back to article Trump administration says Russia behind SolarWinds hack. Trump himself begs to differ

United States secretary of state Mike Pompeo has laid the blame for the SolarWinds hack on Russia, but his boss begs to differ. Pompeo on Friday gave an interview with pro-Trump conservative talk radio host Mark Levin, the transcript of which was posted by the State Department. During the interview Levin asked about the …

  1. Peter Prof Fox

    That tweet is real?

    Not a parody? Not an impressionist? I've done my best to avoid the splutterings of Duck Turd so I seem to have missed a great thread of couldn'tmakeituptertainment.

    1. John Smith 19 Gold badge
      Unhappy

      Nope that's the authentic voice of DJ Trumpf, the 44th POTUS

      What does an insane society look like?

      Like somewhere that would elect someone like this.*

      *Other equally bats**t polities are available in various parts of the world. Hopefully they will follow the US in doing some house cleaning.

      1. Adrian 4 Silver badge

        Re: Nope that's the authentic voice of DJ Trumpf, the 44th POTUS

        Wasn't he the 45th ?

        1. Lon24 Silver badge

          Re: Nope that's the authentic voice of DJ Trumpf, the 44th POTUS

          Or he can't count, or he really believes Barack wasn't born to be President, or ... ???

        2. Bill Gray

          Re: Nope that's the authentic voice of DJ Trumpf, the 44th POTUS

          By what amounts to a conventionally agreed upon counting method, Grover Cleveland (only US president to serve non-consecutive terms) is considered POTUSes 22 and 24. That makes the Orange Lord the 44th person to hold that office, but also the 45th US president, illogical though that may appear to be.

          1. Someone Else Silver badge

            Re: Nope that's the authentic voice of DJ Trumpf, the 44th POTUS

            No, worries @Bill Gray, illogic and tRump seem to welded together.

          2. John Smith 19 Gold badge
            Thumb Up

            "That makes the Orange Lord the 44th person to hold that office"

            What he said.

      2. Anonymous Coward
        Anonymous Coward

        Re: Hopefully they will follow the US in doing some house cleaning.

        I wish so. Here in South Bananistan things are getting out of control. Our local Trump Toadie keeps saying things like "the pandemic is disappearing" and "why the hurry for a vaccine?" -- of course, he does not grant interviews, use only Facebook/Twitter to communicate with his followers. And keeps saying things like "I have proof I won in the first round of voting in 2018" -- because according to him, the voting machines are rigged! No proof is shown so far.

        I wish for Trump to sue Bolsonaro (oops!) for plagiarism.

        1. Blackjack Silver badge

          Re: Hopefully they will follow the US in doing some house cleaning.

          Bolsonaro did the whole getting Corona and then going back to say the plague is nothing first.

    2. Kane Silver badge
      Thumb Up

      Re: Duck Turd

      For some reason, my head went here.

      I'm sure there's some scope for a rewrite...

    3. PassiveSmoking

      Re: That tweet is real?

      His Twitter password was "MAGA2020!" so it could literally have been anybody

    4. trindflo
      Joke

      Not bad, I prefer to think of him as Dishonest John

      https://villains.fandom.com/wiki/Dishonest_John

    5. Anonymous Coward
      Anonymous Coward

      44th Exsident says "Fake news"

      Ooops, accident, that was my guy, undooo! Oh, doesn't matter, I'll fire him anyway.

  2. Yes Me Silver badge
    Black Helicopters

    ACL

    Once that code is up and running it runs a bunch of tests to make sure it is in an environment free of certain security software and is configured to communicate with certain expected IP addresses.
    So there's an obvious way to defeat it, if you haven't already been backdoored, assuming you know those addresses. Just update the ACL in your border router.

    I assume those addresses are known to be under Russian control.

    P.S. There's a list of suspect addresses at https://raw.githubusercontent.com/ExtraHop/code-examples/main/sunburst/threats.json

    P.P.S But maybe not so useful, since it includes e.g. Amazon Inc and Nokia address blocks.

    1. Palpy

      Re:Domain killswitch

      FireEye identified a domain name which serves as a killswitch for the malware. I am unclear whether this is in fact checked by the initializing dll or whether this kills the malware in another stage of execution.

      This from Krebs (https://krebsonsecurity.com/2020/12/malicious-domain-in-solarwinds-hack-turned-into-killswitch/ ):

      "'SUNBURST is the malware that was distributed through SolarWinds software,' FireEye said in a statement shared with KrebsOnSecurity. 'As part of FireEye’s analysis of SUNBURST, we identified a killswitch that would prevent SUNBURST from continuing to operate.'”

      1. Yes Me Silver badge

        Re: Re:Domain killswitch

        That would be avsvmcloud dot com according to this post, which also says that MS has seized it.

      2. Anonymous Coward
        Anonymous Coward

        Re: Re:Domain killswitch

        Unlikely to end with Sunburst though..... they'll have used that to install additional malware.

        https://threatpost.com/sunburst-c2-secrets-rsolarwinds-victims/162426/

        "Further exploitation by the unknown advanced persistent threat (APT) group, dubbed UNC2452 or DarkHalo by researchers, involves installing more malware, installing persistence mechanisms and exfiltrating data, according to Kaspersky."

        I find it funny that they're quoting Kaspersky in that article. Have they forgotten Ruslan Stoyanov?, the Kaspersky FBI informant that was arrested 6 days after Trump got into power. Somehow the Russians got the names of informants 6 days after Trump got access to the unredacted Christopher Steele memos with all the informants names.

        https://en.wikipedia.org/wiki/Ruslan_Stoyanov

        https://www.dailykos.com/stories/2019/5/19/1857878/-Just-how-much-is-confirmed-from-the-Christopher-Steele-dossier

        1. Anonymous Coward
          Anonymous Coward

          Re: Re:Domain killswitch

          or the American NSA agent that leaked their tools and was exposed by Kaspersky during the investigation into how he got them on his home PC to get detected by his AV. That must mean that the US government was behind leaking the tools to criminals? not really,,

          Is the UK to blame for the wanacry exploit, not really..

          Don't blame a country for a fool. But do hold people and governments individually accountable for their actions. Because every country has fools/crimz.

    2. W.S.Gosset Silver badge

      Re: ACL

      > So there's an obvious way to defeat it,

      Yes, that's what they did. Plus then took over the C&C Server's domain's DNS lookup via GoDaddy, to protect ALL the possible exposed parties.

      1. sabroni Silver badge

        Re: to protect ALL the possible exposed parties.

        six months after they were compromised, it's not a great achievement.

    3. Anonymous Coward
      Anonymous Coward

      Re: ACL

      The first addresses it pings out are unlikely to be in any way related to its masters. It'll be merely to establish if it has a direct internet connection or not.

      I run a tight isolated network, any outside connection attempts pops up in daily reports and gets investigated. That made me find interesting things, like that well-known security scanner that ran python scripts locally, which were automatically trying to download and install libraries from public repositories.

    4. Cliffwilliams44 Bronze badge

      Re: ACL

      "So there's an obvious way to defeat it"

      Of course there is an obvious way to defeat it, there always is, but those effected never do. Then we run around screaming at the top of our lungs about those "bad guys" who put the code up. We never make those whose responsibility it is to secure their data/facilities responsible. In this case SolarWinds, previously, the DNC, NSA, etc. The bad guys are going to try, whether they are from Russia, China or Canada! Matters not. Until companies, organizations, governments are made responsible for their security this is all just bloviating!

      1. YARR

        Re: ACL

        We never make those whose responsibility it is to secure their data/facilities responsible.

        Responsible for what?

        The perpetrator is responsible for the crime of breaking in to a network / device / physical property / etc.

        The owner can only take reasonable measures to secure their property, but can never make it totally secure.

        If you contract out your security, then the contract you agree will specify a remedy if security is breached, the contractor is responsible for that.

    5. Mark 85 Silver badge

      Re: ACL

      I do note that Kreb's was fired as head of cybersecuriy just before this all came out for saying that the election was secure. I would think that he was so busy fighting with the WH over "secure election" that his staff was distracted from the hack.

      Trump is good at "distraction" like stage magicians use and with Russia involved, he really needed to distract everything away from them. The mere fact he owes big money them is enough for any prosecutor to start making a case. His many denials also seem to point to it.

      Basically, Trump isn't known for honesty and is in things only for himself.. One just needs to look at what its benefiting him financially and follow the money.

  3. Winkypop Silver badge
    Facepalm

    Mr Irrelevant Tweets what?

    “An empty vessel makes the loudest sound, so they that have the least wit are the greatest babblers.”

    ― Plato

    PS: And what does Vlad have on him?

    1. ghp

      Re: Mr Irrelevant Tweets what?

      Can you imagine something that even T would be ashamed of? You can't, but it may be something that would make him lose support of even the caycaycay.

      1. Tomato42

        Re: Mr Irrelevant Tweets what?

        I don't think it's something embarrassing, it's the only thing that 45 is respectful of: money and people that give a lot of money to him.

    2. bobbear

      Re: Mr Irrelevant Tweets what?

      "PS: And what does Vlad have on him?"

      I could easily imagine quite a bit, then there's Moscow Trump Tower which might end up being the "stable genius"'s only viable bolt-hole when the excrement really hits the fan as I suspect it will shortly do so when he's finally winkled out from his protected status..

      https://twitter.com/i/status/1338637597892112385

      Besides, the dog never criticises his master..

    3. David Roberts Silver badge

      Re: Mr Irrelevant Tweets what?

      Good to see the rest of the administration are basically ignoring Trump.

    4. Throatwarbler Mangrove Silver badge
      Holmes

      Re: Mr Irrelevant Tweets what?

      "PS: And what does Vlad have on him?"

      Two words: pee tape

      1. veti Silver badge

        Re: Mr Irrelevant Tweets what?

        Oh, come on. What do you think would keep Trump from releasing the pee tape himself, with his own commentary? Though I guess that would require more work than he's accustomed to.

        1. Anonymous Coward
          Anonymous Coward

          Re: Mr Irrelevant Tweets what?

          Melania. Lorena Bobbit Impression, Snip!

  4. six_tymes

    all democrats always blame Russia for all hacking. they are blind as dirt.

    1. Anonymous Coward
      Anonymous Coward

      Trump is alone

      No, even his Republican CIA chief, Mike Pompeo, says it's Russia (below). Everyone, even Bill Barr is ass covering right now, resigning early to duck blame or doing their jobs professionally, even Pompeo.

      Trump calls for martial law and the Pentagon to run elections, but not the machines with the verifiable paper trail that Georgia uses, no sir, he wants to use the Texas ones without the audit trail! All the martial law scenarios have been run and mitigated. The army will not obey Michael Flynn and the courts will not obey Sidney Powell.

      Bunker boy screams at his generals. 30 days left and he's desperate as fuck. It's a bit pathetic.

      https://www.npr.org/2020/12/19/948318197/pompeo-russia-pretty-clearly-behind-massive-solarwinds-cyberattack

      "On Friday, Secretary of State Mike Pompeo broke that silence, becoming the most prominent administration official to blame Russia for the attack. This was a very significant effort," Pompeo told the The Mark Levin Show, "and I think it's the case that now we can say pretty clearly that it was the Russians that engaged in this activity."

      1. fajensen Silver badge
        Pint

        Re: Trump is alone

        No, even his Republican CIA chief, Mike Pompeo, says it's Russia (below)

        'Cause he does, his former boss is outbound on the 21'st of January 2021. Even though Pompeo is a piece of shit dressed up in a suit, maybe there is at least a solid consultancy gig or five to be had, for people who "Get The Program"!

        "Russia" is the Emmanuel Goldstein for "Liberals"! The Global Marinus van der Lubbe FireBomb Conspiracy for "Conservatives"!!

        The very idea of Russia serve as mental safe-spaces where you can re-route your rightful anger whenever you screw your stuff up, and is susequently humiliated by script-kiddies of the world.

        1. veti Silver badge

          Re: Trump is alone

          Nope. If Pompeo had a future in any kind of political circles, it was among those who think Trump was the greatest president since Julius Caesar. If anything, he's damaged his own future prospects in that line.

          Nobody in the Biden administration is going to be asking for his advice, that I'm sure of.

    2. This post has been deleted by its author

    3. Unicornpiss Silver badge

      In case you haven't realized..

      ..it is possible to do forensic analysis of hacks like this, and the evidence is pointing to Russia as being responsible. It's not just a random accusation. I understand that not having encountered logic in your own life, that you find it hard to believe that such a thing really exists in the world.

      1. Cynic_999 Silver badge

        Re: In case you haven't realized..

        Although any state actor worth its salt would be sure to put a lot of misdirection and false flags into its malware, so your guess is as good as mine as to how accurate any "forensic analysis" may or may not be. A few embedded Russian IP addresses and some Cyrillic comments/labels do not necessarily tell us anything at all about the code's origin, and nor does the IP address of the server the code was sent from.

        1. s2bu

          Re: In case you haven't realized..

          It’s widely known that the NSA’s toolbox includes the ability to “fingerprint” hacks to make it look like it came from a foreign adversary of their choosing. So you can’t always talk them at face value.

      2. fajensen Silver badge

        Re: In case you haven't realized..

        Secret Evidence ... So secret it might not even exist because None shall see it. After the Iraq war, we rather like more than "Their Word" on who is guilty of whatever the same agencies claim this time.

    4. Trixr

      here's an experiment for you - stick a Windows VM (nothing installed beyond the OS and a decent Administrator password) on an internet-exposed network. Add a firewall rule that blocks everything except a whitelist of your control IP and the well-known address IP blocks for the Russian Federation - a list is here: https://lite.ip2location.com/russian-federation-ip-address-ranges. That whitelist should have an ALLOW ALL rule (all ports).

      Make sure the machine is logging all connection attempts in the firewall logs. Have something running elsewhere that regularly scrapes/uploads that log (e.g. at 5 min intervals) so you can ensure that's not interfered with.

      Then see how long it takes: a) for the machine to receive inbound network connections beyond ping, DNS, and if you're generous, http(s); b) until the machine is compromised and is running all kinds of interesting things. With any luck, you'll get a good selection of ripped TV shows/movies/music showing up in the file system.

      Of course the more sophisticated hackers/malware purveyors will be running their stuff from some CDN and not the main RU IP blocks anyway. But if you can run it for a week without anything you didn't put there showing up or your still having control of the machine, I'll be genuinely surprised. I'd be willing to bet Linux wouldn't last either.

    5. PassiveSmoking

      More often than not, they're right.

  5. W.S.Gosset Silver badge
    Thumb Down

    HOWTO: hack their voting machines

    > the machines with the verifiable paper trail that Georgia uses

    That paper trail is produced _after_ the vote is recorded. The machine records the vote then triggers the print job. It's intended as spurious appearance of auditability in order to fool superficial idiots.

    To gain Admin permissions on these machines, you open the top-right hatch and unplug the cable, use a biro or straightened paperclip to open the top-left hatch and press the Reset button, then press Cancel and OK on the 2 dialogue boxes that come up. Bingo: you have god access on the voting machine.

    Use Excel to create a CSV of, say, 400,000 votes, pop it on a USB key, sneakernet it to the machine, and you now have 400,000 votes. The "audit-trail" will be printed out for you.

    If you're in a hurry to record a lot of fictional votes, the printing becomes a bottleneck, time-wise, so what you can do is change the votes to just being for a single candidate rather than the whole ticket of votes. Almost no-one does this in real life but it is an allowable voting option.

