A year ago, a 65-year-old who had saved a healthy $2.5m for their retirement and invested 80% of it in government bonds and 20% in stocks globally would have typically drawn an income of $100,000. If inflation stayed modest, they would have been able to draw a similar real income for the next 30 years. The asset-price crash, however, means that the value of the pot has fallen to around $2.1m—allowing them to draw nominal annual payments of just $83,000. Soaring inflation, meanwhile, has eaten up another 10% of that income, leaving them with just $75,000 in real terms. And the shrinkage is hardly over. Should inflation remain above 2% for a while—say it averages 3% a year instead—then a retiree who made it to 90 might well be living on just 65% of the real income they might have expected until recently.

This impoverishment could fast become reality for millions. A lot of baby-boomers turned into pension-boomers in 2021. The Federal Reserve Board of St Louis reckons there were 3.3m more retired people in October 2021 in America than 20 months before. More than half of Americans over 55 have left the labour force, up from 48% in the third quarter of 2019, according to the Pew Research Centre, a think-tank in Washington, dc. This reverses a decades-long increase in the share of people working past 55, which has slid back to the levels of 2007-09 in just a year. A similar pattern is evident across the oecd club of mostly rich countries.

Survey data already suggest some of those who recently retired are considering returning to work. Those who do not, or cannot, probably face leaner years than they had expected. But individuals are not the only ones who will bear the burden of the adjustment. Some of it will also be shouldered by governments, through social-security and national-insurance schemes. And part of it will be borne by a creature that is becoming ever rarer: the defined-benefit (db) pension plan.

Many of those considering retirement today spent much of their lives working during the golden age of db schemes, when firms or employers in the public sector, such as schools and local governments, agreed to pay workers an annuity after they stopped working. Of the $40trn held in retirement assets in America today, $17trn is held in such schemes.

A typical db payout is worth 2% of a worker’s final salary, multiplied by years of service. So a teacher employed for, say, 40 years, who retired when her salary was $80,000, would be paid $64,000 per year for the rest of her life. In this way the employer shouldered all the investment risk the individual would otherwise have to face; db schemes, not their members, are the ones bearing the mighty losses in asset prices this year. Some plans also adjust payouts for inflation.

Over recent decades, ageing populations and rising life expectancies have together pulled down interest rates; bigger savings pools chasing a finite volume of assets meant capital became cheaper. It gradually became clear to firms and public-sector agencies just how hard keeping their pension promises was going to be. From the 1980s the private sector therefore began to phase out its offerings of such plans: the share of employees enrolled in db schemes in America dropped from nearly two-fifths at its peak to just a fifth by 2008. Then the strain of the financial crisis prompted many firms to reclassify db plans as defined-contribution schemes, where workers simply contribute a set amount to the pot with no guarantee of what they get back after retirement.

Public-sector employers have had much less success in reducing their exposure to these overgenerous pension schemes, however. The result is that around $13trn of America’s db assets are managed by state, local and federal governments. Many of the biggest db schemes, and some of the biggest pension funds in existence today, are run by public institutions, such as the California Public Employees’ Retirement System (Calpers) and the Ontario Teachers’ Pension Plan (otpp). The portfolios of such beasts, worth hundreds of billions of dollars, are suffering just as many more of their members are getting ready to ask for their money.

The way to measure how easily a pension plan will meet its liabilities in the future is to look at its “funded ratio”. This compares the pot of investments it currently holds against the expected future value of the promises it has made to those paying in. The sum has three moving parts: the value of the current investment pot, the discount rate used to calculate the present value of future payouts, and the stream of those expected future payments.

The third factor is the hardest to figure out, because future payouts are based on undetermined final salaries and on how long the recipient and their spouse, who is often eligible for payments, might live. Olivia Mitchell, a professor of insurance and risk management at the Wharton School of the University of Pennsylvania, points out that the income stream a db pension scheme might owe to someone joining the plan today could stretch more than a century into the future, if you include payments made to partners.

