FAQ from Guccifer 2.0(guccifer2.wordpress.com)
guccifer2.wordpress.com
FAQ from Guccifer 2.0
https://guccifer2.wordpress.com/2016/06/30/faq/
94 comments
I was struck by his correct usage of "its" and "it's". That is something many native english speakers do not get right. He clearly speaks and writes english very well or has someone editing his posts. That would agree with your suggestion he is living in the US or Canada.
That might be something that foreign speakers find easier to get right because they have to actively learn it, and the words are more different in other languages so they wouldn't confuse the concepts.
Absolutely, but in my opinion it has more to do whether you learn to speak before you know how to spell and write or vice versa. Homonyms or near homonyms like "it's" and "its" or "their", "they're" and "there" are just different things for second-language speakers. For me as a non-native speaker it's a miracle how someone could ever spell "definitely" the wrong way.
His writing lacks the typical mistakes Eastern Europeans often make when writing English prose, namely omitting the indefinite article. If you look closely he might be overcompensating, for example:
His writing lacks the typical mistakes Eastern Europeans often make when writing English prose, namely omitting the indefinite article. If you look closely he might be overcompensating, for example:
I’ve already said about the software vulnerabilities
I'm not a native English speaker myself but isn't the article superfluous here? The next one is more obvious: But I made some conclusions from the Marcel’s storyActually the article in "the software vulnerabilities" is pretty useful, since he's referring to the specific vulnerabilities that let him in to the DNC. You could potentially gather that from context, but to my native ear the article sounds better.
The second example is, as you say, an obvious mistake.
The second example is, as you say, an obvious mistake.
It's impossible to tell if someone is genuinely making mistakes or simulating them, but just from a surface analysis:
I don't think a native speaker would ever say "I've already said about..." - you would say "I've already mentioned/written about/discussed". "Said about" is glaringly, obviously wrong.
In the second thing you cited, I could see that being a typo / editing mistake - could have meant to say "from the Marcel story" or "from Marcel's story" and it got mixed up in editing (e.g sometimes you write a sentence one way and then paste something in and don't re-read what you wrote). But if it was intentional then yes, it's definitely wrong.
I don't think a native speaker would ever say "I've already said about..." - you would say "I've already mentioned/written about/discussed". "Said about" is glaringly, obviously wrong.
In the second thing you cited, I could see that being a typo / editing mistake - could have meant to say "from the Marcel story" or "from Marcel's story" and it got mixed up in editing (e.g sometimes you write a sentence one way and then paste something in and don't re-read what you wrote). But if it was intentional then yes, it's definitely wrong.
Non-native speaker here. I never say "could of" when I meant "could've", or "there" when I meant "their" or "they're". I don't understand why native speakers confuse them so much. Our brains must be wired differently because of how we learned to speak and write the language.
I'm a native speaker and I never make those mistakes.
I find it irritating when I read writing that includes those kinds of basic mistakes.
Of course, you even see those kinds of basic mistakes on the TV, especially the news tickers. I see about one per week, and I'm not even consciously looking for them.
I think it's people who have never read a lot, so they just write whatever sounds similar. Just seems lazy to me to not check, and after reading these comments from non-natives who can get it right, I now think it's super-lazy.
I find it irritating when I read writing that includes those kinds of basic mistakes.
Of course, you even see those kinds of basic mistakes on the TV, especially the news tickers. I see about one per week, and I'm not even consciously looking for them.
I think it's people who have never read a lot, so they just write whatever sounds similar. Just seems lazy to me to not check, and after reading these comments from non-natives who can get it right, I now think it's super-lazy.
Spell checkers can pick up on its/it's errors
You would think though if he was living in the US or Canada, he would at least make a more up-to-date pop reference than Rambo or Terminator. If he was living in the west, he would probably at least cite Mr. Robot or some "betrayed" hero like Jason Bourne.
As the OP points out, this may suggest his age. I'm in my mid 30s and I have no idea what Mr. Robot is, but I certainly do know who Rambo and Terminator are.
Total tangent, but I can't recommend Mr. Robot enough, especially to the HN crowd. It is about a group of anarchists hackers that are trying to take down a global conglomerate. It might be the first critically acclaimed TV show/movie that goes out of its way to make sure the tech they talked about is accurate. You will see it as early as the pilot episode when two of the main characters debate the merits of their favorite Linux distros. And they do it in such a way that it is entertaining to both the people who know what they are talking about while not alienating the common folks who just hear it as technobabble.
I just warn you shouldn't read too much up on the show beforehand because there a lots of twists and turns in the first season that you won't want ruined.
I just warn you shouldn't read too much up on the show beforehand because there a lots of twists and turns in the first season that you won't want ruined.
Mr Robot is an excellent TV show [0], I highly recommend it.
0) http://www.imdb.com/title/tt4158110/
0) http://www.imdb.com/title/tt4158110/
He doesn't have kids. Before I had kids I had no idea what kids liked. Watched Batman, Lord of The Rings, but I still couldn't tell you who cool teenagers looked up to.
Seems like this Guccifer 2.0 figure really is just in this for the fame and glory. No real hacker with a different agenda would reveal so much about him/herself (assuming the info is true). It puzzles me. It's almost as if this new Guccifer wants to be caught just like the last one. As if his prosecution by the FBI will finally validate his status as a great hacker, the one who hacked the DNC amid one of the most historic elections in US history.
Far fetched speculation, I wonder if FBI specifically instructed those who were hacked to tell the world it is the evil Russians. It played well with their victim's PR story (it is understandably we couldn't resist such a powerful enemy) but it also worked to flush him out with a blog post like this.
Say, they suspected he was Romanian or from Moldova (a lot of Moldovans do not like the Russian govt.) so telling the world "this was a Russian super-hacker" was a way to get him angry and force him to try to repair his image so to speak.
I think in the end because of of that blog post he might have revealed too much and is at a greater risk of getting caught now than he suspects.
Say, they suspected he was Romanian or from Moldova (a lot of Moldovans do not like the Russian govt.) so telling the world "this was a Russian super-hacker" was a way to get him angry and force him to try to repair his image so to speak.
