WFMU-FM is podcasting For The Record–You can subscribe to the podcast HERE.
You can subscribe to e‑mail alerts from Spitfirelist.com HERE.
You can subscribe to RSS feed from Spitfirelist.com HERE.
You can subscribe to the comments made on programs and posts–an excellent source of information in, and of, itself HERE.
This broadcast was recorded in one, 60-minute segment.
Introduction: As the title indicates, this broadcast both introduces and updates various paths of inquiry.
Major focal points and topics of discussion include:
- Discussion about the possibility of Trump precipitating a Reichstag Fire-type of incident. ” . . . . Q: In your book you discuss the idea that Donald Trump will have his own version of Hitler’s Reichstag fire to expand his power and take full control of the government by declaring a state of emergency. How do you think that would play out?. . . . A: I think it’s pretty much inevitable that they will try. The reason I think that is that the conventional ways of being popular are not working out for them. The conventional way to be popular or to be legitimate in this country is to have some policies, to grow your popularity ratings and to win some elections. I don’t think 2018 is looking very good for the Republicans along those conventional lines — not just because the president is historically unpopular. It’s also because neither the White House nor Congress have any policies which the majority of the public like. This means they could be seduced by the notion of getting into a new rhythm of politics, one that does not depend upon popular policies and electoral cycles. . . . Nobody can be sure how long this particular regime change with Trump will take, but there is a clock, and the clock really is ticking. It’s three years on the outside, but in more likelihood something like a year. In January 2018 we will probably have a pretty good idea which way this thing is going. . . .”
- Talk of the White House pushing to amend or abolish the 1st amendment. “ . . . . PRIEBUS: And I already answered the question. I said this is something that is being looked at. But it’s something that as far as how it gets executed, where we go with it, that’s another issue. . . .”
- Discussion about “loosening” libel laws–something that would have the same effect as abolishing or amending the 1st amendment.“ . . . . ‘I think the chief of staff made it very clear that it’s something that is being looked into, substantively and then both logistically, how it would happen’ Spicer said. But that’s nothing new. It’s something the President talked about on the campaign trail.’ . . . . ”
Some terrifying and consummately important developments taking shape in the context of what Mr. Emory has called “technocratic fascism:”
- In FTR #‘s 718 and 946, we detailed the frightening, ugly reality behind Facebook. Facebook is now developing technology that will permit the tapping of users thoughts by monitoring brain-to-computer technology. Facebook’s R & D is headed by Regina Dugan, who used to head the Pentagon’s DARPA. Facebook’s Building 8 is patterned after DARPA: ” . . . Facebook wants to build its own “brain-to-computer interface” that would allow us to send thoughts straight to a computer. ‘What if you could type directly from your brain?’ Regina Dugan, the head of the company’s secretive hardware R&D division, Building 8, asked from the stage. Dugan then proceeded to show a video demo of a woman typing eight words per minute directly from the stage. In a few years, she said, the team hopes to demonstrate a real-time silent speech system capable of delivering a hundred words per minute. ‘That’s five times faster than you can type on your smartphone, and it’s straight from your brain,’ she said. ‘Your brain activity contains more information than what a word sounds like and how it’s spelled; it also contains semantic information of what those words mean.’ . . .”
- More about Dugan, DARPA, and Facebook’s brain-to-computer technology: ” . . . . Brain-computer interfaces are nothing new. DARPA, which Dugan used to head, has invested heavily in brain-computer interface technologies to do things like cure mental illness and restore memories to soldiers injured in war. But what Facebook is proposing is perhaps more radical—a world in which social media doesn’t require picking up a phone or tapping a wrist watch in order to communicate with your friends; a world where we’re connected all the time by thought alone. . . .”
- ” . . . . Facebook’s Building 8 is modeled after DARPA and its projects tend to be equally ambitious. . . .”
- ” . . . . But what Facebook is proposing is perhaps more radical—a world in which social media doesn’t require picking up a phone or tapping a wrist watch in order to communicate with your friends; a world where we’re connected all the time by thought alone. . . .”
Next, we present still more about Facebook’s brain-to-computer interface:
- ” . . . . Facebook hopes to use optical neural imaging technology to scan the brain 100 times per second to detect thoughts and turn them into text. Meanwhile, it’s working on ‘skin-hearing’ that could translate sounds into haptic feedback that people can learn to understand like braille. . . .”
- ” . . . . Worryingly, Dugan eventually appeared frustrated in response to my inquiries about how her team thinks about safety precautions for brain interfaces, saying, ‘The flip side of the question that you’re asking is ‘why invent it at all?’ and I just believe that the optimistic perspective is that on balance, technological advances have really meant good things for the world if they’re handled responsibly.’ . . . .”
Collating the information about Facebook’s brain-to-computer interface with their documented actions turning psychological intelligence about troubled teenagers gives us a peek into what may lie behind Dugan’s bland reassurances:
- ” . . . . The 23-page document allegedly revealed that the social network provided detailed data about teens in Australia—including when they felt ‘overwhelmed’ and ‘anxious’—to advertisers. The creepy implication is that said advertisers could then go and use the data to throw more ads down the throats of sad and susceptible teens. . . . By monitoring posts, pictures, interactions and internet activity in real-time, Facebook can work out when young people feel ‘stressed’, ‘defeated’, ‘overwhelmed’, ‘anxious’, ‘nervous’, ‘stupid’, ‘silly’, ‘useless’, and a ‘failure’, the document states. . . .”
- ” . . . . A presentation prepared for one of Australia’s top four banks shows how the $US415 billion advertising-driven giant has built a database of Facebook users that is made up of 1.9 million high schoolers with an average age of 16, 1.5 million tertiary students averaging 21 years old, and 3 million young workers averaging 26 years old. Detailed information on mood shifts among young people is ‘based on internal Facebook data’, the document states, ‘shareable under non-disclosure agreement only’, and ‘is not publicly available’. . . .”
- “In a statement given to the newspaper, Facebook confirmed the practice and claimed it would do better, but did not disclose whether the practice exists in other places like the US. . . .”
The next version of Amazon’s Echo, the Echo Look, has a microphone and camera so it can take pictures of you and give you fashion advice. This is an AI-driven device designed to placed in your bedroom to capture audio and video. The images and videos are stored indefinitely in the Amazon cloud. When Amazon was asked if the photos, videos, and the data gleaned from the Echo Look would be sold to third parties, Amazon didn’t address that question. It would appear that selling off your private info collected from these devices is presumably another feature of the Echo Look: ” . . . .Amazon is giving Alexa eyes. And it’s going to let her judge your outfits.The newly announced Echo Look is a virtual assistant with a microphone and a camera that’s designed to go somewhere in your bedroom, bathroom, or wherever the hell you get dressed. Amazon is pitching it as an easy way to snap pictures of your outfits to send to your friends when you’re not sure if your outfit is cute, but it’s also got a built-in app called StyleCheck that is worth some further dissection. . . .”
We then further develop the stunning implications of Amazon’s Echo Look AI technology:
- ” . . . . This might seem overly speculative or alarmist to some, but Amazon isn’t offering any reassurance that they won’t be doing more with data gathered from the Echo Look. When asked if the company would use machine learning to analyze users’ photos for any purpose other than fashion advice, a representative simply told The Verge that they ‘can’t speculate’ on the topic. The rep did stress that users can delete videos and photos taken by the Look at any time, but until they do, it seems this content will be stored indefinitely on Amazon’s servers.
- This non-denial means the Echo Look could potentially provide Amazon with the resource every AI company craves: data. And full-length photos of people taken regularly in the same location would be a particularly valuable dataset — even more so if you combine this information with everything else Amazon knows about its customers (their shopping habits, for one). But when asked whether the company would ever combine these two datasets, an Amazon rep only gave the same, canned answer: ‘Can’t speculate.’ . . . . ”
Noteworthy in this context is the fact that AI’s have shown that they quickly incorporate human traits and prejudices. ” . . . . However, as machines are getting closer to acquiring human-like language abilities, they are also absorbing the deeply ingrained biases concealed within the patterns of language use, the latest research reveals. Joanna Bryson, a computer scientist at the University of Bath and a co-author, said: ‘A lot of people are saying this is showing that AI is prejudiced. No. This is showing we’re prejudiced and that AI is learning it.’ . . .”
In FTR #957, we discussed Emmanuel Macron, the candidate of choice for Germany. Prior to his election victory over National Front leader Marine Le Pen, his campaign was hit with hacking attacks. Supposedly engineered by Russia, these attacks were attributed to “Cozy Bear” and “Fancy Bear,” two allegedly Russian hackers. Those monikers were attached to Apt 28 and Apt 29, two hackers who targeted the German Bundestag.
Eventually, it developed that the material supposedly “hacked” by APT’s 28 and 29 were the product of an insider USB downloaded gambit.
These are the same supposedly Russian hacking elements highlighted in FTR #‘s 917, 923, 924 and 943.
Note that the hacked documents contained Cyrillic characters in the metadata and that the hack was amplified by “alt-right” sources in this country and WikiLeaks.
Russian intelligence would NOT make a mistake like that.
” . . . . Suiche analysed some of the leaked data and found some of the documents had been altered. ‘Artefacts containing Cyrillic characters have been found in the metadata of some documents, this is either an operational mistake or something that was placed on purpose,’ he said. . . .The leaked data was first posted to the /pol message board on 4Chan, a website often associated with leaks and trolling. According to the Atlantic Council’s Digital Forensic Research Lab, it was quickly publicised on Twitter by the alt-right account @JackPosobiec – the account of a reporter for the alt-right news site therebel.media. The link was later tweeted by the official Wikileaks account. . . .”
After reviewing information about the ludicrous nature of the “Russia did it” meme about the high-profile hacks, the program concludes with a look at the return of the Shadow Brokers, another allegedly Russian hacking group. After the U.S. cruise missile attack on Syria, they re-emerged, manifesting white supremacist ideology and pro-Trump rhetoric, all in the same broken English that characterized their initial appearance. ” . . . . In its statement, Shadow Brokers said the latest leak, following one eight months ago, ‘is our form of protest’ to goad President Donald Trump into staying loyal to his followers and promoting anti-globalism. The screed included profanity, some white supremacist commentary and a password to the cache of tools. . . .”
1. The program begins with discussion about the possibility of Trump precipitating a Reichstag Fire-type of incident.
” . . . . In your book you discuss the idea that Donald Trump will have his own version of Hitler’s Reichstag fire to expand his power and take full control of the government by declaring a state of emergency. How do you think that would play out?
Let me make just two points. The first is that I think it’s pretty much inevitable that they will try. The reason I think that is that the conventional ways of being popular are not working out for them. The conventional way to be popular or to be legitimate in this country is to have some policies, to grow your popularity ratings and to win some elections. I don’t think 2018 is looking very good for the Republicans along those conventional lines — not just because the president is historically unpopular. It’s also because neither the White House nor Congress have any policies which the majority of the public like. This means they could be seduced by the notion of getting into a new rhythm of politics, one that does not depend upon popular policies and electoral cycles. . . .”
Snyder feels that the time is nigh: ” . . . . How much time does American democracy have left before this poison becomes lethal and there is no path of return? You have to accept there is a time frame. Nobody can be sure how long this particular regime change with Trump will take, but there is a clock, and the clock really is ticking. It’s three years on the outside, but in more likelihood something like a year. In January 2018 we will probably have a pretty good idea which way this thing is going. . . .”
Responding to DeVega’s statement that Trump is a fascist: ” . . . . As I see it, there are certainly elements of his approach which are fascistic. The straight-on confrontation with the truth is at the center of the fascist worldview. The attempt to undo the Enlightenment as a way to undo institutions, that is fascism.