Still, it is the other two elements—the value of the investment pot and the discount rate—that decide whether funded ratios soar or sink. The easiest way to run a pension is to match assets with liabilities, by buying long-term bonds that pay out when pensioners come knocking. If yields on American government bonds are the benchmark, say, then the pension manager might simply buy lumps of them. Should the value of those assets plunge, the pension plan would still be able to meet its expected future liabilities: it would only have to hold the bonds to maturity and distribute the yield it was promised when it bought them.

That strategy only works, though, if the plan is “fully funded”: that is, if the cash it has to begin with is worth 100% of its expected liabilities. If it is underfunded—perhaps because contributions are not high enough, or because it made some poor investments in the past—then putting all of its assets into the investments that earn the discount rate on its liabilities will set a fund up for bankruptcy down the road. Many underfunded pensions have had to take risks—by holding equities, for example—in a bid to fill their funding gaps. A combination of bad investment years (such as 2001 or 2008), falling discount rates, ageing populations and the political infeasibility of asking employees to contribute more has pushed a lot of db schemes into the red in recent years.

In isolation, falls in the value of the pot are bad. But although higher interest rates hurt asset values, they can also be helpful for pension schemes, because they reduce the present value of future payouts. This year has therefore not been a bad one for all pension plans. Indeed, corporate pensions in America have done rather well. After a bumper 2021, the average corporate pot was fully funded at the end of the year, for the first time since 2007. Corporate funds then moved to reduce their investment risk early by swapping many stocks for bonds—an asset-allocation shift so huge and rapid that it may have contributed to the end of America’s stockmarket rally at the start of this year.

Corporate plans elsewhere have not been so lucky, if only because their stockmarkets did not do as well to start with. Many British corporate plans, for example, are still underfunded. In recent years that has led them to adopt strategies in a bid to protect themselves against falling interest rates; one, called “liability-driven investing” (ldi), nearly blew them up over the summer. To ensure they did not look more underfunded when rates fell, many British funds loaded up on derivatives that would pay out when rates dipped, but required them to cough up cash when they rose. As rates rocketed, many funds faced margin calls so big that they threatened to absorb all the cash the funds had to hand. Only when the Bank of England intervened did the danger of bankruptcy ebb.

The big losers of 2022, though, are public pensions. Whereas over the past 12 months the average funding ratio for a private plan has risen from 97% to around 110%, that of public pensions in America, which stood at 86% a year ago, their highest since the financial crisis, has dropped to 69%—close to a four-year low.

There are two main reasons for the slump. One is that the discount rates used by public plans, rather than being benchmarked to a given asset market, are instead set by external committees. The trouble is that these committees did not reduce discount rates by as much as interest rates fell over the decade that followed the financial crisis, which made it difficult to raise them by much this year, as interest rates rose again. This means the liabilities those pension funds must face in the future remain nearly as high as before.

At the same time, funds’ investments have performed poorly. As yields on bonds fell across the developed world in the 2010s many underfunded plans moved into riskier investments, such as leveraged loans, private equity, venture investing and even cryptocurrencies. otpp held a stake in ftx, a crypto exchange once valued at $32bn that went spectacularly bust last month.

Funding ratios can dip only so far before pension funds get into serious trouble. “Once a plan is only 40% funded,” grimaces Mike Rosborough, a former portfolio manager at Calpers now at AllianceBernstein, a research firm, “there is often no going back.” It becomes almost impossible, at those kinds of levels, for the pension plan to pay out the annual liabilities it owes to those who have already retired from the income it makes on its assets. It is instead forced to sell those assets off. This quickly becomes a self-perpetuating, vicious cycle: the more assets it has to sell, the smaller the pot, and the more underfunded it becomes. This can go on until the assets hit zero—at which point the plan becomes “pay as you go”: it uses the contributions of current payers to pay former workers, or is bailed out by taxpayers.

This may never become a problem for Calpers. California is a rich state which has been directing extra funding to its pension plans from its budget surplus for years. But it is becoming a scary possibility in American states like Kentucky, Illinois, Connecticut and New Jersey, where public pensions are around just half-funded.

