There’s another nice example of attribution, in a recent piece by Brian Krebs [krebsonsecurity] “Who is Anna-Senpai the Mirai Worm Author?” I’m not going to walk through it in detail, because Krebs has already done that very well.
It’s a good example of how to do attribution of an attack; the $30+billion/year US intelligence community should be able to do as good a job as a blogger like Krebs, don’t you think?
Obama +1
I’m happy about this. Barack Obama, you complicated, inconsistent, unamerican, brilliant, interesting man. I voted for you the first time because you said you’d close gitmo and get the US out of Iraq and Afghanistan. I didn’t vote for you the second time because you expanded the drone killings, continued to erode the war powers resolution, and destroyed Libya. You were barely the lesser evil. Now, you’ll be missed and that’s a statement about how bad it’s going to get.
The lulzsec logo
I haven’t hidden how unimpressed I am with the FBI/CIA/NSA’s joint report that alleges Russian hackers interfered with the 2016 elections. In my opinion, the ‘evidence’ they present is painfully thin, and mostly bad or inaccurate.
Let’s have a look at some of the quality of evidence that the FBI has been able to present in other hacking cases.
Warning: this post is kind of long.
I like to avoid psychological terms, because I am skeptical regarding the epistemology of psychology* – but, to simplify the rest of this posting, I am going to freely use a term: “Sociopath”/Sociopathic.
I keep a few canary accounts. Those are email accounts that I don’t use to send anything, but I use to sign up to various sites. I used to do this so I could track which conferences sold their contact databases to spammers or marketers. On my ranum.com server, I set up forwarders that push most of the flood into my inbox, which uses bayesian spam classifiers to sort out the gunk.
One reason I’ve been all over the map (physically and mentally) lately is because I’m in the middle of starting up a new company.
How to look like you’ve been sitting with your head in the sand for a decade:
DHS Labels Elections As Critical Infrastructure[1]
Data destruction is a part of good systems administration; you should design it in to your understanding of how you use your systems.
Warning: some “adult” and racist language
Back in the day, when voice recognition systems were first coming into us, we used to joke about getting on the public address system and saying “FORMAT C: /Y”
As you can probably guess, I get a lot of emails related to whatever’s going on in the security world. There was a very short buzz around the “Russia Hacking” thing but very few security practitioners care about it at all. Except one, who sent me this: