The Intercept is a First Look Media Company.
Originally published on The Nib. Artwork by Joyce Rice, script by Micah Lee.
Micah Lee[email protected]theintercept.com@micahflee
If your bank or credit card company or retirement account manager sends you an email, you should NEVER click on it. Even an expert can be fooled. A valid URL can be changed so slightly that nobody would notice the change, but it does not go to your financial institution. It goes to a perfect copy of the real one. How hard is it to open a new tab and go straight to the real one?
Better advice: use a password manager.
If your browser saves your passwords, then it will only automatically fill them if you are visiting a legitimate website (i.e. a website you have previously trusted). So better advice would be:
1. Use your browser or a password manager to save your passwords.
2. If you ever see a login page that didn’t get automatically filled, ask yourself “is this fake?”
I knew an engineer and scuba diver in the early ’80s who went “spearfishing,” once a week for his seafood, on the coast between Monterey Bay and Pacifica, California. I used to enjoy surf-fishing the same stretch of waters then, but used steel leaders because of small shark and CA halibut teeth that cut right through my 12lb. test. Those are known Great White waters, and bow-hunting a polar bear’s food source right under its nose always seemed a bit nuts – to me. I mean, I’ve walked to the top of the upper Yosemite Falls trail but it never occurred to me someone would want to free-climb El Capitan.
Um, yeeaah, off topic. Sorry.
please create a cartoon and send it to the intercept to publish, i understand they are in the cartoon business now.
No, they’re now in the business of explaining complicated problems to lay people.
why they’re pushing this propaganda instead of doing that is not clear to me.
A guy(?) that picks the most untrustworthy character as a personal screen name is actually not as bad as the cartoonist that imbeds evidenceless McCarthyist propaganda bytes into an otherwise excellent piece. Propaganda works best when surrounded by truth. The truthiness hypnotises our ‘go along to get along’ social minds into swallowing the whole package!
Was it not the Intercept’s fault that Reality Winner has discovered to be the whistleblower? My recollection is that when the NSA contacted them, the Intercept (inexplicably) gave them a Xerox copy of the actual document they had received anonymously by snail mail. From this copy, the feds were able to trace it back to Winner’s computer.
I’m still waiting the the Intercept, and it principals, to both apologize and set up some fund to help her with her legal bills, etc. If someone could clarify this situation, I would apprciate it.
Thanks for reaching out, George. You can find more information here: https://theintercept.com/2017/07/11/first-look-to-support-defense-of-reality-winner-in-espionage-act-prosecution/
Thank you Travis! That link is very helpful and a relief to read. It may be helpful to have this link be part of articles re: Winner for people like me who missed it. Thanks again!
Reality Winner is NOT a whistle-blower.
A whistle-blower is a person who dares to show improper/unethical
behavior on the part of their employer.
Winner was accused of pushing the approved message of her employer
Her alleged actions were in support of the NSA’s unsubstantiated
allegations about Russia.
She did NOT have a problem with the NSA interpretation of the story.
She is accused of improperly distributing “secret” information,
NOT challenging the program’s agenda.
To call her a whistle-blower is an insult to real whistle-blowers.
Her eagerness and the eagerness of the Intercept are very problematic
because both are being used to make real whistle-blowers hesitate.
The document that Reality Winner is accused of leaking to press is very much in the public interest. But NSA has kept it, and other relevant information, secret from the public. This makes her a whistleblower.
The purpose of the supposed “leak” by Winner was to support the
unsubstantiated assessment of Russian involvement.
There was NO proof of the Russian government being involved
in the leak of the DNC corruption in anything presented by the NSA or
by their employee – Winner – or by any other gallery of spooks.
“High confidence” is not proof of anything beyond hubris and Winner is
accused of trying to promote the same rumors as her employers
without their permission.
Whatever your definition of “public interest” is, it does not
make her a whistle-blower and your cartoonish manipulating
is a great disservice to the public because it reinforces a
manipulative rumor as if it is a fact.
The document Reality Winner is accused of leaking has nothing to do with the DNC or Clinton emails. It described a spearphishing campaign against the election company VR Systems to steal Google login credentials of employees. It also describers the same attackers sending an additional 122 emails to state voter registration systems, this time with a malicious attachment aimed at hacking computers of election workers who open them. NSA attributes that attack to Russian military intelligence. Here is the source document. Why do you insist that this has something to do with the DNC or Hillary Clinton?
