As we’ve chronicled the reporting on Russian attempts to impact the US election for their own ends one thing has become increasingly clear: the real target of Russia’s cyber operations, psychological operations, and information operations is the American Grey Zone. While Putin’s ultimate goal is to delegitimize America in the eyes of its allies, partners, and peer competitors, as well as liberal democracy, the target of the attack to achieve these effects is the American Grey Zone. The American Grey Zone, the civil society space that allows both native born and naturalized US citizens, as well as immigrants in various legal categories (students, workers, etc) to be part of the warp and weft of American life in public while at the same time having a private life that is their own. And being able to share as much, bring as much of that private life into public as each individual is comfortable with. The form of that private life – being a member of a minority religion or minority ethnic or racial group or being LQBTQ – is irrelevant to the attack being made on it.
Compelling argument that datadumps of private political communications actually stifle dissent https://t.co/2IdHqklw0p pic.twitter.com/bEyz8ExNTh
— Adam Conover (@adamconover) November 5, 2016
The weaponization of hacked material, whether completely accurate, doctored, and/or completely falsified by selective leaking is one of the major forms of ordnance in this attack. Another is the creation of massive amounts of completely inaccurate disinformation and pushing it into the American and European news and media cycle. If anyone or everyone can have their private lives dumped into the public eye or even worse have their private life adjusted for effect by those who have stolen it and then dumped into the public eye it will not merely stifle dissent, it will also make people think twice before standing up to run for public office or work for organizations that contribute to the public good or make a stand on controversial issues. Or even vote.
The attack on the American Grey Zone isn’t the only attack on the Grey Zone we’ve seen in the past year. ISIL’s terrorist actions outside of the areas they still hold in Iraq and Syria are attacks on the civil spaces of the states and societies where those attacks take place. So to was Russia’s semi-covert support for the UKIP and Brexit. As well as Russia’s overt and covert support for the neo-nationalist and neo-fascists movements and parties in Europe that seek to weaken the European Union and Texas’s largest neo-secessionist movement. Russia’s information, psychological, and cyber operations within Eastern Europe are all also attacks on the Grey Zone.
The point of all of these attacks on the Grey Zone, on the civil space where we life is lived within liberal democracy, are intended to force the citizens of liberal states to chose sides. ISIL wants Muslims to adopt their doctrine of the radical unity of the Deity (tawheed) and then chose to either relocate to the self proclaimed caliphate or to take terrorist action at home against those Muslims that won’t adopt tawheed, as well as their non-Muslim fellow citizens. Russia wants to delegitimize liberal democracy, both within the US and other liberal states in order to demonstrate the US and its EU and NATO allies and partners, as well as its Australian and New Zealander allies, are hypocrites and should not be emulated. Moreover, this attack on the Grey Zone is intended to weaken the EU and NATO, as well as other western alliances and partnerships. Putin’s strategic objectives are revanchist – getting revenge for what he believes is US, EU, and NATO meddling for their own benefits in post-Soviet Russia and intended to allow Russia to reestablish influence and power over its historic near abroad and sphere of influence. It is also economic. Putin’s attempts to weaken the US, the EU, and NATO – even if it is only their prestige – is intended to create the opportunity for the post Crimean seizure economic sanctions to be weakened or fall apart completely. Not because Putin expects a President Trump would get rid of them as soon as he is inaugurated, but because the idea of a President Trump is enough to make European and NATO allies wonder whether they will be able to rely on the US for support and leadership, which will lead to the sanctions regime falling apart of its own weight.
Putin and ISIL are unlikely to be successful in their goals, and can only really be effective if Americans or any other states and societies they are each targeting buy into the intended effects of the information and psychological operations directed against them and, as a result, facilitate the destruction of their own civil spaces. However, the damage that they are doing by creating the opportunities to pull extremism into the mainstream, for helping to make it acceptable for some citizens to set upon their fellow citizens will take years of hard work to fix. Ideas that had never existed, outside of the extremes, in even the worst periods of American history or that had been pushed from the mainstream to the extreme fringe over time, have now been given a new life within the mainstream of American politics.