    1. Anonymous Coward
      Anonymous Coward

      Re: HOWTO: hack their voting machines

      "That paper trail is produced _after_ the vote is recorded"

      No, the Georgia machine (Dominion Voting) prints the ballot, the person see their printer ballot is correct, they feed the printed ballot into the optical scanner and their vote is recorded. The paper version is kept as the definitive ballot. It's storage and handling subject to witness (sealed signed boxes etc, the usual ballot protocols), CCTV etc.

      https://abcnews.go.com/US/wireStory/georgia-house-approves-electronic-voting-machines-61386847

      "Systems using electronic ballot markers include touchscreen computers where voters make their selections, then print a paper ballot that's counted after being scanned. "

      You can print off lots of fake ballots, and swap them in somehow, but you've then got to rig the scanning totals, and elude the witness and forge the ballot box seals, fake the CCTV feeds, and so on. Not as good as hand marked ballots but better than the print roll ones.

      +++++++++++++

      In Arizona, they use hand marked ballots and scanners now.

      Arizona Republicans lawsuit actually blocked Maricopa County from doing a *full* hand recount of the paper ballots from their Dominion Voting machines. It's passed the legal check of a sample hand count, but they should do a full hand recount to confirm Republicans haven't been rigging there too.

      https://www.azcentral.com/story/opinion/op-ed/laurieroberts/2020/12/15/subpoena-maricopa-countys-voting-machines-arizona-election-trump-biden/3909221001/

      "Maricopa County officials were actually planning an audit of the county's Dominion Voting Systems machinery earlier this month, along with a hand count of all votes, to try to satisfy the concerns of Republicans who continue to believe that skullduggery was afoot. But Clint Hickman, chairman of the Board of Supervisors, said he had to put it on hold because state GOP Chairwoman Kelli Ward keeps dragging the county into court, crying fraud."

      You put auditable verifiable machines in place, you verify them, and hey presto, these "deep red" states are no longer deep red. Gee, it's almost as if the party trying to rig elections publicly is also rigging them privately!

      +++++++++++++

      Texas (and other Republican controlled states) are clinging onto the PAPERLESS ones. To rig those, you need two things: 1) Elections run by people willing to rig the election. 2) An estimate of how much you need to rig it to change the result,

      These are the things you're describing here, without the paper record you have nothing to verify.

      It then becomes a simple matter of running software on a computer which is all ballot machines really are, computers. There is no paper ballot to check, the computer tells you who got what votes and you're supposed to accept it.

      With Texas Republicans trying to block votes to rig election in other states, it should be clear they are totally willing to rig their own election. Condition 1) is satisfied.

      Condition 2) is harder for Republicans, they do not know how many ballots for Biden people will cast. If they skew the vote too little, they risk losing the election, too much and it becomes too obvious.

      Hence the Republican lawsuits trying to suppress all other forms of voting. Trying to block drive-thru voting, block mail-in ballots, reducing ballot drop locations to *one* location for 2+ million voters, and trying to block paper ballots being counted. The more success they have their, the more votes through their riggable voting machines, the less obvious the rigging is.

      If Republicans aren't rigging the election, they wouldn't care what method is used to vote. They do care, they try to force voters through the riggable machines. So they're rigging those.

      +++++++++++++

      The middle ones, the paper roll, it prints the ballot on a roll in a window, the person confirms its their vote and its done. That roll scrolls up. Those rolls are supposed to go through ballot protocols, signed by witnesses when removed, kept secure, witnessed like ballots. It was always a compromise, better than nothing, but not as good as hand marked ballots.

      Your attack would not work if those paper rolls were handled correctly, but given Republican actions during this election, I bet they don't handle them properly.

      I would prefer all voting machines to be hand marked, scanner counted voting machines (with hand count verification). I expect when that happens, that deep red states will stop voting for Attorney Generals indicted for securities fraud and a President that talk truth to Putin, and lies to Americans.

      1. W.S.Gosset Silver badge

        Re: HOWTO: hack their voting machines

        I haven't looked hard at the non-SwingStates, only the Swing States. The other states are irrelevant.

        When Trump kicked off about fraud I rolled my eyes, then I saw the numbers and my old audit/security/fraud muscle screamed blue bloody murder. Eyes out on stalks. Eg, all the non Swing States came in bang on normal. The *5* states which the Democrat Party deemed Swing States (vs the *4* that everyone else deemed so), are all in detail as mad as fuck. That by itself is somewhere between red flag and black flag.

        Quick example off the top of my head: in Australia it's illegal to NOT vote. If you don't vote, you either demonstrate and prove a bloody good reason or you get fined or potentially jailed. American Federal elections' voting participation rate is historically 40-60%, very consistently and usually on the low end. THIS election : all the NON Swing States came in bang on normal. But the *5* (not 4) Democrat-determinef Swing States all came in massively inflated. Wisconsin, eg, had ~same voting rate as Australia's Federal election last year under Criminal-Law-enforced compulsory voting. (90vs92%) ... Ummm. ... Nope.

        So if you've ever used a debugger (do you know what a debugger is?), first you identify where the problems are ("Profiling". Look it up.)

        And then you look at the details....

        After digging into it: did *massive* fraud occur in the Swing States? Yes. Categorically. To a jaw-dropping degree. Just look at the numbers. But is there the ability _ex post_ to provide legally-valid evidence to a degree necessary for a Court of Law to be legally allowed to do something? No. Too late. You'd have needed to have anticipated that level of hijacking _ex ante_ and got pre-positioned to gather evidence e.g. hidden cameras planted everywhere.

        Trump's put in 3 court cases (+ 1 which was a Give Us Time request which they dropped when the Electors saw the numbers, shouted Whoa!, and hit the pause button themselves). But by Court Evidence standards/requirements, realistically they're all gonna go down. Interestingly, the vast bulk of the court cases protesting fraud have been brought by third parties.

        No, this is the most staggering Purloined Letter fraud I've seen in my life, and I've seen a few. If I was American, my head would be exploding. I'm Australian and in Australia and I'm horrified.

        1. Silverburn

          Re: HOWTO: hack their voting machines

          No. Just.... no. Trump is 60 for 1 right now, and there´s still not a shred of evidence presented.

          Feel free to post your own evidence, Mr "audit/security/fraud".

          1. W.S.Gosset Silver badge

            Re: HOWTO: hack their voting machines

            Errr. You've managed to comprehend a little of what I wrote, but then mangled it and shot off into the middle distance.

            I stated very thoroughly my opinion that by dint of evidential burden Trump is on a hiding to nothing in his 3 court cases. (Preparation Is All. "Putting your dukes up" after you've been king-hit from behind is reflex but empty gesture. Cf "fencing", re concussion.) If you don't remember that, please do re-read what I wrote rather than trying to pop bits of it into a Standard Approved Narrative as you go along.

            You've stated that, because 60 of 61 third-party fraud cases brought so far are failing on the same evidential burden as I said would cripple Trump's 3 cases, that this, rather than _underline_ my point, somehow refutes it.

            To paraphrase Babbage:

            " I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a revisionism."

            1. Strahd Ivarius Bronze badge

              Re: HOWTO: hack their voting machines

              You failed to provide any link to prove your opinion that there was anything strange with the number of voters.

              And it may be the usual bullshit (otherwise some fraud case may have not been dismissed) if we refer to Wisconsin turnover fake news.

        2. Allonymous Coward

          Re: HOWTO: hack their voting machines

          in Australia it's illegal to NOT vote. If you don't vote, you either demonstrate and prove a bloody good reason or you get fined or potentially jailed

          There’s much else wrong with your post besides, but this is overwrought bull excrement. You do not get jailed - even “potentially” - for failing to vote in Australia.

          1. W.S.Gosset Silver badge

            Re: HOWTO: hack their voting machines

            False.

            Failure to pay the fine can wind up as prison. For god's sake, child, this is true of skipping road tolls or not paying your rates.

