Thread: Philippines' Duterte 'bye-bye America' and we don't need your money

Philippines' Duterte 'bye-bye America' and we don't need your money


Reuters December 16, 2016
122 Comments


Philippine President Rodrigo Duterte speaks during a visit in Tarlac city in northern Philippines December 11, 2016. REUTERS/Czar Dancel More

MANILA (Reuters) - Philippine President Rodrigo Duterte told the United States on Saturday to prepare for repeal of an agreement on deployment of troops and equipment for exercises, declaring "bye-bye America", and we don't need your money.

But Duterte suggested relations could improve under a President Donald Trump. "I like your mouth, it's like mine, yes Mr President. We are similar and people with the same feathers flock together."

Returning his focus to the present U.S. administration which has criticized him over reports of extra-judicial killings in his campaign against drugs, he said:

"We do not need you," Duterte said in a news conference after arriving from visits to Cambodia and Singapore. "Prepare to leave the Philippines. Prepare for the eventual repeal or abrogation of the VFA."

The Visiting Forces Agreement (VFA), signed in 1998, accorded legal status to thousands of U.S. troops who were rotated in the country for military exercises and humanitarian assistance operations.

"Bye, bye America and work on the protocols that will eventually move you out of the Philippines," he said, adding his decision would come "any day soon" after reviewing another military deal, Enhanced Defence Cooperation Agreement.

The firebrand leader was visibly upset and vented his anger on Washington because of a decision by the Millennium Challenge Corp (MCC) board to defer vote on the re-selection of Manila for compact development due to human rights issues.

"We do not need the money. China said they will provide so many," he said. "The politics here in Southeast Asia is changing."

https://www.yahoo.com/news/philippin...164032954.html

So, lets see, Obama has accused Russia of attacking American Democracy only to be told "prove it or shut up", spied on China with ocean drones in the South China Sea only to have China's Navy "seize one of the drones", and accused the Philippines of human rights violations only to be told "get your military forces off our island."

Well, all I can say to all of it at this point is THANK GOD IT'S FRIDAY!!

US to ship 1,600 tanks to Dutch arms depot in ‘clear message’ to Russia

How about some proof that'll pass the smell and IT test of America's IT trained citizens?

VIRTUALMAKER

THE FUTURE


Cybersecurity Expert: Proof Russia Behind DNC, Podesta Hacks


Eric Chien, a leading cybersecurity expert at Symantec, discusses the Showtime doc ‘Zero Days,’ how he uncovered the Stuxnet cyberattack on Iran, the election hacks, and much more.

MARLOW STERN
11.05.16 6:06 PM ET

The most terrifying film of the year isn’t some J-horror mind**** or Michael Moore’s stab at stand-up comedy, it’s Zero Days—a documentary about the state of cyberwarfare.

Acclaimed filmmaker Alex Gibney’s latest chronicles the Stuxnet computer virus, a cyberweapon said to be created by the U.S. and Israel that targeted the Natanz nuclear enrichment lab in Iran, decommissioning approximately 1,000 centrifuges and slowing down the country’s nuclear program. Stuxnet was part of Operation Olympic Games—a covert campaign waged by the two countries against Iran’s nuclear facilities that began under President George W. Bush in 2006, and continued under President Barack Obama. Olympic Games “is probably the most significant covert manipulation of the electromagnetic spectrum since World War II, when cryptanalysts broke the Enigma cipher that allowed access to Nazi codes,” wrote The Atlantic.

Zero Days interviews several CIA and NSA employees who claim that Olympic Games was part of a much larger Iranian cyber mission called Nitro Zeus. In the event that Israel launched airstrikes against Iran, the U.S. and Israel allegedly infiltrated Iranian command and control systems so they couldn’t speak to each other in a fight; their IADs, or missile defense systems; power grids; transportation; and financial systems. “We were inside waiting, watching, ready to disrupt, degrade, and destroy those systems with cyberattacks,” the agents say in the film. “We were everywhere inside Iran. Still are.”


