Insiders, political active staff, cults, less skilled governments, friendly govs with their own national interests, ex staff, former staff, mil staff, contractors, groups offering corporate espionage will now know to litter any server with well understood code, enter at a set time and have a distant staging server with an expected nations ip range.
The US tech media publishes talking points about easy to find code fragments, time zone, logs, ip range in a nice media release and stops investigating...
So no trace of the smart Bear, skilled Bear, deceptive Bear or deep network Bear code?
Give the contractors time, later some ip rage, code fragment or just a timezone will be found showing Bear related entry and vast undetected plain text data flows.
Is work day timezone data flows to some distant nation not proof? Their gov works 9 to 5 so any data moved within their timezone at that time is proof enough....
National ip range logs at anytime over the months? Just one national ip needs to be found?
It also depends on how many cell towers still have full battery power or mandated working generators, fuel supply, expert staff to keep generators working.
Or staff on site to fix a generator that stopped after a very short time or that never started.
The move away from POTS with extended exchange power to complex copper, part optical or coax digital phone networks may also have short term power options over time.
AM and FM radio might be the only network left when small battery backup fail on cell and other phone networks. Generators may not exist, may not start or fail due to lack of standards, poor quality testing or service of generators seen as a cost to be reduced once installed.
Private telco networks might lobby to have very few standards, have "digital" only networks for emergency services that reduce any costs on their for profit networks.
The final step will be party political demands for a gov in power to push down its policy solutions during any event.
The First Amendment in the United States Constitution is very clear on the role of the press as a named protected profession.
The Pentagon Papers did test the mil/gov printing issue.
Other nations like the UK, Australia have different views on material or book chapters.
"NSA files: why the Guardian in London destroyed hard drives of leaked files" (21 August 2013) https://www.theguardian.com/wo...
Sledgehammer Politics (23 Aug 2013) http://www.sbs.com.au/news/art...
Other nations "freedoms" are very different and limited when their fully democratic mil/gov's get interested in the media.
The change in the ability to find a site or link to a site, comment, publish, promote, sell or participate could get very chilling.
Even the most "free" Western nations could subvert any US protected freedoms of speech online to a global mix of other nations legal systems, NGO's, mil, gov and SJW interests.
Re "I'm deeply unclear on what the world thinks they'll get from ICANN that they haven't under US administration; and also unclear on what we have to gain from changing the situation; but I'm still baffled as to what possible standing state governments have on the issue."
The US has protected free speech and even protects freedom after speech. The press is also fully protected from gov, mil.
A lot of other nations hate that and a lot of leaders and people hate their politics, style of gov, police actions, wars and faith been talked about and fully exposed online.
Globally that US freedom is rare. Most nations would side with their gov, mil, faith, cult, leadership, party (communist, fascist, theocracy, cult, tribe) and then ensure all such speech is stopped. Liable under UK law, censorship, race, faith protection laws can be very chilling in many nations.
Ideas that are been suggested at a global level are some community standards i.e. the internet becomes a patrolled safe space with the wrong kind of speech allowing for the ID and removal of accounts, sites.
The internet would turn into the perfect mix of self empowered SJW's, NGO's , theologians, national leaders, mil, bureaucrats, political parties all going after speech they wanted removed from a site, social media or any archive site globally.
Think of a global community of volunteer contributors cleaning up the best parts of the internet and replacing it with blandest most boring, safe space social media for profit experience.
No more commenting on the NSA, GCHQ, national issues, leaders, war policy as all that would be copyright to a nation and would show the individual had access to material they should not have. The chilling effect would go after the media online who dared to published, readers and any/all linked or quoted discussion.
The media online would not be as protected as it is in the USA and be open to site removal, legal or faith based challenges globally or national demands for the ID's of every commenter.
Every nations legal or faith based claim on any free speech would have protected and equal legal standing for consideration.
Think of no more internet per identified person. Site owners in different nations having to change policy as the most simple request from any nation or its 'volunteer" could delist a server.
The site would then not be found on any search site and anyone linking to it would be noted for later domestic questioning.
If the message is real, create a new story about the messenger?
