Spitfire List Web site and blog of anti-fascist researcher and radio personality Dave Emory.

For The Record  

FTR #958 Miscellaneous Articles and Updates

WFMU-FM is pod­cast­ing For The Record–You can sub­scribe to the pod­cast HERE.

You can sub­scribe to e‑mail alerts from Spitfirelist.com HERE.

You can sub­scribe to RSS feed from Spitfirelist.com HERE.

You can sub­scribe to the com­ments made on pro­grams and posts–an excel­lent source of infor­ma­tion in, and of, itself HERE.

This broad­cast was record­ed in one, 60-minute seg­ment.

artificial intelligenceIntro­duc­tion: As the title indi­cates, this broad­cast both intro­duces and updates var­i­ous paths of inquiry.

Major focal points and top­ics of dis­cus­sion include:

  1. Dis­cus­sion about the pos­si­bil­i­ty of Trump pre­cip­i­tat­ing a Reich­stag Fire-type of inci­dent. ” . . . . Q: In your book you dis­cuss the idea that Don­ald Trump will have his own ver­sion of Hitler’s Reich­stag fire to expand his pow­er and take full con­trol of the gov­ern­ment by declar­ing a state of emer­gency. How do you think that would play out?. . . . A: I think it’s pret­ty much inevitable that they will try. The rea­son I think that is that the con­ven­tion­al ways of being pop­u­lar are not work­ing out for them. The con­ven­tion­al way to be pop­u­lar or to be legit­i­mate in this coun­try is to have some poli­cies, to grow your pop­u­lar­i­ty rat­ings and to win some elec­tions. I don’t think 2018 is look­ing very good for the Repub­li­cans along those con­ven­tion­al lines — not just because the pres­i­dent is his­tor­i­cal­ly unpop­u­lar. It’s also because nei­ther the White House nor Con­gress have any poli­cies which the major­i­ty of the pub­lic like. This means they could be seduced by the notion of get­ting into a new rhythm of pol­i­tics, one that does not depend upon pop­u­lar poli­cies and elec­toral cycles. . . .  Nobody can be sure how long this par­tic­u­lar regime change with Trump will take, but there is a clock, and the clock real­ly is tick­ing. It’s three years on the out­side, but in more like­li­hood some­thing like a year. In Jan­u­ary 2018 we will prob­a­bly have a pret­ty good idea which way this thing is going. . . .”
  2. Talk of the White House push­ing to amend or abol­ish the 1st amend­ment. “ . . . . PRIEBUS: And I already answered the ques­tion. I said this is some­thing that is being looked at. But it’s some­thing that as far as how it gets exe­cut­ed, where we go with it, that’s anoth­er issue. . . .”
  3. Dis­cus­sion about “loos­en­ing” libel laws–something that would have the same effect as abol­ish­ing or amend­ing the 1st amend­ment.“ . . . . ‘I think the chief of staff made it very clear that it’s some­thing that is being looked into, sub­stan­tive­ly and then both logis­ti­cal­ly, how it would hap­pen’ Spicer said. But that’s noth­ing new. It’s some­thing the Pres­i­dent talked about on the cam­paign trail.’ . . . . ”

artificial intelligenceIISome ter­ri­fy­ing and con­sum­mate­ly impor­tant devel­op­ments tak­ing shape in the con­text of what Mr. Emory has called “tech­no­crat­ic fas­cism:”

  1. In FTR #‘s 718 and 946, we detailed the fright­en­ing, ugly real­i­ty behind Face­book. Face­book is now devel­op­ing tech­nol­o­gy that will per­mit the tap­ping of users thoughts by mon­i­tor­ing brain-to-com­put­er tech­nol­o­gy. Face­book’s R & D is head­ed by Regi­na Dugan, who used to head the Pen­tagon’s DARPA. Face­book’s Build­ing 8 is pat­terned after DARPA:  ” . . . Face­book wants to build its own “brain-to-com­put­er inter­face” that would allow us to send thoughts straight to a com­put­er. ‘What if you could type direct­ly from your brain?’ Regi­na Dugan, the head of the company’s secre­tive hard­ware R&D divi­sion, Build­ing 8, asked from the stage. Dugan then pro­ceed­ed to show a video demo of a woman typ­ing eight words per minute direct­ly from the stage. In a few years, she said, the team hopes to demon­strate a real-time silent speech sys­tem capa­ble of deliv­er­ing a hun­dred words per minute. ‘That’s five times faster than you can type on your smart­phone, and it’s straight from your brain,’ she said. ‘Your brain activ­i­ty con­tains more infor­ma­tion than what a word sounds like and how it’s spelled; it also con­tains seman­tic infor­ma­tion of what those words mean.’ . . .”
  2. TriumphWillII More about Dugan, DARPA, and Face­book’s brain-to-com­put­er tech­nol­o­gy: ” . . . . Brain-com­put­er inter­faces are noth­ing new. DARPA, which Dugan used to head, has invest­ed heav­i­ly in brain-com­put­er inter­face tech­nolo­gies to do things like cure men­tal ill­ness and restore mem­o­ries to sol­diers injured in war. But what Face­book is propos­ing is per­haps more radical—a world in which social media doesn’t require pick­ing up a phone or tap­ping a wrist watch in order to com­mu­ni­cate with your friends; a world where we’re con­nect­ed all the time by thought alone. . . .”
  3. ” . . . . Facebook’s Build­ing 8 is mod­eled after DARPA and its projects tend to be equal­ly ambi­tious. . . .”
  4. ” . . . . But what Face­book is propos­ing is per­haps more radical—a world in which social media doesn’t require pick­ing up a phone or tap­ping a wrist watch in order to com­mu­ni­cate with your friends; a world where we’re con­nect­ed all the time by thought alone. . . .”

Next, we present still more about Face­book’s brain-to-com­put­er inter­face:

  1. ” . . . . Face­book hopes to use opti­cal neur­al imag­ing tech­nol­o­gy to scan the brain 100 times per sec­ond to detect thoughts and turn them into text. Mean­while, it’s work­ing on ‘skin-hear­ing’ that could trans­late sounds into hap­tic feed­back that peo­ple can learn to under­stand like braille. . . .”
  2. ” . . . . Wor­ry­ing­ly, Dugan even­tu­al­ly appeared frus­trat­ed in response to my inquiries about how her team thinks about safe­ty pre­cau­tions for brain inter­faces, say­ing, ‘The flip side of the ques­tion that you’re ask­ing is ‘why invent it at all?’ and I just believe that the opti­mistic per­spec­tive is that on bal­ance, tech­no­log­i­cal advances have real­ly meant good things for the world if they’re han­dled respon­si­bly.’ . . . .”

Col­lat­ing the infor­ma­tion about Face­book’s brain-to-com­put­er inter­face with their doc­u­ment­ed actions turn­ing psy­cho­log­i­cal intel­li­gence about trou­bled teenagers gives us a peek into what may lie behind Dugan’s bland reas­sur­ances:

  1. ” . . . . The 23-page doc­u­ment alleged­ly revealed that the social net­work pro­vid­ed detailed data about teens in Australia—including when they felt ‘over­whelmed’ and ‘anxious’—to adver­tis­ers. The creepy impli­ca­tion is that said adver­tis­ers could then go and use the data to throw more ads down the throats of sad and sus­cep­ti­ble teens. . . . By mon­i­tor­ing posts, pic­tures, inter­ac­tions and inter­net activ­i­ty in real-time, Face­book can work out when young peo­ple feel ‘stressed’, ‘defeat­ed’, ‘over­whelmed’, ‘anx­ious’, ‘ner­vous’, ‘stu­pid’, ‘sil­ly’, ‘use­less’, and a ‘fail­ure’, the doc­u­ment states. . . .”
  2. ” . . . . A pre­sen­ta­tion pre­pared for one of Australia’s top four banks shows how the $US415 bil­lion adver­tis­ing-dri­ven giant has built a data­base of Face­book users that is made up of 1.9 mil­lion high school­ers with an aver­age age of 16, 1.5 mil­lion ter­tiary stu­dents aver­ag­ing 21 years old, and 3 mil­lion young work­ers aver­ag­ing 26 years old. Detailed infor­ma­tion on mood shifts among young peo­ple is ‘based on inter­nal Face­book data’, the doc­u­ment states, ‘share­able under non-dis­clo­sure agree­ment only’, and ‘is not pub­licly avail­able’. . . .”
  3. In a state­ment giv­en to the news­pa­per, Face­book con­firmed the prac­tice and claimed it would do bet­ter, but did not dis­close whether the prac­tice exists in oth­er places like the US. . . .”

The next ver­sion of Amazon’s Echo, the Echo Look, has a micro­phone and cam­era so it can take pic­tures of you and give you fash­ion advice. This is an AI-dri­ven device designed to placed in your bed­room to cap­ture audio and video. The images and videos are stored indef­i­nite­ly in the Ama­zon cloud. When Ama­zon was asked if the pho­tos, videos, and the data gleaned from the Echo Look would be sold to third par­ties, Ama­zon didn’t address that ques­tion. It would appear that sell­ing off your pri­vate info col­lect­ed from these devices is pre­sum­ably anoth­er fea­ture of the Echo Look: ” . . . .Ama­zon is giv­ing Alexa eyes. And it’s going to let her judge your outfits.The new­ly announced Echo Look is a vir­tu­al assis­tant with a micro­phone and a cam­era that’s designed to go some­where in your bed­room, bath­room, or wher­ev­er the hell you get dressed. Ama­zon is pitch­ing it as an easy way to snap pic­tures of your out­fits to send to your friends when you’re not sure if your out­fit is cute, but it’s also got a built-in app called StyleCheck that is worth some fur­ther dis­sec­tion. . . .”

We then fur­ther devel­op the stun­ning impli­ca­tions of Ama­zon’s Echo Look AI tech­nol­o­gy:

  1. ” . . . . This might seem over­ly spec­u­la­tive or alarmist to some, but Ama­zon isn’t offer­ing any reas­sur­ance that they won’t be doing more with data gath­ered from the Echo Look. When asked if the com­pa­ny would use machine learn­ing to ana­lyze users’ pho­tos for any pur­pose oth­er than fash­ion advice, a rep­re­sen­ta­tive sim­ply told The Verge that they ‘can’t spec­u­late’ on the top­ic. The rep did stress that users can delete videos and pho­tos tak­en by the Look at any time, but until they do, it seems this con­tent will be stored indef­i­nite­ly on Amazon’s servers.
  2. This non-denial means the Echo Look could poten­tial­ly pro­vide Ama­zon with the resource every AI com­pa­ny craves: data. And full-length pho­tos of peo­ple tak­en reg­u­lar­ly in the same loca­tion would be a par­tic­u­lar­ly valu­able dataset — even more so if you com­bine this infor­ma­tion with every­thing else Ama­zon knows about its cus­tomers (their shop­ping habits, for one). But when asked whether the com­pa­ny would ever com­bine these two datasets, an Ama­zon rep only gave the same, canned answer: ‘Can’t spec­u­late.’ . . . . ”

Note­wor­thy in this con­text is the fact that AI’s have shown that they quick­ly incor­po­rate human traits and prej­u­dices. ” . . . . How­ev­er, as machines are get­ting clos­er to acquir­ing human-like lan­guage abil­i­ties, they are also absorb­ing the deeply ingrained bias­es con­cealed with­in the pat­terns of lan­guage use, the lat­est research reveals. Joan­na Bryson, a com­put­er sci­en­tist at the Uni­ver­si­ty of Bath and a co-author, said: ‘A lot of peo­ple are say­ing this is show­ing that AI is prej­u­diced. No. This is show­ing we’re prej­u­diced and that AI is learn­ing it.’ . . .”

In FTR #957, we dis­cussed Emmanuel Macron, the can­di­date of choice for Ger­many. Pri­or to his elec­tion vic­to­ry over Nation­al Front leader Marine Le Pen, his cam­paign was hit with hack­ing attacks. Sup­pos­ed­ly engi­neered by Rus­sia, these attacks were attrib­uted to “Cozy Bear” and “Fan­cy Bear,” two alleged­ly Russ­ian hack­ers. Those monikers were attached to Apt 28 and Apt 29, two hack­ers who tar­get­ed the Ger­man Bun­destag.

Even­tu­al­ly, it devel­oped that the mate­r­i­al sup­pos­ed­ly “hacked” by APT’s 28 and 29 were the prod­uct of an insid­er USB down­loaded gam­bit.

These are the same sup­pos­ed­ly Russ­ian hack­ing ele­ments high­light­ed in FTR #‘s 917, 923, 924 and 943.

Note that the hacked doc­u­ments con­tained Cyril­lic char­ac­ters in the meta­da­ta and that the hack was ampli­fied by “alt-right” sources in this coun­try and Wik­iLeaks.

Russ­ian intel­li­gence would NOT make a mis­take like that.

” . . . . Suiche analysed some of the leaked data and found some of the doc­u­ments had been altered. ‘Arte­facts con­tain­ing Cyril­lic char­ac­ters have been found in the meta­da­ta of some doc­u­ments, this is either an oper­a­tional mis­take or some­thing that was placed on pur­pose,’ he said. . . .The leaked data was first post­ed to the /pol mes­sage board on 4Chan, a web­site often asso­ci­at­ed with leaks and trolling. Accord­ing to the Atlantic Council’s Dig­i­tal Foren­sic Research Lab, it was quick­ly pub­li­cised on Twit­ter by the alt-right account @JackPosobiec – the account of a reporter for the alt-right news site therebel.media. The link was lat­er tweet­ed by the offi­cial Wik­ileaks account. . . .”

After review­ing infor­ma­tion about the ludi­crous nature of the “Rus­sia did it” meme about the high-pro­file hacks, the pro­gram con­cludes with a look at the return of the Shad­ow Bro­kers, anoth­er alleged­ly Russ­ian hack­ing group. After the U.S. cruise mis­sile attack on Syr­ia, they re-emerged, man­i­fest­ing white suprema­cist ide­ology and pro-Trump rhetoric, all in the same bro­ken Eng­lish that char­ac­ter­ized their ini­tial appear­ance. ” . . . . In its state­ment, Shad­ow Bro­kers said the lat­est leak, fol­low­ing one eight months ago, ‘is our form of protest’ to goad Pres­i­dent Don­ald Trump into stay­ing loy­al to his fol­low­ers and pro­mot­ing anti-glob­al­ism. The screed includ­ed pro­fan­i­ty, some white suprema­cist com­men­tary and a pass­word to the cache of tools. . . .”

1. The pro­gram begins with dis­cus­sion about the pos­si­bil­i­ty of Trump pre­cip­i­tat­ing a Reich­stag Fire-type of inci­dent.

” . . . . In your book you dis­cuss the idea that Don­ald Trump will have his own ver­sion of Hitler’s Reich­stag fire to expand his pow­er and take full con­trol of the gov­ern­ment by declar­ing a state of emer­gency. How do you think that would play out?

Let me make just two points. The first is that I think it’s pret­ty much inevitable that they will try. The rea­son I think that is that the con­ven­tion­al ways of being pop­u­lar are not work­ing out for them. The con­ven­tion­al way to be pop­u­lar or to be legit­i­mate in this coun­try is to have some poli­cies, to grow your pop­u­lar­i­ty rat­ings and to win some elec­tions. I don’t think 2018 is look­ing very good for the Repub­li­cans along those con­ven­tion­al lines — not just because the pres­i­dent is his­tor­i­cal­ly unpop­u­lar. It’s also because nei­ther the White House nor Con­gress have any poli­cies which the major­i­ty of the pub­lic like. This means they could be seduced by the notion of get­ting into a new rhythm of pol­i­tics, one that does not depend upon pop­u­lar poli­cies and elec­toral cycles. . . .”

Sny­der feels that the time is nigh: ” . . . . How much time does Amer­i­can democ­ra­cy have left before this poi­son becomes lethal and there is no path of return? You have to accept there is a time frame. Nobody can be sure how long this par­tic­u­lar regime change with Trump will take, but there is a clock, and the clock real­ly is tick­ing. It’s three years on the out­side, but in more like­li­hood some­thing like a year. In Jan­u­ary 2018 we will prob­a­bly have a pret­ty good idea which way this thing is going. . . .”

Respond­ing to DeVe­g­a’s state­ment that Trump is a fas­cist: ” . . . . As I see it, there are cer­tain­ly ele­ments of his approach which are fascis­tic. The straight-on con­fronta­tion with the truth is at the cen­ter of the fas­cist world­view. The attempt to undo the Enlight­en­ment as a way to undo insti­tu­tions, that is fas­cism.

Whether he real­izes it or not is a dif­fer­ent ques­tion, but that’s what fas­cists did. They said, ‘Don’t wor­ry about the facts; don’t wor­ry about log­ic. Think instead in terms of mys­ti­cal uni­ties and direct con­nec­tions between the mys­ti­cal leader and the peo­ple.’ That’s fas­cism. Whether we see it or not, whether we like it or not, whether we for­get, that is fas­cism. Anoth­er thing that’s clear­ly fas­cist about Trump were the ral­lies. The way that he used the lan­guage, the blunt rep­e­ti­tions, the nam­ing of the ene­mies, the phys­i­cal removal of oppo­nents from ral­lies, that was real­ly, with­out exag­ger­a­tion, just like the 1920s and the 1930s.

And Mr. [Steve] Bannon’s pre­oc­cu­pa­tion with the 1930s and his kind of wish­ful recla­ma­tion of Ital­ian and oth­er fas­cists speaks for itself. . . .”

“His­to­ri­an Tim­o­thy Sny­der: “It’s pret­ty much inevitable” that Trump Will Try to Stage a Coup and Over­throw Democ­ra­cy” by Chauncey Vega; Salon.com; 5/1/2017.

Amer­i­can democ­ra­cy is in cri­sis. The elec­tion of Don­ald Trump feels like a state of emer­gency made nor­mal.

Trump has threat­ened vio­lence against his polit­i­cal ene­mies. He has made clear he does not believe in the norms and tra­di­tions of Amer­i­can democ­ra­cy — unless they serve his inter­ests. Trump and his advis­ers con­sid­er a free press to be ene­mies of his regime. Trump repeat­ed­ly lies and has a pro­found­ly estranged rela­tion­ship with empir­i­cal real­i­ty. He uses obvi­ous and naked racism, nativism and big­otry to mobi­lize his vot­ers and to dis­par­age entire groups of peo­ple such as Lati­nos and Mus­lims.

