Home Tags Smoking

Tag: Smoking

Ancient ruins point to the origins of American state power

Throne room included massive brazier for barbecues, plus human sacrifice area.

Bad luck may play a big role in cancer—but prevention tactics...

Study doubles down on earlier work that led to big, some say pointless, controversy.

Is the dark really making me sad?

I ask if she’s a winter person: “No, I am not,” she replies stiffly. “I like the Sun.”

Astonishing geomagnetic spike hit the ancient kingdom of Judah

If this were to happen again today, the electrical grid would be a smoking ruin.

Netherlands reverts to hand-counted votes to quell security fears

Windows XP? SHA-1? USB sneakernet? What were they thinking? Or smoking? The Netherlands has decided its vote-counting software isn't ready for prime time, and will revert to hand-counted votes for its March 15 election.…

White House fails to make case that Russian hackers tampered with...

Enlargereader comments 54 Share this story Talk about disappointments.

The US government's much-anticipated analysis of Russian-sponsored hacking operations provides almost none of the promised evidence linking them to breaches that the Obama administration claims were orchestrated in an attempt to interfere with the 2016 presidential election. The 13-page report, which was jointly published Thursday by the Department of Homeland Security and the FBI, billed itself as an indictment of sorts that would finally lay out the intelligence community's case that Russian government operatives carried out hacks on the Democratic National Committee, the Democratic Congressional Campaign Committee, and Clinton Campaign Chief John Podesta and leaked much of the resulting material. While security companies in the private sector have said for months the hacking campaign was the work of people working for the Russian government, anonymous people tied to the leaks have claimed they are lone wolves. Many independent security experts said there was little way to know the true origins of the attacks. Sadly, the JAR, as the Joint Analysis Report is called, does little to end the debate.
Instead of providing smoking guns that the Russian government was behind specific hacks, it largely restates previous private-sector claims without providing any support for their validity.

Even worse, it provides an effective bait and switch by promising newly declassified intelligence into Russian hackers' "tradecraft and techniques" and instead delivering generic methods carried out by just about all state-sponsored hacking groups. "This ultimately seems like a very rushed report put together by multiple teams working different data sets and motivations," Robert M. Lee, CEO and Founder of the security company Dragos, wrote in a critique published Friday. "It is my opinion and speculation that there were some really good government analysts and operators contributing to this data and then report reviews, leadership approval processes, and sanitation processes stripped out most of the value and left behind a very confusing report trying to cover too much while saying too little." The sloppiness, Lee noted, included the report's conflation of Russian hacking groups APT28 and APT29—also known as CozyBear, Sandworm, Sednit, and Sofacy, among others—with malware names such as BlackEnergy and Havex, and even hacking capabilities such as "Powershell Backdoor." The mix up of such basic classifications does little to inspire confidence that the report was carefully or methodically prepared.

And that only sows more reasons for President elect Donald Trump and his supporters to cast doubt on the intelligence community's analysis on a matter that, if true, poses a major national security threat. Enlarge The writers showed a similar lack of rigor when publishing so-called indicators of compromise, which security practitioners use to detect if a network has been breached by a specific group or piece of malware.

As Errata Security CEO Rob Graham pointed out in a blog post, one of the signatures detects the presence of "PAS TOOL WEB KIT," a tool that's widely used by literally hundreds, and possibly thousands, of hackers in Russia and Ukraine, most of whom are otherwise unaffiliated and have no connection to the Russian government. Enlarge "In other words, these rules can be a reflection of the fact the government has excellent information for attribution," Graham wrote. "Or, it could be a reflection that they've got only weak bits and pieces.
It's impossible for us outsiders to tell." "Both foolish and baseless" Security consultant Jeffrey Carr also cast doubt on claims that attacks that hit the Democratic National Committee could only have originated from Russian-sponsored hackers because they relied on the same malware that also breached Germany's Bundestag and French TV network TV5Monde. Proponents of this theory, including the CrowdStrike researchers who analyzed the Democratic National Committee's hacked network, argue that the pattern strongly implicates Russia because no other actor would have the combined motivation and resources to hack the same targets.