The truth was kind of hard to work as a narrative, so just cover the issue with tech media going on about super magical Bear network code?
What nation would risk a known method, code thats well understood by the private sector, their own ip ranges to enter and stay deep in networks?
To just drop litter that points back with code, ip ranges and not get caught on network entry or during the bulk plain text data flows out?
Smart national "cyberintrusion" that cant even escape with no logs and easy to find code fragments left all over?
Most nations use domestic staging servers, unexpected domestic or internal ip ranges that seem totally normal to any admin doing realtime work. Data is removed and no log litter later exists.
Why would any nation state even risk a method that was so well underwood by private sector security? That could have been detected on entry or while in use?
As a cover story for the US media it seems so rushed.
They should have found nothing, said nothing and then had the gov hint at secret efforts to trace methods much later. That would have seemed more realistic and been more in line with tracking a gov.
But to have speaking points from private sector security with a "Bear" name they all knew about?
What was said: http://edition.cnn.com/2016/07... (July 27, 2016)
""Perhaps one day the source or sources will step forward and that might be an interesting moment some people may have egg on their faces."
That sounds like the classic US insider going to the press. The Pentagon Papers, Watergate, a person with information going to the media who can give a lot of information due to their access.
Now the media is pushing ever more about some nation who can access data, look over the data, stay in a distant network, get the data in plain text, move the data out and not get caught.
Once US security experts look over the vast amounts of litter left on the network its some "Bear" code they all know about and tell the press about.
The code and method of access is so well understood that easy to find logs, code, ip details go to the waiting press.
The same very early private sector security experts talking points to the media then get picked up by gov and other media and reported as some long term gov investigation...
The origins of what was found and how it was traced become forgotten only that an existing well understood method was left to be found.
Its as easy as that, a set of "Bear" tools that are so well understood in the West, a time zone and ip range.
With the same tools its easy to access any Western networks, stay totally undetected, enter any network, get amount of data over hours, days weeks, months and exit.
On exit be sloppy and ignore all logs, methods, code fragments and get discovered? Lots of litter to find for private sector experts hours later.
What nation would invest in one time access using a method thats in the media and already very well understood by private sector security experts?
re "Non-governmental actors can forge that kind of thing, too."
How many workers, ex staff, former staff, third and forth party nations, their gov, mils have seen ip range changes and fake origin ip's?
Recall Turmoil, Quantum Insert, FoxAcid efforts.
At some point all that encryption has to be made plain text. For ads on some networks or the total cost of all free networks been encrypted or for federal or mil telco compliance in some nations.
Why build a really secure end to end global network when different nations have mil or legal requests?
Secure the public end and comply internally.
Where that data is plain text again is the access point of 5 eye nations, their staff, ex staff, former staff and any their party nation who helps.
Years ago the FBI did some fun staff requests.
"FBI asks computer shops to help fight cybercrime" (February 5, 2004) http://the.honoluluadvertiser....
The extension of such visits and talks with staff could be carried over nation wide into the digital cloud. Just scan the files? Add very easy to use federal file scanner as new hardware? An NGO/private sector file scanner on all readable data uploaded?
Maybe state and city law enforcement or federally funded state task forces asked the same of any data storage in the local area?
That would be to avoid all and any early case related telco or court paperwork. US law enforcement no longer seems to trust telcos or courts with their digital requests.
Goto the data direct, then build a random case on chat rooms or forums with later links. What is shared later is the court event rather than mention 24/7 data tracking methods on upload.
Tracking, blocking, structuring (surfing) reporting on any amount and amount, chat downs over any transaction amount with staff.
Everything your US bank has to do for the federal gov in the US today will be ready for any other payment products.
No payments to or from some nations. Full complacence and profit taking will be designed into every new product offered.
Micropayments with a bank without the external CC networks and their profit layer.
Everything will be just like a traditional bank service but with new cyber branding.
The ads still have to get out, so does the marketing depending on the privacy settings.
With all the holes and compromise made to let tracking and ads work down to an OS level, expect a few easy ways in and out.
The UK has faced a fine line between getting malware down into a computer of interest and very different staff then showing the case file to the press for some reason.
