All posts in “Election 2016”

Report: Twitter deleted tweets related to the Russian investigation

Twitter has deleted tweets that could be helpful to investigators currently examining Russia’s suspected manipulation of the social network during the 2016 presidential election, U.S. government cybersecurity officials told Politico.

According to the officials, Twitter is either unable or unwilling to retrieve a “substantial amount” of tweets from bots and fake users spreading disinformation. Those users, which have been tied to Russia, have since deleted those tweets. 

The lost tweets are apparently casualties of Twitter’s privacy policy, which states that when an account deletes a tweet, it will be permanently deleted from Twitter’s servers after 30 days through an automated process. After the account holders deleted their tweets and the accounts, which are suspected of having spread false or exaggerated pro-Trump and anti-Clinton narratives, they were also removed from Twitter’s system — permanently deleted.

It turns out, that’s how Twitter is supposed to work. Twitter’s guidelines for law enforcement merely state, “Content deleted by account holders (e.g., tweets) is generally not available.” 

A Twitter spokesperson told Mashable that Twitter has “strong policies in place to protect the privacy of our users.” The company declined to comment on the specific deletion policy. 

Historically, Twitter has been accused of being less than fully forthcoming with federal investigators. At its recent Senate briefing, Virginia senator Mark Warner, the ranking Democrat on the U.S. Senate Intelligence Committee, called the company’s presentation “frankly inadequate on every level.” 

Twitter sees things differently: “We have committed to working with committee investigators to address their questions to the best of our ability,” a company spokesperson told Mashable

The company declined to comment on whether it is attempting to retrieve the deleted tweets, or whether it will present them to investigators if retrieved. 

With access to all of the tweets from those accounts, the investigators might be better able to construct a timeline of events and figure out the account holders’ goals. But, depending on Twitter’s ability to reconstruct its own past, those tweets may be gone forever. 

Https%3a%2f%2fblueprint api production.s3.amazonaws.com%2fuploads%2fvideo uploaders%2fdistribution thumb%2fimage%2f82232%2f517b80db 8ea7 4318 9d1b bbac0c1e4bf1

Zuckerberg’s non-statement on Trump and fake news is a total cop out

Not enough.
Not enough.

Image: Justin Sullivan/Getty Images

Facebook CEO Mark Zuckerberg issued a statement Wednesday addressing President Donald Trump, fake news, and his company’s controversial role in the 2016 presidential election. And, perhaps unsurprisingly coming from a man whose idea of connecting with reality is a carefully managed 50-state photo op, his words were polished to the point of meaninglessness. 

Zuck was responding to a rambling presidential tweet that both maligned the social network-turned-advertising company and insisted it’s “anti-Trump.” Possibly sensing an opportunity to garner some public goodwill, the best dressed man in Silicon Valley assured his 96 million followers that, nah, he’s doing his very best to be fair and balanced. And that he’s trying. Like, really hard. 

“Every day I work to bring people together and build a community for everyone,” he wrote while clearly channeling a high school vice principal struggling to understand why his students have turned against him. “We hope to give all people a voice and create a platform for all ideas.”

That some of those people just happened to find employment in a Russian government-linked “troll farm” that, according to his own chief security officer, “appeared to focus on amplifying divisive social and political messages across the ideological spectrum”? Well, shucks. Mark sure is sorry.

And he’s doubly sorry that he hadn’t taken the issue of intentionally spread misinformation affecting the 2016 election seriously before now.  

“After the election, I made a comment that I thought the idea misinformation on Facebook changed the outcome of the election was a crazy idea,” continued Zuckerberg. “Calling that crazy was dismissive and I regret it. This is too important an issue to be dismissive.”

Finally, the Boy King of Tech admits fault. But, lest you think this is the start of a new, self-reflective Mark, he quickly walked back that regret.  

“But the data we have has always shown that our broader impact — from giving people a voice to enabling candidates to communicate directly to helping millions of people vote — played a far bigger role in this election.”

So there you have it. Zuckerberg is sorry that following the 2016 presidential election he was publicly dismissive of so-called fake news, but doesn’t seem all that remorseful for profiting off that very thing. What’s more, according to the Wise One, Facebook did more to benefit the electoral process than harm it. So, you know, you should be thankful for the role Facebook played in our civic discourse. 

It’s a total cop out non-statement, and delivered in a style that Zuckerberg has clearly perfected. Good thing, too, as he’s going to need those verbal bullshit skills come 2020. While Zuck is busy patting himself on the back for finally admitting a reality heretofore obvious to everyone but him, it’s the rest of us that are left holding the bag.

Https%3a%2f%2fblueprint api production.s3.amazonaws.com%2fuploads%2fvideo uploaders%2fdistribution thumb%2fimage%2f81870%2f5c1ef71e 707d 46e8 8649 b3118c202301

Turns out Russia went after Wisconsin’s voter registration system

It's official.
It’s official.

Image: Janie Osborne /Getty Images

Another piece of the messed-up puzzle that was the 2016 U.S. presidential election fell into place today, as the Department of Homeland Security confirmed that “Russian government cyber actors” targeted the voter registration system of a key battleground state. 

While U.S. officials had already claimed that the Russian government went after 21 states’ voter registration systems, this is the first time that names have been publicly named. And, sorry to say it Wisconsin, you have the dubious distinction of being the state in the spotlight. 

According to Reuters, the Department of Homeland Security notified all 21 states on Sept. 22, with Wisconsin Elections Commission Administrator Michael Haas quickly identifying his specific state as being affected soon after.

The news agency reports Haas saying that the Russian government “scanned internet-connected election infrastructure likely seeking specific vulnerabilities such as access to voter registration databases, but the attempt to exploit vulnerabilities was unsuccessful.”

