> [An intelligence researcher] led an investigation at ThreatConnect that tried to track down Guccifer from the metadata in his emails. But the trail always ended at the same data center in France. Ehmke eventually uncovered that Guccifer was connecting through an anonymizing service called Elite VPN, a virtual private networking service that had an exit point in France but was headquartered in Russia.
> But on one occasion, The Daily Beast has learned, Guccifer failed to activate the VPN client before logging on. As a result, he left a real, Moscow-based Internet Protocol address in the server logs of an American social media company, according to a source familiar with the government’s Guccifer investigation. Twitter and WordPress were Guccifer 2.0’s favored outlets. Neither company would comment for this story, and Guccifer did not respond to a direct message on Twitter.
> Working off the IP address, U.S. investigators identified Guccifer 2.0 as a particular GRU officer working out of the agency’s headquarters on Grizodubovoy Street in Moscow. (The Daily Beast’s sources did not disclose which particular officer worked as Guccifer.)
There are better ways to hide. From experience (I work in security), the ones I would use are (individually or combined):
- Have the VPN set up in my router using OpenWRT (the R7000 is great for that) and drop all connections when VPN disconnects (with a script).
- Rent a VPS on a botnet friendly host that accepts Bitcoins (i.e Hostsailor).
- Then do all my shady stuff from the VPS or even better, configure Tor and proxychains on the VPS then use proxychains when doing anything on a remote host.
I think the guy was just lazy and preferred convenience.
You're overthinking this and getting lost in technology. The guy surely did that stuff. What likely happened is that the guy pasted an URL into the wrong browser window.
Having a separate browser that jumps through all the well-audited crypto hoops you want doesn't really help you if you have a native Safari window sitting next to it where you read your gmail.
Sure, and then one day you sit with your laptop in a park on your company's campus and you are accidentally connected to the wrong wifi hotspot and you leak some info that way.
Opsec is hard. Technology can only solve so much, the weak link will always be the wet spongy tissue.
If you're running an operation with international political implications, you don't sit with your laptop in the park. There's "opsec is hard", and there's "you're an idiot".
Do you think these large government agencies with hundreds or thousands of employees are some sort of magical super-organizations where everything and everybody is 100% on, all the time? These are all regular people like you and me working there. We're talking about the world's most organized agencies, yet who put or leave an internet-connected webcam with a default password in front of their building; or hire someone who will copy gigabytes of data and run off with it - and fail to notice; or give their most secret and valuable spyware to an ally who then gets impatient and exposes it with some stupid mistake.
This is not about being an 'idiot', this is perfectly normal behavior to happen once in a few years over hundreds or thousands of people.
I think these are all separate cases. Yes, opsec is hard in general. There's a scale of how hard some problems are to prevent - what you listed is in various places on it. The specific case I responded to with laptop in the park while you're trying to mess with foreign governments would be at one extreme of that scale.
they're all separate cases of people doing stupid shit while working doing this kind of stuff. The laptop in the park was an example of how someone could do stupid shit while working on this kind of stuff, it was of course an example plucked from thin air of one kind of stupid shit one could do and get caught out, not necessarily the stupid shit that actually got him caught. The point is that at least most people, even if most of the time highly competent, slip up some times and it seems this guy slipped up one time which really thinking about it starts to make me suspicious because if you slip up once in hundreds of times why not 3-7 times. why only one time. but anyway the point is intelligent most of the time, stupid once is all it takes to get caught and nearly everyone does it.
And now I'm defending a Russian agent doing stuff I think sucks.
If you're writing mission critical software, you don't scribble all over memory by writing through unvalidated pointers. There's "software quality is hard", and there's "you're an idiot".
What you're asking for, fundamentally, is for people not to make mistakes. You probably don't hold that opinion in your professional life (yeah, I'm assuming you're a programmer). Why here?
There's not even remotely the same magnitude of error between those two cases in my mind. One you can miss by accident, the other you're actively doing.
You are absolutely correct.
People make mistakes. Even very well trained professionals make mistakes.
Incredibly experienced skydivers die.
Industrial safety is tough despite well designed processes and constant training.
Tradecraft slipups happen.
etc etc
The weak link is the human being.
You can prevent this by running Little Snitch and only allowing outbound traffic if you are connected to GRUfi. Hell, Little Snitch even has a mode that blocks all but the core services on your Mac. Do that combined with a router-VPN with a kill switch and a hardened browser I don’t see how you would leak your location.
Edit: you could even configure Little Snitch to ask for permission for every app and domain your Mac wants to connect to. That way you would even catch yourself accidentally surfing to the wrong URL or using the wrong browser.
Yes yes yes - you're completely missing the point. The point is that it's easy to come up with some sort of contained scenario in which you can devise a perfect technical solution for a well-defined problem. But it's hard to get groups of hundreds of people to always behave perfectly according to protocol, every time, everywhere, with not a single slip-up over several years.
The problem is that all of a sudden your side-searches for rash treatments or your checks on your gmail account go through that VPN as well, linking your identities temporally.
Even so it's still likely to type the wrong url/login on the wrong device(i.e by reflex). The only safe choice you have is to not have any "personal stuff"(i.e. personal twitter account).
Possible, I know that a couple times a year but I would think a professional in that situation would use a completely different service for personal use. (I.e. Personal Twitter, Professional Reddit)
The solution to that is to use a password manager, and save all your (randomly generated, long and unmemorizable) professional passwords only on the device that cannot connect into the open internet.
It doesn't even need to be a fuck up. Knowing the scrutiny this hack would trigger means he could've easily left a single connection to a russian IP address as false bread crumb trail for investigators.
Much more difficult to spoof an IP than a phone number. Once you’re behind a NAT, all bets are off, but the public IP has to be routable back to you in order to be usable.
Instead of phone number, think port on the phone company’s switch or a specific pair of wires. That’s hard to spoof.
It’s much easier to spoof a MAC address, which can identify specific hardware associated with the IP address, but that doesn’t make the IP any more difficult to identify.
Depends on the occasion, no? There's a difference between "the target account once used phrasing more typical of a Russian speaker than a Romanian speaker" and "the target connected to the server from inside GRU headquarters".
> it's also definitely easy to throw investigations off course
Connecting to a server from GRU headquarters isn't something I'd call "definitely easy". If the claim is true, Occam's Razor suggests that the GRU was involved in some fashion. What's the alternative? That the DNC compromised the network of a Russian intelligence agency?
(How much faith to put in an anonymously sourced claim about what was in the logs of an unnamed social network is a separate question, of course.)
You've added something that was not in the article. The IP address was not necessarily in the GRU HQ. The IP was in Moscow. The IP allowed the agent to be identified. That might mean the IP was in the GRU HQ but not necessarily. Once the agent was identified, they knew (possibly based on other intel collection) that he works out of (has as a "home" office) the GRU HQ.
Ha ha. I'll go get the complete top secret NSA report and post it here, and then we can arrange a Q&A with the NSA officers to address your further questions, as there certainly will be some.
With any intelligence information 'what if' is most reasonable approach. It is absurd to trust anyone that has the objective to spread misinformation.
In comparison why would you trust anybody who is a professional liar on any information? Just because you have no other more reliable information does not turn the liars lie into a truth.
Tell me; how did The Daily Beast, an org that has Chelsea Clinton on their board, get the external IP addresses of the Russian Intellegence headquarters?
You are not as anonymous as you think when you are online - An IP address can easily identify a particular office in a government building
There are many, many cases where a journalist has tracked down specific wikipedia edits to a particular office or intranet in a government building all from their IP address
>Yep. I agree - it's pretty easy to slip up and public IPs are fairly easy to monitor.
Public IPs are NOT easy to monitor correctly when
A. It's supposedly Russian Intelligence HQ
B. They are claiming they can identify the specific office it came from
Teenagers can hack NASA [0] so I don't think a sufficiently motivated attacker, possibly backed by a nation state, couldn't pull off something like this as a false flag.
> Teenagers can hack NASA [...] so I don't think a sufficiently motivated attacker [...] couldn't pull off something like this
Right, the fact someone could compromise a random government agency in the 90s clearly means someone else could compromise Russian military intelligence in 2016, because NASA's IT security in the 90s is totally comparable to the GRU today, absolutely.
Considering a U.S. ally had their tendrils so deep inside GRU that they had a live video feed, you should probably reevaluate your assigned probabilities.
You mean the recent story which broke by Dutch intel?
There is no public video recording to substantiate their claim. You'd think this entire debate would be settled if on YouTube we could all just watch visual proof of Russians hacking the US.
They also claimed that the video feed came from a university building in Moscow's Red Square. I challenge you to find such a building on a map of the Red Square.
Your entire posting history is devoted to obscure conspiracy screeds whenever Russia is involved – it's truly remarkable your account has persisted this long.
That's an extremely offensive thing to say. Also, that is not a true characterization of my comment history. If you do want to discuss that topic, I am more than happy to engage in discussions supported by sourced material.
So, just because the US intelligence community gets attribution details in 2014 doesn't mean they didn't fake the attribution for the 2016 DNC hack. That's like me registering an account with your username on some site and posting stuff with it - many digital "fingerprints" can be faked. Readers of HN should know this (lol).
Also, the author's claim that the US intelligence community attributed the DNC hack is dubious. James Clapper did, and he threw around a debunked "17 intelligence agencies" slogan[0], but the man's a retired partisan[1]. Recall that the DNC would not let the FBI do actual forensics on their hacked server[2] - well, there's one intelligence agency that didn't get a chance to make an official attribution. Recall too that the Crowdstrike's hack report claims were debunked by the Ukranian army[3] & authenticity of the C&C software was questioned by many in the cyber security community[4].
Like, who didn't know that Russia had hackers? We also know that the DNC/DeepState have a scapegoat.
>Right, the fact someone could compromise a random government agency in the 90s clearly means someone else could compromise Russian military intelligence in 2016, because NASA's IT security in the 90s is totally comparable to the GRU today, absolutely.
Because such hacks don't happen today?
>Which nation state, exactly?
Well, which nation state likes false flags and BS excuses like WMDs for their target du jour?