Even with all their problems, pensioners that depend on underfunded public db plans are miles better off than those relying on Social Security (the American equivalent of National Insurance). Transfers are mostly paid using contributions from current workers. That first started to look shaky in 2008, when withdrawals exceeded contributions for the first time. Payments have since been partly financed from a trust based on past surplus contributions. But the excess of withdrawals over contributions means that this trust is projected to run out in 2035, after which the state will have to make up the difference. The fate of many db and social-security pensioners alike could ultimately depend on the government’s willingness to bail them out.

It’s a rough year to be a high-profile Russian: After nearly eight months of war in Ukraine, the Russian military is reeling and on its back foot; sanctions continue to squeeze the country’s economy and elite — and at least 15 Russian businessmen and executives have died in apparent accidents or by suicide, including a number of Putin allies.

The victims range from an executive with Gazprom, a major state-owned oil company, to the managing director of a state-run development corporation. The causes of death range from unremarkable — a stroke, for example — to lurid, such as death by toad poison in a shaman’s basement.

Combined, the sheer number of deaths, as well as the prominence of the dead and a long history of suspicious demises in Putin’s Russia, have raised questions about whether something other than ordinary bad luck is at fault.

According to Stanislav Markus, an associate professor at the University of South Carolina business school and author of Property, Predation, and Protection: Piranha Capitalism in Russia and Ukraine, it’s a near certainty. “We can almost certainly rule out the official explanation of the deaths as suicides or poor health,” Markus told me via email. He’s not alone; theories vary — and generally don’t feature some grand conspiracy by the Kremlin — but a number of Russia experts see “more than just randomness” in the deaths.

The string of mysterious fatalities began with the death of Gazprom Invest transport director Leonid Shulman in late January; a suicide note was reportedly found near his body, and the death was investigated as such.

Another Gazprom executive, Alexander Tyulakov, died in February, also by suicide, as did Ukraine-born billionaire Mikhail Watford, who was found dead in his house in the United Kingdom.

Vasily Melnikov, the founder of the medical supplies company MedStom, was found dead in March, in a possible murder-suicide along with his wife and his two children. Another alleged murder-suicide, that of former Gazprombank executive Vladislav Avayev and his wife and teenage daughter, followed in April, just one day before former oil and gas executive Sergei Protosenya was also found dead along with his family in a third possible murder-suicide incident.

Avayev and his family were shot to death, according to news reports, while Protosenya was found hanged and his wife and daughter fatally stabbed.

Other subsequent deaths, including multiple deadly falls — down stairs, from a window, from a moving boat — have also prompted speculation, though there is no overt evidence of foul play.

Most recently, Pavel Pchelnikov, a manager with the Russian Railways subsidiary Digital Logistics, died by suicide late last month; shortly before that, on September 21, a former Russian aviation expert, Anatoly Gerashchenko, fell to his death “from a great height” and down multiple flights of stairs, according to a report in the Daily Beast citing Russian media.

Of the dead, a number have links to Gazprom and Novatek, Russia’s two largest natural gas companies; two others were affiliated with Lukoil, also a major energy company in Russia.

In several cases, the family and friends of the dead have already raised questions about their deaths, or rejected official conclusions of suicide.

In a statement after Protosenya’s death, for example, Novatek, his former employer, said that speculations about his death “bear no relation to reality,” an apparent reference to early reports in Spanish media describing it as a murder-suicide. Protosenya’s son, Fedor, also told the Daily Mail that his father “could never do anything to harm them [his family]. I don’t know what happened that night but I know that my dad did not hurt them.”

Igor Volobuev, also a former Gazprombank executive, told CNN he does not believe Avayev’s death was truly a murder-suicide.

“He was in charge of very large amounts of money. So, did he kill himself? I don’t think so. I think he knew something and that he posed some sort of risk,” Volobuev said.

There’s something to these suspicions — political assassinations, after all, aren’t exactly unusual in Russia. Assassination by purported suicide is virtually a category to itself: As Ian Bremmer, president of the Eurasia Group, remarked on Twitter in September, “for those keeping track at home, 12 ‘threw himself from window/shot himself 7 times in the head’ russian oligarch deaths this year so far” (a number that has since increased).

