MojoKid writes: As we quickly approach the November 8th elections, email leaks from the Clinton camp continue to loom over the presidential candidate. The latest data dump from WikiLeaks shines a light on emails between Hillary Clinton's campaign manager, John Podesta and Facebook Chief Operating Officer, Sheryl Sandberg. In one email exchange, dated June 6th, 2015, Sandberg expresses her desire for Clinton to become president, writing to Podesta, "And I still want HRC to win badly. I am still here to help as I can." While that was a private exchange, Sandberg also made her zest for seeing Clinton as the 45th President of the United States publicly known in a Facebook post on July 28th of this year. None of that is too shocking when you think about it. Sandberg has every right to endorse whichever candidate she wants for president. However, a later exchange between Sandberg and Podesta showed that Mark Zuckerberg was looking to get in on the action a bit, and perhaps curry favor with Podesta and the Clinton camp in shaping public policy. Donald Trump has long claimed that Clinton is too cozy with big businesses, and one cannot dismiss the fact that Facebook has a global user base of 1.7 billion users. When you toss in the fact that Facebook came under fire earlier this year for allegedly suppressing conservative news outlets in the Trending News bar, questions begin to arise about Facebook's impartiality in the political race. The report also notes that Sandberg is at the top of the list when it comes to picks for Treasury Secretary, if Clinton wins the election. In an interview with Politico, David Segal, executive director for Demand Progress, said "[Sandberg] is a proxy for this growing problem that is the hegemony of five to ten major Silicon Valley platforms." Lina Khan, a fellow with the Open Markets Program at the New American think tank adds: "If a senior Cabinet member is from Facebook, at worst it could directly interfere [in antitrust actions]. But even in the best of cases there's a real worry that it will have a chilling effect on good-faith antitrust efforts to scrutinize potential anti-competitive implications of dominant tech platforms."

Tuesday Lawrence Lessig issued a comment about a leaked email which showed complaints about his smugness from a Clinton campaign staffer: "I'm a big believer in leaks for the public interest... But I can't for the life of me see the public good in a leak like this..." Now mirandakatz shares an article by tech journalist Steven Levy arguing that instead, "The press is mining the dirty work of Russian hackers for gossipy inside-beltway accounts." This is perfectly legal. As long as journalists don't do the stealing themselves, they are solidly allowed to publish what thieves expose, especially if, as in this case, the contents are available to all... [But] is the exploitation of stolen personal emails a moral act? By diving into this corpus to expose anything unseemly or embarrassing, reporters may be, however unwillingly, participating in a scheme by a foreign power to mess with our election...

As a 'good' journalist, I know that I'm supposed to cheer on the availability of information... But it's difficult to argue that these discoveries were unearthed by reporters for the sake of public good...
He's sympathetic to the idea that minutiae from campaigns lets journalists "examine the failings of 'business as usual'," but "it would be so much nicer if some disgruntled colleague of Podesta's was providing information to reporters, rather than Vladimir Putin using them as stooges to undermine our democracy." He ultimately asks, "is it moral to amplify anything that's already exposed on the internet, even if the exposers are lawbreakers with an agenda?"

"The Dark Web is rife with speculation that North Korea is responsible for the Dyn hack" says John McAfee, according to a new article on CSO: McAfee said they certainly have the capability and if it's true...then forensic analysis will point to either Russia, China, or some group within the U.S. [And] who hacked the Democratic National Committee? McAfee -- in an email exchange and follow up phone call -- said sources within the Dark Web suggest it was Iran, and he absolutely agrees. While Russian hackers get more media attention nowadays, Iranian hackers have had their share... "The Iranians view Trump as a destabilizing force within America," said McAfee. "They would like nothing more than to have Trump as President....

"If all evidence points to the Russians, then, with 100% certainty, it is not the Russians. Anyone who is capable of carrying out a hack of such sophistication is also capable, with far less effort than that involved in the hack, of hiding their tracks or making it appear that the hack came from some other quarter..."
Bruce Schneier writes that "we don't know anything much of anything" about yesterday's massive DDOS attacks. "If I had to guess, though, I don't think it's China. I think it's more likely related to the DDoS attacks against Brian Krebs than the probing attacks against the Internet infrastructure..." Earlier this month Krebs had warned that source code had been released for the massive DDOS attacks he endured in September, "virtually guaranteeing that the Internet will soon be flooded with attacks from many new botnets powered by insecure routers, IP cameras, digital video recorders and other easily hackable devices."