I find it amusing that those who call false flag sound as if they are the ones flying a false flag. It's exactly the sort of action one would expect to call out if I was trying to turn a population in on itself. False flag is a recently common accusation which did not used to be common on the internet.
Not referring to the internet trope (or the existence of hackers in Russia and/or Eastern Europe), but the actual BS press "Russian hackers behind this and that", which is the "WMDs" of late 2010s.
What do you mean "WMDs of late 2010s"? The WMD excuse I'm familiar with was the one to invade Iraq was early 2000's, and anyone with half a critical mind could see that it was a flimsy argument at best in order to appeal to the hawks at home who wanted blood after September 11th. And American citizens who had studied Islam at all would understand that the only reason the Sunni, Shia, (and Kurds, ethnic not religious minority) had not openly killed each other in Iraq was due to Saddam's non-discriminating iron fist, and that invading could have potentially destabilized the country into a pariah state.
I'm not going to change your mind on what you think is BS, but I do disagree with you. If you have the chance, I highly suggest talking to retired CIA operatives that were active during the Cold War -- the stuff they talk about (when allowed) can be pretty eye-opening.
There was real time video surveillance of the building, both external/internal by Dutch and another unnamed European agency. Also RT published the names of the two officers who controlled the G2 account: Sergei Afanasyev, GRU Deputy Chief and Grigoriy Viktorovich Molchanov, Head of the GRU Academy.
> Also RT published the names of the two officers who controlled the G2 account: Sergei Afanasyev, GRU Deputy Chief and Grigoriy Viktorovich Molchanov, Head of the GRU Academy.
It's surprising that RT published those. I thought it was an entity controlled by the Russian government. Why would it be publishing the names of its own officers when supposedly the said officers went out of their way to appear Romanian and not Russian.
It's very hard to spoof a log of a TCP connection in one country from an IP address assigned to the residential internet connection of an intelligence official in another country. It's certainly not impossible, but it's not as easy as just adding an email header or something.
It really is super easy. Even since 2007, malware like Zeus and SpyEye, and a million different Remote Access Tools (RATs) take over your machine and allow all activity to emanate from it. Very easy to plant a false flag or incriminating evidence.
and please note the careful wording: "Working off the IP address, U.S. investigators identified Guccifer 2.0 as a particular GRU officer working out of the agency’s headquarters on Grizodubovoy Street in Moscow. "
interpretation 1: The guy accessed the device from his GRU office
Interpretation 2: The IP belongs to a guy (maybe his residential connection), and he happens (from other sources) to work at the GRU office. Assuming the GRU device is relatively secure, is it possible that other devices on his home have malware on them? If the latter, all the devices would appear as coming from that same residential IP address.
I work in this field and false attribution happens all the time. Evidence is really easy to fake.
If you have gained remote access to a Russian intelligence officer's computer, I feel like spoofing an HTTP request to a social media site is the least exciting thing to do with that access.
Don't confuse the ease of installing tools that let you maintain access once you have gained access with the ease of gaining access in the first place.
If you have access to a device of some low level employee there is no harm in burning it for a high profile operation like the guccifer story. This was not just a random Twitter bot, but potentially at a global-scandal level. Whoever coordinated this was certainly not a some random fool.
It's called a watering hole attack. You infect many of the devices way ahead of time (that are interested in whatever subject area you targeted), and pick your victim when you need to. If you haven't prosecuted these cases, you'd be surprised how often it happens:
All of the articles you link are about trying to derive attribution using signatures from the malware itself, which is unrelated to the thing you're talking about. I agree that trying to find meaningful attribution from the evidence left on the machine is unlikely to work and that spoofing this evidence is easy.
But that has nothing to do with a watering hole attack - are you claiming that successful watering hole attacks against GRU personnel are commonplace?
There's a bunch of articles there. One technique is they put up a pro-Free Tibet site, and put malware on it. The visitors get infected and they have an insight into who is interested in that topic and their IP addresses for basic geo location, and maybe remote control of their machines.
If we pick a topic that's super interesting for government intelligence people (like the Guccifer blog site itself), and put some awesome non-detectable malware on there, you could potentially infect multiple intelligence officers from multiple countries.
When the bots phone home, they will report username, domain name, email addresses, visited URLs, security certificates (or basically anything you want). So you now have a rolodex of machines you can manipulate. Mossad did it...nope....North Korea....nope CIA...nope FBI etc etc
Now this is super hard to do in practice. But you only have to be lucky once.
Here you go....from my 2012 Blackhat presentation. It then shows the issues of attribution as everything comes from the infected machine...sorry it's dated but nothing has really changed
Nobody is disputing that, given a remote-access tool running on a machine, actions taken by that tool are seen to come from that machine.
What is being disputed is that making it look like it came from a Russian intelligence officer specifically, as opposed to from some random infected machine somewhere, is easy. I see that you're claiming that if you set up a botnet and start infecting people and wait, you'll eventually get someone who works for a bank or someone who works for the military, sure. But what are the changes that you'll find someone who happens to work for the specific intelligence agency that is widely suspected as being the actual perpetrator?
Are you claiming that lots of botnet operators happen to have infected so many machines that their chance of being able to get to the machine of an employee of any government agency in the world is high? That the average GRU officer has hundreds of RATs in their home from hundreds of bored teenagers around the world?
I believe that intelligence agencies are targeted all the time, and keeping machines clean is not that easy. Certain governments (like Singapore) adopted an air-gap approach, so the machines you use for work don't touch the internet.
But even then, it would be a lot easier to infect that persons's home machine.....Many of the people visiting Guccifers site were normal people, some were from intelligence agencies (proportionally probably a lot more than visit a normal site).
Assuming you had AWESOME undetectable malware, you'd have to infect the lot, get them to report in, and ferret out the interesting ones. Not exactly a weekend project, but if this was your passion in life, very achievable.
Spear phishing these guys is hard, watering hole may be easier.
Nice talk! I just 1.5x-ed thru the first ~30 mins.
I still think we're talking at cross purposes though - I'm not disputing Zeus works, I'm disputing that it's "super easy" to identify and then infect a machine attributable to "an intelligence official in another country".
I mean - if all I need to do is make a tcp connection - all I need is an <img> tag in a web page - the big problem is getting that webpage and/or RAT onto a GRU officer's work computer.
(And if you _do_ cover how to do that in the remaining bit of the talk, I'd love to know...)
"“With UMBRAGE and related projects the CIA cannot only increase its total number of attack types, but also misdirect attribution by leaving behind the ‘fingerprints’ of the groups that the attack techniques were stolen from,” Wikileaks said in a statement."
"In April this year, WikiLeaks disclosed a brief information about Project Hive, revealing that the project is an advanced command-and-control server (malware control system) that communicates with malware to send commands to execute specific tasks on the targets and receive exfiltrated information from the target machines.
Hive is a multi-user all-in-one system that can be used by multiple CIA operators to remotely control multiple malware implants used in different operations."
Except the Russians haven't worked very hard to try to deny it.
And - more importantly - everything else they do aligns with this same goal.
It's like during WW2 finding a person spying in London, finding they were passing information on English plans to attack German air defenses to someone in Berlin and saying "Well.. they might have been American, because the US and the UK were rivals during the Washington Naval treaty process during the 1920s". Yes.. they might. But there's a lot of evidence pointing the other way, and German actions indicate it was the kind of thing they would like.
That's literally not what happened. There is a lot of other evidence to support this claim. It wasn't just this one simple thing that pointed to Russia.
Yes Opsec is hard, but not in this specific example: one would just setup a VM with tails [0], and one would only performs its shady actions within this VM, and all one's outgoing network activity would automatically jump threw a TOR exit point, and why not a VPN tunnel above it. No chance (well, almost no chance) to screw here.
Doing something shady from a regular workstation is either a mark of noobiness, or it's someone trying to disguise as someone else. Relying on manually launching a commercial VPN each time when you want anonymity? It's not really opsec per se.
What I find unlikely is that it was possible for the officer to log into the account from anything but a computer connected to a secured network. The computers that could be connected directly should never have the constructed persona's credentials.
Our people screwed this basic principle up regularly with an otherwise secure product per a defector from a foreign, intelligence service:
"If you have a STU-III secure telephone, use it, but remember that even the STU-III depends upon strict telephone security discipline. A defector from one of the foreign intelligence services that monitor U.S. communications reports that STU-III encryption is fairly secure. However, he also advised that the chitchat that occurs before the STU-III is switched to secure mode and after it is switched off of secure mode is a bonanza of valuable information. Communications monitors can identify STU-III lines, so these phone numbers are obvious targets. Therefore, a STU-III line being used in non-secure mode may be more likely to be monitored than another line that never carries encrypted communications. Maintaining strict telephone security discipline is critical." (my emphasis added)
I'll also note that stopping these accidental leaks was part of the motivation for the Compartmented Mode Workstations that weren't secure enough at B1 class to stop well-funded attacks that B3 or A1 might. Risks ranged from cut/paste to classified docs making it onto unclassified networks. The systems' security kernels would look at the labels to catch that. The kinds of leaks they addressed still happen to both innocent users and criminals.
> These are not amateurs. They should know better.
Yeah, in every field there are lots of cases where people end up saying this because professionals who should know better don't. Or cut corners because of resource constraints. Or, just screw up something they actually do know. Or...
Or this is bullshit, plain and simple . You don't think outgoing connections are unproxied and unmonitored at GRU (GRU, of all things ? This is military intelligence, BTW) , do you ?
Have you worked with the US Gov't in any capacity?
They are just regular people. It's not a world of super spies. I am sure GRU is not that much different. Even the top folks eat corn flakes like everyone else.
People make mistakes all the time.
This might be bullshit but just saying so is hardly a compelling argument. I will wait for more evidence one way or another myself, with the obvious disclaimer that anything could be bullshit.
Or one log entry was altered to insert the desired IP address — because the chain of custody of these logs is so ironclad? Or a MITM altering packets to generate the desired log entry....
“We found an IP address in a log which lets us tie Guccifer 2.0 to a specific GRU agent” is laughable on the face of it. But with the absolute shitshow that the investigation has been to-date I personally am way past caring, and way past beleiving anything at all to do with the Russia narrative.
