Rick Moen via luv-talk <luv-talk@luv.asn.au> wrote:
For example, large numbers of e-mails relevant to the Hillary Clinton campaign were sucked down from Clinton Campaign head John Podesta -- but not in any clever or surprising fashion _at all_. Instead, it turns out that Podesta was relying on GMail(!), and got suckered into clicking on a phishing link that gave his GMail access credentials to the computer criminals.
The end user (and the end user's system) indeed constitute the most likely focus of attack, for this is where the greatest vulnerabilities lie. I would expect U.S. government systems and networks, especially those which carry classified information, to be well protected against sophisticated adversaries, especially state actors. It's the same expertise that brought us SELinux, an undeniably powerful security infrastructure in the hands of administrators who know how to deploy it.