kinda weird to fire your Secret Service director mere days after the Secret Service caught a probable spy at your private bribery mill!
Kinda weird.
— Zeddediah Springfield (@Zeddary) April 8, 2019
So the Secret Service stuck Zhang's thumbdrive into their computer. https://t.co/0T6LAfOtEl pic.twitter.com/RSfUgw4I4n
— Chris Wysopal (@WeldPond) April 8, 2019
Not a cybersecurity expert, but seems like that’s hardly best practice?
A federal prosecutor argued in court Monday that Yujing Zhang, the Chinese woman arrested trying to enter President Donald Trump’s private Mar-a-Lago club in Palm Beach last month, “lies to everyone she encounters” and said a search of her hotel room uncovered more than $8,000 in cash, as well as a “signal-detector” device used to reveal hidden cameras.
Also uncovered in the search: $7,500 in U.S. hundred-dollar bills and $663 in Chinese currency, in addition to nine USB drives, five SIM cards and other electronics, according to federal prosecutor Rolando Garcia. Signal detectors are portable devices that can detect radio waves, magnetic fields and hidden-camera equipment.
Prosecutors are treating the case as a national-security matter and an FBI counterintelligence squad is investigating, sources familiar with the inquiry told the Miami Herald.
Zhang gave conflicting accounts of why she came to Mar-a-Lago on March 30, at one point saying she had been invited to attend a social event, according to an affidavit filed by a U.S. Secret Service agent. But she was found to be carrying several electronic devices, including a thumb-drive containing “malicious malware,” the Secret Service said. That raised suspicions among federal investigators already probing possible Chinese intelligence operations in South Florida that she could be engaged in espionage…
Investigators are still trying to determine the nature of the malware Zhang allegedly brought into the club, sources told the Herald. It is not clear how much of a threat the malware posed and whether it was intended to gather information at the president’s club or possibly to destroy an existing network or program, they said.
Secret Service agent Samuel Ivanovich, who interviewed Zhang on the day of her arrest, testified at the hearing. He stated that when another agent put Zhang’s thumb-drive into his computer, it immediately began to install files, a “very out-of-the-ordinary” event that he had never seen happen before during this kind of analysis. The agent had to immediately stop the analysis to halt any further corruption of his computer, Ivanovich testified. The analysis is ongoing but still inconclusive, he said…The agent said he conducted a four-and-a-half hour interview with Zhang at the Secret Service office in West Palm Beach. There was only video but no audio recording because Ivanovich said he did not realize the audio was not working.
Congressional Democrats have called for a counterintelligence investigation into Yang, whose activities have generated national scrutiny.
As it turned out, the FBI has been investigating possible Chinese espionage operations in South Florida since late last year, sources with knowledge of the inquiry exclusively told the Herald. Zhang’s arrest has sent the counterintelligence probe into overdrive. The FBI Counterintelligence Division in South Florida is also now examining the activities of Yang. The investigation had originally focused on other Chinese nationals doing business in South Florida or traveling to the region. (In February, a Chinese student was sentenced to one year in prison after he was caught taking photos and videos at the U.S. Naval Air Station in Key West.)
A spokeswoman for Yang said she has done nothing wrong, has not been contacted by federal authorities and did not know Zhang, the alleged Mar-a-Lago intruder.
Trump was in South Florida during the security breach but was golfing away from Mar-a-Lago. Last week he called the incident a “fluke.”…
Zhang’s arraignment — where prosecutors will present the charges against her — is scheduled for Monday, April 15.
After a would-be spy was caught onsite, Trump needs a scapegoat for the very predictable outcome of his utterly irresponsible trips to Mar a Lago as president.
Looks like he found one. https://t.co/Iz3YnnK733
— The Hoarse Whisperer (@HoarseWisperer) April 8, 2019
Or then again, maybe it’s related to the Trump Occupation’s other breaking-news national security fvckup…
The official says Alles was told that the president was preparing to make changes in leadership throughout DHS; the Secret Service is one component of the dept.
— MSNBC (@MSNBC) April 8, 2019
Syphonblue
Plugging a USB stick into a computer to see what happens if you suspect it of nefarious purposes is a totally normal thing to do as long as the computer is totally siloed and off the internet or any network.