So how much evidence would you need? 2 log entries? 3 log entries? A PGP signed, blockchain timestamped message from the russians that said "yep, we did it"? I'd bet if there were too much evidence, naysayers would say it can't be them because the russians can't be that incompetent.
> Senator Rand Paul has said that the Deep State exists. Is he a nut also?
Yes.
"He has cautioned in the past of a plan to create a North American Union with a single currency for the United States, Mexico and Canada, and a stealth United Nations campaign to confiscate civilian handguns. He has repeatedly referred to the “tyranny” of the federal government."
He's a strong libertarian which is, by definition, wackjob territory.
Don't forget the constant obstruction, the refusal to enact any policy that isn't good for Russia, and literally meeting with the Russians in Trump tower, lying about it, and then tweeting confirmation of it.
At this point, if you don't want to see to the myriad of evidence that the Trump campaign was either working with or willfully used by Russia its just because you don't want to see it.
Political? Meuller is a Republican, appointed by a Republican. Our country was attacked, maybe you should start acting like that's not just some "political" narrative, because it's still happening
If you think it's not absolutely a political narrative (and a shitshow) I really don't know what to say. I'm not sure what you mean by "it's still happening" but if you're talking about abusing social networks to spread discord, I mean, we're watching the implosion of Facebook in real-time, I'd say that the wheels are pretty certainly fucking turning. Where we end up, and if it's better than where we started, well...
The only thing I know is this -- no one is right, no one is good, no one is clean, and there's enough corruption on all sides of this to make anyone sick. You can pick whichever specific aspects of it support one side or another, but I personally think the things we do have hard evidence of point to;
1) An incredibly fucked up situation at the top of the FBI and Justice Department
2) A media which has largely lost the ability to separate reporting from editorial
3) A little trolling by Russian during the election to stir the pot
4) A very close election which was won by the "wrong" person, and a large percentage of Americans who are desperate to unseat him by any means possible
Can you explain why Trump keeps insisting on having private meetings with the Russians and Putin himself, often unreported in the Western press only to have that story broken by the Russian media?
And why he insists on breaking all protocols to do this, such as meeting without his own translator? For so many reasons this is a terrible idea.
Why would Trump meet with the Russian ambassador and tell him Comey is taken care of? And do this secretly? Why would Trump have an insult for every US ally and not a single bad word about Russia?
I challenge you right now to find me a single bad word Trump has said about Russia.
"Irresponsible." March 5-6, 2018. Trump's comment to Theresa May over Putin's boast regarding nuclear weapons.
Anywho...
I'm tryin' hard not to roll my eyes as I write this, but here goes -
Like everything Trump does, his discussions with Russia are all about Trump. He's probably not just looking at the here and now, but also at his post-Presidency. He is a businessman after all. (Hell, Trump tried landing property deals in Russia BEFORE he'd ever considered running, sooo...)
I'm unsure that Trump told any Russian that 'Comey is taken care of,' but then, I'm skeptical of many things and, in this case, I consider this rabbit hole a waste of time.
For future reference, you'll need more than you've proffered here to convince me (and others) Trump deserves the outrage others have spilled onto this thread considering -
* Had the election gone for Clinton, no one would be tearing after her for all the good turns she did Russia in the Uranium One deal (and this is all-on-the-record-and-verifiable stuff,) and
* Russia ain't the only country trying to influence American elections. China? Israel? Saudi Arabia? The UK? Please name me a major country that ISN'T trying to influence American politics. You really think Russia had more influence this past election than an Australian owning Fox or a Mexican owning the New York Times? That Russian hackery was more influential than non-citizens voting in California? Piffle.
Considering the context, there is no there there, dude/tte.
You also found the exception that proves the rule. I can't believe you would honestly think Trump is not deferential to Russia if you did try to look for a bad thing he has said any only found that one
The pattern is clear for anyone who wants to look.
The fact remains Trump is much harder on our allies -- all of them -- then Russia. The Trump admin has also been slow to enact sanctions passed by Congress, as is their constitution duty. There is no reasonable explanation behind these actions and actions speak louder than words.
Finally, foreign countries try to influence our politics, but usually not in concert with a candidate and certainly not supplying said candidate with hacked info on their opponents. As more comes out, that may actually be some of the less scandalous ways Russian assets worked with the Trump campaign.
Let's not forget Trump's campaign insisting the RNC change their platform at the party convention to be soft on Russia re: Ukraine.
You are free to have your opinions about this but the facts speak for themselves.
> Diana Denman, a Republican delegate who supported arming U.S. allies in Ukraine, has told people that Trump aide J.D. Gordon said at the Republican Convention in 2016 that Trump directed him to support weakening that position in the official platform.
> It's hard to have discussion with someone who will not acknowledge basic facts.
Let me acknowledge the article as 100% factual, and further let me concede that the New York Times (NYT) didn't leave any pertinent information (context) out or editorialize the meeting. Fair 'nuff for discussion? My next response is, 'So what?' He's free as anyone to talk as he likes to anyone he likes. Unless Congress passed a law saying otherwise... is Congress free these days to negate the First Amendment?
Let's parse your earlier statements regarding the Russian ambassador -
> Why would Trump meet with the Russian ambassador and tell him Comey is taken care of?
Where does Trump say specifically Comey is 'taken care of'? I see no such quote. I see NYT quoted him as saying 'I just fired the head of the F.B.I. He was crazy, a real nut job.... I faced great pressure because of Russia. That's taken off.... I'm not under investigation.' That's all of Trump's quotes in their entirety, the ones NYT thought fit to use.
As you have a hard time discussing things with people who won't accept basic facts, I have an equally hard time with people who spin so-called facts to mean there's only one plausible explanation. So to answer your question - Trump could have said what he's reported to have said because he genuinely hated Comey and was proud of getting rid of him. Or maybe he wanted to show off to the Russian officials and, like he often does, jokingly and in an off-handed way decided to state what he just did to show what a man he was. Who knows? Trump wouldn't be the first person happy to fire a guy.
Before I leave off this, take a look at what NYT itself wrote right after quoting Trump - 'The conversation... reinforces the NOTION that the president dismissed [Comey] primarily because of the bureau's investigation into possible collusion...' (Emphasis mine.) Notion. Not fact. Notion. Belief. Editorial. The fact is Trump dismissed Comey. The fact is Trump took no small amount of glee in it. The fact is, whatever Trump's feelings, as President he had every right to fire Comey. If he smiled when he told the Russians what he did, eh, again, so what? As far as I'm aware, that indicates Trump's a jerk, not that he's breaking a law or colluding with anyone.
Moving on -
> And do this secretly?
If the meeting was recorded and reported on, it's not much of a secret. Besides, I can give at least one good reason why he WOULD want to keep this meeting a secret - because there are folks who will interpret such a meeting in the worst. Possible. Light.
Ahem. Moving on -
> Why would Trump have an insult for every US ally and not a single bad word about Russia?
Mmm, as far as I know Trump's buddies with Benjamin Netanyahu, and Israel's a US ally. I don't recall any insults, but I don't pay much attention to newspapers these days, so there's a chance one's slipped past me. Nor do I recall insults to the prime minsters of Japan and South Korea. But, again, newspapers.
You did ask for a single bad word about Russia, yes? And I provided, yes? I can't help that you move the goal posts.
Then again, I am told I have trouble with basic facts.
> The fact is, whatever Trump's feelings, as President he had every right to fire Comey
No, he had the legal power to fire Comey. This is not in dispute (if it were, there would be a question of the validity of the firing, and whether Comey was, in fact, still lawfully the Director of the FBI.) It is also not a question of rights, but of powers vested in particular government officials under the law.
What is in question is whether that firing was an abuse of power (a misfeasance or malfeasance in office), as well as the overlapping question of whether Trump or others had previously committed other crimes (which the firing may have been intended to protect; note that had Trump wished to retroactively license such crimes, the power of the pardon would also be within his legal power, but that would still raise questions of abuse of power, and would be somewhat more overt in its purpose.)
In a certain sense everything is political. Every indictment makes a political statement about what sorts of crimes the government cares about and what sort of people will find themselves on the receiving end.
What makes these indictments more political than every other time the FBI prosecuted alleged spies?
"A source familiar with the government's investigation" is about as far from actual evidence as you can get. Especially in the past year, but certainly throughout the past half-century, "anonymous" government sources have been demonstrated to be completely wrong or intentionally lying to advance a political agenda.
Moreover, note the weasel wording. For all we know, "familiar with the government's investigation" just means "the guy who brings in the water bottles overheard some office gossip."
Oh for sure, but at least they are claiming something that passes the smell test technically. I read some of the BS reports that firms have put out, often they made their conclusion first (since they were paid on that basis) and connected the dots like /r/pizzagate to prove it.
Understood. I think the idea that it could be traced back to the GRU is highly likely, though I do have some trouble with the idea they were able to identify a specific agent based on the IP address - what, does Russia assign static IPs to each and every agent in the office? Of course, there could have been more legwork we're not told about, or this could be a case of parallel construction, but who knows.
I did want to point out the sourcing either way, though. It's really distressing to me the way anonymous sourcing has really taken off lately, and that most people appear to be entirely credulous despite the lessons we learned back during the Bush administration. It rarely even gets questioned, though even the past year in particular has served up frequent and egregious object lessons of why anonymous government sources cannot simply be taken at their word. The sad fact of the matter is that the vast majority of anonymous sources are not leaking information to edify the American people. They are leaking information because they have an agenda.
That doesn't mean that we can simply ignore them. Sometimes the information is false, sometimes critical context is left out, but sometimes it is true and extremely important. It means we have to consider what they say very carefully and why they might be saying it.
I’ve often wished for a reporter scorecard, showing how many times the reporter quoted unnamed sources that turned out to be garbage, and how severe those were.
Columbia Journalism Review publishes insightful articles on these and other problems.
With the modern need to push fast headlines for outrage clicks, I don’t see the standards rising anytime soon.