Trump is threat­en­ing to elim­i­nate an inde­pen­dent judi­cia­ry and wants to pun­ish judges who dare to stand against his ille­gal and uncon­sti­tu­tion­al man­dates. In what appears to be a vio­la­tion of the emol­u­ments clause of the Con­sti­tu­tion, Trump is using the office of the pres­i­den­cy to enrich him­self, his fam­i­ly and his inner cir­cle by ped­dling influ­ence and access to cor­po­ra­tions, for­eign coun­tries and wealthy indi­vid­u­als. Trump and his rep­re­sen­ta­tives also believe that he is above the law and can­not be pros­e­cut­ed for any crimes while in office.

What can the Amer­i­can peo­ple do to resist Don­ald Trump? What lessons can his­to­ry teach about the rise of author­i­tar­i­an­ism and fas­cism and how democ­ra­cies col­lapse? Are there ways that indi­vid­u­als can fight back on a dai­ly basis and in their own per­son­al lives against the polit­i­cal and cul­tur­al forces that gave rise to Trump’s move­ment? How long does Amer­i­can democ­ra­cy have before the poi­son that Don­ald Trump and the Repub­li­can Par­ty inject­ed into the country’s body politic becomes lethal?

In an effort to answer these ques­tions, I recent­ly spoke with Tim­o­thy Sny­der, a pro­fes­sor of his­to­ry at Yale Uni­ver­si­ty. He is the award-win­ning author of numer­ous books includ­ing the recent “Black Earth:: The Holo­caust as His­to­ry and Warn­ing” and “Blood­lands: Europe Between Hitler and Stal­in.” Snyder’s new book, “On Tyran­ny: Twen­ty Lessons from the Twen­ti­eth Cen­tu­ry,” explores how the Amer­i­can peo­ple can fight back against Don­ald Trump’s incip­i­ent author­i­tar­i­an regime.

The elec­tion of Don­ald Trump is a cri­sis for Amer­i­can democ­ra­cy. How did this hap­pen?

We asked for it by say­ing that his­to­ry was over in 1989 [with the end of the Cold War]. By say­ing that noth­ing bad could [ever] hap­pen again, we were basi­cal­ly invit­ing some­thing bad to hap­pen.

Our sto­ry about how noth­ing could [ever] go wrong was a sto­ry about how human nature is the free mar­ket and the free mar­ket brings democ­ra­cy, so every­thing is hunky-dory — and of course every part of that sto­ry is non­sense. The Greeks under­stood that democ­ra­cy is like­ly to pro­duce oli­garchy because if you don’t have some mech­a­nism to get inequal­i­ty under con­trol then peo­ple with the most mon­ey will like­ly take full con­trol.

With Trump, one sees the new vari­ant of this where a can­di­date can run by say­ing, “Look, we all know — wink, wink, nudge, nudge — that this isn’t real­ly a democ­ra­cy any­more.” He doesn’t use the words but basi­cal­ly says, “We all know this is real­ly an oli­garchy, so let me be your oli­garch.” Although it’s non­sense and of course he’s a con man and will betray every­one, it makes sense only in this cli­mate of inequal­i­ty.

In my writ­ing and inter­views, I have con­sis­tent­ly referred to Don­ald Trump as a fas­cist. I have received a great deal of resis­tance to that claim. Do you think this descrip­tion is cor­rect? If not, then what lan­guage should we use to describe Don­ald Trump?

One of the prob­lems with Amer­i­can dis­course is that we just assume every­body is a friend­ly demo­c­ra­t­ic par­lia­men­tar­i­an plu­ral­ist until proven oth­er­wise. And then even when it’s proven oth­er­wise we don’t have any vocab­u­lary for it. He’s a “dic­ta­tor.” He’s an “author­i­tar­i­an.” He’s “Hitler.” We just toss these words around.

The push­back that you are talk­ing about is 95 per­cent bad. Amer­i­cans do not want to think that there is an alter­na­tive to what we have. There­fore, as soon as you say “fas­cism” or what­ev­er it might be, then the Amer­i­can response is to say “no” because we lack the cat­e­gories that allow us to think out­side of the box that we are no longer in.

Is this a func­tion of Amer­i­can excep­tion­al­ism?

Yes, it is. We made a move towards intel­lec­tu­al iso­la­tion­ism in a world where no kind of iso­la­tion­ism is pos­si­ble. The fact that democ­ra­cies usu­al­ly fail is a rule which can’t apply to us. If you exam­ine Amer­i­can soci­ety, there are high points and low points. But there is cer­tain­ly noth­ing which puts us in a dif­fer­ent cat­e­go­ry than oth­er peo­ple who have failed, whether it’s his­tor­i­cal­ly or whether it’s now.

I don’t want to dodge your ques­tion about whether Trump is a fas­cist or not. As I see it, there are cer­tain­ly ele­ments of his approach which are fascis­tic. The straight-on con­fronta­tion with the truth is at the cen­ter of the fas­cist world­view. The attempt to undo the Enlight­en­ment as a way to undo insti­tu­tions, that is fas­cism.

Whether he real­izes it or not is a dif­fer­ent ques­tion, but that’s what fas­cists did. They said, “Don’t wor­ry about the facts; don’t wor­ry about log­ic. Think instead in terms of mys­ti­cal uni­ties and direct con­nec­tions between the mys­ti­cal leader and the peo­ple.” That’s fas­cism. Whether we see it or not, whether we like it or not, whether we for­get, that is fas­cism.

Anoth­er thing that’s clear­ly fas­cist about Trump were the ral­lies. The way that he used the lan­guage, the blunt rep­e­ti­tions, the nam­ing of the ene­mies, the phys­i­cal removal of oppo­nents from ral­lies, that was real­ly, with­out exag­ger­a­tion, just like the 1920s and the 1930s.

And Mr. [Steve] Bannon’s pre­oc­cu­pa­tion with the 1930s and his kind of wish­ful recla­ma­tion of Ital­ian and oth­er fas­cists speaks for itself.

How did the news media and oth­ers get this so wrong? Why did they under­es­ti­mate the threat posed by Don­ald Trump and his move­ment?

What we end­ed up with, from Bill Clin­ton onward, is a sta­tus quo par­ty and an “undo the sys­tem” par­ty, where the Democ­rats became the sta­tus quo par­ty and the Repub­li­cans became the “undo the sys­tem” par­ty. In that con­stel­la­tion it’s very hard to think of change because one par­ty is in favor of things being the way they are, just slight­ly bet­ter, and the oth­er par­ty has this big idea of undo­ing every­thing, although it’s unclear what that real­ly means in prac­tice. So no one is actu­al­ly artic­u­lat­ing how you address the prob­lems of the day, the great­est of which would be inequal­i­ty. When nei­ther par­ty is cre­ative, then it’s hard for schol­ars to get their ideas into mean­ing­ful cir­cu­la­tion.

Why is Trump not being held account­able for all of his fail­ures, scan­dals and incom­pe­tence?

Mr. Trump is pri­mar­i­ly a tele­vi­sion per­son­al­i­ty. As such, he is judged by that stan­dard. This means that a scan­dal does not call forth a response; it calls forth the desire for a big­ger scan­dal. It just whets the appetite for a big­ger scan­dal because a tele­vi­sion ser­i­al has to work on that log­ic. It’s almost as though he has to pro­duce these out­ra­geous things because what else would he be doing?

I think anoth­er part of it has to do with atten­tion span. It’s not so much a lack of out­rage; peo­ple are in fact out­raged. But in order for a scan­dal to have polit­i­cal log­ic, the out­rage has to be fol­lowed by the research. It has to be fol­lowed by the inves­ti­ga­tion. It has to be fol­lowed by an offi­cial find­ing.

In your book you dis­cuss the idea that Don­ald Trump will have his own ver­sion of Hitler’s Reich­stag fire to expand his pow­er and take full con­trol of the gov­ern­ment by declar­ing a state of emer­gency. How do you think that would play out?

Let me make just two points. The first is that I think it’s pret­ty much inevitable that they will try. The rea­son I think that is that the con­ven­tion­al ways of being pop­u­lar are not work­ing out for them. The con­ven­tion­al way to be pop­u­lar or to be legit­i­mate in this coun­try is to have some poli­cies, to grow your pop­u­lar­i­ty rat­ings and to win some elec­tions. I don’t think 2018 is look­ing very good for the Repub­li­cans along those con­ven­tion­al lines — not just because the pres­i­dent is his­tor­i­cal­ly unpop­u­lar. It’s also because nei­ther the White House nor Con­gress have any poli­cies which the major­i­ty of the pub­lic like.

This means they could be seduced by the notion of get­ting into a new rhythm of pol­i­tics, one that does not depend upon pop­u­lar poli­cies and elec­toral cycles.

Whether it works or not depends upon whether when some­thing ter­ri­ble hap­pens to this coun­try, we are aware that the main sig­nif­i­cance of it is whether or not we are going to be more or less free cit­i­zens in the future.

My gut feel­ing is that Trump and his admin­is­tra­tion will try and that it won’t work. Not so much because we are so great but because we have a lit­tle bit of time to pre­pare. I also think that there are enough peo­ple and enough agen­cies of the gov­ern­ment who have also thought about this and would not nec­es­sar­i­ly go along.

What can cit­i­zens do? What would your call to action be?

The whole point of my new book, “On Tyran­ny: Twen­ty Lessons from the Twen­ti­eth Cen­tu­ry,” is that we have a cen­tu­ry of wis­dom and very smart peo­ple who con­front­ed sit­u­a­tions like our own — but usu­al­ly more demand­ing — and that wis­dom can be con­densed.

What my book does is it goes across the arc of regime change, from the begin­ning to the end, and it pro­vides things rang­ing from sim­pler to hard­er that peo­ple can lit­er­al­ly do every day.

The thing that mat­ters the most is to real­ize that in moments like this your actions real­ly do mat­ter. It is iron­ic but in an author­i­tar­i­an regime-change sit­u­a­tion, the indi­vid­ual mat­ters more than [in] a democ­ra­cy. In an author­i­tar­i­an regime change, at the begin­ning the indi­vid­ual has a spe­cial kind of pow­er because the author­i­tar­i­an regime depends on a cer­tain kind of con­sent. Which means that if you are con­scious of the moment that you are in, you can find the ways not to express your con­sent and you can also find the lit­tle ways to be a bar­ri­er. If enough peo­ple do that, it real­ly can make a dif­fer­ence — but again only at the begin­ning.

What are some of the more dif­fi­cult and chal­leng­ing things that peo­ple can do?

The last les­son in “On Tyran­ny” is to be as coura­geous as you can. Do you actu­al­ly care enough about free­dom that you would take risks? Do indi­vid­u­als actu­al­ly care about free­dom? Think that through. I think if enough of us take the lit­tle risks at the begin­ning, which aren’t real­ly that sig­nif­i­cant, this will pre­vent us from hav­ing to take big­ger risks down the line.

We are still at a stage where protest is not ille­gal. We’re still at a stage where protest is not lethal. Those are the two big thresh­olds. We are still on the good side of both of those thresh­olds and so now is the time you want to pack in as much as you can because you could actu­al­ly divert things. Once you get into a world where protest is ille­gal, then the things that I rec­om­mend like cor­po­re­al pol­i­tics, get­ting out on the streets — they have to hap­pen but they are much riski­er. It’s a much dif­fer­ent kind of deci­sion.

How much time does Amer­i­can democ­ra­cy have left before this poi­son becomes lethal and there is no path of return?

You have to accept there is a time frame. Nobody can be sure how long this par­tic­u­lar regime change with Trump will take, but there is a clock, and the clock real­ly is tick­ing. It’s three years on the out­side, but in more like­li­hood some­thing like a year. In Jan­u­ary 2018 we will prob­a­bly have a pret­ty good idea which way this thing is going. It’s going to depend more on us than on them in the mean­time. Once you get past a cer­tain thresh­old, it starts to depend more on them than on us, and then things are much, much worse. It makes me sad to think how Amer­i­cans would behave at that point.

Then Trump and his forces have the momen­tum because again we the Amer­i­can peo­ple are up against the clock.

I hate to sound like a self-help per­son but I’m going to. Every day you don’t do some­thing, it makes it less like­ly that you will ever do some­thing. So you’ve got to get start­ed right away. “On Tyran­ny” is a sug­ges­tion of things that every­one can do. There are plen­ty of oth­er great ideas from peo­ple com­ing from oth­er tra­di­tions, but the basic thing is you have to change your pro­to­col of dai­ly behav­ior now.

Don’t obey in advance because you have to start by ori­ent­ing your­self against the gen­er­al drift of things. If you can man­age that, then the oth­er lessons — such as sup­port­ing exist­ing polit­i­cal and social insti­tu­tions, sup­port­ing the truth and so on — those things will then come rel­a­tive­ly eas­i­ly if you can fol­low the first one, which is to get out of the drift, to rec­og­nize that this is the moment where you have to not behave as you did in Octo­ber 2016. You have to set your own habits now. . . .

2a. There is talk of the White House push­ing to amend or abol­ish the 1st amend­ment.

“ . . . . PRIEBUS: And I already answered the ques­tion. I said this is some­thing that is being looked at. But it’s some­thing that as far as how it gets exe­cut­ed, where we go with it, that’s anoth­er issue. . . .”

“Priebus: Trump Con­sid­er­ing Amend­ing or Abol­ish­ing 1st Amend­ment” by Josh Mar­shall; Talk­ing Points Memo Editor’s Blog; 4/30/2017.

A num­ber of press reports have picked up this exchange this morn­ing between ABC’s Jonathan Karl and White House Chief of Staff Reince Priebus. But peo­ple have missed the real sig­nif­i­cance. Priebus doesn’t dis­cuss chang­ing ‘press laws’ or ‘libel laws’. He specif­i­cal­ly says that the White House has con­sid­ered and con­tin­ues to con­sid­er amend­ing or even abol­ish­ing the 1st Amend­ment because of crit­i­cal press cov­er­age of Pres­i­dent Trump.

Sound hyper­bol­ic? Look at the actu­al exchange (empha­sis added) …

KARL: I want to ask you about two things the Pres­i­dent has said on relat­ed issues. First of all, there was what he said about open­ing up the libel laws. Tweet­ing “the fail­ing New York Times has dis­graced the media world. Got­ten me wrong for two sol­id years. Change the libel laws?”

PRIEBUS: I think it’s some­thing that we’ve looked at. How that gets exe­cut­ed or whether that goes any­where is a dif­fer­ent sto­ry. But when you have arti­cles out there that have no basis or fact and we’re sit­ting here on 24/7 cable com­pa­nies writ­ing sto­ries about con­stant con­tacts with Rus­sia and all these oth­er mat­ters—

KARL: So you think the Pres­i­dent should be able to sue the New York Times for sto­ries he doesn’t like?

PRIEBUS: Here’s what I think. I think that news­pa­pers and news agen­cies need to be more respon­si­ble with how they report the news. I am so tired.

KARL: I don’t think any­body would dis­agree with that. It’s about whether or not the Pres­i­dent should have a right to sue them.

PRIEBUS: And I already answered the ques­tion. I said this is some­thing that is being looked at. But it’s some­thing that as far as how it gets exe­cut­ed, where we go with it, that’s anoth­er issue.

Karl says, accu­rate­ly, that that kind of clam­p­down on 1st Amend­ment rights would require amend­ing the Con­sti­tu­tion. Is that what Priebus means, Karl asks? Yes, it is, says Priebus.

Now one might respond to this say­ing, ‘Okay, tech­ni­cal­ly that’s what he said. But he prob­a­bly doesn’t actu­al­ly mean it.’

To which I think the answer is, sure maybe he doesn’t mean it but why would any­one assume that? He said it and repeat­ed it. The changes Pres­i­dent Trump wants are blocked by decades of decades of jurispru­dence which is lit­tle con­test­ed, unlike oth­er hot but­ton points of con­sti­tu­tion­al law. If you want what Trump wants, you have to amend the con­sti­tu­tion – and not the con­sti­tu­tion in gen­er­al but the 1st Amend­ment specif­i­cal­ly. Amend­ing the 1st Amend­ment to allow the head of state to sue peo­ple who say things he doesn’t like amounts to abol­ish­ing it.

None of these are ten­u­ous con­nec­tions. Each link in the chain of rea­son­ing fol­lows log­i­cal­ly from the oth­er.

This, need­less to say, should set off everyone’s alarm bells. If this isn’t real­ly what Priebus meant, he should be giv­en the chance to cat­e­gor­i­cal­ly dis­avow it. The plain mean­ing of the words, on the record, is that abridg­ing or abol­ish­ing the 1st Amend­ment is some­thing the Trump White House is cur­rent­ly con­sid­er­ing.

2b. There is still more dis­cus­sion about “loos­en­ing” libel laws–something that would have the same effect as abol­ish­ing or amend­ing the 1st amend­ment.

“ . . . . ‘I think the chief of staff made it very clear that it’s some­thing that is being looked into, sub­stan­tive­ly and then both logis­ti­cal­ly, how it would hap­pen’ Spicer said. But that’s noth­ing new. It’s some­thing the Pres­i­dent talked about on the cam­paign trail.’ . . . . ”

“White House Dou­bles Down: Tar­get­ing Press With Libel Laws ‘Being Looked Into’” by Matt Shuham; Talk­ing Points Memo Livewire5/1/2017.

The White House main­tained on Mon­day that it is look­ing into ways to cre­ate libel laws in order to sue pub­li­ca­tions that print unflat­ter­ing or untrue cov­er­age of the Pres­i­dent.

White House spokesper­son Sean Spicer dou­bled down on Mon­day.

“Is that a project that is cur­rent­ly being worked on by the counsel’s office?” the New York Times’ Glenn Thrush asked, refer­ring to Priebus’ state­ments. “Can you tell me the sta­tus of that? Who is pur­su­ing that?”