Roger Moore
This may even be technically true. I’d guess that the fight between Trump and the Secret Service about guest lists at Mar-a-Lago has been an ongoing source of friction, and USSS’s decision to make a stink about it is just the latest episode in that ongoing dispute.
debbie
@Syphonblue:
I can’t believe he wouldn’t have known that.
bobbo
We need a complete shut-down of Mar-a-Lago until we can figure out what is going on
rikyrah
Amene (@Ange_Amene) Tweeted:
They are betting that Black voters dont see them on Fox News…dont see those articles of you saying Trump voters arent necessarily racist.
This is Vegas folks.
And Black voters are security cameras.
WE SEE EVERYTHING. https://twitter.com/Ange_Amene/status/1115366647009660928?s=17
Syphonblue
@debbie:
Yeah if Secret Service agents are plugging potentially dangerous USB sticks into their regular work computers, they’ve got some fucking problems at the USSS.
That’s basic fucking computer security.
Viva BrisVegas
If the Chinese want to make Trump an intelligence asset of theirs, they need to talk to Putin first.
Jay
So, the “cleaner” sent in to wipe the systems Yang and others installed, got caught before she could wipe the systems?
Spanky
@Syphonblue:
I seem to recall that that problem surfaced a few years ago when some agents on a field assignment engaged in some, er, extracurricular activities.
Spanky
@Viva BrisVegas: I think the Chinese are pretty concerned that Putin has made POTUS his poodle. Can’t blame them for trying every which way to get in the door.
Maybe they should just talk to McConnell’s wife.
hells littlest angel
@Viva BrisVegas: Various countries’ intelligence services are running a train on Trump.
MattF
I think anyone who tries to rein in Trump’s recklessness is going to get into trouble. No doubt, the Secret Service head tried to do that at some point, and now he’s paying for it.
Mike in NC
It has to be virtually impossible to enforce security at a place like Mar-A-Lardass. Fat Bastard was blabbing classified information during dinner to anybody within earshot on his first visit there. It’ll be interesting to see how many spies are caught.
different-church-lady
…and pulled out a plum…
mrmoshpotato
@Syphonblue: Yup. Best to have junk computers with no way to connect to a network for that.
dnfree
@debbie: Obama kind of tried to avoid making a big deal of it, but I recall several Secret Service screw-ups while he was president, and even questions about whether all the members of the Secret Service were truly willing to protect Obama and his family. Seems there were changes of leadership then also, and it seems the Secret Service isn’t quite the elite organization it either once was or was believed to be.
This article doesn’t even cover Obama’s entire term.
https://www.nbcnews.com/news/us-news/long-list-breaches-scandals-secret-service-under-obama-n215751
rikyrah
John Harwood (@JohnJHarwood) Tweeted:
President Trump tells federal border agents to ignore judicial orders
WH chief of staff Mulvaney says request from Congress for Trump tax returns pursuant to existing statute will “never” be met
GOP Sens like Romney and Grassley side w/Mulvaney
the rule of law is being tested https://twitter.com/JohnJHarwood/status/1115370983949385728?s=17
Steeplejack
@Syphonblue:
But you also need “watchdog” software to see what is happening, because some piece of malware could get installed with the instructions “When you do get connected to the Internet . . .”
I doubt if the front-line “guarding Mar-a-Lago” agents had any of that. And, based on their apparent inability to record an interrogation (oops, no audio!), I’m not sure what they could have accomplished if they did.
VeniceRiley
What? If anyone at my work found, say, a USB on a conference room floor, by a cubicle, or wherever, and then plugged it into their computer instead of turning it over to my IT Security, they’d be disciplined and perhaps canned. Even your legit USB won’t work without Active Directory permissions set and encryption on the device. You have to sign for responsibility that you understand the policies.
MattF
@Mike in NC: My guess is that the spies and moles at Mar-a-Lago have formed a local chapter of the International Eavesdroppers and Wirers Association and, by this time, you have to be a member to get through the door.
different-church-lady
So, how long before Greenwald is writing columns demanding Yujing’s release?
JaneE
@Syphonblue: And stripped down to bare bones op system. If for no other reason than you can know what it did to your computer. Your own hacking tools are somewhere else – read only. In the good old days you couldn’t even put classified info on a computer that wasn’t completely isolated.