As recently as two years ago, Alex Ward highlighted a similar trend in a different sector of Russian society in a story for Vox: coronavirus doctors dying after falling from high windows early in the pandemic. Those deaths were equally unexplained, but as Ward wrote at the time, murder “may not be completely out of the question.”

That ambiguity is a common theme around deaths in Russia; though there is rarely clear-cut evidence, questions surrounding the deaths of Putin critics stretch back nearly two decades.
Three experts told that was equally the case here — though they stressed the degree of uncertainty surrounding the deaths.

“The number of [deaths] seems higher than random chance would suggest, but that doesn’t mean that it’s all part of the same story. Some of them really could be suicides or accidents. Some of them could be murders.”

According to the experts, the sheer volume of accidental deaths and suicides so far is enough to mean that this is unlikely to be the true explanation in every case. It’s not impossible, however; sometimes a suicide is just a suicide and an accident is just an accident, no matter how odd.

There are certainly factors that point in that direction, even beyond official findings in the deaths. Specifically, as Ward pointed out in May 2020, Russia has the third-highest suicide rate in the world, according to the World Health Organization. The data is now several years old — the last full set is from 2016 — but that year, about 122 people died by suicide each day in Russia, equal to more than 44,500 deaths a year.

Additionally, according to Peter Rutland, a Russia expert and professor of government at Wesleyan University, Russia’s system, and perhaps especially its business community, is under substantial pressure due to the war.

“These are incredibly stressful times, right?” Rutland said. “Businesspeople have seen their chances to visit Europe frozen, their assets frozen, their yachts seized, the value of the shares in their companies.”

Those factors, Rutland told me, could conceivably provoke a spate of suicides.

“If businesspeople had loans that were collateralized with those assets, or which required some kind of business income, which has just disappeared because of the sanctions, you can only imagine that that would drive people to suicide,” he said.

Of course, that doesn’t account perfectly for the murder-suicides, or the number of fatal accidents. But it’s not impossible that at least some of the deaths are no more than what they seem on the surface.

One of the most dramatic and often-speculated-about explanations is that the deaths are really killings — carried out at the order of the Kremlin and Russian President Vladimir Putin.

As Bill Browder, a onetime investor in Russia turned Kremlin critic, told the Australian Broadcasting Corporation (ABC) this month, “when people of all the same industry die that way, it looks to me like what I would call an epidemic of murder.”

According to ABC’s Samantha Hawley and Flint Duxfield, Browder “told the ABC News Daily podcast he had little doubt the deaths of the Russian oligarchs — predominantly from the oil and gas sector — have come at the orders of the Kremlin.”

Under Browder’s theory, as he explained it to ABC, the pressure of sanctions has created a financial crunch for Putin, and the deaths of businessmen are a particularly brutal way to revive streams of funding for the conflict — particularly from Russia’s oil and gas industry.

“I would suspect that this guy said ‘no’ and then the best way of getting that flow of cash is to kill him and then ask his replacement the same question,” Browder told ABC.

It’s a tempting answer, particularly given Putin’s long history of assassinating or attempting to assassinate dissidents, such as Alexei Navalny, who was poisoned with the Russian nerve agent Novichok in 2020 and has since been imprisoned in Russia. It’s also something Browder is familiar with — his lawyer, Sergei Magintsky, died in a Russian prison in 2009 after uncovering apparent large-scale fraud by the Russian government.

However, it’s not the most likely explanation in this case. “It’s a big leap from saying yes, there’s been a campaign of repression against internal opposition going back for a long time, and evidence of some high-profile people being targeted by the state, to saying everyone who’s killed mysteriously was killed either because of their business dealings with Putin or their criticism of the state...”

Fiona Hill, a former Russia specialist on the National Security Council staff, agrees. “Not every unexplained death in Russia is the KGB or the GRU bumping someone off,” she told Politico Magazine in August regarding the apparent suicide of Dan Rapoport, a Washington, DC-based Kremlin critic who previously did business in Russia.