Eight months after being rescued at sea near Cuba and then arrested, Anonymous hacker Martin Gottesfeld now faces prosecution as well as death by hunger. Newsweek reports: A member of Anonymous has been indicted on hacking charges while on the third week of a prison hunger strike protesting perceived institutionalized torture and political prosecutions. Martin Gottesfeld, 32, was charged this week in relation to the hacking of Boston Children's Hospital in 2014 following the alleged mistreatment of one of its patients. Gottesfeld has previously admitted to targeting the hospital, though says he did it in defense of "an innocent, learning-disabled, 15-year-old girl"...

Since beginning his hunger strike on October 3, Gottesfeld tells Newsweek from prison he has lost 16.5 pounds. He says he will continue his hunger strike until two demands are met: a promise from the presidential candidates that children are not mistreated in the way he claims Pelletier was; and an end to the "political" style of prosecution waged by Carmen Ortiz, the U.S. attorney for Massachusetts.
The indictment claims that the hospital spent more than $300,000 to "mitigate" the damage from the 2014 attack.

FastCompany got an exclusive look at how Hillary Clinton and Donald Trump stacked up in terms of their emotional intelligence when analyzed by HireVue's artificial intelligence platform. The platform analyzes "video, audio, and language patterns to determine emotional intelligence and sentiment." The company also partnered with Affectiva for facial analysis "to measure the candidate's emotional engagement correlated down to the micro-expressions level." FastCompany reports the findings: Trump versus Clinton across all three debates. Here we see the range of emotions both candidates showed during all three debates. Clinton seemed to dominate the top-right area, which represented both "joy" and facial expressions like smiles and smirks. Conversely, Trump had a stronghold on the "sadness," "disgust," and "fear" quadrants, along with both "negative sentiment" and "negative valence." The third debate. Looking more closely at just this week's debate, negativity prevailed. Both candidates exhibited disgust during the 90-minute spectacle. Trump, however, seemed to dominate the strongest emotions with heightened scores for "fear," "contempt," and "negative sentiment." Clinton, according to the data, presented the only positive emotional elements, which included some "joy" and "smiles." Clinton's performance. Clinton's range of emotions and reactions seemed pretty consistent throughout all three debates, although she exhibited the most positive emotions during the second. What's more, according to the graph, she was most negative during this week's debate. Trump's performance. Similar to Clinton, Trump's range of emotions seemed relatively consistent throughout the three debates. The third one, however, was when he emoted the most negatively. He smirked a lot during this event, too. "Negative sentiment," "contempt," and "anger" were persistent throughout all three conversations.

An anonymous reader quotes a report from USA Today: Facebook employees pushed to remove some of Republican presidential candidate Donald Trump's Facebook posts -- such as one proposing the ban of Muslims from entering the U.S. -- from the service as hate speech that violated the giant social network's policies, the Wall Street Journal reported Friday. The decision not to remove the Trump posts was made by Facebook CEO Mark Zuckerberg, the newspaper reported. Employees complained that Facebook was changing the rules for Trump and some who review content on Facebook threatened to quit. "When we review reports of content that may violate our policies, we take context into consideration. That context can include the value of political discourse," Facebook said in an emailed statement. "Many people are voicing opinions about this particular content and it has become an important part of the conversation around who the next U.S. president will be. For those reasons, we are carefully reviewing each report and surrounding context relating to this content on a case by case basis." Senior members of Facebook's policy team posted more details on its policy on Friday: "In the weeks ahead, we're going to begin allowing more items that people find newsworthy, significant, or important to the public interest -- even if they might otherwise violate our standards."