The other spearphishing attack described in the comic is about John Podesta. What we definitely know, from Podesta’s emails themselves, is that his account was compromised by spearphishing. We know which email tricked him, and that the malicious Bitly link redirected to a URL that included his email address. The same Bitly account included malicious links for almost 4000 other accounts, including other DNC/Clinton related email addresses. The fact that it was a bulk attack against thousands of targets confirms that it was a professional spearphishing campaign, not just a one-off thing. But… when did we say that Russia was definitely behind that attack?
The other spearphishing attack described in the comic is about John Podesta. What we definitely know, from Podesta’s emails themselves, is that his account was compromised by spearphishing.
without the implication that this and all the rest somehow cost clinton the presidency, the whole issue of russian cyber activity in regards to Podesta and these election officials is a big “so what”
and the big takeaway is: scary people use tricky exploit screens to ask for your login credentials
really? in 2017?
I hope the big takeaway for this comic is: “Oh wow that’s how spearphishing works? I’m glad there are things I can do to protect myself from it, like get a U2F security token and be more cautious when dealing with email attachments.”
I’m glad there are things I can do to protect myself from it, like get a U2F security token and be more cautious when dealing with email attachments.”
so you can protect your email account by introducing a malware vector?
“[U]nsubstantiated allegations about Russia..” Really, Comrade Troll?
You make disparaging remarks about someone who states the truth
because you can’t face the truth and you obviously need to be
within the liberal hall of mirrors in order to not face the reality of
your own corruption.
Clark, I understand where you are coming from on Reality Winner, but I think you have to judge a whistleblower according to their intentions rather than the quality of the information they leak.
I don’t see any reason to doubt Reality Winner was completely sincere in her actions – ie she was just naive. And even if the information that is leaked is completely tainted, it doesn’t mean it is without value. That NSA document was having a real effect behind the scenes, when Winner leaked it she enable it to be assessed by a wider audience and to see just how weak the claims are.
Take the claim the Russians were phishing with this email address:
That is prime gmail namespace there. Is it really possible the Russians were using that gmail address for years and not one person complained to Gmail to get the account deactivated?
Or was the account purposefully reactivated by Google at the request of the FBI in the wake of the DNC leaks? We can only make those assessments because of Reality Winner’s leak.
BTW, can I recommend you read Hacked by Donna Brazile? She reveals far more than she intended, I think. Particularly about wiping all the DNC servers and the parts where the FBI try to convince her the Russians are trying to poison her dog are unintentionally hilarious
I should add the prime gmail namespace was
“no reply automatic service” @ gmail dot com – written as an email address for some reason appears to be caught by TheIntercept’s software.
How come that name is left lying around for the Russians to pick up after years and years of gmail service and I have to use Sean_Lamb12q for my gmail address?
Just want to quickly point out that the document Reality Winner is accused of leaking has nothing to do with the DNC at all. It’s about a hacking attempt (follow-up reporting claims a successful one) to compromise US voting infrastructure on the state level.
There is no reason, other than confirmation bias, to believe that the NSA document is “tainted”, or that there was any political motivations behind writing it. It was top secret intelligence analysis describing an election-related attack that they had observed. They never intended for it to be public.
The document also doesn’t say that Russians were using the email address [email protected] “for years”. It says that the attackers sent emails from that Gmail account to seven VR Systems email addresses on August 24, 2016 (three of the emails bounced, and four were successfully delivered). I would imagine that the attackers most likely created that Gmail account shortly before sending those emails, and then abandoned it when they were done.
“I would imagine that the attackers most likely created that Gmail account shortly before sending those emails, and then abandoned it when they were done.”
If only we had something more solid to go on than your admirable imagination.
I am not entirely sure if you know how Gmail works. Why not go and create an account MLee at Gmail and see for yourself?
yes they haven’t been substantiated. so many of the dinos take ever so naturally to mccarthyism, like ducks to water.