That leaves a third theory, one that s far more likely than either a Kremlin-directed campaign of assassinations or a spate of genuine accidents and suicides.

Specifically, the recent run of deaths among Russia’s business elite could well be disguised killings — but the killings may be a product of Russia’s tangled political and economic structures, which are newly under pressure from Russia’s war in Ukraine, more than of any specific, overarching agenda.

The deaths could have more to do with “shady business, attempt to cover tracks, attempt to wipe out a competitor, trying to maybe get rid of someone who’s inconvenient at a time when there’s a lot of pressure on state-affiliated companies, especially in the oil and gas sector, but also in the defense sector.”

Markus agrees, noting in an email that “there are competing influential clans” within the Russian state “that span state institutions and private or state-owned firms.”

“So far these clans have been loyal to Putin, but this loyalty has not reduced their predatory appetites,” Markus told me. “From the clans’ viewpoint, the current situation has led to (1) lower cash flows available for diversion or theft; and (2) less certainty in Putin’s future as the ultimate leader of Russian kleptocracy. Hence, clans may be settling their scores and competing more viciously — which could involve murders in question — without this being a centralized Kremlin effort.”

That explanation also makes more sense than the Kremlin-directed conspiracy theory, given the cross section of Russia’s business class that’s turned up dead. Though there are some common linkages — ties to energy companies, for example — some experts, such as Mark Galeotti, the author of the upcoming book Putin’s Wars: From Chechnya to Ukraine, have pointed out that coverage of the deaths can paint with an overly broad brush.

“When did the death of the former rector of a technical university become the (implied: mysterious) end of a ‘Putin ally’? (Everyone dying in [Russia] now is elevated to oligarch or ally),” Galeotti tweeted after the death of Geraschenko in September.

Significantly, there’s still a great deal of uncertainty around the deaths. However, under the third and, according to them, more likely theory, continued pressure on Russia’s economy could well accelerate the trend.

Violence as a way of doing business has been “deeply normalized going back to the 1990s,” Rutland said. “And so as the regime enters what could be its death throes, or certainly it’s under huge pressure, you can imagine that there’s gonna be this — well, it’s not yet a bloodbath, but you can imagine that the faction fighting will get even more desperate.”

There are no satisfying answers to be had, at least for now. Recent history supports the idea that such deaths are something Putin would be fully capable of, but he lacks a clear motive that connects them all; as some close Russia watchers have observed, Russia’s cutthroat business culture is at least equally likely to be culpable as a repressive Kremlin. In both cases, there’s a distinct dearth of evidence — but the speculation only underscores the overlapping brutality of Russian business and Putin’s regime.

Mr. Mounk is Jewish, his parents are Polish and he was raised in Germany. Today he is a lecturer at Harvard University and leads the Renewing the Centre programme at the Tony Blair Institute for Global Change in Britain. Though he admits that he has grown “even more pessimistic” watching the Trump presidency, he is an optimist. His next book, he says, will probably be on “how to make a multiethnic democracy work”. Below five questions to answer in around 100 words each is an excerpt from his book “The People vs Democracy: Why Our Freedom Is in Danger and How to Save It” , on how to resist populists.

Question: You note the separation of liberalism from democracy. Please explain how they are different?

Answer: Our political system aims to realise two core values: liberalism and democracy. When they work well, liberal states ensure that citizens enjoy individual freedom. They should be able to decide on their own what to say (or not to say), who to worship (or not to worship) and how to lead their lives. At the same time democratic states also enable collective self-determination. Instead of allowing a priest or a general or a monarch to make their minds up for them, citizens get to decide their own political fate.

Q: When and why did the "liberal democracy" contradiction emerge: has it always been an inherent feature?

A: Liberalism and democracy can reinforce each other: we need freedom of speech to sustain fair elections. At the same time, the ability to boot out an overreaching government protects our individual liberty. But the potential for them to come into conflict has also always existed.

In the end, no clever institutional set-up can stop the people from impinging on the freedom of individuals, or handing more and more power to an authoritarian ruler, when they are deeply dissatisfied with the status quo. Since citizens of many democratic countries have grown particularly dissatisfied with the performance of their governments over the past decades, this tendency is especially pronounced at the moment.

