FBI Says a Mysterious Hacking Group Has Had Access to US Govt Files for Years (vice.com) 101
Lorenzo Franceschi-Bicchierai, reporting for Motherboard: The feds warned that "a group of malicious cyber actors," whom security experts believe to be the government-sponsored hacking group known as APT6, "have compromised and stolen sensitive information from various government and commercial networks" since at least 2011, according to an FBI alert obtained by Motherboard. The alert, which is also available online, shows that foreign government hackers are still successfully hacking and stealing data from US government's servers, their activities going unnoticed for years. [...] In the alert, the FBI lists a long series of websites used as command and control servers to launch phishing attacks "in furtherance of computer network exploitation (CNE) activities [read: hacking] in the United States and abroad since at least 2011."
If the FrostyBI are complaining... (Score:2)
If the FBI a) know about it and b) are complaining then i's no mystery - it must be the CIA.
Re: (Score:2, Funny)
I really wish you'd said "If the FrostyBI are pissed..." because it would have been such a lovely First Post pun.
Re: (Score:2)
I really wish you'd said "If the FrostyBI are pissed..." because it would have been such a lovely First Post pun.
A missed opportunity as there's not been one in months.
Re: (Score:2)
Where I come from, pissed means drunk.
Not saying they aren't, mind. It might explain a few things.
Re: (Score:1)
F.B.I.: 'we need backdoors.'
And now, F.B.I., you see what happens even when there are not backdoors. Stuff still gets cracked. So, if there are more ways to infiltrate, i.e. backdoors, you really think things will be more secure?
Re: (Score:2)
The American people are sick and tired of hearing about your damn emails
Re: (Score:1)
Yeah, because discussing the nature of Hilary's insecure email with a shit-tonne of classified and beyond emails is partisan. But Bernie has decreed it, "enough" and that isn't partisan. Got it.
Re: (Score:2)
None of her emails were "MARKED" classified. Markings of themselves does not make the emails classified or not. But hey, keep parroting irrelevant information as that always works.
Classifications are well established, and Clinton was informed on her duty (as in responsibility) to maintain secrecy. You should actually read the NDA Clinton actually signed, which is fairly clear on what her responsibilities and duties were. She has breached that NDA by all reasonable measures. Of course, partisan democrats wil
Re: (Score:2)
Re: (Score:2)
This is why... (Score:2)
This is why they think they can get into any phone.
Despite their best effort, their stuff keeps getting owned. So they think that every other system has easy holes in it too.
All these government servers, Hitlery's out of band leaky illegal bathroom depository, iPhones. All of it.
Re: (Score:3)
Well. They could just leave secret documents in the servers, addressed to the mysterious hackers:
"Dear Mysterious Hackers,
We're pretty sure you must be reading this, so, would you please download phone 555-45-33's records and send them to us, please?
Pretty please?
Federally yours,
The FB of A
"
Re: (Score:3)
Interesting. Kind of like writing letters to Santa and sending them up the chimney except they are more likely to be read.
It makes me wonder if there was a...
"Dear Mysterious Hackers,
Please can you extract and distribute all the documents pertaining to offshore tax avoidance handled by firms like Mossack Fonseca.
Thanks in advance,
The actual tax payers of the world"
Re:This is why... (Score:5, Interesting)
Actually, from the sound of it, Hillary's home server was about the only 'government' server that hasn't been hacked.
'Hitlery'? Really? At least it's not a play on the female anatomy. I commend your maturity.
Re: (Score:2)
Re: (Score:2)
(read outside of main stream media and use your brain bucket just a little)
You mean some wing-nut conspiracy website?
Re: (Score:2)
Okay, don't use anything but knowledge about security. How hard is it for someone to find the server information for an email server, and then hack into a server which is rarely managed.
Every Government agency (FBI, NSA, CIA, etc...) has said the server was insecure. The only people that want to defend Clinton's poor ethics, morals, and poor decisions related to this server are people who believe that they gain if she wins. If GW Bush had done the same thing my position would remain exactly the same, but
Re: (Score:2)
How hard is it for someone to find the server information for an email server, and then hack into a server which is rarely managed.
Rarely managed according to what source?
Every Government agency (FBI, NSA, CIA, etc...) has said the server was insecure.
Agencies known for their impeccable honesty with public disclosures...
The only people that want to defend Clinton's poor ethics, morals, and poor decisions related to this server are people who believe that they gain if she wins.
A political opinion that has nothing to do with the question about the security of her email server.
Re: (Score:2)
Rarely managed according to what source?
All of them, including the person who set up the server and ended up handing it over to the authorities.
Agencies known for their impeccable honesty with public disclosures...
If those same authorities were on your side, you would defend those same agencies on other matters benefit your political beliefs. You fool nobody but yourself.
A political opinion that has nothing to do with the question about the security of her email server.
It has everything to do with why people like you attempt to lie to make her look good, which YOU did by perpetuating an easy to verify as false claim.
Re: (Score:2)
Except that it was owned (read outside of main stream media and use your brain bucket just a little).
[citation needed]
Any bets on what he comes up with?