            Even, like it or not, for not filling out your census form. And for once I have an easy single Source for that tiny tiny point since it's microscopic. I did some quick casual census reminder work when I got back after 20yrs away and the formal government training and inductions for it included this point. (Which prison-aspect inadvertently led to me being threatened by a drug dealer's wife in Hamilton, but that's another story. I must say, they have a lovely house.)

            Next you'll be announcing the Australian Prime Minister has the power to establish or tear down interstate COVID-19 border controls. Because: you've been taught that that's !RIGHT! (We're a Federation, albeit granting our Fed boy enormously more internal power than the US does theirs, so he can't. And in fact can't legally do 99% of what scweamers are scweaming of him. Trump's got/had it worse since the US Pres has far less internal power. ("Trump should have made everything magic!" Umm no. Everything you're demanding is outside his Constitutional authority, so never mind impeachment: as soon as he does what you demand, he's outside the special legal status of Head of State *and* breaching the Constitution and ... hello any citizen wishing to execute a citizen's arrest. (Bit more legally complicated than that but that's the essence.) )

            1. Spiz

              Re: HOWTO: hack their voting machines

              "For god's sake, child"

              Well, aren't you a conceited little twat!

              1. W.S.Gosset Silver badge

                Re: HOWTO: hack their voting machines

                No, just sick to death of people parroting taught memes but now with massive added self-righteousness and incorrectness.

                And a PROFOUND lack of investigation of reality.

                And hence by necessary implication, lack of any sense of personal responsibility for consequences.

                Put it this way: if someone relied on what OP wrote, in Australia, they could go to prison. For real. Not in OP's toytown world, but in real life.

                Or, as we used to call it in the old days, back before I left the country 20yrs ago then walked back into lunatic hysteria : OP was lying and/or bullshitting. "Telling stories." "Spinning shit."

                If he doesn't believe me, he can pop into any local government office and quiz them on what the end-result will be if he refuses to pay a parking ticket. And that's just Local, not Federal.

                Was it presented in an obviously jocular/self-dismissive fashion? Was he, in the normal sense of the phrase, spinning shit?

                No.

                Quite the opposite.

                You don't in grownups Australia muck around with declaring as fact your personal preference regarding "the vibe". (There's an outside chance OP might recognise that quote and its larger implications, if he is actually Australian.)

                The real world is real.

                Toytown children rely on other people substituting for their non-contribution, so they can flounce whatever. And on being bailed-out of whatever problem that "arises", by Mummy.

                OP presented himself as Australian. But clearly not grownup. Hence my phrasing.

            2. Ken Hagan Gold badge

              Re: HOWTO: hack their voting machines

              Thanks for clarifying the the other guy is correct.

              If you are jailed for not paying the fine, the reason you are in jail is that you didn't pay the fine.

            3. Anonymous Coward
              Anonymous Coward

              Re: HOWTO: hack their voting machines

              > For god's sake, child

              At what age does one see everyone as children AND believe that communicating like this is going to get you anywhere?

        3. veti Silver badge

          Re: HOWTO: hack their voting machines

          False. Wisconsin's turnout in the presidential election was about 72.3%, which is high but not unprecedented.

          Among other states with same day voter registration, Missouri had 70% turnout, Illinois 73%, California (which nobody would call a swing state) 80%, Utah - a deeply Republican state, administered entirely by Republicans and nobody for a moment expecting it to swing - had 90%.

          I suggest you take a look at how your red flags get triggered, because someone in your feedline has been telling malicious lies.

        4. Snake Silver badge

          @W.D.Gossett

          "After digging into it: did *massive* fraud occur in the Swing States? Yes. Categorically. To a jaw-dropping degree. Just look at the numbers."

          Absolutely 100% incorrect. Just because numbers do not compute to your preconceived notions of "correct" does NOT make errors or frauds a fact.

          Are you still holding on to the Fox News / Republican lie of "1 in 1 quadrillion chance"??

          Try this actual mathematical analysis of that claim on for size:

          https://youtu.be/ua5aOFi-DKs

          Oops. Guess they used the wrong mathematical model, didn't they?

          As both the court system and Matt Parker state: if you have proof, please present it. Don't go crying wolf (before the election even started!) with accusations but then fail to show up with evidence. Sorry, the American court system just doesn't work that way...even for wannabe dictators.

        5. Blitheringeejit
          Holmes

          Re: HOWTO: hack their voting machines

          If that's the sum total of the "evidence" coming out of your "debugger", then perhaps you might consider that a significant number of democrats just might have thought something like this:

          "Hmm, I usually can't be bothered to get off my fat ass to vote, because it usually doesn't make much difference whether the White House is red or blue. But last time I didn't bother voting, Trump got in, and that was a bit of a game-changer - and not in a good way. So today I'll just mosey on down to the polling station, because I don't fancy four more years of my great nation's leadership being an international laughing stock. Let's make America not embarrassing again."

        6. tfb Silver badge
          Boffin

          Re: HOWTO: hack their voting machines

          Quick example off the top of my head: in Australia it's illegal to NOT vote. If you don't vote, you either demonstrate and prove a bloody good reason or you get fined or potentially jailed. American Federal elections' voting participation rate is historically 40-60%, very consistently and usually on the low end. THIS election : all the NON Swing States came in bang on normal. But the *5* (not 4) Democrat-determinef Swing States all came in massively inflated. Wisconsin, eg, had ~same voting rate as Australia's Federal election last year under Criminal-Law-enforced compulsory voting. (90vs92%) ... Ummm. ... Nope.

          I can't work out whether you're too stupid to realise that other people can do the maths as well and realise you are lying, too stupid to do the maths at all, being paid by someone (who?) to lie, or what: perhaps you're just pretending to be clever to show off or something?

          Because, you know, other people can do the maths. I took a list of swing states from some site called 'actblue' who I have no idea who they are but I'm guessing 'closely related to the Democrats' based on their name. There are seven of them and most of the members agree with most of the other lists I found.

          Average turnout for all states (averaged over state) was 60.8%. Average swing-state turnout was 63.0%. So about 2.2% above the all-state average. Which ... is exactly what you would expect: since your vote actually counts in a swing state then the parties will work harder to get people to vote and more people will vote. What this certainly is not is a 'massively inflated' turnout: that's just a lie.

          You can also just plot the data: none of the top four states by turnout were swing states; one of the top ten states by turnout was a swing state (Wisconsin). All but one (Arizona) of the swing states was in the top 30 by turnout.

          If you remove Arizona (the lowest-turnout swing state) from the list of swing states you get a bump of 3.6% for swing-state turnout: still anything but 'massively inflated' given that turnouts vary by about 32% (from 42.3% to 74.1%).

          I can make the code and data that generated the plot available. The code is not very complicated.

          So, please stop lying, or just learn to think. People will pick you up on your lies.

    2. Adrian 4 Silver badge

      Re: HOWTO: hack their voting machines

      Do these machines have an accessible USB port then ?

      1. W.S.Gosset Silver badge

        Re: HOWTO: hack their voting machines

        Yes.

        It's intended to be used for bulk uploading of remote voting booths' votes at a central access point.

        1. W.S.Gosset Silver badge

          Re: HOWTO: hack their voting machines

          Oh, but you do need the requisite permissions.

          Which by Policy ordinary (outlying) electoral clerks don't have. By Policy, the central office people do, as do various other arbitrary authorised people regardless of geography such as local admins etc.

          But note my note above on how trivial it is to get full/unrestricted/admin permissions. The reboot takes a long dull ~2mins but your own input/effort/required-knowledge is trivial.

        2. Anonymous Coward
          Anonymous Coward

          Re: HOWTO: hack their voting machines

          nice joke

          why not station central?

          not certified to accept raw, or maybe anybody doesn't want to take the responcibility for cert/signa validation

          bent exl sign here

      2. Cynic_999 Silver badge

        Re: HOWTO: hack their voting machines

        Whether they do or not means nothing at all unless you know of an *undetectable* attack vector that it could be used to implement. And even if they do have USB ports, that does not mean that it is easy to gain physical access to them.

