Security quotes of the week [LWN.net]

Much of our security ideas and concepts are based on the days when sysadmins ruled the world. They were like a massive T-Rex ruling their domain, instilling fear into those beneath them. Today in security we are trying to build Jurassic Park, except there are no dinosaurs, they all went extinct. Maybe we can use horses instead, nobody will notice ... probably. Most security leaders and security conferences are the same people saying the same things for the last ten years. If any of it worked even a little, I think we'd notice by now.

— Josh Bressers

Now this may in fact be innocent, but to my mind it is at least possible that someone had noticed the potentially vulnerable controller in the code, had experimented with it and found the coding error. Then they realised that if they could quietly fix it, they could open up a critical vulnerability in one of the world’s most popular content management systems, which they could then exploit.

— Fiona Coulter (Thanks to Paul Wise.)

Earlier this month, the group of computer scientists passed the logs to Paul Vixie. In the world of DNS experts, there’s no higher authority. Vixie wrote central strands of the DNS code that makes the internet work. After studying the logs, he concluded, “The parties were communicating in a secretive fashion. The operative word is secretive. This is more akin to what criminal syndicates do if they are putting together a project.” Put differently, the logs suggested that [Donald] Trump and Alfa [Bank] had configured something like a digital hotline connecting the two entities, shutting out the rest of the world, and designed to obscure its own existence. Over the summer, the scientists observed the communications trail from a distance.

— Franklin Foer in Slate on a strange connection between a Trump server and a Russian bank

Security quotes of the week

Posted Nov 3, 2016 17:08 UTC (Thu) by smoogen (subscriber, #97) [Link]

I am trying to remember a day when Sysadmins ruled the world.. outside of the writings of BofH . I think that the people who are at these conferences have been saying the same things for not 10 years but at least 30 years... no one listened to them then.. but they are all afraid that if they aren't said.. the cargo planes which have kept them 'safe' will go away.

Security quotes of the week

Posted Sep 16, 2021 22:59 UTC (Thu) by jebba (guest, #4439) [Link]

A lawyer has been charged with lying to the FBI about this Alfa Bank connection.

https://www.washingtonpost.com/national-security/john-dur...

Security quotes of the week

Posted Sep 18, 2021 16:18 UTC (Sat) by jebba (guest, #4439) [Link] (14 responses)

Here's the statement that was put out about the servers at the time:

https://twitter.com/HillaryClinton/status/793250312119263233

> Statement from Jake Sullivan on New Report Exposing Trump's Secret Line of Communication to Russia
>
> In response to a new report from Slate showing that the Trump Organization has a secret server registered to Trump Tower that has been covertly communicating with Russia, Hillary for America Senior Policy Adviser Jake Sullivan released the following statement on Monday:
>
> "This could be the most direct link yet between Donal Trump and Moscow. Computer scientists have apparently uncovered a covert server linking the Trump Organization to a Russian-based bank.
>
> "This secret hotline may be the key to unlocking the mystery of Trump's ties to Russia. It certainly seems the Trump Organization felt it had something to hide, given that it apparently took steps to conceal the link when it was discovered by journalists.
>
> "This line of commmunication may help explain Trump's bizarre adoration of Vladimir Putin and endorsement of so many pro-Kremlin positions throughout this campaign. It raises even more troubling questions in light of Russia's masterminding of hacking efforts that are clearly inteneded to hurt Hillary Clinton's campaign. We can only assume that federal authorities will now explore this direct connection between Trump and Russia as part of their existing probe into Russia's meddling in our elections."

So apparently Paul Vixie is a liar and has been caught. I wonder if he made his claims to the FBI, or just to the media. If the former, he could be facing jail time.

It is also notable that Jake Sullivan is currently the USA's National Security Advisor, who "serves as the principal advisor to the President of the United States on all national security issues".

Security quotes of the week

Posted Sep 18, 2021 17:05 UTC (Sat) by corbet (editor, #1) [Link] (13 responses)

This seems pretty off-topic for LWN, and you're commenting on five-year-old stuff anyway. This probably isn't the place for this discussion.