The new idea is to have expert staff with the best skills found in what was the Government Technical Assistance Centre, National Technical Assistance Centre, Royal Ulster Constabulary Special Branch to help police in new roles but never show any raw or live data to any other police.
The data collection was perfect and never leaked but too many then saw raw data much later.
The huge problem was that courts, private detectives, ex staff, former staff and the press got full reports of ongoing case work as files moved down and around different UK police networks well after secret collection and while case work was very active.
So find the staff with the ability to enter computers but can be kept away from all other police, the press, ex staff, private detectives.
Courts and other police will then be kept out of the raw data work.
CIB3 and other efforts where ended just as investigations found the vast scale of data movement.
"Journalists caught on tape in police bugging" 21 September 2002 https://www.theguardian.com/uk...
Different sections of the UK mil and gov want their own skills.
GCHQ wants languages and to shape education to ensure a good career.
GCHQ staff teach 'future spies' in schools (9 March 2011) http://www.bbc.com/news/educat...
Long term the view is to get the tech sector back to the pre Snowden days of weak crypto and effortless gov/mil/private sector sharing.
GCHQ boss: Tech firms should co-operate over encryption (7 March 2016) http://www.bbc.com/news/uk-357...
That will have to start with more charm and winning over smart people.
The other issue is to find staff that won't be caught up in "MI5 staff repeatedly overrode data surveillance rules" (10 Aug 2016 9:00) http://www.computerweekly.com/...
As for 'Valuable skills" been lost the thinking on that is more interesting. Imagination, smarts, skills and creativity can come with personalty traits that gov/mil have tested for and find difficult to shape.
Army frowns on Dungeons and Dragons (28.02.05) http://www.ynetnews.com/articl...
Movie fans would have some static off site database that could be compared to any new changes.
That would be interesting, to see who demanded a change to their publicly available info:)
It can depend on the funding. National broadcasters have region locked sites with set DRM that is contract friendly with content owners and producers.
Some sites like the hardware support for mic, cam.
Yes as the main social media sites get patrolled by "volunteers" making uploaded content harder to fund, find or even keep online.
People then have to stop their US protected free speech or find other more creative ways of getting round big multinationals and their new global "safe" branding.
Email, direct apps are just one of many great ways to totally circumvent brand management and the control of free speech on emerging social media.
The fine print about new community standards and volunteers who enforce such efforts can be very chilling with an offer of free support.
The ip would get found some of the larger sites like http://www.projecthoneypot.org... in the wild.
An internet provider could then suggest an AV scan of that accounts connected "computers".
Most of that hardware would flow from China and its regional markets. TV shows, what was once dvd/usb players, now new cheap media players with vast amounts of very cheap storage and better hardware codecs. All the NSA has to do is ensure a vibrant flow of Korean movies, TV shows via China keeps flowing every year. Radio works but nothing is as addictive and subversive as decades of ready to enjoy TV shows and movies on one small imported playback devices.
Get the CIA to fund addictive and charming Korean TV shows and dramas just for exporting.
The other neat part about digital devices making it over from China is the ability for the NSA to alter the basic electronics via cheap front factories in China.
The entire production of media playback hardware is a NSA front or entire shipments get diverted for alteration and activation between the production and local broader region markets. The China product is kept as a simple player with no alterations, the export version is made collection ready.
A low cost media player with 100's of shows as bait makes it deep into a nation, why not see what it can detect on its way with wireless? Storage is not an issue with the vast amounts of consumer media as cover. USB power plugged into an isolated desktop computer to see if anyone has any documents at home?
The user recharges to enjoy the shows, the altered low cost consumer device would be perfect for collection along the way, all day long.
That free or low cost refill of new shows would be the passive collection weeks or months later.
Re "If they are behind the leaks of the DNC emails that showed Sanders was never going to be allowed to run that's something every registered Democrat had a right to know."
That was an insider walking out like with the Pentagon papers https://en.wikipedia.org/wiki/.... Another nations ability to get in, stay in and move vast amounts of data undetected is really a bit too much of a cyber fantasy.
The ability to find evidence and then tell the waiting media of another nations methods, ip range, code fragments and efforts within hours and days is the fiction.
