Link

Organizational Doxing and Disinformation – Schneier on Security

From Bruce Schneier:

Major newspapers do their best to verify the authenticity of leaked documents they receive from sources. They only publish the ones they know are authentic. The newspapers consult experts, and pay attention to forensics. They have tense conversations with governments, trying to get them to verify secret documents they’re not actually allowed to admit even exist. This is only possible because the news outlets have ongoing relationships with the governments, and they care that they get it right. There are lots of instances where neither of these two things are true, and lots of ways to leak documents without any independent verification at all.

No one is talking about this, but everyone needs to be alert to the possibility. Sooner or later, the hackers who steal an organization’s data are going to make changes in them before they release them. If these forgeries aren’t questioned, the situations of those being hacked could be made worse, or erroneous conclusions could be drawn from the documents. When someone says that a document they have been accused of writing is forged, their arguments at least should be heard.

As someone who routinely receives, and consults on, leaked documents I can emphatically say this is a serious issue. And that journalists are generally very cautious these days about publishing based on mysteriously sourced documents.

Link

Turns Out You Can’t Trust Russian Hackers Anymore

Turns Out You Can’t Trust Russian Hackers Anymore :

Navalny denies receiving funding from Soros and says he has had no support from Yandex. Laura Silber, a spokesperson for Open Society, said the foundation has never supported Navalny and that the edited documents posted by Cyber Berkut amounted to a libelous claim.

The Kremlin, Navalny wrote in an email to Foreign Policy, “really likes that type of tactics: posting fake documents among real hacked documents.” The goal, he wrote, is to create a mess for the opposition.

“At the end of the day everyone will understand — documents are fake, but it will be a two-week-long discussion: ‘Is [the] opposition and Navalny in particular using Soros’ money?’,” Navalny wrote.

The Kremlin hates George Soros because Open Society, his marquee philanthropy, focuses on boosting democracy in the former Soviet bloc and elsewhere. Silber says Open Society “supports human rights, democratic practice, and the rule of law in more than 100 countries around the world.”

We can’t fully believe all the documents that are stolen, and then subsequently posted online by Russian-affiliated groups with an agenda of discrediting certain parties?

Shocking.

Link

On weaponized transparency

On weaponized transparency:

Over the longer term, it’s likely that personal or sensitive data will continue to be hacked and released, and often for political purposes. This in turn raises a set of questions that we should all consider, related to all the traditional questions of openness and accountability. Weaponized transparency of private data of people in democratic institutions by unaccountable entities is destructive to our political norms, and to an open, discursive politics.

Weaponized transparency, especially when it affects the lives of ordinary persons who take an interest in the political process, is dangerous for a range of reasons. And responsible journalists – to say nothing of publishers such as Wikileaks – ought to be condemned when they fail to adequately protect the private interests of such ordinary persons.

Link

Media sometimes try, fail to keep NSA’s secrets

Source: Media sometimes try, fail to keep NSA’s secrets