I think in the end because of of that blog post he might have revealed too much and is at a greater risk of getting caught now than he suspects.
While most of what he said strikes me as "likely true" this struck me as being utter nonsense:
> The DNC had NGP VAN software installed on their system so I used the 0-day exploit and then deployed my backdoor.
The NGP VAN is a service, not a piece of software, and most of the software NGP provide isn't internet accessible. Plus there's also the sticky issue of how he would get ahold of it to fuzz it.
On this issue I believe CrowdStrike. He purchased malware on the black market ($1.5K per this FAQ) and then emailed it to tons of people at the DNC until some moron clicked.
This FAQ has a few obvious lies like that in it, like his poor English is another obvious lie since they are so inconsistent with it.
I think they read about the NGP VAN and then made up the zero day story to make themselves seem more badass. This individual strikes me as your typical script kiddy, in particular considering how much they glorify Guccifer (1) who themselves was a script kiddy.
PS - Crowdstrike are still wrong about the Russian intelligence claims, they never had one shred of proof, even after posting their supposed "proof" it was all just generic hacktools and things you can buy on Tor.
> The DNC had NGP VAN software installed on their system so I used the 0-day exploit and then deployed my backdoor.
The NGP VAN is a service, not a piece of software, and most of the software NGP provide isn't internet accessible. Plus there's also the sticky issue of how he would get ahold of it to fuzz it.
On this issue I believe CrowdStrike. He purchased malware on the black market ($1.5K per this FAQ) and then emailed it to tons of people at the DNC until some moron clicked.
This FAQ has a few obvious lies like that in it, like his poor English is another obvious lie since they are so inconsistent with it.
I think they read about the NGP VAN and then made up the zero day story to make themselves seem more badass. This individual strikes me as your typical script kiddy, in particular considering how much they glorify Guccifer (1) who themselves was a script kiddy.
PS - Crowdstrike are still wrong about the Russian intelligence claims, they never had one shred of proof, even after posting their supposed "proof" it was all just generic hacktools and things you can buy on Tor.
> The DNC had NGP VAN software installed on their system so I used the 0-day exploit and then deployed my backdoor.
I was the tech director for Bernie 2016, and this part tripped my bullshit meter as well. The VAN is a SaaS, not an on-premise solution. The DNC has some servers that have tight integrations with VAN (e.g. direct db access as opposed to using the API) but saying they had "NGP VAN software installed on their system" is a stretch at best, and those certainly aren't the same servers that the DNC uses to store their oppo research and such.
NGP-VAN does run on Azure though, FWIW. I don't know what OS the DNC's servers run on, but it wouldn't shock me if it was Windows as well.
If I had to guess, this whole part is a red herring. I'm sure either guccifer social-engineered folks at the DNC and/or the DNC was storing their oppo research on old servers with shitty security. The NGP VAN was an easy name to throw out and divert attention since their own security issues have been well-publicized in the past.
I was the tech director for Bernie 2016, and this part tripped my bullshit meter as well. The VAN is a SaaS, not an on-premise solution. The DNC has some servers that have tight integrations with VAN (e.g. direct db access as opposed to using the API) but saying they had "NGP VAN software installed on their system" is a stretch at best, and those certainly aren't the same servers that the DNC uses to store their oppo research and such.
NGP-VAN does run on Azure though, FWIW. I don't know what OS the DNC's servers run on, but it wouldn't shock me if it was Windows as well.
If I had to guess, this whole part is a red herring. I'm sure either guccifer social-engineered folks at the DNC and/or the DNC was storing their oppo research on old servers with shitty security. The NGP VAN was an easy name to throw out and divert attention since their own security issues have been well-publicized in the past.
This is totally off-topic, but I tried a few times to get a hold of someone (anyone really) in the campaign to volunteer my technical skills, and every person I talked to was like "Yeah, that sounds awesome! Call this person and say you want to volunteer!" And that other person was just someone in charge of phonebanking and only knew other phonebanking volunteers. It was tedious and impossible to get escalated to someone that might be more useful.
Well, part of my job description involved helping to organize tech volunteers, so I guess at the end of the day that falls on me. Really it's a general problem with a widely distributed yet generally meagerly staffed campaign. There's a lot of autonomy with regional/field staffers and in turn they don't necessarily know about everything going on at the national core (where our digital/tech efforts happened). The way to help was primarily either through finding a project to help with at https://github.com/Bernie-2016 or getting involved with Coders for Sanders (https://coders.forsanders.com); I originally was a volunteer with CFS and then joined the campaign full-time after completing a few larger volunteer projects for them. But of course there's no way for a random person wanting to get involved to really know that. I'm rambling now; I don't have a good answer per se, other than that I'm sorry you had a bad experience and I wish we'd found a way to solve this problem.
Somewhat related, I've started helping out a bit with an OSS project called Code Corps that may help with this sort of thing in the future. The basic idea is that you input your interests (education, environment, economy, etc.) and your tech skills and then get matched with political/nonprofit orgs that need your skills. https://www.codecorps.org/, https://github.com/code-corps
Somewhat related, I've started helping out a bit with an OSS project called Code Corps that may help with this sort of thing in the future. The basic idea is that you input your interests (education, environment, economy, etc.) and your tech skills and then get matched with political/nonprofit orgs that need your skills. https://www.codecorps.org/, https://github.com/code-corps
Cool project! Thanks for the links!
"You asked me several times if I’m a man or a woman. I’m a man. I’ve never met a female hacker of the highest level. Girls, don’t get offended, I love you."
Oof.
Oof.
Oof? Every other day on HackerNews I see a new post about the dearth of women in tech and how dire the "shortage" is.
If there are substantially fewer women in tech, why is it unreasonable to think there are practically no skilled female hackers?
(And note that when I use the term 'hacker' I'm referring to the illegal, blackhat variety, not the 'I turned my oven into a WiFi hotspot!' kind)
If there are substantially fewer women in tech, why is it unreasonable to think there are practically no skilled female hackers?