“I think the chief of staff made it very clear that it’s some­thing that is being looked into, sub­stan­tive­ly and then both logis­ti­cal­ly, how it would hap­pen” Spicer said. “But that’s noth­ing new. It’s some­thing the Pres­i­dent talked about on the cam­paign trail.”

“Is the coun­sel actu­al­ly—” Thrush attempt­ed.

“I will not go into it,” Spicer said.

Indeed, the Pres­i­dent often said dur­ing the Pres­i­den­tial cam­paign, and since, that he wished to change libel laws so that he would be able to sue for “pur­pose­ful­ly neg­a­tive, and hor­ri­ble and false arti­cles” and “hit pieces.”

The Supreme Court has ruled that libel dam­ages can be award­ed to pub­lic offi­cials only as a result of “actu­al mal­ice.” Unin­ten­tion­al fac­tu­al inac­cu­ra­cies are pro­tect­ed by the First Amend­ment, as is speech crit­i­cal of of the Pres­i­dent.

3. It looks like Elon Musk’s brain-to-com­put­er inter­face ambi­tions might become a brain-to-com­put­er-inter­face-race. Face­book wants to get in on the action. Sort of. It’s not quite clear. While Musk’s ‘neur­al-lace’ idea appeared to be direct­ed towards set­ting up an brain-to-com­put­er inter­face for the pur­pose of inter­fac­ing with arti­fi­cial intel­li­gences, Face­book has a much more gener­ic goal: replac­ing the key­board and mouse with a brain-to-com­put­er inter­face. Or to put it anoth­er way, Face­book wants to read your thoughts.

  1. ” . . . Face­book wants to build its own “brain-to-com­put­er inter­face” that would allow us to send thoughts straight to a com­put­er. ‘What if you could type direct­ly from your brain?’ Regi­na Dugan, the head of the company’s secre­tive hard­ware R&D divi­sion, Build­ing 8, asked from the stage. Dugan then pro­ceed­ed to show a video demo of a woman typ­ing eight words per minute direct­ly from the stage. In a few years, she said, the team hopes to demon­strate a real-time silent speech sys­tem capa­ble of deliv­er­ing a hun­dred words per minute. ‘That’s five times faster than you can type on your smart­phone, and it’s straight from your brain,’ she said. ‘Your brain activ­i­ty con­tains more infor­ma­tion than what a word sounds like and how it’s spelled; it also con­tains seman­tic infor­ma­tion of what those words mean.’ . . .”
  2. ” . . . . Brain-com­put­er inter­faces are noth­ing new. DARPA, which Dugan used to head, has invest­ed heav­i­ly in brain-com­put­er inter­face tech­nolo­gies to do things like cure men­tal ill­ness and restore mem­o­ries to sol­diers injured in war. But what Face­book is propos­ing is per­haps more radical—a world in which social media doesn’t require pick­ing up a phone or tap­ping a wrist watch in order to com­mu­ni­cate with your friends; a world where we’re con­nect­ed all the time by thought alone. . . .”
  3. ” . . . . Facebook’s Build­ing 8 is mod­eled after DARPA and its projects tend to be equal­ly ambi­tious. . . .”
  4. ” . . . . But what Face­book is propos­ing is per­haps more radical—a world in which social media doesn’t require pick­ing up a phone or tap­ping a wrist watch in order to com­mu­ni­cate with your friends; a world where we’re con­nect­ed all the time by thought alone. . . .”

Face­book Lit­er­al­ly Wants to Read Your Thoughts” by Kris­ten V. Brown; Giz­modo; 4/19/2017.

At Facebook’s annu­al devel­op­er con­fer­ence, F8, on Wednes­day, the group unveiled what may be Facebook’s most ambitious—and creepiest—proposal yet. Face­book wants to build its own “brain-to-com­put­er inter­face” that would allow us to send thoughts straight to a com­put­er.

What if you could type direct­ly from your brain?” Regi­na Dugan, the head of the company’s secre­tive hard­ware R&D divi­sion, Build­ing 8, asked from the stage. Dugan then pro­ceed­ed to show a video demo of a woman typ­ing eight words per minute direct­ly from the stage. In a few years, she said, the team hopes to demon­strate a real-time silent speech sys­tem capa­ble of deliv­er­ing a hun­dred words per minute.

“That’s five times faster than you can type on your smart­phone, and it’s straight from your brain,” she said. “Your brain activ­i­ty con­tains more infor­ma­tion than what a word sounds like and how it’s spelled; it also con­tains seman­tic infor­ma­tion of what those words mean.”

Brain-com­put­er inter­faces are noth­ing new. DARPA, which Dugan used to head, has invest­ed heav­i­ly in brain-com­put­er inter­face tech­nolo­gies to do things like cure men­tal ill­ness and restore mem­o­ries to sol­diers injured in war. But what Face­book is propos­ing is per­haps more radical—a world in which social media doesn’t require pick­ing up a phone or tap­ping a wrist watch in order to com­mu­ni­cate with your friends; a world where we’re con­nect­ed all the time by thought alone.

“Our world is both dig­i­tal and phys­i­cal,” she said. “Our goal is to cre­ate and ship new, cat­e­go­ry-defin­ing con­sumer prod­ucts that are social first, at scale.”

She also showed a video that demon­strat­ed a sec­ond tech­nol­o­gy that showed the abil­i­ty to “lis­ten” to human speech through vibra­tions on the skin. This tech has been in devel­op­ment to aid peo­ple with dis­abil­i­ties, work­ing a lit­tle like a Braille that you feel with your body rather than your fin­gers. Using actu­a­tors and sen­sors, a con­nect­ed arm­band was able to con­vey to a woman in the video a tac­tile vocab­u­lary of nine dif­fer­ent words.

Dugan adds that it’s also pos­si­ble to “lis­ten” to human speech by using your skin. It’s like using braille but through a sys­tem of actu­a­tors and sen­sors. Dugan showed a video exam­ple of how a woman could fig­ure out exact­ly what objects were select­ed on a touch­screen based on inputs deliv­ered through a con­nect­ed arm­band.

Facebook’s Build­ing 8 is mod­eled after DARPA and its projects tend to be equal­ly ambi­tious. Brain-com­put­er inter­face tech­nol­o­gy is still in its infan­cy. So far, researchers have been suc­cess­ful in using it to allow peo­ple with dis­abil­i­ties to con­trol par­a­lyzed or pros­thet­ic limbs. But stim­u­lat­ing the brain’s motor cor­tex is a lot sim­pler than read­ing a person’s thoughts and then trans­lat­ing those thoughts into some­thing that might actu­al­ly be read by a com­put­er.

The end goal is to build an online world that feels more immer­sive and real—no doubt so that you spend more time on Face­book.

“Our brains pro­duce enough data to stream 4 HD movies every sec­ond. The prob­lem is that the best way we have to get infor­ma­tion out into the world — speech — can only trans­mit about the same amount of data as a 1980s modem,” CEO Mark Zucker­berg said in a Face­book post. “We’re work­ing on a sys­tem that will let you type straight from your brain about 5x faster than you can type on your phone today. Even­tu­al­ly, we want to turn it into a wear­able tech­nol­o­gy that can be man­u­fac­tured at scale. Even a sim­ple yes/no ‘brain click’ would help make things like aug­ment­ed real­i­ty feel much more nat­ur­al.”

“That’s five times faster than you can type on your smart­phone, and it’s straight from your brain,” she said. “Your brain activ­i­ty con­tains more infor­ma­tion than what a word sounds like and how it’s spelled; it also con­tains seman­tic infor­ma­tion of what those words mean.”

Brain-com­put­er inter­faces are noth­ing new. DARPA, which Dugan used to head, has invest­ed heav­i­ly in brain-com­put­er inter­face tech­nolo­gies to do things like cure men­tal ill­ness and restore mem­o­ries to sol­diers injured in war. But what Face­book is propos­ing is per­haps more radical—a world in which social media doesn’t require pick­ing up a phone or tap­ping a wrist watch in order to com­mu­ni­cate with your friends; a world where we’re con­nect­ed all the time by thought alone.

4. More about Face­book’s brain-to-com­put­er inter­face:

  1. ” . . . . Face­book hopes to use opti­cal neur­al imag­ing tech­nol­o­gy to scan the brain 100 times per sec­ond to detect thoughts and turn them into text. Mean­while, it’s work­ing on ‘skin-hear­ing’ that could trans­late sounds into hap­tic feed­back that peo­ple can learn to under­stand like braille. . . .”
  2. ” . . . . Wor­ry­ing­ly, Dugan even­tu­al­ly appeared frus­trat­ed in response to my inquiries about how her team thinks about safe­ty pre­cau­tions for brain inter­faces, say­ing, ‘The flip side of the ques­tion that you’re ask­ing is ‘why invent it at all?’ and I just believe that the opti­mistic per­spec­tive is that on bal­ance, tech­no­log­i­cal advances have real­ly meant good things for the world if they’re han­dled respon­si­bly.’ . . . .”

“Face­book Plans Ethics Board to Mon­i­tor Its Brain-Com­put­er Inter­face Work” by Josh Con­stine; Tech Crunch; 4/19/2017.

Face­book will assem­ble an inde­pen­dent Eth­i­cal, Legal and Social Impli­ca­tions (ELSI) pan­el to over­see its devel­op­ment of a direct brain-to-com­put­er typ­ing inter­face it pre­viewed today at its F8 con­fer­ence. Facebook’s R&D depart­ment Build­ing 8’s head Regi­na Dugan tells TechCrunch, “It’s ear­ly days . . . we’re in the process of form­ing it right now.”

Mean­while, much of the work on the brain inter­face is being con­duct­ed by Facebook’s uni­ver­si­ty research part­ners like UC Berke­ley and Johns Hop­kins. Facebook’s tech­ni­cal lead on the project, Mark Chevil­let, says, “They’re all held to the same stan­dards as the NIH or oth­er gov­ern­ment bod­ies fund­ing their work, so they already are work­ing with insti­tu­tion­al review boards at these uni­ver­si­ties that are ensur­ing that those stan­dards are met.” Insti­tu­tion­al review boards ensure test sub­jects aren’t being abused and research is being done as safe­ly as pos­si­ble.

Face­book hopes to use opti­cal neur­al imag­ing tech­nol­o­gy to scan the brain 100 times per sec­ond to detect thoughts and turn them into text. Mean­while, it’s work­ing on “skin-hear­ing” that could trans­late sounds into hap­tic feed­back that peo­ple can learn to under­stand like braille. Dugan insists, “None of the work that we do that is relat­ed to this will be absent of these kinds of insti­tu­tion­al review boards.”

So at least there will be inde­pen­dent ethi­cists work­ing to min­i­mize the poten­tial for mali­cious use of Facebook’s brain-read­ing tech­nol­o­gy to steal or police people’s thoughts.

Dur­ing our inter­view, Dugan showed her cog­nizance of people’s con­cerns, repeat­ing the start of her keynote speech today say­ing, “I’ve nev­er seen a tech­nol­o­gy that you devel­oped with great impact that didn’t have unin­tend­ed con­se­quences that need­ed to be guardrailed or man­aged. In any new tech­nol­o­gy you see a lot of hype talk, some apoc­a­lyp­tic talk and then there’s seri­ous work which is real­ly focused on bring­ing suc­cess­ful out­comes to bear in a respon­si­ble way.”

In the past, she says the safe­guards have been able to keep up with the pace of inven­tion. “In the ear­ly days of the Human Genome Project there was a lot of con­ver­sa­tion about whether we’d build a super race or whether peo­ple would be dis­crim­i­nat­ed against for their genet­ic con­di­tions and so on,” Dugan explains. “Peo­ple took that very seri­ous­ly and were respon­si­ble about it, so they formed what was called a ELSI pan­el . . . By the time that we got the tech­nol­o­gy avail­able to us, that frame­work, that con­trac­tu­al, eth­i­cal frame­work had already been built, so that work will be done here too. That work will have to be done.”

Wor­ry­ing­ly, Dugan even­tu­al­ly appeared frus­trat­ed in response to my inquiries about how her team thinks about safe­ty pre­cau­tions for brain inter­faces, say­ing, “The flip side of the ques­tion that you’re ask­ing is ‘why invent it at all?’ and I just believe that the opti­mistic per­spec­tive is that on bal­ance, tech­no­log­i­cal advances have real­ly meant good things for the world if they’re han­dled respon­si­bly.”

Facebook’s dom­i­na­tion of social net­work­ing and adver­tis­ing give it bil­lions in prof­it per quar­ter to pour into R&D. But its old “Move fast and break things” phi­los­o­phy is a lot more fright­en­ing when it’s build­ing brain scan­ners. Hope­ful­ly Face­book will pri­or­i­tize the assem­bly of the ELSI ethics board Dugan promised and be as trans­par­ent as pos­si­ble about the devel­op­ment of this excit­ing-yet-unnerv­ing tech­nol­o­gy.…

5. Col­lat­ing the infor­ma­tion about Face­book’s brain-to-com­put­er inter­face with their doc­u­ment­ed actions turn­ing psy­cho­log­i­cal intel­li­gence about trou­bled teenagers gives us a peek into what may lie behind Dugan’s bland reas­sur­ances:

  1. ” . . . . The 23-page doc­u­ment alleged­ly revealed that the social net­work pro­vid­ed detailed data about teens in Australia—including when they felt ‘over­whelmed’ and ‘anxious’—to adver­tis­ers. The creepy impli­ca­tion is that said adver­tis­ers could then go and use the data to throw more ads down the throats of sad and sus­cep­ti­ble teens. . . . By mon­i­tor­ing posts, pic­tures, inter­ac­tions and inter­net activ­i­ty in real-time, Face­book can work out when young peo­ple feel ‘stressed’, ‘defeat­ed’, ‘over­whelmed’, ‘anx­ious’, ‘ner­vous’, ‘stu­pid’, ‘sil­ly’, ‘use­less’, and a ‘fail­ure’, the doc­u­ment states. . . .”
  2. ” . . . .A pre­sen­ta­tion pre­pared for one of Australia’s top four banks shows how the $US415 bil­lion adver­tis­ing-dri­ven giant has built a data­base of Face­book users that is made up of 1.9 mil­lion high school­ers with an aver­age age of 16, 1.5 mil­lion ter­tiary stu­dents aver­ag­ing 21 years old, and 3 mil­lion young work­ers aver­ag­ing 26 years old. Detailed infor­ma­tion on mood shifts among young peo­ple is ‘based on inter­nal Face­book data’, the doc­u­ment states, ‘share­able under non-dis­clo­sure agree­ment only’, and ‘is not pub­licly avail­able’. . . .”
  3. In a state­ment giv­en to the news­pa­per, Face­book con­firmed the prac­tice and claimed it would do bet­ter, but did not dis­close whether the prac­tice exists in oth­er places like the US. . . .”

“Face­book Hand­ed Over Data on ‘Inse­cure’ and ‘Over­whelmed’ Teenagers to Adver­tis­ers” by Michael Nunez; Giz­mo­do; 5/1/2017.

Face­book prob­a­bly knows more about you than your own fam­i­ly, and the com­pa­ny often uses these type of insights to help sell you prod­ucts. The best—or worst!—new exam­ple of this comes from the news­pa­per The Aus­tralian, which says it got its hands on some leaked inter­nal Face­book doc­u­ments.

The 23-page doc­u­ment alleged­ly revealed that the social net­work pro­vid­ed detailed data about teens in Australia—including when they felt “over­whelmed” and “anxious”—to adver­tis­ers. The creepy impli­ca­tion is that said adver­tis­ers could then go and use the data to throw more ads down the throats of sad and sus­cep­ti­ble teens.

From the (pay­walled) report:

By mon­i­tor­ing posts, pic­tures, inter­ac­tions and inter­net activ­i­ty in real-time, Face­book can work out when young peo­ple feel “stressed”, “defeat­ed”, “over­whelmed”, “anx­ious”, “ner­vous”, “stu­pid”, “sil­ly”, “use­less”, and a “fail­ure”, the doc­u­ment states.

A pre­sen­ta­tion pre­pared for one of Australia’s top four banks shows how the $US415 bil­lion adver­tis­ing-dri­ven giant has built a data­base of Face­book users that is made up of 1.9 mil­lion high school­ers with an aver­age age of 16, 1.5 mil­lion ter­tiary stu­dents aver­ag­ing 21 years old, and 3 mil­lion young work­ers aver­ag­ing 26 years old.

Detailed infor­ma­tion on mood shifts among young peo­ple is “based on inter­nal Face­book data”, the doc­u­ment states, “share­able under non-dis­clo­sure agree­ment only”, and “is not pub­licly avail­able”. The doc­u­ment was pre­pared by two of Facebook’s top local exec­u­tives, David Fer­nan­dez and Andy Sinn, and includes infor­ma­tion on when young peo­ple exhib­it “ner­vous excite­ment”, and emo­tions relat­ed to “con­quer­ing fears”.

In a state­ment giv­en to the news­pa­per, Face­book con­firmed the prac­tice and claimed it would do bet­ter, but did not dis­close whether the prac­tice exists in oth­er places like the US. “We have opened an inves­ti­ga­tion to under­stand the process fail­ure and improve our over­sight. We will under­take dis­ci­pli­nary and oth­er process­es as appro­pri­ate,” a spokesper­son said.

It’s worth men­tion­ing that Face­book fre­quent­ly uses Aus­tralia to test new fea­tures before rolling them out to oth­er parts of the world. (It recent­ly did this with the company’s Snapchat clone.) It’s unclear if that’s what was hap­pen­ing here, but The Aus­tralian says Face­book wouldn’t tell them if “the prac­tice exists else­where.”

The new leaked doc­u­ment rais­es eth­i­cal questions—yet again—about Facebook’s abil­i­ty to manip­u­late the moods and feel­ings of its users. In 2012, the com­pa­ny delib­er­ate­ly exper­i­ment­ed on its users’ emo­tions by tam­per­ing with the news feeds of near­ly 700,000 peo­ple to see whether it could make them feel dif­fer­ent things. (Shock­er: It appar­ent­ly could!) There was also the 61-mil­lion-per­son exper­i­ment in 2010 that con­clud­ed Face­book was able to impact real-world vot­ing behav­ior. It’s not hard to imag­ine, giv­en the pro­found pow­er and reach of the social net­work, how it could use feel­ings of inad­e­qua­cy to help sell more prod­ucts and adver­tise­ments. . . .