    3. Tony W

      Re: HOWTO: hack their voting machines

      It is usual to provide some link to credible evidence when making serious allegations.

      1. Nick Ryan Silver badge

        Re: HOWTO: hack their voting machines

        It is usual to provide some link to credible evidence when making serious allegations.
        Not in Trumpistan it isn't.

    4. Cynic_999 Silver badge

      Re: HOWTO: hack their voting machines

      Yes, and you can use a similar method to persuade an ATM to spew out its entire cash load.

      The difficulty is in (a) gaining physical access to the hatches & cables, (b) plugging in USB sticks etc without anyone spotting you, and (c) not leaving any evidence whatsoever of what you have done.

    5. martinusher Silver badge

      Re: HOWTO: hack their voting machines

      The machine illustrated recently as this week's 'suspect' was the same type of ballot printer that we use. It doesn't record ballots, it prints them out on that laser printer next to it as a QR code and a list of the choices for the voter to check against what they thought they were voting for. The paper ballot then goes in the ballot box and is processed like other ballots.

      The paper that ballots are printed on isn't normal paper, its a intermediate card stock. The stuff we used for the primaries was watermarked; I didn't look for the general election.

      If we want to run off a few dozen extra votes then just printing the standard ballot cards is an easier option. The downside is that it takes ages to print them and you've got to mark them. There are a few snags with this (as with the ballot printers). Because we hold muiltiple elections on the same day we end up with a lot of ballot types -- a total of 152 in our county alone. Printing off a bunch of one type will not only deplete our stock of printing materials but it will also introduce rather too many of a handful of ballot types into the mix, something that will draw the attention of the county elections officials.

      As for machine, it doesn't have an accessible USB port or a network port. Even the power button is hidden behind a cover that's sealed with a numbered seal. The computer system is tied to the printer (we found that out the hard way when we put the machines away for the night -- next day we had a sort of Rubric's cube puzzle to match each system with its printer).

      Don't let real life interfere with your speculation. Here's something else you can add to the mix -- its just possible that there are Republican voters out there who can't stand Trump. I know quite a few.

      Incidentally, people who go about bashing this kit without any evidence are starting to get nastygrams from the manufactueres. They've actually been rather restrained about it. Up to now.

  6. John Smith 19 Gold badge
    WTF?

    Holly s**t. A voting machine that cannot record a vote and print it *simultaneously*

    And how big a processor is this thing running on?

    1. Snake Silver badge

      Re: Holly s**t. A voting machine that cannot record a vote and print it *simultaneously*

      Might have nothing to do with computational abilities, as it might be storage limited: the machine might be programmed (actually, I hope it would be for optimum data security) to write to storage, verify and then re-read back out, rather than do all from RAM

  7. Christoph

    Why can't they check whether it was the Russians hacking into their systems by looking for clues in all the information that NSA has hacked from the Russian systems?

    1. Anonymous Coward
      Anonymous Coward

      Whether it's Russia, China or another state the apparent fact the US (and presumably most 'Western" states) is vulnerable in the first place is the issue. Or is this a false flag being used for some other purpose?

      Our contact at SolarWinds wrote to me Thursday with this:

      "The fact is that we are a different company than the one that had a breach with totally different systems. The only thing that is the same is the name and to some extend [sic] the leadership".

      1. Cliffwilliams44 Bronze badge

        "Whether it's Russia, China or another state the apparent fact the US (and presumably most 'Western" states) is vulnerable in the first place is the issue. "

        Thank you, finally someone who actually understands where the responsibility lies!

        If you leave your house unlocked while on vacation and you get robbed, the burgler still committed a crime, and your still an idiot!

        1. sgp Bronze badge
          Trollface

          You're still an idiot!

  8. bobbear

    Breaking News! Russians deny any cyber warfare involvement!

    GRU statement:

    "You say we make cyber war against the West - is all lies! You say Russians working from so-called 'troll factory' in St. Petersburg post lies and propaganda in your news media - is all lies! The building you say is "troll factory" is civilian factory making baby milk for beautiful rosy cheeked Russian babies in their mother's arms and Russians are devoted to make sure internet is safe and used only for honest purpose and never for spying and never used by money laundering criminals, that is why we never give up Russian citizen to West for foreign trumped up charges as always is all lies!

    You say we interfere in Americanski elections, but is not true - is all lies! We never interfere in anything. Donald J Trump won, how you say, 'fair and rectangular' with no interference from anyone. Ask him yourself, he is moral man of great wisdom, truth and honour, like all Russian people and our leaders - a true friend and oligarch with many roubles and he knows much about Russia and its kindness and generosity. If you put Uncle Joe's hat and moustache on Mr. Trump then he is, how you say, 'expectorating image' of Uncle Joe - it brings tears of joy to our eyes. We help him stay Americanski leader for long time!

    Signed:-

    General Orlovu Sodovski

    Director:- St. Petersburg Baby Milk Factory"

    1. Someone Else Silver badge
      Pint

      @bobbear --

      Nice! For you, tovarich! - - - - >

  9. mark l 2 Silver badge

    Of course Trump is defending Russia, its clear that Russia has some influence over him, as throughout his presidency he's defending Russia or played down their involvement. I wouldn't be surprised to hear his 'war' on China was started because that is what Putin wanted him to do.

    1. Anonymous Coward
      Anonymous Coward

      Re: because that is what Putin wanted him to do.

      I agree, I bet one of Putin's message went "write covfefe in a tweet or we release the pee tape".

      But at one point even Putin would be embarrassed to read what Trump writes..

    2. Mark 110

      He also hates China. He never passes up an opportunity to paint China as a menace/threat regardless of what intelligence he has. He has done this several times through his presidency where he just lists all the countries he wants US citizens to be afraid of as suspects in everything bad.

      Most of the world needs to be much more afraid of the US than Russia or China.

      1. veti Silver badge

        Historically true because the USA is bigger and stronger, but becoming less true year on year. It's lost a lot of ground lately, particularly due to Trump's bizarre belief in unilateralism, which basically pissed away the US's biggest strategic advantage - its level of respect and goodwill among other rich countries.

  10. 9Rune5 Silver badge

    How can you tell?

    This has been bugging me for years: But how can you tell it was 'x' that hacked you?

    If a skilled russian hacker breached a company like SolarWinds, I would imagine he'd try to sell his discovery to the highest bidder. Would e.g. China bid less than Russia? Or do all Russia-based hackers sit in the pocket of Kremlin? Was it the "Putin rulez, da!" comment in the malware source that gave them away?

    Or is it the fact that China and USA are very friendly at the moment, so China shows the US complete respect? (*cough* Christina Fang *cough*)

    1. LDS Silver badge

      "Or do all Russia-based hackers sit in the pocket of Kremlin?"

      Kremlin has very "persuasive" arguments if it needs you work for them. They can let you make money form targets they are not interested in, and even protect you from law enforcement, but in exchange... it's after all as any mafia-like system works.

      Then even the best hacker crew leaves some "fingerprints" behind.

      1. 9Rune5 Silver badge

        Re: "Or do all Russia-based hackers sit in the pocket of Kremlin?"

        "Fingerprints" is very vague and hand-wavery. An example or two would go a long way... I do understand that an individual hacker may reuse old tricks and there might be a red thread to follow in one way or another, but that a whole nation of hackers would act in uniform does not quite compute. For one thing, hacking involves a lot of outside the box thinking. If every russian hacker thought outside the box in the same way, then there would be no russian hackers, because it is easy to protect against group think, but not not so easy to protect against every insane idea that someone bounces around.

        Hackers that are smart enough to infiltrate SolarWinds, yet stupid enough to get caught by their own government.... Something of an oxymoron I would have thought, but okay, I'll take your word for it.

