Tweet
Originally posted by carpedm9587
View Post
-
If they have easy remote access at that level then no wonder they were hacked. And my point was that you would need to forensically examine the hard drive, which means making a copy of them which would mean physical access - you never want to do your research on a live computer where you could end up changing data. And you would need to examine the routers and such on the network in case someone used an exploit on them to gain access.
-
I wasn't suggesting that the servers were wide open for everyone. I said only that you do not have to be on premises or have physical access to the server to do forensic analysis. Obviously, if someone is looking for physical evidence of tampering, they need physical access. I have not heard anyone make accusations of physical tampering. And I do agree that access to a functioning machine for forensic analysis is disruptive, which may well be why it was not wanted. If I were in the middle of a campaign, I doubt I would want to lose access to my servers in the midst of everything else.Originally posted by Sparko View Post
Also, IIRC, the exact same hack was done to the RNC servers. However, only the DNC information was leaked publicly.
ETA: the same is basically true of the routers. They are essentially specialized computers. Today they are typically connected to via an Ethernet interface and a Telnet connection. The only difference between doing that standing next to the router and from across the world is distance.Last edited by carpedm9587; 03-30-2018, 04:10 PM.The ultimate weakness of violence is that it is a descending spiral begetting the very thing it seeks to destroy...returning violence for violence multiplies violence, adding deeper darkness to a night already devoid of stars. Darkness cannot drive out darkness; only light can do that. Hate cannot drive out hate; only love can do that. Martin Luther King
I would unite with anybody to do right and with nobody to do wrong. Frederick DouglasComment
-
You didn't understand what I said. I said nothing about someone physically tampering. When you want to examine a computer for hacking (or anything else crime related) the proper method is to do a forensic analysis. That entails cloning the hard drives and working on the write-locked clones while keeping the originals pristine. You have to have physical access to the original equipment to do that.Originally posted by carpedm9587 View Post
Comment
-
Ahh.. you are at a level of forensic knowledge I do not share. I can sonly speak to the access required to examine a system. I had no idea you had this degree of forensic expertise. Where did you obtain it?Originally posted by Sparko View PostThe ultimate weakness of violence is that it is a descending spiral begetting the very thing it seeks to destroy...returning violence for violence multiplies violence, adding deeper darkness to a night already devoid of stars. Darkness cannot drive out darkness; only light can do that. Hate cannot drive out hate; only love can do that. Martin Luther King
I would unite with anybody to do right and with nobody to do wrong. Frederick DouglasComment
-
I work in litigation support at a law firm. We handle this kind of stuff a lot (not usually hacking but having to gather data from computers for various lawsuits). We usually have to hire a forensic firm to go to the business and collect the data and then produce it to the other side. I assume the process is even more involved when law enforcement is investigating something like hacking. You have chain-of-custody and all that.Originally posted by carpedm9587 View Post
Comment
-
Ahh... that explains your POV. I did a bit of digging after your post. What I found is that your observations are completely accurate, from the legal side. Our disconnect was our POV. I was speaking from the technical side. There is nothing that cannot be done remotely. But to do the "chain of custody" thing, and to ensure the things you outlined, your observation is correct - and it does require physical access to the system.Originally posted by Sparko View PostThe ultimate weakness of violence is that it is a descending spiral begetting the very thing it seeks to destroy...returning violence for violence multiplies violence, adding deeper darkness to a night already devoid of stars. Darkness cannot drive out darkness; only light can do that. Hate cannot drive out hate; only love can do that. Martin Luther King
I would unite with anybody to do right and with nobody to do wrong. Frederick DouglasComment
-
-
With administrator privileges, I can clone any hard drive so long as it's connected to a network, without physical access to the machine.Originally posted by Sparko View PostComment
-
My threads are intended for serious discussion only. Do not revise posts to hide their content, change the user name in the quotes, or address the poster in lieu of addressing the posts, please.Originally posted by Mountain Man View Post
I must say, you have this "deflect, dodge, spin" routine down to a science.
Thank you for following the thread guidelines apart from these few exceptions.
In this case, the neighbor is peddling the stolen goods, and the house that was robbed had better than state-of-the-art security. Everything about this leak says that a state actor was behind it. Had a private crew accomplished the hack prior to its release to Wikileaks, they would without a doubt have capitalized on it first.Except it was already "in the wild" long before Wikileaks told us about it -- independent contractors for various agencies had been helping themselves to these tools for years. It apparently really was as easy as just copying it to a USB stick and walking out the front door. Blaming Wikileaks for this is like blaming a neighbor when he calls to tell you that your house has been burgled.