One of the computer experts who decoded and analyzed Stuxnet was Eric Chien, a cybersecurity specialist at Symantec whose job, he says, consists of anything from “protected your 16-digit credit card number to protecting things like U.S. critical infrastructure.” His job, more specifically, is to examine all the latest cyberattacks in order to understand how the attackers work, how their programs work, and how to build protections against them.

The Daily Beast spoke to Chien about state-sponsored cyberwarfare, the hacks on the Democratic National Committee and Clinton campaign chief John Podesta, and why we shouldn’t be too worried about hacking on Election Day.

How do you determine attribution in a state-sponsored cyberattack? There seems to be some confusion over this in light of recent events.

Attribution isn’t going to happen from looking at things like the binary code that’s been created. You can get hints from that, but there’s a real big issue with what people call “false flags.” Even if someone writes in their nickname, or a handle, or uses a language operating system, or puts in dates of their working hours, they could be working in the middle of the night to throw you off. From a binary perspective, looking at the samples and how the attacks are conducted, it’s very difficult. The way attribution has to happen is through old-school intelligence. You have spies working in different countries getting information and discovering that countries have conducted different types of activities. You’re not going to see it purely through cyber forensic analysis.

The issue has come to the fore in the 2016 U.S. presidential election. The Department of Homeland Security and the Office of the Director of National Intelligence—a combined 17 intelligence agencies—issued a statement saying Russia was behind the election hacking.


It is pretty clear judging by the indicators of compromise [IOCs]. The binaries that were used to hack the DNC as well as Podesta’s email as well as some other Democratic campaign folks, those IOCs match binaries and also infrastructure that was used in attacks that were previously recorded by others as having Russian origin. That much we can confirm. So if you believe other people’s—primarily government’s—attribution that those previous attacks were Russian, then these attacks are definitely connected. We’re talking about the same binaries, the same tools, the same infrastructure.

I understand you and your firm have spent significant time analyzing the DNC and Podesta hacks. What groups are responsible, and how did you determine attribution?

We’ve analyzed the tools, the binaries, and the infrastructure that was used in the attack, and from that we can confirm that it’s connected to a group that has two names. One is Sofacy, or “Cozy Bear,” and The Dukes, which is also known as “Fancy Bear.” From the binary analysis point of view, I can tell you that the activities of these attackers have been during Russian working hours, either centered on UTC+3 or UTC+4; they don’t work Russian holidays; they work Monday to Friday; there are language identifiers inside that are Russian; when you look at all the victim profiles they would be in interest to the Russian nation-state. So all of that stuff fits the profile. Now, could all those things be false flags? Sure. Other government entities obviously have come out and said it is the Russian state, and the binary forensics would definitely match that.

SHOWTIME NETWORKS

Can you point to any other attacks conducted by the same groups—Sofacy and The Dukes?

There was another attack that happened in the Ukraine. So in December, in the Ukraine, all the power went out to about 260,000 households, or customers. They basically infiltrated the power company, got access to the machines that controlled the power, they flipped the computer switches off and shut down the power, and then they began to wipe all the machines and devices—overriding the hard drives and trashing the machines so that they couldn’t be started up again, or so that the switches couldn’t come on again.

Ukrainians were able to get power back after six hours by switching to manual mode. They went off their computer monitor mode and physically flipped the switches to bring the power back up. What’s interesting about that case is the fact that they were more behind technologically actually helped them. Something very similar could easily happen in the U.S. and we’re much more beholden to computing infrastructure here, so our ability to switch to manual mode here would be much more difficult.

Is there linkage between the DNC and Podesta hacks and the 2014 State Department hacks that were also believed to be carried out by Russia?

Yeah, these are being conducted by the same groups. We know that from the IOCs—by looking at the tools they use and the infrastructure they use.


The New York Times recently ran a story that concluded while all signs point to Russia in the DNC and Podesta hacks, the Russians only wished to cause chaos and disrupt the political process in America and not elect Trump. It seems like all the attacks are being carried out against the Democrats and Hillary Clinton, so then how can you reach the conclusion that the Russians aren’t trying to elect Trump?