You’re entitled to your opinion, of course, but the sincerity of your beliefs does not elevate them to facts. Her intention was to bring attention to a program that she found ran counter to our constitutional guarantees and now she’s looking at an extended period of incarceration as a result. Sounds pretty courageous to me and qualifies as whistle blowing. Your comment adds nothing to the discussion. Please clarify.
“Our constitutional guarantees”
In the Corporate owned-Patriot Act-Authorization to use Military Force-
faking U$A, the “constitutional guarantees” are determined
on a case by case basis and human rights are not a big moneymaker
and making money is the primary goal for the fascist democrats and
Winner’s intention was to support the we-need-to-blame-Russia scam
and the Intercept hack writers were overly eager participants who
put their own desperate cocky delusions over their
Why are you using John Podesta’s email as an example? Are you defending Podesta’s right to privacy. He is a public figure. I’m glad his account was hacked. Crucial to see the corrupt Democrats in real time.
The spearphishing attack against Podesta is the most prominent and publicly scrutinized example of spearphishing that I’m aware of, which makes it a perfect example to teach from. This is largely because Wikileaks published all of his email, including the spearphishing email itself that included the malicious Bitly link, and the emails back and forth to his IT person who told him it was a “legitimate email.” The comic didn’t comment on if this specific attack was good or this was bad — it just gave instructions on how to prevent this from happening to you.
Oh come on! The lack of a specific ‘comment’ on whether the phishing attack against Podesta was good or bad? ? ? . . .
Of course the blatant implication is that it was not just illegal, but extremely bad for our system (that assumes that despite controlling much of the world, only Americans are allowed to steal American elections.) It is being used propagandistically in this comic ultimately designed to ‘save the free world’ from an evil (no longer communistic) Russky invasion of all we hold dear, like the highly expected election of Podesta’s boss, Hillary Clinton. Along with Trump, she’s one of the two most distrusted and despised presidential candidates, ever. It furthers the extremely weak argument being put forth by our Intelligence trained liars-in-chief, that Clinton couldn’t have lost without Russia and WikiLeaks illegally conspiring with Trump to steal the election from HER. And this phishing illegality includes this alleged accurate passing on to WikiLeaks the alleged fruits Russian Intelligence phishing of Podesta’s campaign (business, not private) email that shows her stealing the Primary with the illegal aid of the DNC from Sanders.
Only now, we also additionally know from Donna Brazile, (who previously conspired to pass secret debate questions to Hillary Clinton while working for CNN) that the DNC entered an illegal contract with HillaryPAC to sell/enslave itself completely to her during the Primary. This gave her Primary campaign control over the DNC’s messaging, hiring and payments and also allowed her to illegally increase the magnitude of donation size she could take from her wealthyist individual doners able to max out in each individual state.
On Reality Winner
Many people seem to accept the unwarranted characterization of
Reality winner as a “whistle-blower” when the truth is that the
information which she is accused of promoting/distributing is
not a revelation of anything which runs against the propaganda
which the agency she worked for wanted to promote.
She is accused of criminality because she supposedly overstepped
her job duties in an effort to promote the same story which
her agency is promoting. She supposedly lacked permission and she was
supposedly overzealous in her efforts. There is nothing so far which
indicates that the released information runs against the agenda of
her employer. That is hardly indicative of a whistle-blower.
It is just as likely that the actions she is accused of taking are a threat
to “security” because there may be something in what she supposedly
distributed without the approval of her bosses which could
lead to the whole story unraveling because it might contain
something which shows how the story
The most likely interpretation is that this is possibly another
manufactured story which is intended to send a message to any real
whistle-blowers in order to fill them with fear and stop any real leaks.
Reality Winner’s case may be a manufactured product which she
misguidedly sees as her patriotic duty.
Whatever the truth may be, we are NOT allowed access because we
are all seen as individual threats to “security” and that “security”
depends upon increasing hostility toward Russia at this time.
The Intercept is loaded with people who are trying to promote
the same messages as the NSA.
Perhaps “Intercept”ing stories is the same as derailing the
possibility of real progress. This is a corporately controlled site,
no matter how they pretend otherwise. Is Glenn Greenwald just a
shiny bait for us suckers?