But as Carr pointed out, the full source code for the X-Agent implant that has long been associated with APT28 was independently obtained by researchers from antivirus provider Eset. "If ESET could do it, so can others," Carr wrote. "It is both foolish and baseless to claim, as CrowdStrike does, that X-Agent is used solely by the Russian government when the source code is there for anyone to find and use at will." The doubts raised by Lee, Graham, and Carr underscore the difficulty members of the US intelligence community face when taking findings out of the highly secretive channels they normally populate and putting them into the public domain.
Indeed, the Joint Analysis Report makes no mention of the Democratic party or even the Democratic National Committee.

The lack of specifics and vagueness about exactly how the DHS and FBI have determined Russian involvement in the hacks leaves the report sounding more like innuendo than a carefully crafted indictment. The intelligence community has found itself in this position before, including in attributing a highly destructive attack on Sony Pictures Entertainment in 2014 to North Korea.
In fairness, the reticence in both cases is likely justified by the interest in protecting sources and methods used to detect such attacks.
Still, it's hard to escape the conclusion that Thursday's Joint Analysis Report provides almost no new evidence to support the Obama Administration's claims Russia attempted to interfere with the US electoral process.

Absent something more, the increasingly bitter debate may rage on indefinitely.

Masterful malvertisers pwn Channel 9, Sky, MSN in stealth attacks

Same group compromised a million users A DAY. A two-year long, highly sophisticated malvertising campaign infected visitors to some of the most popular news sites in the UK, Australia, and Canada including Channel 9, Sky News, and MSN. Readers of those news sites, just a portion of all affected (since it also affected eBay's UK portal), were infected with modular trojans capable of harvesting account and email credentials, stealing keystrokes, capturing web cam footage, and opening backdoors. The news sites are not at direct fault as they displayed the advertising; the ad networks and the underlying structure of high-pace and low-profit margins is what lets malvertising get its huge impact. Users from the United States were ignored, for reasons unknown. The quiet success of the still-ongoing attacks comes despite that researchers from security firm ESET found earlier variants in late 2014 targeting Dutch users. Well-known researcher Kafeine, now with Proofpoint, reported on a subsequent massive malvertising campaign in July in which the AdGholas malvertising campaign had ensnared as many as a million users a day. The malware stenography revealed.
Image: ESET. Those attacks slung banking trojans at British, Australian, and Canadian users with localised ruses. AdGholas exploited among others a low-level Internet Explorer vulnerability (CVE-2016-3351) to assist with cloaking that Microsoft was slow to patch. Victims who surfed various news outlets using Microsoft Internet Explorer and Adobe Flash which did not have recent patches applied could be silently compromised. Users of Yahoo!'s email service were also served the trojanised ads through the tech giant's advertising network. Those on other browsers were ignored, as were those running packet capture, sandboxing, and virtualisation software, the latter platforms being hallmarks of white hat security researchers. The criminals were able to maintain stealth despite the many skilled eyes of the whitehat research community by weaving malicious code into advertising banners. They even went as far as to create legitimate software, including a still-live Google Chrome extension, which appear non-malicious and are functional. The Browser Defence Chrome app seems legit.
Image: The Register. While regular malvertising manages to get booby-trapped banner ads accepted by the likes of Google, Yahoo!, and scores of smaller networks, the AdGholas campaign served its trojans through the manipulation of individual ad pixels. Malwarebytes analyst Jerome Segura along with ESET researchers revealed the intricacies of the latest campaign today. They say criminals remained cloaked for so long by altering the alpha channel within pixels of the advertising banners they submitted to ad networks. This passed the weak security checks to be displayed on major news sites, forcing the trojan to install on any machine which merely viewed the banner with vulnerable Internet Explorer and Flash installations. The offending ads.
Image: MalwareBytes. Poisoned pixel ads included those for Browser Defence and BroXu, two legitimate working creations of the malware writers. The malcode within the ads exploited Internet Explorer bug CVE-2016-0162 for initial reconnaissance and Flash bugs CVE-2016-4117, CVE-2016-1019, and CVE-2015-8651 to get payloads onto machines. "Despite not targeting the US, the latest AdGholas campaign has once again reached epic proportions and unsuspecting users visiting top trusted portals like Yahoo or MSN [among] many top level publishers were exposed to malvertising and malware if they were not protected," Segura says. "There is no doubt that the adversary is very advanced and has been clever to fly under the radar for long periods of time." "At the time of posting the campaign still continues, although the major ad networks have been informed and should no longer be involved." The BroXu and Browser Defence sites.
Image: The Register. Segura found the first attack based on the Browser Defence scam on 5 September through the SmartyAds network, before noticing it move to Yahoo! a month later. It took until 27 November for Segura to "finally" reproduce the malvertising chain using a real residential IP address and a normal user machine free of monitoring tools. "Up until then, we only had very strong suspicions that something was going on, but without a network capture, we simply did not possess the smoking gun required to make an affirmative claim," he says. Segura informed Yahoo! once he confirmed the malvertising attacks. > Researchers at ESET reveal much the same and reveal the technical complexity of the stenography effort in which the malcode was hidden almost perfectly within advertising images. ® Sponsored: Flash enters the mainstream.
Visit The Register's storage hub