Q: How much of the populist surge is a result of economic inequality and stagnant incomes for the 99%? If we fix that, will it deflate the populist trends—or is there more to it than economics?

A: Populists have been rising in virtually every liberal democracy around the world, and they have been doing so for a long time. So we need to look for structural and cross-national reasons for their success. These include the rise of the internet and of social media, which make it easier for outsiders to challenge incumbent elites, as well as a rebellion by parts of the population against the rise of increasingly multiethnic societies.

But they also include the remarkable stagnation of living standards for ordinary citizens which many countries, like the United States, have experienced in the past decades. Giving people back a sense of optimism about their—and their country's—economic future would not fix everything. But it would go a long way toward rebuilding trust in the ability of liberal democracy to deliver tangible benefits for ordinary citizens.

Q: Artificial intelligence is poised to transform business and society: why not governance? Many political challenges seem remediable by algorithm—an actual technocracy to replace the technocrats. Is this a viable way forward?

A: Tech can definitely help to make the delivery of government services more painless and less bureaucratic for citizens. That's a big win. But there are two big obstacles to utopian dreams of an “actual technocracy” which will be hard to overcome. First, many government decisions contain an important normative element; leaving these up to algorithms only obscures that fact, often with deeply unjust ramifications.

Second, modern democracies face a much deeper “technocratic dilemma”. On the one hand, citizens want to feel that they are making the decisions. On the other hand, they want to lead their own lives rather than figuring out how to, say, keep a power plant safe. This deeper tension is not resolved by replacing metaphorically faceless bureaucrats with literally faceless algorithms.

Q: In the battle of "the people" versus "democracy", who should liberals in the 21st century root for? What can they do to ensure their side wins?

A: They should resist picking sides. Faced with an electorate that is increasingly tempted by authoritarian populism, some liberals may be willing to sacrifice collective self-determination all the better to protect individual rights. But our ability to rule ourselves is a core political value—and in the long run, a political elite that rigs the system to keep an angry mob at bay will, in any case, grow tyrannically.

So the solution is twofold. We need to hold fast to both our liberal and our democratic values. And at the same time, we need to show that an energetic defence of these values points the way to many ambitious changes to the status quo. Instead of claiming that everything is already great, as some politicians are wont to do, we need to demonstrate that our values are still able to point us towards transformative policies that make the world a much better place.

In additional here is more from “The People vs Democracy: Why Our Freedom Is in Danger and How to Save It” by Yascha Mounk, published by Harvard University Press: "To stop corrupt or populist governments from entrenching their power, citizens have to uncover violations of democratic rules and norms. They have to take to the streets to show that the populists don’t speak in the name of the whole people. And, no matter how righteous their disdain for the allies and flunkies of authoritarian strongmen may be, they need to do their best to peel off some mem­bers of the ruling regime.

But to stop populists from regaining power in the future and save the system in the long run, its defenders also have to do some­thing more ambitious: they must ensure that liberal democracy once again lives up to the expectations of its citizens.

Over the past years, the Turkish government has arrested so many journalists, fired so many civil servants, and abolished so many in­stitutional safeguards that the country is quickly turning into a straightforward dictatorship. Since taking office in 2015, the Polish government has undermined judicial independence, co­-opted the state media, and colonized the bureaucracy to such an extent that the electoral playing field is increasingly skewed against the opposi­tion. Even in the United States, where the existence of multiple veto points at both the state and the federal level has slowed the ero­sion of liberal institutions, the executive branch has made significant strides toward subverting the rule of law.

In countries such as these, where authoritarian strongmen have already won power and are systematically starting to change the most basic rules of the game, liberal democracy faces an imminent threat to its survival. What can its would­-be defenders do to stop the populists from making further power grabs?

