The trouble is that the report was released at the same time as the expulsion of 35 Russian diplomats and the whole context around it, including some of the language used in the report, implies it's proof of a Russian election hack.
We also analyzed the IP's they shared and they're just a mish-mash of known attack IP's around the world - probably hacked hosts being used as an attack platform by everyone. ISP's include Linode and Digital Ocean.
I'm having serious Colin Powell UN flashbacks here: IC releases questionable data as justification for military policy decisions.
I've done two interviews this morning about this story and I'm told by one very well known journalist that publications both on the left and right think this whole thing stinks. Here's RS's take.
1) Did you actually verify that the IPs provided were part of the Tor network, or did you just see that their rDNS records currently have the string "tor" in them, as you described in the article?
2) Did you identify the malware you reversed by file hash, or did you find something that hit on the provided Yara sig?
I think adding these details to the article might give technical readers some more insight into and more confidence in the methods used.
We didn't look at the hashes or using hashing to identify anything. It's quite a story actually:
The report provided a Yara sig for PHP malware. We used that to search our own attack data that we log and we found the full malware sample that matched the sig.
But it was encrypted. It's a small piece of PHP that gets a key from a POST param or COOKIE and decrypts the executable code and runs it. Quite smart actually if you want to obfuscate code. So we needed the key.
We looked at our attack data and thankfully we logged one of the attempts by an attacker to access the malware including their key. It was just 4 lowercase chars so we could have bruteforced it.
We decrypted the malware. That gave us the name and version. We googled that and found the distro site. Claim they're a Ukrainian group and the version DHS has a Yara sig for is several versions behind.
We downloaded it. It's a standard PHP 'shell' malware which means it's just a utility to manage a compromised site. File management, upload, OS info, OS command running etc. Nothing super scary and the most common malware we see. Nothing that would infect a workstation in a watering-hole attack.
Regarding the IPs: No we just did a PTR lookup and assumed they're Tor exit nodes as they say they are.
Any post on HN that implies that anyone other than Vladimir Putin himself is responsible for Clinton's defeat will get downvotes...I've lost about 15 points on various posts downplaying this narrative. The Silicon Valley crowd simply cannot tolerate any hint of an alternate narrative.
It is pretty ridiculous to assert that the election's outcome lies primarily on Putin. On the other hand, Trump's victory was pretty thin, and that invites speculation that if certain influences hadn't been present, the election might well have gone the other way. Russian influence is one among many, but it's among the most disturbing, which is one reason people have strong feelings about dismissing it.
I'm just thinking that an entity could've downloaded some commodity malware (instead of writing their own from scratch) and modified it to suit their purposes, but the YARA sig would've hit on a lot of different variants of the same webshell versus a higher-fidelity match based on file hash.
Anyone can download it and check.
There is also a forum thread at https://rdot.org/forum/showthread.php?t=1567 started by this software developer in 2011. He answers the questions from the users of his software and asks them to donate to continue development.
So it is a publicly available software, not a private tool made by some hacker group for themselves. That is why other people could find it in their systems.
The forum thread  shows that the software has been developed at least since 2011.
I also looked through the code of a web shell. The code is written to be compatible with PHP4 and has some complicated parts, like building a zip archive by bytes. It has a lot of fallback methods, for example if some PHP functions are not available or not enabled, it would try several other ways to solve the task. I didn't like the style (a lot of two-letter variables, HTML and PHP code mixed together, hard to read and maintain). It looks like it was written by one person, but it would take some time, not a project one can write in a week. I guess the motivation for developer was to prove that he could write a better web shell than others.
Here is a link to a formatted source code  if anyone would like to see it and maybe learn some PHP4 programming tricks.
Which military policy decisions are those? What does expelling a few diplomats have to do with the military?
Nothing, of course.
I think this is an irresponsible comment. I think it's irresponsible to compare this to the run-up to the Iraq War when absolutely no one is talking about war. There is no ulterior motive or unfinished business between the Obama administration and Russia. As recently as 2012 Obama mocked Romney for calling Russia the U.S.'s biggest geopolitical foe. They're not, and Obama does not think that they are.
And I think it's irresponsible because you are relying on incomplete data (the DHS report) to attack a conclusion that rests on a much broader base than that data. And IMO, you're doing it knowingly, in an attempt to raise your professional profile and burnish your infosec credentials.
I have to say, though, linking to a Matt Taibi piece is not going to do that. He is an entertaining writer, but when it comes to cybersecurity, no one who knows what they are talking about thinks that he knows what he is talking about.
I use Wordfence and appreciate it. It's a good product. But I think you're on shaky ground here.
There's a saying that goes "extraordinary claims require extraordinary evidence." But the claim that Russia hacked the DNC is not extraordinary. The Russians hack, or try to hack, everyone in DC.