6. In the next ver­sion of Amazon’s Echo, the Echo Look has a micro­phone and cam­era so it can take pic­tures of you and give you fash­ion advice. This is an AI-dri­ven device designed to placed in your bed­room to cap­ture audio and video. The images and videos are stored indef­i­nite­ly in the Ama­zon cloud. When Ama­zon was asked if the pho­tos, videos, and the data gleaned from the Echo Look would be sold to third par­ties, Ama­zon didn’t address that ques­tion. So based on that non-response response, it would appear that sell­ing off your pri­vate info col­lect­ed from these devices is pre­sum­ably anoth­er fea­ture of the Echo Look:

” . . . .Ama­zon is giv­ing Alexa eyes. And it’s going to let her judge your outfits.The new­ly announced Echo Look is a vir­tu­al assis­tant with a micro­phone and a cam­era that’s designed to go some­where in your bed­room, bath­room, or wher­ev­er the hell you get dressed.

Ama­zon is pitch­ing it as an easy way to snap pic­tures of your out­fits to send to your friends when you’re not sure if your out­fit is cute, but it’s also got a built-in app called StyleCheck that is worth some fur­ther dis­sec­tion.

* You cool with an algo­rithm, machine learn­ing, and “fash­ion spe­cial­ists” decid­ing whether you look attrac­tive today? What sorts of built-in bias­es will an AI fash­ion­ista have? It’s worth remem­ber­ing that a recent AI-judged beau­ty con­test picked pri­mar­i­ly white win­ners.
* You cool with Ama­zon hav­ing the capa­bil­i­ty to see and per­haps cat­a­log every sin­gle arti­cle of cloth­ing you own? Who needs a Calvin Klein dash but­ton if your Echo can tell when you need new under­wear? Will Alexa pre­vent you from buy­ing a pair of JNCOs?
* You cool with Ama­zon putting a cam­era in your bed­room?
* Ama­zon store images and videos tak­en by Echo Look indef­i­nite­ly, the com­pa­ny told us. Audio record­ed by the orig­i­nal Echo has already been sought out in a mur­der case; to its cred­it, Ama­zon fought a search war­rant in that case.

“All pho­tos and video cap­tured with your Echo Look are secure­ly stored in the AWS cloud and local­ly in the Echo Look app until a cus­tomer deletes them,” a spokesper­son for the com­pa­ny said. “You can delete the pho­tos or videos asso­ci­at­ed with your account any­time in the Echo Look App. . . .”

Moth­er­board also asked if Echo Look pho­tos, videos, and the data gleaned from them would be sold to third par­ties; the com­pa­ny did not address that ques­tion. . . .”

 “Ama­zon Wants to Put a Cam­era and Micro­phone in Your Bed­room” by Jason Koe­bler; Vice Moth­er­board; 4/26/2017.

Ama­zon is giv­ing Alexa eyes. And it’s going to let her judge your outfits.The new­ly announced Echo Look is a vir­tu­al assis­tant with a micro­phone and a cam­era that’s designed to go some­where in your bed­room, bath­room, or wher­ev­er the hell you get dressed.

Ama­zon is pitch­ing it as an easy way to snap pic­tures of your out­fits to send to your friends when you’re not sure if your out­fit is cute, but it’s also got a built-in app called StyleCheck that is worth some fur­ther dis­sec­tion.

* You cool with an algo­rithm, machine learn­ing, and “fash­ion spe­cial­ists” decid­ing whether you look attrac­tive today? What sorts of built-in bias­es will an AI fash­ion­ista have? It’s worth remem­ber­ing that a recent AI-judged beau­ty con­test picked pri­mar­i­ly white win­ners.
* You cool with Ama­zon hav­ing the capa­bil­i­ty to see and per­haps cat­a­log every sin­gle arti­cle of cloth­ing you own? Who needs a Calvin Klein dash but­ton if your Echo can tell when you need new under­wear? Will Alexa pre­vent you from buy­ing a pair of JNCOs?
* You cool with Ama­zon putting a cam­era in your bed­room?
* Ama­zon store images and videos tak­en by Echo Look indef­i­nite­ly, the com­pa­ny told us. Audio record­ed by the orig­i­nal Echo has already been sought out in a mur­der case; to its cred­it, Ama­zon fought a search war­rant in that case.

“All pho­tos and video cap­tured with your Echo Look are secure­ly stored in the AWS cloud and local­ly in the Echo Look app until a cus­tomer deletes them,” a spokesper­son for the com­pa­ny said. “You can delete the pho­tos or videos asso­ci­at­ed with your account any­time in the Echo Look App.”

Moth­er­board also asked if Echo Look pho­tos, videos, and the data gleaned from them would be sold to third par­ties; the com­pa­ny did not address that ques­tion.

As tech­noso­ci­ol­o­gist Zeynep Tufek­ci points out, machine learn­ing com­bined with full-length pho­tos and videos have at least the poten­tial to be used for much more than sell­ing you clothes or serv­ing you ads. Ama­zon will have the capa­bil­i­ty to detect if you’re preg­nant and may be able to learn if you’re depressed. Her whole thread is worth read­ing.

With this data, Ama­zon won’t be able to just sell you clothes or judge you. It could ana­lyze if you’re depressed or preg­nant and much else. pic.twitter.com/irc0tLVce9— Zeynep Tufek­ci (@zeynep) April 26, 2017

In prac­tice, the Echo Look isn’t much dif­fer­ent than, say, a Nest cam­era or an inter­net-con­nect­ed baby mon­i­tor (the lat­ter of which gets hacked all the time, by the way). But the addi­tion of arti­fi­cial intel­li­gence and Amazon’s pen­chant for using its prod­ucts to sell us more stuff makes this feel more than a bit Black Mir­ror-ish.

7. More about the stun­ning impli­ca­tions of Ama­zon’s Echo Look AI tech­nol­o­gy:

” . . . . This might seem over­ly spec­u­la­tive or alarmist to some, but Ama­zon isn’t offer­ing any reas­sur­ance that they won’t be doing more with data gath­ered from the Echo Look. When asked if the com­pa­ny would use machine learn­ing to ana­lyze users’ pho­tos for any pur­pose oth­er than fash­ion advice, a rep­re­sen­ta­tive sim­ply told The Verge that they ‘can’t spec­u­late’ on the top­ic. The rep did stress that users can delete videos and pho­tos tak­en by the Look at any time, but until they do, it seems this con­tent will be stored indef­i­nite­ly on Amazon’s servers.

This non-denial means the Echo Look could poten­tial­ly pro­vide Ama­zon with the resource every AI com­pa­ny craves: data. And full-length pho­tos of peo­ple tak­en reg­u­lar­ly in the same loca­tion would be a par­tic­u­lar­ly valu­able dataset — even more so if you com­bine this infor­ma­tion with every­thing else Ama­zon knows about its cus­tomers (their shop­ping habits, for one). But when asked whether the com­pa­ny would ever com­bine these two datasets, an Ama­zon rep only gave the same, canned answer: ‘Can’t spec­u­late.’ . . . . ”

“Amazon’s Echo Look Is a Mine­field of AI and Pri­va­cy Con­cerns” by James Vin­centThe Verge; 4/27/2017.

What does Ama­zon want to learn from pic­tures of its cus­tomers? The com­pa­ny won’t say

Com­put­er sci­en­tist Andrew Ng once described the pow­er of con­tem­po­rary AI as the abil­i­ty to auto­mate any men­tal task that takes a human “less than one sec­ond of thought.” It’s a rule of thumb that’s worth remem­ber­ing when you think about Amazon’s new Echo Look — a smart cam­era with a built-in AI assis­tant. Ama­zon says the Echo Look will help users dress and give them fash­ion advice, but what oth­er judge­ments could it make?

As aca­d­e­m­ic and soci­ol­o­gist Zeynep Tufek­ci put it on Twit­ter: “Machine learn­ing algo­rithms can do so much with reg­u­lar full length pic­tures of you. They can infer pri­vate things you did not dis­close […] All this to sell you more clothes. We are sell­ing out to sur­veil­lance cap­i­tal­ism that can quick­ly evolve into author­i­tar­i­an­ism for so cheap.” (The whole thread from Tufec­ki is def­i­nite­ly worth a read.)

Adver­tis­ers open­ly say it’s best to sell make-up to women when they feel “fat, lone­ly and depressed.” With this data, won’t have to guess.— Zeynep Tufek­ci (@zeynep) April 26, 2017

This might seem over­ly spec­u­la­tive or alarmist to some, but Ama­zon isn’t offer­ing any reas­sur­ance that they won’t be doing more with data gath­ered from the Echo Look. When asked if the com­pa­ny would use machine learn­ing to ana­lyze users’ pho­tos for any pur­pose oth­er than fash­ion advice, a rep­re­sen­ta­tive sim­ply told The Verge that they “can’t spec­u­late” on the top­ic. The rep did stress that users can delete videos and pho­tos tak­en by the Look at any time, but until they do, it seems this con­tent will be stored indef­i­nite­ly on Amazon’s servers.

This non-denial means the Echo Look could poten­tial­ly pro­vide Ama­zon with the resource every AI com­pa­ny craves: data. And full-length pho­tos of peo­ple tak­en reg­u­lar­ly in the same loca­tion would be a par­tic­u­lar­ly valu­able dataset — even more so if you com­bine this infor­ma­tion with every­thing else Ama­zon knows about its cus­tomers (their shop­ping habits, for one). But when asked whether the com­pa­ny would ever com­bine these two datasets, an Ama­zon rep only gave the same, canned answer: “Can’t spec­u­late.”

The com­pa­ny did, though, say it wouldn’t share any per­son­al infor­ma­tion gleaned from the Echo Look to “adver­tis­ers or to third-par­ty sites that dis­play our inter­est-based ads.” That means Ama­zon could still use data from the Look to tar­get ads at you itself, but at least third par­ties won’t.

Right now, the Echo Look is halfway between pro­to­type and full-on prod­uct. As is often the case with Amazon’s hard­ware efforts, the com­pa­ny seems most inter­est­ed in just get­ting a prod­uct out there and gaug­ing pub­lic reac­tion, rather than finess­ing every detail. The com­pa­ny is giv­ing no indi­ca­tion of when the Echo Look will actu­al­ly be avail­able, and it’s cur­rent­ly only being sold “by invi­ta­tion only.” All this means that Ama­zon itself prob­a­bly isn’t yet sure what exact­ly it will do with the data the device col­lects. But, if the com­pa­ny refus­es to give any more detail, it’s under­stand­able to fear the worst. . . .

8. Tay, Microsoft’s AI-pow­ered twit­ter­bot designed to learn from its human inter­ac­tions, became a neo-Nazi in less than a day after a bunch of 4chan users decid­ed to flood Tay with neo-Nazi-like tweets. Accord­ing to some recent research, the AI’s of the future might not need a bunch of 4chan to fill the AI with human big­otries. The AIs’ analy­sis of real-world human lan­guage usage will do that auto­mat­i­cal­ly.

When you read about peo­ple like Elon Musk equat­ing arti­fi­cial intel­li­gence with “sum­mon­ing the demon”, that demon is us, at least in part.

” . . . . How­ev­er, as machines are get­ting clos­er to acquir­ing human-like lan­guage abil­i­ties, they are also absorb­ing the deeply ingrained bias­es con­cealed with­in the pat­terns of lan­guage use, the lat­est research reveals. Joan­na Bryson, a com­put­er sci­en­tist at the Uni­ver­si­ty of Bath and a co-author, said: ‘A lot of peo­ple are say­ing this is show­ing that AI is prej­u­diced. No. This is show­ing we’re prej­u­diced and that AI is learn­ing it.’ . . .”

“AI Pro­grams Exhib­it Racial and Gen­der Bias­es, Research Reveals” by Han­nah Devlin; The Guardian; 4/13/2017.

Machine learn­ing algo­rithms are pick­ing up deeply ingrained race and gen­der prej­u­dices con­cealed with­in the pat­terns of lan­guage use, sci­en­tists say

An arti­fi­cial intel­li­gence tool that has rev­o­lu­tionised the abil­i­ty of com­put­ers to inter­pret every­day lan­guage has been shown to exhib­it strik­ing gen­der and racial bias­es.

The find­ings raise the spec­tre of exist­ing social inequal­i­ties and prej­u­dices being rein­forced in new and unpre­dictable ways as an increas­ing num­ber of deci­sions affect­ing our every­day lives are ced­ed to automa­tons.

In the past few years, the abil­i­ty of pro­grams such as Google Trans­late to inter­pret lan­guage has improved dra­mat­i­cal­ly. These gains have been thanks to new machine learn­ing tech­niques and the avail­abil­i­ty of vast amounts of online text data, on which the algo­rithms can be trained.

How­ev­er, as machines are get­ting clos­er to acquir­ing human-like lan­guage abil­i­ties, they are also absorb­ing the deeply ingrained bias­es con­cealed with­in the pat­terns of lan­guage use, the lat­est research reveals.

Joan­na Bryson, a com­put­er sci­en­tist at the Uni­ver­si­ty of Bath and a co-author, said: “A lot of peo­ple are say­ing this is show­ing that AI is prej­u­diced. No. This is show­ing we’re prej­u­diced and that AI is learn­ing it.”

But Bryson warned that AI has the poten­tial to rein­force exist­ing bias­es because, unlike humans, algo­rithms may be unequipped to con­scious­ly coun­ter­act learned bias­es. “A dan­ger would be if you had an AI sys­tem that didn’t have an explic­it part that was dri­ven by moral ideas, that would be bad,” she said.

The research, pub­lished in the jour­nal Sci­ence, focus­es on a machine learn­ing tool known as “word embed­ding”, which is already trans­form­ing the way com­put­ers inter­pret speech and text. Some argue that the nat­ur­al next step for the tech­nol­o­gy may involve machines devel­op­ing human-like abil­i­ties such as com­mon sense and log­ic.

The approach, which is already used in web search and machine trans­la­tion, works by build­ing up a math­e­mat­i­cal rep­re­sen­ta­tion of lan­guage, in which the mean­ing of a word is dis­tilled into a series of num­bers (known as a word vec­tor) based on which oth­er words most fre­quent­ly appear along­side it. Per­haps sur­pris­ing­ly, this pure­ly sta­tis­ti­cal approach appears to cap­ture the rich cul­tur­al and social con­text of what a word means in the way that a dic­tio­nary def­i­n­i­tion would be inca­pable of.

For instance, in the math­e­mat­i­cal “lan­guage space”, words for flow­ers are clus­tered clos­er to words linked to pleas­ant­ness, while words for insects are clos­er to words linked to unpleas­ant­ness, reflect­ing com­mon views on the rel­a­tive mer­its of insects ver­sus flow­ers.

The lat­est paper shows that some more trou­bling implic­it bias­es seen in human psy­chol­o­gy exper­i­ments are also read­i­ly acquired by algo­rithms. The words “female” and “woman” were more close­ly asso­ci­at­ed with arts and human­i­ties occu­pa­tions and with the home, while “male” and “man” were clos­er to maths and engi­neer­ing pro­fes­sions.

And the AI sys­tem was more like­ly to asso­ciate Euro­pean Amer­i­can names with pleas­ant words such as “gift” or “hap­py”, while African Amer­i­can names were more com­mon­ly asso­ci­at­ed with unpleas­ant words.

The find­ings sug­gest that algo­rithms have acquired the same bias­es that lead peo­ple (in the UK and US, at least) to match pleas­ant words and white faces in implic­it asso­ci­a­tion tests.

These bias­es can have a pro­found impact on human behav­iour. One pre­vi­ous study showed that an iden­ti­cal CV is 50% more like­ly to result in an inter­view invi­ta­tion if the candidate’s name is Euro­pean Amer­i­can than if it is African Amer­i­can. The lat­est results sug­gest that algo­rithms, unless explic­it­ly pro­grammed to address this, will be rid­dled with the same social prej­u­dices.

“If you didn’t believe that there was racism asso­ci­at­ed with people’s names, this shows it’s there,” said Bryson.

The machine learn­ing tool used in the study was trained on a dataset known as the “com­mon crawl” cor­pus – a list of 840bn words that have been tak­en as they appear from mate­r­i­al pub­lished online. Sim­i­lar results were found when the same tools were trained on data from Google News.

San­dra Wachter, a researcher in data ethics and algo­rithms at the Uni­ver­si­ty of Oxford, said: “The world is biased, the his­tor­i­cal data is biased, hence it is not sur­pris­ing that we receive biased results.”

Rather than algo­rithms rep­re­sent­ing a threat, they could present an oppor­tu­ni­ty to address bias and coun­ter­act it where appro­pri­ate, she added.

“At least with algo­rithms, we can poten­tial­ly know when the algo­rithm is biased,” she said. “Humans, for exam­ple, could lie about the rea­sons they did not hire some­one. In con­trast, we do not expect algo­rithms to lie or deceive us.”

How­ev­er, Wachter said the ques­tion of how to elim­i­nate inap­pro­pri­ate bias from algo­rithms designed to under­stand lan­guage, with­out strip­ping away their pow­ers of inter­pre­ta­tion, would be chal­leng­ing.

“We can, in prin­ci­ple, build sys­tems that detect biased deci­sion-mak­ing, and then act on it,” said Wachter, who along with oth­ers has called for an AI watch­dog to be estab­lished. “This is a very com­pli­cat­ed task, but it is a respon­si­bil­i­ty that we as soci­ety should not shy away from.”

9. In FTR #957, we dis­cussed Emmanuel Macron, the can­di­date of choice for Ger­many. Pri­or to his elec­tion vic­to­ry over Nation­al Front leader Marine Le Pen, his cam­paign was hit with hack­ing attacks. Sup­pos­ed­ly engi­neered by Rus­sia, these attacks were attrib­uted to “Cozy Bear” and “Fan­cy Bear,” two alleged­ly Russ­ian hack­ers. Those monikers were attached to Apt 28 and Apt 29, two hack­ers who tar­get­ed the Ger­man Bun­destag.

Even­tu­al­ly, it devel­oped that the mate­r­i­al sup­pos­ed­ly “hacked” by APT’s 28 and 29 were the prod­uct of an insid­er USB down­loaded gam­bit.

