— Carl Baatz
— Carl Baatz
Putin, eager to weaken the EU and NATO, has been backing right-wing demagogues throughout Europe. So it came as no surprise when he started complimenting Trump. Not only is Trump would-be strongman of Putin's ilk (only less clever), he's also been threatening to break US commitments to NATO.
In December, Putin called Trump "an outstanding and talented personality". Trump, in a rare moment of sweetness, replied:
"It is always a great honor to be so nicely complimented by a man so highly respected within his own country and beyond."
Putin now appears to be backing Trump even more strongly, with Russian operatives hacking into Democratic National Committee (DNC) computers and trying to embarrass them shortly before the convention.
On June 14th, the cybersecurity firm CrowdStrike, under contract with the DNC, announced in a blog post that two separate Russian intelligence groups had gained access to the DNC network. One, called FANCY BEAR or APT 28, gained access in April. The other, COZY BEAR or APT 29, first breached the network in the summer of 2015.
You can read a more detailed analysis here:
Let me quote some:
CrowdStrike Services Inc., our Incident Response group, was called by the Democratic National Committee (DNC), the formal governing body for the US Democratic Party, to respond to a suspected breach. We deployed our IR team and technology and immediately identified two sophisticated adversaries on the network – COZY BEAR and FANCY BEAR. We’ve had lots of experience with both of these actors attempting to target our customers in the past and know them well. In fact, our team considers them some of the best adversaries out of all the numerous nation-state, criminal and hacktivist/terrorist groups we encounter on a daily basis. Their tradecraft is superb, operational security second to none and the extensive usage of ‘living-off-the-land’ techniques enables them to easily bypass many security solutions they encounter. In particular, we identified advanced methods consistent with nation-state level capabilities including deliberate targeting and ‘access management’ tradecraft – both groups were constantly going back into the environment to change out their implants, modify persistent methods, move to new Command & Control channels and perform other tasks to try to stay ahead of being detected. Both adversaries engage in extensive political and economic espionage for the benefit of the government of the Russian Federation and are believed to be closely linked to the Russian government’s powerful and highly capable intelligence services.
COZY BEAR (also referred to in some industry reports as CozyDuke or APT 29) is the adversary group that last year successfully infiltrated the unclassified networks of the White House, State Department, and US Joint Chiefs of Staff. In addition to the US government, they have targeted organizations across the Defense, Energy, Extractive, Financial, Insurance, Legal, Manufacturing Media, Think Tanks, Pharmaceutical, Research and Technology industries, along with Universities. Victims have also been observed in Western Europe, Brazil, China, Japan, Mexico, New Zealand, South Korea, Turkey and Central Asian countries. COZY BEAR’s preferred intrusion method is a broadly targeted spearphish campaign that typically includes web links to a malicious dropper. Once executed on the machine, the code will deliver one of a number of sophisticated Remote Access Tools (RATs), including AdobeARM, ATI-Agent, and MiniDionis. On many occasions, both the dropper and the payload will contain a range of techniques to ensure the sample is not being analyzed on a virtual machine, using a debugger, or located within a sandbox. They have extensive checks for the various security software that is installed on the system and their specific configurations. When specific versions are discovered that may cause issues for the RAT, it promptly exits. These actions demonstrate a well-resourced adversary with a thorough implant-testing regime that is highly attuned to slight configuration issues that may result in their detection, and which would cause them to deploy a different tool instead. The implants are highly configurable via encrypted configuration files, which allow the adversary to customize various components, including C2 servers, the list of initial tasks to carry out, persistence mechanisms, encryption keys and others. An HTTP protocol with encrypted payload is used for the Command & Control communication.
FANCY BEAR (also known as Sofacy or APT 28) is a separate Russian-based threat actor, which has been active since mid 2000s, and has been responsible for targeted intrusion campaigns against the Aerospace, Defense, Energy, Government and Media sectors. Their victims have been identified in the United States, Western Europe, Brazil, Canada, China, Georgia, Iran, Japan, Malaysia and South Korea. Extensive targeting of defense ministries and other military victims has been observed, the profile of which closely mirrors the strategic interests of the Russian government, and may indicate affiliation with Главное Разведывательное Управление (Main Intelligence Department) or GRU, Russia’s premier military intelligence service. This adversary has a wide range of implants at their disposal, which have been developed over the course of many years and include Sofacy, X-Agent, X-Tunnel, WinIDS, Foozer and DownRange droppers, and even malware for Linux, OSX, IOS, Android and Windows Phones. This group is known for its technique of registering domains that closely resemble domains of legitimate organizations they plan to target. Afterwards, they establish phishing sites on these domains that spoof the look and feel of the victim’s web-based email services in order to steal their credentials. FANCY BEAR has also been linked publicly to intrusions into the German Bundestag and France’s TV5 Monde TV station in April 2015.