Within the last few years, they successfully hacked both State and White House unclassified systems. I don't recall everyone jumping onto the airwaves to dispute that assessment. Why? Because the govt did not issue any public data about it.
Now they have, in an attempt to help other institutions. Their thanks for improved transparency is a series of opportunistic misinterpretations, each of which hold up a limited report and declare it to be limited.
"The Department of Homeland Security and the Federal Bureau of Investigation are releasing declassified technical information on Russian civilian and military intelligence service cyber activity, to help network defenders in the United States and abroad identify, detect, and disrupt Russia’s global campaign of malicious cyber activities."
This suggests it is evidence of Russian activity.
"These actions are not the sum total of our response to Russia’s aggressive activities. We will continue to take a variety of actions at a time and place of our choosing, some of which will not be publicized."
This suggests we're going to be engaging in a classified cyber war with Russia.
In the United States the only organization that can legally 'hack back' is the US military, according to the CFAA. So any cyber operation will be a military operation.
The U.S. government is asserting it is Russian activity, and the information in the report is provided to help private organizations defend against it.
The attribution rests in part on classified information and is not likely to ever be "good enough" for members of the public, even with the ODNI report due in a few weeks. And as I said below, I don't remember everyone jumping up to object when State and White House intrusions were attributed to Russia.
Anyway, the fact that Russia is conducting a global campaign of malicious cyber activities is not news , and it's not fair to pretend that this DHS report is supposed to prove that on its own.
> This suggests we're going to be engaging in a classified cyber war with Russia.
War is a loaded term. Our war in Iraq killed many thousands of people and dropped an entire region into violent chaos. Is that what you think the U.S. government intends with the quote you mention?
> In the United States the only organization that can legally 'hack back' is the US military, according to the CFAA. So any cyber operation will be a military operation.
The military is also the only organization that can take out the trash in the Pentagon. My point with this flippant remark is that military activities are not commensurate just because they're military. Comparing the policy discussions of today to the run-up to the Iraq War is not defensible IMO.
 So are we, BTW.
EDIT to add:
If the U.S. government wanted war with Russia, it has already passed up 2 perfect opportunities:
- Aid the Ukrainian government in opposing the Russian seizure of Crimea by sending air cover or troops.
- Declare a no-fly zone in Syria and shoot down a Russian jet.
These were both real shooting war situations where force could have been justified. To think that now, a cybersecurity response is going to be the excuse for a shooting war, does not make any sense to me.
I don't think anyone wants a shooting war with Russia. That does not mean we should ignore a material shift in the balance of intelligence activities we do to one another.
We want into Iraq. How do we justify it? We want to keep Trump away from Putin, how do we justify it?
They are not! The DHS report is intended to provide govt information to private industry so that private industry can better defend itself. That's why it comes from the FBI and Department of Homeland Security, not the IC organizations who are actually tasked with attribution of foreign intelligence activities.
In fact the Washington Post story, while overhyped in the headline, is an example of this in action--Burlington Electric applied signatures from the DHS report, and found a match. Yay.
EDIT to add:
No one wants to "keep Trump away from Putin," certainly not Obama. This is the president who said he wanted a reset with Russia--and by the way, was mocked by the GOP for saying that.
What the outgoing administration--and career IC staff--want is for Trump to objectively interpret and apply the intelligence that is supplied to him.
We don't have to think that Russia is our eternal foe, to acknowledge and react to a nasty thing that they did. Being our ally hasn't stopped Brazil from applying consequences to us for what Snowden revealed, for example.
I imagine someone was assigned a task to produce some document about how Russians hacked us to justify all the propaganda narrative so far. That person handed it to their subordinate, who handed to their and someone came up with that paper.
It looks technical enough with jargon that someone from the street will see it as proof.
Now an interesting thing to think about is if someone who wrote this understands that this is bullshit and wrote it as such. Those who know what's what will see it too and this was a wink to them. Their superiors though will think this is some solid proof.
I'm all for dismissing this Russia story but I don't find RS an especially credible source right now.
> There was no “penetration of the U.S. electricity grid.” The truth was undramatic and banal. Burlington Electric, after receiving a Homeland Security notice sent to all U.S. utility companies about the malware code found in the DNC system, searched all their computers and found the code in a single laptop that was not connected to the electric grid.
"and found the code in a single laptop that was not connected to the electric grid."
So, the first step in penetrating a system was accomplished, getting the code onto a device that could potentially (or so they attacker may have hoped) be connected to the target network.
Until I hear that the code was put on the laptop by its owners intentionally and for legitimate reasons, this sounds like an attack. The headlines and responses are arguably alarmist and not fully informed, but it's still an attack. The dismissal of alarmism seems intended to obscure the likelihood that there was, in fact, the start of an attack.
