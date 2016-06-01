It fails to mention that the CIA had an internal hunt for the contractors which leaked the "Vault7" arsenal - confirming that indeed it was a contractor and indeed that they had mishandled the arsenal by providing global access to the weapon cache.
It also failed to mention the full original story provided by the Shadow Brokers and those that reported on them: that NSA had (similarly) mishandled hacking tools by loading too many of them onto attack staging servers. This story has not changed, nor have the recent publications contradicted it. In fact the Shadow Brokers said exactly what they were going to publish when they first went public and have followed through with what they said they were going to publish exactly.
The author speculates and conspires that both of these must be Russia. Mostly it's the standard fare conspiracy theorist "to whose benefit" but it's clear the author doesn't understand whether and how Russia would benefit from these disclosures.
Finally, after all the public panic induced over "Russian hacking" during the election, there's been no intelligence summary, statement, or even Congressional statement to the affect that either the Shadow Brokers or the Vault7 leaks are in any way attributed to Russia. Wouldn't that have been fuel for that fire?
My guess is that the Shadow Brokers are a criminal organization with informal relationships with state intelligence services. My guess is that Vault7 was a CIA and contractor who shared the massive trove too broadly, where it ended up in the hands of the Wikileaks journalism reporting outlet.
The author appeals to Occam's Razor only by name. The lack of careful analysis in the article insists, unfortunately, in using unfounded speculation in the place of evidence, and horror, to then appeal to Occam's Razor on behalf of assumptions.
Here are some techniques I know; I'd be interested in more or where I can find useful research and expertise about it:
* Create uncertainty. The strategy is not to persuade people, but to create enough uncertainty to disable them and disable debate. One way to do this is to question every possible flaw in the evidence; in reality, nothing is so clear-cut that there aren't questions (and that especially applies to intelligence operations).
* Make many baseless claims in order to force others onto defense and occupy all their resources. A baseless allegation takes seconds to make but hours or days to defend. Also, many people remember only the first headline, the baseless allegation, and don't see the followup story. Again, it's a way of disabling debate.
By design, it's tough to deal with propaganda - it's tough to continue intelligent, valuable discussion in the face of it. I'm not sure of the answer, but comments matching those techniques, such as the parent, seem to appear when Russia is discussed, for example.
One thing I do is to look for whether the comment adds substantive knowledge to the debate, or whether it just increases uncertainty about others and includes baseless information (unsubstantiated claims and rumors). Do I know more about the subject after reading the comment, or less?
EDIT: Clarified my purpose in the first paragraph.
Usually when reporters work or people argue, they're generally trying to arrive at the truth, even if it's in a flawed way.
For the propagandist, truth is merely another tool in the toolkit, and they'll use it when it advances their purpose and discard it when it doesn't. The same goes with logic and reason. The propogandist will in fact use the truth and reason and logic as much as possible for the simple reason that it's so effective.
This is why Wikileaks was so devastating. As far as I know, there was nothing fabricated in any of it, but it produced an inaccurate impression of the candidates because one side had all their dirty laundry aired in public and he other side operated in secrecy. You'd be a fool to think that a similar release of RNC and Trump emails wouldn't have produced just as much damaging material.
So now the counter-propagandist is put in the difficult position of arguing against the publishing of the truth, not a particular nice place to be, rhetorically.
I think the only way to effectively fight it is our own countermeasures, fighting the truth with more truth. Unfortunately, the executive branch of the us and the U.K. is thoroughly compromised, so the west is going to have to rely on France and Germany to step up their games.
What you are talking about is "white propaganda": telling the truth but in a manner that creates a useful perception.
This is unfortunately the basis of most information and news media today, as even "free" media industries compete to tell the stories and gain the access of intelligence and national security reporting (how we got the Iraq War propaganda in the US, how today the media industry is spreading "Russia did everything" nonsense, the current media sprint repeating propaganda about the situation in North Korea and the DPRK government's intentions).
> So now the counter-propagandist is put in the difficult position of arguing against the publishing of the truth, not a particular nice place to be, rhetorically.
Exactly.
I would emphasize that "truth" is not a binary thing but a highly contextual and multidimensional device. Merely changing a headline or picture sets tone and dramatically alters perception - add to that editing, media campaigning, social media astroturfing, selective synonym choice...
"Perception management" is an regular propaganda term employed by the Department of Defense for this reason. The facts can be useful, but ultimately the objective is to change minds and decision making and to affect outcomes. And so you may be the subject of perception management that utilizes (aspects of) truth.
The most effective way of countering propaganda is to seek nuance when presented with characterizations, try to understand dispassionately the situation from every side, and to be skeptical of especially the things that you most routinely would like to agree.
Ironically this usually means consuming more propaganda on purpose: specifically looking for the narrative position of the United States, Russia, Britain, China, etc on various issues. This is also why it's an extremely good idea to read international news from all parties in a conflict during the entire duration of an event (e.g. Syrian Civil-Proxy War).