FelonyGovt
He didn’t realize the audio portion wasn’t working during the interview? The same guy who put the thumb drive into his computer? Is he kind of a dope?
Roger Moore
@Spanky:
She isn’t necessarily going to help the PRC government just because of her ethnicity. Her family is Taiwanese, or at least moved to Taiwan after the communists took control of the mainland. I wouldn’t expect her to be eager to help the PRC government to spy on the US.
different-church-lady
When we talk about malware, are we including Windows 10?
debbie
@dnfree:
I remember that. If you don’t want to do your job, ask for a transfer, FFS.
Steeplejack
@FelonyGovt:
Two different agents.
“He stated that when another agent put Zhang’s thumb-drive into his computer [. . .].”
PaulB
@Syphonblue: Not necessarily. If they are using a clean computer, disconnected from the network and specifically used for this kind of test, then this may well be SOP.
Let the malware do what it likes on a system you don’t care about so that you can better examine the full impact.
debbie
@FelonyGovt:
And he’s not the guy they’re firing!
ruemara
@rikyrah: I already got into a minor disagreement with someone I normally have a lot of agreement with. Bernie Sanders statements on immigration feels like nativism to me. Not isolationism, not all about trade. Just a much nicer version of “we’re full”.
@different-church-lady: He’s busy tweeting QAnon conspiracy stuff at the moment. Give him a day.
gene108
Over/Under: 50% of MaL staff are the payroll of a foreign government to spy on Trump.
different-church-lady
@gene108: TRUMP is on the payroll of a foreign government to spy on Trump.
VeniceRiley
@PaulB:
But then he goes on to claim it’s unusual for malware to install itself? Since when?! LOL I mean, that’s the part where you might think … uh, guys, you need a professional.
Roger Moore
@mrmoshpotato:
I think the optimum solution is to use a virtual machine. It’s easy to restore to default configuration, and you can instrument it up the wazoo so you can see exactly what the malware is doing.
Roger Moore
@MattF:
Trump believes in hiring scabs.
Ruviana
@different-church-lady: Just the most recent upgrade. :)
Roger Moore
@gene108:
Over.
Steeplejack
@Roger Moore:
Which is why you box it up and send it over to the geeks at NSA (or whichever relevant agency), rather than letting Agent Whiteman fiddle with it because he watched every episode of CSI: The Cyber.
trnc
@Syphonblue:
True, but this guy was obviously caught off guard.
Installing malware is EXACTLY what you should expect with a suspicious thumb drive. For this reason, I think MS disabled autoplay for external devices years ago. That means that either that computer still had autoplay disabled or the usb drive somehow enabled it, which seems weird.
trnc
@Roger Moore:
You’re hired! Well, not for this administration, obviously, but when we get someone competent in there and maybe some money for IT funding instead of funneling it to billionaires.
trollhattan
@FelonyGovt:
My thought exactly. WTF is the vetting process for agents named “Ivanovich”? “We call him Big Brain.”
Funnily enough, I know a retired Secret Service guy who did recruit screening, so will be asking just that next time I see him.
trnc
@Steeplejack:
Yes, when I’m getting ready to test a suspicious USB drive, I always use a co-workers computer rather than my own. That way, I don’t have to worry about my own bookmarks or the wicked screensaver I’ve set up on mine.
Gin & Tonic
@Roger Moore: Precisely. If you’re not doing this in a VM then you don’t know enough to be doing anything.
trollhattan
@trnc:
We’re all given training on computer security–canned basic stuff mandatory for all–and one hacker tactic is leaving a flash drive outside the office building in hopes somebody picks it up and plugs it in to see what’s there. Human nature and all.
If “The Americans” weren’t set in the Reagan era they would have done it.
Steeplejack
@trnc:
“Let the rookie do it!”
Roger Moore
@trnc:
Trust me, you don’t want me. I know the very broad outlines of what to do, but I’ve never even thought about doing it myself.
snoey
“began to install itself” is more usually spelled “dumbfuck clicked on”.
SiubhanDuinne
The SS guy at Mar-a-Loony should have just given it to young Barron to check out. He was there anyhow on his spring break, and he knows all about the cyber.