If a spear phishing attack fails, was it not still an attack? That it was an attack in the direction of the power grid is, by definition, alarming. [EDIT: The first sentence in this paragraph confuses my point, and can profitably be ignored.]
The intercept's article could have been less sensationalist itself, and I wonder what the motivation for the overdramatization of the Post's failure would be. Competition? Schadenfreude? Sensationalist link baiting?
Regardless, I had hoped for a more sober and professional style from the intercept from its early days, and I've long ago stopped reading it, modulo the odd HN post.
Nobody is disputing that. But "electric company employee's laptop gets a computer virus" is a far cry from "the Russian government is attacking our infrastructure".
I'm not saying that is true, but it does makes sense.
Russians have shut down an airliner full of people and also occupied a good chunk of Ukraine and there was less hoopla in the media about it. Someone finds a PHP shell on a laptop and Washington Post is going nuts with "OMG Russians are about to disable our power grid".
If this is not Fake News then I don't know what is...
Was WaPo a respectable news outlet at some point? I feel like it was, I wasn't following it much before. It has gone the way of Fox News it seems recently. Oh well..
Obamaism, the McCarthyism of the 21st century. Otherwise known as good old propaganda. It goes like: Russia hacked the election, Russia hacked our grid, Donald Trump is a in fact Russian robot programmed to win the US elections and destroy America, etc.
What do "signature" and "tied to" mean in this context?
>> Nobody is disputing that
>>> Just because they failed doesn't mean it wasn't an attack
Nobody is disputing that. What's being disputed is (a) the target and (b) the attacker.
Stuxnet happened in a very similar way
You shouldn't wonder. The Washington Post is, and always has been, the voice of the DC/Media establishment and the number one disseminator of their propaganda. Remember that the absurd "PropOrNot" garbage was published in the Washington Post after being turned down by several major media outlets that at least seek to maintain the semblance of credibility.
And now we have a major US newspaper publishing articles claiming (with the most tenuous of links) that Russia is hacking the US power grid.
Not to mention a whole bunch of other dubious anti-Russia stories making the rounds based on flimsy 'evidence' that boils down to what another commenter posted the other day:
"Russians drive trucks. Hackers used trucks. Therefore the hacks were clearly done by the Russians"
It's not a straw man to say people calling for calm against Russia Hysteria are doing so because they don't want things to escalate to war with Russia.
> Certainly not the incoming US president
And so I find myself looking more and more forward to a Trump presidency. There are still 20 days to go however, so lets hope the media and the left can calm themselves down before then.
The entire left establishment, from Hillary to Obama.
Hillary wanted a no-fly zone in Syria. Obama just imposed a new round of sanctions on Russia, which is a precursor to war.
The mental gymnastics are hitting Olympic levels with the left.
People don't see the chess board and make Russia look like the villain; look at NATO in 1991 and look at it today if Canada would have joined the Warsaw Pact and if Russia was keeping enough nukes in Mexico to kill every living human in the continental United States where do you think we would be now?
All what Russia sees is a military alliance pushed onto their border, a continuous presence of US nukes in Europe, the US never stopping it's strategic air command nuclear bomber flights and then criticizing Russia for resuming them, the EU and the US pushing to bypass Russia's pipelines in the Caspian Sea and the US deploying a missile shield in Europe that would nullify Russia's current strategic arsenal after unilaterally withdrawing from the anti-ABM treaty.
And you say Russia is reckless and is a threat to world peace?
Close enough to "everywhere" to say everywhere.
"Obama was referring to the roughly 200 B61 nuclear bombs that the US has deployed in five Nato nations stretching from the Netherlands to Turkey - and a Russian arsenal estimated at 2,000 tactical weapons."
" ... The same goes for tactical nuclear weapons: compared
to the momentous issues that the East and West have
tackled since the end of the Cold War, the scattering of
hundreds (or in the Russian case, thousands) of battle-field weapons throughout Europe seems to be almost
an afterthought, a detail left behind that should be
easy to tidy up."
Google NATO Nuclear Sharing;
WHY THE FUCK are there nukes in freaking Belgium, when Russia had 12 missiles in Cuba the US almost started WW3, today the US is keeping nearly 100 of them in Turkey.
2) Russia invaded Georgia and stole Crimea.
Seriously, Russia did not start the Georgian conflict, sure they "overreacted" but Georgia did invade first, they were prompted by the west and then Bush folded and withdrew his advisers.
The Georgian conflict was about oil, the EU was building a new pipeline to circumvent Russia, they made a power play and Russia returned in kind.
"Stole" Crimea is probably the most laughable statement I can think of considering how the entire Ukrainian conflict started, the US and the EU pushed for elections they didn't like the results so a political proxy war was started which ended with the ousting of the pro Russian president which all the US and EU observers stated was democratically elected.