(And note that when I use the term 'hacker' I'm referring to the illegal, blackhat variety, not the 'I turned my oven into a WiFi hotspot!' kind)
Two reasons come to mind.
First, "there aren't many" is vastly different statement from "there aren't any." It's not clear which category "I've never met" falls into, but it's easy to take it the wrong way.
Second, that whole thing is completely unnecessary. The answer could end at "I'm a man" and be done. He seems to feel a need not only to state his maleness, but to point out that the question is stupid because it's not possible for him to be a women given his skill.
First, "there aren't many" is vastly different statement from "there aren't any." It's not clear which category "I've never met" falls into, but it's easy to take it the wrong way.
Second, that whole thing is completely unnecessary. The answer could end at "I'm a man" and be done. He seems to feel a need not only to state his maleness, but to point out that the question is stupid because it's not possible for him to be a women given his skill.
I didn't think it was too irrelevant. He resolves the question of his gender, and then responds with his own personal observation that skilled female hackers are a rarity.
Why is there such an embargo on talking about the differences between genders? The only times it is permissible is if you're talking about how women are either superior or discriminated against in some respect.
Why is there such an embargo on talking about the differences between genders? The only times it is permissible is if you're talking about how women are either superior or discriminated against in some respect.
One reason, perhaps, is that too many "differences between genders" discussions (whether it's from one side or the other) devolve into unhelpful discussions about confirmation-bias style "superiority" or "discrimination" and the like. Discussions that try to honestly determine more fact-based reasons for the differences (whether it be biological reasons or social constructs) are rather rare.
In this case, that observation was part of a "I have strong hacking skills" boast. So more "oof" for the awful overall tone.
I personally suspect a bit of Dunning–Kruger here. My hunch is, while it is true that women in infosec are rare, there probably are women in infosec that have quite a bit stronger skillset than this guy.
In this case, that observation was part of a "I have strong hacking skills" boast. So more "oof" for the awful overall tone.
I personally suspect a bit of Dunning–Kruger here. My hunch is, while it is true that women in infosec are rare, there probably are women in infosec that have quite a bit stronger skillset than this guy.
I wonder what institutional barriers keep women from hacking. As lack of interest is often dismissed as an explanation.
I'm sure lack of interest is a big reason, but that just changes the question to, why is there a lack of interest?
Personally, I think it's because so much of this activity happens online, and online communities are still often extremely misogynistic. Women interested in participating in such communities often have to hide who they are lest they be faced with an endless cavalcade of "tits or gtfo" and unsolicited dick pictures and other aggressive behavior.
Personally, I think it's because so much of this activity happens online, and online communities are still often extremely misogynistic. Women interested in participating in such communities often have to hide who they are lest they be faced with an endless cavalcade of "tits or gtfo" and unsolicited dick pictures and other aggressive behavior.
Regardless of whether it is a valid reason for fewer women in tech, I think men are far more prone to destructive rebellion that can lead to criminal hacking. So, at least in that respect, females may just be less interested in the destructive hacking arts and more interested in constructive hacking.
Because jumping from "women are under represented" to "and none of them are hackers" is quite the leap. I'll let you google how statistics work to figure out why that would be.
I considered qualifying the statement but realized it should be a waste of time for any moderately educated person but apparently that was my bad. Oof!
I considered qualifying the statement but realized it should be a waste of time for any moderately educated person but apparently that was my bad. Oof!
That's not an unreasonable assumption, I just wonder how you'd tell what the gender is of an anonymous irc person who could be anywhere in the world?
So I think that 99% of blackhats could be women. How can that be disputed?
I doubt many of these blackhat types ever actually meet in person.
So I think that 99% of blackhats could be women. How can that be disputed?
I doubt many of these blackhat types ever actually meet in person.
>If there are substantially fewer women in tech, why is it unreasonable to think there are practically no skilled female hackers?
It is true that there are few women in tech in the US and the UK, but this is not a general rule and may not hold in the area of network exploitation (breaking into peoples networks and computers without permission).
For instance in India "15.8% of engineering and technology undergraduates in the UK are female.(4) Compare with India: where over 30% of engineering students are women on engineering courses account for over 30% of the students.(5)"[0].
and China "In China, 40% of engineers are women and in the USSR of the 1980s, women accounted for 58% of the engineering workforce." [1]
>(And note that when I use the term 'hacker' I'm referring to the illegal, blackhat variety, not the 'I turned my oven into a WiFi hotspot!' kind)
Given the enormous government investment in network intrusion capabilities I would guess many of the more skilled hackers work in intelligence and military orgs.
Israel, which have a fairly gender balanced military, is a leader in the area of network exploitation. Given that 65% of Israeli women serve in the military and only 3% of combat roles in the IDF are filled by women it is likely that women constitute a large percentage of intelligence roles. For instance the IDF's Unit8200 (tasked with SIGINT and likely "cyberwar" duties) and thought to be responsible for Stuxnet has a large number of women[2]. I would imagine that some of them are quite skilled at breaking into networks.
GCHQ which is also considered quite good at network exploitation is more gender balanced than the tech community in the US. It is hard to determine from public sources how many women are involved in "hackish" activities at GCHQ.
"[women] comprise only 29% of new entrants to GCHQ" [3]
Mathematics is a big feeder to the Cryptologic world (as much of cryptography is math) and within the US math is much more gender balanced than engineering (between 40-50%[4]). It is often said that:
"In particular, the National Security Agency (NSA) is the largest employer of mathematicians in the United States, and perhaps the world. Among other things, the NSA needs mathematicians to help create and break codes, analyze intelligence data, and perform signal analysis"[5]. Anecdotally many academic cryptographers are female.
The Snowden documents show that at the NSA people move between jobs and duties learning new skills and sharing their current expertise. I would expect there are quite a few female cryptoanalysts who got interested in network exploitation especially given the enormous utility that mathematics and cryptanalysis can bring to the table.
[0]: http://www.wes.org.uk/statistics
[1]: http://www.paristechreview.com/2010/09/29/why-more-women-eng...
