Hackers Came — The French Were Ready For Them

Everyone saw the hackers coming…The National Security Agency in Washington picked up the signs. So did Emmanuel Macron’s bare-bones technology team. And mindful of what happened in the American presidential campaign, the team created dozens of false email accounts, complete with phony documents, to confuse the attackers.

❝ The Russians, for their part, were rushed and a bit sloppy, leaving a trail of evidence that was not enough to prove for certain they were working for the government of President Vladimir V. Putin but which strongly suggested they were part of his broader “information warfare” campaign…

But that outcome was hardly assured on Friday night, when what was described as a “massive” hacking attack suddenly put Mr. Macron’s electoral chances in jeopardy. To French and American officials, however, it was hardly a surprise.

❝ …The staff at Mr. Macron’s makeshift headquarters in the 15th Arrondissement at the edge of Paris didn’t need the N.S.A. to tell them they were being targeted: In December, after the former investment banker and finance minister had emerged as easily the most anti-Russian, pro-NATO and pro-European Union candidate in the presidential race, they began receiving phishing emails.

Even before then, the Macron campaign had begun looking for ways to make life a little harder for the Russians, showing a level of skill and ingenuity that was missing in Hillary Clinton’s presidential campaign and at the Democratic National Committee, which had minimal security protections and for months ignored F.B.I. warnings that its computer system had been penetrated.

❝ “We went on a counteroffensive,” digital director, Mounir Mahjoubi said. “We couldn’t guarantee 100 percent protection” from the attacks, “so we asked: what can we do?” Mr. Mahjoubi opted for a classic “cyber-blurring” strategy, well known to banks and corporations, creating false email accounts and filled them with phony documents the way a bank teller keeps fake bills in the cash drawer in case of a robbery…

Mr. Mahjoubi refused to reveal the nature of the false documents that were created, or to say whether, in the Friday document dump that was the result of the hacking campaign, there were false documents created by the Macron campaign.

But he did note that in the mishmash that constituted the Friday dump, there were some authentic documents, some phony documents of the hackers’ own manufacture, some stolen documents from various companies, and some false emails created by the campaign.

❝ “It’s clear they were rushed,” Mr. Hultquist said. “If this was APT28,” he said, using the name for a Russian group believed to be linked to the GRU, a military intelligence agency, “they have been caught in the act, and it has backfired for them.”

Russian hackers were dealing with not only a better educated populace; but, a more sophisticated audience than American voters. LePen and her populist campaign had to walk away from the most backwards aspects of campaigns her father would have run twenty or thirty years ago. She could not substitute anti-Semitism for Trump’s anti-Mexican slurs – as her father would have.

Trump’s dalliance in misogynist assaults might have cynical appeal to fools in France – as they do in the United States. But, Trump’s contempt for physically-handicapped wouldn’t play – for example – in a nation where until recently public transport still reserved front seats for victims of war.

The French shrugged off Big Lies because they knew from experience what the population in general was gifted by populist liars – and their supporters, domestic or foreign.

Advertisements

Even Trump’s paid geeks are political incompetents


Click to zero in on the core bigotry

When Trump and his assistant dolts realized they were being too public about their bigotry – things like the Constitution were getting in the way – they tried to tidy up their shitpile of ideology online. They deleted the content from this press release about their so-called travel ban. And never noticed the bigotry was just as clear in the url.

Thanks, Jessica Stone

Drones used for first time in a major search at Grand Canyon


Brandon TorresAP Photo

❝ The desperate effort last week to find two hikers who disappeared at the bottom of the Grand Canyon represented the National Park Service’s most extensive use yet of drones in a search-and-rescue mission.

The Grand Canyon is the only national park with its own fleet of unmanned aircraft for locating people who have gotten lost, stranded, injured or killed. Under a program that began last fall, it has five drones and four certified operators.

While the aerial search for the two hikers came up empty, it threw a spotlight on technology that can enter crevices and other rugged spots unreachable by foot while sparing searchers the dangers of going up in a helicopter.

❝ The aircraft were used Monday through Wednesday in the search for LouAnn Merrell, 62, and her step grandson, Jackson Standefer, 14. The park also sent out three ground search teams of about 20 people in all, an inflatable motor boat and a helicopter.

Merrell and Standefer vanished last weekend after losing their footing while crossing a creek near the North Rim. They were on a hike with Merrell’s husband, Merrell Boot Co. co-founder Randy Merrell, and the boy’s mother.

The park soon scaled back the operation and stopped using the drones but continued the search. In a statement, the hikers’ families backed the decision and said they were “still praying for a miracle.”

❝ Other national parks use drones, but for wildlife research. The use of private drones is prohibited in national parks.

James Doyle, a spokesman for the park service’s Intermountain region, said other national parks will probably seek their own drone fleets, too. He said the Grand Canyon’s extreme topography — it is a mile deep — makes it a perfect candidate.

Even unsuccessful, this latest use of new technology cost less and endangered a fewer folks than traditional means. Which, BTW, were revolutionary in their own time.

Wife’s Fitbit leads to husband’s murder arrest


That’s hubby in the middleMark Mirko/AP

❝ A Connecticut man accused in his wife’s murder might have gotten away with it — if not for the victim’s Fitbit fitness tracker and other electronic devices…

Richard Dabate, 40, was charged this month with felony murder, tampering with physical evidence and making false statements following his wife Connie’s December 2015 death at their home in Ellington…

❝ Dabate called 911 reporting that his wife was the victim of a home invasion, alleging that she was shot dead by a “tall, obese man” with a deep voice like actor Vin Diesel’s, sporting “camouflage and a mask,” according to an arrest warrant.