Russia was at risk of losing their only warm water port, and the most ironic thing is that whilst Crimea holds Russia's most important naval base in the region it's pretty analogous to another little piece of "stolen" land that you might know as GITMO, the big difference is that GITMO is not that strategically important to the US in fact it's not important at all, all US naval bases are in effect warm water ports, GITMO isn't even geographically important since mainland florida is just a day of sailing away.
3) Russia has started making advanced missiles to bypass missile defense systems and will have them soon, so who really cares of the missile defense shield?
Russia started improving their missiles as a counter to the work the US had conducted on missile defense, the US pulled out of the Anti-ABM treaty which was criticized by nearly everyone around the world and now it has a more or less effective missile shield.
In 2020 the US missile shield will likely to make all current Russian strategic weapons ineffective which would drastically change the balance of power in effect negating any nuclear deterrence this brings us closer to a nuclear war not further away.
Russia can't afford to spend trillions on ABM like the US has since the early days of the SDI, but making more and better missile is affordable to them, however this puts them again as an aggressor even tho the only thing they do is to attempt to restore the deterrence.
4) Russia is an autocratic nightmare state where Putin, a man rumored to have engineered the terrorist attacks that led to his quick rise to power, kills or exiles any opponents or critics.
It's not Finland but it's not an autocratic nightmare, Putin was an intelligence officer, he refused to participate in the general's coup in 1991, you should really read more about how he rose to power.
Russia doesn't have the same democracy as the US, the "unique" flavor of what they call "managed democracy" works it's not perfect, it might not be even "good" but it's far from being an autocratic nightmare.
5) Russia hacked the fucking DNC to make Trump win, which is an act of war.
The US prompted up more dictators than the Soviets ever did, they interfere in elections openly all the time including in those of allies, and when they don't like the results they impose sanctions or start civil wars so give me a break.
Meddling in the elections of other states was always something nation did and will continue to do, you want to make sure the person in power is some one would would end up working best for you.
The US effectively elected Yeltsin, the also have actually helped out Putin in the early years; Putin was somewhat of a surprise to both Russia and the West he was prompted for being effective but not threatening.
So far I haven't seen any evidence that show that Russia hacked the DNC, and if it did that it had any effect on the elections.
Russia did not make the FBI reopen the investigation in the 11th hour.
Russia did not make the media and the white house downplay the email scandal.
Russia did not make Hillary run her own mail server violating the federal records act which is a criminal offense in the US.
Russia did not make Wikileaks publish the emails that were not delivered during the investigation, it did not make Hillary instruct her IT guy to scrub mails from the server, Russia did not make Redditors find the guy and figure what he did and Russia did not organize a congressional hearing about this.
6) NATO has never threatened Russia. If Russia is terrified of NATO, it is due to paranoia.
Russia has never threatened NATO either, doesn't stop the level of paranoia in the west does it? it's not about threats it's about agency Russia would not leave it's fate in the hands of the guys who are running DC or Brussels.
Look at NATO in 1991 and look at it today, I would be worried too.
7) Russia isn't encircled by US troops.
Google US troop deployments.
8) It makes sense for the EU and US to avoid using Russia's pipelines when Russia is a morally reprehensible country the way it is being run right now.
No it makes sense for them to do it if they want to be able to strong arm Russia, calling Russia a morally reprehensible country while the amount of (justified or not) human rights violations conducted by the west on a daily basis is probably the most hypocritical thing you can do.
Russia did not make the MQ9 Reaper the national bird of so many nations, Russia did not compromise virtually every communication network on the planet in order to spy on corporations and members of state so the US would have an upper hand on negotiations and Russia for sure did not decide to deploy a dragnet of internet surveillance against the general populous.
Now you can say they would if they could, and I would be inclined to agree, but you can't do that and then take the higher moral ground because considering just how morally bankrupt the west is we have no real ground to stand on.
And this is from a conservative.
The blasts hit Buynaksk on 4 September, Moscow on 9 September and 13 September and Volgodonsk on 16 September. A similar explosive device was found and defused in an apartment block in the Russian city of Ryazan on 22 September. The next day Prime Minister of Russia Vladimir Putin praised the vigilance of the inhabitants of Ryazan and ordered the air bombing of Grozny, which marked the beginning of the Second Chechen War. According to sentences of judicial authorities of Russia, acts of terrorism were organized and financed by heads of the illegal armed group Islamic institute "Caucasus". Thirty-six hours later, three FSB agents who had planted this device were arrested by the local police. The incident was declared to be a training exercise. There are allegations that the bombings were a "false flag" attack perpetrated by the FSB in order to legitimise the resumption of military activities in Chechnya and bring Vladimir Putin to the presidency."
