Originally posted by carpedm9587
View Post
Announcement
Collapse
Civics 101 Guidelines
Want to argue about politics? Healthcare reform? Taxes? Governments? You've come to the right place!
Try to keep it civil though. The rules still apply here.
Try to keep it civil though. The rules still apply here.
See more
See less
Russian interference with the 2016 election
Collapse
X
-
-
Originally posted by Sparko View PostIf they have easy remote access at that level then no wonder they were hacked. And my point was that you would need to forensically examine the hard drive, which means making a copy of them which would mean physical access - you never want to do your research on a live computer where you could end up changing data. And you would need to examine the routers and such on the network in case someone used an exploit on them to gain access.
Also, IIRC, the exact same hack was done to the RNC servers. However, only the DNC information was leaked publicly.
ETA: the same is basically true of the routers. They are essentially specialized computers. Today they are typically connected to via an Ethernet interface and a Telnet connection. The only difference between doing that standing next to the router and from across the world is distance.Last edited by carpedm9587; 03-30-2018, 04:10 PM.The ultimate weakness of violence is that it is a descending spiral begetting the very thing it seeks to destroy...returning violence for violence multiplies violence, adding deeper darkness to a night already devoid of stars. Darkness cannot drive out darkness; only light can do that. Hate cannot drive out hate; only love can do that. Martin Luther King
I would unite with anybody to do right and with nobody to do wrong. Frederick Douglas
Comment
-
Originally posted by carpedm9587 View PostI wasn't suggesting that the servers were wide open for everyone. I said only that you do not have to be on premises or have physical access to the server to do forensic analysis. Obviously, if someone is looking for physical evidence of tampering, they need physical access. I have not heard anyone make accusations of physical tampering. And I do agree that access to a functioning machine for forensic analysis is disruptive, which may well be why it was not wanted. If I were in the middle of a campaign, I doubt I would want to lose access to my servers in the midst of everything else.
Also, IIRC, the exact same hack was done to the RNC servers. However, only the DNC information was leaked publicly.
Comment
-
Originally posted by Sparko View PostYou didn't understand what I said. I said nothing about someone physically tampering. When you want to examine a computer for hacking (or anything else crime related) the proper method is to do a forensic analysis. That entails cloning the hard drives and working on the write-locked clones while keeping the originals pristine. You have to have physical access to the original equipment to do that.The ultimate weakness of violence is that it is a descending spiral begetting the very thing it seeks to destroy...returning violence for violence multiplies violence, adding deeper darkness to a night already devoid of stars. Darkness cannot drive out darkness; only light can do that. Hate cannot drive out hate; only love can do that. Martin Luther King
I would unite with anybody to do right and with nobody to do wrong. Frederick Douglas
Comment
-
Originally posted by carpedm9587 View PostAhh.. you are at a level of forensic knowledge I do not share. I can sonly speak to the access required to examine a system. I had no idea you had this degree of forensic expertise. Where did you obtain it?
Comment
-
Originally posted by Sparko View PostI work in litigation support at a law firm. We handle this kind of stuff a lot (not usually hacking but having to gather data from computers for various lawsuits). We usually have to hire a forensic firm to go to the business and collect the data and then produce it to the other side. I assume the process is even more involved when law enforcement is investigating something like hacking. You have chain-of-custody and all that.The ultimate weakness of violence is that it is a descending spiral begetting the very thing it seeks to destroy...returning violence for violence multiplies violence, adding deeper darkness to a night already devoid of stars. Darkness cannot drive out darkness; only light can do that. Hate cannot drive out hate; only love can do that. Martin Luther King
I would unite with anybody to do right and with nobody to do wrong. Frederick Douglas
Comment
-
-
Originally posted by Mountain Man View Post
I must say, you have this "deflect, dodge, spin" routine down to a science.
Thank you for following the thread guidelines apart from these few exceptions.
Except it was already "in the wild" long before Wikileaks told us about it -- independent contractors for various agencies had been helping themselves to these tools for years. It apparently really was as easy as just copying it to a USB stick and walking out the front door. Blaming Wikileaks for this is like blaming a neighbor when he calls to tell you that your house has been burgled.
But the point is, with the technology to spoof "fingerprints" out there where anybody with sufficient knowledge can use it, it makes it very hard to put much faith in "fingerprint" evidence, especially when the DNC and Cloudstrike have been so coy about it.
Comment
-
Originally posted by lao tzu View PostWith administrator privileges, I can clone any hard drive so long as it's connected to a network, without physical access to the machine.The ultimate weakness of violence is that it is a descending spiral begetting the very thing it seeks to destroy...returning violence for violence multiplies violence, adding deeper darkness to a night already devoid of stars. Darkness cannot drive out darkness; only light can do that. Hate cannot drive out hate; only love can do that. Martin Luther King
I would unite with anybody to do right and with nobody to do wrong. Frederick Douglas
Comment
-
Originally posted by carpedm9587 View PostUmm...no. A computer is simply a processing unit with multiple vectors for entry. Today, the only difference between sitting at a keyboard connected to a computer and connecting to it via a network is distance. Indeed, the vast majority of modern servers are headless, and the machine does not house the data; that is in a separate storage system accessed via a storage network. A headless machine is pretty much always accessed via a network, further making distance the only true difference. With the correct link and access, any part of a modern machine is accessible.