> I would emphasize that "truth" is not a binary thing but a highly contextual and multidimensional device.
That can be taken too far and become the words of propaganda (whether or not the commenter intends it). Truth is not simple or always easy, but it's a real thing. The liar (not calling the parent a liar, but for purposes of example) says, 'the truth is complicated; we just have different opinions; look at all sides'; they say 'I lie, you lie, what's the difference?' No, there is truth, it's something to strive for, and it makes all the difference.
Definitely not what I'm trying to say.
> No, there is truth, it's something to strive for, and it makes all the difference.
Absolutely. This requires that one does not take any propaganda position to be wholeistically true including those of your home country.
The search for truth comes not from authority or consensus, but from experiential reality. No authority and no consensus has a monopoly on experiential reality including the American domestic and international propaganda programmes and the consensus that they create or the Russian domestic and international propaganda programmes and the consensus that they create.
Propaganda is influence.
Facts are facts.
> Definitely not what I'm trying to say.
To be clear, I did say that I was taking it out of context and that my objection is to when it's taken too far.
> Propaganda is influence.
> Facts are facts.
Very well said.
However, I do think that comparing American and Russian propaganda is a false equivalency; they are not similar at all - that is what I'm referring to when I object to saying 'it's all the same'. I'm not naive; I don't at all trust everything the American government says, but there are many, many major differences between American news and information and Russian.
Regarding the differences it's important to both compare and contrast.
The US likes to try to color Russian propaganda as "evil" or "illegitimate" or "propaganda based on lies" or some such other nonsense. There are a great many ways to contrast the propaganda programmes, but doing it moralistically is counterproductive and ineffective.
http://www.rand.org/pubs/perspectives/PE198.html
Your comment does the following:
* Create uncertainty.
* Make many baseless claims in order to force others onto defense and occupy all their resources.
And we can seriously ask the question "Do I know more about the subject after reading (your) comment, or less?" (I think the answer is less - there's a great many things we could discuss about propaganda techniques that look nothing like the sophomoric list you've supplied).
Are you a propagandist, by your own criteria? I don't think so. Can you see how your criteria for finding propagandists isn't even useful?
I'm not one either. In fact, if you think I am the appropriate avenue is to alert the moderators.
In any case my comment is extremely informative and adds substantive knowledge to the debate, and people know more about the subject after reading my comment.
Figure I need to get in here to reply before this whole thread turns into a witch-hunting exercise.
First, people often spread propaganda without repeating it. There was interesting research a little while ago showing how propaganda stories spread across the Internet; most of the propagation is done unknowingly. Also, others simply use the techniques without realizing it. If they don't intend it to be propaganda, is it? I think it doesn't matter, unless we want to shift focus from the comment to the speaker - a falsehood is just as false independently of the speaker, no matter what the speaker's intent. Ah, uncertainty, a primary tool of the trade.
How do you point out propaganda, politely? One defensive tactic, both of the propagandist and of a normal person (again, it's never certain), is to frame it as a personal attack. Also, it's one thing to point it out with the personal distance of a online message board; what do you say to someone you are talking to - 'those are propaganda talking points'? That's rude, but otherwise you empower it. Again, it's a parasite on good faith and politeness.
This discussion is a tangent, but a very important one: What to do? Doing nothing, politely ignoring it, is to empower it. We've seen disastrous consequences from that, both historically and we seem to be heading in that direction now.
Essentially it's this: there are many narratives for explaining what's going on provided by different sources of authority and different avenues of information dispersal. Much of it is consistent with a propaganda narrative by the United States, Israel, Russia, Britain, China or another active "strategic communication"/"public messaging" campaigner.
Thinking that any one of these narratives is wholeistic truth (for example the US domestic propaganda) and then charging forward critical of any true facts that inconvenience that propaganda or are consistent with a competing one is not the solution to the problem.
And thus the track that this thread has gone down: inconvenient truths about the gaps, assumptions and conspiracies that support a broader US propaganda position are being called into question not as facts but because merely contributing these facts into the discussion could be conceivably be supportive of a competing narrative.
That's ultimately how these propaganda programs function: they overwhelm your instinctual capability to reason about facts in a manner that is divorced from reaffirmation of the propaganda bubble.
I don't know how to help you get out of it other than to call it out to you.
Absolutely, but ...
> there are many narratives for explaining what's going on provided by different sources of authority and different avenues of information dispersal. Much of it is consistent with a propaganda narrative by the United States, Israel, Russia, Britain, China or another active "strategic communication"/"public messaging" campaigner.