These are the same sup­pos­ed­ly Russ­ian hack­ing ele­ments high­light­ed in FTR #‘s 917, 923, 924 and 943.

Note that the hacked doc­u­ments con­tained Cyril­lic char­ac­ters in the meta­da­ta and that the hack was ampli­fied by “alt-right” sources in this coun­try and Wik­iLeaks.

” . . . . Suiche analysed some of the leaked data and found some of the doc­u­ments had been altered. ‘Arte­facts con­tain­ing Cyril­lic char­ac­ters have been found in the meta­da­ta of some doc­u­ments, this is either an oper­a­tional mis­take or some­thing that was placed on pur­pose,’ he said. . . .The leaked data was first post­ed to the /pol mes­sage board on 4Chan, a web­site often asso­ci­at­ed with leaks and trolling. Accord­ing to the Atlantic Council’s Dig­i­tal Foren­sic Research Lab, it was quick­ly pub­li­cised on Twit­ter by the alt-right account @JackPosobiec – the account of a reporter for the alt-right news site therebel.media. The link was lat­er tweet­ed by the offi­cial Wik­ileaks account. . . .”

“‘Guilt by vol­ume’: Macron Leaks Fail to Shock Experts, But Can It Influ­ence the Elec­tion?” by Jason Mur­dockInter­na­tion­al Busi­ness Times; 5/6/2017.

Cyber­se­cu­ri­ty experts dis­miss 9GB Macron leak as a mix of ‘boringest’ and fake doc­u­ments.

On 5 May, as France went into media black­out in prepa­ra­tion for the 2017 pres­i­den­tial elec­tion, rough­ly 9GB worth of data from inside the cam­paign of cen­trist can­di­date Emmanuel Macron, leaked online. It sent social media – and secu­ri­ty experts – into a fren­zy of activ­i­ty.

Quick­ly dubbed “Macron Leaks”, the En March! polit­i­cal par­ty brand­ed the inci­dent a “mas­sive and coor­di­nat­ed” cyber­at­tack. How­ev­er, upon analy­sis, despite the ampli­fied mes­sages on social media, experts found the dis­clo­sure under­whelm­ing.

The leak had all the hall­marks of a Russ­ian oper­a­tion, in many ways echo­ing the 2016 leak of emails belong­ing to John Podes­ta, an aide to US pres­i­den­tial can­di­date Hillary Clin­ton.

How­ev­er, in this instance, the actu­al con­tent of the emails and doc­u­ments may not even mat­ter, some said.

“They don’t have Macron’s per­son­al inbox. One of the things I was think­ing was that most head­lines will be ‘GB’s of emails belong­ing to En Marche! leaked’ but nobody will ever read them. So it’s guilt by vol­ume,” Matt Suiche, a cyber­se­cu­ri­ty expert, told IBTimes UK.

“The media is get­ting manip­u­lat­ed big time by Rus­sia,” Suiche con­tin­ued. “French media won’t talk about it because it’s time sen­si­tive. But all the inter­na­tion­al press is jump­ing on it to have some­thing to write on.

“Although there is no bad data leaked as far as we know,” he added.

Suiche analysed some of the leaked data and found some of the doc­u­ments had been altered.

“Arte­facts con­tain­ing Cyril­lic char­ac­ters have been found in the meta­da­ta of some doc­u­ments, this is either an oper­a­tional mis­take or some­thing that was placed on pur­pose,” he said.

“This leak seems like a des­per­ate attempt to gain atten­tion,” he con­tin­ued, adding: “I doubt this will affect the elec­tion against Macron.”

The can­di­date is run­ning against Front Nation­al leader Marine Le Pen and polls pre­dict him win­ning with over 60% of the vote.

Drop­ping files after append­ing meta­da­ta to Microsoft Offices files such as “?????” or “???????_??????” Why? #attri­bu­tion H/T @voulnetpic.twitter.com/h2KBLimjZn— Matt Suiche (@msuiche) May 6, 2017

The ori­gin of the leak

The leaked data was first post­ed to the /pol mes­sage board on 4Chan, a web­site often asso­ci­at­ed with leaks and trolling. Accord­ing to the Atlantic Council’s Dig­i­tal Foren­sic Research Lab, it was quick­ly pub­li­cised on Twit­ter by the alt-right account @JackPosobiec – the account of a reporter for the alt-right news site therebel.media. The link was lat­er tweet­ed by the offi­cial Wik­ileaks account.

“This was passed on to me today so now I am giv­ing it to you, the peo­ple,” a 4Chan state­ment read. “The leak is mas­sive and released in the hopes that the human search engine here will be able to start sift­ing through the con­tents and fig­ure out exact­ly what we have here.”

As it turns out, the emails were from mem­bers of Macron’s staff and sup­port­ers, with names includ­ing Alain Tour­ret, Pierre Per­son, Cedric O, Anne-Chris­tine Lang, and Quentin Lafay, revealed cyber­se­cu­ri­ty expert Robert Gra­ham, writ­ing on his blog Erra­ta Secu­ri­ty.

“Obvi­ous­ly, every­one assumes that Russ­ian hack­ers did it, but there’s noth­ing (so far) that points to any­body in par­tic­u­lar,” Gra­ham not­ed. “It appears to be the most basic of phish­ing attacks, which means any­one could’ve done it, includ­ing your neighbour’s pim­ply faced teenag­er.”

Graham’s lack of enthu­si­asm about the impact of the leaked infor­ma­tion was mir­rored across well-known indus­try researchers.

“I have searched through a lot of large email drops before, and this is right up there with the boringest of them,” wrote Matt Tait, a for­mer infor­ma­tion secu­ri­ty spe­cial­ist for GCHQ – the British equiv­a­lent of the US Nation­al Secu­ri­ty Agency – and cur­rent chief exec­u­tive and founder of Cap­i­tal Alpha Secu­ri­ty, in a Twit­ter post.

The Grugq, a cyber­se­cu­ri­ty researcher, said: “Based on lat­est info about how dull the dump is they real­ly had noth­ing inter­est­ing, so just pack­aged every­thing they could get in hopes that the size of the dump would be damn­ing, a sort of ‘where there’s smoke there’s fire’ approach.”

On a Twit­ter thread, he added: “The #Macron­Leak dump is full of inten­tion­al­ly mis­lead­ing info craft­ed for con­fu­sion. Fold­ers w/ false names.”

The #Macron­Leak dump is full of inten­tion­al­ly mis­lead­ing info. craft­ed for con­fu­sion. Fold­ers w/ “false” names https://t.co/7kIDsVHlOf— the grugq (@thegrugq) May 6, 2017

One file he ref­er­enced claimed a French politi­cian had used bit­coin to have drugs shipped to the French par­lia­ment.

As the doc­u­ments dis­sem­i­nat­ed online, whistle­blow­ing web­site Wik­iLeaks dis­missed claims that forg­eries exist­ed in the files. At the time of writ­ing, it claimed to still be search­ing through the files.

“This mas­sive leak is too late to shift the elec­tion,” it said in a post online. “The intent behind the tim­ing is curi­ous. We have not yet dis­cov­ered fakes in #Macron­Leaks and we are very skep­ti­cal that the Macron cam­paign is faster than us.”

Julian Assange, founder of Wik­iLeaks, did not imme­di­ate­ly respond to a request for com­ment.

Sow­ing seeds of polit­i­cal chaos

Some of the leaked emails appear to be extreme­ly recent, at least up to 24 April. The moti­va­tion of the inci­dent is now being debat­ed, with many hav­ing already come to the con­clu­sion that a Russ­ian state-backed group was some­how involved in the scheme.

“Every­one is propos­ing the­o­ries about the hacker’s plan, but the most like­ly answer is they don’t have one. Hack­ing is oppor­tunis­tic,” Gra­ham wrote on his blog, adding: “They like­ly tar­get­ed every­one in the cam­paign, and these were the only vic­tims they could hack.

“It’s prob­a­bly not the out­come they were hop­ing for. But since they’ve gone through all the work, it’d be a shame to waste it.

“[The hack­ers] are like­ly releas­ing the dump not because they believe it will do any good, but because it’ll do them no harm.”

The French elec­toral com­mis­sion has respond­ed to the inci­dent, say­ing: “The dis­sem­i­na­tion of such data, which have been fraud­u­lent­ly obtained and in all like­li­hood may have been min­gled with false infor­ma­tion, is liable to be clas­si­fied as a crim­i­nal offence.”

Mean­while, Macron’s chief for­eign pol­i­cy advis­er Aure­lien Lecheval­li­er (via Ben Judah) said Russ­ian pres­i­dent Vladimir Putin should now expect a “frank meet­ing”.

His state­ment con­tin­ued: “We will make clear on cyber­at­tacks and on Euro­pean secu­ri­ty France will defend its inter­ests. We want zero Russ­ian inter­fer­ence in our elec­tions and in Euro­pean elec­tions. We will have a doc­trine of retal­i­a­tion when it comes to Russ­ian cyber­at­tacks.”

Dur­ing his elec­tion cam­paign against Le Pen – who met with Putin in March – Macron’s team was out­spo­ken about alleged Russ­ian cyber­at­tacks. Last month, Trend Micro, a cyber­se­cu­ri­ty firm, appeared to back up the rhetoricwith evi­dence he had been direct­ly tar­get­ed.

As the elec­tion date approached, fur­ther con­tro­ver­sy erupt­ed after a 200-strong col­lec­tiveof French-lan­guage Twit­ter accounts were caught spread­ing mis­in­for­ma­tion about Macron, claim­ing – with­out evi­dence – that he had evad­ed pay­ing tax­es by stor­ing cash in off­shore accounts.

As it turns out, the emails were from mem­bers of Macron’s staff and sup­port­ers, with names includ­ing Alain Tour­ret, Pierre Per­son, Cedric O, Anne-Chris­tine Lang, and Quentin Lafay, revealed cyber­se­cu­ri­ty expert Robert Gra­ham, writ­ing on his blog Erra­ta Secu­ri­ty.

“Obvi­ous­ly, every­one assumes that Russ­ian hack­ers did it, but there’s noth­ing (so far) that points to any­body in par­tic­u­lar,” Gra­ham not­ed. “It appears to be the most basic of phish­ing attacks, which means any­one could’ve done it, includ­ing your neighbour’s pim­ply faced teenag­er.”

Graham’s lack of enthu­si­asm about the impact of the leaked infor­ma­tion was mir­rored across well-known indus­try researchers.

“I have searched through a lot of large email drops before, and this is right up there with the boringest of them,” wrote Matt Tait, a for­mer infor­ma­tion secu­ri­ty spe­cial­ist for GCHQ – the British equiv­a­lent of the US Nation­al Secu­ri­ty Agency – and cur­rent chief exec­u­tive and founder of Cap­i­tal Alpha Secu­ri­ty, in a Twit­ter post.

The Grugq, a cyber­se­cu­ri­ty researcher, said: “Based on lat­est info about how dull the dump is they real­ly had noth­ing inter­est­ing, so just pack­aged every­thing they could get in hopes that the size of the dump would be damn­ing, a sort of ‘where there’s smoke there’s fire’ approach.”

10. When “the Russ­ian gov­ern­ment” decid­ed to con­duct this oper­a­tion, they used the APT 28 (Fan­cy Bear) to do it. After a year of close scruti­ny over Fan­cy Bear’s alleged tac­tic by secu­ri­ty researchers around the world, Fan­cy Bear struck again, using the same tech­niques that were used to impli­cate it in the 2016 elec­tion hack.

Cyril­lic meta-data in the infor­ma­tion is a dead give away that this is not Russ­ian intel­li­gence.

“French Can­di­date Macron Claims Mas­sive Hack as Emails Leaked” by Eric Auchard and Bate Felix; Reuters; 5/6/2017.

Lead­ing French pres­i­den­tial can­di­date Emmanuel Macron’s cam­paign said on Fri­day it had been the tar­get of a “mas­sive” com­put­er hack that dumped its cam­paign emails online 1–1/2 days before vot­ers choose between the cen­trist and his far-right rival, Marine Le Pen.

Opin­ion polls show inde­pen­dent cen­trist Macron is set to beat Nation­al Front can­di­date Le Pen in Sunday’s sec­ond round of vot­ing, in what is seen to be France’s most impor­tant elec­tion in decades. The lat­est sur­veys show him win­ning with about 62 per­cent of the vote.

RUSSIAN HAND SEEN

For­mer econ­o­my min­is­ter Macron’s cam­paign has pre­vi­ous­ly com­plained about attempts to hack its emails, blam­ing Russ­ian inter­ests in part for the cyber attacks.

On April 26, the team said it had been the tar­get of a attempts to steal email cre­den­tials dat­ing back to Jan­u­ary, but that the per­pe­tra­tors had failed to com­pro­mise any cam­paign data.

The Krem­lin has denied it was behind any such attacks, even though Macron’s camp renewed com­plaints against Russ­ian media and a hack­ers’ group oper­at­ing in Ukraine.

Vitali Kre­mez, direc­tor of research with New York-based cyber intel­li­gence firm Flash­point, told Reuters his review indi­cates that APT 28, a group tied to the GRU, the Russ­ian mil­i­tary intel­li­gence direc­torate, was behind the leak. He cit­ed sim­i­lar­i­ties with U.S. elec­tion hacks that have been pre­vi­ous­ly attrib­uted to that group.

APT28 last month reg­is­tered decoy inter­net address­es to mim­ic the name of En Marche, which it like­ly used send taint­ed emails to hack into the campaign’s com­put­ers, Kre­mez said. Those domains include onedrive-en-marche.fr and mail-en-marche.fr.

“If indeed dri­ven by Moscow, this leak appears to be a sig­nif­i­cant esca­la­tion over the pre­vi­ous Russ­ian oper­a­tions aimed at the U.S. pres­i­den­tial elec­tion, expand­ing the approach and scope of effort from sim­ple espi­onage efforts towards more direct attempts to sway the out­come,” Kre­mez said.

France is the lat­est nation to see a major elec­tion over­shad­owed by accu­sa­tions of manip­u­la­tion through cyber hack­ing.

U.S. intel­li­gence agen­cies said in Jan­u­ary that Russ­ian Pres­i­dent Vladimir Putin had ordered hack­ing of par­ties tied to Demo­c­ra­t­ic pres­i­den­tial can­di­date Hillary Clin­ton to influ­ence the elec­tion on behalf of Repub­li­can rival Don­ald Trump.

On Fri­day night as the #Macron­leaks hash­tag buzzed around social media, Flo­ri­an Philip­pot, deputy leader of the Nation­al Front, tweet­ed “Will Macron­leaks teach us some­thing that inves­tiga­tive jour­nal­ism has delib­er­ate­ly killed?”

Macron spokesman Syl­vain Fort, in a response on Twit­ter, called Philippot’s tweet “vile”.

En Marche! said the doc­u­ments only showed the nor­mal func­tion­ing of a pres­i­den­tial cam­paign, but that authen­tic doc­u­ments had been mixed on social media with fake ones to sow “doubt and mis­in­for­ma­tion”.

Ben Nim­mo, a UK-based secu­ri­ty researcher with the Dig­i­tal Foren­sic Research Lab of the Atlantic Coun­cil think tank, said ini­tial analy­sis indi­cat­ed that a group of U.S. far-right online activists were behind ear­ly efforts to spread the doc­u­ments via social media. They were lat­er picked up and pro­mot­ed by core social media sup­port­ers of Le Pen in France, Nim­mo said.

The leaks emerged on 4chan, a dis­cus­sion forum pop­u­lar with far right activists in the Unit­ed States. An anony­mous poster pro­vid­ed links to the doc­u­ments on Paste­bin, say­ing, “This was passed on to me today so now I am giv­ing it to you, the peo­ple.”

The hash­tag #Macron­Leaks was then spread by Jack Poso­biec, a pro-Trump activist whose Twit­ter pro­file iden­ti­fies him as Wash­ing­ton D.C. bureau chief of the far-right activist site Rebel TV, accord­ing to Nim­mo and oth­er ana­lysts track­ing the elec­tion. Con­tact­ed by Reuters, Poso­biec said he had sim­ply repost­ed what he saw on 4chan.

“You have a hash­tag dri­ve that start­ed with the alt-right in the Unit­ed States that has been picked up by some of Le Pen’s most ded­i­cat­ed and aggres­sive fol­low­ers online,” Nim­mo told Reuters.

11a. There was an update back in Decem­ber from the Ger­man gov­ern­ment regard­ing its assess­ment of the 2015 Bundgestag hacks (attrib­uted to “Fan­cy Bear” and “Cozy Bear,” as men­tioned in the San­dro Gay­ck­en post above) that it attrib­uted to APT28 and Rus­sia: while it asserts the hacks did indeed take place, the leaked doc­u­ments were lat­er deter­mined to be an insid­er leak (via Google trans­late).

“ . . . . Accord­ing to the report, fed­er­al secu­ri­ty author­i­ties are con­vinced that not hack­ers had stolen the 2420 doc­u­ments pub­lished by the Inter­net plat­form Wik­ileaks in ear­ly Decem­ber. There was cer­tain­ly no evi­dence that the mate­r­i­al had been stolen in the cyber attack on the Bun­destag in 2015, it was called into secu­ri­ty crises. . . . ”

The Bun­destagspolizei is still look­ing for the appar­ent leak­er.

The Wik­iLeaks leak of doc­u­ments from the DNC was alleged by for­mer UK diplo­mat Craig Mur­ray to have come from a dis­sat­is­fied DNC insid­er, who gave him the infor­ma­tion from a thumb dri­ve.

The sit­u­a­tion vis a vis the hack of the Bun­destag is strik­ing­ly sim­i­lar.

“Wik­ileaks Source for Rev­e­la­tions in the Bun­destag Sus­pects;” Frank­furter All­ge­meine Poli­tik ; 12/17/2016.

After the pub­li­ca­tion of con­fi­den­tial files from the NSA inves­ti­ga­tion com­mit­tee the Bun­destagspolizei is look­ing for the per­pe­tra­tors in par­lia­ment, as the news mag­a­zine “Spiegel” reports. “A vio­la­tion of secre­cy and a spe­cial duty of secre­cy” is con­firmed, a Bun­destag spokesman con­firmed to the mag­a­zine. Bun­destag Pres­i­dent Nor­bert Lam­mert (CDU) had approved the inves­ti­ga­tion against unknown. The Ger­man Bun­destag is a sep­a­rate police zone.Accord­ing to the report, fed­er­al secu­ri­ty author­i­ties are con­vinced that not hack­ers had stolen the 2420 doc­u­ments pub­lished by the Inter­net plat­form Wik­ileaks in ear­ly Decem­ber. There was cer­tain­ly no evi­dence that the mate­r­i­al had been stolen in the cyber attack on the Bun­destag in 2015, it was called into secu­ri­ty crises.

The “mir­ror” point­ed out that the Wik­ileaks mate­r­i­al cov­ered 90 giga­bytes, but the infil­trat­ed Bun­destagsrech­n­ern only 16 giga­bytes of data were stolen. The Cyber­at­tacke appar­ent­ly also had no mem­bers of the Bun­destag or employ­ees from the envi­ron­ment of the NSA inves­ti­ga­tion com­mit­tee affect­ed.

The “Frank­furter All­ge­meine Son­ntagszeitung” had cit­ed a high secu­ri­ty offi­cer a week ago with the words that there was “high plau­si­bil­i­ty” for the fact that the secrets pub­lished by Wik­ileaks were cap­tured in the cyber attack on the Bun­destag. Russ­ian hack­ers are respon­si­ble for the attack. Also the com­mit­tee chair­man Patrick Sens­burg (CDU) had not exclud­ed a for­eign hack­er attack imme­di­ate­ly after the pub­li­ca­tion of the doc­u­ments.

Accord­ing to Wik­iLeaks, the approx­i­mate­ly 2400 doc­u­ments come from var­i­ous fed­er­al agen­cies such as the Bun­desnachrich­t­en­di­enst and the fed­er­al offices for con­sti­tu­tion­al pro­tec­tion and secu­ri­ty in infor­ma­tion tech­nol­o­gy. The doc­u­ments are intend­ed to pro­vide evi­dence of coop­er­a­tion between the US Nation­al Secu­ri­ty Agency (NSA) and the BND.

After the pub­li­ca­tion of con­fi­den­tial files from the NSA inves­ti­ga­tion com­mit­tee the Bun­destagspolizei is look­ing for the per­pe­tra­tors in par­lia­ment, as the news mag­a­zine “Spiegel” reports. “A vio­la­tion of secre­cy and a spe­cial duty of secre­cy” is con­firmed, a Bun­destag spokesman con­firmed to the mag­a­zine. Bun­destag Pres­i­dent Nor­bert Lam­mert (CDU) had approved the inves­ti­ga­tion against unknown. The Ger­man Bun­destag is a sep­a­rate police zone.

11b. The monikers Fan­cy Bear and Cozy Bear have been applied to “APT 28” and “APT 29,” abbre­vi­a­tions stand­ing for “advanced per­sis­tent threat.”

As the arti­cle below also points out, it’s entire­ly pos­si­ble that “APT28” and “APT29” aren’t dis­tinct enti­ties at all. Why? Because the con­clu­sion by firms like Fire­Eye and Crowd­strike that there are two groups, “APT28” and “APT29”, that were leav­ing years of elec­tron­ic trails from all their hack­ing activ­i­ties isn’t based on any dis­tinct “APT28” or “APT29” call­ing card. It’s based on the tool sets of hack­ing tools and infra­struc­ture (like servers) used by these groups. And those tool sets used by APT28 and APT29 are read­i­ly avail­able on the Dark Web and cir­cu­lat­ing among hack­er com­mu­ni­ties as was the infra­struc­ture.

In oth­er words, a wide vari­ety of skilled hack­ers have access to the exact same hack­ing tools that were used by groups like Fire­Eye and Crowd­strike to unique­ly iden­ti­fy APT28/29 and the same sets of cor­rupt­ed servers. Since so much of the rest of the evi­dence that was used to attribute the hack­ing evi­dence to Russ­ian hack­ers is based on read­i­ly spoofa­ble infor­ma­tion – like the cyril­lic char­ac­ters in a hacked doc­u­ment or that the hack­ing tool set code appeared to be com­piled dur­ing Moscow work­ing hours…all spoofa­ble evi­dence – the evi­dence used to attribute these hacks to Krem­lin-backed hack­ers could have been spoofed by a wide vari­ety of pos­si­ble cul­prits.

” . . . . Did the Russ­ian gov­ern­ment hack the DNC and feed doc­u­ments to Wik­iLeaks? There are real­ly two ques­tions here: who hacked the DNC, and who released the DNC doc­u­ments? These are not nec­es­sar­i­ly the same. An ear­li­er intru­sion into Ger­man par­lia­ment servers was blamed on the Rus­sians, yet the release of doc­u­ments to Wik­iLeaks is thought to have orig­i­nat­ed from an insid­er. [35] Had the Rus­sians hacked into the DNC, it may have been to gath­er intel­li­gence, while anoth­er actor released the doc­u­ments. But it is far from cer­tain that Russ­ian intel­li­gence ser­vices had any­thing to do with the intru­sions. Julian Assange says that he did not receive the DNC doc­u­ments from a nation-state. It has been point­ed out that Rus­sia could have used a third par­ty to pass along the mate­r­i­al. Fair enough, but for­mer UK diplo­mat Craig Mur­ray asserts: ‘I know who the source is… It’s from a Wash­ing­ton insid­er. It’s not from Rus­sia.’ [We won­der if it might have been Tul­si Gabbard–D.E.] [36] . . . .”

“Did the Rus­sians Real­ly Hack the DNC?” by Gre­go­ry Elich; Counter Punch; 1/13/2017.

Rus­sia, we are told, breached the servers of the Demo­c­ra­t­ic Nation­al Com­mit­tee (DNC), swiped emails and oth­er doc­u­ments, and released them to the pub­lic, to alter the out­come of the U.S. pres­i­den­tial elec­tion.

How sub­stan­tial is the evi­dence back­ing these asser­tions?

Hired by the Demo­c­ra­t­ic Nation­al Com­mit­tee to inves­ti­gate unusu­al net­work activ­i­ty, the secu­ri­ty firm Crowd­strike dis­cov­ered two sep­a­rate intru­sions on DNC servers. Crowd­strike named the two intrud­ers Cozy Bear and Fan­cy Bear, in an allu­sion to what it felt were Russ­ian sources. Accord­ing to Crowd­strike, “Their trade­craft is superb, oper­a­tional secu­ri­ty sec­ond to none,” and “both groups were con­stant­ly going back into the envi­ron­ment” to change code and meth­ods and switch com­mand and con­trol chan­nels.

On what basis did Crowd­strike attribute these breach­es to Russ­ian intel­li­gence ser­vices? The secu­ri­ty firm claims that the tech­niques used were sim­i­lar to those deployed in past secu­ri­ty hack­ing oper­a­tions that have been attrib­uted to the same actors, while the pro­file of pre­vi­ous vic­tims “close­ly mir­rors the strate­gic inter­ests of the Russ­ian gov­ern­ment. Fur­ther­more, it appeared that the intrud­ers were unaware of each other’s pres­ence in the DNC sys­tem. “While you would vir­tu­al­ly nev­er see West­ern intel­li­gence agen­cies going after the same tar­get with­out de-con­flic­tion for fear of com­pro­mis­ing each other’s oper­a­tions,” Crowd­strike reports, “in Rus­sia this is not an uncom­mon sce­nario.” [1]

Those may be indi­ca­tors of Russ­ian gov­ern­ment cul­pa­bil­i­ty. But then again, per­haps not. Regard­ing the point about sep­a­rate intrud­ers, each oper­at­ing inde­pen­dent­ly of the oth­er, that would seem to more like­ly indi­cate that the sources have noth­ing in com­mon.

Each of the two intru­sions act­ed as an advanced per­sis­tent threat (APT), which is an attack that resides unde­tect­ed on a net­work for a long time. The goal of an APT is to exfil­trate data from the infect­ed sys­tem rather than inflict dam­age. Sev­er­al names have been giv­en to these two actors, and most com­mon­ly Fan­cy Bear is known as APT28, and Cozy Bear as APT29.

The fact that many of the tech­niques used in the hack resem­bled, in vary­ing degrees, past attacks attrib­uted to Rus­sia may not nec­es­sar­i­ly car­ry as much sig­nif­i­cance as we are led to believe. Once mal­ware is deployed, it tends to be picked up by cyber­crim­i­nals and offered for sale or trade on Deep Web black mar­kets, where any­one can pur­chase it. Exploit kits are espe­cial­ly pop­u­lar sell­ers. Quite often, the code is mod­i­fied for spe­cif­ic uses. Secu­ri­ty spe­cial­ist Josh Pitts demon­strat­ed how easy that process can be, down­load­ing and mod­i­fy­ing nine sam­ples of the Onion­Duke mal­ware, which is thought to have first orig­i­nat­ed with the Russ­ian gov­ern­ment. Pitts reports that this exer­cise demon­strates “how easy it is to repur­pose nation-state code/malware.” [2]

In anoth­er exam­ple, when Senti­nalOne Research dis­cov­ered the Gyges mal­ware in 2014, it report­ed that it “exhibits sim­i­lar­i­ties to Russ­ian espi­onage mal­ware,” and is “designed to tar­get gov­ern­ment orga­ni­za­tions. It comes as no sur­prise to us that this type of intel­li­gence agency-grade mal­ware would even­tu­al­ly fall into cyber­crim­i­nals’ hands.” The secu­ri­ty firm explains that Gyges is an “exam­ple of how advanced tech­niques and code devel­oped by gov­ern­ments for espi­onage are effec­tive­ly being repur­posed, mod­u­lar­ized and cou­pled with oth­er mal­ware to com­mit cyber­crime.” [3]

Attri­bu­tion is hard, cyber­se­cu­ri­ty spe­cial­ists often point out. “Once an APT is released into the wild, its spread isn’t con­trolled by the attack­er,” writes Mark McAr­dle. “They can’t pre­vent some­one from ana­lyz­ing it and repur­pos­ing it for their own needs.” Adapt­ing mal­ware “is a well-known real­i­ty,” he con­tin­ues. “Find­ing irrefutable evi­dence that links an attack­er to an attack is vir­tu­al­ly unat­tain­able, so every­thing boils down to assump­tions and judg­ment.” [4]

Secu­ri­ty Alliance regards secu­ri­ty firm FireEye’s analy­sis that tied APT28 to the Russ­ian gov­ern­ment as based “large­ly on cir­cum­stan­tial evi­dence.” FireEye’s report “explic­it­ly dis­re­gards tar­gets that do not seem to indi­cate spon­sor­ship by a nation-state,” hav­ing exclud­ed var­i­ous tar­gets because they are “not par­tic­u­lar­ly indica­tive of a spe­cif­ic sponsor’s inter­ests.” [5] Fire­Eye report­ed that the APT28 “vic­tim set is nar­row,” which helped lead it to the con­clu­sion that it is a Russ­ian oper­a­tion. Cyber­se­cu­ri­ty con­sul­tant Jef­frey Carr reacts with scorn: “The vic­tim set is nar­row because the report’s authors make it nar­row! In fact, it wasn’t nar­row­ly tar­get­ed at all if you take into account the tar­gets men­tioned by oth­er cyber­se­cu­ri­ty com­pa­nies, not to men­tion those that Fire­Eye delib­er­ate­ly exclud­ed for being ‘not par­tic­u­lar­ly indica­tive of a spe­cif­ic sponsor’s inter­ests’.” [6]

FireEye’s report from 2014, on which much of the DNC Russ­ian attri­bu­tion is based, found that 89 per­cent of the APT28 soft­ware sam­ples it ana­lyzed were com­piled dur­ing reg­u­lar work­ing hours in St. Peters­burg and Moscow. [7]

But com­pile times, like lan­guage set­tings, can be eas­i­ly altered to mis­lead inves­ti­ga­tors. Mark McAr­dle won­ders, “If we think about the very high lev­el of design, engi­neer­ing, and test­ing that would be required for such a sophis­ti­cat­ed attack, is it rea­son­able to assume that the attack­er would leave these kinds of bread­crumbs? It’s pos­si­ble. But it’s also pos­si­ble that these things can be used to mis­di­rect atten­tion to a dif­fer­ent par­ty. Poten­tial­ly anoth­er adver­sary. Is this evi­dence the result of slop­pi­ness or a care­ful mis­di­rec­tion?” [8]

“If the guys are real­ly good,” says Chris Finan, CEO of Man­i­fold Tech­nol­o­gy, “they’re not leav­ing much evi­dence or they’re leav­ing evi­dence to throw you off the scent entire­ly.” [9] How plau­si­ble is it that Russ­ian intel­li­gence ser­vices would fail even to attempt such a fun­da­men­tal step?

James Scott of the Insti­tute for Crit­i­cal Infra­struc­ture Tech­nol­o­gy points out that the very vul­ner­a­bil­i­ty of the DNC servers con­sti­tutes a mud­died basis on which deter­mine attri­bu­tion. “Attri­bu­tion is less exact in the case of the DNC breach because the mail servers com­pro­mised were not well-secured; the orga­ni­za­tion of a few hun­dred per­son­nel did not prac­tice prop­er cyber-hygiene; the DNC has a glob­al rep­u­ta­tion and is a valu­able tar­get to script kid­dies, hack­tivists, lone-wolf cyber-threat actors, cyber-crim­i­nals, cyber-jihadists, hail-mary threats, and nation-state spon­sored advanced per­sis­tent threats; and because the mal­ware dis­cov­ered on DNC sys­tems were well-known, pub­licly dis­closed, and vari­ants could be pur­chased on Deep Web mar­kets and forums.” [10]

Some­one, or some group, oper­at­ing under the pseu­do­nym of Guc­cifer 2.0, claimed to be a lone actor in hack­ing the DNC servers. It is unclear what rela­tion – if any – Guc­cifer 2.0 has to either of the two APT attacks on the DNC. In a PDF file that Guc­cifer 2.0 sent to Gawker.com, meta­da­ta indi­cat­ed that it was it was last saved by some­one hav­ing a user­name in Cyril­lic let­ters. Dur­ing the con­ver­sion of the file from Microsoft Word to PDF, invalid hyper­link error mes­sages were auto­mat­i­cal­ly gen­er­at­ed in the Russ­ian lan­guage. [11]

This would seem to present rather damn­ing evi­dence. But who is Guc­cifer 2.0? A Russ­ian gov­ern­ment oper­a­tion? A pri­vate group? Or a lone hack­tivist? In the poor­ly secured DNC sys­tem, there were almost cer­tain­ly many infil­tra­tors of var­i­ous stripes. Nor can it be ruled out that the meta­da­ta indi­ca­tors were inten­tion­al­ly gen­er­at­ed in the file to mis­di­rect attri­bu­tion. The two APT attacks have been not­ed for their sophis­ti­ca­tion, and these mis­takes – if that is what they are – seem ama­teur­ish. To change the lan­guage set­ting on a com­put­er can be done in a mat­ter of sec­onds, and that would be stan­dard pro­ce­dure for advanced cyber-war­riors. On the oth­er hand, slop­pi­ness on the part of devel­op­ers is not entire­ly unknown. How­ev­er, one would expect a nation-state to enforce strict soft­ware and doc­u­ment han­dling pro­ce­dures and imple­ment rig­or­ous review process­es.

At any rate, the doc­u­ments post­ed to the Guc­cifer 2.0 blog do not nec­es­sar­i­ly orig­i­nate from the same source as those pub­lished by Wik­iLeaks. Cer­tain­ly, none of the doc­u­ments post­ed to Wik­iLeaks pos­sess the same meta­da­ta issues. And one hack­ing oper­a­tion does not pre­clude anoth­er, let alone an insid­er leak.

APT28 relied on XTun­nel, repur­posed from open source code that is avail­able to any­one, to open net­work ports and siphon data. The inter­est­ing thing about the soft­ware is its fail­ure to match the lev­el of sophis­ti­ca­tion claimed for APT28. The strings in the code quite trans­par­ent­ly indi­cate its intent, with no attempt at obfus­ca­tion. [12] It seems an odd over­sight for a nation-state oper­a­tion, in which plau­si­ble deni­a­bil­i­ty would be essen­tial, to over­look that glar­ing point dur­ing soft­ware devel­op­ment.

Com­mand-and-con­trol servers remote­ly issue mali­cious com­mands to infect­ed machines. Odd­ly, for such a key com­po­nent of the oper­a­tion, the com­mand-and-con­trol IP address in both attacks was hard-cod­ed in the mal­ware. This seems like anoth­er inex­plic­a­ble choice, giv­en that the point of an advanced per­sis­tent threat is to oper­ate for an extend­ed peri­od with­out detec­tion. A more suit­able approach would be to use a Domain Name Sys­tem (DNS) address, which is a decen­tral­ized com­put­er nam­ing sys­tem. That would pro­vide a more covert means of iden­ti­fy­ing the com­mand-and-con­trol serv­er. [13]More­over, one would expect that address to be encrypt­ed. Using a DNS address would also allow the com­mand-and-con­trol oper­a­tion to eas­i­ly move to anoth­er serv­er if its loca­tion is detect­ed, with­out the need to mod­i­fy and rein­stall the code.