It was less than eight years ago that Republicans, nervous about a presidential election cycle that delivered the Presidency and sizable majorities in both chambers of Congress to the Democrats, were very, very concerned about politicizing, and possibly criminalizing policy differences. Specifically, the policies that had led to the 2003 invasion of Iraq, the conduct and normalization of torture under the euphemism of enhanced interrogation, the political weaponization of DOJ investigations into Democratic candidates in proximity to elections, and the fiscal, monetary, and budgetary decisions that had led to the 2008 economic crash and crisis. Today the vast majority of elected Republican officials, many the same men and women who were so concerned in 2009, stand mute when members of the Republican Party shout “lock her up” at campaign rallies, as well as “hang the bitch”. Sometimes they also participate as was seen with Governor Christie’s public indictment and trial of Secretary Clinton at the Republican National Convention in July and Senator Burr’s somewhat obtuse reference to gun owners targeting her just last week. Even when Federalist Party President John Adams was engaged in a bitter and divisive campaign against his Democratic-Republican rival Thomas Jefferson, the suggestion that one would imprison the other should he be elected never made an appearance. These extremist ideas, as well as thinly veiled allusions to global conspiracies of bankers, intellectuals, and other elites seeking to oppress and defraud the average American, will continue to infect and effect the Grey Zone, the civil space for years to come. It will take consistent, hard work to push these beliefs back to the fringe and keep them there.
By the time the polls close tonight in the eastern time zone, as well as the US’s Caribbean territories of Puerto Rico and the US Virgin Islands, it will be November 9th in Germany, Austria, and the Czech and Slovak Republics. On November 9, 1938, seventy-eight years ago, Kristallnacht occurred. The Night of Broken Glass was a set of violent attacks by some Germans, Austrians, and Czechoslovaks against their Jewish German, Austrian, and Czechoslovak neighbors. While it is alway easy to fall into the historical analogy trap, it is also important to recognize historic parallels and trends. In this case the lessons of Kristallnacht are the lessons of what happens when the Grey Zone is successfully attacked through dedicated information and psychological operations promoting extreme and extremist ideas. In 1938 the civil space in Germany, Austria, and German occupied Czechoslovakia was gravely wounded and would eventually be destroyed and remade in the NAZI’s ideological image. While it is unlikely that this will be the case in the US in 2016 it is important that we recognize that America’s Grey Zone, its civil space where we all live as citizens and participate as much or as little as we choose in the life of the state and society, has been attacked, has suffered some very real damage, and that we all have important work ahead of us to repair that damage. This is the real challenge going forward from the 2016 Presidential election. It will not be fun, it will not be easy, and it will not be pleasant. But it will be necessary if we really care about forming a more perfect Union, establishing Justice, insuring domestic Tranquility, providing for the common defense, promoting the general Welfare, and securing the Blessings of Liberty.
GrandJury
It probably de-legitimized Wikileaks and Assange somewhat. So I think that part has backfired. Assange was an expendable puppet anyways. He’s no longer in it for any cause other than keeping his own ass out of prison.
Gin & Tonic
Very well written, Adam. Thank you.
Comrade Scrutinizer
Great stuff as always, Adam. Thanks!
Adam L Silverman
@Gin & Tonic: You’re welcome. What do you make of this, and yes, I know its the guy I asked you about last week:
https://twitter.com/noclador/status/795989153536208896
The Moar You Know
I expect all of the material that is dumped or has been dumped is altered/falsified.
One of the things my company has been playing with for the last few years – and not much as the civilian market just hasn’t materialized (that may change) – is digital forensics. I’m the forensics guy. In order to be able to testify in court, I have to have a chain of custody and be able to not just testify but to prove to a court full of technical illiterates that the information gathered has a clear chain of custody leading back to the suspect AND be able to prove that it was not altered by me or anyone else along the way.
You can’t do that with “stolen” emails. Can’t even show where they came from, or if they’re an accurate reflection of where they’re purported to come from. And I fully expect, given the actors involved, that all of them are altered.
Adam L Silverman
@Comrade Scrutinizer: And you are welcome to.
Adam L Silverman
@The Moar You Know: Yep. One of the biggest things that needs to be addressed after this election about what should be done with hacked material, especially uncurated hacked material. What Wikileaks has done is not the same as publishing the Pentagon Papers. Those were specific reports, the provenance of which was known. This is cyber theft followed by just dumping it out there for everyone to see. And that’s not counting the documented doctoring or completely falsified material in the info dumps.
Gin & Tonic
@Adam L Silverman: Start a gofundme to get the dude some Xanax and an extra-large box of Depends.
Adam L Silverman
@GrandJury: We can hope, but the jury is still out.
(what?)
Eugene in Eugene
@Adam L Silverman: Wishful thinking?
Adam L Silverman
@Gin & Tonic: I reckoned.
Adam L Silverman
@Eugene in Eugene: Who knows. I asked G&T because he’s got more on the ground experience in Eastern Europe than I do. I look at that, the tweets look accurate, but it seems a bit off. So if you have access to someone with more knowledge, you ask.
Felonius Monk
Adam, how do we go about doing this?
