Fullscreen
Loading...
 
Print

Stupidity

A good example of modern idiocy is provided by the failure of Democratic Party to secure their communications.

...Special Agent Adrian Hawkins of the Federal Bureau of Investigation called the Democratic National Committee in September 2015.... His message was brief, if alarming. At least one computer system belonging to the D.N.C. had been compromised by ... a cyberespionage team linked to the Russian government. ...
Yared Tamene, the tech-support contractor at the D.N.C. who fielded the call, was no expert in cyberattacks. ... By his own account, he did not look too hard even after Special Agent Hawkins called back repeatedly over the next several weeks — in part because he wasn’t certain the caller was a real F.B.I. agent and not an impostor.
“I had no way of differentiating the call I just received from a prank call,” Mr. Tamene wrote in an internal memo, obtained by The New York Times, that detailed his contact with the F.B.I.

It would not take much intelligence to think of calling the FBI to check whether the call was legitimate, but even such minimal smartness cannot be taken for granted among modern Americans.

Mr. Tamene, who reports to Mr. Brown [Andrew Brown, D.N.C. technology director] and fielded the call from the F.B.I. agent, was not a full-time D.N.C. employee; he works for a Chicago-based contracting firm called The MIS Department. He was left to figure out, largely on his own, how to respond — and even whether the man who had called in to the D.N.C. switchboard was really an F.B.I. agent. ...
...when Special Agent Hawkins called repeatedly in October, leaving voice mail messages for Mr. Tamene, urging him to call back, “I did not return his calls, as I had nothing to report,” Mr. Tamene explained in his memo.
In November, Special Agent Hawkins called with more ominous news. A D.N.C. computer was “calling home, where home meant Russia,” Mr. Tamene’s memo says, referring to software sending information to Moscow. “SA Hawkins added that the F.B.I. thinks that this calling home behavior could be the result of a state-sponsored attack.”
Mr. Brown knew that Mr. Tamene, who declined to comment, was fielding calls from the F.B.I. ...
Ms. Wasserman Schultz, then the D.N.C.’s chairwoman, and Amy Dacey, then its chief executive, said in interviews that neither of them was notified about the early reports that the committee’s system had likely been compromised.
Shawn Henry, who once led the F.B.I.’s cyber division and is now president of CrowdStrike Services, the cybersecurity firm retained by the D.N.C. in April, said he was baffled that the F.B.I. did not call a more senior official at the D.N.C. or send an agent in person to the party headquarters to try to force a more vigorous response.

“We are not talking about an office that is in the middle of the woods of Montana,” Mr. Henry said. “We are talking about an office that is half a mile from the F.B.I. office that is getting the notification.”

“This is not a mom-and-pop delicatessen or a local library. This is a critical piece of the U.S. infrastructure because it relates to our electoral process, our elected officials, our legislative process, our executive process,” he added. “To me it is a high-level, serious issue, and if after a couple of months you don’t see any results, somebody ought to raise that to a higher level.” ...

By March, Mr. Tamene and his team had met at least twice in person with the F.B.I. and concluded that Agent Hawkins was really a federal employee. But then the situation took a dire turn. ...

Billy Rinehart, a former D.N.C. regional field director who was then working for Mrs. Clinton’s campaign, got an odd email warning from Google.

“Someone just used your password to try to sign into your Google account,” the March 22 email said, adding that the sign-in attempt had occurred in Ukraine. “Google stopped this sign-in attempt. You should change your password immediately.”

Mr. Rinehart was in Hawaii at the time. He remembers checking his email at 4 a.m. for messages from East Coast associates. Without thinking much about the notification, he clicked on the “change password” button and half asleep, as best he can remember, he typed in a new password.
What he did not know until months later is that he had just given the Russian hackers access to his email account.
Hundreds of similar phishing emails were being sent to American political targets, including an identical email sent on March 19 to Mr. Podesta, chairman of the Clinton campaign. Given how many emails Mr. Podesta received through this personal email account, several aides also had access to it, and one of them noticed the warning email, sending it to a computer technician to make sure it was legitimate before anyone clicked on the “change password” button.

“This is a legitimate email,” Charles Delavan, a Clinton campaign aide, replied to another of Mr. Podesta’s aides, who had noticed the alert. “John needs to change his password immediately.”