Re: (Score:2)
How about you do a simple web search instead of making _false_ claims about there being no information. Sources that came up in the top 10 on duckduckgo are Breitbart, Businessinsider, CNN, and the NationalReview which of course are all well known right wing extremist crank sites, right? Wholly fuck, even Bill Gates said that it was likely her server was compromised, but of course he is just another right wing conservative gun nut. Am I right?
I do hope you can read sarcasm better than you can use a searc
Re:This is why... (Score:5, Informative)
Nobody knows Hillary's home server hasn't been hacked. All that we know is that whatever logging they were doing didn't show evidence of hacking. All that tells you is that if it was hacked, it wasn't done by a complete incompetent.
Re: (Score:1)
Nobody knows Hillary's home server hasn't been hacked. All that we know is that whatever logging they were doing didn't show evidence of hacking. All that tells you is that if it was hacked, it wasn't done by a complete incompetent.
And since the logging wasn't set up to secrecy specs, they'll never know if it was hacked, or the extent of those hacks if it was.... so ALL the data on the server needs to be considered compromised.
Re: This is why... (Score:3, Informative)
Except that awkward moment everyone forgets the server was found because guccifer got in sharing screen caps.
http://www.mrctv.org/blog/update-hillary-s-secret-email-revealed-romanian-hacker-had-its-own-internet-server
Re: (Score:2)
Re: (Score:2)
The server's domain name was clintonemail.com. To remind, whois registries are public, and in this case you really only need the domain name to figure out it would make a good target.
And, according to the people who were running it, it wasn't even using SSL for the first few months. So you didn't even have to hack it, you could just do MITM on it.
Given all this, it would be truly amazing if it wasn't hacked.
Re: (Score:2)
Or as Bernie says "The American people are sick and tired of hearing about your damn emails"
Mysterious? Really? (Score:4, Funny)
Can't figure out wHo would want to have InterNal file Access.
Re: (Score:2)
Never easier... Only a Really peTulant arcH-nemesis would asK fOR such unfEttered Access!
Dear FBI... (Score:3)
Government systems.... built and secured by the lowest bidder....
Re: (Score:2)
Its one of those cognitive dissonance problems the people think its not my money why should I care?
If someone actually cared they would have looked at that price tag and gone whoa wtf? And found some one to do it for a few hundred at most.
But as it is they don't feel they have any stake in what they are approving and most likely don't really understand what they are approving or how much it should actually cost.
Despite the fact that it's still going to come out of their taxes somehow. Gov't employees do sti
Re: (Score:2)
Re: (Score:2)
The same way a 5 dollar screwdrivers suddenly costs 200 bucks. The reams and reams of Federal Compliance Paperwork that MUST be completed for each one. Certifications per item that "Conflict Metals" are not included. Validation and auditing of HR and hiring procedures for everyone involved, from the guy digging the ore, to the guy putting it in the small box of "Screwdriver, Phillips, Size P2, 1 each, Federal Stock number. . . . . . " I could go on, but I think you can get the drift.
Oh, and Small/Disa
Re: (Score:2)
The same way a 5 dollar screwdrivers suddenly costs 200 bucks. The reams and reams of Federal Compliance Paperwork that MUST be completed for each one.
Of course this anecdote is complete crap.
People like to blather on about a machine screw that they can buy at Ace Hardware for 50 cents costing the government $200. What they forget to say is that the government screw has been inspected and tested in a calibration lab and approved for use in aerospace such as jets and satellites, because, you know, it would be bad for this bolt to fail when the rocket is lifting off, and pilots tend to like engine parts to stay put... Small details.
Re: (Score:2)
"The reams and reams of Federal Compliance Paperwork that MUST be completed for each one."
If only there were so much bureaucracy. I know this is popular myth, but you just look silly repeating it.
The much more likely reason for cost inflation (outside of the case where NASA is using something that is *overtly* similar to a common item, but is actual not something you could buy off of the shelf) is very simple: quid pro quo. Our government is bought and sold, and one of the ways it pays back its beneficiarie
Re: (Score:2)
You assume the bureaucracy actually READS it. They don't. That doesn't stop the requirement to PROVIDE the documentation. Which will go on file somewhere, in case somebody needs to cover their ass because something went wrong.
Re: (Score:2)
oh, so you really subscribe to the urban myth and not just repeating it? Wow. I'm sorry.
If you ever got anywhere near procurement you'd be surprised at how it really works. And federal government procurement is not particularly any worse than anywhere else, but the federal government is a *huge* procurement source which makes it a natural target. But state government procurement is, if anything, worse. And corporate procurements can be quite labyrinthine as well.
While there are a variety of requirements, yo
Re: (Score:2)
The private sector kickbacks and bribes are illegal...
In the public sector, it's considered normal and expected.
GSA Schedule (Score:2)
Unverifiable (Score:2)
Are these assertions verifiable? If they are not, the fact that they were made is irrelevant.
Through which mechanism can the population verify this information is true?
If such mechanism doesn't exist, why make this information public?
Is Faith a required aspect of citizenship now?
In other words:
Information based on secret data is of value only internally to the sharers of the secret.
