Do We Really Want A War With Russia?

The Oil-Gas War Over Syria, in Maps (Strategic Culture)

[quote]Turkey’s Anadolu News Agency, though government-run, is providing remarkably clear and reliable diagrammatic descriptions of the current status of the U.S - and - fundamentalist - Sunni, versus Russia - and - Shia - and - NON - fundamentalist - Sunni, sides, in the current oil-and-gas war in the Middle East, for control over territory in Syria, for construction of oil-and-gas pipelines through Syria supplying fuel into the world’s largest energy-market: Europe. Russia is now the dominant supplier of both oil and gas, but its ally Iran is a Shiite gas-powerhouse that wants to share the market there, and Russia has no objection.

Qatar is a Sunni gas-powerhouse and wants to become the main supplier of gas there, and Saudi Arabia is a Sunni oil-powerhouse, which wants to become the major supplier of oil, but Saudi oil and Qatari gas would be pipelined through secular-controlled (Assad's) Syria, and this is why the U.S. and its fundamentalist-Sunni allies, the Sauds, and Qataris, are using Al Qaeda and other jihadists to conquer enough of a strip through Syria so that U.S. companies such as Halliburton will be able safely to place pipelines there, to be marketed in Europe by U.S. firms such as Exxon. Iran also wants to pipeline its gas through Syria, and this is one reason why Iran is defending Syria’s government, against the U.S.-Saudi-Qatari-jihadist invasion, which is trying to overthrow and replace Assad.[/quote]

I was just trying to learn a bit more about how hard it is to possibly cover your tracks if you want to hack anonymously, and I came across these three sequential posts on Reddit.com
Now I'm gonna have to figure that Russia's got at least one person who can read Reddit and try these tricks for themselves, or maybe even know a crap ton more themselves.

[–]gordonmessmer 455 points 23 hours ago

There are lots of things that make it difficult to identify an attacker. I'll try to outline a few, in brief:

1: To quote your example, an attacker might send a shell command like "rm -rf /". What would record that he'd done so? Ignore the fact that he's eliminating files that log his action. Shell history is optional to begin with. And many attackers won't use a normal shell, they'll use a program of their own which is designed to accept commands and execute them without any logging.

2: You might try to record that sort of thing at the network. There are a few problems with that. First, recording all traffic would require more storage (and faster storage) than most businesses have, so that's impractical. You could instead try to record only data that's an attack, but that means you'd have to know what constitutes an attack. As new attacks are developed constantly, keeping logs of only data involved in an attack is probably impossible.

3: Encryption. As you guessed, the source and destination of traffic are not encrypted, but the data itself is. That generally means that only the application which is receiving the data is capable of examining its plain-text contents.

4: Anonymization. Attackers very rarely launch an attack from a machine that they directly control and which could identify them specifically. They might use a VPN, or tor, or another machine that they've previously compromised to launch the attack. In any of those cases, even if you log the traffic, and even if you can examine the plain-text, you still don't know anything other than the fact that the attacker is using a specific VPN (unlikely, since the VPN provider could probably correlate a VPN IP to the user it was assigned to at the time, and to a person via billing information), or that an attacker was using tor (no way to identify such users, by design), or that they were using a compromised host. In the latter case, you might be able to contact the owner of that host and get them to help you track the attacker, but in practice this is improbable, and because you have to do that repeatedly until you can actually identify the attacker, it becomes exponentially more improbable for each hop the attacker uses. The attacker's ISP has all of the same problems. They can't reasonably log all of the data they process, they can't generally identify attack data, they can't tell what you're doing if your traffic is encrypted, and anything you send to initiate an attack probably isn't sent to the system you're attacking directly, so they can't even correlate encrypted traffic to an attack between your system and your target.

[–]AjaxGb 425 points 23 hours ago

Let's use the post office as an analogy for your ISP. Say you want to send John Victim a nasty letter, but don't want him to know who sent it. If you just send him the letter, he can look at the return address and see that it was you. This is where VPNs come in. You write your letter and address it to "John Victim".