Gin & Tonic
@Gin & Tonic: Expanding a little – that tweet purports that Putin “attacked Ukraine” on 24 April. A random date, as far as I can recall. The annexation of Crimea was in March. In April Russia was trying to get a land bridge, but on the 24th, Ukrainian forces re-took Mariupol city hall (briefly held by enemy/irregular forces) and it’s been fairly comfortably Ukrainian-controlled since. I don’t recall anything special from the Russian side on the 24th – it was a few days after Easter (April 20th that year) and there’d been some cessation of hostilities in the period leading up to that.
The Moar You Know
@Adam L Silverman: It’s a problem, multiplied exponentially by the large number of people who want to believe that the docs are genuine. Doing this kind of dump in a court case would get a mistrial and likely disbarment, but there’s no corrective mechanism for ten thousand douchebros posting “realclintonemails.zip” on every discussion board on the internet.
Personal rant: this and many other things have led me to the conclusion that it’s not in any society’s best interests for the internet to continue as it has, but that’s a discussion for another time.
hovercraft
Good write up.
On the one hand the people will be embarrassed, but I think this will be less and less effective. People are becoming increasingly comfortable living their lives out in the public. The constant need to share everything on social media, and tell everyone your personal business is startling. One of the heartening things about the wiki dumps, is how little they seem to have swayed anyone. The media tried to pretend that it was shocking that people said different things in private, strategize, or generally practice politics, and the public merely shrugged their shoulders. The only people who seemed scandalized were people who already didn’t like Clinton. I think that much as Hollywood has had to become more guarded with their personal communications, both physical and digital, campaigns and indeed the rest of us will too. Hackers whether for political gain, revenge, or commercial gain will continue to do this to all of us. To me that is the bigger issue, the degree to which the media and everyone else just took it in stride that democratic institutions were hacked and then that information was weaponized with barely a peep from one of our two parties. Maybe once the dust settles people will reconsider how we address this going forward.
D58826
Over at Vox Ezra has a long and scary piece about this years election. He pays Trump one big comliment – Trump never hid what he was. And yet he is within a whisper of the Oval Office. Ezra’s concluding stmt –
http://www.vox.com/policy-and-politics/2016/11/7/13532178/donald-trump-american-democracy-weakness?wpisrc=nl_daily202&wpmm=1
Nunca El Jefe
From your lips/fingertips to President Clinton’s ear. You’re right, there’s a lot of work that needs to be done to heal the rifts in our social contacts and the expectations we have of those structures. It will require a great deal of diligence and patience but, as you clearly point out, requires first the acknowledgement that things have been damaged. Great post.
Adam L Silverman
@Felonius Monk: Getting involved as much as one has time for. This means, at the least, participating/voting in off year/mid term elections, as well as special district and other local elections. And supporting candidates that put forward a platform, for whatever position they’re seeking, that actually 1) makes sense and 2) proposes to make positive changes or maintain the positive portions of the status quo. For those that want to do more: standup and speak out when the civil space is threatened. Things like that.
hovercraft
Assange is feeling the heat
http://talkingpointsmemo.com/livewire/assange-statement-wikileaks-election
Adam L Silverman
@Gin & Tonic: And that’s why I asked because my ability to read Russian is very, very limited.
daryljfontaine
Off-topic, but interesting/infuriating for Election Day: real-time Google Trends map of increased searches for common voting problems.
– Provisional ballots
– Inactive voter status
– Long wait times
– Voter intimidation
– Voting machine problems
Here’s a direct link to the map.
D
RareSanity
@Adam L Silverman: Well, one of the big things is that the use of digitally signed emails, especially in government and political institutions, needs to become the standard.
While one would think that the first order of business would be to secure email servers against ALL intrusions, it is not a realistic goal. These servers can only be secured to thwart known types of attacks, there are still large numbers of people all over the world working on new attacks.
However if at the very least digital signatures for the sender of an email, along with message digests for the content of a message are implemented widely, we can at least eliminate the the problem of altered stolen data, and confirm the sender.
Adam L Silverman
@The Moar You Know: I agree. The Internet should be limited to shopping, pet pictures and videos, movie times, and porn. That’s it.
waysel
@Adam L Silverman: Your efforts are appreciated. Thanks.