The NSA’s analysis concludes that the hacking attack against VR Systems and local election systems was conducted by Russia’s GRU. This may or may not be true — maybe the analyst misinterpreted the raw data they collected (which The Intercept never received). But in any case, what the document confirms is that 1) these attacks actually happened during the 2016 election, and 2) NSA actually believes that Russia is the culprit — it’s not just what they say in public, it’s also what they believe in private.
All I get from your response is that you sound as if you are
rather cozy with the NSA. If you are on such intimate terms with
members of the NSA, perhaps you could ask them for some
to back up their unsubstantiated allegations. You know, something
NOT just based on “high confidence”, but maybe some facts.
I was phished by a cartoon. The Russian bit was as annoying as it was clever. What IF a Russian authored this clever forgery of helpful advice. Damn you liberals!
Sorry, no cartoons at this linked article, but you can read what a grownup, and technical expert, William Binney, has to say.
Top NSA Whistleblower Claims “Russiagate” A Fake To Increase War-Spending
Click this link unless you are afraid of what you will find.
This post paid for in rubles.
Think about an entity, with access to Facebook’s data, custom tailoring individually targeted ad campaigns for every voter that could possibly swing the election, promising the moon if they vote for their guy and gloom and doom for all other choices.
Keep on living in the free world.
im thinking about the clinton campaign. but they still lost, despite spending many, many times what the russians are alleged to have spent. at least we have the emails so we can make an informed choice, i’m grateful to whichever staffer leaked this.
Are you looking for sympathy or to be laughed at?
When you have lost your sense of proportion you are on your way to the deep end psychologically.
This Facebook ad hysteria is the sound of the spoon hitting the bottom of the barrel. Like in Iraq when the search for WMD came up empty the NYT later told us about the residue found on shells fired during the 1980’s Iran-Iraq war. The NYT had hit the bottom of the barrel as far as evidence of WMD, but they could still generate articles for the unwary to read.
Bottom of the barrel. You have hit it with your “Russian Facebook ads” Get a grip and a sense of proportion.
And why for heaven’s sake do you reference the NYT? Don’t you value credibility? The NYT is a well known source for swamp gas.
Educate yourself about click-bait that is Moldovian, Ukrainian, Canadian, Russian or otherwise:
Thank you for this I’m going to get a key. PSA cartoon, more useful than reading about it
The six year olds, to whom this comic is targeted, could be misled in a number of ways. For example: ‘Reality has plead innocent’. In the US, that would be ‘pled’ and in the UK, it would be ‘pleaded’. Also, in law, there is no option to plead innocent; the choices are guilty or not guilty (or ‘no contest’, which is functionally equivalent to pleading guilty). So the comic may confuse its target audience about grammar, and then confuse them about law. I agree with omitting any suggestion that the NSA’s claims might not be 100% reliable – that would really risk confusing the target audience. What confuses me is why the authors thought that citing the case of Reality Winner would enhance the credibility of The Intercept in general, or this comic strip in particular. The Intercept really needs to improve its propaganda.
The reason the Intercept has to mention Reality Winner is for completion. If they leave her out, the howling voices of the mob (Doug and Mona in particular) will accuse them of not being transparent.
I enjoyed this comic format, as well as its overall message. That said, the decision to include the Reality Winner fiasco, along a contested Intel community message alleging Russian responsibility was really not needed. Worse, it muddied the waters, taking away from what the premise of the writings is supposed to be about:
HOW TO PROTECT YOURSELF AGAINST SPEARPHISHING.
Keep it simple…
Why do you assume the cartoon’s purpose is helpful information, not an effective vehicle for propaganda?
Not sure why you choose to assume this was drawn for good email safety tips rather than specifically as a convincing vehicle for propaganda?
Really? You believe this was designed for healthy email tips and not as a vehicle for propaganda?
Sorry for the repeats. TheIntercept.com was incredibly slow!
* The IT person says he meant to type “not a legitimate email, ” but accidentally left out the word “not.”
Poor thing. Is it true that organizations like CIA, pentagon, NSA etc, more or less self-organize their own agenda, which may be quite independent of what policymakers want, in that case not an easy task to know if NOT should be in or out :^)
This “journalistic” outlet just gets more hilarious by the day. Yet another piece universally outed by all commenters as propagandist hogwash! I love it!! You guys are too much.