Then you put the envelope inside a second, special envelope, and address that to "VPN Inc." VPN Inc. runs a popular service that you and many other people subscribe to. It gives you special envelopes that only VPN can open. When your letter arrives there, a machine extracts the inner envelope and automatically sends it on its way.

Now when John checks the return address, all he will see is that the letter came from "VPN Inc.", just like many other letters. The post office knows that you sent some sort of letter to VPN Inc., and that a nasty letter reached John Victim, but there is nothing linking the two events together, since lots of people are constantly sending letters through VPN's service. There are also similar services that will add their own envelopes and send the letter back and forth randomly between a ton of different locations, if you need extra security and less speed.

 tjt5754 63 points 23 hours ago

The most effective way for a hacker to hide themselves is to connect through multiple systems before connecting to you (victim). If I have hacked a system in China, and a system in Russia, and a system in Poland, then I connect through them sequentially before connecting to you it will seem like I'm hacking you from that computer in Poland.

Now the police could go and confiscate that system, but by the time that they do, I'm long gone. The ISP can't log all communication to and from that system, so it's very unlikely that they could go back and find the connection from the Russian system to the Polish system.

If they do… then you just have another system to go and dig into and hopefully find evidence of the connection from China… and so on. The fact is that the forensic evidence for chained attacks like that just doesn't exist. It would require full packet capture for the whole internet.

That is, don't fall for any of the crude "we traced it back to a Russian server!" stories.  They are likely 100% BS.

I actually think it's quite probable that Russia or an entity affiliated in some way to Russia is behind this.  They have the motive, the means, and, according to the 'experts', fits their MO (of course one could say it fits the US government's MO as well ).  Maybe even more than 50-50 chance.  But unless the US government brings solid proof to the table, they should just take their lumps, implement better IT security measures, and use this as a reminder for everyone in or associated with government to practice better OPSEC.  And if they DO have evidence yet don't want to give it so as to keep the Intelligence Community's methods and capabilities secret (which would be understandable), well then the logical approach would still be the same: keeping one's trap shut so you don't give your opponent even a small clue of whether you have them compromised, and keep whatever appropriate response one is planning (and even the question of whether there WILL be a response) behind closed doors.  In either case, to be aggressively accusing and posturing to the degree they've done is just plain dumb, and, depending on whether secret evidence exists, either risks tipping your hand or reveals a high level of desperation or anxiety to your opponent.  Kind of a bad trade-off to make just for temporary political gain…
That being said, I have little doubt that the emails and content are genuine.  The response from Hillary's campaign and the Democratic Party (blaming the supposed source instead putting any effort into refuting the content) says all I need to hear at this point.

A vote from Trump is a vote for a Molotov cocktail thrown into the establishment halls of power. --Michael Moore.

I would like to recommend the first 60 seconds of this video to everyone. Especially, my wonderful (GREEN Meme) family and friends who have no idea why "anyone could support this monster (Trump)."

The destruction of the working class by the 0.001% has been relentless. And it looks like the working class has a chance to say "no more." And it took a guy with a massive ego to fill this role.  It required a psychologically invulnerable person (i.e.–narcissistic and egotistical) to speak without reservation against every manner of pushback.

How many of us could stand up to derogatory comments from every corner?  Not many.  I can think of several instances where the qualities of intelligence with egotistical narcissism were required to buck the system where a more normal and sensitive person would have been crushed.

 

I've never had any use for Michael Moore and have never heard him say anything I could agree with, so what he said there was startling to me.  He said he listened to some Trump supporters and that's how he came up with this address.  He must have REALLY listened, which I deeply respect for someone who is so far left of even Hillary.  He even seems to have compassion and a positive emotional connection for these people who previously were only "deplorables" to him.
Previously, this is what I've always thought of when I hear "Michael Moore."  (You have to have seen the movie Dune to get this completely.)

https://www.youtube.com/watch?v=_7KazTFOZkA

…happening lately.

Gotta hand it to Alex, he knows how to stir the pot.
https://www.youtube.com/watch?v=htsJxDja5Jo