Posted on 12/29/2016 4:07:46 PM PST by Cheerio
Against the backdrop of a sanctions announcement, President Obama’s administration has released a Joint Analysis Report claiming to outline the details of Russia’s involvement hacking into targeted political data base or computer systems during the election.
Except it doesn’t.
Not even a little.
The “Russian Malicious Cyber Activity – Joint Analysis Report” (full pdf below) is pure nonsense. It outlines nothing more than vague and disingenuous typical hacking activity that is no more substantive than any other hacking report on any other foreign actor.
This might as well be a report blaming Nigerian fraud phone solicitors for targeting U.S. phone numbers. DUH! Just because your grandma didn’t actually win that Nigerian national lottery doesn’t mean the Nigerian Mafioso are targeting your employer to hold you accountable for her portion of the bill.
(Excerpt) Read more at floppingaces.net ...
This is no box.
He is throwing out red-meat to the losers.
Ok.
I’m a computer developer with security programming training, specifically, Federal training.
THIS IS INDEED A LAME GARBAGE REPORT.
There is ZERO offered evidence any of this was Russian in origin, and merely details pretty industry-standard best practices and talks about very common attacks.
One particular one popped out at me: XSS. Cross Site Scripting. GOOD GOD, YOU PEOPLE HAVEN’T HARDENED AGAINST SIMPLE SCRIPT-KIDDY ATTACKS??? This attack is the simplest to carry out, and the simplest to defend against.
This ‘report’ is a litany of incompetance and half of the space is taken up with the industry’s ‘best practices’ in defending against attacks.
And not ONE LICK of evidence Russia was involved.
Not ONE LICK.
Larry, you are the only individual I know who may actually have better training and abilities than me in cybersecurity. Review the ‘report’ and see if you agree with my above assessment.
Wow! That is one limp report. Those “technical indicators” mentioned early in the report might reveal something about the source of the horrifying “attack on the election”, but nothing else in the report that describes the nature of the attacks comes close to eliminating any reasonably skilled hackers from having done it.
(Pinging some other people who might take interest in my assessment)
Ok.
I’m a computer developer with security programming training, specifically, Federal training.
THIS IS INDEED A LAME GARBAGE REPORT.
There is ZERO offered evidence any of this was Russian in origin, and merely details pretty industry-standard best practices and talks about very common attacks.
One particular one popped out at me: XSS. Cross Site Scripting. GOOD GOD, YOU PEOPLE HAVEN’T HARDENED AGAINST SIMPLE SCRIPT-KIDDY ATTACKS??? This attack is the simplest to carry out, and the simplest to defend against.
This ‘report’ is a litany of incompetance and half of the space is taken up with the industry’s ‘best practices’ in defending against attacks.
And not ONE LICK of evidence Russia was involved.
Not ONE LICK.
...and in some cases, the XSS one for example, you wouldn't even need to be reasonably skilled.
Biden has a very real chance of being POTUS until Trump gets sworn in, i have a feeling right now certain powers are discussing this right now.
OTrauma has gone insane. The report he commissioned is pure garbage. See my comments on this thread.
Everything of importance will be wiped clean by the 20th!
I'm a professional in the field; this report makes me very worried that we are -- essentially -- unprotected.
Good God man, they even cited XSS as a potential vector of the attack.
XSS!!!!!
Everything of importance will be wiped clean by the 20th!
I know! its total insanity!, He is unfit to make these kinds of decisions, at the very least i hope Putin is just telling his officials to just take a short vacation for now.
Someone needs to take away his nuclear football.
> I’m a professional in the field; this report makes me very worried that we are — essentially — unprotected.
I came to that conclusion with the Snowden revelations. You can design the best possible IT security and it’s effectively not there with respect to anyone who knows one of the backdoors the NSA had built into common systems.
Thanks to the NSA, the only way to get real IT security is to code everything from scratch - including drivers, operating system, and all applications.
Agreed. However, the NSA is supposed to be a friendly entity.
I know, I know.
But it’s supposed to be.
Such a nifty chart. Had to be a GS-18 who developed that chart for “executive briefings”!!! Remember, when briefing executives, don’t provide too many facts and keep charts to the 3rd Grade Level.
doctered up documents for sure, like his birth certficiate.
Tor with custom bridges , tails, 12P, lifted copy of riffle from MIT and hopping VPN’s on air gap’d garage sale purchased PC running linux peppermint from a open wifi, using a 16db yagi antenna a mile away ......stir in some kismet and wireshark...... it could happen Laz.
Sure, sure, yes on all that stuff, but they claim to know it’s Russia.
THEY SHOWED NOTHING.
HALF THE DOCUMENT WAS INDUSTRY BEST-PRACTICES (if they even are, I have not reread the document to see if they offered even THAT)!
ARE YOU KIDDING ME
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.