Are you proud of yourselves? Do you really see yourselves as experts in…anything?? (Being astute in swallowing and regurgitating misinformation from our government and other media whores doesn’t count.)
the narrative here at The Intercept is that IC cannot really be trusted with our cell phone data, cannot be trusted to facilitate transparency regarding the military when it concerns the democratic process, and in general cannot be trusted to tell the truth at all
except when it comes to sourcing russian cyber attacks
remember: we need to be careful with our email credentials, and with access to a small number of random points on the “election infrastructure”
because the outcome had been determined by almost all polling organizations
just one week before the presidential election
Cartoons of the Deep State. Well executed. Interesting transformation from word play portraying Russians as unseen malevolent underwater divers. It was been my contention for awhile that much of the attacks on Russians mimic not the imagery of 1950s McCarythism, but of German Nazi (you know, the real ones) propaganda about the world Jewish conspiracy to destroy Germany and undermine western civilization.
In Nazi propaganda, the Jews (actually might say the “Judeo-Russian Bolsheviks) operates hidden and behind the scenes. In a famous poster they are behind curtains manipulating shit. Now, in the one panel they creep up on obstentious the American multi-racial Volk.
Cute cartoons are supposed to make us buy the narrative..?
Is this HoffPo or TI ?
This comic describes what happened in two recent, prominent, spearphishing attacks, and what users can do to defend themselves against similar attacks. It’s not intended to sell any narratives.
Thank you and I found it very informative, easy to understand. So I sent it to all of my non-tech friends!
So, it is NOT a FACT that Guccifer 2.0 is even the source of the Podesta e-mails.
If all your (and even VIPS) analysis is based on metadata from Guccifer 2’s hacked/leaked data, and it’s NOT the source of Wikileaks Podesta dump, nothing you print about the Guccifer 2.0 information is anything but conjecture. So since not ONE reporter will even MENTION, let alone investigate, Seth Rich or Imran Awan as the possible source, I take this for the cartoon propaganda it obviously is.
Again, a timeline of all this hack/leak stuff in timeline form has yet to be published by The Intercept. Here is the only one that exists. Fascinating stuff:
**Fact: Some of the documents Guccifer 2.0 released to the media appear to be forgeries cobbled together from public information and previous hacks, which had been salted with disinformation. Wikipedia
The documents that could be “authenticated” (I use the term lightly) appear to be donor lists, TARP funds, $ donor lists, and Clinton Foundation materials– which COULD have been obtained from NGP Van, ( which is) THE software: voter/donor marketing company that works exclusively with DNC. Interesting stuff, but NOT related to Podesta e-mails. There isn’t any copies of e-mails in any of this info, except a mention of e-mails FROM Guccifer 2 to THE HILL, a known Establishment Democratic bias “news” (PR) agency. Any analysis by Crowdsource should also be DISCOUNTED. They are a privately hired smoke screen to keep Gov’t and Public scrutiny on lockout.
I think this headline was tantamount to click- bait to advance an agenda. Sad to see it happening more and more here at TI.
IF you and your cartoonist believe that
“this comic describes what happened”
with the DNC e-mails and you and your cartoonist believe that there
has been proof of Russian government involvement, then I can only
conclude that you lack journalistic ability beyond what is to be found
at any number of lousy MSM locations of propaganda.
IF you do not really believe what you are promoting, then you are also
no better than the phony manipulators at any other corporate
controlled MSM site.
“High Confidence” on the part of dubious agencies
– which is the basis of your assertion regarding the leaked e-mails –
is not proof
unless you are desperately dimwitted, religiously subservient,
or arrogantly manipulative.
at least the intercept allows comments on the articles in which they lie to us, the guardian (and, i’ve read, the post and the times) quite often does not. so the lies get exposed, again. or maybe the intercept just needs more practice at the propaganda business.
Nice try, Mr. Lee. But TI readers know Julian Assange revealed US security agencies possess spy tools to leave false attribution. Georgia caught them red-handed:
“Georgia’s secretary of state says the state was hit with an attempted hack of its voter registration database from an IP address linked to the federal Department of Homeland Security. The allegation by Georgia Secretary of State Brian Kemp is one of the more bizarre charges to come up in the recent spate of alarms about voting-system hacks. He said in a Facebook post on Thursday that he had been made aware of the failed attempt to breach the firewall protecting Georgia’s voter registration database. The attack was traced to an Internet Protocol address associated with DHS, he said. ]This morning I sent a letter to DHS Secretary Jeh Johnson demanding to know why,’” he said in the post.
