Tag: russia

Putin says Play-Time Is Over

this will be interesting to follow.

Putin abruptly changed the rules of the game. Previously, the game of international politics was played as follows: politicians made public pronouncements, for the sake of maintaining a pleasant fiction of national sovereignty, but they were strictly for show and had nothing to do with the substance of international politics; in the meantime, they engaged in secret back-room negotiations, in which the actual deals were hammered out. Previously, Putin tried to play this game, expecting only that Russia be treated as an equal. But these hopes have been dashed, and at this conference he declared the game to be over, explicitly violating Western taboo by speaking directly to the people over the heads of elite clans and political leaders.

Russian mummies

a new source of mummies is always welcome

Unlike other burial sites in Siberia, for example in the permafrost of the Altai Mountains, or those of the Egyptian pharaohs, the purpose did not seem to be to mummify the remains, hence the claim that their preservation until modern times was an accident. The soil in this spot is sandy and not permanently frozen. A combination of the use of copper, which prevented oxidation, and a sinking of the temperature in the 14th century, is behind the good condition of the remains today.

Putin abs

Putin warns about showing chiseled 6 pack

“Specifically, gay spectators should remain fully clothed at all times, and resist the temptation to unveil their chiseled biceps or shredded abdominals. under no circumstances should gays oil, grease, or otherwise lubricate their torsos in an effort to highlight their glistening, ripped pectorals.”

et tu, putin?
2015-06-18:

Photos of Putin looking shirtless, healthy, and powerful are a way to reassure the public that there’s no need to worry. If Putin is fine, then Russia is fine. But consider the implication of that assertion: if Putin is not fine, then neither is Russia. The scary part is that’s probably correct.

Russia pretends for the Olympics

the highly inefficient industrial structure of the old Soviet economy, based on misallocation of both resources and people, remains intact. The oil rent reinforced and perpetuated it: it has bought political stability and the loyalty of the population, but has slowed down modernisation. Inevitably, the result is stagnation. During the 2000s the number of bureaucrats almost doubled.

Nicholas Roerich Museum

The Nicholas Roerich Museum is like a mini-Frick Collection but with a few exceptions–the museum is free, and all the artwork and artifacts were painted and discovered by Nicholas Roerich himself. Housed in this 3-story Upper West Side town house are over 200 works of art ranging from paintings of the Himalayas to scenes from historical references to sketches from his early days designing sets for Russian ballets like The Rite of Spring composed by Igor Stravinsky.

NSA

the nsa resources deployed on the war on water / drugs:

Agencies working to curb drug trafficking, cyberattacks, money laundering, counterfeiting and even copyright infringement complain that their attempts to exploit the security agency’s vast resources have often been turned down because their own investigations are not considered a high enough priority, current and former government officials say.

2013-08-14: Hipster NSA stopped 50 terrorist attacks. You’ve probably never heard of them.
2013-09-11: Calling the NSA

2013-09-16:

What can we do to roll back this aggressive expansion of the surveillance state, and to lower the probability of it happening again in the near future? The best answer is the simplest one: abolish the NSA. Abolish it, and create an easy mechanism for abolishing agencies like it in the future.

a test if we can still muster the power to dismantle organizations that have outlived their purpose and crossed too many lines.
2013-10-30: and good luck with decrypting the network now, assholes.

This is the big story in tech today:

NSA infiltrates links to Yahoo, Google data centers worldwide

I’m just going to post my thoughts on this. Standard disclaimer: They are my own thoughts, and not those of my employer.

Fuck these guys.

I’ve spent the last 10 years of my life trying to keep Google’s users safe and secure from the many diverse threats Google faces.

I’ve seen armies of machines DOS-ing Google. I’ve seen worms DOS’ing Google to find vulnerabilities in other people’s software. I’ve seen criminal gangs figure out malware. I’ve seen spyware masquerading as toolbars so thick it breaks computers because it interferes with the other spyware.

I’ve even seen oppressive governments use state sponsored hacking to target dissidents.

But even though we suspected this was happening, it still makes me terribly sad. It makes me sad because I believe in America.

Not in that flag-waving bullshit we’ve-got-our-big-trucks-and-bigger-tanks sort of way, but in the way that you can looked a good friend who has a lot of flaws, but every time you meet him, you think, “That guy still has some good ideas going on”.

But after spending all that time helping in my tiny way to protect Google — one of the greatest things to arise from the internet — seeing this, well, it’s just a little like coming home from War with Sauron, destroying the One Ring, only to discover the NSA is on the front porch of the Shire chopping down the Party Tree and outsourcing all the hobbit farmers with half-orcs and whips.