NW Phil
If Russia putin this much effort into their economy (sorry), they wouldn’t have to worry about what anybody else thought or said about them. They’re a mess and they’re trying to use a modern form of colonialism as a shortcut to power. It’ll always be their weak point.
some guy
speaking of propaganda, Syria is about to retake Aleppo from the terrorists, which gives Hariri Press Office PR writer Anne Barnard a very big sad. How sad she is, her jihadi pals lost and the people of Syria won. Cheerleading for jihadis who then lose should be a career killer, but when you work for the Hariri Press Office in beirut then it is just another day at the office.
http://www.nytimes.com/2016/11/09/world/middleeast/syria-aleppo-war.html?hpw&rref=world&action=click&pgtype=Homepage&module=well-region®ion=bottom-well&WT.nav=bottom-well
Bobby D
@Gin & Tonic: And not those little pink/yellow or blue round ones either, gonna need some 2mg bars for this one, and maybe a half gallon chaser of scotch (not recommended folks, please don’t mix booze and pills, Jimmy and Janice thank you in advance).
RareSanity
@Adam L Silverman:
Wait…there are other uses for the internet besides this blog and p0rn?
Color me surprised… :-)
The Moar You Know
@Adam L Silverman: I’m thinking more along the lines of anonymity and that sort of thing. Anonymous discourse sounds great in practice, but the reality of it has not really shown that it does anything but allow people to act like four-year olds on meth. That’s just one example. There are many others.
@RareSanity: Mandatory in my company and frankly ought to be mandatory for any email use at all.
Adam L Silverman
@RareSanity: Yep. Unfortunately we’d also need to get government email, in the US, to actually work properly – at minimum standards – all the time. As I’ve noted in comments below, during my term appointment at USAWC, which included a lot of Temporary Duty where I was loaned out to other Army elements as I was both the senior culture subject matter expert and the only one working at, and with any experience working at, the strategic level my email would often be messed up. I specifically remember a ten day long stint to Ft. Sill in Oklahoma to help a colleague out there. The day I left my email stopped working, so my blackberry was now useless. My boss at TRADOC’s email was also down. My email stayed down for almost a month. And then, even once it was fixed (they’d turned off all the term appointees of my types email addresses to fix a nomenclature issue) it then took another three weeks or so for the tech folks at USAWC to get everything working again, including having to get three new common access cards. So for almost two months, on the unclassified side, the only way to reach me by email was my personal account. And that’s what we used because I was supervising two foreign military one star generals, a US lieutenant colonel and colonel, serving as the cultural advisor not just to my boss (a two star), but to 1/2 a dozen others at the general officer/senior executive level who were borrowing me with my boss’s blessing because they didn’t have their own. I was also providing reach back analytical support for Soldiers in contact downrange. So I had to be reachable. We just did what we had to do. I couldn’t just stop doing my job when the email was turned off and no one was notified and then while they worked to fix it.
Adam L Silverman
@The Moar You Know: I’m tracking, I was just being a smartass.
RareSanity
@The Moar You Know:
I can understand why people think it’s a hassle for personal email, but frankly, I don’t understand why all of government, businesses, and other institutions don’t use fully encrypted email that is only decrypted when it is opened.
Makes zero sense to me. It’s so easy to implement end-to-end encrypted email systems in organizations nowadays, and after setup, it’s basically transparent to the user.
bluehill
What is the counter to this? IMO, this type of warfare works because it manipulates biases and instincts that are part of being human.
I’ve often wondered why empires of the past haven’t been able to last and is there something about our way of governance that makes us unique. I’m not smart enough to have an opinion, but after this election, I leaning towards “no”. American exceptionalism is a better characterization of the unique and fortunate circumstances of our formation and history, but not our people. We are still human. Subject to the same motivations as our ancestors.
Maybe our form of government makes it more difficult for people to run it off the rails, but what we’re seeing now suggests that maybe it’s just because we’ve been lucky over the years or that we need another existential threat to cause us to set aside our internal disagreements and focus on the common good. Unfortunately, Trump’s rise seems like it only widened the divisions in our country.
D58826
@Adam L Silverman: Given that so much of or economy is now tied into the internet, power grid for example, is that practical at this point?
Is there another solution, to wit – a parallel internet that is much less open, with higher security barriers for things like the power grid while leaving the existing internet alone for amazon, pets pics, porn and BJ. Obviously people would still try to hack into it b t it would be a lot harder. It would seem that it would be easier to harden this parallel internet than the current one with its millions of ‘internet of things’.
Hungry Joe
Sorry, Adam, but I have to interrupt the flow:
WHAT ARE YOU DOING ON BALLOON JUICE WHEN YOU COULD BE PHONE BANKING? CONTROL OF THE SENATE IS IN THE BALANCE!
Gotta go.
GrandJury
@NW Phil: Their economy will always be their weak point. The drop in oil prices combined with economic sanctions against Russia has been very effective. Much more than they will ever admit.