Let me understand this. They do not know, they only suspect. They have a suspect but she pleads innocent. ???? Yet, this article sees fit to point out she may face up to 10 years in jail? I think you might have left that blank. She hasn’t been tried yet. I am a senior who is not computer saavy but I must say Intercept lately you have me disturbed for more than a few reasons. You are beginning to look a lot like mainstream news.
The Intercept deleted my comment and link to a PC World article entitled: Georgia says it’s traced an attempted voter hack to the Department of Homeland Security. “Georgia Secretary of State Brian Kemp alleges that he had been made aware of the failed attempt to breach the firewall protecting Georgia’s voter registration database. The attack was traced to an Internet Protocol address associated with DHS, he said, “This morning I sent a letter to DHS Secretary Jeh Johnson demanding to know why,”
The intercept readers likely remember that WikiLeaks revealed that DHS does indeed possess tools designed to leave a false attribution trail
This article is another piece of rotten bait from the Intercept branch
of the DNC.
What this manipulating cartoon is designed to do is –
#1. Make you BELIEVE there is definite proof of Russian malfeasance
when no real evidence of such has been presented.
#2. Make you BELIEVE that accepting an unproven assumption is
a form of “intelligence.”
#3. Get you to IGNORE the facts which were displayed in the Podesta
e-mails and make you think the NSA is trustworthy.
The truth is that this cartoon is just one more example of how
the democrats and the republicans share the same techniques
of using assumptions and misrepresentations as if they are facts
while portraying predatory spooks and spies as if they are
honorable and trustworthy when they manipulate your perceptions.
Agree with your general cautionary outlook but no one is trying to make you believe anything! Anyone who would communicate serious stuff in a cartoon? Yes, DemsandReps use the same tactics, but there is nothing here to believe except the us are really fools.
See, nobody cares about the Russians, it is a relatively unencumbered area to set up shop. No more, no less. Yep, there are some rusky wheelersanddealers who make offers, but it ends up going no where at the end of the day.
Everyone knows that the content of the emails were real, or everyone would have stepped up and said “this not that” waiving some printouts.
Definitely no cic material!
“Nobody cares about the Russians, …”
That is one of the most delusional statements I’ve read. It is right up
(or down) there with “No one is trying to make you believe anything.”
Awash in propaganda and you claim there is none.
Strictly speaking it wasn’t Podesta, but one of his aides (still, I expect it wasn’t her fault)
Only 4000 gmail accounts have been released – or rather released to approved persons in the cyber-security industry – not to the rest of us common slobs.
But is is possible that these 4000 accounts are simply a fraction of a far more systematic operation that was going on and there was no particular targeting. Suppose you successfully phish John Podesta – what is your next step? You extract all the gmail addresses from his account and see if you can phish them also. If which case although it might look like you were targeting the democrats, you aren’t really. You were targeting all the people who had emailed that particular sap.
If this was a smaller part of a larger operation then the most likely culprit are Pakistanis (or Indians) rather than Russians. You need to have good English skills in order leverage the information an email account contains and the patience for long waits between significant paydays.
Also in the immediate aftermath of the Podesta phish, the life of DNC IT worker Imran Awan suddenly took a distinct turn for the worse. I suspect the two may not be unrelated.
The main thing to avoid is a spy-friendly infrastructure. I mean, if a computer is meant to protect your privacy, its webcam will come with a built-in sliding cover that no software can hack an image through. It will come with a microphone you can unplug so you know you aren’t on tape except when you want to be.
Do you find you’re not being offered such computers? Then believe that they are a spy-friendly infrastructure, all of them, and that the “computer science” behind them has become a corrupt science! If even the most basic security precautions aren’t available, things any idiot can see would be a great thing, then you can count on them all being hacked already. The only question is by who.
Don’t be afraid.
A man who cannot testify because he was murdered by wicked Hillary Clinton gave Podesta’s emails to Wikileaks because he didn’t like the way Bernie Sanders was treated by the Benghazi loving, war mongering, Deep State candidate Hillary Clinton.