I for one, think Putin orchestrated said bombings.
@ troop deployments, having a smattering of troops in countries around Russia doesn't really make them "surrounded by troops" imo
@ autocratic nightmare, lol, yes, it is an autocratic nightmare state. Putin kills or exiles opposition and press that is in any way negative towards him. There is no freedom of the press in Russia. There is no right to protest in Russia. Gay people are regularly killed or imprisoned in Russia. Corruption reigns supreme in a way that we could never even touch.
As for the rest, I never said the US was morally pure. I disagree with many things that we do, but that doesn't change the fact that I consider the manipulation of our elections to be tantamount to an attack on our country.
Russia may be backed into a corner in many ways, but that doesn't excuse them fucking with European and US politics.
@ US nukes, this is nothing new right? I don't see how that should matter to them too much.
@ missile defense shield, I kind of agree with that bit, although I find the idea that either side would ever use nukes ridiculous
@ NATO paranoia, I'd say Crimea and Russian ambitions to re-establish a more USSR-looking country make those fears well founded.
@ pipeline... that's just economics. Having your own pipeline and not having to rely on a somewhat hostile power is always going to be preferable.
Is anyone talking about a war with Russia besides folks like Greenwald and Taibi, for whom it is making a nice straw man?
The United States went to war in Iraq in 2003 under false pretenses. The cost of that mistake was gigantic, and continues to pile up.
This saber-rattling against Russia could have serious consequences, and seems to be inspired mainly by a need to find some kind of scapegoat on which to blame the DNC's absurd loss against Trump.
I'm glad they're doing this.
In the end, there was some shady stuff in the emails, and if there wasn't it likely never would have seen the light of day.
I'm going to have to say "yes".
DNC, RNC, Green, Independent, etc. it shouldn't matter who got hacked. I'd hope that all Americans would be concerned about this.
I hardly call 2,000 dead Americans, and an attack on American soil "false pretenses".
If you want to claim that it was misguided to perform a full scale invasion vs. targeted special ops missions, that is a more interesting argument.
Now, the war in Iraq on the other hand, that was false pretenses...
I mean if the intelligence community is going to drum up shoddy evidence that could potentially lead to war, I'd sure hope the media would spend an inordinate amount of time trying to combat it.
A word of advice: Don't go to porn sites, install Limewire (dated; today's equivalent), torrent, TOR, etc. on your work computer. Conversely, keep your work off of your personal computer.
> Editor’s Note: An earlier version of this story incorrectly said that Russian hackers had penetrated the U.S. electric grid. Authorities say there is no indication of that so far. The computer at Burlington Electric that was hacked was not attached to the grid.
This is journalistic ethics in action. WaPo has publicly admitted a mistake and revised their article as a result. Greenwald can (and deserves to) give himself a pat on the back.
That being said, I am disappointed in his bad faith equivocation of the (occasionally sloppy and partisan) news media with "news" that is patently false and engineered to maximize advertising revenue. Calling this "fake news" just gives the GOP more (dishonest) ammunition in its 40 year war with the Post.
With fake news, the story is never retracted or corrected, but continues to be elaborated. Compare this to the "Clinton runs a network of child sexual abuse through a pizzeria in DC."
Too late. I already saw a news segment about Russia hacking US power plants on mainstream Italian TV. There will be no retraction here and the disinformation is already in the public consciousness.
I don't know where people get the idea that it is some unbelievable stretch of the imagination that Russia would hack the DNC. The only surprising thing to me is that the frickin' DNC was not ready and expecting them to.
Usually people say something like this when they have no evidence. So citation needed.
It's sad that this is what it's come to, and that we can't separate WikiLeak's role in this from the Russians. Good journalism would be explaining to the people how WikiLeaks works, and how the source of the information isn't relevant to WikiLeaks.
They do this bullshit all the time. Post poor and/or misleading reportage for clicks, then fix it in post. It appears as an advertising scam masquerading as editorial policy. The WaPo has some great people working there, but there's a lot of hands in between theirs and the words we ultimately see on the screen or page.
It's a wee bit hypocritical for the US to get so upset about these things though, considering all the elections that the CIA have been involved in, not to mention the stuff that Snowden revealed (like tapping the German Chancellors phone). Everyone knows that whatever espionage Russia is doing to the US the US is doing back in kind. All the powers will be hacking each other.
The petty finger pointing needs to stop. The low sophistication of the DNC hack just reinforces this. Besides, if you don't want to be embarrassed then don't do embarrassing things and then sulk when you're exposed.
I don't think that is a very good argument. If you were to look through the email of most middle-sized organisations you would be able to find embarrassing things.
And if we believe that such exists elsewhere, then we should be calling for more exposure of such vs ignoring it as operating as normal.