Roger Moore
@trollhattan:
There’s much more nefarious stuff you can do now. One underappreciated feature of USB devices is that they can have multiple functions. This can be helpful- your keyboard can have an onboard hub for your mouse to reduce clutter- but it can also lead to all kinds of nefarious activity. Something that looks like an ordinary mouse or even a dumb device that just uses the USB for power can actually contain a hidden thumb drive full of malware. And that completely ignores all the potential for problems caused by using the same port on your phone for power and communications…
JaySinWA
@Roger Moore: I would take any reporting on this with a grain of salt. Early reports of any kind are often wrong and tech reporting in the general press is usually inaccurate at best.
sukabi
@Mike in NC: if you incarcerated drumpf and his entire family and their foreign friends and acquaintances you’d have cleaned up a lot of the security breaches / issues and more than likely would net a dozen or more spies in the process.
catclub
@different-church-lady: minders for the minders
Another Scott
@JaySinWA: +1
Plus, the agents were explaining what happened to a court, so they probably would have had to “dumb it down” even if they were recognized experts in this stuff.
Cheers,
Scott.
Dan B
@rikyrah: I looked at this tweet and can’t figure out who they are referring to in Vegas. Do you know?
catclub
@Dan B: Vegas has zillions of security cameras.
David ??Merry Christmas?? Koch
polyorchnid octopunch
@trnc: Another possibility is that it’s not, in fact, a USB drive, but instead is another kind of USB device that looks like a thumb drive.
matt
Re: Trump firing the SS director over this.
Really enjoying how criminal this administration is and how nothing can be done about it because so many plutocrats are in favor of it.
karen marie
@JaySinWA: It’s a quote from a witness to the event testifying at a hearing. I think that’s more reliable than a story cooked up somewhere else afterward.
Dan B
@catclub: True but the tweet seemed to be about a white Dem candidate in Vegas, or on Fox, who said that Trump supporters aren’t racist. I don’t know who that is.
Matt McIrvin
@Roger Moore: The problem with a virtual machine is that plugging something into its virtual USB port still involves sticking it in the real port.
Adam L Silverman
@mrmoshpotato: @Roger Moore: @Steeplejack:
germy
Ivan X
I’m surprised no one has yet suggested that not only the machine be siloed and not used for anything else, but before that even happens, the stick gets plugged into a dedicated purpose machine (eg a Linux box, or a dedicated appliance) whose sole job it is to do nothing but block copy the whole USB stick, in case it does anything self-modifying in the course of action.
Roger Moore
@Matt McIrvin:
The need to plug the USB device into a real port can be mitigated by hosting the VM using a different OS, e.g. a Windows VM on a Linux host computer. Unless the USB device can infect both OSes, you should be OK. If you’re truly paranoid, I suppose you could extract the memory chip from the thumb drive and read it directly.
Roger Moore
@Adam L Silverman:
Good to know that USSS is not completely incompetent.
Adam L Silverman
@David ??Merry Christmas?? Koch: Which doesn’t air until 11:30 PM EDT, so he hasn’t announced anything yet.
germy
I’m trying to understand what the plan was with the malware. What was her intention?
I thought a spy would want to bring a clean thumb drive, and copy useful information onto it. Who was she hoping to infect?
Mary G
@Adam L Silverman: Sure, Jan.
Roger Moore
@germy:
If the computer is on a network, installing malware is much more valuable. You can still copy everything over the network, but you can keep copying data until the malware is discovered. You can also use the compromised computer to try to take over other computers on the same network. I would guess that it’s also faster to install the malware than to download a bunch of files onto a USB drive.
Plato
@Spanky:
Can’t blame the chinese. Everyone wants to play with the
dollpuppet.different-church-lady
@JaySinWA:
And nowadays later reports are frequently no better.
Steeplejack
@Adam L Silverman:
Slight skepticism:
Adam L Silverman
I guarantee that Zhang was sent by the PRC’s intelligence services specifically to be caught and divert attention from their real infiltration work, which involves buying memberships to Mar a Lago and the President’s golf clubs. And my guess is she was used at that moment to provide cover for someone actually penetrating into the network at a Trump property somewhere else. This is used all the time. When Ramzi Youssef entered the US so he could build the bombs for the first World Trade Center bombing, he was a number of people behind one of his co-conspirators who just happened to go through the customs line and when his carry on was open, they found circuit boards, bomb making manuals, etc. When Youssef came through about 20 minutes or so later, he went through the nothing to declare line and zipped through because everyone was still focused on the guy they were sacrificing to get Youssef into the country. Zhang is a sacrifice. The real questions are who they actually got in by sacrificing her, how many, and what are they actually doing?