I have no idea what the most common practice is for law enforcement. Certainly if they have reason to believe a computer has been used to commit a crime, they may want to physically collect it to prevent it being tampered with before they can investigate. But it would be VERY hard for someone today to tamper with a machine and leave NO trace of that tampering. Given the low level of sophistication the Clinton campaign exhibited throughout this, it is doubtful (to me) that they would have even begun to be able to manage it.
Finally, it is not clear to me exactly what law has been broken if someone hacks into the private servers of a political campaign. If the campaign chooses not to press charges, I don't see why there would be a problem (other than a political one - people will accuse them of "hiding something.")
There's also the matter that when a breach happens, the system is (or should be) immediately taken offline to prevent further incursions and to preserve the evidence (you don't want files being inadvertently or deliberately altered or deleted).
Not sure exactly what the DNC did, but the fact that they only let their own paid contractor have access to the comprised system and never let a law enforcement agency have a crack at it is highly suspicious.Some may call me foolish, and some may call me odd
But I'd rather be a fool in the eyes of man
Than a fool in the eyes of God
From "Fools Gold" by Petra
Comment
-
Originally posted by lao tzu View PostAgain, the suggestion that our intelligence agencies are complicit or directly involved in spoofing an attack by Russian intelligence on the DNC servers is not credible.
At any rate, my point is that anybody who has access to these tools (not just government agencies) could spoof fingerprints.Some may call me foolish, and some may call me odd
But I'd rather be a fool in the eyes of man
Than a fool in the eyes of God
From "Fools Gold" by Petra
Comment
-
Originally posted by Mountain Man View PostIt's quite a bit more complicated than that. Accessing even a "headless" machine remotely is not the same as plugging a monitor and keyboard directly into it. Typically remotely logging in is intentionally limited, and some form of secure physical connection -- such as an RS232 cable -- is required for complete access to the system.
There's also the matter that when a breach happens, the system is (or should be) immediately taken offline to prevent further incursions and to preserve the evidence (you don't want files being inadvertently or deliberately altered or deleted).
Not sure exactly what the DNC did, but the fact that they only let their own paid contractor have access to the comprised system and never let a law enforcement agency have a crack at it is highly suspicious.
And I do not find anything suspicious about it in the least. Of course, that's probably because I'm a left-wing nutter...The ultimate weakness of violence is that it is a descending spiral begetting the very thing it seeks to destroy...returning violence for violence multiplies violence, adding deeper darkness to a night already devoid of stars. Darkness cannot drive out darkness; only light can do that. Hate cannot drive out hate; only love can do that. Martin Luther King
I would unite with anybody to do right and with nobody to do wrong. Frederick Douglas
Comment
-
Originally posted by carpedm9587 View PostRead the rest of the thread...
And I do not find anything suspicious about it in the least. Of course, that's probably because I'm a left-wing nutter...Some may call me foolish, and some may call me odd
But I'd rather be a fool in the eyes of man
Than a fool in the eyes of God
From "Fools Gold" by Petra
Comment
-
Originally posted by Mountain Man View PostSo when somebody alleges that there was criminal activity but then tells law enforcement, "You can't collect the evidence yourself. We'll have our own people gather it for you, and you'll just have to take our word for it," that's not suspicious? Don't know if that makes your a left-wing nutter, but it makes you naive at the very least.The ultimate weakness of violence is that it is a descending spiral begetting the very thing it seeks to destroy...returning violence for violence multiplies violence, adding deeper darkness to a night already devoid of stars. Darkness cannot drive out darkness; only light can do that. Hate cannot drive out hate; only love can do that. Martin Luther King
I would unite with anybody to do right and with nobody to do wrong. Frederick Douglas
Comment
Related Threads
Collapse
Topics | Statistics | Last Post | ||
---|---|---|---|---|
Started by seer, Today, 01:12 PM
|
4 responses
47 views
0 likes
|
Last Post
by Sparko
Today, 02:38 PM
|
||
Started by rogue06, Yesterday, 09:33 AM
|
45 responses
320 views
1 like
|
Last Post
by Starlight
Today, 05:05 PM
|
||
Started by whag, 04-16-2024, 10:43 PM
|
60 responses
385 views
0 likes
|
Last Post
by seanD
Today, 03:09 PM
|
||
Started by rogue06, 04-16-2024, 09:38 AM
|
0 responses
27 views
1 like
|
Last Post
by rogue06
04-16-2024, 09:38 AM
|
||
Started by Hypatia_Alexandria, 04-16-2024, 06:47 AM
|
100 responses
437 views
0 likes
|
Last Post Today, 12:45 PM |
Comment