Slashdot Mirror
Russian Group That Hacked DNC Used NSA Attack Code In Attack On Hotels (arstechnica.com)
An anonymous reader quotes a report from Ars Technica: A Russian government-sponsored group accused of hacking the Democratic National Committee last year has likely been infecting other targets of interest with the help of a potent Windows exploit developed by, and later stolen from, the National Security Agency, researchers said Friday. Eternal Blue, as the exploit is code-named, is one of scores of advanced NSA attacks that have been released over the past year by a mysterious group calling itself the Shadow Brokers. It was published in April in the group's most damaging release to date. Its ability to spread from computer to computer without any user action was the engine that allowed the WCry ransomware worm, which appropriated the leaked exploit, to shut down computers worldwide in May. Eternal Blue also played a role in the spread of NotPetya, a follow-on worm that caused major disruptions in June. Now, researchers at security firm FireEye say they're moderately confident the Russian hacking group known as Fancy Bear, APT 28, and other names has also used Eternal Blue, this time in a campaign that targeted people of interest as they connected to hotel Wi-Fi networks. In July, the campaign started using Eternal Blue to spread from computer to computer inside various staff and guest networks, company researchers Lindsay Smith and Ben Read wrote in a blog post. While the researchers didn't directly observe those attacks being used to infect guest computers connected to the network, they said a related campaign from last year used the control of hotel Wi-Fi services to obtain login credentials from guest devices.
His name is Seth Rich. But you probably know him as Russia.
All while the CNN fact-checks the president during Korean negotiations: "no, no, Trump lied, our nukes are actually old and weak, and not modernized as he claimed."
Headline: Russian Group that hacked the DNC...
First Sentence: A Russian government-sponsored group accused of hacking the Democratic National Committee...
Did they hack it, or are they accused of hacking it?
I'm not a Trump supporter, but this submission headline is really shitty and deceptive.
Here's what it currently is, in case the editors do get off of their asses and fix it:
There's no "alleged" or "accused" or "thought to have" in there. It's stating that some vague, unnamed Russian group did engage in some sort of an attack. It's stating it as if it has been proven, when it hasn't been.
But the first goddamn sentence of the summary contradicts that by at least indicating there's only an accusation so far [emphasis added]:
Fix this shit up, /. editors. It just gives fuel to the pro-Trump crowd when you make stupid and sloppy mistakes like this.
The NSA has known for decades that computing systems using a model of ambient authority are insecure. It is my theory that they have promoted this model to allow them to make their work easier. If the worlds computers managed resources in the same manner we manage money, electricity, or any other scarce resource, almost none of this would have happened, and Trillions would have been saved.
Lack of oversight and a complete inability to keep their own exploits out of the hands of criminals and foreign powers is the exact reason we should be shuttering the doors on this nonsense. Its far better for everyone in the long run to patch exploits instead of hoarding them and turning them into a tool to undermine the very safety and security of the nation they were "meant" to protect. This exact same issue applies to back doors on encryption or secure systems of any kind. No one will probably care until the entire economy crashes after a back door exploit leaks out on financial transactions.
Here is the analysis that that article is based on. Looks pretty legit.
Fake news. Somebody here is feeding an agenda, not searching for the truth.
When the king heard the words of the Book of the Law he tore his robes.2Kings22:11
Your points are well taken. The fundamental facts of the whole Russia hacked the DNC narrative have never been questioned or put under scrutiny. There are many reasons for this, the primary one being that most of the media is a mouthpiece for the Democratic party. One can laugh at that, but this is the sort of shit that happens when a democracy does not have a free and fair press.
Actually the narrative is questioned, which is why you see the allegation come out and vanish almost as quickly. The narrative will be repeated and repeated until people get tired of pushing back and we end up with white washed history.
Repeat a lie long enough and loud enough and eventually the people will believe it. Not an exact quote of Goebbels, Mussolini, Stalin, Lenin, Pot, Mao, etc.. but the basic premise of their propaganda machines.
-The wise argue that there are few absolutes, the fool argues that there are no probabilities.
When message threads get flooded with posts echoing a single narrative with the same flawed arguments, I call it brigading because that's what it is: An attempt to artificially create a 'consensus' so that dissenters are not heard, dismissed as fringe elements, or discouraged to the point of self-censorship.
As far as the evidence goes, the blogger did good forensic work, but finding conclusions from something like this is a Rorschach test; it's easy to see what we want to see. We fall into logical fallacies, like "If I was Alice, I would choose to do X, Y, and Z. Because the attacker did not do X, Y, and Z, the attacker must not be Alice", then turn right around and commit more: "Because I can tweak my theory to fit most of the current evidence, it must be correct."
My personal take is that none of the evidence is sufficient proof of the "hacker's" identity, but whoever did it was quite lazy. If they were trying to hide their fingerprints, they did a singularly bad job of it. That by itself leans me slightly toward the 'Russia' theory: The DNC would have a lot more to lose if their supposed conspiracy (complete with murder) was unmasked, while Russia would lose nothing but a little international respect they didn't have to begin with. It would also be signature Putin, who has a history of dumping this kind of half-assed 'evidence' because it distracts an already polarized public and sets them to arguing with each other over facts and details. Then, in the confusion, Putin does whatever he wants. Remember the war in Ukraine?
Of course, it's pure conjecture, and I wouldn't put money either way. But I don't have to, because nobody is forcing us to accept a 'narrative'. There's an investigation in progress. It's non-partisan. The investigators have far more resources and access to far more information than some random blogger. Let them do their job, and when they present their case with all its evidence, decide for yourself.
If anyone is trying to force you to take sides now, it's probably because they're afraid of what will come out later.
How can I believe you when you tell me what I don't want to hear?
How's life in the hypocrite lane?
Yeah, doesn't sound like Trump at all.
Only crack the nuts that crack. You don't put the ones that don't crack in the sack.
Nothing like a 2 second google search, unless you are a rightard convinced any proof that you don't like is "Fake news" that is.
for all the rational world I think you should heed the words "Stuff it"!!
I am becoming less convinced that the work attributed to "Fancy Bear, APT 28" are in fact Russian. We've already exposed NSA/CIA as acting in disguise as foreign entities.
The irony, is for all the talk of Russian interference. We have done the exact thing in Russia's elections and dozens of other nations. We're the biggest hypocrites. Lastly, the majority of hacking and election tampering was done by the DNC to impede Bernie Sanders and prevent him from winning the nomination.