Baud
Why isn’t Balloon Juice required reading?
Mary G
@Adam L Silverman: Nothing good.
jl
@Ivan X: I don’t think enough details in the story for us know what was going on, other than evidence that the USB contained malware of some kind. But, if the SS agent was not a IT security expert, and he was not plugging it into a completely siloed (i.e., not on any network) and dedicated test machine, that would be very bad. Like at least one other commenter, I’d be in big big trouble of I plugged a suspect USB into a work computer that was connected over any kind of network I’ve had training that specifically says you do not do that, you take the USB straight to IT security personnel.
rikyrah
@Dan B:
The WWC whisperers
Bernie, Mayor Pete
rikyrah
M. Mendoza Ferrer (@mgranville1) Tweeted:
@SenSanders basically blaming THE WOMEN’S REVOLUTION for the economic reality that it now takes two people working incredibly long hours to earn enough income to support a family. He argues this raises other issues around childcare & kids not getting the attention they need. https://t.co/NlU2j5LdlW https://twitter.com/mgranville1/status/1095158411224907776?s=17
different-church-lady
@David ??Merry Christmas?? Koch: OK, that fills in my bracket of 64. Who’s running in the play-in games?
Roger Moore
@Baud:
Yeah, they can get them to download it. They may even get them to read it. Getting them to believe it is another matter.
West of the Rockies
OT request for advice here. I got a text on my phone that begins “Account Locked”…
It references A Wells account (I have never banked at Wells). It concludes with an http address.
Does this sound like cyber fishing? Should I delete the text? I have not clicked on the address.
Thanks folks.
jl
@Adam L Silverman: Thanks for info. The things you learn on this almost top 10,000 Floriduh-man and petsnax blog!
Adam L Silverman
@Mary G: @Steeplejack: I’m just posting what is being reported. Personally, as I stated earlier, I am 1) amazed that the USB ports on Secret Service computers – in this case likely either Toughbooks or Dells – haven’t been deactivated for security purposes and 2) that these morons actually did this.
different-church-lady
@Roger Moore: That’s what the reeducation camps are all about.
Baud
@West of the Rockies: Yes.
different-church-lady
@West of the Rockies: It absolutely is phishing. DO NOT click on link. Contact your service provider to figure out what to do about it/how to report it.
Adam L Silverman
@rikyrah: It’s like he left out two or three sentences to get from when he was going up to where we are today so that the revolution of women going out in the workforce didn’t just hang there like it was the problem. I’m not a big fan of Senator Sanders, but I’m pretty sure that wasn’t where he thought he was going with his remarks, but it is what came out of his mouth.
MazeDancer
Eric Swalwell can come back in 20 years.
Love him, but enough with the White Boys.
West of the Rockies
@Baud: @different-church-lady:
Thank you both!
Adam L Silverman
@West of the Rockies: 1) record the # on paper, 2) block the #, 3) delete the text.
Steeplejack
@West of the Rockies:
My advice is to delete the text.
Ken
@bobbo:
I’m hoping the next administration secures all Trump properties for a complete security sweep, including background checks of all employees, members, and guests.
PaulB
@VeniceRiley: “uh, guys, you need a professional.”
Fair enough and you are, of course, correct that it’s trivially easy to write code to automatically install (although this, too, can be blocked by a competent professional).
dopey-o
@Adam L Silverman:
At one gov’t facility, i noticed that the USB ports had been filled with epoxy. Physically impossible to insert a thumb drive – or other item. I can’t imagine that the USSS allows ANY USB drives, due to the danger of transferring infections – or classified info – between PCs.
debbie
Who the hell is this Swawell who’s announced his candidacy?
Dan B
@rikyrah: That’s what I thought. Wilmer, sure, but Pete’s words are being twisted. Pisses me off. I’m all for criticism where it’s deserved but this is not.