At DNC, COZY BEAR intrusion has been identified going back to summer of 2015, while FANCY BEAR separately breached the network in April 2016. We have identified no collaboration between the two actors, or even an awareness of one by the other. Instead, we observed the two Russian espionage groups compromise the same systems and engage separately in the theft of identical credentials. While you would virtually never see Western intelligence agencies going after the same target without de-confliction for fear of compromising each other’s operations, in Russia this is not an uncommon scenario. “Putin’s Hydra: Inside Russia’s Intelligence Services”, a recent paper from European Council on Foreign Relations, does an excellent job outlining the highly adversarial relationship between Russia’s main intelligence services – Федеральная Служба Безопасности (FSB), the primary domestic intelligence agency but one with also significant external collection and ‘active measures’ remit, Служба Внешней Разведки (SVR), the primary foreign intelligence agency, and the aforementioned GRU. Not only do they have overlapping areas of responsibility, but also rarely share intelligence and even occasionally steal sources from each other and compromise operations. Thus, it is not surprising to see them engage in intrusions against the same victim, even when it may be a waste of resources and lead to the discovery and potential compromise of mutual operations.
You can even see some of the code that was used. Another security group, Fidelis, did an independent study confirming CrowdStriker's findings:
Of course, none of this excuses the DNC's dastardly behavior as revealed by the hacked emails. But it's another sign of how sickening a disaster a Trump presidency would be.
Putin's compliment, and Trump's reply, is here:
Here's an article on Putin's "useful idiots" in Europe:
A quote, which contains lots of links in the original:
Prior to 2010, one would be hard-pressed to find public statements in praise of Putin by far-right leaders. Today, they are commonplace. UKIP’s Nigel Farage is a self-proclaimed fan of the Russian president. Jobbik’s head, Gabor Vona, is a frequent invited guest in Moscow. And, of course, Madame Le Pen, whose party was the beneficiary of a 9.4 million euro loan from a Russian-owned bank, is a consistent voice of support for Russian foreign policy in Ukraine and the Middle East. Even Germany, where the far right has failed to gain a foothold, is not immune to Moscow’s narrative. Supporters of PEGIDA, the increasingly popular xenophobic group whose acronym stands for “Patriotic Europeans Against the Islamization of the West,” often carry Russian flags and anti-government posters begging for Putin’s help.
This is the standard motivation for dependent types. The specific motivation for dependent types in Haskell is that Haskell already has a large body of practical code and real-world programmers. In terms of academic research, this platform serves as a great experiment for trying dependently typed programming “in the wild.” Other dependently typed programming languages have either (a) been targeted primarily at niche academic communities or (b) have not been in development and use as long as Haskell and have not reached its scale of usage. So, it's exciting for research to see how dependent types can be implemented in a practical way, and it's exciting for Haskell programmers to have the ability to use them in practice.
There are, of course, areas of science in which replication is prohibitively expensive (e.g. sending a probe out of the solar system) or just doesn't make sense (e.g. math, some CS). And replication would increase the cost of doing research. But the broad thesis of the article is attractive.
Each person that studies a proof is not going to publish a replication of that proof because it would be the exact same thing. However, you do find publications of counterproofs and improvements and simplifications of proofs (if they are significant enough), but these are not the same as replicating experiments.
Proofs involve logic. Experiments involve variables. The point of independent replication is to determine if an experiment produces results that are statistically similar to published results with a similar method and similar variables. A proof (that doesn't involve probability) will always be (in-)valid in a given logic. Even when using different logics, it can be interesting to compare proofs of one thing, but the differences are not statistically variable; therefore, I would not call it experimental replication.
bash - brew upgrade breaks terminal, requiring reset - Ask Different
When I run brew upgrade in my Bash shell, it breaks the terminal display (in both iTerm2 and Terminal) such that I can't see anything I type
Low-Back Pain: Causes, Care, and Consequences « Science-Based Medicine
Low-back problems are one of the most common reasons for visits to doctors’ offices and the most common cause of disability among persons un
Teaching Students Logic Improves Their Logical Reasoning Skills - Daily ...
Newflash: teaching students logic improves their logical reasoning skills—at least according to some new research. You may be thinking, “duh
Behind the Supreme Court’s Abortion Decision, More Than a Decade of Priv...
Research funded by the Susan Thompson Buffett Foundation and others not only helped spur the nation’s top court to strike down key parts of
Could the Zim government really have shut down WhatsApp? An expert weigh...
It is definitely within the powers of a government to block cellphone users' access to a specific app, such as WhatsApp, and there are diffe
Disciple Development: Type 'Int' does not match type 'Int'
I joke to myself that the last project I complete before I retire will be a book entitled "Anti-patterns in compiler engineering", which wil
Brexit: UK tech sector reacts to Leave vote - BBC News
Now the UK has decided to leave the European Union, technology firms are left to wonder what the future holds.
Wadler's Blog: “Dishonesty on an industrial scale”: EU law expert analys...
Authoritative sources in the EU debate are thin on the ground, so I was pleased when a colleague pointed me to a video by University of Live
COMMENT: 5 blunders about ‘the country’ called Africa - Africa Check
Have you heard of the country called Africa? It’s home to the world’s ‘rape capital’, a place where you can’t drink the tap water, the peopl