To make it all equivalent is to make just as much of a mistake on the other end of the continuum, and it is selling the propaganda: It's a talking point of propaganda campaigns, creating uncertainty and paralyzing action. As I said elsewhere, it's the liar who says 'you lie a little, I lie a little, it's all the same'. It's not at all the same; there is truth and it is worth everything. It's like the murderer saying 'you're a little violent, I'm a little violent, it's all the same' - no, I didn't kill anyone. It's not binary - 100% honest or a liar. Not all sources are equally trustworthy, just like not all people are. There are large differences between the Russian government and the NY Times, for example.
> inconvenient truths about the gaps, assumptions and conspiracies that support a broader US propaganda position are being called into question
They aren't truths; that's my point; calling them truths or making claims has nothing to do with truth or seeking it. They are unsubstantiated claims, including that it's US propaganda in the first place. That is the difference.
Is your point that you think American propaganda is the truth and non-American propaganda are lies?
I stand by our earlier sophisticated conversation about propaganda as influence and perception management/creation, and how seeking truth in a world filled with propaganda needs to be dispassionately uninvolved in instinctual defense of propaganda, including that of national origin.
I absolutely agree with this one. Your original comment certainly added to the discussion, and was well-reasoned (though I disagree with its conclusion).
Here's how I look at it: What knowledge did it add? By knowledge, I mean something substantiated and serious; claims and allegations are not knowledge.
"President X did nothing to stop the advance of Y" is a claim. "President X said the following about their policy on Y; as you can see, it's a relatively passive position: '...' [from http://...]" is substantiated knowledge (and admittedly, much on HN isn't substantiated).
(I don't mean to be the arbiter of or set rules for validity and knowledge; I'm just trying to give a rough idea of the distinction I'm trying to make.)
> The Shadow Brokers mentioned X. Why didn't Bruce mention it?
> The CIA had an internal hunt for contractors. Why didn't Bruce include this in his analysis?
That was information I hadn't known or had forgotten. I found it useful. jwtadvice is critiquing an opinion piece.
Following your rubric, practically every comment in here will be indistinguishable from propaganda. This is because we're commenting on an opinion piece, which itself is indistinguishable from propaganda. In fact, I assert that the most fact-laden article can be propaganda because it can completely ignore facts supporting the opposition.
Why would you be commenting about this? Because you're doing the same thing we're doing, commenting on a forum because it's fun to discuss stuff. Sure, maybe jwtadvice is a secret propagandist. Maybe I am. I think it's a waste of time to accuse people of it unless there's substance.
A more specific criticism is more appropriate: "You're just concern trolling by saying X." "You're spreading FUD about this topic without evidence. Let's wait and see." "You're changing the goal posts in order to 'be right'. Debate me on my argument." Etc.
Fair enough, but how do you know that it's true? That's part of propaganda, to make many unsubstantiated claims that people generally will accept without checking - who has time?
> Following your rubric, practically every comment in here will be indistinguishable from propaganda
In fairness I said that myself; it is a high standard that often isn't met, but it's not hopeless: Many comments do say things that are substantiated (or well-known - 'the sun rises in the east' doesn't need a cite) and they don't follow other patterns of propaganda.
But as I said, it is difficult. Good or even decent propaganda isn't easily distinguished - otherwise it wouldn't be effective.
I had not checked that the SB actually claimed they got the tools from a left-behind Equation Group pivot server. Or that it's even relevant, because there's plenty of contradictory stuff in their public statements (in the last dump they claim they're inside the IC and they write "Cyber Policy Papers").
I'll say that you have absolutely added to the conversation.
> I had not checked that ...
I don't want to take those words too literally, but I want to make a point: The implied modus operendi, that the listener checks the validity of the claims, doesn't work IMHO. It's too inefficient - the speaker can make up or repeat or simply be sloppy about many claims in seconds, and you the listener would have to spend hours validating them.
The only efficient model is that the speaker has to substantiate the claims or have them ignored (which is the method of more formal forums such as courtrooms and science). Imagine the signal-to-noise ratio with and without that requirement. Without it, false assertions simply get repeated endlessly because nobody has the time to check them out (and of course repetition is confused with truth). With that standard, much of the noise goes away; rants repeating nonsense quickly dry up. You can focus on the good stuff.
People worry, 'I might miss something important.' You only have time to read a tiny fraction of what's written, and even a tiny fraction of what is well-substantiated. You might as well invest that time on the best knowledge available.
I mean there is a difference here:
News: "US Bombs Syria"
Opinion: "A line was crossed and Trump acted", "XXX Unproved actor did Y so We did Z", "One country just attacked another without going through the UN"
Yeah, states have agendas. Big media groups tend to have interests/friends that aren't totally obvious. Mass media is probably skewed on their commentary as a result.
But, we seem to be extending this warp field as an instant invalidation of all views counter to our own. Something we don't like? Obv ;fake news' and 'propaganda'. It's making lots of silos.