If the well understood and easy to find method can be detected in hours, how and why was it allowed to move all the data out in real time?
The US gov should have done a secret investigation, leaked a few hints to tame media sites about how the super skilled method was been tracked and the nation of origin over a much longer time frame.
That would have been a better cover story. To have a Bear name waiting and have national media push out method, results and the fact it is well understood kind of showed a hasty, sloppy cover story for an unexpected insider walk out.
Re "despite the fact he denied having any knowledge of her private emails" Other nations setting up a private email computer and ensuring US political leaders and their staff use it would need a team of trusted long term spies in the centre of US policy creation. Been able to enter such a server at will, move vast amounts of data out would not go undetected by the US/UK gov/mil from any nation of origin or domestic staging server.
"If Russian Intelligence Did Hack the DNC, the NSA Would Know, Snowden Says" (July 27 2016) https://theintercept.com/2016/...
The rushed out Russian cover story seems to fail at covering the trusted insider issue and the amount of insiders with total access now willing to just walk data out.
Another option is the CIA/MI6 or NSA/GCHQ was playing real time honey pot with real US data sets again and needed another US network left wide open again as bait. Adding or altering the plain text data as needed within real data.
Another "Cyber Breach of Office of Personnel Management Was Avoidable: Congress" ( Sep 7, 2016) http://www.nbcconnecticut.com/...
The insider saw the internal network as wide open for some reason and just walked the data out.
AV is now moving to the cloud. So a lot more docs are facing very advanced testing on users systems and also on AV networks.
Other AV just tests to see any changes in an OS and reports back findings to the AV developers.
What can a Word file do in such environments?
The evaded detection part can be as simple as not working when detecting a list of the most popular AV applications or software firewalls on an OS.
Encryption or stay with plain text storage? Yacht design can get extra feet this year or waste profits on real encryption?
Seems the yacht design costs win every decade.
Insiders, political active staff, cults, less skilled governments, friendly govs with their own national interests, ex staff, former staff, mil staff, contractors, groups offering corporate espionage will now know to litter any server with well understood code, enter at a set time and have a distant staging server with an expected nations ip range.
The US tech media publishes talking points about easy to find code fragments, time zone, logs, ip range in a nice media release and stops investigating...
Microsoft is the bug in any wider secure network.
So no trace of the smart Bear, skilled Bear, deceptive Bear or deep network Bear code?
Give the contractors time, later some ip rage, code fragment or just a timezone will be found showing Bear related entry and vast undetected plain text data flows.
Is work day timezone data flows to some distant nation not proof? Their gov works 9 to 5 so any data moved within their timezone at that time is proof enough....
National ip range logs at anytime over the months? Just one national ip needs to be found?
It also depends on how many cell towers still have full battery power or mandated working generators, fuel supply, expert staff to keep generators working.
Or staff on site to fix a generator that stopped after a very short time or that never started.
The move away from POTS with extended exchange power to complex copper, part optical or coax digital phone networks may also have short term power options over time.
AM and FM radio might be the only network left when small battery backup fail on cell and other phone networks. Generators may not exist, may not start or fail due to lack of standards, poor quality testing or service of generators seen as a cost to be reduced once installed.
Private telco networks might lobby to have very few standards, have "digital" only networks for emergency services that reduce any costs on their for profit networks.
The final step will be party political demands for a gov in power to push down its policy solutions during any event.
The First Amendment in the United States Constitution is very clear on the role of the press as a named protected profession.
The Pentagon Papers did test the mil/gov printing issue.
Other nations like the UK, Australia have different views on material or book chapters.
"NSA files: why the Guardian in London destroyed hard drives of leaked files" (21 August 2013)
https://www.theguardian.com/wo...
Sledgehammer Politics (23 Aug 2013)
http://www.sbs.com.au/news/art...
Other nations "freedoms" are very different and limited when their fully democratic mil/gov's get interested in the media.
The change in the ability to find a site or link to a site, comment, publish, promote, sell or participate could get very chilling. Even the most "free" Western nations could subvert any US protected freedoms of speech online to a global mix of other nations legal systems, NGO's, mil, gov and SJW interests.