Thissss. I'm so sick and tired of the hypocrisy. If there was a "Chinese snowden" who leaked that China was doing the same stuff we where it would start a war. If Russia or China started building military bases through out the world for "democracy" we would loose our shit.
Why are we surprised when other world powers follow our example and try to hack the shit out anything they can get their hands on. Can't we be grown ups about this? It's a total double stAndard. We mess with so many elections around the world, and cry foul when someone does it to us.
Don't get me wrong, I understand why we do it, and sometimes agree with it. I feel like it stems from almost a prehistoric primitive tribal instinct - I live if my tribe lives, and to do that we have to control the other tribes.
By all means continue to dominate other countries, but PLEASE STOP USING THE MORAL SUPERIORITY CARD.
Russian subs have been seen in some Swedish bedrooms the early-mid part of this year. Those Ruskies are capable of anything, you know.
The danger is pretty clear, if response time is shorter than validation time, people or systems will respond, perhaps irreversibly, before validation can be achieved.
That is how you do real damage in a system. Hopefully a very public critical response to the Washington Post here will help extend their response time again past the validation time.
The article from The Intercept comes across as more alarmist than the original one from the Post. The second paragraph reads:
> While the Russians did not actively use the code to disrupt operations, according to officials who spoke on the condition of anonymity to discuss a security matter, the discovery underscores the vulnerabilities of the nation’s electrical grid.
There's a nuance that seems to be lost in Greenwald's interpretation of the article.
 To within experimental error.
It's much more likely that they know they can publish something fake, get the desired public impact, and then retract it and retain credibility.
The Washington Post is not a "higher quality publication".
The anti-Russia hysteria is getting ridiculous, and the more the media drum it up, the less people believe it.
>At a recent meeting of U.S. ambassadors from Russia and Europe in Washington, U.S. ambassadors to several European countries complained that Russian intelligence officials were constantly perpetrating acts of harassment against their diplomatic staff that ranged from the weird to the downright scary. Some of the intimidation has been routine: following diplomats or their family members, showing up at their social events uninvited or paying reporters to write negative stories about them.
But many of the recent acts of intimidation by Russian security services have crossed the line into apparent criminality. In a series of secret memos sent back to Washington, described to me by several current and former U.S. officials who have written or read them, diplomats reported that Russian intruders had broken into their homes late at night, only to rearrange the furniture or turn on all the lights and televisions, and then leave. One diplomat reported that an intruder had defecated on his living room carpet.
The agents and officers they actually care about, they (and we) rarely touch. It's better if they think their cover is intact.
Yes Mr inspector the poor lads though they where being burglarised and as "drink had been taken" they got a bit boisterous
I can imagine Russia actually doing something heinous and it making zero waves, all because of the media who cried wolf.
1. Select an arbitrary NFL game being played in the first week of season.
2. Email a sufficiently large ( > 131,072) group of people, telling half of them that Team A will win. Tell the other half people that team B will win.
3. The game will necessarily yield a loser. (To account for ties, tell your audience team N will not lose, instead of will win)
4. The emailed people who received the correct prediction become the remaining pool, and those that received the incorrect prediction are no longer involved in this exercise.
5. Repeat steps 1-4 for the first 16 of the 17 weeks of the NFL season, always retaining the half of the pool who received the correct prediction.
6. After the 16th game, since you started with a sufficiently large pool, you will have sent the correct predictions for all 16 games to a nonzero number of people.
7. This nonzero number of people, if they have paid attention, will be forced to believe that you can predict the winner of the 17th game, and will be willing to give you ridiculous amounts of money to obtain that 17th prediction.
In their eyes, you can predict the future, but all you did was apply successive approximation, which is how many analog to digital converters work.
The same tactic works in reverse, you simply need to keep the people paying attention to the incorrect predictions long enough. I'll leave the most recent example of this phenomenon as an exercise to the reader.
Their opinion pieces can have a bit more "free thinking", definitely, but they are always marked as opinion.
> Corrections & Amplifications:
> Departing presidents in recent years have given farewell addresses in the final weeks of their terms.
Is there a way contemporary journalism can be fixed?
Furthermore, decreasing ad revenue and increasing competition means that newsrooms are financially strapped compared with earlier days. Back then, even big newspapers published just a few print editions a day. But now there's a constant 24-hour news cycle. It's impossible to check every story 100%; nothing would ever get published. So the editor has to settle for a sub-certain level of confirmation, with fewer fact checkers on staff to boot.
To a certain extent, it's better to issue the retraction later. You get eyeballs on your page for the initial story, then more attention for the fallout and retraction. I've now clicked on that WaPo article thrice instead of just once -- cha-ching. Obviously too much of that damages the reputation, but there are a number of tremendously successful organizations that unapologetically and routinely dispense fake news and still prosper as a result. People have been successfully conditioned to care less about accuracy and more about "tell me good stuff about my team and bad stuff about the other team."
The Post is being called out by The Intercept, a publication launched in 2014 . That looks an awful lot like a system reacting to itself.
Edit - should add, journalism is being fixed. The MSM is becoming increasingly irrelevant, social media and independent journalists who are on Twitter and various blogs are becoming more relevant.
I would hardly call this a fix. The MSM is certainly unreliable, but "twitter and various blogs" are even less so.
Sure, but a live video stream of newsworthy events represents a minuscule fraction of social media "reporting" and isn't even really representative of journalism in general since it's usually just an ad-hoc video from a citizen who happened to be in the right place at the right time. Even then, the conclusions drawn from citizen videos are often extremely contentious either because they are incomplete or just poorly shot (perhaps with the videographer leaving their own hysterical or biased commentary as a narration of events)
And even though Pizzagate is firmly in conspiracy theory territory, you've got to admit - some of Podesta's emails were fucking weird.
I don't think that necessarily qualifies as newsworthy. A "real journalist" would have read those e-mails, found them to be pretty weird, then did an investigation to determine if anything of merit could be uncovered before printing a story. If there were any journalists involved, the pizzagate story would have been a perfect example of "irresponsible journalism", i.e. projecting unfounded claims based on rabid speculation and "gut instincts", yet being unable to prove anything definitively.
It's not a SCADA attack on systems that deliver services, but surely an attack that lands close enough to "The Electric Grid" to pay attention.
Pay attention now, not later.
The intercept has plenty of "all hat" articles where the picture painted by the headlines doesn't necessarily match the content.
The Intercept, Democracy Now, Thom Hartmann, TYT, et. al. are in a precarious position because they often speak the truth, which is inconvenient to those in power. Whether they can mostly survive and measurably supplant establishment media by demographics isn't certain. Whether Trump will target investigative journalists and net neutrality (likely) Erdogan-style is anyone's guess.
PS: Another interesting CIA operation which taints media and fuels conspiracy theories https://en.wikipedia.org/wiki/Operation_Mockingbird
In my book, manufacturing 90% of the story based on a "small kernel of truth" still counts as fake news, but perhaps others disagree.
This stuff can lead to war (McCain actually called this an act of war from Russia, after reading the original WashPost article), and in fact it has. Unsurprisingly WashPost was a big part of pushing the U.S. into the Iraq war as well.
No lessons learned, it seems.
If only. How long has the claim that Clinton runs a child abuse ring through a Washington DC pizzeria been going on?
The Obama birther controversy?
These things are very difficult to debunk even in the presence of clear contrary information.
"Hope everyone remembers just before Trump took office @ggreenwald was praising Breitbart & @jeremyscahill was joking about working for Putin"
"Did Russia hack the DNC? Yes. Is the DHS/FBI report good? No. Does either have anything to do with the electric utility in Vermont? Nope."
Because if such articles from the big media companies wouldn't be blocked, then the system would be biased and unworkable, and Facebook or Google will just find a lot of backlash against them over it.
>Burlington Electric said in a statement that the company detected a malware code used in the Grizzly Steppe operation in a laptop that was not connected to the organization’s grid systems. The firm said it took immediate action to isolate the laptop and alert federal authorities
Here's an earlier cached version: http://web.archive.org/web/20161231011622/https://www.washin...
In the meantime we hear sob stories about the consulate chef being deported. Poor guy! Hard to feel bad when he's got 9 digits stashed in a Swiss account.
If I had to argue a point in a university essay, and argued in the fashion the media has for the last year, any of my profs would have failed me.
You'd think educated professionals, in a supposedly intellectual, free society would do better. But nope, just "Putin is a dictator", or "Trump is a racist". It's these journalists' fault no one listens any more.
He's invaded territory of other countries.
He's authorized the bombing of civilian areas in Syria.
You might think the evidence that the journalists were killed by Russia is inflated. You might think the Russians living in Ukraine deserve to live under the rule of mother Russia. You might not think there are civilians among the Syrian rebels. But I'm pretty sure that those things at least meet the bar of real criticism.
He's bombed and destabilized other countries (Libya)
He's funded and armed terrorists fighting in civilian areas of Syria.
See how easy that is? One thing I've learned is just how many shades of gray exist in the real world, and as such I refuse to accept the narrative that Putin is a literal cartoon villain.
Btw, do you keep up with Ukrainian news?
Why the hyperbole earlier?
I'd argue that elections have never been won this way. They've always been about identity and attacking your opponent. I'm not saying it's a good thing, but that the 2016 Democratic campaign was not unique in that regard. Hell, Trump's own campaign was run as a referendum on Hillary Clinton as much as it was anything to do with his strengths.