Security quotes of the week

Posted Sep 18, 2021 17:46 UTC (Sat) by jebba (guest, #4439) [Link] (6 responses)

I understand it is "old", but if it is off-topic, why was it posted in the first place?

To me, it is significant to find out *what actually happened*. When these articles initially came out, I was highly curious what happened. Usually media articles are so thin on tech info, you can't really figure out how they came to the conclusions they did. But then they say their confirming source is no less than Paul Vixie (I ran BIND back in the 90s...), it makes the claim that much stronger. But I was still perplexed how they could come to all these conclusions just from DNS root server logs. It is also notable that there *were* root nameserver log files that are kept for this type of analysis. Who is doing that?

Vixie's claim:

> “The parties were communicating in a secretive fashion. The operative word is secretive. This is more akin to what criminal syndicates do if they are putting together a project.”

Paul Vixie used his credibility to validate the claim. This is an extraordinary claim and now appears to be made up wholly for political reasons. (I suppose I should also point out, I'm not a Trump supporter. I became very skeptical of "Russia" claims after they had been using them against Julian Assange, who I do not believe is a Russian asset.)

Security quotes of the week

Posted Sep 18, 2021 18:47 UTC (Sat) by Wol (subscriber, #4433) [Link] (5 responses)

> I understand it is "old", but if it is off-topic, why was it posted in the first place?

Because LWN don't believe in moderation unless they have to. There's a fine line between too much moderation suppressing discussion, and too little leading to the place becoming a cess-pit. The editors do a pretty good job, all things considered.

Cheers,
Wol

Security quotes of the week

Posted Sep 18, 2021 19:08 UTC (Sat) by jebba (guest, #4439) [Link] (4 responses)

It was LWN that posted about Paul Vixie, it wasn't a user comment. So if that isn't off topic, how is discussing it?

Security quotes of the week

Posted Sep 19, 2021 9:21 UTC (Sun) by Wol (subscriber, #4433) [Link] (3 responses)

Because the original LWN article is five years old?

And I hate to say it. but digging through OLD articles, and waking them up, and commenting on them, is a pain in the neck!

Or do you want LWN to pick a random date, say six months, and block comments on all articles older than that? You're making work for other people. That doesn't go down well in the Free Software world.

As they say, hindsight is 100%. As the N in LWN stands for News, please don't drag Olds into current discussion, confusing the hell out of everyone. I guess most people won't even *see* your comments, guests won't stumble across them, higher level subscribers will have blocked you. I'm tempted to do the same, but I don't donate enough to have that facility ... maybe I should ...

Cheers,
Wol

Security quotes of the week

Posted Sep 19, 2021 14:11 UTC (Sun) by jebba (guest, #4439) [Link] (2 responses)

So you think there shouldn't be updates to the story? They should just leave it at what Paul Vixie said and not update with new information now that we know he's lying? If there was a new article about it, I would comment about it there, but there isn't one. Why aren't the new developments in the story "News"?

Security quotes of the week

Posted Sep 19, 2021 17:15 UTC (Sun) by Wol (subscriber, #4433) [Link] (1 responses)

Well, reading the story, I can't see anything Paul Vixie said that he could be accused of lying.

About all the article credits him with saying is "this looks like a real conversation with real people". And the article goes on about "circumstantial evidence but no smoking gun". There's nothing impeachable in that.

If you're going to accuse someone of serious lying, you need better evidence than that!

Cheers,
Wol

Security quotes of the week

Posted Sep 19, 2021 17:22 UTC (Sun) by jebba (guest, #4439) [Link]

This is what LWN wrote above quoting Paul Vixie, on this very page:

> "The parties were communicating in a secretive fashion. The operative word is secretive. This is more akin to what criminal syndicates do if they are putting together a project.”

Back in the day, I was wondering how on earth one could come to this conclusion based on DNS root server logs. Can you explain that? What logs entries would allow someone to make that claim? And now we know why the claim was made. It wasn't tech, it was a political setup from the beginning.