The only thing I've seen that even possibly makes sense is that it was the officer's home/personal IP, not work. Which might also explain the opsec slip up, but until I see something more credible than an anonymous source (which may happen soon from muller) or a better explanation, that statement is ringing some alarm bells for me. However, the article doesn't explicitly state GRU headquarters, just ties the officer to GRU headquarters and tries to imply the connection was directly from their HQ w/ weasel wording.
While pointing fingers at Russia or impeaching Trump may be the options that feel good at the moment, I hope this is an opportunity to make sure something like this never happens again.
This is a pipe dream and I'm not sure this is even possible, but I think the best outcome of this is to pass legislation to try and ensure that:
1. Political campaigns don't engage in the type of behaviour in the first place, and
2. Make communications more public in general - official campaigns of people running for public office must operate under the light of greater public scrutiny
Democracy is only possible if accurate information is available, and the biggest takeaway for me in the last elections was just how many secrets all political players have.
It all comes down to campaign finance. We need pblicly funded elections with absolutely no tolerance for private money, and a set equal amount for each major party candidate. Until Citizens United is overturned, and we get some kind of legislation like this, money will continue to dominate everything. And as long as that’s the case, there will always be unethical behavior because the incentives are too great.
It doesn't, it's just more whataboutism. It also ignores that one campaign was being assisted by a foreign power, the extent of which is still being investigated and not fully known.
The U.S. desperately needs campaign finance reform.
It also ignores that one campaign was being assisted by a foreign power
To the extent that this is true, campaign finance laws couldn't have stopped it. If anything, restricting the ability of Americans to express their opinions makes foreign propaganda even stronger.
>To the extent that this is true, campaign finance laws couldn't have stopped it
Again, the investigation is still underway and the full extent of the assistance is still unknown, meaning you can't assert that until the findings are released.
You can't assert that they were assisted by a foreign government until the investigation is over either... since the extent was unknown aka maybe not at all.
That is the first time I have heard this position, and I find it indefensible.
“You can't assert that kids died in this school shooting until the investigation is over, since the extent was unknown.”
It similarly does not work if parents are preparing the funerals.
The Office of the Director of National Intelligence released a report back in January 2017 decisively stating this:
> We assess Russian President Vladimir Putin ordered an influence campaign in 2016 aimed at the US
presidential election.
> Russia’s goals were to undermine public faith in the US democratic process, denigrate Secretary Clinton, and harm her electability and potential presidency.
> […] We [CIA, FBI, NSA] have high confidence in these judgments.
> We also assess Putin and the Russian Government aspired to help President-elect Trump’s election chances when possible by discrediting Secretary Clinton and publicly contrasting her
unfavorably to him. All three agencies agree with this judgment.
That the two major candidates raised so much money means that other candidates barely even get a look in. Arguably a different facet of the same problem / part of a much broader problem that the two major parties are so entrenched.
There was far more money spent by third parties e.g. PACs, NRA, Special Interests etc and so without including those this statement isn't a true reflection of the campaign.
Sanders outspent Clinton but Clinton (like Trump) was a well known and established public figure reaping in huge benefits from free media coverage.
You need to think about these things in nuance rather than just looking at hard numbers.
People say Sanders got crushed by Clinton, ignoring the media blackout on his campaign for the first half of the primary and the fact that he started in the low single digits for name ID and ended with 45% of the votes.
Sanders outspent Clinton but Clinton (like Trump) was a well known and established public figure reaping in huge benefits from free media coverage.
Yes, that's part of my point. Suppose you overcome the many Constitutional and logistical problems and pass campaign finance laws that limit candidates to spending a fixed amount of money and prohibit third party spending. This would give an even bigger advantage to candidates who are already well known, political insiders, and those the media chooses to give attention to.
People say Sanders got crushed by Clinton, ignoring the media blackout on his campaign for the first half of the primary and the fact that he started in the low single digits for name ID and ended with 45% of the votes.
And the DNC blatantly putting their thumb on the scale. Sanders did as well as he did largely because ordinary people were able to contribute to his campaign and help get his message out.
This does not support the argument that money does not matter in politics. It clearly does. It is not everything, but it is something and something huge.
Money is a proxy to power. Power can be expressed in different ways, such as influence as seen by both Clinton and Trump.
How does this refute that money from any source can influence elections? We need campaign finance reform now.
GP does not appear to be disputing the claim that money matters in politics, (s)he appears to be disputing the insistence that this is a bad thing which must be removed.
Currently the only leverage that someone from outside the government class has is money, and reform that takes all of that power from the citizenry and puts it in the hands of the government is downright scary.
"Citizens United is overturned, and we get some kind of legislation like this..."
My own opinion is that asking politicians who take "Big Money" to pass legislation to put a stop to that is unrealistic. It will never, ever, happen.
What is realistic is to personally pledge and publicly announce that you will stop voting for any politician who takes or uses Big Money and urge others to do the same.
When you get enough representatives elected who don't take that Big Money, and defeat enough who do, passing that legislation will be possible. But not before then.
This is happening right now. People are beginning to do this. We all need to do this.
> a set equal amount for each major party candidate
So the government gets to decide which political parties can run candidates? That sounds a little too much like certain 'democratic' dictatorships. I don't think we want to (or can) put that much power in the hands of the government.
I would be happy with laws clearly requiring a presidential candidate to disclose their full income taxes for the past 5 years, and also required them to put their assets into a blind trust / index fund when inaugurated into office. We should not have to question the president's basic motivations or allegiances.
Stronger anti-nepotism laws, restraints on the ability to pardon, and ending the electoral college also all seem helpful and would have bipartisan support.
Ending the electoral college would have nearly zero bipartisan support. Democrats have a popular vote advantage, and the demographics + immigration picture of the US guarantee that will remain for a generation at least (as far as one can reasonable project into the future anyway). The Republicans are fully aware of that problem, they'd never support ending the electoral college. Republicans broadly also do not believe in what would be closer to direct democracy.
If ending the electoral college had any meaningful bipartisan support, it would already be dead as a system, as changing that is overwhelmingly supported by Democrats.
Public support for abolishing the electoral college also drops with higher educational attainment. It’s reasonable to assume as the issue is debated publicly overall support would drop as more become informed.
In 1969, The U.S. House of Representatives voted for a national popular vote by a 338–70 margin.
Recent and past presidential candidates who supported direct election of the President in the form of a constitutional amendment, before the National Popular Vote bill was introduced: George H.W. Bush (R-TX-1969), Bob Dole (R-KS-1969), Gerald Ford (R-MI-1969), Richard Nixon (R-CA-1969), Michael Dukakis (D-MA), Jimmy Carter (D-GA-1977), and Hillary Clinton (D-NY-2001).
Recent and past presidential candidates with a public record of support, before November 2016, for the National Popular Vote bill that would guarantee the majority of Electoral College votes and the presidency to the candidate with the most national popular votes: Bob Barr (Libertarian- GA), U.S. House Speaker Newt Gingrich (R–GA), Congressman Tom Tancredo (R-CO), and Senator Fred Thompson (R–TN), Senator and Vice President Al Gore (D-TN), Ralph Nader, Governor Martin O’Malley (D-MD), Jill Stein (Green), Senator Birch Bayh (D-IN), Senator and Governor Lincoln Chafee (R-I-D, -RI), Governor and former Democratic National Committee Chair Howard Dean (D–VT), Congressmen John Anderson (R, I –ILL).
And in 2013 a Democrat led Senate failed to pass an assault weapons ban. Times and opinions change, and expecting any politician to always vote the same way twice is folly.
Is the list of those who oppose shorter? Back then the Senate killed it, and I doubt they wouldn’t do so again. Given the population growth of coastal cities it would be a hard sell for a state like South Dakota to ratify.
Each party would adjust their platform as a result, so there is fundamental advantage to either that I see. It would certainly save a lot of time spent campaigning in the middle battleground states, and result in a lot more pork barrel projects in cities.
The National Popular Vote bill in 2017 passed the New Mexico Senate and Oregon House. It was approved in 2016 by a unanimous bipartisan House committee vote in both Georgia (16 electoral votes) and Missouri (10). Since 2006, the bill has passed 35 state legislative chambers in 23 rural, small, medium, large, Democratic, Republican and purple states with 261 electoral votes, including one house in Arizona (11), Arkansas (6), Maine (4), Michigan (16), Nevada (6), North Carolina (15), and Oklahoma (7), and both houses in Colorado (9) and New Mexico (5). The bill has been enacted by 11 small, medium, and large jurisdictions with 165 electoral votes – 61% of the way to guaranteeing the majority of Electoral College votes and the presidency to the candidate with the most national popular votes.
It changes state winner-take-all laws (not mentioned in the U.S. Constitution, but later enacted by 48 states), without changing anything in the Constitution, using the built-in method that the Constitution provides for states to make changes.
In Gallup polls since they started asking in 1944 until this election, only about 20% of the public has supported the current system of awarding all of a state's electoral votes to the presidential candidate who receives the most votes in each separate state (not mentioned in the U.S. Constitution, but later enacted by 48 states) (with about 70% opposed and about 10% undecided).
Support for a national popular vote for President has been strong among Republicans, Democrats, and Independent voters, as well as every demographic group in every state surveyed. In the 41 red, blue, and purple states surveyed, overall support has been in the 67-81% range - in rural states, in small states, in Southern and border states, in big states, and in other states polled.
Most Americans don't ultimately care whether their presidential candidate wins or loses in their state or district. Voters want to know, that no matter where they live, even if they were on the losing side, their vote actually was equally counted and mattered to their candidate. Most Americans think it is wrong that the candidate with the most popular votes can lose. We don't allow this in any other election in our representative republic.
The National Popular Vote bill in 2017 passed the New Mexico Senate and Oregon House.
It was approved in 2016 by a unanimous bipartisan House committee vote in both Georgia (16 electoral votes) and Missouri (10).
Since 2006, the bill has passed 35 state legislative chambers in 23 rural, small, medium, large, Democratic, Republican and purple states with 261 electoral votes, including one house in Arizona (11), Arkansas (6), Maine (4), Michigan (16), Nevada (6), North Carolina (15), and Oklahoma (7), and both houses in Colorado (9) and New Mexico (5).
The bill has been enacted by 11 small, medium, and large jurisdictions with 165 electoral votes – 61% of the way to guaranteeing the majority of Electoral College votes and the presidency to the candidate with the most national popular votes.