Re "I'm deeply unclear on what the world thinks they'll get from ICANN that they haven't under US administration; and also unclear on what we have to gain from changing the situation; but I'm still baffled as to what possible standing state governments have on the issue."
The US has protected free speech and even protects freedom after speech. The press is also fully protected from gov, mil.
A lot of other nations hate that and a lot of leaders and people hate their politics, style of gov, police actions, wars and faith been talked about and fully exposed online.
Globally that US freedom is rare. Most nations would side with their gov, mil, faith, cult, leadership, party (communist, fascist, theocracy, cult, tribe) and then ensure all such speech is stopped. Liable under UK law, censorship, race, faith protection laws can be very chilling in many nations.
Ideas that are been suggested at a global level are some community standards i.e. the internet becomes a patrolled safe space with the wrong kind of speech allowing for the ID and removal of accounts, sites.
The internet would turn into the perfect mix of self empowered SJW's, NGO's , theologians, national leaders, mil, bureaucrats, political parties all going after speech they wanted removed from a site, social media or any archive site globally.
Think of a global community of volunteer contributors cleaning up the best parts of the internet and replacing it with blandest most boring, safe space social media for profit experience.
No more commenting on the NSA, GCHQ, national issues, leaders, war policy as all that would be copyright to a nation and would show the individual had access to material they should not have. The chilling effect would go after the media online who dared to published, readers and any/all linked or quoted discussion.
The media online would not be as protected as it is in the USA and be open to site removal, legal or faith based challenges globally or national demands for the ID's of every commenter.
Every nations legal or faith based claim on any free speech would have protected and equal legal standing for consideration.
Think of no more internet per identified person. Site owners in different nations having to change policy as the most simple request from any nation or its 'volunteer" could delist a server.
The site would then not be found on any search site and anyone linking to it would be noted for later domestic questioning.
If the message is real, create a new story about the messenger?
The truth was kind of hard to work as a narrative, so just cover the issue with tech media going on about super magical Bear network code?
What nation would risk a known method, code thats well understood by the private sector, their own ip ranges to enter and stay deep in networks?
To just drop litter that points back with code, ip ranges and not get caught on network entry or during the bulk plain text data flows out?
Smart national "cyberintrusion" that cant even escape with no logs and easy to find code fragments left all over?
Most nations use domestic staging servers, unexpected domestic or internal ip ranges that seem totally normal to any admin doing realtime work. Data is removed and no log litter later exists.
Why would any nation state even risk a method that was so well underwood by private sector security? That could have been detected on entry or while in use?
As a cover story for the US media it seems so rushed.
They should have found nothing, said nothing and then had the gov hint at secret efforts to trace methods much later. That would have seemed more realistic and been more in line with tracking a gov.
But to have speaking points from private sector security with a "Bear" name they all knew about?
What was said:
http://edition.cnn.com/2016/07... (July 27, 2016)
""Perhaps one day the source or sources will step forward and that might be an interesting moment some people may have egg on their faces."
That sounds like the classic US insider going to the press. The Pentagon Papers, Watergate, a person with information going to the media who can give a lot of information due to their access.
Now the media is pushing ever more about some nation who can access data, look over the data, stay in a distant network, get the data in plain text, move the data out and not get caught.
Once US security experts look over the vast amounts of litter left on the network its some "Bear" code they all know about and tell the press about.
The code and method of access is so well understood that easy to find logs, code, ip details go to the waiting press.
The same very early private sector security experts talking points to the media then get picked up by gov and other media and reported as some long term gov investigation...
The origins of what was found and how it was traced become forgotten only that an existing well understood method was left to be found.
Its as easy as that, a set of "Bear" tools that are so well understood in the West, a time zone and ip range.
With the same tools its easy to access any Western networks, stay totally undetected, enter any network, get amount of data over hours, days weeks, months and exit.
On exit be sloppy and ignore all logs, methods, code fragments and get discovered? Lots of litter to find for private sector experts hours later.
What nation would invest in one time access using a method thats in the media and already very well understood by private sector security experts? re "Non-governmental actors can forge that kind of thing, too."
