Cyberwar is the Department of Stone Throwing, promoting the increased use of stone projectiles, from the safety of its offices – which are in the Department of Glass Houses.
Aug 1, I tweeted this:
If you do a little thinking and some research about the IRS’ various computer system upgrades, you can make some pretty accurate guesses about how good their internal security is. I’d assumed it was inevitable that someone would drop Trump’s tax filings – there are probably hundreds (more likely thousands) of people who have the necessary access to retrieve that data and exfiltrate it from the network.
Bruce Schneier has some stuff to say about that. In 1997, Marv Schaeffer, when he was working for ARCA Systems, and I, got roped into doing some pro bono assessment work of the IRS’ Cyberfile system. I’m pretty sure they binned our report and I definitely know they wished they never asked us. Our recommendation was “do not go live with this system.” There were far more problems than Bruce describes; he’s generally more optimistic than I am.
I do believe, from some things that I’ve heard, that the IRS at least has the capability to look through system logs and see who was accessing the Trump files.
The timing of the tax filings dropping to NYT is: at the most awkward possible time, right before the next debate, with enough time to hype the disclosures before the election. It’s so professional – cue the hue and cry that it’s Russian hackers, right?
Amended post continues:
I’ve had a chance to read the article about the mail showing up in the mailbox at the newspaper, etc. Very interesting!
The point about the 9 not aligning is really interesting. That implies it’s a copy from original source (Mitnick’s version) not a digital version. Mitnick says he was using tax preparing software – much of which is set up for E-filing. I’m interested by the bit about it not having enough decimal places (what, there were no billionaires in 1996?) that’s such a detailed little thing. It’s almost like it was planted in the story as a head fake.
With regard to making the letter appear to have been posted from inside the Trump organization:
I walked to my mailbox and spotted a manila envelope, postmarked New York, NY, with a return address of The Trump Organization.
OK, as far as attribution goes, that’s on par with the FBI concluding “Russian hackers” because someone is using a particular keyboard mapping set. There are mail pickup/drop points in most commercial properties, it’d be pretty simple to drop things in an envelope with a nicely printed return address. For a convincing attribution, I think we need better than that.
Accountants using selectric typewriters on a billionaire’s humongous tax return full of real estate transactions and investments, in 1996? Heh. Pull the other one.
I should clarify: my posting was not attempting to say “Trump docs came from IRS.” It was more “Trump docs!” and “I wouldn’t be surprised if they came from someone who had access inside the IRS. Because there are tons of people who do, and it wouldn’t be hard to print off scans and mail them to a friend to drop in a postal box somewhere in NYC.” I’m assuming that The Donald is going to be foaming at the mouth and generally flipping his wig – this is just another opportunity for him to make himself look bad. :)
I wonder if we’ll ever know who dropped those docs and where they came from. I’m betting that the whole Trump Organization thing is window-dressing. Maybe we’ll learn once the bodies are buried, but I probably won’t be alive to say “I told you so”
A bunch of years ago (2009) I did a piece on cloud computing security, which Trump may have lifted heavily from: