Simple use case: What version of the json module is this live code running?
(when you don't even know the attribute name)
# At a pdb prompt, from a frame where json is global or local:
(Pdb) import pobshell; pobshell.shell()
Welcome to Pobshell - type 'help' for commands, 'quit' to exit
/ ▶ find json --name *version* -i -a -l
/json/__version__ str '2.0.9'
/json/codecs/sys/api_version int 1013
/json/codecs/sys/hexversion int 51055600
/json/codecs/sys/version str '3.11.11 | packaged by
# -i case insensitive
# -a include hidden attributes (_ and __ prefixed names)
# -l give an 'ls -l' listing of the matched objects
But how many citizens know calculus, literature and physics? Certainly not enough know history - or US democracy wouldn't be facing the threat it does now.
The poorly educated need a livelihood too. If the economy is healthier for global trade (I think it is), then some way must be found of destributing its benefits to the demographics who got hit. Otherwise you get revolution or populism.
Telling an unemployed factory worker to send their kids to college doesn't help. Doesn't help the factory worker, and doesn't help kids who see education and middle class jobs as about as unreal as the idea of becoming a famous influencer or kingpin drug dealer.
As an aside: Hardware as a service is annoying and feels horrible, but is probably the only way to achieve the long lifetimes we need for consumer goods in a world where reviews are unreliable and we need to stop wasting resources on planned obsolescence.
I wonder if the fact that DNA & RNA only occur with one chirality tells us something about how frequently this step occurs in the Drake equation.
If the step from non biological organic molecules to RNA & DNA happens often, wouldn't we expect L-DNA and L-RNA to appear in nature?
It is pretty strong evidence that the step from going from other molecules to RNA/DNA only happened once. Our molecules definitely changed their environment, so it is probable that they out-competed their mirror molecules.
Attribution is not from tracing connections or domain ownership, it's from looking at the coding style, the "Tactics, Techniques and Procedures" and the choice of targets.
It's a complex combination of all of those things, in addition to more "offensive" type intelligence collection (spying on GRU/SVR buildings, communications, and officers, essentially, and compromising their infrastructure).
You might be surprised about how even the world's top intelligence agencies sometimes do make simple mistakes with domain and network registration which really are just genuine fuckups rather than false flag subterfuge. This is very rarely a matter of something silly like "Russian IP = Russian intelligence" and more like sloppily re-using an ostensibly non-attributable network or nameserver they didn't realize was already burned.
We're still kind of in the infancy of cyberwarfare. Attribution will probably be harder in a few decades.
But, yes, it's generally a matter of TTPs, target selection, goal analysis, and style.
You can see it in Bellingcat's investigations - carelessly reusing burners, calling from GRU offices, reusing passports, calling from two burners one immediately following the other.
Yep, all enabled by the fact that Russia is so corrupt, anyone can pretty easily buy any data about anything on anyone. So any private citizen with a bit of money and some skills can effectively act like a para-intelligence agency, which is essentially what Bellingcat is.
For anyone curious, they have two excellent articles on this from a few days ago:
There was also an amazing investigation into this published yesterday by a Russian outlet, interviewing some of the black market data brokers and law enforcement officers (both of whom claim some of the brokers will be hunted and killed by the state, now):
That's just fancy technical terms to justify the propaganda. If these kinds of "hard proof" which definitively link hacks to nation state actors exist, why are they never publically revealed?
Might still be backed by old fashioned humint - maybe an asset in Russia told someone. If so, that might be trustworthy, but also needed to be kept secret. If I needed to publicize and justify such information, I might try to claim that "the coding of the exploit was consistent with Russian trade craft" or something like that...
With sticks and stones? They've been inside the nuclear defence computers for months.
With sanctions? When the government may just stop working altogether for a year or more?
The backups can be backups of the whole image. That's fine, as long as the file structure is still there, so that you can restore the data, but not the programs, and even more not the OS.
There's surely a lot of bespoke software in those core Govt systems. So they'll be trying to run a software image from months ago with yesterdays data. The success of that depends on how quickly the software has been changing.
# At a pdb prompt, from a frame where json is global or local:
reply