This may be "old", but the new information, to me, makes it relevant. Julian Assange sits in the harshest prison in the UK, often in solitary confinement, because of all this. The more light shed on it, the better.

Security quotes of the week

Posted Sep 19, 2021 16:07 UTC (Sun) by malmedal (subscriber, #56172) [Link] (5 responses)

I believe it is against your policy, but may I suggest you want to actually delete off-topic comments?

A certain type of person like to post factually wrong and slanderous comments somewhere they hope they will not be gainsaid because nobody cares. This allows them to refer to their comments elsewhere and brag about how they were un-refuted.

I find this practice detrimental to my enjoyment of LWN so I hope it can somehow be stopped.

Security quotes of the week

Posted Sep 19, 2021 17:01 UTC (Sun) by jebba (guest, #4439) [Link] (4 responses)

> A certain type of person like to post factually wrong and slanderous comments somewhere they hope they will not be gainsaid because nobody cares. This allows them to refer to their comments elsewhere and brag about how they were un-refuted.

I have used the username "jebba" or similar form ("Yeb" on slashdot) for 20+ years. I am Jeff Moe, from Loveland, Colorado. I have never once done what you assert above. If you can find an example of it, I will retract what I've said.

Security quotes of the week

Posted Sep 19, 2021 17:43 UTC (Sun) by malmedal (subscriber, #56172) [Link] (3 responses)

You accused Paul Vixie of lying and provided as evidence the fact that:

John Durham(special counsel for the Trump Administration) is alleging that Michael Sussmann said to the FBI that he was providing information of his own initiative and not as a paid lawyer for Clinton and that this was a false statement.

John Durham has spent about four years on this and has not provided any evidence that the *actual information* provided by Michael Sussman was in any way wrong.

With four years of investigation without any claims of misconduct on Paul Vixie's part I believe it is safe to assume the he was, in fact, telling the truth.

Security quotes of the week

Posted Sep 19, 2021 18:14 UTC (Sun) by jebba (guest, #4439) [Link] (2 responses)

malmedal wrote: "With four years of investigation without any claims of misconduct on Paul Vixie's part I believe it is safe to assume the he was, in fact, telling the truth."

Yet even back in the day, few believed it, including Mueller:

> "The FBI investigated the allegations and determined that there was insufficient evidence to link Trump's business with Alfa Bank, and the former special counsel Robert Mueller did not address the issue in the report on his investigation."[1]

There's lots of news media about that from the time. Now we know who the source was pushing it, that's the relevant part. It was political, not tech. They literally just filed charges against the guy who was spreading Vixie's claim.

I'll also note, of all the text in this thread, I don't see anyone doing anything to substantiate Vixie's claims.

[1] https://thehill.com/regulation/court-battles/572662-grand...

Security quotes of the week

Posted Sep 19, 2021 18:32 UTC (Sun) by corbet (editor, #1) [Link]

So there are a lot of open questions about the Durham investigation and this charge in general; one should be careful about drawing any conclusions from it. I tend to follow such things and have an interest in them ... but in general I don't think they are on topic for LWN. Perhaps the original quote was a mistake to post — we were so young and naive back in 2016... At this time, though, I still think that this type of discussion is best held elsewhere. Can we bring it to a close please?

I really don't think we need to start questioning the character of anybody in this specific discussion — that is not the issue here. Please let's not do that.

More generally, we have occasionally pondered whether comments should be shut off after some amount of time has passed. But there is sometimes value in posting an update to an old story, so we've never done that.

Security quotes of the week

Posted Sep 19, 2021 19:03 UTC (Sun) by malmedal (subscriber, #56172) [Link]

> Now we know who the source was pushing it, that's the relevant part.

For me, something is either true or not. Whether I like the person pushing it or not is not relevant.

What is more relevant is that this thread is completely off-topic and detrimental to LWN and I would like to apologise and ask that this
discussion be deleted.

> I'll also note, of all the text in this thread, I don't see anyone doing anything to substantiate Vixie's claims.

Please read more closely. As I said, John Durham, whose job it is to find problems with Vixie's claims, has not found anything.