Whether he realizes it or not is a different question, but that’s what fascists did. They said, ‘Don’t worry about the facts; don’t worry about logic. Think instead in terms of mystical unities and direct connections between the mystical leader and the people.’ That’s fascism. Whether we see it or not, whether we like it or not, whether we forget, that is fascism. Another thing that’s clearly fascist about Trump were the rallies. The way that he used the language, the blunt repetitions, the naming of the enemies, the physical removal of opponents from rallies, that was really, without exaggeration, just like the 1920s and the 1930s.
And Mr. [Steve] Bannon’s preoccupation with the 1930s and his kind of wishful reclamation of Italian and other fascists speaks for itself. . . .”
American democracy is in crisis. The election of Donald Trump feels like a state of emergency made normal.
Trump has threatened violence against his political enemies. He has made clear he does not believe in the norms and traditions of American democracy — unless they serve his interests. Trump and his advisers consider a free press to be enemies of his regime. Trump repeatedly lies and has a profoundly estranged relationship with empirical reality. He uses obvious and naked racism, nativism and bigotry to mobilize his voters and to disparage entire groups of people such as Latinos and Muslims.
Trump is threatening to eliminate an independent judiciary and wants to punish judges who dare to stand against his illegal and unconstitutional mandates. In what appears to be a violation of the emoluments clause of the Constitution, Trump is using the office of the presidency to enrich himself, his family and his inner circle by peddling influence and access to corporations, foreign countries and wealthy individuals. Trump and his representatives also believe that he is above the law and cannot be prosecuted for any crimes while in office.
What can the American people do to resist Donald Trump? What lessons can history teach about the rise of authoritarianism and fascism and how democracies collapse? Are there ways that individuals can fight back on a daily basis and in their own personal lives against the political and cultural forces that gave rise to Trump’s movement? How long does American democracy have before the poison that Donald Trump and the Republican Party injected into the country’s body politic becomes lethal?
In an effort to answer these questions, I recently spoke with Timothy Snyder, a professor of history at Yale University. He is the award-winning author of numerous books including the recent “Black Earth:: The Holocaust as History and Warning” and “Bloodlands: Europe Between Hitler and Stalin.” Snyder’s new book, “On Tyranny: Twenty Lessons from the Twentieth Century,” explores how the American people can fight back against Donald Trump’s incipient authoritarian regime.
…
The election of Donald Trump is a crisis for American democracy. How did this happen?
We asked for it by saying that history was over in 1989 [with the end of the Cold War]. By saying that nothing bad could [ever] happen again, we were basically inviting something bad to happen.
Our story about how nothing could [ever] go wrong was a story about how human nature is the free market and the free market brings democracy, so everything is hunky-dory — and of course every part of that story is nonsense. The Greeks understood that democracy is likely to produce oligarchy because if you don’t have some mechanism to get inequality under control then people with the most money will likely take full control.
With Trump, one sees the new variant of this where a candidate can run by saying, “Look, we all know — wink, wink, nudge, nudge — that this isn’t really a democracy anymore.” He doesn’t use the words but basically says, “We all know this is really an oligarchy, so let me be your oligarch.” Although it’s nonsense and of course he’s a con man and will betray everyone, it makes sense only in this climate of inequality.
In my writing and interviews, I have consistently referred to Donald Trump as a fascist. I have received a great deal of resistance to that claim. Do you think this description is correct? If not, then what language should we use to describe Donald Trump?
One of the problems with American discourse is that we just assume everybody is a friendly democratic parliamentarian pluralist until proven otherwise. And then even when it’s proven otherwise we don’t have any vocabulary for it. He’s a “dictator.” He’s an “authoritarian.” He’s “Hitler.” We just toss these words around.
The pushback that you are talking about is 95 percent bad. Americans do not want to think that there is an alternative to what we have. Therefore, as soon as you say “fascism” or whatever it might be, then the American response is to say “no” because we lack the categories that allow us to think outside of the box that we are no longer in.
Is this a function of American exceptionalism?
Yes, it is. We made a move towards intellectual isolationism in a world where no kind of isolationism is possible. The fact that democracies usually fail is a rule which can’t apply to us. If you examine American society, there are high points and low points. But there is certainly nothing which puts us in a different category than other people who have failed, whether it’s historically or whether it’s now.
I don’t want to dodge your question about whether Trump is a fascist or not. As I see it, there are certainly elements of his approach which are fascistic. The straight-on confrontation with the truth is at the center of the fascist worldview. The attempt to undo the Enlightenment as a way to undo institutions, that is fascism.
Whether he realizes it or not is a different question, but that’s what fascists did. They said, “Don’t worry about the facts; don’t worry about logic. Think instead in terms of mystical unities and direct connections between the mystical leader and the people.” That’s fascism. Whether we see it or not, whether we like it or not, whether we forget, that is fascism.
Another thing that’s clearly fascist about Trump were the rallies. The way that he used the language, the blunt repetitions, the naming of the enemies, the physical removal of opponents from rallies, that was really, without exaggeration, just like the 1920s and the 1930s.
And Mr. [Steve] Bannon’s preoccupation with the 1930s and his kind of wishful reclamation of Italian and other fascists speaks for itself.
How did the news media and others get this so wrong? Why did they underestimate the threat posed by Donald Trump and his movement?
What we ended up with, from Bill Clinton onward, is a status quo party and an “undo the system” party, where the Democrats became the status quo party and the Republicans became the “undo the system” party. In that constellation it’s very hard to think of change because one party is in favor of things being the way they are, just slightly better, and the other party has this big idea of undoing everything, although it’s unclear what that really means in practice. So no one is actually articulating how you address the problems of the day, the greatest of which would be inequality. When neither party is creative, then it’s hard for scholars to get their ideas into meaningful circulation.
Why is Trump not being held accountable for all of his failures, scandals and incompetence?
Mr. Trump is primarily a television personality. As such, he is judged by that standard. This means that a scandal does not call forth a response; it calls forth the desire for a bigger scandal. It just whets the appetite for a bigger scandal because a television serial has to work on that logic. It’s almost as though he has to produce these outrageous things because what else would he be doing?
I think another part of it has to do with attention span. It’s not so much a lack of outrage; people are in fact outraged. But in order for a scandal to have political logic, the outrage has to be followed by the research. It has to be followed by the investigation. It has to be followed by an official finding.
In your book you discuss the idea that Donald Trump will have his own version of Hitler’s Reichstag fire to expand his power and take full control of the government by declaring a state of emergency. How do you think that would play out?
Let me make just two points. The first is that I think it’s pretty much inevitable that they will try. The reason I think that is that the conventional ways of being popular are not working out for them. The conventional way to be popular or to be legitimate in this country is to have some policies, to grow your popularity ratings and to win some elections. I don’t think 2018 is looking very good for the Republicans along those conventional lines — not just because the president is historically unpopular. It’s also because neither the White House nor Congress have any policies which the majority of the public like.
This means they could be seduced by the notion of getting into a new rhythm of politics, one that does not depend upon popular policies and electoral cycles.
Whether it works or not depends upon whether when something terrible happens to this country, we are aware that the main significance of it is whether or not we are going to be more or less free citizens in the future.
My gut feeling is that Trump and his administration will try and that it won’t work. Not so much because we are so great but because we have a little bit of time to prepare. I also think that there are enough people and enough agencies of the government who have also thought about this and would not necessarily go along.
What can citizens do? What would your call to action be?
The whole point of my new book, “On Tyranny: Twenty Lessons from the Twentieth Century,” is that we have a century of wisdom and very smart people who confronted situations like our own — but usually more demanding — and that wisdom can be condensed.
What my book does is it goes across the arc of regime change, from the beginning to the end, and it provides things ranging from simpler to harder that people can literally do every day.
The thing that matters the most is to realize that in moments like this your actions really do matter. It is ironic but in an authoritarian regime-change situation, the individual matters more than [in] a democracy. In an authoritarian regime change, at the beginning the individual has a special kind of power because the authoritarian regime depends on a certain kind of consent. Which means that if you are conscious of the moment that you are in, you can find the ways not to express your consent and you can also find the little ways to be a barrier. If enough people do that, it really can make a difference — but again only at the beginning.
What are some of the more difficult and challenging things that people can do?
The last lesson in “On Tyranny” is to be as courageous as you can. Do you actually care enough about freedom that you would take risks? Do individuals actually care about freedom? Think that through. I think if enough of us take the little risks at the beginning, which aren’t really that significant, this will prevent us from having to take bigger risks down the line.
We are still at a stage where protest is not illegal. We’re still at a stage where protest is not lethal. Those are the two big thresholds. We are still on the good side of both of those thresholds and so now is the time you want to pack in as much as you can because you could actually divert things. Once you get into a world where protest is illegal, then the things that I recommend like corporeal politics, getting out on the streets — they have to happen but they are much riskier. It’s a much different kind of decision.
How much time does American democracy have left before this poison becomes lethal and there is no path of return?
You have to accept there is a time frame. Nobody can be sure how long this particular regime change with Trump will take, but there is a clock, and the clock really is ticking. It’s three years on the outside, but in more likelihood something like a year. In January 2018 we will probably have a pretty good idea which way this thing is going. It’s going to depend more on us than on them in the meantime. Once you get past a certain threshold, it starts to depend more on them than on us, and then things are much, much worse. It makes me sad to think how Americans would behave at that point.
Then Trump and his forces have the momentum because again we the American people are up against the clock.
I hate to sound like a self-help person but I’m going to. Every day you don’t do something, it makes it less likely that you will ever do something. So you’ve got to get started right away. “On Tyranny” is a suggestion of things that everyone can do. There are plenty of other great ideas from people coming from other traditions, but the basic thing is you have to change your protocol of daily behavior now.
Don’t obey in advance because you have to start by orienting yourself against the general drift of things. If you can manage that, then the other lessons — such as supporting existing political and social institutions, supporting the truth and so on — those things will then come relatively easily if you can follow the first one, which is to get out of the drift, to recognize that this is the moment where you have to not behave as you did in October 2016. You have to set your own habits now. . . .
2a. There is talk of the White House pushing to amend or abolish the 1st amendment.
“ . . . . PRIEBUS: And I already answered the question. I said this is something that is being looked at. But it’s something that as far as how it gets executed, where we go with it, that’s another issue. . . .”
A number of press reports have picked up this exchange this morning between ABC’s Jonathan Karl and White House Chief of Staff Reince Priebus. But people have missed the real significance. Priebus doesn’t discuss changing ‘press laws’ or ‘libel laws’. He specifically says that the White House has considered and continues to consider amending or even abolishing the 1st Amendment because of critical press coverage of President Trump.
Sound hyperbolic? Look at the actual exchange (emphasis added) …
KARL: I want to ask you about two things the President has said on related issues. First of all, there was what he said about opening up the libel laws. Tweeting “the failing New York Times has disgraced the media world. Gotten me wrong for two solid years. Change the libel laws?”
PRIEBUS: I think it’s something that we’ve looked at. How that gets executed or whether that goes anywhere is a different story. But when you have articles out there that have no basis or fact and we’re sitting here on 24/7 cable companies writing stories about constant contacts with Russia and all these other matters—
KARL: So you think the President should be able to sue the New York Times for stories he doesn’t like?
PRIEBUS: Here’s what I think. I think that newspapers and news agencies need to be more responsible with how they report the news. I am so tired.
KARL: I don’t think anybody would disagree with that. It’s about whether or not the President should have a right to sue them.
PRIEBUS: And I already answered the question. I said this is something that is being looked at. But it’s something that as far as how it gets executed, where we go with it, that’s another issue.
Karl says, accurately, that that kind of clampdown on 1st Amendment rights would require amending the Constitution. Is that what Priebus means, Karl asks? Yes, it is, says Priebus.
Now one might respond to this saying, ‘Okay, technically that’s what he said. But he probably doesn’t actually mean it.’