The Russians are innocent. They would never do anything so nefarious. Only McCarthyites would believe that. The mere accusation of hacking hurts Vladmir’s feelings according to the incredibly perceptive Donald Trump.
Furthermore, the Internet Research Agency doesn’t exist — has never existed. And even if it did exist, it’s not in St. Petersburg which everyone knows is south of Georgia in Florida and not in Russia.
Try to be more skeptical.
How can these authors perpetuate the fake Russia scare while simultaneously worshiping money man John Podesta? The Podesta Group, founded by John Podesta, took money from Russia’s largest bank, Sherbank, just last year, to lobby for a lessening of sanctions:
Just like with Snowden who, in effect, founded this site, it is good someone stole Podesta’s emails. It revealed his constant attacks to bully and censor the media:
“I have become a hack. I will send you the whole section that pertains to you. Please don’t share or tell anyone I did this.”
– NYT Writer Glenn Thrush to John Podesta
Greenwald really needs to leave the Intercept; the cognitive dissonance and epistemic closure here is deafening. Why does he stay?
“I Look forward to working with you to elect the first woman President of the United States,”
– Facebook COO Sheryl Sandberg to John Podesta
The joke being Russians are fish.
Well hahahaha for all lying to the Americans and moving all your production overseas— now the whole world knows your secrets. Copyrights? Yea, go4it (;-)
Joyce, Micah – great article. In the panel with the “Free Fish Food” sign, I believe you intended the text to read “spy on you with” not “spy on your with.”
Such fine IT work, too bad they “happen” to leave out the word NOT…… come folks.
Oops I left out the word “on” my bad.
these masters of the universe political types can’t be bothered to grasp the difference between http and https
so this is an area where the techno-elves must protect and serve
which is difficult when a political campaign shows wanton arrogance and stupidity
I don’t know if you’ve seen the public service announcement type ad where the father catches his daughter sneaking out her bedroom window, a poster unfurl with the words ‘I’m going to the library’ highlighted with glitter, then various other spectacular or eye-catching things (And two mime artists) get added. The point of the piece is that a lie, no matter how spectacularly presented, is still a lie. And when I hit the lie that using TOR exit nodes is proof of Russian involvement, well, somehow that panel acquired a couple of mimes to my eyes.
so whoever did this was a “pro” who didn’t need or have much technical expertise. and then the article cites nsa assertions as matters of fact. thanks ever so much.
Not all phishing attacks need to be technically sophisticated — for example, the Trump administration officials who fell for fake emails from the “email prankster” didn’t need anything very complicated or sophisticated. That’s because the phisher was just impersonating someone else and asking questions, not actually attempting to steal credentials or hack computers.
The Podesta spearphishing attack, like any successfully attack against Google accounts, was very technically sophisticated. It required infrastructure to host the phishing page, enough web development skills to make it look accurate and even use Podesta’s real Google profile image. But more importantly, they did this at scale. It was automated, attacking thousands of separate targets, and using bit.ly’s API.
The other spearphishing attack against election company VR Systems specifically says, “According to a TOP SECRET National Security Agency document” — it doesn’t state that Russia was definitely responsible, but rather than the NSA analyst who wrote the report (who was writing an internal, top secret report, not for public consumption) believes that Russia was definitely responsible. (But also, despite the US government’s ridiculous policy of not publishing any evidence to support their claims, leaked top secret evidence like this, and other public evidence, confirms that Russia was most certainly responsible for at least these two attacks.)
no, it confirms nothing. a selectively leaked document about what an anonymous nsa analyst believed is as worthless as the dump truck drawings of colin powell.
The Podest spearphishing attack? You need to do another article to make dumb people like myself understand how you know Podesta e-mails and the Guccifer 2.0 admission are in any way related to one another! What proof do we have, unimpeachable proof that Guccifer’s admission is anything other than something an NSA/CIA group could put together.
From The Intercept:
HERE’S THE PUBLIC EVIDENCE RUSSIA HACKED THE DNC—-ITS NOT ENOUGH by Sam Biddle
end of story as we know it….