Don’t believe any BS you hear about Russia still being a world power. They are a regional power. It’s not hard to figure it out with some basic math. Their economy and military is a joke compared to the US. I think China has a much bigger economy and probably a bigger military as well.
Adam L Silverman
@D58826: I was kidding.
Adam L Silverman
@bluehill: So its important to remember that almost all of the “history” around American Exceptionalism is a myth. The earliest documentation of the term being used attributes it to Stalin and it was not a compliment:
http://www.theatlantic.com/politics/archive/2012/03/how-joseph-stalin-invented-american-exceptionalism/254534/
RareSanity
@Adam L Silverman:
As an American, that level of bumbling on such a basic technology is embarrassing. Not saying any one entity within the chain is most at fault, but the fact that the government can’t get to a common, secure, WORKING, policy on email is just unimaginable.
I know each different fiefdom likes to control all of its’ own “stuff”, but in this day and age, scattered information technology policy in the government is a luxury that can no longer be afforded.
In the whole “email scandal”, I’ve always thought that the real story was that the Department of State was unable to provide the freaking Secretary of State access to secure, mobile, email…without requiring her to pull out a bulky laptop and go through all the mechanizations of logging into to the various systems.
Mobile email has been a thing since the 90s, and secure email since the 00s. How is the government still using 20 year old systems and protocols?
trollhattan
@D58826:
Encapsulates why I dreaded Cruz more than Trump, because Teddy would have been a far more effective candidate and should he ever gain real power, has the focus, desire and ability to cause real and lasting damage. Trump’s inability to ruin his chances at the nomination said far more about the Republican Party than it established his skill and ability–his cratering in the general was baked in. Still, like a near asteroid flyby of earth, that was TOO CLOSE.
Adam L Silverman
@RareSanity: Hell it took six hours when I was TDY at Hood for a month to get my unclassified email up and running. Because they had to bridge from the DOD’s western backbone back to its eastern backbone, which is what Carlisle Barracks is attached to. This also required, once the commo guys finished doing their magic, me going and getting a new common access card because the old one only had certs that would be recognized for access on the eastern backbone.
MD Rackham
@RareSanity: If all email is encrypted, how will it be mined for advertising data?
Priorities!
D58826
OK, but I was serious. The things that the internet lets you do have been a powerful stimulant to the economy and society as a whole., Maybe the biggest revolution since Guttenberg. But there are essential services that make for a civilized society and should they be this vulnerable to hacking. There are armed guards and electric fences around our nuclear power plants to keep the bad guys out, but someone can cause as much or more damage by sneaking in thru an internet connection as by storming the gate. Obviously with a large enough force you can storm the gate and no amount of hardening will make this parallel internet 100% secure but should we want to try to make it much more difficult than it seems to be now.
Mary G
As someone who grew up with the Cold War, where Republicans cast the Soviet Union and/or Russians as the ultimate evil, it’s striking how much Putin’s been able to transform his image into someone the right admires and respects.
gwangung
@hovercraft: Bullshit, Assange.
Selective revelation of information HAMPERS democracy and the marketplace of ideas.
divF
@Hungry Joe: That’s “I’ve gotta go”. (/Ian Shoales)
Adam L Silverman
@D58826: Our nuclear facilities are guarded by Wackenhut rent a cops who routinely fail surprise tests even when they’ve been forewarned they are coming. And some guy who’s hobby is visiting nuclear facilities and blogging about them has posted pictures and diagrams and everything else you’d need if you want to try to crack one of them on his website:
http://www.nucleartourist.com/
Fair Economist
This is a fantastic exposition of an important issues. I’d never made the connection between Wikileaks and compromat, but it’s incredibly obvious once you point it out. This goes in my commonplace.
The Moar You Know
@Adam L Silverman: I know :) I actually would be fine with the internet you described, if you included a version of Wikipedia that was vetted by SMEs. But there’s plenty of other awesome uses for it. I like RareSanity’s idea of end-to-end mandatory email encryption; as it stands it’s a royal pain in the ass but it doesn’t have to be that way.
The wrong solution is how SIPR email currently operates but you obviously already know that. If I never have to set up a machine for CAC cards again I will be a happy guy.
Roger Moore
I think they were more worried about their own activities being placed under criminal investigation than they ever were about criminalization of politics in the abstract. If they were worried about it in the abstract, the US Attorney scandal- which was all about criminal persecution of Democrats- never would have happened.
schrodinger's cat
Putin is awful but what about the media culpability in this entire shit show of an election campaign. They made a much bigger deal out of Clinton’s emails than Trump’s very real scandals.
bluehill
@Adam L Silverman:
Ha! Of course the phrase the repubs used to repeatedly browbeat Obama was coined by the Russians. Makes me even less confident about people’s ability to separate truth from propaganda.