Thinking Ahead: Cybersecurity In The Trump Era

In a panel held by the University of California Berkeley Center for Long-Term Cybersecurity and Bipartisan Policy Center, experts discuss challenges facing the incoming presidential administration. In the wake of an abundance of news headlines on data breaches, and a presidential election cycle packed with cybersecurity concerns, the University of California Berkeley Center for Long-Term Cybersecurity and Bipartisan Policy Center today hosted experts to discuss security challenges and solutions America will face in the new administration.  Panelists included Steven Webber, faculty director at the UC Berkeley Center for Long-Term Cybersecurity; Betsy Cooper, executive director at the UC Berkeley Center for Long-Term Cybersecurity; Jamie Gorelick, former deputy attorney general and partner at WilmerHale; and Rep. Will Hurd (R-TX). The group gathered to discuss ideas that could fuel an effective plan for preventing, responding to, and recovering from cyber attacks. Webber acknowledged part of the problem for many people is that cybersecurity still feels like a technical issue related to the protection of computer networks.
It's time to "demystify the network" for folks outside the core tech sector, he said. "What happens when individuals everywhere interact with digital technologies?" he questioned, saying there are bigger and broader issues at play. Cooper addressed the need for change in addressing the future of cybersecurity, noting how this problem "is an existential challenge we haven't fully recognized yet." The new administration must have a stronger approach to the growth of cybersecurity problems. Another issue addressed during the panel was the need for a public campaign on cybersecurity, similar to campaigns launched in the past to raise awareness about problems like recycling and smoking. "We're suggesting the situation is serious enough in cybersecurity that we need a public awareness campaign," Cooper emphasized. "People should be aware of strong passwords, of two-factor authentication from an early age."  Webber compared the problem of cybersecurity with the problem of secondhand smoke. He said people are motivated by the negative externalities of the issue; not only how it comes with a personal cost, but how it affects their community as a whole. "When people recognize their dangerous behavior is a risk to family and neighbors, there's another lever we can pull," he said. "Companies will start to respond to that as the demand [for change] starts to emerge. We need to get that conversation started right now, and who is better than a new administration?" The panel also addressed the cybersecurity skills shortage.

There is a great demand for cybersecurity professionals, said Cooper, but universities aren't producing enough talent to fill the gap. Part of the problem is fear of being in the security space long-term, she said. "In these industries, it's hard to keep up-to-date with technology," Cooper explained. "It's hard to convince people it's a fun and exciting area." She noted how providing loan forgiveness for cybersecurity professionals may drive motivation to enter the industry. Webber agreed that society needs to take the cybersecurity problem seriously enough to subsidize education. "Security issues are hard, involve classified data and techniques, and there isn't a sense that the world thinks of those things as super important," he said. Right now, there are many people who could generate the skills needed for a first-rate cyber workforce, but they're out doing different things.  Webber acknowledged this could be an opportunity to circulate ideas between the East and West coasts, and help people from Washington, DC and Silicon Valley work together.   Panelists also recognized the need for public and private administration to work together and overcome the cybersecurity challenge. "We're crazy to think the government or private sector can address the problem alone," said Hurd. Related Content: Kelly is an associate editor for InformationWeek.
She most recently reported on financial tech for Insurance & Technology, before which she was a staff writer for InformationWeek and InformationWeek Education. When she's not catching up on the latest in tech, Kelly enjoys ...
View Full Bio More Insights