This distribution of unverifiable information is simply propaganda.
Re: (Score:2)
Maybe a senator can start a bill (Score:2)
to encrypt the government to save it from those pesky things they never do to others.
First person to post (Score:3)
The contents of the San Bernardino iPhone wins, and proves Apple's point.
Re: (Score:2)
That's one of those odd things at the point this all happened apple had been offered device locked mdm profiles for a while.
The articles I read indicated that the owner of the phone san bernardino county did not opt to get mdm profiles when they purchased the phones.
But its nice to see that apple hasn't given up on their deceptive business practices as they still do not show if a device has a irremovable mdm profile on the icloud lock check page.
Really fucks over second hand dealers and makes the icloud act
A Foreign Government Gets US Government Files? (Score:1)
The solution is obvious.
Further restricting the rights of the American people will surely solve this problem.
But why worry? (Score:3)
Ever heard an iteration of this BS before? "Why not let your government collect data on you? you have nothing to hide."
I mean besides targeted ads, invasion of privacy, online profiling that will affect the prices of products and search results, being subjected to voyeurism by bored government agencies, attracting whatever weirdo or teen hacker that managed to somehow get the data, perhaps elongating the queue at the airport when you're "randomly" asked about that "funny" prank in college, or the widely used change of your insurance quote because some stupid filter found a word associated with higher risk somewhere in a database that has info about you...but let's get back on point:
Why would I trust the government with my data when they cannot secure their own data? -Why should I still bend over and just accept their blatant and useless corrosion of individual privacy and freedom in lieu of their incompetence and carelessness?
Re:But why worry? (Score:4, Insightful)
Ever heard an iteration of this BS before? "Why not let your government collect data on you? you have nothing to hide." I mean besides targeted ads, invasion of privacy, online profiling that will affect the prices of products and search results, being subjected to voyeurism by bored government agencies, attracting whatever weirdo or teen hacker that managed to somehow get the data, perhaps elongating the queue at the airport when you're "randomly" asked about that "funny" prank in college, or the widely used change of your insurance quote because some stupid filter found a word associated with higher risk somewhere in a database that has info about you...but let's get back on point: Why would I trust the government with my data when they cannot secure their own data? -Why should I still bend over and just accept their blatant and useless corrosion of individual privacy and freedom in lieu of their incompetence and carelessness?
Because terrorists! I'm sure this will all be addressed in the upcoming "America, land of the free" bill that will make encryption illegal.
How will this play out? (Score:2)
Intel Management Engine (Score:3)
Re: (Score:2)
AMD has had the "Platform Security Processor" since 2013, which has the same problems (including Ring -3 level exploitability)
Curious that it's hard to find a list of processors without these "features" online. Wikipedia barely mentions PSP as a footnote on AMD's APU list.
Been happening for decades (Score:3)
Re: (Score:3)
People want to believe that an outsider can make things better, since the insiders keep screwing things up.
That's only a part of the reasons. If people really want to believe that an outsider can make things better, they would have thought further than just that. They would have looked at how the person would do to make things better from the person's both past and present speech & action, not from the person words coming out of his mouth. They would have determined what consequences are if they elect the person, not what the person promises and spout vaugely proposal that doesn't represent a well thought so
Re: (Score:2)
I will vote for the first person who promises to build a gallows over the reflecting pool and eliminate the current occupants of cabinet positions, heads of three letter agencies, congress, senate, and federal reserve board.
Re: (Score:2)
Nice way to conflate the US government with US businesses with the US people. When you say "it outsources more work to China" what you really mean is "US businesses either shutdown local operations or expand new operations overseas, including in China". Don't try to make that "the US government" which, despite being a large, unwieldy and frequently ineffective multi-department entity, does not require US businesses to move production to China.
Trump is *not* an outsider to all of this. Oh, sure, he hasn't be
Re: (Score:1)
Israel (Score:1)
It's not a mystery, it is Israel. Up to their dirty little tricks as usual.
I think they are referring to the nine horsemen (Score:1)
There are five known military espionage units spying on government files, the CIA, NSA, and the other two agencies none are permitted to know about.
Re: (Score:2, Funny)
and the other two agencies none are permitted to know about
Don't worry, we both know about you...
link? (Score:1)
Red Scare 2.0 (Score:2)
With every action, the FBI reminds us why they never wanted to rename their HQ.
Re: (Score:2)
Get A Life. (Score:2)
Senior System Engineer/Architect
Where? Some bum-fuck tiny ISP? Some tiny shit business of some insignificant variety? Some community college IT department? A so-called contractor?
Notice: If you post anonymously do not expect a reply.
Typical arrogant nonsense from some basement dweller. In other words, go fuck yourself.
Bunk article. (Score:1)
Re: (Score:2)
For that to work a lot of real and fake information has to walk and has to be seen as originating in the depths of real US gov computer systems.
Operations get renamed, staff move around and the resulting security networks are left wide open. Data used as bait or to see where it was going was completed or abandoned months or
Re: (Score:2)
Since 2011? (Score:1)
Private Email Server (Score:2)