It is rarely easy for the opposition to constrain the actions of a determined government. But when the government consists of au­thoritarian populists who are disdainful of traditional constraints on their power and desperate to bend the system to their will, resis­tance is that much harder. Like in South Korea, it involves coming out into the streets to protest dangerous laws and executive orders. It involves ringing hostile legislators to voice opposition to the causes they support. It involves plenty of meetings, complicated lo­gistics, incessant fundraising, and any number of boring tasks that can seem strangely disconnected from the noble purpose they sup­posedly serve.

“Freedom,” the title of a book by Francesca Polletta suggests, “is an endless meeting.” The preservation of freedom, it can seem in moments of great political peril, calls for an endless series of end­less meetings.

But while the work of resistance is undoubtedly cumbersome, most political scientists do believe that it makes life difficult for populist governments: The painstaking work of opposition can call attention to unpopular policies; slow the progress of pending legislation; embolden judges to strike down unconstitutional laws; pro­vide support to embattled media outlets; change the calculus for moderates within the regime; and force international governments and organizations to put pressure on a would-­be dictator.

Plenty of recent cases showcase such successes: In Poland, mass protests may have helped push the country’s president to veto a proposed legislative reform, which would have given Kaczynski’s party an even tighter grip over the judiciary. In Hungary, mass protests may have helped convince Orbán to allow Central Euro­pean University to keep operating even after he passed a law to shutter it. And in the United States, mass protests may have helped embolden judges opposed to the administration’s travel ban.

The first part of the solution to the threat of populism is as straightforward as it is cumbersome, then. Even when they are faced with powerful adversaries, and even when it feels like wasted time, the defenders of liberal democracy should fight to preserve the basic rules and norms of the existing political system. When­ever a populist ruler oversteps the bounds of his rightful authority, they must pour into the streets—loudly and in large numbers.

Even when the reasons for protest proliferate, and acts of opposi­tion come to feel dishearteningly ineffective, it’s very important for the defenders of liberal democracy to resist authoritarian strong­ men with courage and determination. But since anyone who seeks to constrain the populists faces a decidedly uphill struggle once the strongmen have taken office, it is even more important to beat them at the polls.

This is obviously true in countries where the populists have not yet won. In Sweden or France, in Austria or Spain, citizens retain the power to ensure that candidates with evident disdain for the rules of the democratic game do not get a chance to put their predi­lections into practice. It is paramount that they use it. But even in countries in which the populists are already in office, elections re­main crucial. Since it usually takes years for authoritarian strong­ men to consolidate their power, a lot hinges on the electoral savvy of the opposition.

Five years into the rule of Recep Erdoğan, Vladimir Putin, and Hugo Chávez, many outside observers still believed that they were strengthening democratic institutions in their countries. All three made encouraging noises about the value of political openness and the importance of breaking with an authoritarian past. And though each of them did skew the playing field in his own favor by the time he first ran for reelection, the opposition still retained a real chance of winning. It wasn’t until these strongmen gained a second or even a third victory at the polls that they completed their countries’ de­scent toward outright dictatorship.

This demonstrates how high the stakes will be when authoritarian populists like Jarosław Kaczynski, Narendra Modi, and Donald Trump first come up for reelection in the coming years. If they are soundly defeated, liberal democracy is—at least in the short run— likely to recover in Poland, India, and the United States. If they manage to win another mandate, all bets are off; given enough time and power, each of these leaders is likely to damage democracy in grave and lasting ways.

The only democratic protection from the assault of authoritarian strongmen, then, is to persuade the people to vote against them. But the most active members of the resistance are often surprisingly uninterested in helping opposition parties win. In Poland, for example, the influential Committee to Protect Democracy ex­plicitly eschews any involvement in electoral politics. Similarly, in the United States, many members of #TheResistance are so hostile to the Democratic party that they do not see it as a priority to help the opposition win back Congress in 2018 or take the White House in 2020.

Even in circumstances where opposition parties are deeply flawed, this is the wrong approach. In the end, the only safe bul­wark against the populists is to keep them far from the halls of power. Though it may be unfashionable for activists to campaign for a mainstream party, joining a political movement that has a real hope of success at the polls remains one of the best ways to stand up for democracy."