To which I think the answer is, sure maybe he doesn’t mean it but why would anyone assume that? He said it and repeated it. The changes President Trump wants are blocked by decades of decades of jurisprudence which is little contested, unlike other hot button points of constitutional law. If you want what Trump wants, you have to amend the constitution – and not the constitution in general but the 1st Amendment specifically. Amending the 1st Amendment to allow the head of state to sue people who say things he doesn’t like amounts to abolishing it.
None of these are tenuous connections. Each link in the chain of reasoning follows logically from the other.
This, needless to say, should set off everyone’s alarm bells. If this isn’t really what Priebus meant, he should be given the chance to categorically disavow it. The plain meaning of the words, on the record, is that abridging or abolishing the 1st Amendment is something the Trump White House is currently considering.
…
2b. There is still more discussion about “loosening” libel laws–something that would have the same effect as abolishing or amending the 1st amendment.
“ . . . . ‘I think the chief of staff made it very clear that it’s something that is being looked into, substantively and then both logistically, how it would happen’ Spicer said. But that’s nothing new. It’s something the President talked about on the campaign trail.’ . . . . ”
The White House maintained on Monday that it is looking into ways to create libel laws in order to sue publications that print unflattering or untrue coverage of the President.
…
White House spokesperson Sean Spicer doubled down on Monday.
“Is that a project that is currently being worked on by the counsel’s office?” the New York Times’ Glenn Thrush asked, referring to Priebus’ statements. “Can you tell me the status of that? Who is pursuing that?”
“I think the chief of staff made it very clear that it’s something that is being looked into, substantively and then both logistically, how it would happen” Spicer said. “But that’s nothing new. It’s something the President talked about on the campaign trail.”
“Is the counsel actually—” Thrush attempted.
“I will not go into it,” Spicer said.
Indeed, the President often said during the Presidential campaign, and since, that he wished to change libel laws so that he would be able to sue for “purposefully negative, and horrible and false articles” and “hit pieces.”
The Supreme Court has ruled that libel damages can be awarded to public officials only as a result of “actual malice.” Unintentional factual inaccuracies are protected by the First Amendment, as is speech critical of of the President.
3. It looks like Elon Musk’s brain-to-computer interface ambitions might become a brain-to-computer-interface-race. Facebook wants to get in on the action. Sort of. It’s not quite clear. While Musk’s ‘neural-lace’ idea appeared to be directed towards setting up an brain-to-computer interface for the purpose of interfacing with artificial intelligences, Facebook has a much more generic goal: replacing the keyboard and mouse with a brain-to-computer interface. Or to put it another way, Facebook wants to read your thoughts.
- ” . . . Facebook wants to build its own “brain-to-computer interface” that would allow us to send thoughts straight to a computer. ‘What if you could type directly from your brain?’ Regina Dugan, the head of the company’s secretive hardware R&D division, Building 8, asked from the stage. Dugan then proceeded to show a video demo of a woman typing eight words per minute directly from the stage. In a few years, she said, the team hopes to demonstrate a real-time silent speech system capable of delivering a hundred words per minute. ‘That’s five times faster than you can type on your smartphone, and it’s straight from your brain,’ she said. ‘Your brain activity contains more information than what a word sounds like and how it’s spelled; it also contains semantic information of what those words mean.’ . . .”
- ” . . . . Brain-computer interfaces are nothing new. DARPA, which Dugan used to head, has invested heavily in brain-computer interface technologies to do things like cure mental illness and restore memories to soldiers injured in war. But what Facebook is proposing is perhaps more radical—a world in which social media doesn’t require picking up a phone or tapping a wrist watch in order to communicate with your friends; a world where we’re connected all the time by thought alone. . . .”
- ” . . . . Facebook’s Building 8 is modeled after DARPA and its projects tend to be equally ambitious. . . .”
- ” . . . . But what Facebook is proposing is perhaps more radical—a world in which social media doesn’t require picking up a phone or tapping a wrist watch in order to communicate with your friends; a world where we’re connected all the time by thought alone. . . .”
“Facebook Literally Wants to Read Your Thoughts” by Kristen V. Brown; Gizmodo; 4/19/2017.
At Facebook’s annual developer conference, F8, on Wednesday, the group unveiled what may be Facebook’s most ambitious—and creepiest—proposal yet. Facebook wants to build its own “brain-to-computer interface” that would allow us to send thoughts straight to a computer.
What if you could type directly from your brain?” Regina Dugan, the head of the company’s secretive hardware R&D division, Building 8, asked from the stage. Dugan then proceeded to show a video demo of a woman typing eight words per minute directly from the stage. In a few years, she said, the team hopes to demonstrate a real-time silent speech system capable of delivering a hundred words per minute.
“That’s five times faster than you can type on your smartphone, and it’s straight from your brain,” she said. “Your brain activity contains more information than what a word sounds like and how it’s spelled; it also contains semantic information of what those words mean.”
Brain-computer interfaces are nothing new. DARPA, which Dugan used to head, has invested heavily in brain-computer interface technologies to do things like cure mental illness and restore memories to soldiers injured in war. But what Facebook is proposing is perhaps more radical—a world in which social media doesn’t require picking up a phone or tapping a wrist watch in order to communicate with your friends; a world where we’re connected all the time by thought alone.
“Our world is both digital and physical,” she said. “Our goal is to create and ship new, category-defining consumer products that are social first, at scale.”
She also showed a video that demonstrated a second technology that showed the ability to “listen” to human speech through vibrations on the skin. This tech has been in development to aid people with disabilities, working a little like a Braille that you feel with your body rather than your fingers. Using actuators and sensors, a connected armband was able to convey to a woman in the video a tactile vocabulary of nine different words.
Dugan adds that it’s also possible to “listen” to human speech by using your skin. It’s like using braille but through a system of actuators and sensors. Dugan showed a video example of how a woman could figure out exactly what objects were selected on a touchscreen based on inputs delivered through a connected armband.
Facebook’s Building 8 is modeled after DARPA and its projects tend to be equally ambitious. Brain-computer interface technology is still in its infancy. So far, researchers have been successful in using it to allow people with disabilities to control paralyzed or prosthetic limbs. But stimulating the brain’s motor cortex is a lot simpler than reading a person’s thoughts and then translating those thoughts into something that might actually be read by a computer.
The end goal is to build an online world that feels more immersive and real—no doubt so that you spend more time on Facebook.
“Our brains produce enough data to stream 4 HD movies every second. The problem is that the best way we have to get information out into the world — speech — can only transmit about the same amount of data as a 1980s modem,” CEO Mark Zuckerberg said in a Facebook post. “We’re working on a system that will let you type straight from your brain about 5x faster than you can type on your phone today. Eventually, we want to turn it into a wearable technology that can be manufactured at scale. Even a simple yes/no ‘brain click’ would help make things like augmented reality feel much more natural.”
“That’s five times faster than you can type on your smartphone, and it’s straight from your brain,” she said. “Your brain activity contains more information than what a word sounds like and how it’s spelled; it also contains semantic information of what those words mean.”
Brain-computer interfaces are nothing new. DARPA, which Dugan used to head, has invested heavily in brain-computer interface technologies to do things like cure mental illness and restore memories to soldiers injured in war. But what Facebook is proposing is perhaps more radical—a world in which social media doesn’t require picking up a phone or tapping a wrist watch in order to communicate with your friends; a world where we’re connected all the time by thought alone.
…
4. More about Facebook’s brain-to-computer interface:
- ” . . . . Facebook hopes to use optical neural imaging technology to scan the brain 100 times per second to detect thoughts and turn them into text. Meanwhile, it’s working on ‘skin-hearing’ that could translate sounds into haptic feedback that people can learn to understand like braille. . . .”
- ” . . . . Worryingly, Dugan eventually appeared frustrated in response to my inquiries about how her team thinks about safety precautions for brain interfaces, saying, ‘The flip side of the question that you’re asking is ‘why invent it at all?’ and I just believe that the optimistic perspective is that on balance, technological advances have really meant good things for the world if they’re handled responsibly.’ . . . .”
Facebook will assemble an independent Ethical, Legal and Social Implications (ELSI) panel to oversee its development of a direct brain-to-computer typing interface it previewed today at its F8 conference. Facebook’s R&D department Building 8’s head Regina Dugan tells TechCrunch, “It’s early days . . . we’re in the process of forming it right now.”
Meanwhile, much of the work on the brain interface is being conducted by Facebook’s university research partners like UC Berkeley and Johns Hopkins. Facebook’s technical lead on the project, Mark Chevillet, says, “They’re all held to the same standards as the NIH or other government bodies funding their work, so they already are working with institutional review boards at these universities that are ensuring that those standards are met.” Institutional review boards ensure test subjects aren’t being abused and research is being done as safely as possible.
Facebook hopes to use optical neural imaging technology to scan the brain 100 times per second to detect thoughts and turn them into text. Meanwhile, it’s working on “skin-hearing” that could translate sounds into haptic feedback that people can learn to understand like braille. Dugan insists, “None of the work that we do that is related to this will be absent of these kinds of institutional review boards.”
So at least there will be independent ethicists working to minimize the potential for malicious use of Facebook’s brain-reading technology to steal or police people’s thoughts.
During our interview, Dugan showed her cognizance of people’s concerns, repeating the start of her keynote speech today saying, “I’ve never seen a technology that you developed with great impact that didn’t have unintended consequences that needed to be guardrailed or managed. In any new technology you see a lot of hype talk, some apocalyptic talk and then there’s serious work which is really focused on bringing successful outcomes to bear in a responsible way.”
In the past, she says the safeguards have been able to keep up with the pace of invention. “In the early days of the Human Genome Project there was a lot of conversation about whether we’d build a super race or whether people would be discriminated against for their genetic conditions and so on,” Dugan explains. “People took that very seriously and were responsible about it, so they formed what was called a ELSI panel . . . By the time that we got the technology available to us, that framework, that contractual, ethical framework had already been built, so that work will be done here too. That work will have to be done.”
…
Worryingly, Dugan eventually appeared frustrated in response to my inquiries about how her team thinks about safety precautions for brain interfaces, saying, “The flip side of the question that you’re asking is ‘why invent it at all?’ and I just believe that the optimistic perspective is that on balance, technological advances have really meant good things for the world if they’re handled responsibly.”
Facebook’s domination of social networking and advertising give it billions in profit per quarter to pour into R&D. But its old “Move fast and break things” philosophy is a lot more frightening when it’s building brain scanners. Hopefully Facebook will prioritize the assembly of the ELSI ethics board Dugan promised and be as transparent as possible about the development of this exciting-yet-unnerving technology.…
5. Collating the information about Facebook’s brain-to-computer interface with their documented actions turning psychological intelligence about troubled teenagers gives us a peek into what may lie behind Dugan’s bland reassurances:
- ” . . . . The 23-page document allegedly revealed that the social network provided detailed data about teens in Australia—including when they felt ‘overwhelmed’ and ‘anxious’—to advertisers. The creepy implication is that said advertisers could then go and use the data to throw more ads down the throats of sad and susceptible teens. . . . By monitoring posts, pictures, interactions and internet activity in real-time, Facebook can work out when young people feel ‘stressed’, ‘defeated’, ‘overwhelmed’, ‘anxious’, ‘nervous’, ‘stupid’, ‘silly’, ‘useless’, and a ‘failure’, the document states. . . .”
- ” . . . .A presentation prepared for one of Australia’s top four banks shows how the $US415 billion advertising-driven giant has built a database of Facebook users that is made up of 1.9 million high schoolers with an average age of 16, 1.5 million tertiary students averaging 21 years old, and 3 million young workers averaging 26 years old. Detailed information on mood shifts among young people is ‘based on internal Facebook data’, the document states, ‘shareable under non-disclosure agreement only’, and ‘is not publicly available’. . . .”
- “In a statement given to the newspaper, Facebook confirmed the practice and claimed it would do better, but did not disclose whether the practice exists in other places like the US. . . .”