[2]: http://fortune.com/2015/06/25/women-israeli-army-tech-traini...
[3]: WOMEN IN THE UK INTELLIGENCE COMMUNITY: A report by the Intelligence and Security Committee of Parliament
[4]: https://www.maa.org/external_archive/columns/launchings/laun...
[5]: https://www.math.uh.edu/~tomforde/Web/Jobs.html
It is true that there are few women in tech in the US and the UK, but this is not a general rule and may not hold in the area of network exploitation (breaking into peoples networks and computers without permission).
For instance in India "15.8% of engineering and technology undergraduates in the UK are female.(4) Compare with India: where over 30% of engineering students are women on engineering courses account for over 30% of the students.(5)"[0].
and China "In China, 40% of engineers are women and in the USSR of the 1980s, women accounted for 58% of the engineering workforce." [1]
>(And note that when I use the term 'hacker' I'm referring to the illegal, blackhat variety, not the 'I turned my oven into a WiFi hotspot!' kind)
Given the enormous government investment in network intrusion capabilities I would guess many of the more skilled hackers work in intelligence and military orgs.
Israel, which have a fairly gender balanced military, is a leader in the area of network exploitation. Given that 65% of Israeli women serve in the military and only 3% of combat roles in the IDF are filled by women it is likely that women constitute a large percentage of intelligence roles. For instance the IDF's Unit8200 (tasked with SIGINT and likely "cyberwar" duties) and thought to be responsible for Stuxnet has a large number of women[2]. I would imagine that some of them are quite skilled at breaking into networks.
GCHQ which is also considered quite good at network exploitation is more gender balanced than the tech community in the US. It is hard to determine from public sources how many women are involved in "hackish" activities at GCHQ.
"[women] comprise only 29% of new entrants to GCHQ" [3]
Mathematics is a big feeder to the Cryptologic world (as much of cryptography is math) and within the US math is much more gender balanced than engineering (between 40-50%[4]). It is often said that:
"In particular, the National Security Agency (NSA) is the largest employer of mathematicians in the United States, and perhaps the world. Among other things, the NSA needs mathematicians to help create and break codes, analyze intelligence data, and perform signal analysis"[5]. Anecdotally many academic cryptographers are female.
The Snowden documents show that at the NSA people move between jobs and duties learning new skills and sharing their current expertise. I would expect there are quite a few female cryptoanalysts who got interested in network exploitation especially given the enormous utility that mathematics and cryptanalysis can bring to the table.
[0]: http://www.wes.org.uk/statistics
[1]: http://www.paristechreview.com/2010/09/29/why-more-women-eng...
[2]: http://fortune.com/2015/06/25/women-israeli-army-tech-traini...
[3]: WOMEN IN THE UK INTELLIGENCE COMMUNITY: A report by the Intelligence and Security Committee of Parliament
[4]: https://www.maa.org/external_archive/columns/launchings/laun...
[5]: https://www.math.uh.edu/~tomforde/Web/Jobs.html
> Anecdotally many academic cryptographers are female.
Really? I feel like the prominent papers I read are largely by men. I have no hard stats, just my impression.
Really? I feel like the prominent papers I read are largely by men. I have no hard stats, just my impression.
A more reasonable and useful response would be to point out a counter-example.
https://en.m.wikipedia.org/wiki/Gigabyte_(virus_writer)
I don't know what "highest level" means, but I'm not convinced that Guccifer 2.0 is unusually skilled.
I don't know what "highest level" means, but I'm not convinced that Guccifer 2.0 is unusually skilled.
Debating the notion of who is a "hacker of the highest level" would be a silly waste of time and is totally subjective and unquantifiable.
Are important or highly talented programmers/engineers hackers (not this again)?
Is someone who writes clever exploits but doesn't break into networks a hacker?
What about a great social engineer with limited technical skills?
Or cryptologists?
In some of these categories the better you are the fewer people know you exist?
The very fact Juice2.0 brings it up reflects poorly on them (assuming this post isn't just disinformation which it could very well be).
Are important or highly talented programmers/engineers hackers (not this again)?
Is someone who writes clever exploits but doesn't break into networks a hacker?
What about a great social engineer with limited technical skills?
Or cryptologists?
In some of these categories the better you are the fewer people know you exist?
The very fact Juice2.0 brings it up reflects poorly on them (assuming this post isn't just disinformation which it could very well be).
"Someone made a statement that doesn't coincide with my worldview? Quick, move those goalposts!"
Can you point out a counter-example?
If you take this part, the references about Terminator and Rambo, and the complaints that Clinton 'didn't earn any money herself' (does he mean because she is was just the presidents wife?), and the admiration for Trump paint a pretty clear picture in my mind.
I agree with the others here that middle European mid-thirties sounds likely. I'll add single and frustrated -- because of the sexist comments. From what he wrote on this page, he seems to know just as much about the US elections as an average well informed European would know, so that part sounds plausible. Nothing here sounds like the work of a state actor; a solo script kiddie sounds like the best explanation. For some reason I believe almost everything in this FAQ; Occam's razor and all.
I agree with the others here that middle European mid-thirties sounds likely. I'll add single and frustrated -- because of the sexist comments. From what he wrote on this page, he seems to know just as much about the US elections as an average well informed European would know, so that part sounds plausible. Nothing here sounds like the work of a state actor; a solo script kiddie sounds like the best explanation. For some reason I believe almost everything in this FAQ; Occam's razor and all.
Besides the US no other country is so picky about "sexist" comments. This is a completely normal attitude in other cultures and not sexist at all (for them, might still be sexist for you).
It doesn't matter if you consider the comments 'sexist' or not; they just don't sound like they were made by someone in a happy relationship.
(Also, I'm not from the US)
(Also, I'm not from the US)
Yeah, he's an idiot or trolling. There's a few on this list... first Google result I found... that make him look positively amateur if we're talking likely skill required for results achieved:
http://www.computersciencedegreehub.com/10-notorious-female-...