        1. Prst. V.Jeltz Silver badge

          Re: "Or do all Russia-based hackers sit in the pocket of Kremlin?"

          I think the general implication is that this IS the Russian government , not sergei in the back room of the bar with his laptop.

          1. amanfromMars 1 Silver badge

            Re: "Or do all Russia-based hackers sit in the pocket of Kremlin?"

            I think the general implication is that this IS the Russian government , not sergei in the back room of the bar with his laptop. ....... Prst. V.Jeltz

            sergei will be pleased about that, Prst. V.Jeltz, and it is very convenient for the both of them that one can correctly deny involvement and the other be thought an impossibility. And there are vast fortunes to made and destroyed and great powers to be exercised and excised whenever the likes of those two parties come to a mutually beneficial, positively reinforcing, understanding agreement.

            1. Tail Up
              Paris Hilton

              Re: "Or do all Russia-based hackers sit in the pocket of Kremlin?"

              i might be digressing, but finally schroedinger is published

              congrats, now we can code in chrystal

              what a Real Hot Quantum Leap

              paris, because put the World Lib on top of eiffel

        2. LDS Silver badge

          "Fingerprints" is very vague and hand-wavery.

          Those who track the various APT groups do track the modus operandi, coding techniques, etc.

          It is true a new successful hack does need some novelty and "outside of the box thinking", but a complex hack, and especially a persistent one, can't be completely new from the ground up - it would take too much time to plan and build.

          Nor you suddenly appear on the scene with something very sophisticated - hackers have to learn their "job" too, and in states were surveillance works far better than in others is more difficult not to get into the radar in your early stages - and maybe "advised" what is is "best" for them. Capable hackers may even be recruited by already established groups with the "right" ties and contacts.

          1. 9Rune5 Silver badge

            Re: "Fingerprints" is very vague and hand-wavery.

            Those who track the various APT groups do track the modus operandi, coding techniques, etc.

            And nobody would be capable of doing the exact same type of monitoring and run a false flag operation this way?

            1. doublelayer Silver badge

              Re: "Fingerprints" is very vague and hand-wavery.

              Of course false flags are possible. They're tried all the time. They can be fiendishly difficult when it comes to an attack on computer systems because you are dealing with lots of variables and you don't know what others know about you. It's been done before, but it usually gets figured out fast enough. For example, when the 2018 Olympic games were attacked, it was first believed that a North Korea-based group had done it. A few days later, it was actually discovered that the first clues pointing to North Korea were shallow and didn't stand the weight of investigation, and most likely Russia had done it and attempted to frame the North Koreans. Further investigation substantiated those theories to the extent possible without anyone taking credit.

              Attribution is tricky, but there are people who put a lot of time into getting it right. They can recognize little techniques or snippets, trace through records of systems used, and make a pretty good hypothesis. When one person releases a preliminary report calling out someone, they could easily be wrong. When several places all agree on who it was, they likely know quite a bit and have done their homework. While they could be wrong and eventually they will be about something, they're often right.

        3. fajensen Silver badge

          Re: "Or do all Russia-based hackers sit in the pocket of Kremlin?"

          Everybody gets caught sooner or later. Then "They" got you.

          I would imagine that in Russia you *could* easily get 15-20 years in some TB-infested shithouse of a jail ... or you *could* maybe redeem your misguided self by joining a reform program for former criminals and maybe even be doing some computer work for the government.

          If you get caught hacking again, you go back in the slammer for the rest of your sentence. If your new government work happens to involve some hacking, well, it's just best for you if nobody finds out.

          Rules are Rules and we can't play any favorites, you understand, Sir?

        4. love not war

          Re: "Or do all Russia-based hackers sit in the pocket of Kremlin?"

          It's a hacker acting like an advanced persistent threat, and specifically acting consistently with how the the advanced persistent threats thought to be Russian intelligence agencies have acted in the past.

          Sure, it is conceivable that another hacker is attempting to spoof the MO of Russian intelligence. But it is hard to see why they would, and would be very difficult to do so in a way that was convincing to, say, US intelligence.

          Advanced persistent threat type-hackers are not really trying to hide who they are, because unlike a civilian hacker you cannot arrest them etc., they don't face consequences like that. Advanced persistent threats are only trying to hide what they are doing.

        5. doublelayer Silver badge

          Re: "Or do all Russia-based hackers sit in the pocket of Kremlin?"

          "'Fingerprints' is very vague and hand-wavery. An example or two would go a long way..."

          Examples of how attribution is done include things like these:

          1. Does the code look like stuff you've seen before? At a basic level, is there an exploit that someone has used before but few others know about? If so, it's more likely to be them. At a more detailed level, drill down into the assembly and look at modules. Stuff gets reused or updated. Even a pattern of names may be illustrative. There is usually not a need to go to sufficient effort to change your entire coding style to frame someone else. If you've developed a great file spider that can quickly identify stuff of interest for exfiltration, you might decide to put it into multiple malware distributions rather than rewriting it from scratch; if your obfuscation isn't good enough, that may link them both. Attribute one to you, and the other connects too.

          2. How did the code get onto the victim's systems? Was an exploit used? How about a botnet? Who do we know who has done that before? If we have a location of the source, what do we know about it? Who purchased the server? Do we have any information from historical network scans? Sometimes people are careless and information they didn't think about ends up coming back to name them. For example, people who set up fake servers sometimes forget that, even though they change the information later, the provider has the ability to recall the information they put in originally. The original silk road Tor drugs market was partially taken down due to its founder putting his real name in a related account.

          3. Once it was there, how was it controlled? Do we have logs showing a human acting? Maybe it crashed and restarted from a manual command. What do we know about the location of control? For example, some government-backed APT groups operate on local business hours. While it's not impossible for someone else to only work 9:00-17:00 Moscow time and take off Russian holidays, there's little reason for them to disrupt their schedule. When you notice that it happens, chances are you've at least located the attacker's time zone and that it might be an organization doing it.

          4. Who has used the malware for benefit? Not necessarily always available, but have they extracted data and used it somewhere we know about? for example, if you were attributing an attack on a website to a group, finding the database's contents for sale at least gives you two targets to investigate, the attacker and the seller. They might be the same, but even if they're not, they probably know each other.

          5. The old-fashioned return the favor--someone knows what APT29 is up to, and I'm sure the NSA would like to hear about it. We don't know how hard the NSA has tried to gain access to various places where such information is available, but they must have tried and probably have access to some of it. This isn't available to everybody, but in a government hack, there will be a lot of government investigation of what happened.

  11. This is not a drill

    Donald Trump = Captain Rum

    Blackadder: Look, there’s no need to panic. Someone in the crew will

    know how to steer this thing.

    Rum: The crew, milord?

    Blackadder: Yes, the crew.

    Rum: What crew?

    Blackadder: I was under the impression that it was common maritime practice

    for a ship to have a crew.

    Rum: Opinion is divided on the subject.

    Blackadder: Oh, really? [starting to get the picture]

    Rum: Yahs. All the other captains say it is; I say it isn’t.

    Blackadder: Oh, God; Mad as a brush.

  12. MarkET

    Hacking

    Isn't the problem exacerbated by overweight software suites that can't possibly be QA'd in the sales timeframe?

    Bring back bows and arrows, i486 assembler and mug of coffee...

  13. Unicornpiss Silver badge
    FAIL

    I used to be amused, now I'm just disgusted..

    Like many US citizens, I've followed Trump's stream of consciousness with varying levels of amusement, horror, frustration, and anger. I used to think that he deserved prison. Now a month after he (thankfully) lost the election and with him playing the same tired tunes, I just think he truly needs psychiatric help.

    1. Anonymous Coward
      Anonymous Coward

      Re: I used to be amused, now I'm just disgusted..

      Same for Brazil's Bolsonaro -- hope he'll be kicked off the office in 2022.