2016’s craziest “cybersex” political scandal comes from… Nebraska

Enlarge / The Nebraska state capitol building in Lincoln.Education Images / Getty Images reader comments 30 Share this story “Make me pleasure.” That Facebook message was directed at Bill Kintner, a 55-year-old Nebraska state senator, while the politician was in Boston for a conference last July.
In his hotel room, Kintner had started chatting online—using a state-supplied computer—with a woman who went by “Vinciane Diedeort.” Her English was not idiomatic, but she looked good.

And she wanted Kintner to masturbate with her on Skype. “I don't want to sneak behind my wife's back,” he wrote. “It's not about you, it is about me. You are smoking hot.” So Kintner broke it off. “Let's end this, before I get in trouble,” he wrote. His willpower lasted for seven hours.

At midnight, Kintner returned to Facebook and resumed his conversation with Diedeort. He agreed to her plan. He fired up Skype.

And he removed his pants. Enlarge / Nebraska State Senator Bill Kintner. Bill Kintner The scam According to the Lincoln Journal Star, the pleasure ended almost immediately. Within minutes, [Diedeort] threatens to post the video on YouTube and share it with [Kintner's] Facebook friends if he doesn't wire $4,500 to an account in the Ivory Coast, which she claimed was for a deaf child. Kintner reported himself to the [Nebraska] State Patrol that day, telling investigators he'd fallen victim to a scam. Kintner knew his life was about to get complicated. Not only was the incident likely to come out now that he had involved the state patrol, but his wife Lauren was a key policy aide to Nebraska’s governor.

And it didn’t make Kintner himself look any better when, a few days after returning from Boston, Lauren was found to have ovarian cancer. Still, the sordid story stayed under wraps until this summer, when the investigation finally concluded.
In an August 5, 2016 statement, Kintner wrote, “Humbled by the reality that after initially resisting the overtures from a woman who had found me on Facebook, I caved to her temptation to engage in cybersex via her invitation over Skype...
I was most likely the target of a foreign criminal extortion ring.” According to the Journal Star, Kintner claimed that investigators had “traced the scam to a small crime syndicate based in the Ivory Coast and using Russian computers. Recorded video of the exchange was never saved on his computer, Kintner said.

The scammer posted a brief clip, or GIF, of the recording online, but it has since been deleted.” The aftermath Kintner was hauled before the Nebraska Accountability and Disclosure Commission and fined $1,000 for improper use of state-owned equipment. Many legislators—along with the governor—called for him to resign, but Kintner refused, saying he had already apologized to his wife and to God.

The best way for him to continue serving God, he added, was to stay in office. (A fellow state legislator quipped, “Whatever phone number he's using to talk to God, I want it.”) On August 10, State Senator Ernie Chambers of Omaha—a legendary figure in local politics and the only black legislator in Nebraska—decided to up the pressure. "If Sen. Kintner is a member of the body in January [2017]," he wrote, "I plan to use him and his illegal, scandalous, vulgar behavior as source material for rhymes throughout the 90-day Session.

Be prepared for the pun, the double entendre, and other verbal techniques to 'keep the issue alive.'" Chambers then offered up a free sample: Kintner's free to masturbate on his own time, But not free to masturbate on Taxpayers' dime. On August 11, Chambers released a multi-page poem called "The Sordid Saga of Bill Kintner's 'Guttersnipery'" that began: "Who is Bill Kintner?" asked the Town Crier. A masturbating, would-be thief, and a liar— A hypocrite—doing not what he ought, Who never "comes clean" till after he's caught. The Legislature’s executive board considered plans to oust Kintner.