Facebook probably knows more about you than your own family, and the company often uses these type of insights to help sell you products. The best—or worst!—new example of this comes from the newspaper The Australian, which says it got its hands on some leaked internal Facebook documents.
The 23-page document allegedly revealed that the social network provided detailed data about teens in Australia—including when they felt “overwhelmed” and “anxious”—to advertisers. The creepy implication is that said advertisers could then go and use the data to throw more ads down the throats of sad and susceptible teens.
From the (paywalled) report:
By monitoring posts, pictures, interactions and internet activity in real-time, Facebook can work out when young people feel “stressed”, “defeated”, “overwhelmed”, “anxious”, “nervous”, “stupid”, “silly”, “useless”, and a “failure”, the document states.
…
A presentation prepared for one of Australia’s top four banks shows how the $US415 billion advertising-driven giant has built a database of Facebook users that is made up of 1.9 million high schoolers with an average age of 16, 1.5 million tertiary students averaging 21 years old, and 3 million young workers averaging 26 years old.
Detailed information on mood shifts among young people is “based on internal Facebook data”, the document states, “shareable under non-disclosure agreement only”, and “is not publicly available”. The document was prepared by two of Facebook’s top local executives, David Fernandez and Andy Sinn, and includes information on when young people exhibit “nervous excitement”, and emotions related to “conquering fears”.
In a statement given to the newspaper, Facebook confirmed the practice and claimed it would do better, but did not disclose whether the practice exists in other places like the US. “We have opened an investigation to understand the process failure and improve our oversight. We will undertake disciplinary and other processes as appropriate,” a spokesperson said.
It’s worth mentioning that Facebook frequently uses Australia to test new features before rolling them out to other parts of the world. (It recently did this with the company’s Snapchat clone.) It’s unclear if that’s what was happening here, but The Australian says Facebook wouldn’t tell them if “the practice exists elsewhere.”
The new leaked document raises ethical questions—yet again—about Facebook’s ability to manipulate the moods and feelings of its users. In 2012, the company deliberately experimented on its users’ emotions by tampering with the news feeds of nearly 700,000 people to see whether it could make them feel different things. (Shocker: It apparently could!) There was also the 61-million-person experiment in 2010 that concluded Facebook was able to impact real-world voting behavior. It’s not hard to imagine, given the profound power and reach of the social network, how it could use feelings of inadequacy to help sell more products and advertisements. . . .
6. In the next version of Amazon’s Echo, the Echo Look has a microphone and camera so it can take pictures of you and give you fashion advice. This is an AI-driven device designed to placed in your bedroom to capture audio and video. The images and videos are stored indefinitely in the Amazon cloud. When Amazon was asked if the photos, videos, and the data gleaned from the Echo Look would be sold to third parties, Amazon didn’t address that question. So based on that non-response response, it would appear that selling off your private info collected from these devices is presumably another feature of the Echo Look:
” . . . .Amazon is giving Alexa eyes. And it’s going to let her judge your outfits.The newly announced Echo Look is a virtual assistant with a microphone and a camera that’s designed to go somewhere in your bedroom, bathroom, or wherever the hell you get dressed.
Amazon is pitching it as an easy way to snap pictures of your outfits to send to your friends when you’re not sure if your outfit is cute, but it’s also got a built-in app called StyleCheck that is worth some further dissection.
* You cool with an algorithm, machine learning, and “fashion specialists” deciding whether you look attractive today? What sorts of built-in biases will an AI fashionista have? It’s worth remembering that a recent AI-judged beauty contest picked primarily white winners.
* You cool with Amazon having the capability to see and perhaps catalog every single article of clothing you own? Who needs a Calvin Klein dash button if your Echo can tell when you need new underwear? Will Alexa prevent you from buying a pair of JNCOs?
* You cool with Amazon putting a camera in your bedroom?
* Amazon store images and videos taken by Echo Look indefinitely, the company told us. Audio recorded by the original Echo has already been sought out in a murder case; to its credit, Amazon fought a search warrant in that case.
“All photos and video captured with your Echo Look are securely stored in the AWS cloud and locally in the Echo Look app until a customer deletes them,” a spokesperson for the company said. “You can delete the photos or videos associated with your account anytime in the Echo Look App. . . .”
Motherboard also asked if Echo Look photos, videos, and the data gleaned from them would be sold to third parties; the company did not address that question. . . .”
Amazon is giving Alexa eyes. And it’s going to let her judge your outfits.The newly announced Echo Look is a virtual assistant with a microphone and a camera that’s designed to go somewhere in your bedroom, bathroom, or wherever the hell you get dressed.
Amazon is pitching it as an easy way to snap pictures of your outfits to send to your friends when you’re not sure if your outfit is cute, but it’s also got a built-in app called StyleCheck that is worth some further dissection.
* You cool with an algorithm, machine learning, and “fashion specialists” deciding whether you look attractive today? What sorts of built-in biases will an AI fashionista have? It’s worth remembering that a recent AI-judged beauty contest picked primarily white winners.
* You cool with Amazon having the capability to see and perhaps catalog every single article of clothing you own? Who needs a Calvin Klein dash button if your Echo can tell when you need new underwear? Will Alexa prevent you from buying a pair of JNCOs?
* You cool with Amazon putting a camera in your bedroom?
* Amazon store images and videos taken by Echo Look indefinitely, the company told us. Audio recorded by the original Echo has already been sought out in a murder case; to its credit, Amazon fought a search warrant in that case.“All photos and video captured with your Echo Look are securely stored in the AWS cloud and locally in the Echo Look app until a customer deletes them,” a spokesperson for the company said. “You can delete the photos or videos associated with your account anytime in the Echo Look App.”
Motherboard also asked if Echo Look photos, videos, and the data gleaned from them would be sold to third parties; the company did not address that question.
As technosociologist Zeynep Tufekci points out, machine learning combined with full-length photos and videos have at least the potential to be used for much more than selling you clothes or serving you ads. Amazon will have the capability to detect if you’re pregnant and may be able to learn if you’re depressed. Her whole thread is worth reading.
With this data, Amazon won’t be able to just sell you clothes or judge you. It could analyze if you’re depressed or pregnant and much else. pic.twitter.com/irc0tLVce9— Zeynep Tufekci (@zeynep) April 26, 2017
…
In practice, the Echo Look isn’t much different than, say, a Nest camera or an internet-connected baby monitor (the latter of which gets hacked all the time, by the way). But the addition of artificial intelligence and Amazon’s penchant for using its products to sell us more stuff makes this feel more than a bit Black Mirror-ish.
7. More about the stunning implications of Amazon’s Echo Look AI technology:
” . . . . This might seem overly speculative or alarmist to some, but Amazon isn’t offering any reassurance that they won’t be doing more with data gathered from the Echo Look. When asked if the company would use machine learning to analyze users’ photos for any purpose other than fashion advice, a representative simply told The Verge that they ‘can’t speculate’ on the topic. The rep did stress that users can delete videos and photos taken by the Look at any time, but until they do, it seems this content will be stored indefinitely on Amazon’s servers.
This non-denial means the Echo Look could potentially provide Amazon with the resource every AI company craves: data. And full-length photos of people taken regularly in the same location would be a particularly valuable dataset — even more so if you combine this information with everything else Amazon knows about its customers (their shopping habits, for one). But when asked whether the company would ever combine these two datasets, an Amazon rep only gave the same, canned answer: ‘Can’t speculate.’ . . . . ”
What does Amazon want to learn from pictures of its customers? The company won’t say
Computer scientist Andrew Ng once described the power of contemporary AI as the ability to automate any mental task that takes a human “less than one second of thought.” It’s a rule of thumb that’s worth remembering when you think about Amazon’s new Echo Look — a smart camera with a built-in AI assistant. Amazon says the Echo Look will help users dress and give them fashion advice, but what other judgements could it make?
…
As academic and sociologist Zeynep Tufekci put it on Twitter: “Machine learning algorithms can do so much with regular full length pictures of you. They can infer private things you did not disclose […] All this to sell you more clothes. We are selling out to surveillance capitalism that can quickly evolve into authoritarianism for so cheap.” (The whole thread from Tufecki is definitely worth a read.)
Advertisers openly say it’s best to sell make-up to women when they feel “fat, lonely and depressed.” With this data, won’t have to guess.— Zeynep Tufekci (@zeynep) April 26, 2017
This might seem overly speculative or alarmist to some, but Amazon isn’t offering any reassurance that they won’t be doing more with data gathered from the Echo Look. When asked if the company would use machine learning to analyze users’ photos for any purpose other than fashion advice, a representative simply told The Verge that they “can’t speculate” on the topic. The rep did stress that users can delete videos and photos taken by the Look at any time, but until they do, it seems this content will be stored indefinitely on Amazon’s servers.
This non-denial means the Echo Look could potentially provide Amazon with the resource every AI company craves: data. And full-length photos of people taken regularly in the same location would be a particularly valuable dataset — even more so if you combine this information with everything else Amazon knows about its customers (their shopping habits, for one). But when asked whether the company would ever combine these two datasets, an Amazon rep only gave the same, canned answer: “Can’t speculate.”
The company did, though, say it wouldn’t share any personal information gleaned from the Echo Look to “advertisers or to third-party sites that display our interest-based ads.” That means Amazon could still use data from the Look to target ads at you itself, but at least third parties won’t.
Right now, the Echo Look is halfway between prototype and full-on product. As is often the case with Amazon’s hardware efforts, the company seems most interested in just getting a product out there and gauging public reaction, rather than finessing every detail. The company is giving no indication of when the Echo Look will actually be available, and it’s currently only being sold “by invitation only.” All this means that Amazon itself probably isn’t yet sure what exactly it will do with the data the device collects. But, if the company refuses to give any more detail, it’s understandable to fear the worst. . . .
8. Tay, Microsoft’s AI-powered twitterbot designed to learn from its human interactions, became a neo-Nazi in less than a day after a bunch of 4chan users decided to flood Tay with neo-Nazi-like tweets. According to some recent research, the AI’s of the future might not need a bunch of 4chan to fill the AI with human bigotries. The AIs’ analysis of real-world human language usage will do that automatically.
When you read about people like Elon Musk equating artificial intelligence with “summoning the demon”, that demon is us, at least in part.
” . . . . However, as machines are getting closer to acquiring human-like language abilities, they are also absorbing the deeply ingrained biases concealed within the patterns of language use, the latest research reveals. Joanna Bryson, a computer scientist at the University of Bath and a co-author, said: ‘A lot of people are saying this is showing that AI is prejudiced. No. This is showing we’re prejudiced and that AI is learning it.’ . . .”
Machine learning algorithms are picking up deeply ingrained race and gender prejudices concealed within the patterns of language use, scientists say
An artificial intelligence tool that has revolutionised the ability of computers to interpret everyday language has been shown to exhibit striking gender and racial biases.
The findings raise the spectre of existing social inequalities and prejudices being reinforced in new and unpredictable ways as an increasing number of decisions affecting our everyday lives are ceded to automatons.
In the past few years, the ability of programs such as Google Translate to interpret language has improved dramatically. These gains have been thanks to new machine learning techniques and the availability of vast amounts of online text data, on which the algorithms can be trained.
However, as machines are getting closer to acquiring human-like language abilities, they are also absorbing the deeply ingrained biases concealed within the patterns of language use, the latest research reveals.
Joanna Bryson, a computer scientist at the University of Bath and a co-author, said: “A lot of people are saying this is showing that AI is prejudiced. No. This is showing we’re prejudiced and that AI is learning it.”
But Bryson warned that AI has the potential to reinforce existing biases because, unlike humans, algorithms may be unequipped to consciously counteract learned biases. “A danger would be if you had an AI system that didn’t have an explicit part that was driven by moral ideas, that would be bad,” she said.