A few are new to me for some reason (maybe memory loss). I particularly respect the ones from 80's-90's as one had to put more work into learning the craft back then. It was a combo of information scattered across BBS's plus lots of experimentation alone and in groups.
http://www.computersciencedegreehub.com/10-notorious-female-...
A few are new to me for some reason (maybe memory loss). I particularly respect the ones from 80's-90's as one had to put more work into learning the craft back then. It was a combo of information scattered across BBS's plus lots of experimentation alone and in groups.
Or he just never met any one of the list.
It's possible but his wording makes me think never looked is more accurate. A reasonable person deciding an issue like this might observe something like "all great hackers I've seen are men" but will do some research before saying "only men are great hackers." That he takes time to push the claim without one Google to test it suggests some form of bad character or judgment at play. ;)
Does it suggest anything? Aren't you the one making suggestions?
This isn't about Googling anything, he states he hasn't met any woman hackers at the highest level. Maybe prove that wrong or misguided instead of casting shade and suspicion that the man is a misogynist.
This isn't about Googling anything, he states he hasn't met any woman hackers at the highest level. Maybe prove that wrong or misguided instead of casting shade and suspicion that the man is a misogynist.
"You asked me several times if I’m a man or a woman. I’m a man. I’ve never met a female hacker of the highest level. Girls, don’t get offended, I love you."
I'll give you it's a bit ambiguous. Let's just say I've never seen anyone voluntarily bring up a point like that and reference skill level unless they are misogynist. There's three interpretations that jump out though:
1. He randomly volunteers that he's never met any women hackers who were also high talent. Without being asked about that. And without bias about whether they exist.
2. He egotistically thinks he's a very talented hacker of the highest level compared to most. He's hasn't met, heard of, or ever attempted to look up any talented women in hacking. (Unusual I'll add.) So, he reflexively says that out of surprise someone would make the mistake he could be a woman since those hackers either don't exist or aren't "highest level." Then drops the line common in sexist statements where (paraphrased) "Women are great in general but not at X."
Looks like either a pointless, sexist-looking thing to bring up or a reflection of a sexist mindset on topic of female hackers. I was leaning toward the latter. I'll leave this tangent for now to let others make up their mind on the statement. Nothing further we can glean with so little information.
I'll give you it's a bit ambiguous. Let's just say I've never seen anyone voluntarily bring up a point like that and reference skill level unless they are misogynist. There's three interpretations that jump out though:
1. He randomly volunteers that he's never met any women hackers who were also high talent. Without being asked about that. And without bias about whether they exist.
2. He egotistically thinks he's a very talented hacker of the highest level compared to most. He's hasn't met, heard of, or ever attempted to look up any talented women in hacking. (Unusual I'll add.) So, he reflexively says that out of surprise someone would make the mistake he could be a woman since those hackers either don't exist or aren't "highest level." Then drops the line common in sexist statements where (paraphrased) "Women are great in general but not at X."
Looks like either a pointless, sexist-looking thing to bring up or a reflection of a sexist mindset on topic of female hackers. I was leaning toward the latter. I'll leave this tangent for now to let others make up their mind on the statement. Nothing further we can glean with so little information.
>He randomly volunteers
Does he? Look at the way he phrases his 'response' to, "You asked me several times if I’m a man or a woman." We're not getting the full picture here. Maybe some of the people asking, "Are you a high-level female hacker?" He's possibly volunteering information from communication we aren't privy too.
>He's hasn't met, heard of, or ever attempted to look up any talented women in hacking. (Unusual I'll add.)
Is that unusual? Is this from your personal experience? What if he is not you?
> Then drops the line common in sexist statements
Once again he said no such thing. You can try to read between the lines here but there is only one line.
>Nothing further we can glean with so little information.
But you've made your opinions regardless.
Best of luck.
Does he? Look at the way he phrases his 'response' to, "You asked me several times if I’m a man or a woman." We're not getting the full picture here. Maybe some of the people asking, "Are you a high-level female hacker?" He's possibly volunteering information from communication we aren't privy too.
>He's hasn't met, heard of, or ever attempted to look up any talented women in hacking. (Unusual I'll add.)
Is that unusual? Is this from your personal experience? What if he is not you?
> Then drops the line common in sexist statements
Once again he said no such thing. You can try to read between the lines here but there is only one line.
>Nothing further we can glean with so little information.
But you've made your opinions regardless.
Best of luck.
> Opposite to her, Donald Trump has earned his money himself. And at least he is sincere in what he says. His position is straight and clear.
This must be satire...
This must be satire...
"Build a wall across the Mexican border and force the Mexican's to pay for it" is an extremely clear proposal, and it's been repeated often enough that I'm willing to believe that Mr. Trump sincerely believes it's what we should do.
That doesn't make it, y'know, actually feasible, or a remotely good idea even if it were.
That doesn't make it, y'know, actually feasible, or a remotely good idea even if it were.
It's hard to say -- one of Trump's surrogates called the Mexico border wall a "virtual wall" and suggested that we may "build[sic] a wall over some aspects of [the border]".
http://talkingpointsmemo.com/livewire/top-trump-surrogate-sa...
http://politicsnow.buffalonews.com/2016/05/17/trumps-promise...
That makes me think Trump doesn't have any particular policy preferences, or even enough understanding of the situation to make policy choices. Rather, he understands and can exploit anti-latino immigration sentiment.
http://talkingpointsmemo.com/livewire/top-trump-surrogate-sa...
http://politicsnow.buffalonews.com/2016/05/17/trumps-promise...
That makes me think Trump doesn't have any particular policy preferences, or even enough understanding of the situation to make policy choices. Rather, he understands and can exploit anti-latino immigration sentiment.
Is that an actual proposal of his? I would call "force the Mexicans to pay for it" anything but clear, hah.
Admittedly I have basically zero knowledge of either presidential bid, the "Donald Trump has earned his money himself" part was what really made me think this must be a joke.
Admittedly I have basically zero knowledge of either presidential bid, the "Donald Trump has earned his money himself" part was what really made me think this must be a joke.
> Is that an actual proposal of his?