Many of these attacks were happening prior to the nomination of Trump. Based on that theory, people believe that there was a general plan for disruption, and it may be the case now that the easiest and best way to do so is in the manner you speak, but these attacks did not just start happening post-Trump’s nomination. So in that sense, there is a feeling that it’s not a very Trump-specific activity versus an election disruption activity. This is the easiest way for them to disrupt the election.

But they’re trying to disrupt the election of Hillary Clinton, no? Are the Republicans also being targeted?

Well, the Republicans aren’t being targeted in a public way where their emails are being leaked. We haven’t seen that yet. But to say that the Republican campaigners or people haven’t had their machines infiltrated or documents stolen or things like that—that we don’t know. But I think it’s pretty reasonable to imagine that attempts are being made for that to happen as well. This just might be the easiest way—or the strategy—for the people that want to disrupt the election to do so.

Should the American people be worried about voting machines being hacked on Election Day?

If the race were literally a one vote difference, then the country would need to be worried. But the spread is large enough and spread amongst the country enough that it would require quite a conspiracy for it to be conducted. Can an election machine be hacked? Sure. But that’s a very isolated view. You have to remember that, in many of these jurisdictions, they have policy procedures like bringing out the tapes, having two people review them, etc. Those checks and balances make it much more difficult to do. You see a lot of news that election machines can be hacked, and that’s absolutely the case, but there are procedural checks and balances that make it very difficult from succeeding.

Let’s talk about the Stuxnet worm—the U.S./Israeli cyberattack against the Natanz nuclear enrichment facility in Iran. How did you come across it?

Within the security industry we share telemetry and information about all the attacks that we’re seeing with each other. At any individual company we don’t have full visibility over the entire world, but collectively we sort of do. What happened was there was a company in Belarus that found this on one of their customer’s machines. All they knew was it was causing weird reboots and it had some exploit inside of it—some piece of code that was allowing it to spread all by itself.

That fact that it had an exploit inside of it already raised the alarms since the number of threats we have that use these kinds of exploits are few and far between. So he shared it out to the rest of the security industry because he didn’t know what it was.


We began to look at it and what’s interesting is, in general, your average threat we look at usually takes us about 20 minutes max to analyze, and then we ship out protection for it. So just to give you a sense of the difference that Stuxnet was, it took us three months-plus to understand all of its code, and it was 20 times the size of the average piece of code that we look at. Over those three months, we began to discover bits and pieces more and more until we got to the very end and realized this was attacking Iran’s nuclear enrichment program.

And Stuxnet had four zero-day switches—an extraordinarily large number for a worm. Can you discuss what a zero-day exploit is, and why it’s so dangerous?

In all of 2012, we had 12 Microsoft zero-days, and four of those 12 were all inside of Stuxnet. We get millions of these threats every single day, and the vast majority of these don’t have any zero-days inside of them at all—and Stuxnet had four. What a zero-day exploit does is it allows a threat to spread from one computer system to another without you doing anything. The computer just has to be on and operating. Most threats that you see out there, you have to do something—go to a webpage, download a file, open a file, open an email. It requires some action on your behalf. But when you have a zero-day exploit, there’s some bug in some software in the computer—some thing that isn’t coded correctly—and the threat takes advantage of that to get on your computer and then jump to another computer without you having to do anything. The “zero-day” terminology means it’s unknown to anyone else. There’s no patch available for it and no way to protect yourself from it because the attackers have discovered it and are using it, but the vendors of the software don’t know about it and can’t patch that hole that allows it to operate.


And Zero Days puts forth that Stuxnet was allegedly part of a larger cyberattack plan code-named Nitro Zeus, wherein the U.S. infiltrated the entire Iranian infrastructure, from its missile defense systems to financial markets—or, as the NSA and CIA agents say in the film: “a full-scale cyberwar with no attribution.” It sounds terrifying.