The research, published in the journal Science, focuses on a machine learning tool known as “word embedding”, which is already transforming the way computers interpret speech and text. Some argue that the natural next step for the technology may involve machines developing human-like abilities such as common sense and logic.
…
The approach, which is already used in web search and machine translation, works by building up a mathematical representation of language, in which the meaning of a word is distilled into a series of numbers (known as a word vector) based on which other words most frequently appear alongside it. Perhaps surprisingly, this purely statistical approach appears to capture the rich cultural and social context of what a word means in the way that a dictionary definition would be incapable of.
For instance, in the mathematical “language space”, words for flowers are clustered closer to words linked to pleasantness, while words for insects are closer to words linked to unpleasantness, reflecting common views on the relative merits of insects versus flowers.
The latest paper shows that some more troubling implicit biases seen in human psychology experiments are also readily acquired by algorithms. The words “female” and “woman” were more closely associated with arts and humanities occupations and with the home, while “male” and “man” were closer to maths and engineering professions.
And the AI system was more likely to associate European American names with pleasant words such as “gift” or “happy”, while African American names were more commonly associated with unpleasant words.
The findings suggest that algorithms have acquired the same biases that lead people (in the UK and US, at least) to match pleasant words and white faces in implicit association tests.
These biases can have a profound impact on human behaviour. One previous study showed that an identical CV is 50% more likely to result in an interview invitation if the candidate’s name is European American than if it is African American. The latest results suggest that algorithms, unless explicitly programmed to address this, will be riddled with the same social prejudices.
“If you didn’t believe that there was racism associated with people’s names, this shows it’s there,” said Bryson.
The machine learning tool used in the study was trained on a dataset known as the “common crawl” corpus – a list of 840bn words that have been taken as they appear from material published online. Similar results were found when the same tools were trained on data from Google News.
Sandra Wachter, a researcher in data ethics and algorithms at the University of Oxford, said: “The world is biased, the historical data is biased, hence it is not surprising that we receive biased results.”
Rather than algorithms representing a threat, they could present an opportunity to address bias and counteract it where appropriate, she added.
“At least with algorithms, we can potentially know when the algorithm is biased,” she said. “Humans, for example, could lie about the reasons they did not hire someone. In contrast, we do not expect algorithms to lie or deceive us.”
However, Wachter said the question of how to eliminate inappropriate bias from algorithms designed to understand language, without stripping away their powers of interpretation, would be challenging.
“We can, in principle, build systems that detect biased decision-making, and then act on it,” said Wachter, who along with others has called for an AI watchdog to be established. “This is a very complicated task, but it is a responsibility that we as society should not shy away from.”
9. In FTR #957, we discussed Emmanuel Macron, the candidate of choice for Germany. Prior to his election victory over National Front leader Marine Le Pen, his campaign was hit with hacking attacks. Supposedly engineered by Russia, these attacks were attributed to “Cozy Bear” and “Fancy Bear,” two allegedly Russian hackers. Those monikers were attached to Apt 28 and Apt 29, two hackers who targeted the German Bundestag.
Eventually, it developed that the material supposedly “hacked” by APT’s 28 and 29 were the product of an insider USB downloaded gambit.
These are the same supposedly Russian hacking elements highlighted in FTR #‘s 917, 923, 924 and 943.
Note that the hacked documents contained Cyrillic characters in the metadata and that the hack was amplified by “alt-right” sources in this country and WikiLeaks.
” . . . . Suiche analysed some of the leaked data and found some of the documents had been altered. ‘Artefacts containing Cyrillic characters have been found in the metadata of some documents, this is either an operational mistake or something that was placed on purpose,’ he said. . . .The leaked data was first posted to the /pol message board on 4Chan, a website often associated with leaks and trolling. According to the Atlantic Council’s Digital Forensic Research Lab, it was quickly publicised on Twitter by the alt-right account @JackPosobiec – the account of a reporter for the alt-right news site therebel.media. The link was later tweeted by the official Wikileaks account. . . .”
Cybersecurity experts dismiss 9GB Macron leak as a mix of ‘boringest’ and fake documents.
On 5 May, as France went into media blackout in preparation for the 2017 presidential election, roughly 9GB worth of data from inside the campaign of centrist candidate Emmanuel Macron, leaked online. It sent social media – and security experts – into a frenzy of activity.
Quickly dubbed “Macron Leaks”, the En March! political party branded the incident a “massive and coordinated” cyberattack. However, upon analysis, despite the amplified messages on social media, experts found the disclosure underwhelming.
The leak had all the hallmarks of a Russian operation, in many ways echoing the 2016 leak of emails belonging to John Podesta, an aide to US presidential candidate Hillary Clinton.
However, in this instance, the actual content of the emails and documents may not even matter, some said.
“They don’t have Macron’s personal inbox. One of the things I was thinking was that most headlines will be ‘GB’s of emails belonging to En Marche! leaked’ but nobody will ever read them. So it’s guilt by volume,” Matt Suiche, a cybersecurity expert, told IBTimes UK.
“The media is getting manipulated big time by Russia,” Suiche continued. “French media won’t talk about it because it’s time sensitive. But all the international press is jumping on it to have something to write on.
“Although there is no bad data leaked as far as we know,” he added.
Suiche analysed some of the leaked data and found some of the documents had been altered.
“Artefacts containing Cyrillic characters have been found in the metadata of some documents, this is either an operational mistake or something that was placed on purpose,” he said.
“This leak seems like a desperate attempt to gain attention,” he continued, adding: “I doubt this will affect the election against Macron.”
The candidate is running against Front National leader Marine Le Pen and polls predict him winning with over 60% of the vote.
Dropping files after appending metadata to Microsoft Offices files such as “?????” or “???????_??????” Why? #attribution H/T @voulnetpic.twitter.com/h2KBLimjZn— Matt Suiche (@msuiche) May 6, 2017
The origin of the leak
The leaked data was first posted to the /pol message board on 4Chan, a website often associated with leaks and trolling. According to the Atlantic Council’s Digital Forensic Research Lab, it was quickly publicised on Twitter by the alt-right account @JackPosobiec – the account of a reporter for the alt-right news site therebel.media. The link was later tweeted by the official Wikileaks account.
“This was passed on to me today so now I am giving it to you, the people,” a 4Chan statement read. “The leak is massive and released in the hopes that the human search engine here will be able to start sifting through the contents and figure out exactly what we have here.”
As it turns out, the emails were from members of Macron’s staff and supporters, with names including Alain Tourret, Pierre Person, Cedric O, Anne-Christine Lang, and Quentin Lafay, revealed cybersecurity expert Robert Graham, writing on his blog Errata Security.
“Obviously, everyone assumes that Russian hackers did it, but there’s nothing (so far) that points to anybody in particular,” Graham noted. “It appears to be the most basic of phishing attacks, which means anyone could’ve done it, including your neighbour’s pimply faced teenager.”
Graham’s lack of enthusiasm about the impact of the leaked information was mirrored across well-known industry researchers.
“I have searched through a lot of large email drops before, and this is right up there with the boringest of them,” wrote Matt Tait, a former information security specialist for GCHQ – the British equivalent of the US National Security Agency – and current chief executive and founder of Capital Alpha Security, in a Twitter post.
The Grugq, a cybersecurity researcher, said: “Based on latest info about how dull the dump is they really had nothing interesting, so just packaged everything they could get in hopes that the size of the dump would be damning, a sort of ‘where there’s smoke there’s fire’ approach.”
On a Twitter thread, he added: “The #MacronLeak dump is full of intentionally misleading info crafted for confusion. Folders w/ false names.”
The #MacronLeak dump is full of intentionally misleading info. crafted for confusion. Folders w/ “false” names https://t.co/7kIDsVHlOf— the grugq (@thegrugq) May 6, 2017
One file he referenced claimed a French politician had used bitcoin to have drugs shipped to the French parliament.
As the documents disseminated online, whistleblowing website WikiLeaks dismissed claims that forgeries existed in the files. At the time of writing, it claimed to still be searching through the files.
“This massive leak is too late to shift the election,” it said in a post online. “The intent behind the timing is curious. We have not yet discovered fakes in #MacronLeaks and we are very skeptical that the Macron campaign is faster than us.”
Julian Assange, founder of WikiLeaks, did not immediately respond to a request for comment.
Sowing seeds of political chaos
Some of the leaked emails appear to be extremely recent, at least up to 24 April. The motivation of the incident is now being debated, with many having already come to the conclusion that a Russian state-backed group was somehow involved in the scheme.
“Everyone is proposing theories about the hacker’s plan, but the most likely answer is they don’t have one. Hacking is opportunistic,” Graham wrote on his blog, adding: “They likely targeted everyone in the campaign, and these were the only victims they could hack.
“It’s probably not the outcome they were hoping for. But since they’ve gone through all the work, it’d be a shame to waste it.
“[The hackers] are likely releasing the dump not because they believe it will do any good, but because it’ll do them no harm.”
The French electoral commission has responded to the incident, saying: “The dissemination of such data, which have been fraudulently obtained and in all likelihood may have been mingled with false information, is liable to be classified as a criminal offence.”
Meanwhile, Macron’s chief foreign policy adviser Aurelien Lechevallier (via Ben Judah) said Russian president Vladimir Putin should now expect a “frank meeting”.
His statement continued: “We will make clear on cyberattacks and on European security France will defend its interests. We want zero Russian interference in our elections and in European elections. We will have a doctrine of retaliation when it comes to Russian cyberattacks.”
During his election campaign against Le Pen – who met with Putin in March – Macron’s team was outspoken about alleged Russian cyberattacks. Last month, Trend Micro, a cybersecurity firm, appeared to back up the rhetoricwith evidence he had been directly targeted.
As the election date approached, further controversy erupted after a 200-strong collectiveof French-language Twitter accounts were caught spreading misinformation about Macron, claiming – without evidence – that he had evaded paying taxes by storing cash in offshore accounts.
As it turns out, the emails were from members of Macron’s staff and supporters, with names including Alain Tourret, Pierre Person, Cedric O, Anne-Christine Lang, and Quentin Lafay, revealed cybersecurity expert Robert Graham, writing on his blog Errata Security.
“Obviously, everyone assumes that Russian hackers did it, but there’s nothing (so far) that points to anybody in particular,” Graham noted. “It appears to be the most basic of phishing attacks, which means anyone could’ve done it, including your neighbour’s pimply faced teenager.”
Graham’s lack of enthusiasm about the impact of the leaked information was mirrored across well-known industry researchers.
…
“I have searched through a lot of large email drops before, and this is right up there with the boringest of them,” wrote Matt Tait, a former information security specialist for GCHQ – the British equivalent of the US National Security Agency – and current chief executive and founder of Capital Alpha Security, in a Twitter post.
The Grugq, a cybersecurity researcher, said: “Based on latest info about how dull the dump is they really had nothing interesting, so just packaged everything they could get in hopes that the size of the dump would be damning, a sort of ‘where there’s smoke there’s fire’ approach.”
…
10. When “the Russian government” decided to conduct this operation, they used the APT 28 (Fancy Bear) to do it. After a year of close scrutiny over Fancy Bear’s alleged tactic by security researchers around the world, Fancy Bear struck again, using the same techniques that were used to implicate it in the 2016 election hack.
Cyrillic meta-data in the information is a dead give away that this is not Russian intelligence.
Leading French presidential candidate Emmanuel Macron’s campaign said on Friday it had been the target of a “massive” computer hack that dumped its campaign emails online 1–1/2 days before voters choose between the centrist and his far-right rival, Marine Le Pen.
…
Opinion polls show independent centrist Macron is set to beat National Front candidate Le Pen in Sunday’s second round of voting, in what is seen to be France’s most important election in decades. The latest surveys show him winning with about 62 percent of the vote.
RUSSIAN HAND SEEN
Former economy minister Macron’s campaign has previously complained about attempts to hack its emails, blaming Russian interests in part for the cyber attacks.
