information imbalance - The Rise of Plitical Doxing [ bonus points for contrast with AP! :]

oshwm oshwm at openmailbox.org
Sun Nov 1 12:30:13 PST 2015


A lot of reading there for me to be able to answer intelligently but I
see what you're saying - how to walk out of the door with all that data
on a Lady Gaga CD :D

On 01/11/15 20:14, intelemetry wrote:
> My question here is regarding the covert exfil of the hack.
> 
> Check out somebody like darktrace: https://www.darktrace.com/
> 
> https://en.wikipedia.org/wiki/Network_Behavior_Anomaly_Detection
> 
> That egress would be a monumental NOC IDS trigger, especially for an
> anomaly detection system. Have to imagine the database is big.
> Especially if you do anomaly detection on the SIEM collecting things
> like DNS, flow, etc.
> 
> Probably a pivot into the Oracle database. The coupling between
> PeopleSoft and the backend is weird.
> 
> The question is whether this is everybody because agencies sponsor
> clearance and may or may not partition their own records on the backend.
> 
> Something doesn't make sense here. If they can catch the white house
> non-classified penetration with low traffic and no exfil the OPM hack
> seems like it should have been detected easily. Moreover, there are
> automatic kill-chains in a lot of this infrastructure:
> 
> 
> == begin white house ==
> http://www.nytimes.com/2015/04/26/us/russian-hackers-read-obamas-unclass
> ified-emails-officials-say.html?_r=0
> 
> http://fortune.com/2015/04/07/russians-hacked-white-house/
> == end white house ==
> 
> 
> 	http://www.lockheedmartin.com/us/what-we-do/information-technology/cybe
> rsecurity/tradecraft/cyber-kill-chain.html
> 
> 	http://www.darkreading.com/attacks-breaches/deconstructing-the-cyber-ki
> ll-chain/a/d-id/1317542
> 
> I have to imagine they have a switch with inline and span analytics
> and IDS/IPS, anomaly detection, and logging from multiple telemetry
> sources. Grabbing that data from that network and running remotely
> seems like a hefty attack without compromising the actual reporting
> devices. Which has been done:
> 
> 	http://www.phenoelit.org/stuff/CiscoInTheSkyWithDiamonds.pdf
> 
> 	^^ virtual networking
> 
> It would be interesting to know how much is virtual networking out
> there these days in the government.
> 
> - intelemetry
> 
> oshwm:
> 
> 
>> On 01/11/15 19:33, intelemetry wrote:
>>> It proves peoplesoft is a piece of shit.
>>>
> 
>> ha ha, I'm not sure government uses any corps that actually know
>> what they're doing :D
> 
>>> oshwm:
>>>
>>>
>>>> On 01/11/15 18:17, intelemetry wrote:
>>>>> Where is the OPM link in .7z format?
>>>>>
>>>
>>>> Didn't Barrett Brown end up in Solitary Confinement for giving
>>>> out links to data?
>>>
>>>> As for the real question, my ethical argument still stands:-
>>>
>>>> Those people in the OPM leak who were using personal resources
>>>> to conduct government business got what they deserved
>>>> (leaked).
>>>
>>>> Those who were being honest and kept business dealing to the 
>>>> appropriate and democratically accountable systems did not
>>>> deserve their details to be leaked.
>>>
>>>> Then there is another group who work to deceive the public and 
>>>> preserve the state at any cost, those also deserve to be
>>>> leaked (NSA, CIA, FBI etc etc).
>>>
>>>> The hack on OPM also proves another thing that Governments (or 
>>>> indeed anyone) should not create large databases of personal 
>>>> information because they become huge and irresistable targets
>>>> for crackers.
>>>
>>>
>>>>> - intelemetry
>>>>>
>>>>> oshwm:
>>>>>
>>>>>
>>>>>> On 01/11/15 03:53, coderman wrote:
>>>>>>> http://motherboard.vice.com/read/the-rise-of-political-doxing
>>>>>>>
>>>>>>>
>>>>>>>
>>>
>>>>>>>
> Last week, CIA director John O. Brennan became the latest victim
>>>>>>> of what's become a popular way to embarrass and harass
>>>>>>> people on the internet. A hacker allegedly broke into his
>>>>>>> AOL account and published emails and documents found
>>>>>>> inside, many of them personal and sensitive.
>>>>>>>
>>>>>>> It's called doxing—sometimes doxxing—from the word 
>>>>>>> "documents." It emerged in the 1990s as a hacker revenge 
>>>>>>> tactic, and has since been as a tool to harass and
>>>>>>> intimidate people on the internet. Someone would threaten
>>>>>>> a woman with physical harm, or try to incite others to
>>>>>>> harm her, and publish her personal information as a way
>>>>>>> of saying "I know a lot about you—like where you live and
>>>>>>> work." Victims of doxing talk about the fear that this
>>>>>>> tactic instills. It's very effective, by which I mean
>>>>>>> that it's horrible.
>>>>>>>
>>>>>>> Brennan's doxing was slightly different. Here, the
>>>>>>> attacker had a more political motive. He wasn't out to
>>>>>>> intimidate Brennan; he simply wanted to embarrass him.
>>>>>>> His personal papers were dumped indiscriminately, fodder