As the Journal Star reported on August 19, however, this would require a special session that could cost more than $75,000 in a state where legislators make just $12,000 a year. Kintner argued that this would be a waste of money, “especially at a time when our state is facing current and projected tax receipt shortfalls.” On September 6, Chambers released another "Kintner-gram" that got weirdly personal about the whole mess.
It began: Stuck at home with WIFEY, he's CLARK KINTNER, flaccid to the touch; On the other hand(s), with SKYPEMATE, who excites him O! so much, He tells her, "I'm Superman! because of how you make me feel!" "If so, take your pants off," coos she, "show me you're a man of steel." (She's his Wonder Woman, with her super powers, hot and stacked; Could it be Clark Kintner sought from her the OOMPH! that Wifey lacked...?) Kintner fired back, telling the local paper that the rhymes were a "new low." "This is beyond two politicians arguing over policy or personal differences," Kintner told the Journal Star on Thursday. "This is a politician going after another politician's wife." "I expect Chambers to be a man and apologize to my wife," he said in the news release. (Chambers did respond in an October 8 op-ed, which concluded: "I shall remain as solid as the Rock of Gibraltar in my quest to remove the 'Kintner blight' from the Legislature by my choice of means.
If others know a better way, come on with it.") One of Kintner's supporters filed an ethics complaint against Chambers over his rhymes (which now total more than 25 separate pieces).

But on October 21, the Nebraska Accountability and Disclosure Commission tossed the complaint against Chambers, saying that his poems had been "part of a broader public discussion about how to handle the matter" and were not unethical. “We’re not the etiquette police,” the Commission's vice chairman told a local paper. Enlarge / One of Ernie Chambers' "Kintner-grams." Webcams: For state business ONLY! As voters nationally go to the polls to pick the future direction of the country, Nebraska's legislature remains consumed with Kintner. He remains in office, and lawmakers are still debating various forms of censure or impeachment. One positive has emerged from the whole mess, though—more awareness of "personal use" rules for state-owned technology. Lawmakers will have new HP computers when they return to work in 2017, and last week, the legislature passed a new set of policies to go with the machines. In a November 5 editorial, the Omaha World-Herald praised the move. "By adopting a policy against misusing state-owned technology for personal or campaign purposes," it wrote, "the board removed any doubt about where the Legislature stands on policing its own." The 2016 election has shown us a world where Donald Trump's tweets, Hillary Clinton's e-mails, and even (alleged) Russian hackers have all played key roles.

But tech is altering politics at every level, and somewhere in the Ivory Coast, using a "Russian computer," lives a woman whose brief connection with a middle-aged man half a world away has roiled Nebraska state politics for months. Truly, we live in the future.

Is it real? The Trump-Russia server connection

Does the Trump organization have a private internet connection with Russia? That's what a long, detailed article from Slate is asking. Here's the story in a nutshell: The Russian-owned Alfa Bank appears to have had a private connection to a Trump server.

The server in question was registered as belonging to the Trump-Email.com domain.
It has a history of sending Trump-branded marketing emails, but in the recent past appeared to have been communicating only with a Russian server registered to Alfa Bank.

The Alfa server seems to have regularly communicated with the Trump server, yet other connection attempts from other servers seem to be blocked (likely indicating that the servers only accept connections from each other or a limited list of servers). When the media started to investigate and asked the Russian organization about the domain name and server, the Trump server, after years of existing in the same place, suddenly changed names and domain names.

The first server to reconnect to the Trump server with its new name? The Russian server that had previously connected to it.

After the media inquired about the second, newer connection, the Trump server was taken down. Much of the data and analysis has been shared publicly.
I checked it out as much as I could and I agree with experts already quoted in the Slate article: There's no definitive proof, but it's highly likely there was a formal connection.

The biggest smoking gun, in my opinion, is the timing of the domain name change and the automatic reconnection to the new name after the server had been moved.

That suggests a formal, established, private connection. This is not my opinion alone.

The Slate article quotes internet pioneer Paul Vixie, who after examining the logs concluded that the two parties were communicating in a "secretive" fashion. Slate reported that both involved entities deny any connection to the other, other than what must be either innocent, random spam or regular DNS traffic.