It changes state winner-take-all laws (not mentioned in the U.S. Constitution, but later enacted by 48 states), without changing anything in the Constitution, using the built-in method that the Constitution provides for states to make changes.
What relevance does this have to political campaigns?
You seem to be implying it's a foregone conclusion that the Trump campaign colluded with the Russian government to do this, but that certainly hasn't been proven.
At best, this reveals a clearer link in the DNC emails being hacked from Russia. These were then sent to Wikileaks. If they came from Russia, then it was likely to influence our election, and it likely benefited Trump. But that (in no way) implies any behavior on the part of the Trump campaign. You're making a big leap here.
There need to be clear consequences, to serve as a deterrent. Having a functioning democracy is a core interest of the United States, so the consequences should be severe.
Or in other words, instead of trying to prevent leaks, we should encourage as many leaks as possible, so as to provide transparency on political campaigns.
I don't think it's necessarily a pipe dream but I don't it's just a case of changing some laws I think it would require a culture change to. To me politics still seem really representative of the people, politicians can only prosper if there's an environment for them to.
The reason may actually be that Russia always wanted to be caught. They never thought Trump would win–the prize they were aiming for was general distrust of the election's integrity.
It's very similar to Russia's choice to poison Litvienko with Polonium–an unnatural radioactive element that can easily be traced back to the reactor where it originated. And, similarly, the very recent chemical weapons attack in the UK, using a nerve agent only ever produced by Russia.
In fairness, the UK came close to not detecting the Polonium (it was just luck they had the right someone on the team) and they weren't sure Russia could have known the UK was actually capable of detecting it.
They CHOSE to release embarrassing and damaging information right before a major election, in case they lost, so they would have an excuse if it happened?
And the DNC is so competent at information security that they were able to deceive 17 (or whatever the number is) government agencies and several independent researchers?
WL announces it's going to publish DNC emails. This alerts DNC to leak/hack. DNC decides to get in front of it by playing the whole thing as a Russian op, especially potent as Trump is campaigning on softening stance with Russia. Notice that the first thing G2.0 leaked from the DNC was oppo on Trump.
By the time Wikileaks publishes (without all these Russian fingerprints), "Guccifer" has already carried out the misdirection.
Whole op could be a gambit by the DNC to set the discourse before the content of the emails gets picked up.
Konstantin Kozlovsky, a Russian citizen working for a hacker group called Lurk, confessed to hacking Clinton’s emails during a hearing about his arrest in August. An audio recording and minutes from the hearing were posted on Kozlovsky’s Facebook page, and their authenticity was reportedly confirmed by The Bell.
---
He allegedly worked with someone from FSB:
---
Kozlovsky identified his FSB handler as Dmitry Dokuchaev, a cybersecurity expert who worked as a hacker before joining the FSB.
Dokuchaev, who used the moniker “Forb,” has been linked to a group of hackers called Shaltai Boltai, or Humpty Dumpty,
---
Perhaps the DNC was hacked by both? It was a pretty large target and multiple state actors gave it a try.
That headline is terrible. The DNC emails were not "Clinton's". The emails we have from Hillary Clinton were not hacked, they were released by Congress or in response to FOIA requests. There were two separate hacks of the DNC (leaked in July 2016) and John Podesta's email (leaked in October 2016), but those are unrelated.
The book Russian Roulette says that data was stolen from the DNC by two groups of Russian hackers, who seemed to be acting separately. It says that one group was linked to Russian military intelligence (presumably the GRU) and the other was suspected of being linked to Russian intelligence, 'most likely the SVR'.
My VPN sometimes just goes down. There's a little icon in the tray that turns from green to red. I could set my system to not allow internet access without the VPN but that mucks about with the boot process and I'm not running spycraft.
I'm sure GRU possesses the technical chops to put in place safeguards to guarantee against ever connecting other than through the VPN. They should do that and then hire Kaspersky to come over and audit their setup.
What I do is that I have a firewall always set up so that all connections are blocked, except connections to the one VPN IP entry point that I'm using. When VPN connection goes down, my internet goes down.
Coincidentally, this also solves the problem of DNS leaks.
Since this is "Hacker News" I would like to ask an honest question: Which is more likely of the two?
1. The hacker mistakenly sign in from Russia once.
2. The hacker intentionally sign in from Russia once.
I really have no bias towards all this issue and don't really care, but I do care about media making interpretations that mislead the public, which is why I draw this question.
One widely used hacking technique is to intentionally leave a trail that leads investigators down the wrong track, not just for hacking but for all crimes.
I'm just having hard time understanding how people are taking for granted that a competent hacker is more likely to leave a trail by mistake instead of leaving one intentionally, because in most cases it's the latter.
If we knew that, then we would know a lot more of the hidden variables of the current geopolitical state of play.
Was the DNC hacking done for its own benefits to the hackers, or was it done as a move in a larger strategic game of indirection and manipulation? A false flag attack? A timebomb reveal set to sow chaos in the US political system after the fact?
Was it the latter, but still goofed by good old human fallibility?
Unwritten Cold War rules pretty much said you don't pursue the opposing officers unless you catch them on your turf.
It's obvious that the troll factory people and Guccifer 2.0 were acting on behalf of Russia with the direct approval from Putin. Why bother indicting individuals?
Unwritten cold war rules have gone out of the window.
Russian agents used isotopes and nerve gas in GCHQ’s backyard. The sitting US President might have received their help to win the election. Russia just made the only major territory annexation by a superpower since WWII (iirc).
Obviously we didn’t start the fire, as Billy Joel would say, but we certainly live in interesting times.
> Unwritten cold war rules have gone out of the window.
Exactly. I think the US Govt failed to appreciate that Putin has been waging Cold War 2.0 for some time now. The scary thing is that he is clearly not playing by the old rules and is willing to push far beyond old boundaries.
The fact that he would so brazenly use a nerve agent in an assassination means we're well and truly in uncharted territory.
> Exactly. I think the US Govt failed to appreciate that Putin has been waging Cold War 2.0 for some time now.
So has the US. Encroaching NATO in Russia's sphere of influence after the US had agreed they wouldn't. Bush at some point just went "actually, we're not going to honour our word any more."
He clearly wanted the West to know who was behind the nerve gas poisonings, just as he wanted US investigators to know that Russia was behind the DNC hacks. Come on, an agent forgets to turn on his VPN, nice one. Russian soldiers without insignia in Crimea - they clearly did not get their gear from the army surplus store. "Russia is not just relevant, but a big player and a worthy opponent" - this is the message being sent.
Putin often does want the world to know Russia was behind some aggressive action while simultaneously denying it in order to avoid repercussions. In the last decade or two it has been their MO.
At the same time, sloppiness has come into play on multiple occasions. They want to project an image of strength but there is a vein of ineptness running through their military and sometimes their intelligence ops. This is why the West needs to slap Putin down rather than appease his aggression. He is a puffed up bully who is trying to push the envelope beyond what he is capable of backing up.
I don't see that. The raid on Osama was pretty inept too, as it was arming and training any random anti-Iranian person in the region and ending up with IS/Daesh.
It's just that direct action is inevitably brazen and unsubtle, and will often have unpredictable repercussions. You give state-of-the-art anti-aircraft weaponry to Ukrainian biker gangs and they shoot down a civilian plane; you support anti-Ghaddafi groups and they end up burning down your own embassy. You just cannot predict which way the grass will bend under your feet. Any direct action will have its fair share of fumbles, it's just that the world is now so well-connected that they will be ruthlessly exposed pretty much all the time.
Personally, I wouldn't underestimate Putin - like all fascist regimes, his rule has likely cultivated a cohort of inept yes-men, but he's also reinvigorated what was a tremendously dangerous military apparatus that is still capable of triggering a nuclear holocaust. I think our approach should be a bit subtler than "slapping down a bully".
Of course its not the official stance and they'd never admit it. They're just hints left in plain sight to point at Russia.
Putin's tactics used in Crimea are quite the same ones used by Stalin's Russia after WW2 in Eastern Europe. You can find all of them in decassified CIA reports. The only difference is the lack of insignia on troops, clearly designed to support the claim that the forces that siezed Crimea were rebels as opposed to Russian military.
I disagree, Putin doesn't need to be slapped down, for this is too risky and could trigger a war. Nato (US) presence in Eastern (Romania) and Northern Europe (Poland, Eastonia, Letonia, Latvia), military and economic cooperation with these states is sufficient to deter his bulying ambitions. Hungary and Bulgaria have been ruled out for being too cosy with Russia.
We interfere all the time in foreign elections, and so many countries tried to influence ours I don’t see anything innately wrong with it. Other than possibly the fact they played a little dirty. So did the DNC (per emails), the RNC (because why would they be better?), and many political groups.
Unless Trump made a deal with them to do so, this looks like business as usual to me.
Your comment doesn't pass a basic test of moral decency, which is that there is no reason to point fingers. Actions should be judged based on their own merits, not what others are doing. That is just deflection.
I doubt you meant it that way, but that is how it came across.
And of course it is a very big deal and not at all palatable to interfere with the internal politics of another country to destabilize it, regardless of how often it has been done, the roles of its internal members, or their cooperation with you.
It’s a connected world, and the US being one of the centers means that nearly every country has a stake in the outcome. I don’t think it’s wrong of them to use their influence, as we do. It bothers me, but then I think of what we should do if Turkey ever came up with a free election. In my opinion that would be doing everything we can to influence, the slide to dictatorship and oppression is more unpalatable to me.
To me there is a very clear moral line (and practically results vary from intentions): If your primary motivation is not to improve the life of those within a country, you must keep out of their politics. Much like I should not interfere in my neighbor's family life if my goal is to harm rather than heal. I see no goal from recent interference other than to destabilize, which is morally akin to a preemptive military strike.
Edit: I also don't think just any improvement would morally justify interference in another country's sovereignty. There must be a significant evil that must be overcome so that the interference becomes the lesser evil - a hard test to pass.
> If your primary motivation is not to improve the life of those within a country, you must keep out of their politics.
I don't think this is a clear moral line in international politics.