>>>>>>> for an eager press. This doxing was a political act, and
>>>>>>> we're seeing this kind of thing more and more.
>>>>>>>
>>>>>>> Lots of people will have to face the publication of
>>>>>>> personal correspondence, documents, and information they
>>>>>>> would rather be private
>>>>>>>
>>>>>>> Last year, the government of North Korea allegedly did
>>>>>>> this to Sony. Hackers the FBI believes were working for
>>>>>>> North Korea broke into the company's networks, stole a
>>>>>>> huge amount of corporate data, and published it. This
>>>>>>> included unreleased movies, financial information,
>>>>>>> company plans, and personal emails. The reputational
>>>>>>> damage to the company was enormous; the company estimated
>>>>>>> the cost at $41 million.
>>>>>>>
>>>>>>> In July, hackers stole and published sensitive documents 
>>>>>>> from the cyberweapons arms manufacturer Hacking Team.
>>>>>>> That same month, different hackers did the same thing to
>>>>>>> the infidelity website Ashley Madison. In 2014, hackers
>>>>>>> broke into the iCloud accounts of over 100 celebrities
>>>>>>> and published personal photographs, most containing some
>>>>>>> nudity. In 2013, Edward Snowden doxed the NSA.
>>>>>>>
>>>>>>> These aren't the first instances of politically
>>>>>>> motivated doxing, but there's a clear trend. As people
>>>>>>> realize what an effective attack this can be, and how an
>>>>>>> individual can use the tactic to do considerable damage
>>>>>>> to powerful people and institutions, we're going to see a
>>>>>>> lot more of it.
>>>>>>>
>>>>>>> On the internet, attack is easier than defense. We're
>>>>>>> living in a world where a sufficiently skilled and
>>>>>>> motivated attacker will circumvent network security. Even
>>>>>>> worse, most internet security assumes it needs to defend
>>>>>>> against an opportunistic attacker who will attack the
>>>>>>> weakest network in order to get—for example—a pile of
>>>>>>> credit card numbers. The notion of a targeted attacker,
>>>>>>> who wants Sony or Ashley Madison or John Brennan because
>>>>>>> of what they stand for, is still new. And it's even
>>>>>>> harder to defend against.
>>>>>>>
>>>>>>> What this means is that we're going to see more
>>>>>>> political doxing in the future, against both people and
>>>>>>> institutions. It's going to be a factor in elections.
>>>>>>> It's going to be a factor in anti-corporate activism.
>>>>>>> More people will find their personal information exposed
>>>>>>> to the world: politicians, corporate executives,
>>>>>>> celebrities, divisive and outspoken individuals.
>>>>>>>
>>>>>>> Of course they won't all be doxed, but some of them
>>>>>>> will. Some of them will be doxed directly, like Brennan.
>>>>>>> Some of them will be inadvertent victims of a doxing
>>>>>>> attack aimed at a company where their information is
>>>>>>> stored, like those celebrities with iPhone accounts and
>>>>>>> every customer of Ashley Madison. Regardless of the
>>>>>>> method, lots of people will have to face the publication
>>>>>>> of personal correspondence, documents, and information
>>>>>>> they would rather be private.
>>>>>>>
>>>>>>> In the end, doxing is a tactic that the powerless can 
>>>>>>> effectively use against the powerful. It can be used for 
>>>>>>> whistleblowing. It can be used as a vehicle for social 
>>>>>>> change. And it can be used to embarrass, harass, and 
>>>>>>> intimidate. Its popularity will rise and fall on this 
>>>>>>> effectiveness, especially in a world where prosecuting
>>>>>>> the doxers is so difficult.
>>>>>>>
>>>>>>> There's no good solution for this right now. We all have
>>>>>>> the right to privacy, and we should be free from doxing.
>>>>>>> But we're not, and those of us who are in the public eye
>>>>>>> have no choice but to rethink our online data shadows.
>>>>>>>
>>>>>
>>>>>> Political figures in most countries have been using their 
>>>>>> personal email accounts to conduct business 'under the
>>>>>> radar' in order to avoid information being subject to
>>>>>> oversight, most probably because its illegal,
>>>>>> unconstitutional or at the very least not good for the
>>>>>> image of governments.
>>>>>
>>>>>> When they started to do this, they threw the book on ethics
>>>>>> in the bin and opened themselves up to any abuse of their
>>>>>> personal life that may happen.
>>>>>
>>>>>> If people in power act properly in their professional
>>>>>> dealings then their is an argument against d0xing their
>>>>>> personal information but once they start to try to hide
>>>>>> information then it's open season on every aspect of their
>>>>>> life.
>>>>>
>>>>>
>>>>>
>>>
>>>
> 
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cpunks.org/pipermail/cypherpunks/attachments/20151101/897e1897/attachment-0002.sig>


More information about the cypherpunks mailing list