Those with different views are no longer tolerable. Instead of sitting down and listening to someone with a different take, we (generally as humans, I mean) seem to be increasingly looking for ways to invalidate and cheapen them to avoid having to be challenged.
"You think that drugs should be legalised and want to have a serious conversation at a national level about changing our strategy which has clearly failed? Dope head! You must be one of those pink floyd people"
"You're pro-immigration and I'm pro-isolation? Well you're clearly a lefty socialist guardian reading oolong drinker!"
"You're a business owner with serious concerns about the economic consequences of brexit? Remoaner scum!"
This goes both ways than those right/left examples above -- I do it too. I really think we're getting to the point where we can barely even discuss things any more though, we're so divided and unwilling to even listen to each other it's scary.
Yeah, someone might have an agenda. If someone says to you "obamacare gave millions of people health insurance, why do you want to remove it?" and nine times out of ten this discussion ends with nothing achieved other than discussing the motivation of the origional poster, rather instead of discussing the actual issue: don't you think we've lost something?
When did we stop respecting the right of our fellows to have a different opinion, and when did our petty insults of his motivations become more important to us than his points?
One of Churchill's nice ones: "A fanatic is one who can't change his mind and won't change the subject" and we all seem to be getting fanatical...
I mean, I kind of agree. I just don't get what you're worked up about in this context.
Fair cop; this isn't aimed at anyone or wasn't intended as a response to anything -- I was just spewing my view...
I think that the preponderance of the evidence suggests that the Shadow Brokers are Russian-aligned if not actual Russian agents. That doesn't mean that public criticism of this is propaganda.
A reasonable person could be unconvinced about this conclusion because almost no evidence has been revealed about the SB dump. Even U.S. officials haven't confirmed definitively [1] that the SB are Russian agents, though they say SB probably are.
Please note that jwtadvice didn't dispute that the Guccifer 2.0 actor was a Russia-aligned actor.
1. http://www.reuters.com/article/us-cyber-nsa-tools-idUSKCN11S...
I completely agree. The problem is, and my point was, how does one distinguish a reasonable person speaking in good faith from propaganda, which by its nature is intended to appear as a reasonable person speaking in good faith - and which most often is spread not directly by propagandists but by reasonable people who trust the good faith of the propagandist?
Anyway, I think we talked about it plenty above; I just thought your well-made points deserved a response here.
But weirdly, why are any of us including Bruce discussing this? It's almost as though we believed that we live in some sort of democracy where we have access to information and a legal system which could act on that information instead of an oligarchy ruled by a small elite with the aid of various armed enforcers... some secret some not.
Silly proles.
On the contrary I criticize the fevered speculations in the media based upon unverifiable sources reputedly in secret agencies over which most elected lawmakers have little or no control and oversight, let alone civilians peeking at the shadows on the window blinds.
It's a disgusting situtation of asymmetrical information which ought to cause outrage, indignation and fear in anyone that considers themselves free and sovereign.
Steepling learnedly on HN, or in "security blogs" may stroke the egos or pump the reputations of the aediles gazing upon the entrails of our democracy, but it does little to expose what only a fully legally empowered commission akin to the Church commision could determine.
The only thing we know for sure thanks to Snowden and Wikileaks is that there are large numbers of dominant authoritarians spying on us and and an even large number passive authoritarians settling comfortably into their dungeon.
Meanwhile: THE RUSSIANS ARE COMING!!!!
Listening to the RiskyBusiness podcast, for instance, it's incredibly obvious that the community is fully in the tank for the Russian attribution hypothesis, and habitually carries the water for FiveEyes IC.
Meanwhile, we mere plebs have very little evidence to judge the community's beliefs by, other than blind faith in, say, CrowdStrike.
If the infosec community would like to actually state their case to the plebs, I would love to hear it. But all I've ever been able to find is "the phishing email is a little similar to something produced by APT28, and there was an IP once used by FancyBear like 5 years ago, so it's 99.9999% certainly Russia".
And nobody seems to care enough about those outside the community to even try to state the case.
I remember when Wasthington Post and others were claiming that Russia had hacked voting machines and that the infosec community agreed with that. All kinds of researchers reached out to complain but their voices were never heard. Instead the story was quietly dropped when it turned out it was PR and propaganda bullshit.
I'm sorry that you have an impression that there's an infosec consensus on this.
It doesn't exist.
My impression based on following "thought leaders" and listening to the most highly-regarded podcasts is that the community is, in fact, exactly as I described. (even the recent appointment of IC shill Jeff Man as a regular on Paul's Security Weekly has dramatically shifted his show in that direction.)
If you don't mind, can you recommend other people to follow/listen to that might balance out the impression I have received? Thanks.
Broadly though, punditry shouldn't be used as a proxy for consensus.
DNC hack: https://twitter.com/pwnallthethings/status/74319706484310425... "Gosh, I wonder what outlet Russian intelligence is going to use to launder these stolen documents."