Pete has said that it backfires politically to call Trump supporters racist. I believe a lot of Trump supporters are what I’d call clueless-racist and blind to racism. At the same time poor whites in the US are seeing their lifespans shortening. It’s one of the only groups in the world. Their us common cause to build with minorities but that possibility is lost if the main message they hear is “racist”.
I believe they are homophobic as well but Pete got 80% of the vote in South Bend when the city voted for Trump.
If there is clear evidence that he hurt black people in South Bend then I want to know.
West of the Rockies
@Adam L Silverman:
Curiously, it came with no phone number. Just a five digit number with a #
plato
@debbie: Swell, more white guyz.
B.B.A.
@David ??Merry Christmas?? Koch: Never heard of him. I’m assuming he’s a Russian agent until I get definitive proof otherwise.
MisterForkbeard
@debbie: I LIKE Swalwell – he’s good.
This is also blisteringly stupid and I have no idea why he’s doing it.
Jay
@gene108:
It’s one way to make a living wage for undocumented workers. It’s sure as hell that Mar a Lego doesn’t pay them a living wage.
JR
I’m sorry, but the judges were looking for “Merde-a-Lago”.
Adam L Silverman
@West of the Rockies: I get them like that from my pharmacy when my prescription is ready – a five digit #. Most likely someone has stolen your phone # to sign up for something. Regardless, record the # so you can speak to your cell service provider about it, block the five digit #, delete the text.
Felanius Kootea
@MisterForkbeard: Easy. He’s noticed that the Beltway pundits believe that only a white man can beat Trump and that they seem to give each new one that joins the Dem race overwhelming attention (i.e., the same kind of free advertising that helped #45 in 2016), while ignoring thoughtful policies and proposals being offered by women or minorities. Luckily, the pundits don’t determine the results of the primaries – they can only shape those results so much.
ETA: I like Swalwell by the way and love seeing him when I hate-watch Bill Maher. My mom actually watches Fox News to find out what the “other side” is up to, the closest I can come to that is watching Bill Maher.
Jay
@PaulB:
It’s highly unusual that with out taking any action, other than plugging in a USB thumb drive, that it automatically starts installing malware.
You ususally have to at least click on the thumb drive icon for anything to happen.
Obvious Russian Troll
@Roger Moore: Your general assumption should be that any USB stick can detect and load malware onto any and all operating systems it encounters, and that a virtual machine is not necessarily safer than a physical machine (although that would make it harder to attack the physical machine running the VM).
Some things will be easier to attack than others, of course.
debbie
@MisterForkbeard:
Doesn’t want to feel left out?
??? Goku (aka Amerikan Baka) ??
@Felanius Kootea:
My parents are the same in a way. They see what happened to Clinton and assume the same will happen to anybody the Dems will put up. It pissed me off when I heard it and I reminded them that Trump only won by the slimmest of margins in 3 states. He’s not a god and he’s not invincible. It’s entirely possible he could win again in 2020, even via the EC, which would be especially destabilizing in my opinion. A president winning election via the EC only in less than four years would be unheard of
Gin & Tonic
@Adam L Silverman: Bullshit. Not remotely believable.
Gin & Tonic
@Jay: Not unusual at all.
Keith P.
So, just to get this out there, does anyone else think that Stephen Miller’s vendetta against Kristjen Nielsen is rooted in her rejecting him as a date to some WH dinner? The nastiness of it makes me think he tried to be WH wunderkind-stud but got laughed at (probably to his face)
Central Planning
@Gin & Tonic: Any decent malware writer knows to check if they are running in a VM, and if they are, don’t do anything nefarious.
??? Goku (aka Amerikan Baka) ??
@??? Goku (aka Amerikan Baka) ??:
To finish my comment: Trump could win, but let’s not assume that anyone we nominate will automatically lose, especially just because they’re women.
Jay
@Gin & Tonic:
My understanding is limited, but when you plug in a thumb drive, usb cable or mouse, the computer just “pings” the port to see if it’s occupied and there is a device connected.
How does a USB device immediately start downloading malware or files, when you haven’t opened a connection to the device?
I could see how a thumbdrive could initiate communication on it’s own, and after a while of surveying your system, start downloading malware,
But immediately?
How does it know immediately what the OS is?
NotMax
Jeebus. Like saying a “round circle.” Not the brightest bulbs in the marquee.