If your primary motivation is to improve the life of those within your own country, it can be justifiable to get involved in another country's politics. And that's what is done. Ostensibly to prevent war, enhance regional stability, etc.
Even just looking from Russia's perspective. If the world's leading country is so weak that a few phishing attacks can swing the election away from a less favorable candidate, is it really morally wrong to do that to benefit your people?
There is a big difference between interfering, which is covertly affecting the outcome, and influencing via direct diplomacy or perhaps even clearly identified advertisements etc. I was referring to the first and not the second, and could have been clearer on that.
There is no such thing as "a little phishing" in another election. It is the equivalent of calling something a little hand gesture without mentioning you shoved your hand into someone's vagina first.
The autarky of self-governance is sacred, and should be respected as such. The modern world has completely lost its moral compass on these issues, and I have previously denounced harder lines by the EU and the US interfering in smaller countries elections / forcing laws down their throats (Eastern European and Balkan) countries). But as I alluded to in the beginning of this thread: Just because everyone's doing something does not make it right.
I think I see where you're coming from--I just think it's a little oversimplifying.
Hillary Clinton was openly calling for a "no fly zone" in an area where Russian planes were flying. A "no fly zone" is a public declaration that you will shoot down planes that you don't think should be there. That could have started WW3, which is not in Russians' interests.
But that's a bit of a stretch. Suppose she had openly advocated for war with Russia. Would it still be immoral for Russia to deceptively access and share with Wikileaks e-mails from her campaign and party to shift support away from her?
Or are there truly no circumstances where one can morally interfere with another country's election?
It's basically an act of war, you are destroying their self-governance. So when war is moral (ie in defense of self or others against violent oppression / other autonomy destroying acts), there is a case to be made. But then you still need to justify your specific means - which is a direct attack on the Civilians of the country by taking away their apparent liberty without telling them that is the case. Obviously that view entails understanding lies as taking away others' liberty by denial of truth on which to base their decisions.
The decision would be easier (but not easy) to make if their own government was deceiving them grossly, in which case your interference could bring more truth than it obscured. Any moral choice remains predicated on the lack of availability of better, more direct and honest methods. And of course these are practical decisions with all the obscurity and uncertainty they entail.
Between the characteristic of an attack on civilians and the potential of actually bringing in more truth than is obscured if their own government is sowing lies, I first pointed to helping the citizens of the country as the only moral option. Without making a decision (I would have to think about it further), there might be drastic circumstances where there was no other viable course of action - but again within the context of acts of war and significant collateral damage.
I feel there's something rather ironic about countering "the slide to dictatorship and oppression" by using state power to interfere in foreign elections, particularly if it used covert or underhanded means rather than openly setting out the country's position.
My personal way around this is that a democracy using state power to interfere in a dictatorship, with the goal of bringing democratic reforms, is net better for humanity than doing nothing to oppose them. State power includes sanctions, embargoes, tariffs, and the promise of lifting those measures for the preferred candidate/party.
I do suspect we only disagree on the degree of influence.
> I do suspect we only disagree on the degree of influence.
You are quite possibly correct. Much of "sanctions, embargoes, tariffs, and the promise of lifting those measures for the preferred candidate/party" would fall under what I meant by "openly setting out the country's position", and is qualitatively different from the (alleged) Russian interference and how the US (and others) have historically influenced elections.
I think much of the difference comes down to attributability (giving the country/government's opinion and how they will deal with any particular winner is fine; making claims that appear to come from other/in-country sources, or misleading the population of that country is not) and whether you are directly taking actions within the country/working with a particular political party (what is a small amount of money to the US could very easily skew the election massively in some countries, and lead to the US de facto deciding the result).
Agree, though a lot of those threats and promises made privately.
I also assume CIA / NSA sourced intel on politicians (criminal and otherwise) is routinely leaked when in our interest to local sources through embassies and whatnot. Do you agree with that type of interference?
I think it's very difficult to draw a firm line, as it's going to be so context-dependent (how in the information is gathered, the nature of the information, how it is released), but generally I'd say no. If it's just something private, you are damaging the electoral chances over something that is quite probably irrelevant. If it's something illegal, it should be _publicly_ exposed -- leaking through local sources runs the risk that it be used for bribery/manipulation, or to gain an advantage without revealing the criminal activity.
Further, I'd also say the CIA/NSA monitoring of potential politicians is concerning in itself -- there is the potential that they will allow the election to go ahead normally, but then use that information for manipulation after the fact once they are in a position of power (of course this buts up against the more legitimate spying against foreign governments, but there they would expect some monitoring/scrutiny and be trained in OPSEC so irrelevant but blackmailable information is less likely to come up -- like I said, it's very hard to draw an actual line of what is legitimate activity and what is meddling in another country's internal affairs)
I'd also said it grants disproportionate power to the US, as they have the greatest ability (not necessarily strictly greatest, but few other countries would come close) to find such information (through networks of people/global surveillance access and just raw resources).
> We interfere all the time in foreign elections, and so many countries tried to influence ours I don’t see anything innately wrong with it.
There's a big difference between 'influencing' an election and committing a concerted campaign of espionage, propaganda, disinformation, hacking, and potentially extortion in an effort to subvert the the government of another nation. The scope and aggressiveness of Russia's actions are quite a different animal than normal statecraft.
The fact that several members of the Trump campaign have been indicted and made plea deals indicates that there is a lot of criminal activity there to unpack. Most definitely not business as usual.
> The fact that several members of the Trump campaign have been indicted and made plea deals indicates that there is a lot of criminal activity there to unpack. Most definitely not business as usual.
It was most definitely business as usual. DC is dirty at every corner and most administrations are overflowing with it, including the Bill Clinton and George W. Bush administrations. Obama's was cleaner than both of those, based on what we know so far.
You also need to look at what those Trump campaign members were indicted for: absolutely nothing to do with colluding with Russia to rig the election. They got them on rather routine political corruption charges, which you can probably get half of DC for given the way it operates, if you look. It's the Xi premise of cleaning up China's corruption: they're all doing it, you can get any of them if you want to investigate closely enough.
> They got them on rather routine political corruption charges, which you can probably get half of DC for
This is false.
How many members of Clinton and Bush's campaign staff or senior national security staff were ever accused of collusion with or corruption involving hostile/iffy foreign governments? Because there's nothing comparable to NSA Flynn plotting to execute an extraordinary rendition on US soil on behalf of a foreign power (Turkey), or campaign manager Manafort indicted for financial crimes involving hiding money received from a foreign government under active sanctions, or deputy campaign manager pleading guilty to similar charges.
> absolutely nothing to do with colluding with Russia to rig the election
Reminder: Paul Manafort was indicated for being a paid agent of and conspiring with the Russian government and 13 Russian nationals have been indicted for interfering with the 2016 elections.
The closest you get to this is Iran-Contra in 1987 and the rumored 1980 "October Surprise", where George HW Bush -- allegedly -- negotiated with Iran to delay releasing American hostages until after Reagan defeated Carter. (They were released on Inauguration day 1981.) However, I would argue that nothing in modern US history comes close to this. No American president has been credibly accused or even remotely tied to foreign government attempts to manipulate the US electorate the way the Trump campaign and White House have been.
Sure, the United States has a lot of blood on it's hands in Latin America.
Doesn't change the fact that it is very much not business as usual for Russia to attempt to subvert the US Govt like this. They've crossed several lines in the sand, which is why expulsions, Interpol warrants, and sanctions have been levied against Russia and individuals involved.
One can make the argument that this is just Cold War stuff again, but the tactics being employed are in several ways a step above the old Cold War in aggressiveness.
and Iran.. Maybe Egypt? Turkey of course claims there too (though I don't believe it).
To me this and the trade war with China suggest that the US is losing it's status as pre-eminent super power. The crown is slipping and the vultures circle.
I don't have any issue with Russia engaging in this sort of behavior; Vladimir Putin isn't a moral leader, but he's just pursuing his own interests as rules of russia. I have a big issue with the various Americans who have accepted or solicited his assistance.
Well given what we know now about Cambridge Analytica and Trump Jr's contacts with Assange, it's pretty obvious that there was a deal. At the very first, a deliberate refusal to report to US intel that the Russians were in contact.
the thing is that this all rather makes the DNC emails rather suspect, we don't know which bits were original and which bits were doctored along the way, it's no longer a lone wolf who just hacked them and then released them.
I'm sure they're 95% genuine, we just don't know which 95% all we have is some KGB guy's word on it
You’re right, the emails are real but if you think equally embarrassing emails didn’t exist on RNC email servers you’re naive. That primary was incredibly ugly.
Given access to almost anyone’s email, it’s not a difficult task to selectively pick out emails to paint an unflattering picture.
I said so above, but I’m sure the Republicans are no less corrupt than the Democrats are. I think it’s a mistake to think either party is more moral or less corrupt than the other, they adapt to each other.
exactly - we can't prove they were doctored, or not - but my point is that the "lone wolf hacker doing us a public service" story just went out the window, instead we have an "evil Russian spy hacking Americans" - all the motives that people assumed are different - without inside knowledge there's no way we can know what's true or not, so essentially the emails are proof of nothing
Until someone comes forward and makes a counter claim, then it should be presumed true in entirety.
If you are a political party, I am not going to give you the benfit of the doubt. If you POINT to something and say "specifically this email is untrue", then I'll believe you.
But if you stay silent, then I am just going to assume that you believe everything is true.
Innocent until proven guilty is for the court system.
Political parties do not get that benefit from me. All they have to do is counter claim (about a SPECIFIC, point of fact, email, ect) , and I'll listen to them.
I don't see why, the charge is after all that the emails are true - as you say "innocent until proven guilty", and that applies to people, who have rights, not inanimate things like emails that don't. Without proof either way you can't assume anything here is true or false.
If you think that American politicians are more corrupt than Russian spies then you probably too biased to rationally discuss the issue anyway.
We know for a fact many of the emails are true, and there are no claims that specific ones are false as far as I remember. Reasonable to conclude that the batch was accurate until claims from the senders and recipients otherwise.
Podesta had the same argument about tampering IIRC.