Podesta Hack: 14 year old hackers vs. Russian Intelligence
https://twitter.com/pwnallthethings/status/81662561706823680... "How many accounts did this "14 year old" hack? About 1800. In 2015. Who were these accounts? Mil, govt personnel in the West, defence cos, journos critical of govt in Russia etc"
DNC hack connected to German government hack
https://twitter.com/pwnallthethings/status/75689252388524032...
"Reminder: Malware control servers used in DNC hack were also used in the hack on Bundestag linked to Russian intel."
Influencing politics
https://arstechnica.com/security/2016/06/guccifer-leak-of-dn... ""There's also the fact that the hacker is publishing documents at all, which rules out lots of nation-states," the PwnAllTheThings researcher told Ars in a private message. "China, for example, would happily spy on the DNC to try and get the Trump oppo [opposition] research to support their foreign policy objectives, but they wouldn't publish the documents to influence the election.""
So I don't really know how to resolve that for you.
The infosec community does not has a "consensus". If the article writer wanted to do something useful, please consider a deeper investigation and pressure the alphabet agencies to work together rather than against each one another.
He's very new to "geopolitics".
In fact, he's published a number of corrections on his blog about fundamentally incorrect predictions he's made about Shadow Brokers in particular (he predicted that their encrypted file they published was just random garbage and didn't actually contain any cyberweapons).
Here Bruce is speaking about things beyond his expertise. It's not particularly brave to point out the flaws in his analysis.
If so, that raises other interesting questions, such as: "What is the largest, most powerful possible intelligence agency that would not be virtually 100% guaranteed to leak so hard that non-trivial stuff would even get into the open air?" We spend a lot of time on HN worrying about how powerful a police state could become with modern technology, but it's possible that that very power could itself be a quantitative change and that an entity powerful enough to be that strong of a police state might also virtually inevitably tear itself apart with internal struggles. I mean, that would still suck for those not in the middle (though it sucks for them too; one of the reasons I really hate police states is that really nobody is happy, not even the people with power), but it may imply that it is intrinsically less stable of an arrangement than many of us fear.
I'm just musing here for other people to bounce their ideas off of, not particularly proposing a concrete idea here. But is it just me, or in the last 10 years have we not been seeing a slowly ramping rate of outright-public leaks like this? What if it's not a fluke, but a fundamental attribute of the current technology landscape and psychological makeup of humans at scale?
That would be my guess as well - an application of so-called "Fourth-generation warfare". In the same way that ISIS seeks to encourage self-radicalization, since it is virtually untraceable, Russia (or really, anyone opposed to US interests) would aim to create a climate where NSA/CIA employees "self-radicalize" in the sense that they become convinced that those organizations are engaging in illegal or immoral activities.
So, create organizations like Wikileaks, people like Ed Snowden, plant news stories, etc. At a high level the idea is that you create a broad-spectrum propaganda campaign that is designed to encourage insiders to leak secrets for the benefit of their own conscience. If you reach the right people you can gain access to tons of secrets in a way that is 100% deniable. No payments, no meetings or communications with Russian agents that can be tracked, etc.
Isn't it prima facie clear that the three-letter agencies are essentially rogue governments (the "deep state"), a law unto themselves, and thus completely antithetical to the whole idea of a democratic republic?
So internal people at those agencies, if they have half a brain and a conscience, and are patriotic in the original sense of loving one's patria (fatherland), though hating the bad aspects of one's government, should already be willing to spill the so-called secrets by which these agencies operate their illegal and immoral agendas.
Of the controversial activities the spy agencies have taken post-WW2, weren't virtually all of them under some White House or Congressional auspice?
The actions and capabilities revealed in the Snowden leaks were overtly defended by both the President and (most) members of Congressional intelligence committees.
If there's a deep state in the Intelligence Community, then the Commander-in-Chief, appointed Executive Branch officials (e.g. Director of National Intelligence and Defense Secretary), and Senators & Representatives on Intel committees are part of it. In which case, public elections are part of the deep state?
1. >The deep state loathes. What makes you think that a large amount of intelligence community members didn't vote for Trump? He won a third of Maryland and almost half of Virginia. And what about the military? Do you honestly think even 40% of servicemembers voted Democrat?
2. >and then they can turn on him, like leaking negative things So a handful of leaks blemish the whole IC? The IC has been doing its job, supporting military operations ordered by the President and assisting ICE and CPB. As far as we know, the leaks came from congressional or White House staff.
3. >taking out his appointees Is Mike Flynn's conduct defensible? He was working for foreign governments without reporting it. I don't think there's anything wrong with talking to the Russian Ambassador, but he brought all this on himself.
You never addressed my point about the "deep state" being controlled by Congress and the Executive. The IC is dependent on line items in its budget to be passed in order to get funding. Unless congressmen are corrupted, there isn't an autonomous "deep state."