One of the IP address­es is claimed to be a “well-known APT 28” com­mand-and-con­trol address, while the sec­ond is said to be linked to Russ­ian mil­i­tary intel­li­gence. [14] The first address points to a serv­er locat­ed in San Jose, Cal­i­for­nia, and is oper­at­ed by a serv­er host­ing ser­vice. [15] The sec­ond serv­er [16] Clear­ly, these are servers that have been com­pro­mised by hack­ers. It is cus­tom­ary for hack­ers to route their attacks through vul­ner­a­ble com­put­ers. The IP address­es of com­pro­mised com­put­ers are wide­ly avail­able on the Deep Web, and typ­i­cal­ly a hacked serv­er will be used by mul­ti­ple threat actors. These two par­tic­u­lar servers may or may not have been reg­u­lar­ly uti­lized by Russ­ian Intel­li­gence, but they were not unique­ly so used. Almost cer­tain­ly, many oth­er hack­ers would have used the same machines, and it can­not be said that these IP address­es unique­ly iden­ti­fy an infil­tra­tor. Indeed, the sec­ond IP address is asso­ci­at­ed with the com­mon Tro­jan virus­es Agent-APPR and Shun­nael. [17]

“Every­one is focused on attri­bu­tion, but we may be miss­ing the big­ger truth,” says Joshua Cro­man, Direc­tor of the Cyber State­craft Ini­tia­tive at the Atlantic Coun­cil. “[T]he lev­el of sophis­ti­ca­tion required to do this hack was so low that near­ly any­one could do it.”[18]

In answer to crit­ics, the Depart­ment of Home­land Secu­ri­ty and the FBI issued a joint analy­sis report, which pre­sent­ed “tech­ni­cal details regard­ing the tools and infra­struc­ture used” by Russ­ian intel­li­gence ser­vices “to com­pro­mise and exploit net­works” asso­ci­at­ed with the U.S. elec­tion, U.S. gov­ern­ment, polit­i­cal, and pri­vate sec­tor enti­ties. The report code-named these activ­i­ties “Griz­zly Steppe.” [19]

For a doc­u­ment that pur­ports to offer strong evi­dence on behalf of U.S. gov­ern­ment alle­ga­tions of Russ­ian cul­pa­bil­i­ty, it is strik­ing how weak and slop­py the con­tent is. Includ­ed in the report is a list of every threat group ever said to be asso­ci­at­ed with the Russ­ian gov­ern­ment, most of which are unre­lat­ed to the DNC hack. It appears that var­i­ous gov­ern­men­tal orga­ni­za­tions were asked to send a list of Russ­ian threats, and then an offi­cial lack­ing IT back­ground com­piled that infor­ma­tion for the report, and the result is a mish­mash of threat groups, soft­ware, and tech­niques. “Pow­er­Shell back­door,” for instance, is a method used by many hack­ers, and in no way describes a Russ­ian oper­a­tion.

Indeed, one must take the list on faith, because nowhere in the doc­u­ment is any evi­dence pro­vid­ed to back up the claim of a Russ­ian con­nec­tion. Indeed, as the major­i­ty of items on the list are unre­lat­ed to the DNC hack, one won­ders what the point is. But it bears repeat­ing: even where soft­ware can be traced to Russ­ian orig­i­na­tion, it does not nec­es­sar­i­ly indi­cate exclu­sive usage. Jef­frey Carr explains: “Once mal­ware is deployed, it is no longer under the con­trol of the hack­er who deployed it or the devel­op­er who cre­at­ed it. It can be reverse-engi­neered, copied, mod­i­fied, shared and rede­ployed again and again by any­one.” Carr quotes secu­ri­ty firm ESET in regard to the Sed­nit group, one of the items on the report’s list, and which is anoth­er name for APT28: “As secu­ri­ty researchers, what we call ‘the Sed­nit group’ is mere­ly a set of soft­ware and the relat­ed infra­struc­ture, which we can hard­ly cor­re­late with any spe­cif­ic orga­ni­za­tion.” Carr points out that X‑Agent soft­ware, which is said to have been uti­lized in the DNC hack, was eas­i­ly obtained by ESET for analy­sis. “If ESET could do it, so can oth­ers. It is both fool­ish and base­less to claim, as Crowd­strike does, that X‑Agent is used sole­ly by the Russ­ian gov­ern­ment when the source code is there for any­one to find and use at will.” [20]

The salient impres­sion giv­en by the government’s report is how devoid of evi­dence it is. For that mat­ter, the major­i­ty of the con­tent is tak­en up by what secu­ri­ty spe­cial­ist John Hin­der­ak­er describes as “pedes­tri­an advice to IT pro­fes­sion­als about com­put­er secu­ri­ty.” As for the report’s indi­ca­tors of com­pro­mise (IoC), Hin­der­ak­er char­ac­ter­izes these as “tools that are freely avail­able and IP address­es that are used by hack­ers around the world.” [21]

In con­junc­tion with the report, the FBI and Depart­ment of Home­land Secu­ri­ty pro­vid­ed a list of IP address­es it iden­ti­fied with Russ­ian intel­li­gence ser­vices. [22] Word­fence ana­lyzed the IP address­es as well as a PHP mal­ware script pro­vid­ed by the Depart­ment of Home­land Secu­ri­ty. In ana­lyz­ing the source code, Word­fence dis­cov­ered that the soft­ware used was P.A.S., ver­sion 3.1.0. It then found that the web­site that man­u­fac­tures the mal­ware had a site coun­try code indi­cat­ing that it is Ukrain­ian. The cur­rent ver­sion of the P.A.S. soft­ware is 4.1.1, which is much new­er than that used in the DNC hack, and the lat­est ver­sion has changed “quite sub­stan­tial­ly.” Word­fence notes that not only is the soft­ware “com­mon­ly avail­able,” but also that it would be rea­son­able to expect “Russ­ian intel­li­gence oper­a­tives to devel­op their own tools or at least use cur­rent mali­cious tools from out­side sources.” To put it plain­ly, Word­fence con­cludes that the mal­ware sam­ple “has no appar­ent rela­tion­ship with Russ­ian intel­li­gence.” [23]

Word­fence also ana­lyzed the government’s list of 876 IP address­es includ­ed as indi­ca­tors of com­pro­mise. The sites are wide­ly dis­persed geo­graph­i­cal­ly, and of those with a known loca­tion, the Unit­ed States has the largest num­ber. A large num­ber of the IP address­es belong to low-cost serv­er host­ing com­pa­nies. “A com­mon pat­tern that we see in the indus­try,” Word­fence states, “is that accounts at these hosts are com­pro­mised and those hacked sites are used to launch attacks around the web.” Fif­teen per­cent of the IP address­es are cur­rent­ly Tor exit nodes. “These exit nodes are used by any­one who wants to be anony­mous online, includ­ing mali­cious actors.” [24]

If one also takes into account the IP address­es that not only point to cur­rent Tor exits, but also those that once belonged to Tor exit nodes, then these com­prise 42 per­cent of the government’s list. [25] “The fact that so many of the IPs are Tor address­es reveals the true slop­pi­ness of the report,” con­cludes net­work secu­ri­ty spe­cial­ist Jer­ry Gam­blin. [26]

Cyber­se­cu­ri­ty ana­lyst Robert Gra­ham was par­tic­u­lar­ly blis­ter­ing in his assess­ment of the government’s report, char­ac­ter­iz­ing it as “full of garbage.” The report fails to tie the indi­ca­tors of com­pro­mise to the Russ­ian gov­ern­ment. “It con­tains sig­na­tures of virus­es that are pub­licly avail­able, used by hack­ers around the world, not just Rus­sia. It con­tains a long list of IP address­es from per­fect­ly nor­mal ser­vices, like Tor, Google, Drop­box, Yahoo, and so forth. Yes, hack­ers use Yahoo for phish­ing and mal­ad­ver­tis­ing. It doesn’t mean every access of Yahoo is an ‘indi­ca­tor of com­pro­mise’.” Gra­ham com­pared the list of IP address­es against those accessed by his web brows­er, and found two match­es. “No,” he con­tin­ues. “This doesn’t mean I’ve been hacked. It means I just had a nor­mal inter­ac­tion with Yahoo. It means the Griz­zly Steppe IoCs are garbage.” Gra­ham goes on to point out that “what real­ly hap­pened” with the sup­posed Russ­ian hack into the Ver­mont pow­er grid “is that some­body just checked their Yahoo email, there­by access­ing one of the same IP address­es I did. How they get from the facts (one per­son accessed Yahoo email) to the sto­ry (Rus­sians hacked pow­er grid)” is U.S. gov­ern­ment “mis­in­for­ma­tion.” [27]

The indi­ca­tors of com­pro­mise, in Graham’s assess­ment, were “pub­lished as a polit­i­cal tool, to prove they have evi­dence point­ing to Rus­sia.” As for the P.A.S. web shell, it is “used by hun­dreds if not thou­sands of hack­ers, most­ly asso­ci­at­ed with Rus­sia, but also through­out the rest of the world.” Rely­ing on the government’s sam­ple for attri­bu­tion is prob­lem­at­ic: “Just because you found P.A.S. in two dif­fer­ent places doesn’t mean it’s the same hack­er.” A web shell “is one of the most com­mon things hack­ers use once they’ve bro­ken into a serv­er,” Gra­ham observes. [28]

Although cyber­se­cu­ri­ty ana­lyst Robert M. Lee is inclined to accept the government’s posi­tion on the DNC hack, he feels the joint analy­sis report “reads like a poor­ly done ven­dor intel­li­gence report string­ing togeth­er var­i­ous aspects of attri­bu­tion with­out evi­dence.” The report’s list “detracts from the con­fi­dence because of the inter­weav­ing of unre­lat­ed data.” The infor­ma­tion pre­sent­ed is not sourced, he adds. “It’s a ran­dom col­lec­tion of infor­ma­tion and in that way, is most­ly use­less.” Indeed, the indi­ca­tors of com­pro­mise have “a high rate of false pos­i­tives for defend­ers that use them.” [29]

The intent of the joint analy­sis report was to pro­vide evi­dence of Russ­ian state respon­si­bil­i­ty for the DNC hack. But nowhere does it do so. Mere asser­tions are meant to per­suade. How much evi­dence does the gov­ern­ment have? The Demo­c­ra­t­ic Par­ty claims that the FBI nev­er request­ed access to DNC servers. [32] The FBI, for its part, says it made “mul­ti­ple requests” for access to the DNC servers and was repeat­ed­ly turned down. [33] Either way, it is a remark­able admis­sion. In a case like this, the FBI would typ­i­cal­ly con­duct its own inves­ti­ga­tion. Was the DNC afraid the FBI might come to a dif­fer­ent con­clu­sion than the DNC-hired secu­ri­ty firm Crowd­strike? The FBI was left to rely on what­ev­er evi­dence Crowd­strike chose to sup­ply. Dur­ing its analy­sis of DNC servers, Crowd­strike reports that it found evi­dence of APT28 and APT29 intru­sions with­in two hours. Did it stop there, sat­is­fied with what it had found? Or did it con­tin­ue to explore whether addi­tion­al intru­sions by oth­er actors had tak­en place?

In an attempt to fur­ther inflame the hys­te­ria gen­er­at­ed from accu­sa­tions of Russ­ian hack­ing, the Office of the Direc­tor of Nation­al Intel­li­gence pub­lished a declas­si­fied ver­sion of a doc­u­ment briefed to U.S. offi­cials. The infor­ma­tion was sup­plied by the CIA, FBI, and Nation­al Secu­ri­ty Agency, and was meant to cement the government’s case. Not sur­pris­ing­ly, the report received a warm wel­come in the main­stream media, but what is notable is that it offers not a sin­gle piece of evi­dence to sup­port its claim of “high con­fi­dence” in assess­ing that Rus­sia hacked the DNC and released doc­u­ments to Wik­iLeaks. Instead, the bulk of the report is an unhinged dia­tribe against Russ­ian-owned RT media. The con­tent is rife with inac­cu­ra­cies and absur­di­ties. Among the heinous actions RT is accused of are hav­ing run “anti-frack­ing pro­gram­ming, high­light­ing envi­ron­men­tal issues and the impacts on health issues,” air­ing a doc­u­men­tary on Occu­py Wall Street, and host­ing third-par­ty can­di­dates dur­ing the 2012 elec­tion.[34] . . .

. . . . Main­stream media start with the premise that the Russ­ian gov­ern­ment was respon­si­ble, despite a lack of con­vinc­ing evi­dence. They then leap to the fal­la­cious con­clu­sion that because Rus­sia hacked the DNC, only it could have leaked the doc­u­ments.

So, did the Russ­ian gov­ern­ment hack the DNC and feed doc­u­ments to Wik­iLeaks? There are real­ly two ques­tions here: who hacked the DNC, and who released the DNC doc­u­ments? These are not nec­es­sar­i­ly the same. An ear­li­er intru­sion into Ger­man par­lia­ment servers was blamed on the Rus­sians, yet the release of doc­u­ments to Wik­iLeaks is thought to have orig­i­nat­ed from an insid­er. [35] Had the Rus­sians hacked into the DNC, it may have been to gath­er intel­li­gence, while anoth­er actor released the doc­u­ments. But it is far from cer­tain that Russ­ian intel­li­gence ser­vices had any­thing to do with the intru­sions. Julian Assange says that he did not receive the DNC doc­u­ments from a nation-state. It has been point­ed out that Rus­sia could have used a third par­ty to pass along the mate­r­i­al. Fair enough, but for­mer UK diplo­mat Craig Mur­ray asserts: “I know who the source is… It’s from a Wash­ing­ton insid­er. It’s not from Rus­sia.” [36]

There are too many incon­sis­ten­cies and holes in the offi­cial sto­ry. In all like­li­hood, there were mul­ti­ple intru­sions into DNC servers, not all of which have been iden­ti­fied. The pub­lic ought to be wary of quick claims of attri­bu­tion. It requires a long and involved process to arrive at a plau­si­ble iden­ti­fi­ca­tion, and in many cas­es the source can nev­er be deter­mined. As Jef­frey Carr explains, “It’s impor­tant to know that the process of attribut­ing an attack by a cyber­se­cu­ri­ty com­pa­ny has noth­ing to do with the sci­en­tif­ic method. Claims of attri­bu­tion aren’t testable or repeat­able because the hypoth­e­sis is nev­er proven right or wrong.” [37]

Rus­sia-bash­ing is in full swing, and there does not appear to be any let­up in sight. We are plung­ing head­long into a new Cold War, rid­ing on a wave of pro­pa­gan­da-induced hys­te­ria. The self-serv­ing claims fuel­ing this cam­paign need to be chal­lenged every step of the way. Sur­ren­der­ing to evi­dence-free emo­tion­al appeals would only serve those who arro­gant­ly advo­cate con­fronta­tion and geopo­lit­i­cal dom­i­na­tion.

 12a.  The Shad­ow Bro­kers, released some more NSA hack­ing tools, along with a list of IP address­es the NSA was tar­get­ing. All of this was appar­ent­ly in response to a sense of betray­al. Betray­al by Don­ald Trump. Yes, when Don­ald Trump launched a cruise mis­sile attack against Syr­ia this so upset The Shad­ow Bro­kers that they wrote anoth­er long bro­ken Eng­lish rant (with a white nation­al­ist theme) about Trump liv­ing up to his promis­es and then released some more hack­ing tools.

We ana­lyzed the Shad­ow­Bro­kers in FTR #923.

Suf­fice it to say, that this group is, in all prob­a­bil­i­ty, not Russ­ian at all.

“Mys­te­ri­ous Group Posts More Alleged NSA Hack­ing Tools; Rus­sia Link Sus­pect­ed” by Tim John­son; McClatchy DC; 4/10/2017.

In the lat­est in a drum­beat of intel­li­gence leaks, a hack­ing group known as the Shad­ow Bro­kers has released anoth­er set of tools it said were designed by the top-secret Nation­al Secu­ri­ty Agency to pen­e­trate com­put­er sys­tems world­wide.

In a rant-filled state­ment over the week­end, Shad­ow Bro­kers also released a list of servers it said the tools had infect­ed.

One doc­u­ment appeared to show that NSA spy­ware had been placed on servers in South Korea, Rus­sia, Japan, Chi­na, Mex­i­co, Tai­wan, Spain, Venezuela and Thai­land, among oth­er coun­tries. The dump includ­ed details of how the NSA pur­port­ed­ly had gained access to Pakistan’s main mobile net­work.

The release marked the most recent in a steady stream of dis­clo­sures of pur­port­ed hack­ing tools devel­oped by the NSA and the CIA. Shad­ow Bro­kers made a sim­i­lar release in August, and in March the anti-secre­cy group Wik­iLeaks released sev­er­al batch­es of files that pur­port­ed to show how the CIA spies on its tar­gets. Wik­iLeaks has dubbed those leaks Vault7.

Cyber­se­cu­ri­ty experts dif­fered in their assess­ment of the leaked mate­r­i­al but sev­er­al agreed that it would give glob­al foes cru­cial infor­ma­tion about Amer­i­can hack­ing abil­i­ties and plans.

In its state­ment, Shad­ow Bro­kers said the lat­est leak, fol­low­ing one eight months ago, “is our form of protest” to goad Pres­i­dent Don­ald Trump into stay­ing loy­al to his fol­low­ers and pro­mot­ing anti-glob­al­ism. The screed includ­ed pro­fan­i­ty, some white suprema­cist com­men­tary and a pass­word to the cache of tools.

This is inter­est­ing. A list of NSA tar­gets and the spe­cif­ic implants installed (IP address includ­ed).https://t.co/d0A950lD3t#Shad­ow­Bro­kers— Kevin Mit­nick (@kevinmitnick) April 9, 2017

The spe­cif­ic spy­ware was less dra­mat­ic, experts said.

“The dump appears to con­tain only Lin­ux and Unix tools and exploits, so orga­ni­za­tions run­ning only Win­dows don’t need to react to tools in this release,” an Augus­ta, Geor­gia, firm, Ren­di­tion Infos­ec, said n a blog post­ing.

The NSA, which has its head­quar­ters at Fort Meade, Mary­land, did not respond to a request for com­ment.

Ren­di­tion Infos­ec said there was lit­tle doubt that Rus­sia and the Shad­ow Bro­kers group were con­nect­ed and that for­eign hack­ing groups, some spon­sored by gov­ern­ments, had entered an era of drib­bling out leaks to influ­ence glob­al affairs.

“In the future, we believe that oth­er groups are high­ly like­ly to attack orga­ni­za­tions, steal their data and release it at timed inter­vals in an attempt to con­trol the news cycle. This is clas­sic infor­ma­tion war­fare, updat­ed for dig­i­tal espi­onage,” the post­ing said.

In its state­ment, Shad­ow Bro­kers denied, in bro­ken Eng­lish, that the group is linked to the Russ­ian gov­ern­ment.

Those who have worked in the U.S. intel­li­gence com­mu­ni­ty voiced dis­may at the con­stant leak of alleged NSA and CIA tech­niques and tools.