Had they not stacked the deck against Sanders, they'd have a principled, likeable candidate in the general, and then they could have used the angle of Trump being unprincipled. Unfortunately Hillary is equally unprincipled, and less likeable.
He claimed judge Curiel couldn't do his job because of his ethnicity.
He claimed the Central Park five were guilty even though they were cleared by DNA evidence.
His company was fined for not renting to blacks and Hispanics.
The whole birtherism stuff.
People are just tired of democrats calling anything who doesn't agree with them a racist/sexist/islamophobe when the VAST majority of conservatives are none of the above.
(All else aside, "the problem with Democrats is that they stereotype large groups of people" is a fantastically ironic statement to make)
That's just not true. Democrats have been pushing the narrative that "Russian hackers" are undermining America, and pushing it quite aggressively. So it's completely valid to bring those efforts up in regard to a dramatically over-hyped story about "Russian hackers."
And at the same time some of them are saying crap like "Who cares about Russia, their only contribution to the world was the gulag". I'm paraphrasing here, but this is what I was referring to in my post above. In their zeal to denounce a man they see as a racist bigot, they turn to bigotry themselves. Shameful is the word for it. I mean, look at this: https://twitter.com/timjacobwise/status/809188697002409988
All in all it's just a startling 180- 4 years ago, Democrats were (correctly) lambasting Romney for BS tough-talk about Russia.
is it the good AIDs or bad AIDs (Mary Whitehouse experience reference)
It was clearly the good computer virus designed to penetrate state infrastructure. because Glenn Greenwald said so.
We detached this comment from https://news.ycombinator.com/item?id=13293235 and marked it off-topic.
If you choose to characterize my accurate, unbiased observation of the ignorance of the masses as a 'slur' that's a comment about your bias and/or the nature of the masses.
Is there a catch-all term for middle-aged white lefty dudes who are pro-Russia because their political outlook was defined by the Iraq War?
you seem intent on forcing your particular world view on hn than providing moderation of explosive or unpleasant reading.
i find reading all the posts you like to detach often more interesting reading than any of the hn comments that get left over.
As much as Noahpinion is entitled to his opinion, so is GG.
We detached this subthread from https://news.ycombinator.com/item?id=13293599 and marked it off-topic.
I already replied to someone else on this thread and mentioned they 'claim' they're Ukrainian. Sure, it could be a false flag op. Isn't that self evident?
I don't believe the comment you are replying to said otherwise.
The point is that the report made the link: "We found Russian malware, so it must be the Russians." And in reality it's not Russian malware, and as you point out, finding out who wrote it doesn't tell you who used it.
If you believe the intelligence agencies, it's only logical to believe that Russians did in fact do it. Simple estimates based on the things that we know about the world don't suggest other possibilities.
Not that it matters though. Russia already did a lot worse, but US officials were so afraid to call it out, even downing MH17 was presented as if Russia "helped rebels" and didn't do it itself.
So I got an impression that posts in english were mostly from victims and posts in russian were mostly from users.
You can try google these words and see the results yourself.
Aside, why again do we have so many "intelligence" agencies anyway?
Anyone else getting sick of the Russian meme? It's beyond crying wolf now.
Also, him saying "false story" is, itself false, because the the facts are objectively true. Officials did say what they were quoted as saying, and the NYT changed the headline shortly after publishing the story, which is (like it or not) common practice in the industry. Glenn was party to it himself while at The Guardian.
It's just "weird" to me that there's a faction of people out there who don't believe that Russia infiltrated the DNC, and I think it's because they're politically motivated to not believe this to be the case.
There's never been such an ignorance driving security news before. It's alarming and completely out of left field.
edit: Since you edited your original post - I would want to see the same report that Obama saw, the one that led his administration to go so far as saying Putin was "personally involved" in orchestrating the attack. Redact sensitive info/sources as necessary.
Anything less makes it ludicrous to accuse a nuclear superpower of cyber warfare.
Have you even looked at the "evidence" out there so far? It's entirely circumstantial evidence put out by third party info sec groups.
I am pretty skeptical about the extent of direct Russian governmental involvement in the hacking of the DNC and Podesta's email account given the paucity of evidence. It would seem far more likely that Putin's regime turns a blind eye to certain activities either originating in or passing through their domain, as long as the target falls within certain parameters.
Don't get me wrong, I think a certain amount of firm resolve is due to be shown to Russia now and in the future, but I think there are many valid reasons for that without needing to invent them.
I'm sorry, but what? There is a preponderance of evidence, way more than is usually available for such things.
What piece of evidence is missing? What would convince you?
fvey vs fsb played out in public.
otherwise its too much effort and they'll just go along with whatever seems trendy and cool at the time.
And its definately not cool to point out the sun has set on the American empire.