But of course, that helps Russia etc in selling it.
In fact one could even agree that Russia could be helpful exposing something untoward the US government is doing, even while you do not endorse all the things they may do and may vigorously oppose them on other fronts.
To be honest, thinking about all this mostly makes me glad I never got into that world, and I hope I never really do. I don't have the constitution for it.
Most IC employees lament that they could be earning way more in the private sector ;) .
So you most likely made the right choice!
Because they're following Soviet playbooks. And if they'll create enough FUD they will be able to freely annex neighbouring countries.
That was wishful thinking in 2008 and the result was Crimean invasion a few years later.
Massive turnover, which is what events like this create, works directly against the goal of securing more headcount: it means they're spending a big chunk of their recruiting energy just retaining the headcount numbers they already have.
Headcount is one of many metrics that can constitute success and eventual promotion. I posit that giving flashy results to customers is the #1 best way for a particular executive to make a name for herself and advance. FBI is a great example of this, constantly attempting to make splashy headlines; it presses its advantage of being able to go to the press.
I've only seen headcount increase in response to what WH, ODNI, and Congressional intelligence committees view as crises. Headcount shuffles away for objectives that aren't considered sexy, e.g. Russian linguists and analysts in the late 1990s-2000s.
To me and for the kind of work I do, this has important implications: it means that you shouldn't do things to make it harder for NSA to do their job (that's just feeding them, just like feeding in DOTA or LOL) --- you have to make things intractable for them.
Intelligence agencies are lead by people. Those people have motivations that inform their decision-making. Prestige, power, increased income, and (often, but not always) patriotism are, in my opinion, their primary motivators. This should for the most part be similar for any corporate executive.
Unless there are hard metrics tying headcount to performance reviews and promotion considerations, and simultaneously soft-power incentives for having more headcount, then other things will dominate. In the military, splashy achievements dominate.
Or at the minimum, making your boss and your boss's boss like you is essential.
The current NSA chief didn't get his job because he was in charge of the largest Fleet. He got it by networking, seniority, luck, and having a reputation for excellence (I do not know if it is deserved). The same can be said about civilian executives in the IC, who are rated in a more arduous, more holistic manner.
Your bottom line is correct in the specific case. If a Latacora client is targeted by the NSA with high priority, you cannot protect it unless you make it intractable for them. For the rest of us, using boring commodity mitigations, such as TLS and MFA, and sound network architecture are fine. Intractable-for-all is a noble effort, but I don't think it's realistic.
Huge flaw in this reasoning- the fuzzbunch stuff was patched before it was leaked. Russia leaking recently-burned tools makes a lot of sense.
If this is true, I expect the CIA and/or other agencies will have gone into defense mode and tipped off the relevant vendors, giving details of vulnerabilities they either know to be leaked or have observed to be used in active attacks.
In doing that, I can't really see the CIA revealing any more than is strictly necessary, and to a very limited set of people. Certainly not dumping a whole load of compromising material to Wikileaks.
Couldn't it be to their advantage to purposefully leak a bunch of outdated and not-so-special tools (i.e. Notepad++ dll hijack) to misdirect their adversaries as to their real capabilities?
"Nobody got fired and jailed for leaking CIA tools." Except, probably, anyone who ever did.
I would never make it in government.
It makes perfect sense for an adversarial nation's intelligence agency to undermine the CIA and Americans' trust in their own government.
America is too far away from its rivals and enemies for a conventional war to be fought on its own shores. It makes more sense to use fear (9/11) and propaganda (your CIA is spying on you!!) to get Americans at each other's throats and distracted from the real threats to their wellbeing.
After all, our political parties have been doing that for my whole life, so the groundwork laid is practically an invitation.
On the other hand, it's already pissed us off something fierce, and I think the narrative in the mid-term future will ultimately be one where would-be adversaries decide they don't want to be the next poor soul to be made an example of.
I agree with your comment in general, except for its confidence in U.S. military capability. Though it would be unlikely for a battle to be waged on U.S. soil, other theaters offer plenty of opportunity for a U.S. loss, especially those that diminish traditional U.S. advantages (such as air and information superiority).
I think the term you are looking for is "Cold War".
The quoted paragraph says nothing about public support, just public knowledge, and definitely the American public in the 1950s (and other decades) had very limited visibility into the espionage undertaken as part of the Cold War.
Please don't change the goalposts. I'm responding to this:
> What happens when intelligence agencies go to war with each other and don't tell the rest of us?
I think the term you are looking for is "Cold War".
The Cold War was not secret nor conducted without the consent of the publics of the two powers. Many activities were conducted in secret, but the bulk of the conflict was done overtly.
They're not even a real wiki!
Date: Sun, 07 Jan 2007 07:21:34 -0800
To:
From: John Young
The CIA would be the most likely $5M funder. Soros is suspected
of being a conduit for black money to dissident groups racketeering
for such payola.