On April 26, the team said it had been the target of a attempts to steal email credentials dating back to January, but that the perpetrators had failed to compromise any campaign data.
The Kremlin has denied it was behind any such attacks, even though Macron’s camp renewed complaints against Russian media and a hackers’ group operating in Ukraine.
Vitali Kremez, director of research with New York-based cyber intelligence firm Flashpoint, told Reuters his review indicates that APT 28, a group tied to the GRU, the Russian military intelligence directorate, was behind the leak. He cited similarities with U.S. election hacks that have been previously attributed to that group.
APT28 last month registered decoy internet addresses to mimic the name of En Marche, which it likely used send tainted emails to hack into the campaign’s computers, Kremez said. Those domains include onedrive-en-marche.fr and mail-en-marche.fr.
“If indeed driven by Moscow, this leak appears to be a significant escalation over the previous Russian operations aimed at the U.S. presidential election, expanding the approach and scope of effort from simple espionage efforts towards more direct attempts to sway the outcome,” Kremez said.
France is the latest nation to see a major election overshadowed by accusations of manipulation through cyber hacking.
U.S. intelligence agencies said in January that Russian President Vladimir Putin had ordered hacking of parties tied to Democratic presidential candidate Hillary Clinton to influence the election on behalf of Republican rival Donald Trump.
On Friday night as the #Macronleaks hashtag buzzed around social media, Florian Philippot, deputy leader of the National Front, tweeted “Will Macronleaks teach us something that investigative journalism has deliberately killed?”
Macron spokesman Sylvain Fort, in a response on Twitter, called Philippot’s tweet “vile”.
En Marche! said the documents only showed the normal functioning of a presidential campaign, but that authentic documents had been mixed on social media with fake ones to sow “doubt and misinformation”.
Ben Nimmo, a UK-based security researcher with the Digital Forensic Research Lab of the Atlantic Council think tank, said initial analysis indicated that a group of U.S. far-right online activists were behind early efforts to spread the documents via social media. They were later picked up and promoted by core social media supporters of Le Pen in France, Nimmo said.
The leaks emerged on 4chan, a discussion forum popular with far right activists in the United States. An anonymous poster provided links to the documents on Pastebin, saying, “This was passed on to me today so now I am giving it to you, the people.”
The hashtag #MacronLeaks was then spread by Jack Posobiec, a pro-Trump activist whose Twitter profile identifies him as Washington D.C. bureau chief of the far-right activist site Rebel TV, according to Nimmo and other analysts tracking the election. Contacted by Reuters, Posobiec said he had simply reposted what he saw on 4chan.
“You have a hashtag drive that started with the alt-right in the United States that has been picked up by some of Le Pen’s most dedicated and aggressive followers online,” Nimmo told Reuters.
…
11a. There was an update back in December from the German government regarding its assessment of the 2015 Bundgestag hacks (attributed to “Fancy Bear” and “Cozy Bear,” as mentioned in the Sandro Gaycken post above) that it attributed to APT28 and Russia: while it asserts the hacks did indeed take place, the leaked documents were later determined to be an insider leak (via Google translate).
“ . . . . According to the report, federal security authorities are convinced that not hackers had stolen the 2420 documents published by the Internet platform Wikileaks in early December. There was certainly no evidence that the material had been stolen in the cyber attack on the Bundestag in 2015, it was called into security crises. . . . ”
The Bundestagspolizei is still looking for the apparent leaker.
The WikiLeaks leak of documents from the DNC was alleged by former UK diplomat Craig Murray to have come from a dissatisfied DNC insider, who gave him the information from a thumb drive.
The situation vis a vis the hack of the Bundestag is strikingly similar.
After the publication of confidential files from the NSA investigation committee the Bundestagspolizei is looking for the perpetrators in parliament, as the news magazine “Spiegel” reports. “A violation of secrecy and a special duty of secrecy” is confirmed, a Bundestag spokesman confirmed to the magazine. Bundestag President Norbert Lammert (CDU) had approved the investigation against unknown. The German Bundestag is a separate police zone.According to the report, federal security authorities are convinced that not hackers had stolen the 2420 documents published by the Internet platform Wikileaks in early December. There was certainly no evidence that the material had been stolen in the cyber attack on the Bundestag in 2015, it was called into security crises.
The “mirror” pointed out that the Wikileaks material covered 90 gigabytes, but the infiltrated Bundestagsrechnern only 16 gigabytes of data were stolen. The Cyberattacke apparently also had no members of the Bundestag or employees from the environment of the NSA investigation committee affected.
The “Frankfurter Allgemeine Sonntagszeitung” had cited a high security officer a week ago with the words that there was “high plausibility” for the fact that the secrets published by Wikileaks were captured in the cyber attack on the Bundestag. Russian hackers are responsible for the attack. Also the committee chairman Patrick Sensburg (CDU) had not excluded a foreign hacker attack immediately after the publication of the documents.
According to WikiLeaks, the approximately 2400 documents come from various federal agencies such as the Bundesnachrichtendienst and the federal offices for constitutional protection and security in information technology. The documents are intended to provide evidence of cooperation between the US National Security Agency (NSA) and the BND.
…
After the publication of confidential files from the NSA investigation committee the Bundestagspolizei is looking for the perpetrators in parliament, as the news magazine “Spiegel” reports. “A violation of secrecy and a special duty of secrecy” is confirmed, a Bundestag spokesman confirmed to the magazine. Bundestag President Norbert Lammert (CDU) had approved the investigation against unknown. The German Bundestag is a separate police zone.
…
11b. The monikers Fancy Bear and Cozy Bear have been applied to “APT 28” and “APT 29,” abbreviations standing for “advanced persistent threat.”
As the article below also points out, it’s entirely possible that “APT28” and “APT29” aren’t distinct entities at all. Why? Because the conclusion by firms like FireEye and Crowdstrike that there are two groups, “APT28” and “APT29”, that were leaving years of electronic trails from all their hacking activities isn’t based on any distinct “APT28” or “APT29” calling card. It’s based on the tool sets of hacking tools and infrastructure (like servers) used by these groups. And those tool sets used by APT28 and APT29 are readily available on the Dark Web and circulating among hacker communities as was the infrastructure.
In other words, a wide variety of skilled hackers have access to the exact same hacking tools that were used by groups like FireEye and Crowdstrike to uniquely identify APT28/29 and the same sets of corrupted servers. Since so much of the rest of the evidence that was used to attribute the hacking evidence to Russian hackers is based on readily spoofable information – like the cyrillic characters in a hacked document or that the hacking tool set code appeared to be compiled during Moscow working hours…all spoofable evidence – the evidence used to attribute these hacks to Kremlin-backed hackers could have been spoofed by a wide variety of possible culprits.
” . . . . Did the Russian government hack the DNC and feed documents to WikiLeaks? There are really two questions here: who hacked the DNC, and who released the DNC documents? These are not necessarily the same. An earlier intrusion into German parliament servers was blamed on the Russians, yet the release of documents to WikiLeaks is thought to have originated from an insider. [35] Had the Russians hacked into the DNC, it may have been to gather intelligence, while another actor released the documents. But it is far from certain that Russian intelligence services had anything to do with the intrusions. Julian Assange says that he did not receive the DNC documents from a nation-state. It has been pointed out that Russia could have used a third party to pass along the material. Fair enough, but former UK diplomat Craig Murray asserts: ‘I know who the source is… It’s from a Washington insider. It’s not from Russia.’ [We wonder if it might have been Tulsi Gabbard–D.E.] [36] . . . .”
“Did the Russians Really Hack the DNC?” by Gregory Elich; Counter Punch; 1/13/2017.
Russia, we are told, breached the servers of the Democratic National Committee (DNC), swiped emails and other documents, and released them to the public, to alter the outcome of the U.S. presidential election.
How substantial is the evidence backing these assertions?
Hired by the Democratic National Committee to investigate unusual network activity, the security firm Crowdstrike discovered two separate intrusions on DNC servers. Crowdstrike named the two intruders Cozy Bear and Fancy Bear, in an allusion to what it felt were Russian sources. According to Crowdstrike, “Their tradecraft is superb, operational security second to none,” and “both groups were constantly going back into the environment” to change code and methods and switch command and control channels.
On what basis did Crowdstrike attribute these breaches to Russian intelligence services? The security firm claims that the techniques used were similar to those deployed in past security hacking operations that have been attributed to the same actors, while the profile of previous victims “closely mirrors the strategic interests of the Russian government. Furthermore, it appeared that the intruders were unaware of each other’s presence in the DNC system. “While you would virtually never see Western intelligence agencies going after the same target without de-confliction for fear of compromising each other’s operations,” Crowdstrike reports, “in Russia this is not an uncommon scenario.” [1]
Those may be indicators of Russian government culpability. But then again, perhaps not. Regarding the point about separate intruders, each operating independently of the other, that would seem to more likely indicate that the sources have nothing in common.
Each of the two intrusions acted as an advanced persistent threat (APT), which is an attack that resides undetected on a network for a long time. The goal of an APT is to exfiltrate data from the infected system rather than inflict damage. Several names have been given to these two actors, and most commonly Fancy Bear is known as APT28, and Cozy Bear as APT29.
The fact that many of the techniques used in the hack resembled, in varying degrees, past attacks attributed to Russia may not necessarily carry as much significance as we are led to believe. Once malware is deployed, it tends to be picked up by cybercriminals and offered for sale or trade on Deep Web black markets, where anyone can purchase it. Exploit kits are especially popular sellers. Quite often, the code is modified for specific uses. Security specialist Josh Pitts demonstrated how easy that process can be, downloading and modifying nine samples of the OnionDuke malware, which is thought to have first originated with the Russian government. Pitts reports that this exercise demonstrates “how easy it is to repurpose nation-state code/malware.” [2]
In another example, when SentinalOne Research discovered the Gyges malware in 2014, it reported that it “exhibits similarities to Russian espionage malware,” and is “designed to target government organizations. It comes as no surprise to us that this type of intelligence agency-grade malware would eventually fall into cybercriminals’ hands.” The security firm explains that Gyges is an “example of how advanced techniques and code developed by governments for espionage are effectively being repurposed, modularized and coupled with other malware to commit cybercrime.” [3]
Attribution is hard, cybersecurity specialists often point out. “Once an APT is released into the wild, its spread isn’t controlled by the attacker,” writes Mark McArdle. “They can’t prevent someone from analyzing it and repurposing it for their own needs.” Adapting malware “is a well-known reality,” he continues. “Finding irrefutable evidence that links an attacker to an attack is virtually unattainable, so everything boils down to assumptions and judgment.” [4]
Security Alliance regards security firm FireEye’s analysis that tied APT28 to the Russian government as based “largely on circumstantial evidence.” FireEye’s report “explicitly disregards targets that do not seem to indicate sponsorship by a nation-state,” having excluded various targets because they are “not particularly indicative of a specific sponsor’s interests.” [5] FireEye reported that the APT28 “victim set is narrow,” which helped lead it to the conclusion that it is a Russian operation. Cybersecurity consultant Jeffrey Carr reacts with scorn: “The victim set is narrow because the report’s authors make it narrow! In fact, it wasn’t narrowly targeted at all if you take into account the targets mentioned by other cybersecurity companies, not to mention those that FireEye deliberately excluded for being ‘not particularly indicative of a specific sponsor’s interests’.” [6]
FireEye’s report from 2014, on which much of the DNC Russian attribution is based, found that 89 percent of the APT28 software samples it analyzed were compiled during regular working hours in St. Petersburg and Moscow. [7]
But compile times, like language settings, can be easily altered to mislead investigators. Mark McArdle wonders, “If we think about the very high level of design, engineering, and testing that would be required for such a sophisticated attack, is it reasonable to assume that the attacker would leave these kinds of breadcrumbs? It’s possible. But it’s also possible that these things can be used to misdirect attention to a different party. Potentially another adversary. Is this evidence the result of sloppiness or a careful misdirection?” [8]
“If the guys are really good,” says Chris Finan, CEO of Manifold Technology, “they’re not leaving much evidence or they’re leaving evidence to throw you off the scent entirely.” [9] How plausible is it that Russian intelligence services would fail even to attempt such a fundamental step?