“Hey, Sam, let’s put this doohickey into the magic box and see what happens, ‘k?”
Gin & Tonic
@Jay: Reading assignment #1:
Jay
@Adam L Silverman:
Given that in addition to malware, she had equiptment to identify wifi bugs and cameras,
I’m guessing that she was a “cleaner”, sent in to find and wipe devices that the Merde a Lego Madam and her guests had already planted and remove or corrupt “Chinese Fingerprints”, now that the FBI is investigating.
And I’m going to guess that she’s a Chuck from the Chinese Intelligence Nerd Herd, not a spy like Sarah.
trnc
@polyorchnid octopunch:
Hmmm … any example that you can think of? I’m not sure what could be a non-storage device that could hold files to be installed.
James E Powell
So how does Trump’s refusal to turn over his tax returns play out? Even if the supreme court rules that he has to do so, who’s going to make him? His supporters, every Republican, FOX, and most of the rest of the press/media will back whatever he does. What else can be done?
Keith P.
@trnc: Vape pen. I wouldn’t put it past a SS agent to plug one into a USB port and mistake the “Installing drivers for your USB device..” dialog for a malware installation.
Jay
@Gin & Tonic:
So, basically, the USB Standard and some forms of OS automatically initiate full data communication with the USB, if the USB “spoofs” the USB Standard that it’s an OS upgrade or if the OS automatically uses a connected USB drive data storage for some functions, to offload data or function loads.
Interesting.
Gin & Tonic
@James E Powell: It’s not up to him, it’s up to the head of the IRS.
trnc
@germy: What Roger M said, plus – the malware would probably be written to install an ftp client, then open a connection to a server (probably in China, but not necessarily) and start copying files from the most likely folders (Documents, Desktop, etc) to the server.
Remember Drooliani’s short lived cyber security business? If Mar-A-Loco used his services, I would expect to find that the computers were not anywhere near up to date for OS security updates, autoplay was set to run and no antivirus program installed. Also, plain text password files with bank account info.
Steeplejack
@Jay:
What if it’s not a thumb drive but a device that just looks like a thumb drive? Check out this video.
Steeplejack
@trnc:
See above.
trnc
@James E Powell: No one has to make him, per se. His returns are on file with the IRS (assuming he actually filed), so Rettig or someone there has to turn them over. I doubt Rettig would risk jail over the matter.
James E Powell
@trnc:
And if Trump orders Rettig not to turn them over? Or if Trump sues to prevent him and the courts back Trump? What then? I’m genuinely curious because the cry of “He won’t release his tax returns!” hasn’t moved the needle since 2016.
VOR
@Adam L Silverman: I have to believe every competent intelligence agency in the world has someone on staff at Mar-A-Lago, Bedminster, and any other Trump location he often goes, like whatever the one is in Virginia. I mean, Trump hired undocumented foreign nationals prior to his presidential run. Mar-A-Lago has advertised for foreign temporary workers. And they probably have someone with a membership too, say by coercing an existing member.
As for inspecting the USB drive, I’d want a computer which is well instrumented, air-gapped, and inside a Faraday cage so it can’t connect to any wireless network like Bluetooth, wifi, or cellular. It’s not paranoia if they really are out to get you.
Jay
@James E Powell:
The IRS reports to Congress, not the President.
Checks and ballances.
Courts have no standing in the matter.
plato
Wonder what those military trumpistas think of this third rate turd of a scum now.
plato
MobiusKlein
@Adam L Silverman:
I am reluctant to do InfoSec HR by twitter rumors.
On the other hand, I don’t see InfoSec rumors about my company bubbling out either.
James E Powell
@Jay:
Why am I reading the exact opposite all over the internet? This from TPM for example.
Ceci n est pas mon nym
@Spanky: At one point I was contemplating writing a comedy sketch that involved Trump being so heavily bugged that the bugs were starting to interfere with each other and the various spy agencies were talking to each other over their bugs to try to sort it out. (I was taking a class in sketch writing for the hell of it)
But I got too depressed at the idea that it was all probably true. I applaud SNL for making this terrifying idiot funny because I couldn’t manage to laugh at him, to make jokes about it. Also I found out that I really didn’t have the skills for sketch writing.
Ceci n est pas mon nym
@Adam L Silverman: Sounds like DHS is a little more lax about cyber security than DoD.