Now it may be that that is the intention of WL because its behavior
so far fits the pattern.
If fleecing the CIA is the purpose, I urge setting a much higher
funding goal, in the $100M range and up. The US intel agencies
are awash in funds they cannot spend fast enough to keep the
Congressional spigot wide open. Academics, dissidents, companies,
spy contractors, other nation’s spy agencies, whole countries, are
falling over themselves to tap into this bountiful flood. But competition
is fierce, and accusations of deception are raging even as the
fleecers work in concert.
Chinese dissidents — a brand name among many — are already
reaping huge benefits from covert funding from the US and from
the PRC, along with others in the former Soviets, in Africa and
South America, inside the US, UK and Europe, in the Middle East
and the Koreas, who know how to double-cross ditzy-rich Dads
and Moms.
In solidarity to fuck em all.
To: John Young <jya[a t]pipeline.com>
From: Wikileaks <wikileaks[a t]wikileaks.org>
Subject: martha stuart pgp
Date: Sun, 7 Jan 2007 12:20:25 -0500
—–BEGIN PGP MESSAGE—–
Version: None
J. We are going to fuck them all. Chinese mostly, but not entirely a feint. Invention
abounds. Lies, twists and distorts everywhere needed for protection. Hackers monitor
chinese and other intel as they burrow into their targets, when they pull, so do we.
Inxhaustible supply of material. Near 100,000 documents/emails a day. We’re going to
crack the world open and let it flower into something new. If fleecing the CIA will
assist us, then fleece we will. We have pullbacks from NED, CFR, Freedomhouse and
other CIA teats. We have all of pre 2005 afghanistan. Almost all of india fed. Half
a dozen foreign ministries. Dozens of political parties and consulates, worldbank,
apec, UN sections, trade groups, tibet and fulan dafa associations and… russian
phishing mafia who pull data everywhere. We’re drowing. We don’t even know a tenth
of what we have or who it belongs to. We stopped storing it at 1Tb.
The data so far have been pretty checked, and pretty alarming on the actual state of democracy. To be honest it looks like NSA/CIA are now copying the worst of the KGB bad practices that made USSR being tagged dictature.
Russians thinks democracy cannot reform themselves and it will lead to chaos as the truth about USSR made USSR crumble down by losing their allies in the western world.
Is it sure?
Let Russia spend money thinking they undermine democracies while actually helping them being stronger.
Hell may be paved with good intentions and bad intentions may also results in good deeds.
Anyway, when you have lived during cold war it is fun to see Russia and USA swap their place.
"It's not correct to put me in any one philosophical or economic camp, because I've learned from many. But one is American libertarianism, market libertarianism. So as far as markets are concerned I'm a libertarian, but I have enough expertise in politics and history to understand that a free market ends up as monopoly unless you force them to be free.
WikiLeaks is designed to make capitalism more free and ethical."
So, core principles: open information, ethical capitalism.
His influences and associations with people like Noam Chomsky (ethical political economy), Gavin MacFayden (open information) and others, seem to reinforce this.
I'm not sure that Russian oligarchy, and restrictions on press freedoms/speech etc. would really jive with Julian's worldview. He does seem to have a particular bone to pick with US imperialism, so I wouldn't rule out accepting help from the enemy of his enemy.
So somebody would imagine that he will publish Russian data as well, to make Russian capitalism more free and ethical...
Assange has stated, very clearly, that Russia is not the source and that if they had leaks related to Russia they'd publish them. But they don't. Probably because Wikileaks isn't necessary for Russian leakers: it arose because western newspapers were so reluctant to publish leaked material from western governments. But those same newspapers are desperate to publish anything that makes Russia look bad. So why go via Wikileaks, when you could go directly to the NY Times or the Guardian.
The whole "Wikileaks = Russia" line just comes off as delusional. There's no evidence, it has been explicitly denied, and the supporting arguments are very weak.
So how many anti-Putin materials were published there?
He wouldn't need Russian direction to do what he does. He already is a true believer.
From the Crowdstrike report and public statements by WL, Sputnik, and RT, it is likely that the Podesta email cache was delivered by Russian state actors. That there is circumstantial evidence of collusion on one campaign doesn't mean that Wikileaks is a Russian front.
I think the most obvious explanation is the true one. Wikileaks is controlled by Assange, who really disagrees with U.S. foreign and military policy.
Not to imply that you do this, but here's some general advice: don't appeal to authority--at least for the sake of authority. Don't idolize.
We should be free to criticize whomever we want, if we think we have good reason to. If we don't have such freedom, we'll quickly find ourselves in a state where a select group of individuals have a disproportionate amount of power over others.
Though I speak too late.
>We have no idea why, or where it will go next, and can only speculate.