Again, the suggestion that our intelligence agencies are complicit or directly involved in spoofing an attack by Russian intelligence on the DNC servers is not credible.But the point is, with the technology to spoof "fingerprints" out there where anybody with sufficient knowledge can use it, it makes it very hard to put much faith in "fingerprint" evidence, especially when the DNC and Cloudstrike have been so coy about it.Comment
-
Yeah - that's actually part of the problem. It can be cloned - but if it is for legal forensic purposes, there are legal guidelines that need to be observed - not just technical ones. That was the part I didn't get until I did a bit of poking around. Sparko's statements are legal statements (I think - Sparko please correct me if I'm wrong about that) - not technical ones. He is not saying so - which is what caused my confusion.Originally posted by lao tzu View PostThe ultimate weakness of violence is that it is a descending spiral begetting the very thing it seeks to destroy...returning violence for violence multiplies violence, adding deeper darkness to a night already devoid of stars. Darkness cannot drive out darkness; only light can do that. Hate cannot drive out hate; only love can do that. Martin Luther King
I would unite with anybody to do right and with nobody to do wrong. Frederick DouglasComment
-
It's quite a bit more complicated than that. Accessing even a "headless" machine remotely is not the same as plugging a monitor and keyboard directly into it. Typically remotely logging in is intentionally limited, and some form of secure physical connection -- such as an RS232 cable -- is required for complete access to the system.Originally posted by carpedm9587 View Post
There's also the matter that when a breach happens, the system is (or should be) immediately taken offline to prevent further incursions and to preserve the evidence (you don't want files being inadvertently or deliberately altered or deleted).
Not sure exactly what the DNC did, but the fact that they only let their own paid contractor have access to the comprised system and never let a law enforcement agency have a crack at it is highly suspicious.Some may call me foolish, and some may call me odd
But I'd rather be a fool in the eyes of man
Than a fool in the eyes of God
From "Fools Gold" by PetraComment
-
When you look at the corruption in Obama's FBI and DOJ and the lengths they went to illegally spy on the Trump campaign, I'm not willing to take anything off the table at this point.Originally posted by lao tzu View Post
At any rate, my point is that anybody who has access to these tools (not just government agencies) could spoof fingerprints.Some may call me foolish, and some may call me odd
But I'd rather be a fool in the eyes of man
Than a fool in the eyes of God
From "Fools Gold" by PetraComment
-
Read the rest of the thread...Originally posted by Mountain Man View Post
And I do not find anything suspicious about it in the least. Of course, that's probably because I'm a left-wing nutter...
The ultimate weakness of violence is that it is a descending spiral begetting the very thing it seeks to destroy...returning violence for violence multiplies violence, adding deeper darkness to a night already devoid of stars. Darkness cannot drive out darkness; only light can do that. Hate cannot drive out hate; only love can do that. Martin Luther King
I would unite with anybody to do right and with nobody to do wrong. Frederick DouglasComment
-
So when somebody alleges that there was criminal activity but then tells law enforcement, "You can't collect the evidence yourself. We'll have our own people gather it for you, and you'll just have to take our word for it," that's not suspicious? Don't know if that makes your a left-wing nutter, but it makes you naive at the very least.Originally posted by carpedm9587 View PostRead the rest of the thread...
And I do not find anything suspicious about it in the least. Of course, that's probably because I'm a left-wing nutter...Some may call me foolish, and some may call me odd
But I'd rather be a fool in the eyes of man
Than a fool in the eyes of God
From "Fools Gold" by PetraComment
-
Actually - since the "crime" was compromise of private servers owned by a non-government entity - it is their call, as far as I know, whether or not they want an investigation or to press charges. It is also their call if they want to invite in law enforcement or engage a private agency. If they want to do either, and don't have a qualified agency do the investigation, then they will have a hard time in court. If I were head of the DNC/RNC and was hacked, I would factor in the impact on the ongoing campaign of losing access to my servers for X period of time, and the impact of having even more private information potentially compromised. And if I was as incompetent as the DNC apparently was in protecting their servers, and the DNC was as complicit as it was in sabotaging Sander's campaign, I probably would not want THAT to come to public attention either. It doesn't take much more to explain why they might want to keep things private.Originally posted by Mountain Man View PostThe ultimate weakness of violence is that it is a descending spiral begetting the very thing it seeks to destroy...returning violence for violence multiplies violence, adding deeper darkness to a night already devoid of stars. Darkness cannot drive out darkness; only light can do that. Hate cannot drive out hate; only love can do that. Martin Luther King
I would unite with anybody to do right and with nobody to do wrong. Frederick DouglasComment
| Topics | Statistics | Last Post | ||
|---|---|---|---|---|
|
4 responses
47 views
0 likes
|
by Sparko
Today, 02:38 PM
|
|||
|
45 responses
320 views
1 like
|
by Starlight
Today, 05:05 PM
|
|||
|
60 responses
385 views
0 likes
|
by seanD
Today, 03:09 PM
|
|||
|
0 responses
27 views
1 like
|
by rogue06
04-16-2024, 09:38 AM
|
|||
|
100 responses
437 views
0 likes
|
|
Comment