James Scott of the Institute for Critical Infrastructure Technology points out that the very vulnerability of the DNC servers constitutes a muddied basis on which determine attribution. “Attribution is less exact in the case of the DNC breach because the mail servers compromised were not well-secured; the organization of a few hundred personnel did not practice proper cyber-hygiene; the DNC has a global reputation and is a valuable target to script kiddies, hacktivists, lone-wolf cyber-threat actors, cyber-criminals, cyber-jihadists, hail-mary threats, and nation-state sponsored advanced persistent threats; and because the malware discovered on DNC systems were well-known, publicly disclosed, and variants could be purchased on Deep Web markets and forums.” [10]
Someone, or some group, operating under the pseudonym of Guccifer 2.0, claimed to be a lone actor in hacking the DNC servers. It is unclear what relation – if any – Guccifer 2.0 has to either of the two APT attacks on the DNC. In a PDF file that Guccifer 2.0 sent to Gawker.com, metadata indicated that it was it was last saved by someone having a username in Cyrillic letters. During the conversion of the file from Microsoft Word to PDF, invalid hyperlink error messages were automatically generated in the Russian language. [11]
This would seem to present rather damning evidence. But who is Guccifer 2.0? A Russian government operation? A private group? Or a lone hacktivist? In the poorly secured DNC system, there were almost certainly many infiltrators of various stripes. Nor can it be ruled out that the metadata indicators were intentionally generated in the file to misdirect attribution. The two APT attacks have been noted for their sophistication, and these mistakes – if that is what they are – seem amateurish. To change the language setting on a computer can be done in a matter of seconds, and that would be standard procedure for advanced cyber-warriors. On the other hand, sloppiness on the part of developers is not entirely unknown. However, one would expect a nation-state to enforce strict software and document handling procedures and implement rigorous review processes.
At any rate, the documents posted to the Guccifer 2.0 blog do not necessarily originate from the same source as those published by WikiLeaks. Certainly, none of the documents posted to WikiLeaks possess the same metadata issues. And one hacking operation does not preclude another, let alone an insider leak.
APT28 relied on XTunnel, repurposed from open source code that is available to anyone, to open network ports and siphon data. The interesting thing about the software is its failure to match the level of sophistication claimed for APT28. The strings in the code quite transparently indicate its intent, with no attempt at obfuscation. [12] It seems an odd oversight for a nation-state operation, in which plausible deniability would be essential, to overlook that glaring point during software development.
Command-and-control servers remotely issue malicious commands to infected machines. Oddly, for such a key component of the operation, the command-and-control IP address in both attacks was hard-coded in the malware. This seems like another inexplicable choice, given that the point of an advanced persistent threat is to operate for an extended period without detection. A more suitable approach would be to use a Domain Name System (DNS) address, which is a decentralized computer naming system. That would provide a more covert means of identifying the command-and-control server. [13]Moreover, one would expect that address to be encrypted. Using a DNS address would also allow the command-and-control operation to easily move to another server if its location is detected, without the need to modify and reinstall the code.
One of the IP addresses is claimed to be a “well-known APT 28” command-and-control address, while the second is said to be linked to Russian military intelligence. [14] The first address points to a server located in San Jose, California, and is operated by a server hosting service. [15] The second server [16] Clearly, these are servers that have been compromised by hackers. It is customary for hackers to route their attacks through vulnerable computers. The IP addresses of compromised computers are widely available on the Deep Web, and typically a hacked server will be used by multiple threat actors. These two particular servers may or may not have been regularly utilized by Russian Intelligence, but they were not uniquely so used. Almost certainly, many other hackers would have used the same machines, and it cannot be said that these IP addresses uniquely identify an infiltrator. Indeed, the second IP address is associated with the common Trojan viruses Agent-APPR and Shunnael. [17]
“Everyone is focused on attribution, but we may be missing the bigger truth,” says Joshua Croman, Director of the Cyber Statecraft Initiative at the Atlantic Council. “[T]he level of sophistication required to do this hack was so low that nearly anyone could do it.”[18]
In answer to critics, the Department of Homeland Security and the FBI issued a joint analysis report, which presented “technical details regarding the tools and infrastructure used” by Russian intelligence services “to compromise and exploit networks” associated with the U.S. election, U.S. government, political, and private sector entities. The report code-named these activities “Grizzly Steppe.” [19]
For a document that purports to offer strong evidence on behalf of U.S. government allegations of Russian culpability, it is striking how weak and sloppy the content is. Included in the report is a list of every threat group ever said to be associated with the Russian government, most of which are unrelated to the DNC hack. It appears that various governmental organizations were asked to send a list of Russian threats, and then an official lacking IT background compiled that information for the report, and the result is a mishmash of threat groups, software, and techniques. “PowerShell backdoor,” for instance, is a method used by many hackers, and in no way describes a Russian operation.
Indeed, one must take the list on faith, because nowhere in the document is any evidence provided to back up the claim of a Russian connection. Indeed, as the majority of items on the list are unrelated to the DNC hack, one wonders what the point is. But it bears repeating: even where software can be traced to Russian origination, it does not necessarily indicate exclusive usage. Jeffrey Carr explains: “Once malware is deployed, it is no longer under the control of the hacker who deployed it or the developer who created it. It can be reverse-engineered, copied, modified, shared and redeployed again and again by anyone.” Carr quotes security firm ESET in regard to the Sednit group, one of the items on the report’s list, and which is another name for APT28: “As security researchers, what we call ‘the Sednit group’ is merely a set of software and the related infrastructure, which we can hardly correlate with any specific organization.” Carr points out that X‑Agent software, which is said to have been utilized in the DNC hack, was easily obtained by ESET for analysis. “If ESET could do it, so can others. It is both foolish and baseless to claim, as Crowdstrike does, that X‑Agent is used solely by the Russian government when the source code is there for anyone to find and use at will.” [20]
The salient impression given by the government’s report is how devoid of evidence it is. For that matter, the majority of the content is taken up by what security specialist John Hinderaker describes as “pedestrian advice to IT professionals about computer security.” As for the report’s indicators of compromise (IoC), Hinderaker characterizes these as “tools that are freely available and IP addresses that are used by hackers around the world.” [21]
In conjunction with the report, the FBI and Department of Homeland Security provided a list of IP addresses it identified with Russian intelligence services. [22] Wordfence analyzed the IP addresses as well as a PHP malware script provided by the Department of Homeland Security. In analyzing the source code, Wordfence discovered that the software used was P.A.S., version 3.1.0. It then found that the website that manufactures the malware had a site country code indicating that it is Ukrainian. The current version of the P.A.S. software is 4.1.1, which is much newer than that used in the DNC hack, and the latest version has changed “quite substantially.” Wordfence notes that not only is the software “commonly available,” but also that it would be reasonable to expect “Russian intelligence operatives to develop their own tools or at least use current malicious tools from outside sources.” To put it plainly, Wordfence concludes that the malware sample “has no apparent relationship with Russian intelligence.” [23]
Wordfence also analyzed the government’s list of 876 IP addresses included as indicators of compromise. The sites are widely dispersed geographically, and of those with a known location, the United States has the largest number. A large number of the IP addresses belong to low-cost server hosting companies. “A common pattern that we see in the industry,” Wordfence states, “is that accounts at these hosts are compromised and those hacked sites are used to launch attacks around the web.” Fifteen percent of the IP addresses are currently Tor exit nodes. “These exit nodes are used by anyone who wants to be anonymous online, including malicious actors.” [24]
If one also takes into account the IP addresses that not only point to current Tor exits, but also those that once belonged to Tor exit nodes, then these comprise 42 percent of the government’s list. [25] “The fact that so many of the IPs are Tor addresses reveals the true sloppiness of the report,” concludes network security specialist Jerry Gamblin. [26]
Cybersecurity analyst Robert Graham was particularly blistering in his assessment of the government’s report, characterizing it as “full of garbage.” The report fails to tie the indicators of compromise to the Russian government. “It contains signatures of viruses that are publicly available, used by hackers around the world, not just Russia. It contains a long list of IP addresses from perfectly normal services, like Tor, Google, Dropbox, Yahoo, and so forth. Yes, hackers use Yahoo for phishing and maladvertising. It doesn’t mean every access of Yahoo is an ‘indicator of compromise’.” Graham compared the list of IP addresses against those accessed by his web browser, and found two matches. “No,” he continues. “This doesn’t mean I’ve been hacked. It means I just had a normal interaction with Yahoo. It means the Grizzly Steppe IoCs are garbage.” Graham goes on to point out that “what really happened” with the supposed Russian hack into the Vermont power grid “is that somebody just checked their Yahoo email, thereby accessing one of the same IP addresses I did. How they get from the facts (one person accessed Yahoo email) to the story (Russians hacked power grid)” is U.S. government “misinformation.” [27]
The indicators of compromise, in Graham’s assessment, were “published as a political tool, to prove they have evidence pointing to Russia.” As for the P.A.S. web shell, it is “used by hundreds if not thousands of hackers, mostly associated with Russia, but also throughout the rest of the world.” Relying on the government’s sample for attribution is problematic: “Just because you found P.A.S. in two different places doesn’t mean it’s the same hacker.” A web shell “is one of the most common things hackers use once they’ve broken into a server,” Graham observes. [28]
Although cybersecurity analyst Robert M. Lee is inclined to accept the government’s position on the DNC hack, he feels the joint analysis report “reads like a poorly done vendor intelligence report stringing together various aspects of attribution without evidence.” The report’s list “detracts from the confidence because of the interweaving of unrelated data.” The information presented is not sourced, he adds. “It’s a random collection of information and in that way, is mostly useless.” Indeed, the indicators of compromise have “a high rate of false positives for defenders that use them.” [29]
…
The intent of the joint analysis report was to provide evidence of Russian state responsibility for the DNC hack. But nowhere does it do so. Mere assertions are meant to persuade. How much evidence does the government have? The Democratic Party claims that the FBI never requested access to DNC servers. [32] The FBI, for its part, says it made “multiple requests” for access to the DNC servers and was repeatedly turned down. [33] Either way, it is a remarkable admission. In a case like this, the FBI would typically conduct its own investigation. Was the DNC afraid the FBI might come to a different conclusion than the DNC-hired security firm Crowdstrike? The FBI was left to rely on whatever evidence Crowdstrike chose to supply. During its analysis of DNC servers, Crowdstrike reports that it found evidence of APT28 and APT29 intrusions within two hours. Did it stop there, satisfied with what it had found? Or did it continue to explore whether additional intrusions by other actors had taken place?
In an attempt to further inflame the hysteria generated from accusations of Russian hacking, the Office of the Director of National Intelligence published a declassified version of a document briefed to U.S. officials. The information was supplied by the CIA, FBI, and National Security Agency, and was meant to cement the government’s case. Not surprisingly, the report received a warm welcome in the mainstream media, but what is notable is that it offers not a single piece of evidence to support its claim of “high confidence” in assessing that Russia hacked the DNC and released documents to WikiLeaks. Instead, the bulk of the report is an unhinged diatribe against Russian-owned RT media. The content is rife with inaccuracies and absurdities. Among the heinous actions RT is accused of are having run “anti-fracking programming, highlighting environmental issues and the impacts on health issues,” airing a documentary on Occupy Wall Street, and hosting third-party candidates during the 2012 election.[34] . . .