(get on requesting that laptop from SETH RICH
I appreciate what the “How To protect yourself against spearphishing” article is trying to do. But it offers BAD advice. The “From:” field is trivial to spoof so can not be trusted. Also Never click a link in an E-mail. Always manually launch your browser and navigate to the site. VirusTotal often has a VERY high miss rate. Better to say “never open any attachement that you were not expecting.” or better still refuse to accept files by e-mail. Arrange to use one of the many other ways of sending files with people the need to send them to you.
I Understand that this is aimed at the “Average User” but people should really take a day and learn to read the headers in the e-mail source. It isn’t that difficult and is the best way to identify where an e-mail came from. If your e-mail program can not display the raw e-mail source then scrap it because it’s a bad e-mail program.
Also not mentioned. If an e-mail has alarming content “Your account will be canceled”, “Pay Now”, etc. Take a moment. Step away from the computer or put the phone down. Let the fear reaction that these email rely on subside. People make poor decisions when in such a state and simply taking a moment to let that initial anxiety pass. Get Calm and level headed before proceeding.
I agree that the advice is flawed. It also left out an other excellent defense: a Chromebook. There are no malicious email attachments that will hack a Chromebook. Your suggestions are valid, but probably too much for non-techies. Using a Chromebook is an easier thing for non-techies to do.
As the comic explained, there are 3 main types of phishing: scams, account credential stealing, and hacking your computer. Chromebooks are still 100% vulnerable to scams and account credential stealing. And, while Chrome OS protects you more than many other systems against malicious email attachments, it can’t protect you if the attacker uses a Chrome OS exploit that you’re vulnerable to. Using a Chromebook is a good idea in many cases, but it isn’t a magic solution to phishing.
You have been speared by The Intercept.
They said they would “protect you”, but they speared you with McCarthyism.
This articlecomic implies that spearphishing exploits the biggest flaw in any security system: the user. This blame the victim approach may have had merit in the twentieth century, but not in this century. If the dastardly Russians, as this article states, based on the reliable assessments of the NSA, are phishing the accounts of naive political operatives such as John Podesta – they should be held accountable and punished. I don’t know what percentage of phishing attacks originate from Russia, but based on this articlecomic, it appears to be virtually all of them.
From the advice given in this article, I conclude that the NSA has now compromised 2FA security keys, Google Drive and VirusTotal.com. But perhaps I am being overly skeptical.
If so, this would be the first time.
>But perhaps I am being overly skeptical.
I have ‘air-gaped’* this articlecomic’s URL . .. just to be sure.
the russians wanted to elect trump, so we know the phishing attacks came from them
and everyone knows that russian CyBerZ is one of the most powerful tools in the toolbox for influencing elections
so the appearance of russian hackers in this election was no surprise … with no remorse we can say that this clear and present danger from the cardinal of the kremlin will see full force and effect from our threat vector
The Russians so preferred Trump to Hillary-take-our- uranium-ore-Clinton, that they spent a whopping $200 thousand bucks on Facebook ads to help Donald to swing the election, while giving millions to the Clinton Foundation. Makes perfect sense the Kremlin preferred Trump – not!
Ruh-roh, what’s this NY Times article say?
“As the Russians gradually assumed control of Uranium One in three separate transactions from 2009 to 2013, Canadian records show, a flow of cash made its way to the Clinton Foundation. Uranium One’s chairman used his family foundation to make four donations totaling $2.35 million. Those contributions were not publicly disclosed by the Clintons, despite an agreement Mrs. Clinton had struck with the Obama White House to publicly identify all donors.”
the uranium thing was harmless
and those campaign emails were supposed to be secret, which is american democracy at its best
how can we have fair elections if everyone knows what you’re doing
obviously you are the victim of russian CyBerZ, which is very powerful as we all know
Quote: ” I don’t know what percentage of phishing attacks originate from Russia, but based on this articlecomic, it appears to be virtually all of them.”
Well, you got it. Ultimately, the argument is that the technique of phishing is somehow uniquely used by and identifies a Russian actor at the end of the chain.
I suppose there is some amount of humor finally in the last panel. The cartoon gives us advice to “always practice skepticism”. But without a hint of skepticism, published on a website founded by Greenwald, the cartoonists accept on total faith intelligence sources claims about what the Russians did.
Email list managed by MailChimp