RareSanity
@Adam L Silverman: That would be funny (it actually still kinda is) if it weren’t so disgraceful. I can understand the government wanting to have its own secure backbone, but it should be just that…one secure backbone. Even with that, it’s fairly trivial to have highly secure, encrypted connections through VPNs on phones for mobile. If the actual content is sufficiently encrypted, the pipe that it is sent over becomes less and less important.
This sure does seem like something that a Department of Homeland Security should be in charge of instead of the bloated, “what exactly do you guys do now?”, agency it currently is.
@MD Rackham: Well, in my defense, I did say that it would be a hassle for personal email, so the NSA and Google still have that. :-)
Hob
@hovercraft: “People are becoming increasingly comfortable living their lives out in the public. The constant need to share everything on social media, and tell everyone your personal business is startling”
1. Many people (and I don’t just mean old people) still don’t have this “constant need”.
2. It’s a safe bet that for every surprisingly candid thing someone shares on Facebook, there’s some other thing they chose *not* to share. I’m sure you can imagine such things for yourself– and if you’re assuming that social change will mean nobody in the future will have anything in common with you, I think that’s a cop-out.
3. CONSENT MATTERS.
DocSardonic
@RareSanity: Simple. Our government does everything on the cheap. Everything goes out for bid and the lowest bidder (or the guy with the best hookers and blow to offset the slightly higher bid) and there you go. By the time most government technology projects are finally completed equipment installed at the beginning of the project is OOD by a number of upgrade cycles and may not work well with the rest of the systems. Then the kludge work starts and then you lather rinse and repeat.
Adam L Silverman
@RareSanity: Apparently there are two DOD backbones one for the eastern and one for the western US. And you can’t just jump from one to the other. One of the ways they’ve moved around it is to establish a secure, unclassified webmail system for when one is on Temporary Duty. That, however, was not yet in place and fully functional when I had this specific problem.
Roger Moore
@The Moar You Know:
One important point is that this kind of hacking calls into question even things like digital signatures that are supposed to be able to prove the authenticity of email. If your email account is compromised so that the mail can be stolen, how confident can you be that your personal signing key hasn’t also been compromised? I suppose it would be harder for anyone to modify the contents of signed emails you’ve received- they’d also have to compromise the sender- which might protect you if your correspondents were in the habit of quoting full emails, including digital signatures, in their replies. But it still shows just how weak our ability to prove the authenticity of this stuff really is.
Roger Moore
@The Moar You Know:
Which is underlined by how weak a lot of the lies are. Most of the deception hasn’t been about making stuff up out of whole cloth; it’s been about distorting the meaning of stuff that’s basically harmless. Emails from random outsiders to Podesta are presented as being stuff between campaign insiders, and Podesta’s suggestion that they get ahead of the leaks by dumping emails themselves is presented as him suggesting they destroy them. These things are effective at propagandizing people who want to believe, but they fall apart under even modest scrutiny.
Chris
@bluehill:
I agree with the no, and especially with the bolded sentence.
Americans are extremely resistant to realizing just how much of what’s made the system work so far is dumb luck. Like the fact of having two huge oceans between ourselves and any major power that might’ve been tempted to fuck with us – other than the British Empire which for a variety of reasons mostly ended up leaving us alone.
Which isn’t to say that Americans don’t deserve any credit, but as the “privilege” conversation points out, the fact that you worked hard at something doesn’t necessarily mean you weren’t playing on an easier setting.
This besides the fact that “American exceptionalism” nowadays is basically a hysterical cry of “don’t you dare say I’m not special!”
NW Phil
@DocSardonic: and the contract employees who designed the system are long gone. So when you ask any questions about the design, no one actually will know. But they will say “it’s a complicated system, we need time and your money to upgrade it”.
RareSanity
@Adam L Silverman:
Understood, but that’s kind of my point. They represent separate physical networks, but it should have absolutely no effect on the functional network. Those two physical networks can be bridged, via hardware solutions (switches and routers), as to present a single network to the users and applications running on it.
It’s kinda like the conundrum we find ourselves in at my current employer. Most of the higher level engineering people “made their bones” in an era of mostly hardware based products, with small amounts of software supporting it. However, now this has all changed to products that are mainly software, with the hardware there to support. But, these folks don’t really know how to view products in that realm, so our time to market is slowed because there is no recognition that the hardware is now commoditized, and your product is actually the software that runs on top of it.
TL;DR: Whether or not the physical backbone is in two pieces, or sixteen pieces, with proper IT policy, it can made to function as a single contiguous network.