What’s even more worrisome is that since the time the film was made, we’ve seen multiple campaigns from potentially multiple different state actors all doing very similar things—basically placing their implants, their malicious code, in key places in the infrastructure of different countries. Just waiting. So potentially some political event happens and then they can literally flip the switch, and through some cyberattack bring down critical infrastructure. So it’s not just reserved to something like Iran’s infrastructure being infected this way. We saw very similar things happening both in Western Europe and in the U.S. with potential state actors trying to infect critical infrastructure. This continues to go on, and since the time of Stuxnet we’ve seen a hundred different attack campaigns from all kinds of different potential state actors, both small and big. We are already in a state where the countries now know this is going on, look at it, and say, OK, we need to have our own offensive campaign. And the cost to do so is much, much lower than creating a nuclear bomb or other conventional types of warfare.”

http://www.thedailybeast.com/article...sta-hacks.html

Let China have the Phillippines. We long ago moved out of the Philippines back in the nineties. Maybe they will also take the "territories" we have there, like Guam and the rest.

Since Cuba is no longer a problem, we could take the same attitude about Puerto Rico. Get rid of it, let them become an independent country.

Philippines Orders U.S. to Leave Strategic Navy Base

Published: December 28, 1991.

BANGKOK, Thailand, Dec. 27— The Philippines told the United States today that it must withdraw from the Subic Bay naval base by the end of 1992, ending a vast American military presence that began with the capture of the islands from Spain in 1898.

Philippines Orders U.S. to Leave Strategic Navy Base

www.nytimes.com/.../philippines-orders-us-to-leave-strategic-navy-base-at-subic-bay.ht...

Why don't we just admit we have a whole host of problems in this country that needs solving and stop trying to tell other countries how to live.

Pres. Bush said we aren't into nation building, but it seems we are really good at nation destruction - others as well as our own.

Originally Posted by pkskyali

Let China have the Phillippines. We long ago moved out of the Philippines back in the nineties. Maybe they will also take the "territories" we have there, like Guam and the rest.

Since Cuba is no longer a problem, we could take the same attitude about Puerto Rico. Get rid of it, let them become an independent country.

I disagree with you. I think it is very important for us to show a strong military force around the world. Each and everyone of our military installations has a specific purpose. My daughter and her husband just came back to the states from Guam and as much as I hated for them to be so far, I understand that our military has to be in key areas to support our forces. Stop and think about it. These installations supply medical care, storage of weapons, intel functions, mechanical supplies, etc. It is all about logistics. Everything that is needed fast without having to travel back to the states. China would love for the U.S. to close all of their installations in the Pacific.

Originally Posted by MontereySherry

I disagree with you. I think it is very important for us to show a strong military force around the world. Each and everyone of our military installations has a specific purpose. My daughter and her husband just came back to the states from Guam and as much as I hated for them to be so far, I understand that our military has to be in key areas to support our forces. Stop and think about it. These installations supply medical care, storage of weapons, intel functions, mechanical supplies, etc. It is all about logistics. Everything that is needed fast without having to travel back to the states. China would love for the U.S. to close all of their installations in the Pacific.

We were happy to leave the Philippines. The Philippines used to house a US military base. When that volcano went off, we took the opportunity to shut the whole mess down.

There is such a thing as over extending yourself for no good reason. You really have to ask yourself what we need any kind of military operation in these territories. Are we really positioned any better against the Chinese? Our historical military concern in the area was Japan, not China. More recently it was Korea, then Vietnam. And certainly none of Southeast Asia had any ambitions outside of Southeast Asia.

Now what? Our interests lie more with Korea, Japan and even Vietnam and the rest of Southeast Asia. It's hard to see how the "territories" contribute to that.

https://en.wikipedia.org/wiki/Territ..._United_States

https://en.wikipedia.org/wiki/Guam

https://en.wikipedia.org/wiki/Northern_Mariana_Islands

https://en.wikipedia.org/wiki/American_Samoa

Frankly, I doubt the Chinese want them either.