/30/faq/](https://guccifer2.wordpress.com/2016/06/30/faq/)
) and I tried to guess some things about him:

[https://news.ycombinator.com/item?id=12009544](https://news.ycombinator.com/item?id=12009544)

Here is what I came up with:

"...there is a high chance he is from Moldova, and now works for one of the
big IT companies. Probably in his mid 30s. Lives in US or Canada."

~~~
Gustomaximus
> Cares and knows about DNC and specific candidates. Guessing they are
> following the election process, so probably live in US or Canada.

For this you underestimate the global interest in the US elections. It is so
influential on the rest of world many take keen interest. This can easily be
lunch-break talk in Australia. Not sure about the other points.

~~~
rdtsc
Well maybe it was just guessing based on my experience. At least in Easter
Europe with friends I talked, aside from generalities about candidates (Trump
is building a wall, ha-ha), it nobody worries or cares deeply enough to follow
it to the level of DNC, to watch for election fraud, corruption.

------
oh_sigh
Okay...let's take all this at face value, even though there is absolutely no
evidence for a hack whatsoever. Russia is showing the American people how
rigged (at least) one of their major political parties is. So...we should feel
sorry for the party that rigged their own supposed open choice of candidates?

Hell, let's take it one step further. Imagine the Russian political world
actually wants Trump to win. Is that the end of the world? Does it necessarily
mean it is something bad for the USA, and good for Russia? What if it meant it
would something good for Russia, __and __good for the USA? Didn 't like half
the world want Obama to win in 2008?

------
zarriak
The one thing that annoys me most about this isn't about who is doing the
hacking, but how horribly the DNC had failed at security. Nobody has been
talking about this and I find it annoying to see nobody has been focusing on
greater security.

~~~
meshko
What makes you think they failed terribly? We haven't seen full analysis (or
much of anything yet), but there are mentions of potentially specially
targeted malware. Very few organizations will withhold a direct targeted
attack by a government which possesses zero days and resources to hand craft
attack software and can find personal information of specific people attacked.

------
jonnybgood
The title is inaccurate. According to the article, researchers made the link,
not any counterintelligence organization.

~~~
dang
We changed the submitted title ("Counterintelligence Links Russian GRU to DNC
Leak and Putin") to the current article title and threw in an "allegations"
for good measure.

------
rimutrees
Well thats one way to spin it

------
rrggrr
Irrelevant if true. A Trump, Clinton or Johnson administration cannot reverse
trends in the middle east that threaten Russia's southwest border. Russian
energy fortunes will not improve as pressure from alternative energy and
shale/sands sources is irreversible. Global deflation across most commodities
will continue to sap income from Russia's natural resources, at least until
China can somehow rebalance its economy. I believe all of this is apparent to
Russia, and that like other governments they well understand that global
stability is essential to their economic prosperity and domestic order. If
Russia must involve itself in US Politics in some manner, they would do well
to get behind whichever candidate can contribute to global stability. Even if
it means a return to 1990's US hegemony - a time that was very good for many
Russia.