Sadly, yes. https://www.donaldjtrump.com/positions/pay-for-the-wall
Sadly, yes. https://www.donaldjtrump.com/positions/pay-for-the-wall
The leverage to be used is to threaten to block remittances from Mexicans in the US back to their families. This makes up a large part of Mexico's economy. It could certainly work.
Guccifer 2.0 actually criticizes Trump on immigration in the very next line, though. So it's a pox on both the Clinton and the Trump houses.
Guccifer 2.0 actually criticizes Trump on immigration in the very next line, though. So it's a pox on both the Clinton and the Trump houses.
Blocking remittances is probably impossible. Even if you could shut down all the direct channels for money to flow from US nationals to Mexican nationals, which you can't, it's trivial to either send easily resellable goods like gift cards or to transmit the money to some third party in a neutral country who agrees to forward it on for a small fee.
Even if it were possible, blocking remittances is probably illegal under our free trade agreements with Mexico. Any attempt short of pulling out of NAFTA is all but guaranteed to be tied up in courts for years before it could possibly go into effect.
And even if it were legal, a huge disruption to trade is all but guaranteed to cost the economy vastly more than the cost of just doing it ourselves (even assuming we actually wanted to).
All of which is before you even consider the internal politics of getting the US congress to pass a bill in the first place, or of convincing the Mexican government to roll over and accept a huge insult without requiring anything in return.
There is essentially no realistic model under which "it could certainly work". It's a feel-good idea that falls apart with the smallest amount of critical analysis. It's a childish conception of international relations, and any attempt to actually implement it is all but guaranteed to both fail miserably and make absolutely everybody worse off in the process.
Even if it were possible, blocking remittances is probably illegal under our free trade agreements with Mexico. Any attempt short of pulling out of NAFTA is all but guaranteed to be tied up in courts for years before it could possibly go into effect.
And even if it were legal, a huge disruption to trade is all but guaranteed to cost the economy vastly more than the cost of just doing it ourselves (even assuming we actually wanted to).
All of which is before you even consider the internal politics of getting the US congress to pass a bill in the first place, or of convincing the Mexican government to roll over and accept a huge insult without requiring anything in return.
There is essentially no realistic model under which "it could certainly work". It's a feel-good idea that falls apart with the smallest amount of critical analysis. It's a childish conception of international relations, and any attempt to actually implement it is all but guaranteed to both fail miserably and make absolutely everybody worse off in the process.
You're not looking at this as part of a comprehensive policy. If you bypass normal remittances, you out of the frying pan and into the fire of processes that make your illegal status visible to the federal government through KYC and all the "soft" rules that are in place that track people that use gift cards, etc. If someone had the political will, it would be trivially easy to identify practically all illegal immigrants who operate in the country and use any mechanism to store or transfer money. You don't even have to be more "evil." The processes and information are all already in place. Just a man willing to use them would have to be placed into a position of power.
Even if you're legal, as soon as you bypassed the remittances law you probably committing half a dozen other crimes, that are easily tracked.
Regardless if this is a "good idea" or not, it is very, very feasible.
Even if you're legal, as soon as you bypassed the remittances law you probably committing half a dozen other crimes, that are easily tracked.
Regardless if this is a "good idea" or not, it is very, very feasible.
There's zero need to actually do it, just threatening it should be enough.
I was wondering about that. Trump inherited his money and built it up with plenty bankruptcies in the process. He's also terrible to employees. With that, I could see two positions for a hacker to take: opposing him as a fake in business and elite snob; respecting him as a fellow troll that hacks the business and legal systems for his own benefit. Not the claim he made, though.
This Twitter analysis on the FAQ is worth following: https://twitter.com/pwnallthethings/status/74848214296815616...
All guessing of course, but disagree with the insinuation it points to Russians still.
- Rambo is not just a lame attempt at sprinkling in an American cultural reference. It is exactly what an Easter European boy in his 30s would have been looking up to back in the day.
- Other than just Russian security services can find translators. English speaking / translating ability is not a rare, expert-only domain. Could have asked a friend.
I guess at the end of the day, nobody likes to be hacked by a random loner guy. It feels more validating to be targeted by KGB's successor. As it explains away the security failures -- "Well these people torture and kill, should be glad we only got hacked by them, could have been a lot worse ...".
- Rambo is not just a lame attempt at sprinkling in an American cultural reference. It is exactly what an Easter European boy in his 30s would have been looking up to back in the day.
- Other than just Russian security services can find translators. English speaking / translating ability is not a rare, expert-only domain. Could have asked a friend.
I guess at the end of the day, nobody likes to be hacked by a random loner guy. It feels more validating to be targeted by KGB's successor. As it explains away the security failures -- "Well these people torture and kill, should be glad we only got hacked by them, could have been a lot worse ...".
This guy is saying some really ridiculous things
For example: https://twitter.com/pwnallthethings/status/74852434881898905... No, not every fixed security issue gets a CVE. Not even 1% of them. This is why while auditing a target you'll try to get a copy of the software version they run, and any newer versions to identify patched bugs.
https://twitter.com/pwnallthethings/status/74852495484558131... There's really no inconsistency here, "non-public" generally means "not very well audited"
Why is it that .ru intelligence is even pegged as a likely candidate here? Literally nothing pointing towards them, you don't have to be an intelligence agency to pop some DNC boxes.
For example: https://twitter.com/pwnallthethings/status/74852434881898905... No, not every fixed security issue gets a CVE. Not even 1% of them. This is why while auditing a target you'll try to get a copy of the software version they run, and any newer versions to identify patched bugs.
https://twitter.com/pwnallthethings/status/74852495484558131... There's really no inconsistency here, "non-public" generally means "not very well audited"
Why is it that .ru intelligence is even pegged as a likely candidate here? Literally nothing pointing towards them, you don't have to be an intelligence agency to pop some DNC boxes.
That's mostly conjecture. No facts, just observations that might be true or not.
How does this square with the generally accepted view [1] it was the Russian security services?
[1] http://motherboard.vice.com/read/guccifer-20-is-likely-a-rus...
[1] http://motherboard.vice.com/read/guccifer-20-is-likely-a-rus...
