SoylentNews is people
SoylentNews
Obama Details Actions in Response to Russian Malicious Cyber Activity
U.S. President Obama writes:
I have issued an executive order that provides additional authority for responding to certain cyber activity that seeks to interfere with or undermine our election processes and institutions, or those of our allies or partners. Using this new authority, I have sanctioned nine entities and individuals: the GRU and the FSB, two Russian intelligence services; four individual officers of the GRU; and three companies that provided material support to the GRU's cyber operations. In addition, the Secretary of the Treasury is designating two Russian individuals for using cyber-enabled means to cause misappropriation of funds and personal identifying information. The State Department is also shutting down two Russian compounds, in Maryland and New York, used by Russian personnel for intelligence-related purposes, and is declaring "persona non grata" 35 Russian intelligence operatives. Finally, the Department of Homeland Security and the Federal Bureau of Investigation are releasing declassified technical information on Russian civilian and military intelligence service cyber activity, to help network defenders in the United States and abroad identify, detect, and disrupt Russia's global campaign of malicious cyber activities. [...] [The Obama] Administration will be providing a report to Congress in the coming days about Russia's efforts to interfere in our election, as well as malicious cyber activity related to our election cycle in previous elections.
Press release. Text of Executive Order. Annex to Executive Order.
Russia Calls for Expulsion of U.S. Diplomats
Although Russia's foreign minister has asked President Vladimir Putin to expel 35 U.S. diplomats from the country in response to President Obama's actions, President Putin has so far declined to do so.
Dispute on Russia's Involvement with DNC Hacking
A WikiLeaks associate has disputed the Russian hacking narrative, saying that he was handed the documents in Washington, D.C.:
On 15 December 2016, the British tabloid Daily Mail quoted Craig Murray, a former U.K. ambassador to Uzbekistan and "close associate" of WikiLeaks founder Julian Assange, as saying that the Democratic National Committee's e-mails were not obtained by WikiLeaks due to the efforts of Russian hackers but were instead leaked by a disgruntled DNC operative who had legal access to them [...]
Murray said he retrieved the package from a source during a clandestine meeting in a wooded area near American University, in northwest D.C. He said the individual he met with was not the original person who obtained the information, but an intermediary.
Of course, it could be completely untrue. At the moment we have only his account to work with.
Original Submission #1 Original Submission #2 Original Submission #3 Original Submission #4
(Score: 1, Interesting) by Anonymous Coward on Sunday January 01 2017, @08:27PM
At a minimum it is US, Israeli, British, German, Chinese, Taiwanese, Korean tech, with the possible smaller european countries thrown in, and figuring anything with signing keys there is a possibility of Russia having as well. Furthermore Malaysia/Costa Rica for Intel did/do chip packaging so that is another potential pair of national actors involved.
Out of these the immediate concern ones would be US, Israel, China and Russia all of whom are known to meddle in international affairs, all of whom have the intelligence assets, technology, and research capabilities, and three of which are directly involved in the chip design and fabrication for the majority of processors used in the world.
Furthermore, given that China has fabbing tech within a generation or two of current (and has for a number of years.) One might ask why they or Russia are not currently producing all their domestic processor/x86 needs. For which the simple answer is: Because they already have access to the keys needed to secure their hardware, or exploit their adversaries.
As hackaday recently featured: Sandy Bridge+ Intel ME implementations can be effectively disabled by removing all but one block from the management engine firmware, the core kernel initialization for the ME is required to boot up, but the other modules are used for initiializing the PCI interface and the secondary ethernet inteface from the internal bridging subsystem. With those two components disabled, all the known attack vectors of the Intel ME are closed (and getting into more esoteric attacks, most of them could just as easily be used against the cpu core via javascript and hardware assisted hypervisor escalation attacks.)
The only serious way for hardware to become trustworthy again is open hardware designs with dozens of second source implementations (and a comprehensive test/regression suite to catch as many cornercases as possible so errata lists don't continue looking like intel or amd's every processor generation.) with standardized sockets and similiarly documented 'generic' bus interface guidelines, simiar to how PC clone devices were back in the 80s and 90s (late 90s for interoperable hardware and early 00s when there was still 'mostly' legacy hardware compatibility, even if full performance required specialized drivers.)