P.S.
This is only to illustrate how far behind our government is in network engineering and IT policy.
Bill Arnold
Adam, these “The Maskirovka Slips” pieces have been interesting. Thank you for writing them.
Edit: in particular, this:
I’ve been thinking on this too, wondering what effective tools (both methodological and technical) can be cobbled together to help. Do you have thoughts in this area that are well-formed enough to share?
Roger Moore
@RareSanity:
The problem with a lot of suggestions like this is that they’re weak against the biggest danger: social engineering. If you can trick somebody into giving you access to their computer, you have access to everything they can see as a user, including the decrypted versions of everything. The could also access stuff like the user’s personal signing key, so they could fake digital signatures. Until you get security that can effectively protect against user error and gullibility, there will continue to be hacks.
Peale
@gwangung: And Podesta’s e-mails? Really? What did they really expect to be informed about? How political speeches are put together? What it really revealed to me is how naive indignant people can be.
The Moar You Know
@Roger Moore: Great question. Would require access to YOUR physical machine and not just the server most of your emails reside upon. Plus requires access to your authentication mechanism (signature password/CAC card/RSA dongle) which ranges from “difficult” to “not happening”.
Our ability to prove authenticity, provided that you have the originating machine, is not weak. It’s pretty damn infallible, even without signatures. But, to use Wikileaks as an example, there’s nothing that’s ever been released there that could be proven authentic, because there’s no access to the original source.
Adam L Silverman
@Bill Arnold: Not really at this time. And thanks for the kind words. Just off the top of me head, some of it participating/voting. At midterms/off year elections. During local/special district elections. Supporting candidates that have solid proposals on how to either make sensible changes and improvements or to hold the line on the status quo when its working. Supporting, as much as one has time for, as many efforts that shore up the civil space. Whether its dropping what you can on Christmas gifts for the less fortunate or dropping a few turkeys and other items so people in need can have a decent meal at Thanksgiving. But its also pushing candidates and elected officials to think about and address potential and/or longer term problems. Automation and its dislocative effects on the work force is a big one that doesn’t get enough attention.
Roger Moore
@The Moar You Know:
Which may actually be beneficial to the originators. From the standpoint of dealing with Kompromat, deniability may be more valuable than authentication. Even perfect authentication can only protect you against fabrications; deniability can protect you against things you actually said!
Miss Bianca
Holy cow, once again an AdamPost is going to take me THE WHOLE DAY to read and assimilate, which is awesome because it will keep me from chasing my tail trying to follow election results.
More seriously, this series of pieces is making me really fearful for the American Grey Zone. Right now, these Russian efforts to compromise it look as cartoonish as Moose and Squirrel, but it seems that there are some big big cultural forces that are headed for a clash with some less-than-cartoonish results. I used to scoff at “Culture Wars” as a notion, considering it nothing more than a right-wing grift operation, but now I’m not so sure.
Thanks, Adam!
Miss Bianca
@Adam L Silverman: But did you use a private server? SILVERMAN EMAIL SCANDAL!!
schrodinger's cat
@Miss Bianca: Miss B, how is your research about Punjab coming along?
Miss Bianca
@schrodinger’s cat: shelved. Working on something new, per the contest recommendations/rules, for NaNoWriMo. I just wish i had more time, because the history of that region is *fascinating*!
Captain C
@hovercraft: Apparently the public doesn’t need to be informed about Trump, or Putin’s Russia, judging by Fake Saint Julian’s actions and omissions.
Adam L Silverman
@Miss Bianca: No.
schrodinger's cat
@Miss Bianca: History of that regions goes back into antiquity, the land of five rivers (translation of Punjab) was the cradle of Indian civilization.
Captain C
@NW Phil: Modern colonialism plus an extraction-based economy based on a product that will hopefully be obsolete in a generation or two.
Miss Bianca
@Adam L Silverman: well, thank God for that. So when you become SoS they can just find something *else* to grill you about endlessly. //
Adam L Silverman
@Captain C: Saint Julian’s in a wee bit of a bind these days…
http://heatst.com/world/julian-assange-to-be-questioned-in-embassy-by-prosecutors-next-week/
schrodinger's cat
@Miss Bianca: That’s easy, the disreputable company he kept while FPing for the known hive of jackals and hyenas.
SFBayAreaGal
Adam, thank you for these fascinating postings about The Maskirovka Slips.
What level of responsibility does the press have in assisting with the attack of the American Grey Zone?
KS in MA
@RareSanity: This!!!