With another click, a decade of emails that Mr. Podesta maintained in his Gmail account — a total of about 60,000 — were unlocked for the Russian hackers. Mr. Delavan, in an interview, said that his bad advice was a result of a typo: He knew this was a phishing attack, as the campaign was getting dozens of them. He said he had meant to type that it was an “illegitimate” email, an error that he said has plagued him ever since.
During this second wave, the hackers also gained access to the Democratic Congressional Campaign Committee, and then, through a virtual private network connection, to the main computer network of the D.N.C.

The F.B.I. observed this surge of activity as well, again reaching out to Mr. Tamene to warn him. Yet Mr. Tamene still saw no reason to be alarmed: He found copies of the phishing emails in the D.N.C.’s spam filter. But he had no reason, he said, to believe that the computer systems had been infiltrated. ...
The D.N.C. executives and their lawyer had their first formal meeting with senior F.B.I. officials in mid-June, nine months after the bureau’s first call to the tech-support contractor.


The incompetence of the D.N.C. in dealing with the threat of hacking, even after informed that it was occurring, might be taken to show that the Democrats lack the competence needed to lead America. On the other hand, the competence of the Republicans seems even more questionable. Mr. Trump is known for his frequent false statements. It is unclear to what extent they result from his not caring about truthfulness, and to what extent they reflect his being out of touch with reality.

While there’s no way to be certain of the ultimate impact of the hack, this much is clear: A low-cost, high-impact weapon that Russia had test-fired in elections from Ukraine to Europe was trained on the United States, with devastating effectiveness. ...
“There shouldn’t be any doubt in anybody’s mind,” Adm. Michael S. Rogers, the director of the National Security Agency and commander of United States Cyber Command, said at a postelection conference. “This was not something that was done casually, this was not something that was done by chance, this was not a target that was selected purely arbitrarily,” he said. “This was a conscious effort by a nation-state to attempt to achieve a specific effect.” ...
... Mr. Trump has rejected the findings of the intelligence agencies he will soon oversee as “ridiculous,” insisting that the hacker may be American, or Chinese, but that “they have no idea.”
- Eric Lipton, David Sanger, and Scott Shane, The Perfect Weapon: How Russian Cyberpower Invaded the U.S., NYT, Dec. 13, 2016


As a detailed account in The New York Times last Wednesday revealed, the D.N.C. had virtually no protections for its electronic systems, and Mrs. Clinton’s campaign chairman, John D. Podesta, had failed to sign up for the “two-factor authentication” on his Gmail account. Doing so probably would have foiled what Mr. Obama called a fairly primitive attack.
- David Sanger, Obama Confronts Complexity of Using a Mighty Cyberarsenal Against Russia, NYT, Dec. 17, 2016



Atlantic correspondent Franklin Foer comments that

our current spate of anarchists, populists and terrorists are so much less theoretically minded and articulate than their antique antecedents.
- FRANKLIN FOER, Apocalypse Now: What’s Behind the Volatile Mood of Today’s American — and European — Voters, NYT, FEB. 13, 2017


These investors, trade experts and government officials are still stunned by... Trump’s decision to tear up the 12-nation Trans-Pacific Partnership (TPP) free-trade deal in his first week in office — clearly without having read it or understanding its vast geo-economic implications.

(Trump was so ignorant about TPP that when he was asked about it in a campaign debate in November 2015 he suggested that China was part of it, which it very much is not.)

Trump simply threw away the single most valuable tool America had for shaping the geo-economic future of the region our way and for pressuring China to open its markets. ...

It is hard to think of anything more stupid.
- Thomas L. Friedman, Trump Is China’s Chump, NYT, JUNE 28, 2017


Over the weekend, Mr. McConnell made clear his unhappiness to the White House after a “super PAC” aligned with Mr. Trump started an ad campaign against Senator Dean Heller, Republican of Nevada, after he said last week that he opposed the health care bill.

The majority leader — already rankled by Mr. Trump’s tweets goading him to change Senate rules to scuttle Democratic filibusters — called the White House chief of staff, Reince Priebus, to complain that the attacks were “beyond stupid,” according to two Republicans with knowledge of the tense exchange.
- GLENN THRUSH and JONATHAN MARTIN, On Senate Health Bill, Trump Falters in the Closer’s Role, NYT, JUNE 27, 2017



It appears readers of the Times cannot be assumed to understand what is meant by the federal debt:

Gains in the market, which are pocketed by investors, do not directly reduce the federal debt, which is how much the government owes on its borrowings.
- JIM TANKERSLEY, Trump Makes Puzzling Claim That Rising Stock Market Erases Debt, NYT, OCT. 12, 2017


Show php error messages