Thursday, October 27, 2016

Bed Time Stories

The scruffy hacker story, wherein Fancy Bear sparks indignation across the board, owing to connected Wikileaks revelations, meets expectations.

Bernie is close to Commie himself right?  So sure it makes sense these idealistic "open sourcerers" would be seeking revenge over how he was treated by Hilarious Hillary.

Lots of geriatrics have fallen for that phishing trick and easily empathize with poor AOL users and so on.  The white hat script kiddies are happy to explain how it all works, to their puzzled parents.

The other story is about the Internet of Things and how a bunch of wayward appliances all rose up in unison to attack Twitter, Netflix and Spotify.

This wasn't phishing, but something new.  Actually denial of service using bots and zombie computers is not new at all, but we're to understand the scale and focus of the attack was record-setting.

The scruffy hackers, connected to the Russians by as much slathered innuendo as possible (no wait, one of the long gone founders of the KGB had his name mistakenly not removed!) have the tamer old fart tech.
Fancy Bear is Russia, or at least a branch of the Russian government, taking the gloves off,” said one official in the Department of Defense. “It’s unlike anything else we’ve seen, and so we are struggling with writing a new playbook to respond.” The official would speak only on condition of anonymity, as his office had been barred from discussing with the press the US response to Fancy Bear’s attacks. “If Fancy Bear were a kid in the playground, it would be the kid stealing all the juice out of your lunch box and then drinking it in front of you, daring you to let him get away with it.  [ Buzzfeed ]
In contrast, the masterminds behind the toys, the attacking "things," seem to be getting away with their nefarious antics scot-free, with almost no questions asked.  "Few leads" says The Guardian.

The Russians seem to be manageable Bernie supporters, geeks in their basements with too much time on their hands.  Their motives seem understandable.

The dot com attackers, on the other hand, seem to still have their off switch and an army not easily stopped.  The corporate muggles are admitting their laziness.  Yes, their "things" may be gamed.  Don't forget to change your toaster's password.
"Nothing survives floods of this nature, existing or theoretical, centralized or decentralized,” Kaminsky said. “It all falls over. The hard questions here are about preventing this sort of exposure in the first place, and about improving our ability to respond and remediate when we do get it wrong.” Prevention and remediation are the only options in the kind of attack that paralyzed Dyn, Kaminsky said. [The Guardian]
This second, apparently not-Russian cabal, flipped their switch on and off a couple times, while engineers scrambled to "mitigate" the effects, however there's little evidence of real defenses or any actual mitigation.  The attacks simply ceased, ready to begin again another day.

Supposedly Homeland Security was looking into it.  How about the FBI?  In terms of how big a vulnerability was exposed, the scruffy Wikileaks phishing scandal doesn't hold a candle.

Duping individuals is little league compared to bringing down a core name server.

The upshot is someone with an off switch for the Internet is newly enthroned as Voldemort, while the Russians get to play second fiddle as scruffy hacker idealists, more Snowden types, in league with Anonymous no doubt.

The implication in the case of Fancy Bear is youthful rebellion on display, whereas the other attack is both more ominous and more unconscious, more sleep-inducing, more forgettable.  The corporate persons seem more eager to play dead, or at least roll over.  The Russians seem less scary, less a giant to obey.

We're not really planning a lot of "who did it" stories in the latter case are we?  It's more a tale of grin and bear it. You're at the mercy of Voldemort, and don't forget it — now forget it, until we remind you.

Of course there's been some attempt to connect these two stories, I'm aware of that.  Wikileaks is getting its revenge for some stale state trying too hard to be a hero.  That connection is not widely alleged however, only whispered into the rumor mill (or maybe bull horned if from Alex Jones).

Another bed time story is "911 was an inside job" but there I'd have to say why tell it that way?  A cabal of desperate outsiders, feeling powerless, thought this might be a way to seize control, and nothing panned out how it was supposed to.  Whatever the point of the plot, it got lost.  So much for "insiders" right?