. . . . Mainstream media start with the premise that the Russian government was responsible, despite a lack of convincing evidence. They then leap to the fallacious conclusion that because Russia hacked the DNC, only it could have leaked the documents.
So, did the Russian government hack the DNC and feed documents to WikiLeaks? There are really two questions here: who hacked the DNC, and who released the DNC documents? These are not necessarily the same. An earlier intrusion into German parliament servers was blamed on the Russians, yet the release of documents to WikiLeaks is thought to have originated from an insider. [35] Had the Russians hacked into the DNC, it may have been to gather intelligence, while another actor released the documents. But it is far from certain that Russian intelligence services had anything to do with the intrusions. Julian Assange says that he did not receive the DNC documents from a nation-state. It has been pointed out that Russia could have used a third party to pass along the material. Fair enough, but former UK diplomat Craig Murray asserts: “I know who the source is… It’s from a Washington insider. It’s not from Russia.” [36]
There are too many inconsistencies and holes in the official story. In all likelihood, there were multiple intrusions into DNC servers, not all of which have been identified. The public ought to be wary of quick claims of attribution. It requires a long and involved process to arrive at a plausible identification, and in many cases the source can never be determined. As Jeffrey Carr explains, “It’s important to know that the process of attributing an attack by a cybersecurity company has nothing to do with the scientific method. Claims of attribution aren’t testable or repeatable because the hypothesis is never proven right or wrong.” [37]
Russia-bashing is in full swing, and there does not appear to be any letup in sight. We are plunging headlong into a new Cold War, riding on a wave of propaganda-induced hysteria. The self-serving claims fueling this campaign need to be challenged every step of the way. Surrendering to evidence-free emotional appeals would only serve those who arrogantly advocate confrontation and geopolitical domination.
…
12a. The Shadow Brokers, released some more NSA hacking tools, along with a list of IP addresses the NSA was targeting. All of this was apparently in response to a sense of betrayal. Betrayal by Donald Trump. Yes, when Donald Trump launched a cruise missile attack against Syria this so upset The Shadow Brokers that they wrote another long broken English rant (with a white nationalist theme) about Trump living up to his promises and then released some more hacking tools.
We analyzed the ShadowBrokers in FTR #923.
Suffice it to say, that this group is, in all probability, not Russian at all.
In the latest in a drumbeat of intelligence leaks, a hacking group known as the Shadow Brokers has released another set of tools it said were designed by the top-secret National Security Agency to penetrate computer systems worldwide.
In a rant-filled statement over the weekend, Shadow Brokers also released a list of servers it said the tools had infected.
One document appeared to show that NSA spyware had been placed on servers in South Korea, Russia, Japan, China, Mexico, Taiwan, Spain, Venezuela and Thailand, among other countries. The dump included details of how the NSA purportedly had gained access to Pakistan’s main mobile network.
The release marked the most recent in a steady stream of disclosures of purported hacking tools developed by the NSA and the CIA. Shadow Brokers made a similar release in August, and in March the anti-secrecy group WikiLeaks released several batches of files that purported to show how the CIA spies on its targets. WikiLeaks has dubbed those leaks Vault7.
Cybersecurity experts differed in their assessment of the leaked material but several agreed that it would give global foes crucial information about American hacking abilities and plans.
In its statement, Shadow Brokers said the latest leak, following one eight months ago, “is our form of protest” to goad President Donald Trump into staying loyal to his followers and promoting anti-globalism. The screed included profanity, some white supremacist commentary and a password to the cache of tools.
This is interesting. A list of NSA targets and the specific implants installed (IP address included).https://t.co/d0A950lD3t#ShadowBrokers— Kevin Mitnick (@kevinmitnick) April 9, 2017
The specific spyware was less dramatic, experts said.
“The dump appears to contain only Linux and Unix tools and exploits, so organizations running only Windows don’t need to react to tools in this release,” an Augusta, Georgia, firm, Rendition Infosec, said n a blog posting.
The NSA, which has its headquarters at Fort Meade, Maryland, did not respond to a request for comment.
Rendition Infosec said there was little doubt that Russia and the Shadow Brokers group were connected and that foreign hacking groups, some sponsored by governments, had entered an era of dribbling out leaks to influence global affairs.
“In the future, we believe that other groups are highly likely to attack organizations, steal their data and release it at timed intervals in an attempt to control the news cycle. This is classic information warfare, updated for digital espionage,” the posting said.
In its statement, Shadow Brokers denied, in broken English, that the group is linked to the Russian government.
Those who have worked in the U.S. intelligence community voiced dismay at the constant leak of alleged NSA and CIA techniques and tools.
“What is devastating is not just the loss of one exploit but the loss of your entire tool chain, particular targets you’re residing on, your methodologies, your research thrusts,” said Dave Aitel, a former computer scientist at the NSA who now is chief executive at Immunity Inc., a cybersecurity firm in Miami.
Aitel, who spoke on the sidelines of the Infiltrate 2017 conference in Miami Beach late last week, before the Shadow Brokers release, said the impact of leaks of cyberespionage tools “can be real hard to estimate or contain.”
He said such leaks could open a window on research trends that could derail entire units within the intelligence community.
“Every group has a particular set of specialties that they are good at researching. If you start exposing those capabilities, you also expose your future capabilities,” Aitel said. “It can spread across a lot of pieces of your organization. . . . . That’s when you start seeing entire networks get destroyed based on leaks.”
The Shadow Brokers group burst into the news in mid-August when it claimed to possess stolen NSA cyber weapons and surveillance toolsintend to bypass firewalls and embed in network equipment or software made by Cisco Systems, Fortinet, Juniper Networks and TopSec, a Chinese security vendor.
In a bizarre twist, the group demanded an astronomical sum – 1 million bitcoins, or $1.2 trillion – for the release of additional NSA tools. When the group found no takers, it issued a petulant statement in October saying the auction was off. In January, the group said it was “going dark,” only to reappear over the weekend.
…
Rendition Infosec said there was little doubt that Russia and the Shadow Brokers group were connected and that foreign hacking groups, some sponsored by governments, had entered an era of dribbling out leaks to influence global affairs.“In the future, we believe that other groups are highly likely to attack organizations, steal their data and release it at timed intervals in an attempt to control the news cycle. This is classic information warfare, updated for digital espionage,” the posting said.
In its statement, Shadow Brokers denied, in broken English, that the group is linked to the Russian government.
…
12b. As we noted in past discussion of the Shadow Brokers, there’s actually been a lot of doubt that the Russians hacked the NSA fro the very beginning.
A chief suspect is Jacob Applebaum, the CIA-financed American WikiLeaker who appears to have facilitated Edward Snowden’s journey from Hawaii to Hong Kong.
Who’s really behind one of the most shocking data dumps ever? Another theory emerges.
There are a lot of unanswered questions surrounding the shocking dump of a slew of hacking tools used by an NSA-linked group earlier this week. But perhaps the biggest one is: who’s behind the leak? Who is behind the mysterious moniker “The Shadow Brokers”?
So far, there’s no clear evidence pointing in any direction, but given the timing of the leak, and the simple fact that very few would have the capabilities and the motives to hack and shame the NSA publicly, some posited The Shadow Brokers could be Russian.
But there’s another possibility. An insider could have stolen them directly from the NSA, in a similar fashion to how former NSA contractor Edward Snowden stole an untold number of the spy agency’s top secret documents. And this theory is being pushed by someone who claims to be, himself, a former NSA insider.
“My colleagues and I are fairly certain that this was no hack, or group for that matter,” the former NSA employee told Motherboard. “This ‘Shadow Brokers’ character is one guy, an insider employee.”
The source, who asked to remain anonymous, said that it’d be much easier for an insider to obtain the data that The Shadow Brokers put online rather than someone else, even Russia, remotely stealing it. He argued that “naming convention of the file directories, as well as some of the scripts in the dump are only accessible internally,” and that “there is no reason” for those files to be on a server someone could hack. He claimed that these sorts of files are on a physically separated network that doesn’t touch the internet; an air-gap. (Motherboard was not able to independently verify this claim, and it’s worth bearing in mind that an air-gap is not an insurmountable obstacle in the world of hacking).
Of course, as Matt Suiche, the CEO of Dubai-based cybersecurity company Comae, noted in a post analyzing the insider theory, a leading theory is that a member of NSA’s elite hacking team, Tailored Access Operation, or TAO, made a “mistake” and left the hacking tools exposed on a server.
“We are 99.9 percent sure that Russia has nothing to do with this and even though all this speculation is more sensational in the media, the insider theory should not be dismissed,” the source added. “We think it is the most plausible.”
The source said that while he was “a little nervous about this whole thing,” he was coming forward precisely to warn people against accusing Russia.
“Now seeing what’s being paraded in the media like the wildly speculative attribution to Russia, I feel a personal responsibility to propose the more plausible theory on behalf of me and the rest of the guys like me,” he said. “I think it’s dangerous to point fingers when they shouldn’t be. That could have real implications that affect real people.”
The source provided a military award as proof of his past employment, and multiple former intelligence sources who reviewed the award for Motherboard said it looks legitimate. That award describes the source’s role as a “Cyber Intrusion Analyst,” and although he was not a member of TAO himself, he said he was able to work with TAO operators and access and analyze the data retrieved.
…
Michael Adams, an information security expert who served more than two decades in the US Special Operations Command, agreed that it’s a viable theory.
“It’s Snowden junior,” Adams told Motherboard. “Except he doesn’t want to end up in virtual prison in Russia. He’s smart enough to rip off shit, but also smart enough to be unidentifiable.”
It’s important to note that there’s no evidence pointing the finger at an insider, just like there’s no evidence pointing toward Russia. It’s all speculation, but these two theories, at this point, seem the most plausible.
A former Facebook executive wrote a piece earlier this month in response to the reports about Facebook using algorithms to identify depressed teens and sharing that data with advertisers. His message is a pretty fascinating one: First, don’t believe Facebook’s denials, it is highly likely they are lying through their teeth and routinely making these kinds of inferences and then selling that info to advertisers. And secondly, Facebook is likely doing this in part because, why not? There’s nothing wrong with doing what Facebook was charged with doing.
Those were the twin messages coming from this former Facebook executive. And when you consider the ‘who cares?’ sentiment is probably pretty widely held by Facebook executives (because otherwise there would be an epidemic of self-loathing Facebook execs), it makes the suspicions that Facebook is selling everything it can to advertisers a lot more credible:
“Facebook claimed the report was misleading, assuring the public that the company does not “offer tools to target people based on their emotional state”. If the intention of Facebook’s public relations spin is to give the impression that such targeting is not even possible on their platform, I’m here to tell you I believe they’re lying through their teeth.”
Strong words from the former Facebook executive. And probably largely true words too based on not just his account of how Facebook behaved but also the basic Facebook business model: figuring out how to find the target market for advertisers marketing campaigns is a core component of how Facebook makes money. So if they could identify depressed teens there’s no reason to see why this kind of data wouldn’t be used to sell ads even if Facebook had a policy of not advertising to people in particular emotional states because there’s no reason Facebook couldn’t identify these depressed teens as something other than “depressed teen”. Just put some other “psychometric”-type label on the depressed teens category and sell the ads that way. Problem solved:
“Without seeing the leaked documents, which were reportedly based around a pitch Facebook made to a bank, it is impossible to know precisely what the platform was offering advertisers. There’s nothing in the trade I know of that targets ads at emotions. But Facebook has and does offer “psychometric”-type targeting, where the goal is to define a subset of the marketing audience that an advertiser thinks is particularly susceptible to their message.”
That’s the take away from at least one former Facebook executive: unless Facebook’s executives are suddenly behaving in a very different ethical manner than they were when this executive was working at Facebook, yes, Facebook is almost certainly selling things like teen depression status to advertisers. Because if they can they will. All in all, it’s a rather depressing story. Perhaps not as depressing as Facebook itself, but still pretty depressing.