[PLUG-TALK] Grizzly Steppe

Keith Lofstrom keithl at kl-ic.com
Fri Dec 30 18:00:24 UTC 2016


The FBI/NCCIC document Grizzly Steppe claims that, due to
Russian civilian and military intelligence services labeled
"APT28" and "APT29", information from multiple senior party
members was leaked to the press and publically disclosed.

I presume this refers to recent Wikileaks disclosures.

https://www.us-cert.gov/sites/default/files/publications/JAR_16-20296.pdf
https://www.us-cert.gov/sites/default/files/publications/JAR-16-20296A.csv
https://www.us-cert.gov/sites/default/files/publications/JAR-16-20296A.xml

Hopefully, this will not result in diplomatic escalation.
The US expelled 35 Russian "intelligence operatives".
Putin refused to retaliate.

Beyond the accusations, most of the document is about
the behaviors users should change to improve security.
Best case, the document will start a serious national 
conversation about correcting our careless personal
information protection and consumption habits.

---

Could someone with more security skills than I download
those files to a test machine and look for security
exploits, then post the tested copies with checksums on
a trustworthy download site?  While I don't trust the
Russians much, I don't trust US intelligence agencies
at all, under past, current, or future figureheads.
I would trust most of their extraordinary individuals
with my life, but policy can thwart personal integrity.

I also don't trust that identical content will be served
to every IP address requesting those files.  Checksummed
copies on a "less clever" public server, plus instructions
to the general public on how to test the downloaded files,
can also teach our neighbors safer information handling. 
Our community has the expectations and the technology for
this.  The fact that exploits (Russian or not) worked
against "senior party members" proves that most do not.

Keith

PS: Apologies if this starts the mother of all flamewars.
Keep it on plug-talk, please.  If flamewar is avoided,
and the discussion stays polite, productive, and community
focused, that will validate my already high esteem for the
intelligence and character of the fine people of PLUG.

-- 
Keith Lofstrom          keithl at keithl.com



More information about the PLUG-talk mailing list