      But consider, fivethirtyeight.com gives Trump's approval rate as 43.5%. These people may eventually change their minds, but in the end, we may have 1/10 of the population that still believes the clueless bastard and willing to do something to help him stay in power.

      That's scary.

    2. Someone Else Silver badge

      Re: I used to be amused, now I'm just disgusted..

      Now a month after he (thankfully) lost the election and with him playing the same tired tunes, I just think he truly needs psychiatric help.

      Fine. Psychiatric help inside Attica works for me....

    3. cmdrklarg

      Re: I used to be amused, now I'm just disgusted..

      Nah, he's not crazy. He's an asshole narcissist conman. He has a large number of fools willing to part with their money to fight the "stolen election". This is just a continuation of the con.

  14. Androgynous Cupboard Silver badge

    Is this the new hacking image?

    I would have voted a thousand times yes for Vlad in a hoodie and "I voted" badge in the hacker stock image competition.

  15. Doctor Syntax Silver badge

    Don't look at Russia. Look over there - China.

    You have to ask "Why?".

    1. 9Rune5 Silver badge

      Why ...not?

      The US is currently waging a cold war on both nations.

      ...but... I think China consider Biden to be a weak candidate that they can push a lot when it comes time to sit down and negotiate a new trade deal.

      Russia's problems are less recent and they fare badly no matter who controls the white house. They might find it a fun exercise to spike the election enough to cause a stir, but I do not see them gaining anything by doing so. Except perhaps in Syria, seeing as the Democrats were getting ready to wage a war there. (it mystifies me why the media thought that was an okay thing to do)

      But sure... The russian hacker(s) left some sort of Putin thumbprint, found by the same idiots who couldn't keep their systems secure in the first place.

      And hey, Dominion is probably not using any SolarWinds software, nor are they susceptible to that level of hacking. Besides, every Dominion software release is heavily scrutinized and compiled by a trusted third-party. It is only the other guys who fell victim to this attack.

      Never mind that Christine Fang was in bed with one of the most vocal proponents of "Russian collusion" Eric Swallwell. Maybe she was really a russian?

  16. Jason Hindle Silver badge

    So Trump is loyal to his keeper 'til the bitter end

    How touching.

  17. disgruntled yank Silver badge

    I blame it on the Irish

    Orion, O'Ryan. Coincidence? I think not.

    1. Anonymous Coward
      Anonymous Coward

      Re: I blame it on the Irish

      Hacked 3 times - to be sure, to be sure, to be sure

  18. David Roberts Silver badge

    Passive monitoring?

    If the software checks for active monitoring software and access to the Internet then presumably passive monitoring at the network boundary would see the traffic.

    Getting towards watching the horse bolt out of the stable door, but at least you can watch which way it is going.

  19. Potemkine! Silver badge

    Trump can't take the piss from Russia. From Russian prostitutes, I heard rumours saying it could be less implausible...

  20. PassiveSmoking

    Donald...

    The only thing that's a bigger embarrassment to the USA than your slimy orange mug is the fact that actual American voters still voted for you after you caused the biggest peacetime loss of life in your nation since... possibly ever?

    1. Cliffwilliams44 Bronze badge

      Re: Donald...

      "caused the biggest peacetime loss of life in your nation since... possibly ever?"

      Sorry wrong!

      At the height of the influenza pandemic of 1918 — from September 1 to December 31 of that year — an estimated 381,019 people in the US died, according to a PolitiFact analysis. That's an average of 3,123 people a day.

      https://www.businessinsider.com/days-with-most-us-catastrophe-deaths-16-this-year-2020-12

      The total death toll from the 1918 pandemic is much larger.

      1. imaginarynumber

        Re: Donald...

        The war ended 11/11/1918. Of the 381,019, the majority may well have died during the war and not during peace time.

  21. Anonymous Coward
    Anonymous Coward

    “Ideally, they would choose a place in a method that gets invoked periodically, ensuring both execution and persistence, so that the malicious code is guaranteed to be always up and running.

    Some top tips there!

  22. Danny 2 Silver badge

    Bill Barr, Bob Mueller & Lockerbie

    Bill Barr's last act in his 2nd stint as AG is to charge a Libyan with the Lockerbie bombing, the worst terrorist atrocity in the UK. In his 1st stint as AG he brought the original prosecution, and the FBI lead was Robert Mueller.

    The thing is nobody in Scotland believes the Libyans planted the bomb. That was faked by the US for political reasons, it was actually planted by a Palestinian group on behalf of Iran as revenge for the US shooting down an Iranian passenger jet. However at the time the US needed Iranian support for 'liberating' Kuwait from Saddam, so the Libyans were scapegoated. A Jordanian spy in the Palestinian group built the bomb, but his testimony is hidden under an ongoing British order. Mueller paid millions of dollars to a dodgy Maltese shopkeeper to misidentify a Libyan as buying clothes packed around the bomb.

    Barr is only prosecuting a second Libyan now because Scottish courts are reviewing whether it was a miscarriage of justice.

    It's like a bad movie, right? I'll provide more details if anyone doubts it though.

    1. veti Silver badge

      Re: Bill Barr, Bob Mueller & Lockerbie

      Doesn't add up. The original indictment was delivered in November 1991, some nine months after the liberation of Kuwait.

      And Iran took no part in that action. Of course they could have made it harder by supporting Iraq, but since they cordially loathed the Iraqi regime after 8 years of war, it hardly seems likely.

      It's also not clear just what they could have done. Since the coalition very pointedly didn't try to occupy Iraq at the time, they didn't leave a lot of targets for an insurgent campaign to strike. The Iranians would never have considered supporting the Iraqis in battle, nor would either side have expected (or trusted) them to provide logistical support.

      1. Danny 2 Silver badge

        Re: Bill Barr, Bob Mueller & Lockerbie

        I don't get your logic, Veti. The FBI were on the scene and directing the investigation the day of the attack. The blaming of Libya obviously happened long before the date of indictment.

        Here's the timeline:

        Iran Air Flight 655, July 1988.

        Pan Am Flight 103, December 1988.

        Iraqi invasion of Kuwait, July 1990.

        Relief of Kuwait, February 1991.

        Indictment of the two Libyan suspects in November 1991.

        The focus on Libya rather than Iran wasn't due to fear of Iranian military intervention, the US required an international coalition and so military and diplomatic support. Blaming Iran for Pan Am Flight 103 would raise the issue of the USS Vincennes shooting down Iran Air Flight 655 - an attack that not only went unpunished, Captain Will Rogers had already been awarded the Order of Merit for it. Days after that attack a senior member of the Iranian regime promised prompt retaliation.

        Plus why bribe witnesses? Why bury testimony from a friendly agent who claimed to have built the bomb?

        1. Danny 2 Silver badge

          Re: Bill Barr, Bob Mueller & Lockerbie

          I happened to be driving past Lockerbie returning from a job in England the day after. The road was unusually busy and slow, full of "rubber neckers" trying to get a view. I hadn't even heard about it until I turned on my car radio to check if there was a road accident ahead.

          Heavy sanctions eventually forced Libya to hand over the top defendants to an international court under Scottish law. I was contracting in Utrecht during the trial, put up in the Hilton. Many witnesses and bereaved relatives stayed there as Den Haag hotels were full. I'd listen to them discuss the case as I sat in the bar reading books, or in the lifts. There was a lot that struck me as dubious. It's awful to report but many of the US relatives were already focussed on how much compensation they could sue Libya for rather than the court proceedings.

          One defendant was convicted, one found not guilty.

          Over the years various bereaved UK relatives said they weren't convinced by the verdict. There were various theories which can of course be dismissed as "conspiracy theories", but whether correct or false it's a truism that behind most bombings are actual conspiracies, Unabomber excepted.