This answer is even more confusing -- and likely wrong.
If the data is correct and the Russian server reconnected to the Trump server with its new name and domain, it doesn't seem like either spam or DNS traffic.
It's the opposite of random. Alfa Bank has purportedly hired the trusted industry firm Mandiant to investigate the matter (the founder of Mandiant, along with several other early employees, came from Foundstone, where I used to work).
I'd trust what Mandiant says, but in response to a Slate request, Mandiant said it was unable to comment until the investigation was complete. If I were Alfa Bank or Trump enterprises, and there was nothing illegal or unethical going on, I would release a detailed forensic analysis for both servers. We have enough data outside of their control to confirm or contradict the findings.
It would be difficult for anyone to fake a full forensic analysis that agreed with publicly available data. In the end, even if there was a dedicated private connection between Trump and Russia, who knows what it was about? It could be anything.
It could be regular business or marketing emails without a hint of illegal or unethical behavior.

But without either side being more forthcoming, we can't know.

FBI criminal investigations have been approved with less evidence.

Russia-linked phishing campaign behind the DNC breach also hit Podesta, Powell

The spear-phishing e-mail received by Clinton campaign staffer William Rinehart matches messages received by both former Secretary of State Colin Powell and Clinton campaign chairman John Podesta.The Smoking Gun reader comments 28 Share this story The breach of personal e-mail accounts for Clinton presidential campaign chairman John Podesta and former Secretary of State Colin Powell have now been tied more closely to other breaches involving e-mail accounts for Democratic party political organizations. Podesta and Powell were both the victims of the same form of spear-phishing attack that affected individuals whose data was shared through the “hacktivist” sites of Guccifer 2.0 and DCLeaks. As Ars reported in July, the spear-phishing attack used custom-coded Bit.ly shortened URLs containing the e-mail addresses of their victims.

The URLs appeared in e-mails disguised to look like warnings from Google about the victims’ accounts.

These spear-phishing attacks were tracked by the security firm SecureWorks as part of the firm’s tracking of the “Fancy Bear” threat group (also known as APT28), a hacking operation previously tied to a phishing campaign against military and diplomatic targets known as Operation Pawn Storm. As The Smoking Gun reported in August, one of these e-mails was sent to William Rinehart, a staffer with the Clinton presidential campaign. Rinehart’s e-mails were leaked on the DCLeaks site.

DCLeaks also carried the e-mails of Sarah Hamilton, an employee of a public relations firm that has done work for the Clinton campaign and for the DNC. Hamilton's e-mails were offered to The Smoking Gun by someone claiming to be Guccifer 2.0 via a password-protected link on the DC Leaks site. E-mails with the same crafted Bit.ly Web addresses were found in the e-mails of both Podesta and Powell, as Motherboard’s Lorenzo Franceschi-Bicchierai reports. Podesta’s e-mails were shared by WikiLeaks; Powell’s were posted on DCLeaks.

That would suggest a firm connection between the DC Leaks  / Guccifer 2.0 campaign (already linked to Russian intelligence) and the source of the WikiLeaks DNC files.