“What is dev­as­tat­ing is not just the loss of one exploit but the loss of your entire tool chain, par­tic­u­lar tar­gets you’re resid­ing on, your method­olo­gies, your research thrusts,” said Dave Aitel, a for­mer com­put­er sci­en­tist at the NSA who now is chief exec­u­tive at Immu­ni­ty Inc., a cyber­se­cu­ri­ty firm in Mia­mi.

Aitel, who spoke on the side­lines of the Infil­trate 2017 con­fer­ence in Mia­mi Beach late last week, before the Shad­ow Bro­kers release, said the impact of leaks of cyberes­pi­onage tools “can be real hard to esti­mate or con­tain.”

He said such leaks could open a win­dow on research trends that could derail entire units with­in the intel­li­gence com­mu­ni­ty.

“Every group has a par­tic­u­lar set of spe­cial­ties that they are good at research­ing. If you start expos­ing those capa­bil­i­ties, you also expose your future capa­bil­i­ties,” Aitel said. “It can spread across a lot of pieces of your orga­ni­za­tion. . . . . That’s when you start see­ing entire net­works get destroyed based on leaks.”

The Shad­ow Bro­kers group burst into the news in mid-August when it claimed to pos­sess stolen NSA cyber weapons and sur­veil­lance toolsintend to bypass fire­walls and embed in net­work equip­ment or soft­ware made by Cis­co Sys­tems, Fortinet, Juniper Net­works and TopSec, a Chi­nese secu­ri­ty ven­dor.

In a bizarre twist, the group demand­ed an astro­nom­i­cal sum – 1 mil­lion bit­coins, or $1.2 tril­lion – for the release of addi­tion­al NSA tools. When the group found no tak­ers, it issued a petu­lant state­ment in Octo­ber say­ing the auc­tion was off. In Jan­u­ary, the group said it was “going dark,” only to reap­pear over the week­end.

 


Ren­di­tion Infos­ec said there was lit­tle doubt that Rus­sia and the Shad­ow Bro­kers group were con­nect­ed and that for­eign hack­ing groups, some spon­sored by gov­ern­ments, had entered an era of drib­bling out leaks to influ­ence glob­al affairs.

“In the future, we believe that oth­er groups are high­ly like­ly to attack orga­ni­za­tions, steal their data and release it at timed inter­vals in an attempt to con­trol the news cycle. This is clas­sic infor­ma­tion war­fare, updat­ed for dig­i­tal espi­onage,” the post­ing said.

In its state­ment, Shad­ow Bro­kers denied, in bro­ken Eng­lish, that the group is linked to the Russ­ian gov­ern­ment.

12b. As we not­ed in past dis­cus­sion of the Shad­ow Bro­kers, there’s actu­al­ly been a lot of doubt that the Rus­sians hacked the NSA fro the very begin­ning.

A chief sus­pect is Jacob Apple­baum, the CIA-financed Amer­i­can Wik­iLeak­er who appears to have facil­i­tat­ed Edward Snow­den’s jour­ney from Hawaii to Hong Kong.

“For­mer NSA Staffers: Rogue Insid­er Could Be Behind NSA Data Dump” by Loren­zo Franceschi-Bic­chierai and Joseph Cox; Vice Moth­er­board; 8/17/2016.

Who’s real­ly behind one of the most shock­ing data dumps ever? Anoth­er the­o­ry emerges.

There are a lot of unan­swered ques­tions sur­round­ing the shock­ing dump of a slew of hack­ing tools used by an NSA-linked group ear­li­er this week. But per­haps the biggest one is: who’s behind the leak? Who is behind the mys­te­ri­ous moniker “The Shad­ow Bro­kers”?

So far, there’s no clear evi­dence point­ing in any direc­tion, but giv­en the tim­ing of the leak, and the sim­ple fact that very few would have the capa­bil­i­ties and the motives to hack and shame the NSA pub­licly, some posit­ed The Shad­ow Bro­kers could be Russ­ian.

But there’s anoth­er pos­si­bil­i­ty. An insid­er could have stolen them direct­ly from the NSA, in a sim­i­lar fash­ion to how for­mer NSA con­trac­tor Edward Snow­den stole an untold num­ber of the spy agency’s top secret doc­u­ments. And this the­o­ry is being pushed by some­one who claims to be, him­self, a for­mer NSA insid­er.

“My col­leagues and I are fair­ly cer­tain that this was no hack, or group for that mat­ter,” the for­mer NSA employ­ee told Moth­er­board. “This ‘Shad­ow Bro­kers’ char­ac­ter is one guy, an insid­er employ­ee.”

The source, who asked to remain anony­mous, said that it’d be much eas­i­er for an insid­er to obtain the data that The Shad­ow Bro­kers put online rather than some­one else, even Rus­sia, remote­ly steal­ing it. He argued that “nam­ing con­ven­tion of the file direc­to­ries, as well as some of the scripts in the dump are only acces­si­ble inter­nal­ly,” and that “there is no rea­son” for those files to be on a serv­er some­one could hack. He claimed that these sorts of files are on a phys­i­cal­ly sep­a­rat­ed net­work that doesn’t touch the inter­net; an air-gap. (Moth­er­board was not able to inde­pen­dent­ly ver­i­fy this claim, and it’s worth bear­ing in mind that an air-gap is not an insur­mount­able obsta­cle in the world of hack­ing).

Of course, as Matt Suiche, the CEO of Dubai-based cyber­se­cu­ri­ty com­pa­ny Comae, not­ed in a post ana­lyz­ing the insid­er the­o­ry, a lead­ing the­o­ry is that a mem­ber of NSA’s elite hack­ing team, Tai­lored Access Oper­a­tion, or TAO, made a “mis­take” and left the hack­ing tools exposed on a serv­er.

“We are 99.9 per­cent sure that Rus­sia has noth­ing to do with this and even though all this spec­u­la­tion is more sen­sa­tion­al in the media, the insid­er the­o­ry should not be dis­missed,” the source added. “We think it is the most plau­si­ble.”

The source said that while he was “a lit­tle ner­vous about this whole thing,” he was com­ing for­ward pre­cise­ly to warn peo­ple against accus­ing Rus­sia.

“Now see­ing what’s being parad­ed in the media like the wild­ly spec­u­la­tive attri­bu­tion to Rus­sia, I feel a per­son­al respon­si­bil­i­ty to pro­pose the more plau­si­ble the­o­ry on behalf of me and the rest of the guys like me,” he said. “I think it’s dan­ger­ous to point fin­gers when they shouldn’t be. That could have real impli­ca­tions that affect real peo­ple.”

The source pro­vid­ed a mil­i­tary award as proof of his past employ­ment, and mul­ti­ple for­mer intel­li­gence sources who reviewed the award for Moth­er­board said it looks legit­i­mate. That award describes the source’s role as a “Cyber Intru­sion Ana­lyst,” and although he was not a mem­ber of TAO him­self, he said he was able to work with TAO oper­a­tors and access and ana­lyze the data retrieved.

Michael Adams, an infor­ma­tion secu­ri­ty expert who served more than two decades in the US Spe­cial Oper­a­tions Com­mand, agreed that it’s a viable the­o­ry.

“It’s Snow­den junior,” Adams told Moth­er­board. “Except he doesn’t want to end up in vir­tu­al prison in Rus­sia. He’s smart enough to rip off shit, but also smart enough to be uniden­ti­fi­able.”

It’s impor­tant to note that there’s no evi­dence point­ing the fin­ger at an insid­er, just like there’s no evi­dence point­ing toward Rus­sia. It’s all spec­u­la­tion, but these two the­o­ries, at this point, seem the most plau­si­ble.

 

Discussion

One comment for “FTR #958 Miscellaneous Articles and Updates”

  1. A for­mer Face­book exec­u­tive wrote a piece ear­li­er this month in response to the reports about Face­book using algo­rithms to iden­ti­fy depressed teens and shar­ing that data with adver­tis­ers. His mes­sage is a pret­ty fas­ci­nat­ing one: First, don’t believe Face­book’s denials, it is high­ly like­ly they are lying through their teeth and rou­tine­ly mak­ing these kinds of infer­ences and then sell­ing that info to adver­tis­ers. And sec­ond­ly, Face­book is like­ly doing this in part because, why not? There’s noth­ing wrong with doing what Face­book was charged with doing.

    Those were the twin mes­sages com­ing from this for­mer Face­book exec­u­tive. And when you con­sid­er the ‘who cares?’ sen­ti­ment is prob­a­bly pret­ty wide­ly held by Face­book exec­u­tives (because oth­er­wise there would be an epi­dem­ic of self-loathing Face­book execs), it makes the sus­pi­cions that Face­book is sell­ing every­thing it can to adver­tis­ers a lot more cred­i­ble:

    The Guardian

    I’m an ex-Face­book exec: don’t believe what they tell you about ads
    I believe the social media giant could tar­get ads at depressed teens and count­less oth­er demo­graph­ics. But so what?

    Anto­nio Gar­cia-Mar­tinez

    Tues­day 2 May 2017 12.25 EDT

    For two years I was charged with turn­ing Face­book data into mon­ey, by any legal means. If you browse the inter­net or buy items in phys­i­cal stores, and then see ads relat­ed to those pur­chas­es on Face­book, blame me. I helped cre­ate the first ver­sions of that, way back in 2012.

    The ethics of Facebook’s micro-tar­get­ed adver­tis­ing was thrust into the spot­light this week by a report out of Aus­tralia. The arti­cle, based on a leaked pre­sen­ta­tion, said that Face­book was able to iden­ti­fy teenagers at their most vul­ner­a­ble, includ­ing when they feel “inse­cure”, “worth­less”, “defeat­ed” and “stressed”.

    Face­book claimed the report was mis­lead­ing, assur­ing the pub­lic that the com­pa­ny does not “offer tools to tar­get peo­ple based on their emo­tion­al state”. If the inten­tion of Facebook’s pub­lic rela­tions spin is to give the impres­sion that such tar­get­ing is not even pos­si­ble on their plat­form, I’m here to tell you I believe they’re lying through their teeth.

    Just as Mark Zucker­berg was being disin­gen­u­ous (to put it mild­ly) when, in the wake of Don­ald Trump’s unex­pect­ed vic­to­ry, he expressed doubt that Face­book could have flipped the pres­i­den­tial elec­tion.

    Face­book deploys a polit­i­cal adver­tis­ing sales team, spe­cial­ized by polit­i­cal par­ty, and charged with con­vinc­ing deep-pock­et­ed politi­cians that they do have the kind of influ­ence need­ed to alter the out­come of elec­tions.

    I was at Face­book in 2012, dur­ing the pre­vi­ous pres­i­den­tial race. The fact that Face­book could eas­i­ly throw the elec­tion by selec­tive­ly show­ing a Get Out the Vote reminder in cer­tain coun­ties of a swing state, for exam­ple, was a run­ning joke.

    Con­vert­ing Face­book data into mon­ey is hard­er than it sounds, most­ly because the vast bulk of your user data is worth­less. Turns out your blot­to-drunk par­ty pics and flir­ty co-work­er mes­sages have no com­mer­cial val­ue what­so­ev­er.

    But occa­sion­al­ly, if used very clev­er­ly, with lots of machine-learn­ing iter­a­tion and sys­tem­at­ic tri­al-and-error, the can­ny mar­keter can find just the right admix­ture of age, geog­ra­phy, time of day, and music or film tastes that demar­cate a demo­graph­ic win­ner of an audi­ence. The “click­through rate”, to use the advertiser’s par­lance, doesn’t lie.

    With­out see­ing the leaked doc­u­ments, which were report­ed­ly based around a pitch Face­book made to a bank, it is impos­si­ble to know pre­cise­ly what the plat­form was offer­ing adver­tis­ers. There’s noth­ing in the trade I know of that tar­gets ads at emo­tions. But Face­book has and does offer “psychometric”-type tar­get­ing, where the goal is to define a sub­set of the mar­ket­ing audi­ence that an adver­tis­er thinks is par­tic­u­lar­ly sus­cep­ti­ble to their mes­sage.

    And know­ing the Face­book sales play­book, I can­not imag­ine the com­pa­ny would have con­coct­ed such a pitch about teenage emo­tions with­out the final hook: “and this is how you exe­cute this on the Face­book ads plat­form”. Why else would they be mak­ing the pitch?

    The ques­tion is not whether this can be done. It is whether Face­book should apply a moral fil­ter to these deci­sions. Let’s assume Face­book does tar­get ads at depressed teens. My reac­tion? So what. Some­times data behaves uneth­i­cal­ly.

    I’ll illus­trate with an anec­dote from my Face­book days. Some­one on the data sci­ence team had cooked up a new tool that rec­om­mend­ed Face­book Pages users should like. And what did this tool start spit­ting out? Every eth­nic stereo­type you can imag­ine. We killed the tool when it rec­om­mend­ed then pres­i­dent Oba­ma if a user had “liked” rap­per Jay Z. While that was a sta­tis­ti­cal fact – peo­ple who liked Jay Z were more like­ly to like Oba­ma – it was one of the sta­tis­ti­cal truths Face­book couldn’t be seen espous­ing.

    I dis­agreed. Jay Z is a mil­lion­aire music tycoon, so what if we asso­ciate him with the pres­i­dent? In our cur­rent world, there’s a long list of Truths That Can­not Be Stat­ed Pub­licly, even though there’s plen­ty of data sug­gest­ing their cor­rect­ness, and this was one of them.

    African Amer­i­cans liv­ing in postal codes with depressed incomes like­ly do respond dis­pro­por­tion­ate­ly to ads for usu­ri­ous “pay­day” loans. His­pan­ics between the ages of 18 and 25 prob­a­bly do engage with ads singing the charms and advan­tages of mil­i­tary ser­vice.

    ...

    The hard real­i­ty is that Face­book will nev­er try to lim­it such use of their data unless the pub­lic uproar reach­es such a crescen­do as to be un-muta­ble. Which is what hap­pened with Trump and the “fake news” accu­sa­tion: even the implaca­ble Zuck had to give in and intro­duce some anti-fake news tech­nol­o­gy. But they’ll slip that trap as soon as they can. And why shouldn’t they? At least in the case of ads, the data and the click­through rates are on their side.

    ———-

    “I’m an ex-Face­book exec: don’t believe what they tell you about ads” by Anto­nio Gar­cia-Mar­tinez; The Guardian; 05/02/2017

    “Face­book claimed the report was mis­lead­ing, assur­ing the pub­lic that the com­pa­ny does not “offer tools to tar­get peo­ple based on their emo­tion­al state”. If the inten­tion of Facebook’s pub­lic rela­tions spin is to give the impres­sion that such tar­get­ing is not even pos­si­ble on their plat­form, I’m here to tell you I believe they’re lying through their teeth.

    Strong words from the for­mer Face­book exec­u­tive. And prob­a­bly large­ly true words too based on not just his account of how Face­book behaved but also the basic Face­book busi­ness mod­el: fig­ur­ing out how to find the tar­get mar­ket for adver­tis­ers mar­ket­ing cam­paigns is a core com­po­nent of how Face­book makes mon­ey. So if they could iden­ti­fy depressed teens there’s no rea­son to see why this kind of data would­n’t be used to sell ads even if Face­book had a pol­i­cy of not adver­tis­ing to peo­ple in par­tic­u­lar emo­tion­al states because there’s no rea­son Face­book could­n’t iden­ti­fy these depressed teens as some­thing oth­er than “depressed teen”. Just put some oth­er “psychometric”-type label on the depressed teens cat­e­go­ry and sell the ads that way. Prob­lem solved:

    ...
    Con­vert­ing Face­book data into mon­ey is hard­er than it sounds, most­ly because the vast bulk of your user data is worth­less. Turns out your blot­to-drunk par­ty pics and flir­ty co-work­er mes­sages have no com­mer­cial val­ue what­so­ev­er.

    But occa­sion­al­ly, if used very clev­er­ly, with lots of machine-learn­ing iter­a­tion and sys­tem­at­ic tri­al-and-error, the can­ny mar­keter can find just the right admix­ture of age, geog­ra­phy, time of day, and music or film tastes that demar­cate a demo­graph­ic win­ner of an audi­ence. The “click­through rate”, to use the advertiser’s par­lance, doesn’t lie.

    With­out see­ing the leaked doc­u­ments, which were report­ed­ly based around a pitch Face­book made to a bank, it is impos­si­ble to know pre­cise­ly what the plat­form was offer­ing adver­tis­ers. There’s noth­ing in the trade I know of that tar­gets ads at emo­tions. But Face­book has and does offer “psychometric”-type tar­get­ing, where the goal is to define a sub­set of the mar­ket­ing audi­ence that an adver­tis­er thinks is par­tic­u­lar­ly sus­cep­ti­ble to their mes­sage.

    And know­ing the Face­book sales play­book, I can­not imag­ine the com­pa­ny would have con­coct­ed such a pitch about teenage emo­tions with­out the final hook: “and this is how you exe­cute this on the Face­book ads plat­form”. Why else would they be mak­ing the pitch?
    ...

    “With­out see­ing the leaked doc­u­ments, which were report­ed­ly based around a pitch Face­book made to a bank, it is impos­si­ble to know pre­cise­ly what the plat­form was offer­ing adver­tis­ers. There’s noth­ing in the trade I know of that tar­gets ads at emo­tions. But Face­book has and does offer “psychometric”-type tar­get­ing, where the goal is to define a sub­set of the mar­ket­ing audi­ence that an adver­tis­er thinks is par­tic­u­lar­ly sus­cep­ti­ble to their mes­sage.

    That’s the take away from at least one for­mer Face­book exec­u­tive: unless Face­book’s exec­u­tives are sud­den­ly behav­ing in a very dif­fer­ent eth­i­cal man­ner than they were when this exec­u­tive was work­ing at Face­book, yes, Face­book is almost cer­tain­ly sell­ing things like teen depres­sion sta­tus to adver­tis­ers. Because if they can they will. All in all, it’s a rather depress­ing sto­ry. Per­haps not as depress­ing as Face­book itself, but still pret­ty depress­ing.

    Posted by Pterrafractyl | May 23, 2017, 7:32 pm

Post a comment