Captain C
@Adam L Silverman: I read somewhere that a couple of the charges had to be dropped due to the fact that they couldn’t interview him in time. If someone knows about charges, and flees in order to avoid questioning/being prosecuted, should the statute of limitations clock stop running until he’s (or she’s) caught or surrenders? Perhaps Swedish law doesn’t work this way?
hovercraft
@Hob:
I agree.
I’m not on facebook, and I don’t think it’s necessary to tell everyone all the details of my life. My point is that the expectation of privacy has been eroding for a long time. You can go back to the Monica being taped by Linda Tripp, any of the celebrity sex tapes, people hacking into Lesley Jones, Jennifer Lawrence e-mail being hacked, the SONY pictures hack, things and places people thought were private, are not. The only way to guarantee privacy is to avoid all electronics, in this day and age it is very hard to live that way, so while consent matters, we increasingly live in the world where in spite of our best efforts so far we are losing our privacy.
Bill Arnold
@The Moar You Know:
There are large numbers of people who would have to entirely avoid any involvement in politics without anonymity, but contribute usefully or even interestingly/effectively with anonymity. Doxxing is the least of the worries, and doxxing can have severe consequences.
(I use my real name rather than a nym (cough), but it is common enough to provide a lot of stochastic cover, maybe a little less since my father died a couple of years ago. At least 20-30 pages down in a simple google search, probably more; never found myself without additional keywords. And even so, even as an American I avoid certain subjects and impolite language, and sometimes take additional technical safeguards.)
Bill Arnold
@Adam L Silverman:
OK. As you can see, several people here are interested in this, maybe as a hobby for the next several years.
Crystal ball/prediction is hard especially about the future/yadayada but looking forward, the estimated risks to the Republic resulting from this deliberate damage to the polity (and from this election cycle in general) have (aggregated) distressingly high probabilities. 2018 is not looking good, 2020 even worse.
Neldob
Always good reading your posts. I’m gonna give David Brooks an earfull now. Or eyefull, or if all goes well, a thoughtful.
Roger Moore
@Hob:
If Assange were big on consent, he wouldn’t be hiding out from rape charges.
Mike in Pasadena
Adam, that was an excellent post. Thank you. You gave me much to think about. As an aside, why is it acceptable now to suggest that gun owners should target the leader of the opposition party? Only joking is not an excuse. As I did after Trump suggested people should exercise 2nd amendment rightS to prevent HRC from appointing a Supreme Court justice, I will call the LA office of the FBI to ask whether senator Burr’s assassination threat is being investigated and if not why not.
Bill Arnold
@efgoldman:
well, at least three things (Note: I am not an infosec practitioner):
(1) Provenance is seldom completely clear with internet attacks. Also, there are more than several actors, and some are non-state actors. (One should also not assume that the non-state actors are exclusively profit-seeking criminals, IMO.)
(2) The Russians have a lot of talent in this area. (Some kinda illegal/tolerated it appears, and ruthless.)
(3) Escalation. The internet infrastructure is pretty fragile; the recent DDoS attack on Dyn, Inc (and indirectly, on the companies that were using it exclusively) could be interpreted as just a warning shot. (That sort of attack has been obvious for 15-20 years at least, yet it worked. Plausible nightmare scenarios abound.) Also, a lot of the economy (including the government) depends on the internet.
What could be done is e.g. help wikileaks salvage their reputation by helping them publish negative material about Russia & rich and powerful institutions/people in Russia. Surprised this hasn’t happened, actually. Surprised that the Russians haven’t done it themselves in some low-damage-to-them/deniable way.
Adam L Silverman
@SFBayAreaGal: Sorry for the delayed response, I stepped a way for a bit/turned off and tuned out. I think the media has a significant level of responsibility. This has been the case since this type of thing started happening regularly. While the Snowden materials, which weren’t hacked, they were simply stolen in violation of US law, were curated, as where the classified and unclassified materials that Chelsea Manning stole from FOB Hammer in Iraq, far far too much of this stuff does not get curated. And that’s certainly the case with the Podesta, DNC, and DCCC hacked materials. Moreover, the press just presented whatever they decided to pull from the dump even though they couldn’t verify their accuracy and subject matter experts had come out and made it clear that there was evidence of tampering or outright falsification.
Adam L Silverman
@Captain C: I do not know.
Adam L Silverman
@Mike in Pasadena: Its not, but its also not anything new historically in the US. Going all the way back into the 19th Century.
Adam L Silverman
@efgoldman: Because once you do it, you lose the ability to monitor on whatever system/systems you’ve breached. The same access that allows for passive monitoring is the same access that allows for more active measures. Once you go active you’ve burned that route in to the network.