          I ended up trying to organise a convention in Scotland to discuss the bombing, and emailed most of the main figures to get them to attend. That happened, but I dropped out because it was pointed out to me that the organiser had to have gravitas, and I happily admitted I only had 'anti-gravitas'.

          People who did attend though included Dr Jim Swire who attended each day of the trial to get justice for his daughter, teaching Professor Robert Black QC who is widely regarded as Scotland's top legal mind and who blogged about this for decades, Edwin Bollier whose electronic timer was supposedly used in the bomb, and numerous other legal experts and witnesses. They don't all agree about everything, just one thing, that the conviction was unsound. Even Margaret Thatcher said Libya's terrorist capabilities had been too diminished to carry out the attack by then.

          Occam's razor. Iran promised to down a US jet in revenge and they did through a third party, as witnessed by a Jordanian agent. That was covered up out of political expediency, and a false case was constructed, through evidence tampering and witness bribing. Nothing happens for decades until three weeks ago when the case goes to appeal before the Scottish courts - and all of a sudden Bill Barr suddenly wants to prosecute a 3rd Libyan to cover his arse. It's a blatant attempt to pressure the Scottish appeal, Bill Barr's attempt at a self-pardon before retiring.

          I can't be certain about this, I've only looked on from the outside, but it seems pretty obvious. I'm not motivated by animus against Iran, but a lot of the bereaved relatives are dying off without knowing the truth, and a few of the trial fixers are retiring without accountability. When I heard Robert Mueller was investigating Trump - and being cast as a saint - and Bill Barr was AG again, I just rolled my eyes because I remembered their names.

  23. FuzzyTheBear
    Coat

    Smells like .. looks like ..

    For quite some time i believed that Comrade Vladimir has something on Donald and that he controls him all around in everything he does ..

    Destroying democracy from within , making enemies of allies , pulling out of accords , of tactical alliances , so on so forth

    Defending Russia the way he does just leaves the world with the feeling heès under control from Russia.

    Who knows , one day that theory might oprove right.. or not.. itès just smelling like **** looking like **** and certainly leaves this **** aftertaste we've grown accustomed to from him..

    Mine's the one with the blindfold and earplugs so i can stop hearing and reading Trumps bullshit.

  24. Uncle Ron

    Both Sides of the Coin

    I'm no apologist for Putin or Russia's inveterate state-sponsored hacking, but the press and analysts and talking heads all over the place have all failed to mention that the US has exactly the same capacities and capabilities and efforts (if not much better) as they do, and has been probing and poking and infiltrating their systems (and many others countries) for YEARS. For example, multiple credible sources have stated that we (the US) have planted malware throughout the Russian power grid and can turn off the electricity all across Russia at will. The Russians know this. It is pervasive and sits in their systems today. Put there by us. They don't seem to be able to fix it. We actually want them to know we can hurt them if they go too far with their shenanigans. Apparently, reading our homeland security and treasury and health system records and e-mail is not too far. I haven't seen or heard of the lights going out back in the USSR... If the media would only get the story straight, it might lead to a discussion and debate on some kind of "arms" agreement that gets us out of this stinky business. Huh?

  25. martinusher Silver badge

    Surely there's nobody left?

    The "Trump Administration" has been in "Downfall" mode for some weeks now. Trump's in his Fuhrerbunker moving lawsuits around a map planning stunning wins that will somehow push the Red Army (sorry, "Democrats") back before they overrun the center of Washington, DC, on January 20th. Given the appalling track record of this administration even before the election you can't rely on anything they say to be true, its just fluff conjured out of thin area to suit whatever political purpose is uppermost in the leaderships' minds at that moment. (I have remarked that the way things are going the only logical end involves the basement, a sofa, a cyanide pill and a pistol but it will probably just be endless lawsuits from would be neighbors who don't want to be neighbors plus a lot of financial reckoning.)(Maybe the sofa solution is the best for all of us so we don't have to put up with this endless soap opera.)

    BTW -- Pompero's got 'form' when it comes to unreliability. Surely nobody takes anything he says seriously?

    It could be said that the US doesn't have a functioning Federal government at the moment. Fortunately the US is comprised of 50 states 'plus other bits' so the Federal government will thrash about but most states are doing what they need to do despite them because in a faw weeks the nightmare will be over. For the time being.

    (There are grounds for saying that the UK government is also missing in action as well. The Conservative party has been hanging onto the Republican's coat-tails for years now, pushing a version of "MAGA" that's designed to stick it to Europe because, as everyone knows, Europe just can't live without the UK. Its all hubris.)

  26. Tail Up

    Simply put a thick pack of remote voting sheets, or register the deadfound hobos as unidentified, and 0ne no needs breaking into wires. No?

    1. martinusher Silver badge

      >Simply put a thick pack of remote voting sheets

      It doesn't work like that. For a ballot to be recorded it first has to be verified, this being done by matching the signature on the ballot return envelope or ballot request form to the one on file when the voter registered. Once the voter has been issued a valid ballot no further ballots from that voter will be counted.

      Procedures changed quite a bit this year precisely because everyone was expecting Trump and his allies to cut up rough if the election didn't go his way. Trump made no secret of the fact he was going to litigate the election so everything and everyone was on their best behavior to make sure the vote was squeaky clean.

      The same can't be said about voter registration in many so-called 'red' states. Between large scale purges of minority voters, systematic gerrymandering and obstacles placed to impeded likely Democrat voters the goal was to ensure a Republican win despite a majority of votes going for Democrats (this isn't just in the Presidential race). The Poster Child for wholsale manipulation of the electorate is Florida. Georgia is being contested because despite everything being nicely stacked Trump still lost -- the real bellyaching from the White House is because the vote was supposed to be rigged but it didn't work (due to superhuman efforts by volunteers, party workers and even voters).

      What we were supposed to have is a 'soft coup' which with the politicization of the judiciary and the civil service would have ensured one-party -- dictatorial -- rule for a long time, possibly permanetly. It didn't quite work out because a lot of Americans believe in their democracy, imperfect as it is, and the attacks that Trump and his crew have made on it since the vote have cemented opinion right across the board.

  27. cjb

    Surprised ? What else would you expect a Russian agent to do ?

    1. Tail Up

      This Paper Bill is Backed By Real Gold

      Throw-in techniques are commonly known to be widespread, whatever the country elects, Hacking the computer systems might well be a hint.

      Too much noise about hacking. Suspiciously too much noise about hacking. On every fcuking frequency and channel. And not even a single tiny squeak out about throwing in a simple paper.

      Logs? Protocols? Techniques? Where, pray tell.

      Thank you for your kind reply, it is much appreciated.

      Those hackers. Is this a sophisticsted advertising of Russian programming market?

      1. amanfromMars 1 Silver badge

        Re: This Paper Bill is Backed By Real Gold

        Those hackers. Is this a sophisticsted advertising of Russian programming market? ..... Tail Up

        :-) That would be exciting whenever a true reflection of available and latent potent talent, Tail Up.

        And so much more than just a simple Great Game Changer too.

        Веселого Рождества и счастливого нового года

        1. Tail Up

          Re: This Paper Bill is Backed By Real Gold

          Огромное cпасибо, человексМарса,

          God will keep and save you on your way that you make straight for Him.

          Merry Christmas. Shall I make it a couple or more days to get to NY Day to send my greetings with?

  28. Anonymous Coward
    Anonymous Coward

    True motive?

    What would be the motive for an alleged Russian based hacker to infiltrate the US gov? If someone shorted SolarWinds stock before the attack, they'd make a substantial amount of money.

  29. A random security guy Bronze badge

    What does Putin have on trump?

    Given trump's track record of shafting everyone around him except for darling daughter Ivanka, and, to some degree, his sons, I am surprised he hasn't turned on Putin. He has turned on Moscow Mitch, Leningrad Lindsey, all Republican governors, etc.

    I am pretty sure his supporters will still be loyal to him even if there is some sordid secret that comes out.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021