I would look at the motive. State actors will use the information for economic and security benefit, not broadcast to the world. A guy who wants attention, to be thought of in the same vein as Assange and Snowden, will announce it to the world.
Plus, I think if the system was as easy to access (via $1.5k 0day hack purchased online, and was disabled via reboot on June 12th), then I think lots of other people had access, including state actors. I don't think they would announce it to the world, just quietly use the information.
Also, I don't think Guccifer wants to influence the election, as he seems to have an impoverished understanding of the facts. I think he just wants to show off.
As for a coverup? I don't think it would be as loud or as prolonged as this (Streisand effect). It seems there is even more forthcoming info, too.
Plus, I think if the system was as easy to access (via $1.5k 0day hack purchased online, and was disabled via reboot on June 12th), then I think lots of other people had access, including state actors. I don't think they would announce it to the world, just quietly use the information.
Also, I don't think Guccifer wants to influence the election, as he seems to have an impoverished understanding of the facts. I think he just wants to show off.
As for a coverup? I don't think it would be as loud or as prolonged as this (Streisand effect). It seems there is even more forthcoming info, too.
That article seems to be mostly speculation, though. Maybe Guccifer is a Russian, but not affiliated with the Russian government (aka Putin aka Ivan the Terrible).
But apparently this is The Cold War 2.0, and whenever Russians may be involved, this means that the Russian government is involved...
But apparently this is The Cold War 2.0, and whenever Russians may be involved, this means that the Russian government is involved...
It would appear that different people wrote different parts of this. The English goes from fluent to almost Google translatese ("inside the network to stay stealth.") in talking about the actual hack. This would suggest that an organization or at least multiple people were involved.
https://twitter.com/pwnallthethings/status/74848214296815616...
https://twitter.com/pwnallthethings/status/74848214296815616...
“Let’s spell this out,” Rid said. “We have a foreign intelligence agency that is picking sides, that is doing a sophisticated hack and influence operation in support of the presumptive nominee of the Republican Party in the US general elections. That’s craziness, if that’s actually the case.”
Yeah, having foreign intelligence agencies interfere in sovereign elections does suck.
Yeah, having foreign intelligence agencies interfere in sovereign elections does suck.
Some of do not agree with the generally accepted view.
https://medium.com/@jeffreycarr/the-dnc-breach-and-the-hijac...
I have this conversation with people often. They think I am an obnoxious IT guy, but I think we love reaching for convenient answers.
Both sides, lone wolf or Russian state sponsorship, I don't seem off. Both extremes are easy win for easily placated minds, so I worry when I feel myself just gravitating to them.
That being siad, it saddens me when reputable infosec people (by their own measure) use Medium. Haha.
https://medium.com/@jeffreycarr/the-dnc-breach-and-the-hijac...
I have this conversation with people often. They think I am an obnoxious IT guy, but I think we love reaching for convenient answers.
Both sides, lone wolf or Russian state sponsorship, I don't seem off. Both extremes are easy win for easily placated minds, so I worry when I feel myself just gravitating to them.
That being siad, it saddens me when reputable infosec people (by their own measure) use Medium. Haha.
I'm surprised at how many people are "trusting the client" here. Analyzing what is being said, as though any of it were the truth. As if the FSB couldn't type all this up just as easily as some thirty year old single guy from Moldova. Not only that, but this is so over the top ("I'm the best hacker ever!!!one") that I'm surprised people are taking it seriously. To me, this really just sounds like someone or some group of people trying to make themselves sound like a hacker, complete with hacker folk heroes like Snowden and Assange.
> As for me, I see great differences between Hillary Clinton and Donald Trump. Hillary seems so much false to me, she got all her money from political activities and lobbying, she is a slave of moguls, she is bought and sold. She never had to work hard and never risked everything she had. Her words don’t meet her actions. And her collision with the DNC turned the primaries into farce.
> Opposite to her, Donald Trump has earned his money himself. And at least he is sincere in what he says. His position is straight and clear.
So... good hacker. Crappy political commentator.
> Opposite to her, Donald Trump has earned his money himself. And at least he is sincere in what he says. His position is straight and clear.
So... good hacker. Crappy political commentator.
1) Compile a bunch of publicly available information into a large package and "leak" it. Call it a hack.
2) Call yourself Guccifer 2.0
3) Post a well-written-in-English FAQ that conveniently attacks Clinton with the same tired shit meanwhile praising Trump.
This is some extremely thinly veiled bullshit.
2) Call yourself Guccifer 2.0
3) Post a well-written-in-English FAQ that conveniently attacks Clinton with the same tired shit meanwhile praising Trump.
This is some extremely thinly veiled bullshit.
He definitely doesn't sing Trump's praises that much. In fact in the very next sentence he says he disagrees with him on some pretty key issues of his platform.
where exactly do you think these documents were public? the Clinton camp itself said they were hacked
I've wondered about this too. The documents leaked so far certainly don't have anything interesting.
Why do you expect anything else from him than just stating his own opinion?
Mine is roughly the same btw, for as much as I care.
Mine is roughly the same btw, for as much as I care.
Just to clear some facts... Trump inherited lots of money, some people argue that he barely made more than he would investing his inheritance in an index fund.
In addition, he frequently changes his opinion and is pretty much the opposite of "straight and clear", except of course for a few themes that he constantly champions ("ban Muslims", "build the wall", and a very underspecified "make American great again"), but e.g. he can't even make up his mind on how much the wall will cost.
(Don't take this comment as an endorsment of Hillary, she's most likely a liar and deplorable in so many ways, in addition her positions are very maleable, but make no mistake, Trump is no better. It really is a choice between a disaster and a catastrophe.)
In addition, he frequently changes his opinion and is pretty much the opposite of "straight and clear", except of course for a few themes that he constantly champions ("ban Muslims", "build the wall", and a very underspecified "make American great again"), but e.g. he can't even make up his mind on how much the wall will cost.
(Don't take this comment as an endorsment of Hillary, she's most likely a liar and deplorable in so many ways, in addition her positions are very maleable, but make no mistake, Trump is no better. It really is a choice between a disaster and a catastrophe.)