NPR reports that officials from Washington and Connecticut also copped to the fact that their states’ voter registration systems were targeted by Russian government hackers. 

Importantly, the voter registration system is not the same as the actual machines used to cast votes — and Matt Tait of cybersecurity firm Capital Alpha Security issued a warning to everyone currently freaking out. 

That sentiment, combined with the fact that DHS officials told Congress in June that it had no proof of actual successful vote tampering by the Russian government, suggests that while this is a big story, it’s not a “Russia stole the election” story. 

Still, the fact stands that Wisconsin was a key battleground state in last year’s election, and with today’s revelation we now know that Russian officials were at least up to no good there. 

As more officials come out and identify their states as also being targeted, which they are sure to do, we’re likely to get a better picture — piece by hacked piece — of just what went down last year. 

Https%3a%2f%2fvdist.aws.mashable.com%2fcms%2f2017%2f9%2fb26489ce ffa8 40e4%2fthumb%2f00001

The leaked NSA report shows 2-factor authentication has a critical weakness: You

"Wait, all I did was enter all my personal info into a random site after clicking a sketchy link!"
“Wait, all I did was enter all my personal info into a random site after clicking a sketchy link!”

Image: jhorrocks/Getty Images

So you’ve created a strong password, kept an eye out for sketchy links, and enabled two-factor authentication — what could possibly go wrong?

Well, it turns out the answer is “you.” 

As the leaked NSA report on Russian efforts to hack the computers of U.S. election officials before the 2016 presidential election demonstrates, we are all often our own biggest security weakness. The document, published by The Intercept, shows that hackers found a way around the protections offered by two-factor authentication that is striking in its simplicity: They asked the targets for their verification codes. 

“If the victim had previously enabled two-factor authentication (2FA),” explains a slide detailing the Russian attack, “the actor-controlled website would further prompt the victim to provide their phone number and their legitimate Google verification code that was sent to their phone.”

To translate, after tricking victims into entering their email and password into a fake Google site, the hackers found that some victims had 2FA set up on their accounts. This meant that even with the password, hackers were unable to gain access to the Gmail accounts in question — that is, unless they could get the verification codes as well. 

So, again, they just straight up asked for them. 

A step-by-step approach.

A step-by-step approach.

Image: nsa/the intercept

“Once the victim supplied this information to the actor-controlled website, it would be relayed to a legitimate Google service, but only after [redacted] actors had successfully obtained the victim’s password (and if two-factor, phone number and Google verification code) associated with that specific email account.”

Basically, the hackers were able to bypass the email security measures by requesting that the victims give them the keys to the digital castle. 

Once access was gained to the accounts, which reportedly belonged to an electronic-voting vendor, the hackers would then email election officials from the hacked accounts and attempt to trick those same officials into opening script-laden Word docs that would compromise their computers. 

It’s an elaborate bit of spear phishing, and it reminds us that no matter what digital security practices we put in place, we can all still slip up. 

In the face of everyday online threats, the best defense (other than setting up 2FA — which you should definitely still do) might be the simplest: exercise caution with every email you receive, and be paranoid as hell

In the face of skilled Russian hackers? Well, that one’s trickier, but maybe start with not handing over your email password, phone number, and 2FA verification code. 

Https%3a%2f%2fblueprint api production.s3.amazonaws.com%2fuploads%2fvideo uploaders%2fdistribution thumb%2fimage%2f80276%2feff195aa 5680 49b1 a6cc 7fbd4dfa62f6

Someone’s already been arrested for allegedly leaking an NSA report to The Intercept

The story of a leaked NSA report detailing Russia’s alleged attempts to infiltrate US voting infrastructure ahead of the 2016 presidential election just took a sharply unexpected turn. 

Reality Leigh Winner, 25, has been arrested and is in custody, with officials saying they have identified her as the source of the documents leaked to The Intercept.

The Intercept broke the story of the National Security Agency report on June 5, noting that it “indicates that Russian hacking may have penetrated further into U.S. voting systems than was previously understood.” 

This was based on leaked documents provided to the site, which, allegedly before going public with the story, showed them to NSA officials to confirm their authenticity. 

This, reportedly, is where the publication known for its security-conscious reporters may have messed up. 

The government affidavit states that The Intercept showed them “folded and/or creased” documents, “suggesting they had been printed and hand-carried out of a secured space.” This clue was enough for officials to “determine who accessed the intelligence reporting since its publication, and, after seeing that “six individuals printed this reporting,” narrow the list of suspects down. 

Importantly, if we are to take the government at its word,  investigators could have conceivably identified the leaker regardless of the folded nature of the docs. That’s because the alleged source had “e-mail contact” with The Intercept—possibly from her work computer. She also, allegedly, printed the material out at work. 

Either way, the arrest is a blow for the national security-focused Intercept. The site takes pains to detail secure ways for sources to share info with it in a page titled “The Intercept Welcomes Whistleblowers.”

“So whether you are in government or the private sector, if you become aware of behavior that you believe is unethical, illegal, or damaging to the public interest, consider sharing your information securely with us,” the webpage explains. “We’ve taken steps to make sure that people can leak to us as safely as possible.”

Under the section “What not to do if you want to remain anonymous,” the top piece of advice is “Don’t contact us from work.”

WATCH: Adele’s Amazing Anniversary Surprise

Https%3a%2f%2fblueprint api production.s3.amazonaws.com%2fuploads%2fvideo uploaders%2fdistribution thumb%2fimage%2f3353%2f50c23848 430c 4f3c 83be f449bced356a