An anonymous reader quotes a report from Motherboard: On March 19 of this year, Hillary Clinton's campaign chairman John Podesta received an alarming email that appeared to come from Google. The email, however, didn't come from the internet giant. It was actually an attempt to hack into his personal account. In fact, the message came from a group of hackers that security researchers, as well as the U.S. government, believe are spies working for the Russian government. At the time, however, Podesta didn't know any of this, and he clicked on the malicious link contained in the email, giving hackers access to his account. The data linking a group of Russian hackers -- known as Fancy Bear, APT28, or Sofacy -- to the hack on Podesta is also yet another piece in a growing heap of evidence pointing toward the Kremlin. And it also shows a clear thread between apparently separate and independent leaks that have appeared on a website called DC Leaks, such as that of Colin Powell's emails; and the Podesta leak, which was publicized on WikiLeaks. All these hacks were done using the same tool: malicious short URLs hidden in fake Gmail messages. And those URLs, according to a security firm that's tracked them for a year, were created with Bitly account linked to a domain under the control of Fancy Bear. The phishing email that Podesta received on March 19 contained a URL, created with the popular Bitly shortening service, pointing to a longer URL that, to an untrained eye, looked like a Google link. Inside that long URL, there's a 30-character string that looks like gibberish but is actually the encoded Gmail address of John Podesta. According to Bitly's own statistics, that link, which has never been published, was clicked two times in March. That's the link that opened Podesta's account to the hackers, a source close to the investigation into the hack confirmed to Motherboard. That link is only one of almost 9,000 links Fancy Bear used to target almost 4,000 individuals from October 2015 to May 2016. Each one of these URLs contained the email and name of the actual target. The hackers created them with with two Bitly accounts in their control, but forgot to set those accounts to private, according to SecureWorks, a security firm that's been tracking Fancy Bear for the last year. Bitly allowed "third parties to see their entire campaign including all their targets -- something you'd want to keep secret," Tom Finney, a researcher at SecureWorks, told Motherboard. Thomas Rid, a professor at King's College who studied the case extensively, wrote a new piece about it in Esquire.

Hillary Clinton's campaign has created a new fundraising tool called Troll Trump that lets supporters sign up to automatically donate money to the campaign when Donald Trump tweets. Adweek reports: The tool's landing page populates a new Trump tweet each time the site is refreshed to offer a sampling of the candidate's social media style. "Show Donald that his unhinged rhetoric comes at a cost," according to the Clinton campaign's website. "Sign up to donate to Hillary's campaign every time Donald tweets!" The idea was apparently inspired by a tweet by Matt Bellassai, a former BuzzFeed editor and social media star, who made a joke on Twitter threatening to donate to the campaign every time Trump tweets. (When the tool went live, Teddy Goff, a digital strategist with the Clinton campaign, tweeted Bellassai a thank-you.)

Donald Trump has slammed Hillary Clinton for using private email servers numerous times, but it turns out his inboxes aren't that secure either. From a report on The Register: Security researcher Kevin Beaumont discovered the Trump organization uses a hopelessly outdated and insecure internet setup. Servers on the Trump Organization's domain, TrumpOrg.com, are using outdated software, run Windows Server 2003 and the built-in Internet Information Server 6 web server. Microsoft cut off support for this technology in July 2015, leaving the systems unpatched for the last 15 months. In addition, Beaumont said he'd found that emails from the Trump Organization failed to support two-factor authentication. That's particularly bad because the Trump Organization's web-based email access page relies on an outdated March 2015 build of Microsoft Exchange 2007, he says. "Windows Server 2003, IIS 6 and Exchange 2003 went end of life years ago. There are no security fixes. They don't have basics down," the UK-based researcher concludes. Beaumont's findings are based simply on inspecting publicly available information rather than actively scanning for vulnerabilities or attempting to gain access to insecure systems, a point lost on Trump supporters who have reported him to the Feds.