Agents of influence: How reporters have been “weaponized” by leaks

EnlargeGeorge Hodan reader comments 166 Share this story Since June, some entity has been releasing e-mails and electronic documents obtained via network intrusions and credential thefts of politicians and political party employees. Some of the releases have appeared on sites believed to be associated with Russian intelligence operations; others have appeared on Wikileaks. On occasion, the leaker has also engaged journalists directly, trying to have them publish information drawn from these documents—sometimes successfully, other times not. The US government has pinned at least some of the blame for these leaks on Russia. This has led some observers to argue that WikiLeaks and Russian intelligence agencies are "weaponizing" the media. This is what national security circles refer to as an "influence operation," using reporters as tools to give credibility and cover to a narrative driven by another nation-state. The argument is that by willingly accepting leaked data, journalists have (wittingly or not) aided the leaker's cause. As such, they have become an "agent of influence." The Grugq, a veteran information security researcher who has specialized in counterintelligence research and a former employee of the computer security consulting company @stake, penned an article about the topic yesterday. "The primary role for an agent of influence," he wrote, "is to add credibility to the narrative/data that the agency is attempting to get out and help influence the public." Such agents might friendly with or controlled by the agency trying to spread the information, but they can also be unwitting accomplices "sometimes called a 'useful idiot,' unaware of their role as conduits of data for an agency." The actual impact of the leaked information on the US presidential election may not matter to an influence operation. The intended target of the campaign being waged through the WikiLeaks dumps, Guccifer 2.0, and DCLeaks is likely a larger public—perhaps including citizens in Russia itself and the people and decision-makers of the bordering nations. As Ars previously reported, the attacks on the Democratic National Committee (DNC) and on the US political process may be tied to a Russian effort to "contain" US foreign policy efforts and undermine confidence among the citizens of eastern European NATO members. The continued dumping of documents—and the chaos it creates for the US political process—shows the world that Russia can act upon the US at a distance. Therefore, Russia can also project power much closer to home. Assuming this attribution and analysis is in some broad sense accurate, the raises a question: what's a journalist to do with these sorts of hacks and leaks? Has everyone who draws on them become an unwitting "agent of influence?" And if so, is that actually a bad thing if the leaks are newsworthy? Ethics in information warfare journalism Dealing with a source's motivations is not a new problem for the press. Journalists get used all the time (just as they sometimes "use" their sources; it's part of the circle of life for investigative reporting). "The decision about whether or not to publish has always been about whether or not it's in the public interest, and also, I think, about what's the motivation or intention [of the source]," Jeremy Rue, acting dean of academics for the University of California at Berkeley's Graduate School of Journalism, told Ars. "Often journalists are so eager to get information, they don't take the time to ask what the motivation is behind this source," Rue said. "I think those motivations are important to factor in. Whether or not it changes the choice to publish, I don't really want to take a specific stand on that. It's a very complex issue and it keeps coming up in newsrooms. But I do definitely feel strongly that you should absolutely weigh all the different factors, like what are the motivations of your source." Glenn Greenwald of The Intercept has vocally disagreed with the idea that the source's intentions are material to a reporters' job, particularly in the case of publishing WikiLeaks' recent dumps. To him, if it's news, it's should be reported—regardless of source and motivation. In a recent article, Greenwald wrote as much: Some have been arguing that because these hacks were engineered by the Russian government with the goal of electing Trump or at least interfering in US elections, journalists should not aid this malevolent scheme by reporting on the material. Leaving aside the fact that there is no evidence (just unproven US government assertions) that the Russian government is behind these hacks, the motive of a source is utterly irrelevant in the decision-making process about whether to publish. While nothing in the public domain explicitly links the Russian government to the overall operation, there's at least some suggestive public evidence of Russia's involvement with Guccifer 2.0—who gave Greenwald exclusive access to some of the breach content—and with the DCLeaks "American hacktivist" site. That evidence includes both analysis by security experts of the initial Guccifer 2.0 document dump and an investigation by The Smoking Gun in August, which was triggered by Guccifer 2.0 reaching out directly to the site. For The Grugq, the way Greenwald has interacted with Guccifer 2.0 looks like a perfect example of how an influence operation works. "The Intercept was given 'exclusive' access to e-mails obtained by the entity known as Guccifer 2.0," he wrote. "The Intercept was both aware that the e-mails were from Guccifer 2.0, that Guccifer 2.0 has been attributed to Russian intelligence services, and that there is significant public evidence supporting this attribution." For a site like Wikileaks, the questions extend further. Assuming that it's right to publish material regardless of the source's motivations, how much of that material is fair game? The Investigative Reporter's Handbook frames the decision this way: When exposing private