Bill Arnold
@Obvious Russian Troll:
Safely capture the contents and reverse-engineer them using Ghidra.
(There’s a joke or four in there. :-)
Bill Arnold
@Gin & Tonic:
Thanks, hadn’t seen that (usb attack list) before.
polyorchnid octopunch
@trnc: There was a block that looked like an apple charger with the USB ports, but while it definitely delivered 5V on the + pin, it also pretended to be a network interface so it could capture network traffic and save it to the drive in a hidden partition, or an area on the storage that wasn’t in a partition. It was designed to attack iPhones.
Jay
@James E Powell:
Remember how the Meuller Investigation was shut down or finished 9 times over past two years?
You don’t?
They are counting on that.
jonas
The Secret Service has always been a division of the Treasury Dept, I thought. Did that change at some point in the recent past?
Procopius
@Syphonblue: Excuse me, I am not a cybersecurity expert, but I’ve been using microcomputers since 1976, before Big Blue got interested. How do you read a USB stick to find out what’s on it if you don’t connect it to a computer? It’s true that if you’re a system admin you really, really don’t want one of your regular users sticking that USB stick they found in the parking lot into his work computer that’s connected to the company network, but you want them to give it to you so you can stick it into an isolated disposable computer to read it.
Procopius
@Steeplejack: Don’t know about Secret Service approved protocol, but at least until recently the FBI protocol was to never record an interview. Instead the agent was supposed to immediately afterward write detailed notes of what trnspired and what was said. I don’t know what their official reason is, but it certainly is convenient that there is no evidence of what was actually said. IIRC that was how they got Martha Stewart.
jonas
I recall reading somewhere in ’16 that the WH security detail was happy to say farewell to the aloof, snooty Obamas and start serving the salt-of-the-earth Trumps, who knew how to treat the staff. Oh, well. Happy landings, Dumbo!
soga98
@Adam L Silverman:
Dead on. Do you think it’s a simple feint or a duplex feint?
Jay
@jonas:
When Bush set up the Department of Homeland Security,
Heimatschutzminiterium
A bunch of Agencies were put under one roof in theory, to fix the interagency communication issues that failed to prevent 9/11.
https://en.m.wikipedia.org/wiki/United_States_Department_of_Homeland_Security
Jay
““Clearly the intent is selling access and influence. What it is not doing is selling action,” Ryan said.
But, Fischer added, “Mike Crapo’s constituents are not going to have this opportunity to go fishing with him unless they give him $15,000.”
If you read that carefully, you’ll notice that Sen. Crapo isn’t just selling access to himself, but to all the subcommittee chairs of the Banking Committee. If you’re keeping track, that would include Republicans Pat Toomey of Pennsylvania, Tim Scott of South Carolina, Tom Cotton of Arkansas, David Perdue of Georgia and Ben Sasse of Nebraska. McClatchy reporters asked all five for comment and the only response they got was from Sen. Sasse’s office which simply told them to talk to Crapo. ”
http://www.boomantribune.com/story/2019/4/8/153015/1565
MobiusKlein
@Procopius:
How you and I read a USB stick would be different from how a forensic analysis would read it. I don’t know how it would be done in a clean fashion, but smarter people than I have no doubt worked on this very issue.
jonas
@FelonyGovt: Seems an awful lot like those situations when the cop “forgets” to turn his body cam on during a stop in which a suspect falls and accidentally hits his head on the curb ten or fifteen times.
jonas
@Jay: Huh. Ok, guess I missed that at some point. Thanks.
Jay
BTDub’s, Dolt 45’s declared the IRGC a terrorist organization.
The declaration is broadbased and sweeping, affecting over 11 million Iranians and tens of thousands of Iraqi’s.
In response, Iran has declared CENTCOM is a terrorist organization.
jonas
@rikyrah: I’ll just point out that a young, gay, multilingual, Episcopalian Harvard grad and former Rhodes scholar is, well, not exactly WWC outreach material. Just sayin’.
Jay
@jonas:
There’s two agents. One does the interview and takes notes. One outside who listens and takes notes.
The poilcy is based in Hoover’s penchant to create, curate and use blackmail, CONTRELPRO and other FBI scandals, and was created to minimize abuses.