I don't want to badger you with all of my thoughts on this, but, at the extreme, even if the author (was such an expert that they) knew who was performing these leaks and why--as opposed to giving speculation, which the author does state--we would also have to trust that they're giving their complete and honest account on the matter. So even in the case that they have perfection information, you must consider how much faith you want to put in their output. Note: I don't like the idea of will-nilly distrusting everything everyone says, but I do think it's worth pointing out possibilities that may exist for many situations.
He's no more credible than Ben Carson as HUD director or Bill Nye as a climate scientist.
Perhaps they should restrict these sensitive positions to full timers who have committed to the Agency -- i.e. they know that the organization will be watching them pretty much for the rest of their lives. Ex-agency people I've met said they have to notify the Agency whenever they travel abroad -- if they don't hear back, it's fine, but the Agency reserves the right to stop them.
The amount of damage (some might prefer to say, whistle blowing) done by contractors in recent years suggests that it's time to reexamine who gets such sensitive access.
I don't think the contractors leaked themselves. I think foreign intelligence agencies target most of them, and having multiple attack points yields more leaks than having just a single well-guarded agency. Trade-off between clamming up and remaining State-of-the-art.
I also thought my answer was very careful in its assertions. What have I stated as a definite fact and why was this wrong?
I felt it was outrageous to inject a pro-Capitalist treatise with regards to government contracting, which for me fits in two buckets:
1. Government needs some hardware (e.g. radar, missile, aircraft, watercraft). Some preapproved vendors who have already developed relationships and comply with extensive contracting requirements bid on a project. One or more win. Some vendors that win are wildly underqualified and, especially in the realm of IT, make an inferior product at 10x the price. One of the government stakeholders works for that contractor after a few years.
2. Government for political reasons can't hire or pay enough employees, so they pay a consultancy to provide employees for them.
Neither seems like an efficient capitalist action. The first due to its significant barriers to entry that forms oligopoly, and the second because it's just hiding government employment within a contract.
I don't know of a good way to improve #1, but for it to be considered a testament to the efficiency of capitalism is absurd to me.
Your concern absolutely makes sense when thinking of "contractors" in the private sector (in the sense that one may think security may be more lax or that they may cut corners to save money, but in the IC it is usually very close to being an Agency employee, just that contracts are used for specific needs for budgeting / forecasting purposes.
Correct. For over 75 years now. Article is just a summary of recent events in IC leaks. I clicked because I thought the author was going to speculate they're planned leaks as part of a counter-intel operation. That would have been interesting.
Have a look at Lenin's train and try 100.
Or, the dawn of time, depending.
But I also wonder whether the US got too careless about hiring blackhat hackers. And whether some of them left backdoors.
In its blog circa 1813 at St Hélène Napoleon posted on YikYak never credit to malice what can be simply explained by incompetence, and while trying to dominate the world with a huge army, I discovered that my machiavelic plans were anyway countered by having huge organization that tend have incompetence at critical points.
Well, Napoléon may have been right. The estimate headcount of all the US agencies are 3 000 000 workers, a huge amount of the population if you want to keep stuffs secret.
If not enough, you have at least 5 big agencies and a lot of small one.
You also have a tendency to have the patriots like Snowden attracted to secret services and army.
Some of them whose opinions may diverge as much with their agencies heading as their sense of duty is strong.
Plus without uncovering any big secrets, since 1986 commercial war with Europa and the WTO agreement on stopping to subsidize companies with public money, NASA, DARPA and secret services have been used as a way to discrelty fund part of the economy (namely IT, aeronautic and military industry). And let's no lie to ourselves one of the biggest part of the agencies' job is economical intelligence to favor the interest of some companies.
So, well, these subsidies are a resource increasingly taken by the services :) and some companies want this money.
Subsidies used to go in road infrastructures where mafia was happy to have its share. Urbanism used to favor real eastate....
There are a lot of enemies inside the USA against the services and their power over this huge budget of theirs.
My take on the issue is that maybe russian ... mob ... constituted of USA citizens could totally be involved, but as much as any other economical agents in the USA.
The problem of having too much money is that you'd better live in the shadow to not become the target of jealousy.
It may be knowing how much CIA and NSA have been involved with IT companies (as both suppliers and recipient of subsidize and probably economical intelligence) that other sectors of the economy like .... real estate, agriculture, energy, distribution want to have their place under the sun back again.
So, going back to Napoléon, I do think that the leak in secret service employing that much persons not all trusted requires so much duplication of information and internal leaks to simply get the work done on a day to day basis, that leaks are just a simple expression of a probable incompetence that did not scale up very well.
Yes, the russians may have opportunistically played with it. But clearly the biggest problem first is to have huge mammothean bureaucratic agencies.
Voilà, me too I made my own I don't know nothing I will tell you everything analysis based on wind.
:P
Update: yep. It's all Russia all the time these days.
Well ... nothing. He just knows it's the Russians.