behaviors of public figures a reporter must make sure there is a need for the public to know this information. If there is not than a reporter should not report on it. If the behavior does not affect the figures public performance than there is no need to report on it. Naomi Klein, speaking on Glenn Greenwald's podcast this week, said something similar when talking about WikiLeaks: They’re very clearly looking for maximum media attention and you can tell that just by looking at the WikiLeaks Twitter feed and at how they are timing it right before the debates... These leaks are not, in my opinion, in the same category as the Pentagon Papers or previous WikiLeaks releases like the trade documents they continue to leak, which I am tremendously grateful for, because those are government documents that we have a right to, that are central to democracy. There are many things in that category. But personal e-mails—and there’s all kinds of personal stuff in these e-mails—this sort of indiscriminate dump is precisely what Snowden was trying to protect us from. For Wikileaks, of course, it's all fair game in the name of radical transparency. Snapperjack Between Scylla and Charybdis While there were certainly influence operations in the pre-Internet era, data breaches and digital media (including social media) have made them more accessible even to non-state actors. The "Climategate" incident, in which a collection of e-mails from the Climate Research Unit at the University of East Anglia was leaked in an attempt to sow doubt about scientists' consensus on climate change, is an example of selective publication of information to create controversy and political ammunition. So is the recent "Panama Papers" leak (which the Russian government has suggested was a US information operation). But if the DNC leaks and the wave of other breaches of political figures' e-mails have been an influence operation, they have operated at a much larger scale with much broader ambitions. There's enough to be concerned about ethically when it comes to accurate leaked data being provided by someone running an intentional influence campaign. But things get more complicated when false information is introduced into leaks. While WikiLeaks claims "a 100 percent accuracy rate" for its leaked documents, materials provided by Guccifer 2.0 showed signs of alteration. The entity behind Guccifer 2.0 claimed that one document was a file classified Secret and taken from the computer Hillary Clinton used at the State Department. But the document, which was actually an Obama transition team memorandum from before Clinton was even a nominee for Secretary of State, had been modified to include "Secret" in the document's header. This is the sort of thing that Jack Goldsmith, a former Department of Justice official, warned about at a recent seminar at Yale University. "Theft and publication of truthful information is small beans—what about theft and publication of faked information, which is hard to verify, or tampering with the vote itself?" Goldsmith said. "That could have huge consequences, the number of actors who could do this are many, and our ability to defend against it is uncertain." That places journalists trying to use the documents from these dumps in a very tight spot, trying to both determine the veracity of content they've obtained and decide its newsworthiness. Yes, journalists have been used for propaganda purposes before. Journalists are used by politicians and government agencies every day to put out information to shape perception. Wikileaks' dumps of the Podesta e-mails and other Democratic Party documents show among other things how journalists both use and are used by their sources, ingratiating themselves to get access. But this is the first time a foreign government's agent has used the combination of network infiltration, data theft, and public leaking of that data to the press and the world to affect another country's election—and the perception of that other country's election in areas of the world. Scott E. DePasquale, Senior Fellow at the Atlantic Council's Brent Scowcroft Center for International Security and Chairman & CEO of Utilidata, suggests that Wikileaks' decisions have made it a classic agent of influence. "We can divorce ourselves from whether Russia has actually paid the bills [for WikiLeaks] with no questions and no doubts that Assange knows he is doing benefit to Russia," he said. "Whether we get down to if they're on the Russian payroll, is it a deeply covert intelligence operation or something like that—all of that aside, because I think those are impossible questions to answer and even shed light on in an unclassified domain—it is without a doubt that Assange knows what he is doing is benefiting Russia. Whether he's doing it out of spite for the US as a political activist, or he is using the Russians... whatever the modality is, he knows very well that his interest and Putin's interest are deeply aligned. And that's deeply troubling for us at the end of the day." The worries don't even end with the first reporters to hit publish. Questions linger even for more traditional journalists who use only small bits of the most newsworthy leaked material. "There's the complicitness of serving this role of disseminating news for a state actor like Russia," said Rue. "I think that is a factor that should be part of the equation of whether or not to decide to publish something." A reporter or news organization may still decide that it's worth it to run with the material even if they believe that it's been provided by Russia "trying to embarrass the Clinton campaign," Rue acknowledged. But "you have to consider that as part of the equation to publish." The ethical decisions journalists now make about how they interact with that data are much more complicated as a result. And because of the impact of this particular influence operation, this approach may well become the norm—with more countries seeking to expose each others' secrets using journalists as their proxies.