> Trump inherited lots of money, some people argue that he barely made more than he would investing his inheritance in an index fund.
True, but like all businesses in the economy his company has the distinction of actually participating in economic ventures to create wealth. Owning shares in the S&P500 isn't creating anything.
To me that's a clear difference that isn't considered enough. And let's not forget that most mutual funds themselves don't beat the S&P500, so a lot of investors don't even capture those returns.
True, but like all businesses in the economy his company has the distinction of actually participating in economic ventures to create wealth. Owning shares in the S&P500 isn't creating anything.
To me that's a clear difference that isn't considered enough. And let's not forget that most mutual funds themselves don't beat the S&P500, so a lot of investors don't even capture those returns.
> Trump inherited lots of money
Do you have a source for that? My understanding was that he received a $1MM loan from his Father after graduating business school.
Do you have a source for that? My understanding was that he received a $1MM loan from his Father after graduating business school.
His dad was worth ~$250M at the time of his death... Given the family dynamics, I'm assuming he didn't bequeath that wealth to charity.
https://www.washingtonpost.com/news/wonk/wp/2016/02/29/the-m...
Aside from the cash loans, he was made an executive in his father's real estate firm which owned a bunch of buildings in Manhattan.
His father would further help prevent his businesses from going bankrupt by illegally propping up Trump's NJ casino with a $3.5M gift in the 1990s:
http://articles.philly.com/1991-04-09/news/25780577_1_casino...
https://www.washingtonpost.com/news/wonk/wp/2016/02/29/the-m...
Aside from the cash loans, he was made an executive in his father's real estate firm which owned a bunch of buildings in Manhattan.
His father would further help prevent his businesses from going bankrupt by illegally propping up Trump's NJ casino with a $3.5M gift in the 1990s:
http://articles.philly.com/1991-04-09/news/25780577_1_casino...
No. Do you?
As I said, it's a contentious issue, plagued by bad data and deliberate misinformation. I doubt anyone knows the facts, not even Trump himself. But, Googling e.g. "trump wealth" brings up a few articles that discuss the source (and evolution) of his wealth.
As I said, it's a contentious issue, plagued by bad data and deliberate misinformation. I doubt anyone knows the facts, not even Trump himself. But, Googling e.g. "trump wealth" brings up a few articles that discuss the source (and evolution) of his wealth.
That's the only point I was trying to make. There is a lot of misinformation flying around on both sides and it's useful to know where the information came from so one can determine its veracity.
and then inherited 100's of M when his father died.
[deleted]
> just stating his own opinion
Yup. I'm just judging his opinion with my own opinion. Which is that he (and you) are wildly misreading those candidates if that's what you really believe about them.
Yup. I'm just judging his opinion with my own opinion. Which is that he (and you) are wildly misreading those candidates if that's what you really believe about them.
He's allowed to state his own opinion every bit as much as others are allowed to state their opinions that his is stupid.
This feels state-sponsored, perhaps a product of Russia. Catching my attention:
* Emphasis on disparaging Clinton is interesting as current Admin policy is decidedly (and effectively) counter to Russian interests.
* Referring to Intel community using the reverent European bureaucratic term "Special Services".
* The boastful lone hacker, but calls himself Guccifer 2.0. Obligatory reference to Lazar midway through the manifesto.
* Real political and security drama in the UK and Europe, but focuses on a comparatively boring Clinton campaign, dropping leaks just as a stumbling Trump campaign needs them the most - and all the while Trump, who is largely reviled in Europe, is praised in the FAQ.
I'd be amused to learn this was homegrown. I have the increasing sense the Clintons made more than their share of powerful enemies at home as I begin to read the "Crisis of Character" book.
* Emphasis on disparaging Clinton is interesting as current Admin policy is decidedly (and effectively) counter to Russian interests.
* Referring to Intel community using the reverent European bureaucratic term "Special Services".
* The boastful lone hacker, but calls himself Guccifer 2.0. Obligatory reference to Lazar midway through the manifesto.
* Real political and security drama in the UK and Europe, but focuses on a comparatively boring Clinton campaign, dropping leaks just as a stumbling Trump campaign needs them the most - and all the while Trump, who is largely reviled in Europe, is praised in the FAQ.
I'd be amused to learn this was homegrown. I have the increasing sense the Clintons made more than their share of powerful enemies at home as I begin to read the "Crisis of Character" book.
Who is Guccifer?
He's a hacker who perhaps most notably claimed to have hacked into Hillary Clinton's private email server.
https://en.wikipedia.org/wiki/Guccifer
https://en.wikipedia.org/wiki/Guccifer
Russian source just for fun: https://www.rt.com/usa/347681-guccifer-clinton-dnc-defense/
Hacker 'Guccifer 2.0' publishes DNC campaign docs with strategies for defending Clinton
The handle is a reference to https://en.wikipedia.org/wiki/Guccifer
Hacker 'Guccifer 2.0' publishes DNC campaign docs with strategies for defending Clinton
The handle is a reference to https://en.wikipedia.org/wiki/Guccifer
Yup, not buying it. Too cutesy, too impersonal, too obvious. This is a team effort. And not a very good one.
Maybe he used that style on purpose to mislead any adversaries?
What's he notable for?
This guy's writing reminds me of Bill Cipher uncomfortably.
This guy's writing reminds me of Bill Cipher uncomfortably.
A few things point to it:
* He thinks Moldova is part of Romania. That is a contentious issue. He mentioned it specifically. To do so, they'd have to care about it a bit. Doesn't like the Russians it seems, that hints to it as well.
* He listed possibilities about how someone could be a hacker not just be part of the Russian FSB -- working for a multi-national IT company.
* Age based on what he considers are typical "cool" role models for this age. He listed Rambo and Terminator -- those were the typical boys' role models growing up in the early 90s in Eastern Europe (especially ex-Soviet Union).
* Cares and knows about DNC and specific candidates. Guessing they are following the election process, so probably live in US or Canada.