Thursday, January 01, 2015

The GoP pastebin hoax

Neither the FBI nor the press is terribly honest or competent when discussing "hackers". That's demonstrated by yesterday's "terrorists threaten CNN" story.

It started with Glenn Greenwald's paper The Intercept which reported:
The cyberterrorists who hacked Sony Pictures Entertainment’s computer servers have threatened to attack an American news media organization, according to an FBI bulletin obtained by The Intercept.
They were refering to this bulletin which says:
On 20 December, the GOP posted Pastebin messages that specifically taunted the FBI and USPER2 for the "quality" of their investigations and implied an additional threat. No specific consequence was mentioned in the posting.
Which was refering to this pastebin with the vague threat:
P.S. You have 24 hours to give us the Wolf.
Today, @DavidGarrettJr took credit for the Pastebin, claiming it was a hoax. He offered some evidence in the form of the following picture of his browser history:

Of course, this admission of a hoax could itself be a hoax, but it's more convincing than the original Pastebin. It demonstrates we have no reason to believe the original pastebin.

In the hacker underground, including pastebin, words get thrown around a lot. There was nothing in the pastebin that deserved the FBI's attention, not even the extremely lukewarm warning it gave. The FBI was clear that they didn't consider this a big deal, The Intercept was clearly out-of-line blowing this up into a "cyberterrorist" threat. They later edited their article downgrading it to mere "hackers", but still they exaggerated the threat.

Update: A picture of the full original pastebin is below. I hereby place this in the public domain, please use it anyway you want. I mention this because Mathew Keys plasters his name all over the image, which is a douchey thing to do when you've put essentially zero effort into it [ok, it might be an automated feature of the website, or just habit, but it's crappy in this context). Moreover, instead of reporting the URL ( so anybody can see for themselves, news stories hide the URL in stories so that you have to rely upon the images.


Matthew Keys said...

"I mention this because Mathew Keys plasters his name all over the image, which is a douchey thing to do when you've put essentially zero effort into it."

Actually, I was the first person to *find* the PasteBin message after The Intercept admitted they could not. And yes, it took quite a bit more effort than I think you realize. Just because you were able to find the same message after Business Insider hotlinked to it (I helped their reporter find it, by the way) as well as TechCrunch and others doesn't mean it was an effortless task.

Richard Steven Hack said...

It's interesting that The Intercept couldn't find the Pastebin post. Because that shows they actually did try to investigate it - and might have themselves noticed it was possibly a hoax.

This refutes Rob's complaint on Twitter that The Intercept uncritically accepted and hyped the post as serious based solely on the FBI bulletin. The Intercept threw in one line about it and merely referenced the FBI bulletin, exactly the same as every other media outlet did at that point.

Of course, Rob is a known detractor of Glenn Glennwald and The Intercept, so this is no surprise.

dramklukkel said...

"CNN is the BEST..."
That makes pretty clear this person has a limited knowledge of the world outside his computer room.
"...of the world."
Yep, that makes it official.