Soon after it was announced that Project Include, a community for building meaningful, enduring diversity and inclusion into tech companies, would no longer work with Y Combinator startups, Facebook CEO Mark Zuckerberg defended Thiel's status as a Facebook board member in a message to employees. "We can't create a culture that says it cares about diversity and then excludes almost half the country because they back a political candidate," Zuckerberg wrote. "There are many reasons a person might support Trump that do not involve racism, sexism, xenophobia, or accepting sexual assault." The Verge reports: A screenshot of the memo was posted to Hacker News yesterday, and it later surfaced on Boing Boing. A Facebook spokesman confirmed the authenticity of the five-paragraph memo to The Verge. It appears to have been posted on Facebook for Work, the enterprise version of Facebook that the company recently made available to other companies. Thiel's endorsement of Trump has put those CEOs in a difficult position. On one hand he is a close adviser; on the other, his support for an erratic, racist demagogue has outraged many of their employees and partners. Like Y Combinator's Sam Altman before him, Zuckerberg defended the company's ties to Thiel by saying that the company has a moral obligation to consider a variety of viewpoints, no matter how abhorrent. "We care deeply about diversity," Zuckerberg wrote. "That's easy to do when it means standing up for ideas you agree with. It's a lot harder when it means standing up for the rights of people with different viewpoints to say what they care about. That's even more important." Of course, as the designer Jason Putorti wrote on Medium this week, Thiel already has an outsized capacity to stand up for ideas he agrees with: he spent $1.25 million to promote them. Zuckerberg's memo reads as if he is defending Thiel's right to post on Facebook. In fact, the question is whether someone who promotes opposition to gender and racial equality should be allowed to serve as a steward for a company whose stated mission is to connect the world.

WikiLeaks has been releasing thousands of emails over the past couple of weeks belonging to Hillary Clinton's campaign chair John Podesta. One of the more interesting tidbits revealed from the email dump was the list of potential running mates considered by Clinton's campaign. The Verge reports: Clinton's vice presidential candidates, while not altogether surprising, include some vaguely interesting choices like Bill and Melinda Gates, Apple CEO Tim Cook, and General Motors CEO Mary Barra. In the mail, Podesta says he has organized the list into "rough food groups," one of which includes all the people mentioned above. Xerox CEO Ursula Burns and Starbucks CEO Howard Shultz are also in this "food group," along with Michael Bloomberg. With just under 40 names on the list, it's not immediately obvious how close any of these people came to actually being asked to take on the role (Tim Kaine is on the list).

An anonymous reader quotes a report from Business Insider: Matt Furie, the creator of the widely known "Pepe the Frog" meme, is joining forces with the Anti-Defamation League to reclaim the symbol from the alt-right and make it a "force for good," according to a press release. Furie and the ADL plan to start a social-media campaign by creating "a series of positive Pepe memes and messages" and promoting them with the hashtag #SavePepe, according to the release. The ADL declared "Pepe the Frog" to be a hate symbol in late September. "It's completely insane that Pepe has been labeled a symbol of hate, and that racists and anti-Semites are using a once peaceful frog-dude from my comic book as an icon of hate," Furie said in a column for Time magazine. While fiercely condemning the "racist and fringe groups" that use Pepe to propagate divisive views, Furie said Pepe was meant to "celebrate peace, togetherness, and fun." The meme, which originated from a 2005 cartoon, has been hijacked by the alt-right movement in the past several months. Members of the movement have used the meme to convey often racist and anti-Semitic messages. The messages prompted the ADL to add Pepe to its "Hate on Display" database, which documents anti-Semitic hate symbols. According to the ADL's press release on the #SavePepe campaign, Furie will speak at its "Never Is Now" summit against anti-Semitism on November 17 in New York City. The panel will focus specifically on online hate campaigns. Furie published a new Pepe cartoon on Monday detailing his "alt-right election nightmare," which depicts a sad Pepe morphing into a frog that resembles Donald Trump and then a monster. Pepe appears trapped in the mouth of the monster. The next panel depicts a nuclear explosion. Pepe then awakes and hides under his mattress.

Peter Thiel's support for U.S. Republican presidential candidate Donald Trump has given Silicon Valley a headache. This past weekend, Thiel donated $1.25 million to his campaign, which is driving away partners from Thiel's Silicon Valley accelerator, Y Combinator. Today, Project Include, a community for building meaningful, enduring diversity and inclusion into tech companies, said that it would no longer work with Y Combinator startups. "Thiel's actions are in direct conflict with our values at Project Include," the group's co-founder, Ellen Pao, wrote in a Medium post. "Because of this continued connection to YC, we are compelled to break off our relationship with YC." The Verge reports: Founded in 2005, Y Combinator has incubated some of the biggest tech companies of the past decade, including Airbnb, Dropbox, and Stripe. It faced a barrage of criticism over the weekend for refusing to dissociate itself from Thiel, who took an advisory role with the organization in 2015. In a series of tweets, YC's president stood by Thiel. "Cutting off opposing viewpoints leads to extremism and will not get us the country we want," Sam Altman wrote. "Diversity of opinion is painful but critical to the health of a democratic society. We can't start purging people for political support." In her post, Pao rejected the idea that Thiel's donation could be dismissed as political speech. "We agree that people shouldn't be fired for their political views, but this isn't a disagreement on tax policy, this is advocating hatred and violence," she wrote. "Giving more power to someone whose ascension and behavior strike fear into so many people is unacceptable. His attacks on black, Mexican, Asian, Muslim, and Jewish people, on women, and on others are more than just political speech; fueled by hate and encouraging violence, they make each of us feel unsafe."

pdclarry writes: While all of the recent news has been about hacking the Democratic National Committee, apparently the Republicans have also been hacked over many months (since March 2016). This was not about politics, however; it was to steal credit card numbers. Brian Krebs reports: "a report this past week out of The Netherlands suggests Russian hackers have for the past six months been siphoning credit card data from visitors to the web storefront of the National Republican Senatorial Committee (NRSC). [...] If you purchased a 'Never Hillary' poster or donated funds to the NRSC through its website between March 2016 and the first week of this month [October 2016], there's an excellent chance that your payment card data was siphoned by malware and is now for sale in the cybercrime underground." Krebs says his information comes from Dutch researcher Willem De Groot, co-founder and head of security at Dutch e-commerce site byte.nl. The Republicans were not alone; theirs was just one of 5,900 e-commerce sites hacked by the same Russian actors. You can view De Groot's analysis of the malware planted on the NRSC's site and other services here. Krebs adds: "The NRSC did not respond to multiple requests for comment, but a cached copy of the site's source code from October 5, 2016 indicates the malicious code was on the site at the time (load this link, click 'view source' and then Ctrl-F for 'jquery-cloud.net')."

Following a report from WikiLeaks claiming that its co-founder's internet service was intentionally cut off by a state actor, the anti-secrecy organization released a statement confirming the state actor was Ecuador. WikiLeaks tweeted: "We can confirm Ecuador cut off Assange's internet access Saturday, 5pm GMT, shortly after publication of Clinton's Goldman Sachs speechs." BBC reports: There was no way to immediately verify if he had been knocked offline, and if so, what was Ecuador's motivation. The anti-secrecy organization did not return calls and emails on Monday, though it said in a tweet: "We have activated the appropriate contingency plans." A woman who picked up the phone at the Ecuadorean embassy said: "I cannot disclose any information." The Wikileaks claim follows the latest emails it disclosed from a hack of Clinton campaign chairman John Podesta's emails. It released three transcripts on Saturday of Mrs Clinton's paid speeches to Goldman Sachs, which her campaign had long refused to release. The scrips reveal her bantering relationship with the investment bank's executives, which is unlikely to allay fears among liberal Democrats that she is too cosy with Wall Street.

Citing a report from SecureWorks, BuzzFeed is reporting that Russian hackers "used emails disguised to look as Gmail security updates to hack into the computers of the Democratic National Committee and members of Hillary Clinton's top campaign staff": The emails were sent to 108 members of Democratic presidential nominee Hillary Clinton's campaign and 20 people clicked on them, at least four people clicking more than once, Secureworks' research found. The emails were sent to another 16 people from the DNC and four people clicked on them, the report said.

Researchers found the emails by tracing the malicious URLs set up by [state-sponsored hacking group] Fancy Bear using Bitly, a link shortening service... "We were monitoring bit.ly and saw the accounts being created in real time," said Phil Burdette, a senior security researcher at SecureWorks, explaining how they stumbled upon the the URLs set up by Fancy Bear.
The URL apparently resolved to accounts-google.com (rather than accounts.google.com), and Burdette says "They did a great job with capturing the look and feel of Google."

Emily Stephenson and Luciana Lopez, reporting for Reuters: U.S. Democratic presidential candidate Hillary Clinton's full remarks to several Wall Street audiences appeared to become public on Saturday when the controversial transparency group Wikileaks dumped its latest batch of hacked emails. The documents showed comments by Clinton during question-and-answer sessions with Goldman Sachs Chief Executive Lloyd Blankfein and Tim O'Neill, the bank's head of investment management, at three separate events in 2013 in Arizona, New York and South Carolina. Some excerpts of Clinton's speeches had already been released. For more than a week, Wikileaks has published in stages what it says are hacked emails from the account of John Podesta, Clinton's campaign chairman. Clinton came under fire for months for not releasing full details of her paid speeches to big business audiences, as opponents accused her of a cozy relationship with bankers and other members of the U.S. financial system.

Slashdot reader schwit1 reports that the Obama administration "is contemplating an unprecedented cyber covert action against Russia in retaliation for alleged Russian interference in the American presidential election," according to U.S. intelligence officials who spoke to NBC News: Current and former officials with direct knowledge of the situation say the CIA has been asked to deliver options to the White House for a wide-ranging "clandestine" cyber operation designed to harass and "embarrass" the Kremlin leadership. The sources did not elaborate on the exact measures the CIA was considering, but said the agency had already begun opening cyber doors, selecting targets and making other preparations for an operation. Former intelligence officers told NBC News that the agency had gathered reams of documents that could expose unsavory tactics by Russian President Vladimir Putin.

Vice President Joe Biden told "Meet the Press" moderator Chuck Todd on Friday that "we're sending a message" to Putin and that "it will be at the time of our choosing, and under the circumstances that will have the greatest impact." When asked if the American public will know a message was sent, the vice president replied, "Hope not."
Not mounting a response would weaken U.S. credibility, one senior U.S. official said, while others said hundreds of millions of dollars has been allocated to the team mounting the attacks. Thursday US officials familiar with the investigation told CNN there was "mounting evidence" that Russia was supplying leaked emails to WikiLeaks, and last week in a conference call organized by the Clinton campaign, former Acting CIA Director Mike Morrell said it was "absolutely clear... WikiLeaks and Guccifer 2 are working with the Russians on this."

As the Trump campaign refuses to point blame at Russia for the DNC hacks, top democrats on four House committees are questioning possible connections between Donald Trump's presidential campaign and Russia. They have formally asked the FBI to investigate the matter, citing new comments from a Trump confidant. Politico reports: "Troubling new evidence appears to show that the Trump campaign not only was aware of cyber attacks against Secretary [Hillary] Clinton's campaign chairman, but was openly bragging about it as far back as August," said Reps. Elijah Cummings from Government Affairs, John Conyers from Judiciary, Eliot Engel from Foreign Affairs and Bennie Thompson from Homeland Security. "For months, we have been asking the FBI to examine links between the Trump campaign and illegal Russian efforts to affect our election, including interviewing Trump advisor Roger Stone," they said. "In light of this new evidence -- and these exceptional circumstances -- we call on the FBI to fully investigate and explain to the American people what steps it is taking to disrupt this ongoing criminal activity." Earlier this week Stone said that "I do have a back-channel communication with Assange," referring to WikiLeaks founder Julian Assange, whose organization has been dropping documents online from Hillary Clinton campaign chairman John Podesta, and has been unloading documents from other Democrats as well. U.S. intelligence agencies last week declared that a connection exists between Russia and allegedly hacked documents leaked by WikiLeaks and others.

An anonymous reader quotes a report from Network World: President Barack Obama today issued an Executive Order that defines what the nation's response should be to a catastrophic space weather event that takes out large portions of the electrical power grid, resulting in cascading failures that would affect key services such as water supply, healthcare, and transportation. The Executive Order ideally will coordinate the responses across government agencies such as NASA, the Departments of Homeland Security, Energy and others to help minimize economic loss and save lives by enhancing national security, identifying successful mitigation technologies, and ordering the creation of nationwide response and recovery plans and procedures, the White House stated. Further, the Executive Order will enhance the scientific and technical capabilities of the United States, including improved prediction of space-weather events and their effects on infrastructure systems and services. By this action, the Federal Government will lead by example and help motivate State and local governments, and other nations, to create communities that are more resilient to the hazards of space weather. The Executive Order reinforces the formal National Space Weather Strategy and accompanying Action Plan which were announced last year. It also bolsters other work such as the replacement of aging satellites that monitor and help forecast space weather, proposing space-weather standards for both the national and international air space, development of regulations to ensure the continued operation of the electric grid during an extreme space weather event, proposing a new option for replacing crucial Extra High Voltage (EHV) transformers damaged by space weather, and developing domestic production sources for EHV transformers, the White House wrote.