How many workers, ex staff, former staff, third and forth party nations, their gov, mils have seen ip range changes and fake origin ip's? Recall Turmoil, Quantum Insert, FoxAcid efforts.
At some point all that encryption has to be made plain text. For ads on some networks or the total cost of all free networks been encrypted or for federal or mil telco compliance in some nations.
Why build a really secure end to end global network when different nations have mil or legal requests?
Secure the public end and comply internally.
Where that data is plain text again is the access point of 5 eye nations, their staff, ex staff, former staff and any their party nation who helps.
Years ago the FBI did some fun staff requests.
"FBI asks computer shops to help fight cybercrime" (February 5, 2004)
http://the.honoluluadvertiser....
The extension of such visits and talks with staff could be carried over nation wide into the digital cloud. Just scan the files? Add very easy to use federal file scanner as new hardware? An NGO/private sector file scanner on all readable data uploaded?
Maybe state and city law enforcement or federally funded state task forces asked the same of any data storage in the local area?
That would be to avoid all and any early case related telco or court paperwork. US law enforcement no longer seems to trust telcos or courts with their digital requests.
Goto the data direct, then build a random case on chat rooms or forums with later links. What is shared later is the court event rather than mention 24/7 data tracking methods on upload.
Depends on who asked for the data.
e.g. MAINWAY https://en.wikipedia.org/wiki/...
or other telephone company efforts like Hemisphere https://en.wikipedia.org/wiki/...
Tracking, blocking, structuring (surfing) reporting on any amount and amount, chat downs over any transaction amount with staff.
Everything your US bank has to do for the federal gov in the US today will be ready for any other payment products.
No payments to or from some nations. Full complacence and profit taking will be designed into every new product offered.
Micropayments with a bank without the external CC networks and their profit layer.
Everything will be just like a traditional bank service but with new cyber branding.
The ads still have to get out, so does the marketing depending on the privacy settings.
With all the holes and compromise made to let tracking and ads work down to an OS level, expect a few easy ways in and out.
The UK has faced a fine line between getting malware down into a computer of interest and very different staff then showing the case file to the press for some reason.
The new idea is to have expert staff with the best skills found in what was the Government Technical Assistance Centre, National Technical Assistance Centre, Royal Ulster Constabulary Special Branch to help police in new roles but never show any raw or live data to any other police.
The data collection was perfect and never leaked but too many then saw raw data much later.
The huge problem was that courts, private detectives, ex staff, former staff and the press got full reports of ongoing case work as files moved down and around different UK police networks well after secret collection and while case work was very active.
So find the staff with the ability to enter computers but can be kept away from all other police, the press, ex staff, private detectives.
Courts and other police will then be kept out of the raw data work.
CIB3 and other efforts where ended just as investigations found the vast scale of data movement.
"Journalists caught on tape in police bugging" 21 September 2002
https://www.theguardian.com/uk...
Different sections of the UK mil and gov want their own skills.
GCHQ wants languages and to shape education to ensure a good career.
GCHQ staff teach 'future spies' in schools (9 March 2011)
http://www.bbc.com/news/educat...
Long term the view is to get the tech sector back to the pre Snowden days of weak crypto and effortless gov/mil/private sector sharing.
GCHQ boss: Tech firms should co-operate over encryption (7 March 2016)
http://www.bbc.com/news/uk-357...
That will have to start with more charm and winning over smart people.
The other issue is to find staff that won't be caught up in "MI5 staff repeatedly overrode data surveillance rules" (10 Aug 2016 9:00)
http://www.computerweekly.com/...
As for 'Valuable skills" been lost the thinking on that is more interesting. Imagination, smarts, skills and creativity can come with personalty traits that gov/mil have tested for and find difficult to shape.
Army frowns on Dungeons and Dragons (28.02.05)
http://www.ynetnews.com/articl...
Movie fans would have some static off site database that could be compared to any new changes. :)
That would be interesting, to see who demanded a change to their publicly available info
It can depend on the funding. National broadcasters have region locked sites with set DRM that is contract friendly with content owners and producers.
Some sites like the hardware support for mic, cam.
Yes as the main social media sites get patrolled by "volunteers" making uploaded content harder to fund, find or even keep online.
People then have to stop their US protected free speech or find other more creative ways of getting round big multinationals and their new global "safe" branding.
Email, direct apps are just one of many great ways to totally circumvent brand management and the control of free speech on emerging social media.
The fine print about new community standards and volunteers who enforce such efforts can be very chilling with an offer of free support.
The ip would get found some of the larger sites like http://www.projecthoneypot.org... in the wild.
An internet provider could then suggest an AV scan of that accounts connected "computers".
Most of that hardware would flow from China and its regional markets. TV shows, what was once dvd/usb players, now new cheap media players with vast amounts of very cheap storage and better hardware codecs. All the NSA has to do is ensure a vibrant flow of Korean movies, TV shows via China keeps flowing every year. Radio works but nothing is as addictive and subversive as decades of ready to enjoy TV shows and movies on one small imported playback devices.
Get the CIA to fund addictive and charming Korean TV shows and dramas just for exporting.
The other neat part about digital devices making it over from China is the ability for the NSA to alter the basic electronics via cheap front factories in China.
The entire production of media playback hardware is a NSA front or entire shipments get diverted for alteration and activation between the production and local broader region markets. The China product is kept as a simple player with no alterations, the export version is made collection ready.
A low cost media player with 100's of shows as bait makes it deep into a nation, why not see what it can detect on its way with wireless? Storage is not an issue with the vast amounts of consumer media as cover. USB power plugged into an isolated desktop computer to see if anyone has any documents at home?
The user recharges to enjoy the shows, the altered low cost consumer device would be perfect for collection along the way, all day long.
That free or low cost refill of new shows would be the passive collection weeks or months later.
Re "If they are behind the leaks of the DNC emails that showed Sanders was never going to be allowed to run that's something every registered Democrat had a right to know."
That was an insider walking out like with the Pentagon papers https://en.wikipedia.org/wiki/.... Another nations ability to get in, stay in and move vast amounts of data undetected is really a bit too much of a cyber fantasy. The ability to find evidence and then tell the waiting media of another nations methods, ip range, code fragments and efforts within hours and days is the fiction.
If the well understood and easy to find method can be detected in hours, how and why was it allowed to move all the data out in real time?
The US gov should have done a secret investigation, leaked a few hints to tame media sites about how the super skilled method was been tracked and the nation of origin over a much longer time frame.
That would have been a better cover story. To have a Bear name waiting and have national media push out method, results and the fact it is well understood kind of showed a hasty, sloppy cover story for an unexpected insider walk out.
Re "despite the fact he denied having any knowledge of her private emails"
Other nations setting up a private email computer and ensuring US political leaders and their staff use it would need a team of trusted long term spies in the centre of US policy creation. Been able to enter such a server at will, move vast amounts of data out would not go undetected by the US/UK gov/mil from any nation of origin or domestic staging server.
"If Russian Intelligence Did Hack the DNC, the NSA Would Know, Snowden Says" (July 27 2016)
https://theintercept.com/2016/...
The rushed out Russian cover story seems to fail at covering the trusted insider issue and the amount of insiders with total access now willing to just walk data out.
Another option is the CIA/MI6 or NSA/GCHQ was playing real time honey pot with real US data sets again and needed another US network left wide open again as bait. Adding or altering the plain text data as needed within real data.
Another "Cyber Breach of Office of Personnel Management Was Avoidable: Congress" ( Sep 7, 2016)
http://www.nbcconnecticut.com/...
The insider saw the internal network as wide open for some reason and just walked the data out.
AV is now moving to the cloud. So a lot more docs are facing very advanced testing on users systems and also on AV networks.
Other AV just tests to see any changes in an OS and reports back findings to the AV developers.
What can a Word file do in such environments?
The evaded detection part can be as simple as not working when detecting a list of the most popular AV applications or software firewalls on an OS.
Encryption or stay with plain text storage? Yacht design can get extra feet this year or waste profits on real encryption?
Seems the yacht design costs win every decade.
How many Bear related names are ready for the local press?