Dabate alleged her death took place more than an hour before her Fitbit-tracked movements revealed. CCTV footage also showed her visiting a local gym the morning she died.

❝ Investigators uncovered text messages between the couple, as well as the suspect and his reported pregnant mistress — thought to be a main motive behind the suspected domestic homicide.

One year before the murder, Dabate texted his wife saying, “I want a divorce,” around the time bank statement records obtained by the Hartford Courant showed credit card charges from hotels, strip clubs and floral purchases for his girlfriend.

❝ State police used an analysis of the home’s “alarm system, computers, cellphones, social media postings and Connie Dabate’s Fitbit to create a timeline that contradicted Richard Dabate’s statements to police,” the warrant cited.

Gotta love it when family gadgets testify against you. 🙂

Either Microsoft is on their toes – or the stuff hackers steal from the NSA really is past its sell by-date

❝ Just as the Shadow Brokers hacker group started crowing about a dump of never-seen-before flaws in Windows, Microsoft announced it already had fixed most of the exploits.

“Today, Microsoft triaged a large release of exploits made publicly available by Shadow Brokers,” Microsoft Principal Security Group Manager Phillip Misner wrote in a Friday post.

“Our engineers have investigated the disclosed exploits, and most of the exploits are already patched,” he added.

Three of the dozen zero day vulnerabilities aired by the hackers, which they claimed were part of a large cache of data leaked from the U.S. National Security Agency, did not work at all on Windows 7 and above…

❝ As of the most recent patch cycle, no supported versions of Windows were vulnerable to the Shadow Brokers exploits, said Bobby Kuzma, a system engineer at Core Security.

“In other words,” he told TechNewsWorld, “for the love of God get XP, Vista and 2003 Server off of your networks.”

Har.

I know Microsoft users aren’t the most diligent of users of contemporary computing software and hardware. It was true through the 22 years I functioned within that milieu. I left over a decade ago and from what I read and hear – ain’t anything improved.

Basic security procedures still require regular backups and keeping your patches up-to-date. There’s more; but, too many folks don’t make it to the minimum.

The latest dump of NSA tools means – get up-to-date with Microsoft Patches, folks!

❝ UPDATE: Microsoft has patched the majority of the exploits released by The Shadow Brokers. More details can be found here, and the company recommends updating to a supported version of Windows and downloading security fixes.

The original story follows below:

❝ On Friday, the group known as The Shadow Brokers dropped the hacking equivalent of a bomb, or perhaps several bombs, giving hackers all over the world the tools to easily break into millions of Windows computers

This is bad news not just for the NSA, but for the internet as a whole, according to security researchers who are poring through the dump. As someone called it, this is “cyber chaos.”

❝ Perhaps the worst tool released by the hackers is called “FUZZBUNCH.” This is a hacking suite or toolkit that contains several plug-and-play exploits to attack several versions of Windows operating system. Some researchers described it as something akin to Metasploit, a popular open source hacking framework…

In fact, the latest Shadow Brokers dump contains several working Windows zero-days in executable (.exe) binaries with “step-by-step logs laying out how they’re used and the commands to run”…

That means that pretty much anyone, from low-level cybercriminals to so-called “script kiddies” — hackers who are only good at reusing other hackers’ tools — could repurpose them to attack Windows computers…

❝ In the meantime, you can either shut down your Windows machine or block incoming connections to port 445 and 139 with the firewall to prevent some of the attacks, according to security researchers.

❝ The leaked tools are dated around 2013, so they don’t affect modern Windows operating systems such as Windows 10. But according to Hacker Fantastic, the FUZZBUNCH framework supports all kinds of Windows systems: server versions from NT, 2000, 2003, 2008 and up to 2012, as well as the consumer versions XP, Vista, 7 and Windows 8.

I worked within the Microsoft/IBM framework for 22 years before moving to Apple’s OSX [and following mobile OS’] over a decade ago. Yeah, anything can be hacked; but, ain’t much need to make it easy.

When US closes its door to talented immigrants, start a cutting-edge AI research institute in Canada

❝ Canadian researchers have been behind some recent major breakthroughs in artificial intelligence. Now, the country is betting on becoming a big player in one of the hottest fields in technology, with help from the likes of Google and RBC…

❝ Money from big tech is coming north, along with investments by domestic corporations like banking multinational RBC and auto parts giant Magna, and millions of dollars in government funding.

Toronto will soon get the Vector Institute for Artificial Intelligence, geared to fuelling “Canada’s amazing AI momentum”…

The founders also want it to serve as a magnet and retention tool for top talent aggressively head-hunted by US firms…

Google invested C$4.5 million last November in the University of Montreal’s Montreal Institute for Learning Algorithms.

Microsoft is funding a Montreal startup, Element AI. The Seattle-based company also announced it would acquire Montreal-based Maluuba and help fund AI research at the University of Montreal and McGill University.

Thomson Reuters and General Motors both recently moved AI labs to Toronto.

Earlier this month, the federal government announced C$125m for a “pan-Canadian AI strategy”…

❝ Those trying to build Canada’s AI scene admit places like Silicon Valley will always be attractive to tech talent. But they hope strategic investments like these will allow Canada to fuel the growth of domestic startups.

Canadian tech also sees the travel uncertainty created by the Trump administration in the US as making Canada more attractive to foreign talent.

Yeah, a global economy is a real shame. For folks who often can’t figure out how to find a better job in a city in the American Midwest 25 miles away from the neighborhood they grew up in. For the rest of us — no big deal.

What’s so difficult about considering moving North for a good job, a bright future? Yes, the cold is a hangup for some. Counter that with diverse demographics, tolerant social policies, a national health service that works for all – and some damned good schools.