The US has to be better than this; but I guess in the interim, that security job is looking a lot more like a Sisyphus thing than ever.

Also of note, this article from September may call some recent technical decisions into relief:

Google encrypts data amid backlash against NSA spying

2013-11-01:

Despite Dianne Feinstein’s supposed “conversion” earlier this week about the NSA being out of control with its spying, and the associated performance of NSA folks claiming that they were screwed, it’s quickly become apparent that this was all pure theater to make people think that real reform might be coming.

2013-12-08: the low-level thugs at the NSA are polishing their resumes as we speak.

Morale has taken a hit at the National Security Agency in the wake of controversy over the agency’s surveillance activities. Former officials are dismayed that President Obama has not visited the agency to show his support.

2013-12-16: the nsa must be in deep crisis mode that they feel they have to ask for the help of this thug. tl;dr: yes we lied to congress but don’t worry, we don’t care about your data. also, please help out with my mayonnaise kickstarter.
2013-12-22:

The US national security establishment didn’t even attempt to protect us from this. Why? The folks running the show down in Washington don’t, and still don’t, consider the biggest cyber attack on US citizens to date a national security issue. As with 9/11, our expensive national defense system was totally ineffective when we needed it.

A bit hyperbolic but he is right that the thugs at the NSA had one job, and blew even that.
2013-12-26:

a time will come, someday, when we are terrified, once again. When all the “Orwellian” talk will seem far less important than empowering our protectors with any powers they claim to need. Shall we ride this roller-coaster helplessly, oscillating between submission and indignation?

2014-02-24: it’s great to see that other leakers are coming forward. a NSA busy with internal purges and ultra-paranoia will be less of a threat.

the NSA, forbidden by President Obama from tapping German Chancellor Angela Merkel’s phone directly, has ramped up its spying on her senior government officials

2014-03-20: high drama, with response by Richard Ledgett: The NSA responds to Edward Snowden’s TED Talk

2014-04-09:

Hackers are addicted to the power of controlling machines. Almost every time they compromise a new machine, their “compromise boundary” grows. The drug gets better the more you take – unlike “regular” drugs. SIGINT organizations seem to behave like addicts: Making up excuses to escalate the consumption of their favorite drug.

2014-05-09:

the NSA set themselves up for it by preventing the early internet specifications from including transport layer encryption. At every step in the development of the public internet the NSA systematically lobbied for weaker security, to enhance their own information-gathering capabilities. The trouble is, the success of the internet protocols created a networking monoculture that the NSA themselves came to rely on for their internal infrastructure. The same security holes that the NSA relied on to gain access to your (or Osama bin Laden’s) email allowed gangsters to steal passwords and login credentials and credit card numbers. And ultimately these same baked-in security holes allowed Edward Snowden—who, let us remember, is merely 1 guy: a talented system administrator and programmer, but no Clark Kent—to rampage through their internal information systems.

2015-05-23:

piecing this story together took a team that was willing to do everything from learning some fairly difficult number theory to coding up simulations to poring over the Snowden documents for clues about the NSA’s budget

Interesting musings on the diffie-hellman vulnerability.
2017-05-01:

It’s possible that someone penetrated the internal NSA network. We’ve already seen NSA tools that can do that kind of thing to other networks. That would be huge, and explain why there were calls to fire NSA Director Mike Rogers last year.

The CIA leak is both similar and different. It consists of a series of attack tools from ~1 year ago. The most educated guess amongst people who know stuff is that the data is from an almost-certainly air-gapped internal development wiki and either someone on the inside was somehow coerced into giving up a copy of it, or someone on the outside hacked into the CIA and got themselves a copy. They turned the documents over to WikiLeaks, which continues to publish it.

This is also a really big deal, and hugely damaging for the CIA. Those tools were new, and they’re impressive. The CIA is desperately trying to hire coders to replace what was lost.

For both of these leaks, one big question is attribution: who did this? A whistleblower wouldn’t sit on attack tools for years before publishing. A whistleblower would act more like Snowden or Manning, publishing immediately — and publishing documents that discuss what the US is doing to whom, not simply a bunch of attack tools. It just doesn’t make sense. Neither does random hackers. Or cybercriminals. I think it’s being done by a country or countries.

My guess was, and is still, Russia in both cases. Here’s my reasoning. Whoever got this information years before and is leaking it now has to 1) be capable of hacking the NSA and/or the CIA, and 2) willing to publish it all. Countries like Israel and France are certainly capable, but wouldn’t ever publish. Countries like North Korea or Iran probably aren’t capable.