Ask yourself if you would be questioning RNC leaks by a foreign power the same way. I would.
Yes, I would say the same for the democratic party. But in order for me to believe them, they have to ACTUALLY make a claim. They have to say "This email right here is false". If they do not say that, then I will assume that they believe all of them to be true.
And no, vague insinuations of "It could have been doctored!" do not count as a claim. I will believe them if they point to a specific email or fact that they believe to be untrue. But so far they have made so such claims, so there is nothing for me to believe them on.
It’s amusing to watch that as the walls close in, you guys are gradually changing your story from “There was no collusion!” to “There was collusion... but it’s no big deal”. Should I expect you’ll be fully switched over, with no acknowledgement a shift ever occurred, by the time Muller hands out indictments?
When Federal law enforcement takes down criminal enterprises they don't reveal the evidence they have until they're ready to take down the head(s) of the organization. The proof will come then.
Right now they're just rolling up the smaller players so they can build a case against the bigger fish. All those plea deals being cut are not because Mueller has a weak hand.
Have any of those charges included allegations of Russian collusion by Americans? All I remember is financial crimes and false statement charges (that were mostly benign or accidental when I looked).
Has he made any statement or indication he’s close to something significant yet? Any special counsel looking for crimes in DC is going to find plenty, but I don’t see where Trump is implicated in any of these. The leaks from the FBI have been so voluminous and the Democrat incentive to leak them I doubt they are keeping secret evidence under wraps at this point.
> Have any of those charges included allegations of Russian collusion by Americans?
Yes, the very first charge made public, the charge against, and guilty plea and statement of the offense by George Papadopolous are specifically about lying to investigators about his collusion and attempted collusion with Russians connected with, and whom he believed to be connected with, the Russian government, on behalf of the Trump campaign and with ongoing coordination with higher campaign officials.
> Have any of those charges included allegations of Russian collusion by Americans?
Nope, but I wouldn't expect that because "collusion" isn't a crime on the books.
> Any special counsel looking for crimes in DC is going to find plenty
Ken Starr spent a lot of time looking for real estate investment crimes and only turned up with an extramarital affair.
> The leaks from the FBI have been so voluminous and the Democrat incentive to leak them I doubt they are keeping secret evidence under wraps at this point.
There have been zero leaks from the SP, which is distinct from the FBI. No one, not Congress, not the President, not the FBI knows what he has.
The scope Mueller has is far broader than Ken Starr ever had, he seems to be looking for any crimes by anyone connected to Russia or Trump. Thus the tax evasion and very rare false statement charges.
Mueller isn’t leaking, but those around him certainly are given how much info is coming out about his intentions, indictments, and activities.
My guess is he’ll try to keep digging until he can find something, however minor or unrelated, on Trump. He’ll be looked at as a failure by so many if he doesn’t, so I get the pressure he’s under.
Now if I’m wrong, and he has secret evidence that comes to light and ends Trump, I’ll be his biggest fan. Pence is a bit scary, but like 0% chance of Republicans winning in 2020 if that happens. Seems pretty unlikely at this point though.
> The scope Mueller has is far broader than Ken Starr ever had,
A SC investigation follows evidence, and uncovers wrongdoing in the process. Sure, Mueller has a broad scope, but I doubt the events that lead to a stained dress was anywhere near the original purview of Ken Starr.
> Mueller isn’t leaking, but those around him certainly are given how much info is coming out about his intentions, indictments, and activities.
Anyone who has anything to say about Mueller's intentions, indictments, and activities is offering their own opinion. Anyone who has spoken with Mueller is free to give their account of the meeting, but that's not exactly a "leak". Mueller's team is air tight. How many knew that Papadopalous was cooperating with the SC months before his indictment dropped (which was also a surprise). How many knew Flynn would be indicted? Sure we knew he was on the radar, but that was a surprise as well. How many forecast the indictment of 13 Russian nationals?
> My guess is he’ll try to keep digging until he can find something, however minor or unrelated, on Trump.
My guess? We'll see Trump personally up for obstruction of justice, money laundering, and conspiracy against the United States.
I honestly cannot believe people like you can follow these events and end up with these conclusions.
Mueller is not playing. Have you seen the man's bio? You think this is a game? Like he is one to bend to political pressure? From who and to what end?
Every indication points to this investigation gaining more steam as it moves along. There is no indication of any slow down. Mueller is wasting a lot of people's time for what?
What could possibly be his motivation outside of some "deep state" conspiracy that is being peddled?
What do you think is more likely judging by the WH and Trump's behaviour, though?
Sure we don't have proof right now as it would be Top Secret if it exists, but I'm sure we will find out in due time.
I will reserve my final judgement until the special counsel investigation is completed, but it certainly seems to point towards collusion to me, or Trump has something just as big to hide (RICO).
I honestly think it’s unlikely any collusion happened, but if proof comes out impeachment is the answer. This investigation reminds me of Whitewater, Travelgate and other political theatre Bill dealt with. The Stormy story is a watered down Lewinsky.
With that ballot we were going to get 4-8 years of this garbage news pandering either way. Obama was an outlier, far cleaner than average.
Or am I misinterpreting you? Is there something verifiable that I'm overlooking? Why the particular hostility to Russia? China is a far worse country in most any respect, yet no one bats an eye. I wonder if skin color has anything to do with it.
It's not anything new.
KGB did poison attacks in London (Georgi Markov). CIA tried to kill Castro. KGB sponsored PLO. CIA sponsored Afghani rebels. CIA toppled Salvador Aliende.
How exactly is Trump story or Skripal poisining new? Why do they suddenly shy away from country vs country action (i.e. sanctions) into indicting low-level operatives?
No US governance agency looked at the servers. Only a paid contractor. uS government would need evidence right? The DNC didn't want the government snooping around. So they paid crowdstrike. Why wouldn't they take the free assistance from the US government? The US government angencies have a lot more resources than say crowdstrike...
It was as much on US turf as Hanssen when he received money and dead-dropped secrets. Neither the hackers or Hanssen's handlers were not caught on US turf.
The rules on engagement and action has changed in this digital age. Now you can do more damage from far far way. No need for an army but only armed with hand full people, few computers and the dumb-asses to exploit.
It seems very likely at least some commenters are paid trolls. If you were running a $1m disinformation campaign for either side, wouldn't you put assign a few sock puppets to hacker news?
It's nice to finally have some evidence in this story, but it's good to keep in mind that there is also evidence it's an internal leak. (1) Wikileaks stated their source wasn't Russia and (2) The timestamps on the leak point to a local copy over USB2:
Interesting story. What is The Daily Beast's batting average? How often do they make contact with the Truth? Looking at their website, I learned that Joe Biden could beat up Trump because he took on a gangster name "Corn Pop" back in the day. Pretty damning stuff.
If GRU agents use only a single hop to ambiguate their connections when attacking their mightiest foreign opponent then we don't have much to fear from these guys.
And today Trump ejects his sane national security advisor, H.R. McMaster, in favor of the hawk who was one of the four architects of the Iraq war, John Bolton.
John Bolton penned the WSJ article The Legal Case for Striking North Korea First published Feb 28 2018.
The "Russiagate narriative" is a distraction from the reality that the DNC leadership rigged the 2016 primary in favor of Chelsea Clinton's mother, and also from the very real possibility that the emails were leaked from the inside. Russiaphobia also helps in numerous ways the foriegn policy that Chelsea Clinton's mother campaigned on, which may very well have led the US into a war with Russia. Hillary wanted to put a no-fly zone over Russia's sole operational naval base in Tarus, Syria. Can you imagine how the US military would respond of the Russians tried to do the same? Deliberate conflict in the region was her plan ever since she, by her own admission, proudly destabilized the Lybian regime so that weapons could be pumped through it into Syria. "Russiagate" helps her and those who would have profited from this scheme.
Nobody aside from Trump cares about Hillary any more. She lost. Nobody would act in a conspiracy to cover the "rigging" of the DNC primary when they could be supoened by the republican Mueller.
You are a Trumpkin delibrately posting nonsense. Misdirection and Lies.
You turned a joke about 'secret society' into a conspiracy. Trump supporters made up lies about Pizzagate and Seth Rich murder to spread more bullshit.
It is a credible report. Attacking random board members doesn't do shit.
If Mueller indicts someone you right wing hacks will attack Mueller and claim he is partisan democrat.
When Comey letter harmed Clinton you claimed Comey was a non-partisan and good but when he started harming Trump you started claiming he was a Democrat.
Comey, McCabe and Mueller all of them are Republicans and were appointed by republicans.
>Unless the DNC's cybersecurity was run by literal children, the kind of sophistication needed to pull off that hack would not be by the caliber of person who would allow themselves to be traced back in the basic way this story claims.
What the fuck does this mean? Hacking is still a crime.
Spencer Ackerman is a stellar reporter with over 15 years experience writing for TNR, Wired, and The Guardian. He's gotten a huge of scoops on the national security beat throughout the years and none of his reporting has ever been called into question.
> none of his reporting has ever been called into question
In 2013, Ackerman was forced to take down one of his Wired stories on what he claimed was a "North Korean propaganda video", after it was revealed the film was a satire video by British travel writer Alun Hill.[16]
It is plausible that Daily Beast has the story because Chelsea Clinton is a board member of the controlling company. She and her family have a profit motive for pushing Russia-phobic conspiracy theories.
From the article: "according to a source familiar with the government’s Guccifer investigation", "Working off the IP address, U.S. investigators identified Guccifer 2.0 as a particular GRU officer working out of the agency’s headquarters on Grizodubovoy Street in Moscow".
IOW, they don't have jack shit, which is why the stuff I quoted above is buried towards the end of the article. How does one tie an IP address to a street address? Or to a specific person? And what does "working off" an IP address even mean? And why would he be running this from the GRU headquarters rather than from some obscure Russian bunker?
This feeds into the Russia plotted to sabotage Hillarys campaign and promote Trump narrative. Which is most probably a concoction dreamed up by the deep-state as part of a conspiracy to depose a sitting president. The state security apparatus engaged in a palace coup against a sitting president.
It's really convenient to use easily debunked stuff to prevent people from looking into other things. For example, "flat earth" is not designed to convince any normal person Earth is actually flat. Paradoxically, you just "fell for" the actual utility of the "we didn't land on the moon" stuff, sure you can find genuine people that believe just about anything, but that's just a side issue. This is very common if you study disinformation a bit.
No credible evidence of either of those theories have ever been put forward. Meanwhile we have George Papadopoulos pleading guilty to lying to the FBI about his involvement in a Trump-Russia conspiracy.
If anything this whole event should prove how hard it is to really pull off this kind of shady conspiracy without leaving a real trail of evidence, something the 9/11 truthers, the moon landing loons, or the false flag school shooting assholes have never been able to find because it's not there.
So then, if Russian Intelligence is responsible for helping to expose a significant criminal conspiracy in the US, maybe the news media will stop with all of the nouveau cold war bullshit and instead just thank them?
Sure, I'll give one. 30 thousand emails were illegally deleted, even after a court order was given telling the Hillary tech people in charge of their email service not to do so.
The law broken is the court order telling them to hand over all the emails.
The reason for no prosecution is because of politics. That's how the world works, shrug.
Some of the hacked emails in question, could have been some of the ones that were illegally deleted in the first place.
So they were in effect, undeleting emails that were illegally deleted.
The hacked emails were from the DNC, dated 2015-2016.
The deleted emails were on Hillary Clinton's private server, which she used during her tenure as Secretary of State, 2009-2013.
There is no connection between the two sets of email whatsoever. Remember when Donald Trump responded to the DNC leaks by asking the Russians to leak Hillary's deleted emails? Yeah. That's because they're not the same thing.
The "Democratic National Committee". On its face, election fraud. Besides the loftier stuff like subverting the will of the people and the authorized government.
> And for bonus points, please tell us why Trump hasn't thrown Hillary into prison yet, as promised.
Because they play golf at the same country clubs, and their IRL actions aren't bound by the marketing characters they play? It would be kind of like shooting someone after you beat them in chess - totally uncool.
But I don't see how this is relevant, unless you assume that by criticizing one ignorance club I must be a cheerleader for its twin?
I'm just asking you to back up your assertion that "Russian Intelligence is responsible for helping to expose a significant criminal conspiracy in the US" with evidence within the leaked documents... or by actually describing the specific conspiracy that was exposed.
What election fraud? What is "subverting the will of the people and the authorized government" supposed to refer to?
I'm not assuming anything, but bold and unsubstantiated assertions of conspiracy are just noise in threads like this.
Was this not widely reported, or what? You don't even have to go to Wikileaks. From Wikipedia:
> The Washington Post reported: "Many of the most damaging emails suggest the committee was actively trying to undermine Bernie Sanders's presidential campaign. Basically, all of these examples came late in the primary - after Hillary Clinton was clearly headed for victory - but they belie the national party committee's stated neutrality in the race even at that late stage."
It's odd to pick a narrow definition of "election fraud" and then assert that an instance of fraud that changed the result of an election doesn't qualify.
The apparent presence of Bernie Sanders in the race definitely induced people to vote in the Democratic primary who otherwise wouldn't have. Otherwise, they could have either voted in a different primary or stayed home and registered their lack of support for the entire process.
There was no fraud. The DNC emails show that staffers of the DNC disliked Sanders and strategized how to respond to his criticisms _of the DNC_. At the time those emails were written, Sanders had sued the DNC and had been publicly attacking them.
One thing that does not appear in the emails anywhere is any hint that the DNC tried to manipulate the outcome of primaries or caucuses. That's what "election fraud" means.
They materially benefited (voter participation, funding) through deception (the appearance of facilitating an impartial election).
The only quibble I see is that there's a bit of responsibility laundering going as the individual states actually administer the primaries. But the DNC doesn't just provide the input to these primaries, but serves as the purpose for their administration. So it'd be a bit disingenuous to say the DNC has no responsibility to remain unbiased throughout the whole process.
At any rate, I've been appealing to the wider concept of fraud only for its longstanding general applicability. We've got a de facto public institution that shows signs of blatant corruption, at direct odds with how they present themselves to the public. There are a myriad of anti-(corruption/conspiracy/etc) guilt-by-association laws that prosecutors generally have no compunction about using on organizations that smell fishy. If a private group ran a similarly-setup raffle, they would surely be under investigation - the lack of such prosecution is purely due to the connections of the people involved, and the larger issue that such behavior is just business as usual for the ruling class.
"Working off the IP address, U.S. investigators identified Guccifer 2.0 as a particular GRU officer"
Not a network whizz but doesn't that sound unlikely? They would have to have 1. Static IPs 2. Deep enough penetration of their systems to have IP/Officer mapping -> in which case they would have known this was going on anyways?
Seems necessary to edit:
I understand the NSA is the most powerful player and likely had penetrated their systems. My point is that if their networks were penetrated anyways, why are receiving this reasoning about the accident with the VPN? The only plausible explanation I can see is what another commenter put out which is the Officer had also used the non-VPNd connection to something personal. Now this would be a big fuck up
Saying they could identify an individual officer from an IP leads you to assume they had penetrated the network. In which case, why not disclose that? That would be the assumption from the other side.
“Working off” does not mean it was a one-step IP -> name mapping, orn that the IP address was the only relevant piece of information, just the thing that got them past the VPN exit point in France that was the dead end before that unprotected access was discovered.
The IP address could have led to GRU HQ (specifically identified as where he was working out of), and other information could have narrowed it down from there to a particular officer.
I agree that this is possible, but I too would like to see them explain precisely how they narrowed it down to a single workstation in a building full of workstations, and then how they mapped a workstation to a human.
A comment downthread suggests that he logged into a real-name service from the same IP without a VPN. This too is possible, but I find it at least somewhat surprising that an intelligence service doesn't prohibit logging in to real-name services from State computers.
For example, some civilian employers prohibit this, even when they provably have nothing to hide.
Or, even worse, expecting other involved intel agencies to reveal HUMINT sources that were used to narrow the identification once technical means got them something past the VPN exit?
There's a lot of possibilities. Remember how the Dutch hacked Cozy Bear's security cameras? One could do a lot with info like that, and it seems unlikely that those were the only vulnerable cameras, since that's not usually how IoT ('the S stands for Secure') stuff works.
This might be true and probably is, but I'm in general not the sort of person who is convinced by "We have more evidence but we're not showing it here, just believe us!"
It just strikes me as very sloppy epistemology, and sort of insulting to my abilities to draw my own conclusions.
>But on one occasion, The Daily Beast has learned, Guccifer failed to activate the VPN client before logging on. As a result, he left a real, Moscow-based Internet Protocol address in the server logs of an American social media company, according to a source familiar with the government’s Guccifer investigation.
If it's a GRU machine, I find it highly likely that the NSA would at least be trying to monitor communications from it[1]. It's possible that they can't get an active tap on the GRU's internal network (at least on-going, and doing so might not immediately reveal the source if the documents are only transferred over the active VPN connection -- having network access doesn't necessarily imply access to endpoints), but can tap the upstream connection. Once the source has been identified as a particular connection/building, I can think of a number of ways it could then be narrowed to an individual:
* Agent embedded in the office - they might not know about the operation beforehand if it's well compartmentalised, but may be able to find out more now they have that initial information, or rule out enough people to narrow it down
* Breach the internal network, knowing that access will be short-lived and discovered, but for long enough to get the information you need
* A further slip-up that, e.g., includes a name or some other identifying piece of information (e.g. cookie to a non-HTTP site), or accessing GRU systems that the US have previously breached or are otherwise improperly secured from the same machine
* Forge the VPN set up so that the user connects to NSA-controlled servers -- doesn't seem out of the realm of the NAS's capabilities; or
* Work with Elite VPN (unlikely--they appear to be a Russian company) or breach their systems (I imagine their security is less than GRU's, especially if they have servers in France which would likely allow the NSA or their French counterparts to compel physical access) to gain access to the VPN traffic. Once you have that, insert a zero-day into the traffic to gain access to the GRU machine
* Use a QUANTUM-style attack to embed a zero-day into non-VPN requests made over that connection
It's unlikely that you could immediately go from IP address to GRU officer, but working from that IP address you certainly have options that could lead you to an individual. I think it's quite clear why NSA would not want to reveal which technique(s) they used, particularly as it could lead GRU's countermeasures to be specifically targeted against useful methods.
I'm also not particularly sure it matters all that much. It's quite possibly the work of a team (even if the actual postings come from an individual) and will at least (presumably) have command authorisation. The article notes "[s]ometime after its hasty launch, the Guccifer persona was handed off to a more experienced GRU officer". Attributing it to an individual, rather than just the GRU, doesn't seem to make much difference.
[1] I find it possible that traffic analysis was used to uncover this -- find that Guccifer 2.0 is posting via Elite VPN, then correlate traffic in to Elite with possible sources. I'm surprised that GRU wouldn't use a machine that is forced to connect to a VPN for this, particularly if the machine's public IP points back to GRU/Russia, so it being something more that "agent forgot to enable VPN" would not be shocking.
Which could also mean an intelligence officer('s personal machine, who is known to be) working out of the agency's hq...
It implies that the IP was from GRU HQ, but the only definite statement is that it is this specific officer, who works at this specific location.
> [An intelligence researcher] led an investigation at ThreatConnect that tried to track down Guccifer from the metadata in his emails. But the trail always ended at the same data center in France. Ehmke eventually uncovered that Guccifer was connecting through an anonymizing service called Elite VPN, a virtual private networking service that had an exit point in France but was headquartered in Russia.
> But on one occasion, The Daily Beast has learned, Guccifer failed to activate the VPN client before logging on. As a result, he left a real, Moscow-based Internet Protocol address in the server logs of an American social media company, according to a source familiar with the government’s Guccifer investigation. Twitter and WordPress were Guccifer 2.0’s favored outlets. Neither company would comment for this story, and Guccifer did not respond to a direct message on Twitter.
> Working off the IP address, U.S. investigators identified Guccifer 2.0 as a particular GRU officer working out of the agency’s headquarters on Grizodubovoy Street in Moscow. (The Daily Beast’s sources did not disclose which particular officer worked as Guccifer.)