A British IT manager and former hacker launched and ran an international disinformation campaign that has provided US President Donald Trump with fake evidence and false arguments to deny that Russia interfered to help him win the election. The campaign is being run from the UK by 39-year-old programmer Tim Leonard, who lives in Darlington, using the false name “Adam Carter”. Starting after the 2016 presidential election, Leonard worked with a group of mainly American right-wing activists to spread claims on social media that Democratic “insiders” and non-Russian agents were responsible for hacking the Democratic Party. The hacking attacks had damaged Trump rival Hillary Clinton’s campaign. The claims led to Trump asking then CIA director Mike Pompeo to investigate allegations circulated from Britain that the Russian government was not responsible for the cyber attacks, and that they could be proved to be an “inside job”, in the form of leaks by a party employee. This was the opposite of the CIA’s official intelligence findings. Trump went further at his July 2018 summit with President Putin in Helsinki, saying he believed Putin’s claim that Russia had not interfered. In doing so, he rejected multiple highly classified US intelligence agency reports given to him over the past 18 months, including by former president, Barack Obama. “I don’t see any reason … why it would be [Russia],” said Trump. Three days earlier, the US Department of Justice (DoJ) had charged 12 Russian Federation Main Intelligence Directorate of the General Staff (GRU) intelligence officers with conspiracy against the US, releasing unprecedented amounts of previously top secret information about the agents, offices and tools used in multiple cyber attacks on the Clinton presidential campaign. After returning to the US, facing outrage over his conduct, Trump claimed he mis-spoke and meant to say the opposite of what he said.

The GRU’s hackers were caught red-handed in June 2016, when the Washington Post exposed evidence of their role. Within 24 hours, after the Post had asked Russia for comment, the hackers fabricated evidence and planted a false trail that the hacking was the work of an imaginary, lone Romanian called Guccifer 2.0. While this happened, GRU officers were spotted doing online searches to check English phrases while penning the first blog post for their Romanian fake, according to the DoJ indictment. Guccifer 2.0’s role was “falsely to undermine the allegations of Russian responsibility for the intrusion”, according to the indictment. US and European intelligence agencies identified “Guccifer 2.0” as a Russian deception operation before Americans went to vote. Detailed evidence had not been publicly available until the publication of the indictment. Guccifer 2.0 vanished the week after President Obama released intelligence confirming that Russia had helped Trump to the presidency – just a week before Trump’s inauguration in January 2017. “Here I am, again, my friends,” Guccifer blogged, claiming: “I have totally no relation to the Russian government.” Then he vanished. Tweets, blogs and tempting tips to journalists dried up. The GRU actor playing Guccifer 2.0 tripped up, and gave his hoax away, several times. On one occasion, he made the catastrophic error of forgetting to turn on his virtual private network (VPN) before logging on to WordPress. WordPress is an American blogging service which records login addresses and can give them to the FBI. The exposed address led US intelligence directly to a GRU Moscow office. As Trump moved into the White House, he faced growing suspicion – and now a full-blown investigation – that his campaign had been backed by Russia to help win the presidency. In Britain at the same time, archived evidence shows, Tim Leonard was completing a website intended to obfuscate the truth about Guccifer 2.0 and the GRU.

A Twitter account traced to Leonard revealed his new project – a campaign claiming that the hacking was done by a Democratic Party insider – on 3 February 2017. “What if #Guccifer2 is NOT Russian ... NOT even a hacker – but still had access to DCCC [democratic campaign] docs?” it said. At 1.14am on 5 February 2017, Leonard registered the website g-2.space. He hid his involvement using nominee company Identity Protect Ltd, but was given away by internet records which showed that the site was operated from internet address 213.229.109.154, one of two UK virtual servers he ran for web design company Creative Insomnia. His g-2.space front page went live 13 hours later, and included the hidden warning: “Contingency plans are in place in case this site or its creator are compromised.” A hidden web page comment warned: “If I die under suspicious circumstances, the primary suspects should be the Clinton cartel.” G-2.space’s launch page listed five prominent mainstream journalists he had contacted, and who had faced demands to disclose their evidence and sources about Guccifer 2.0. All declined or ignored him. Leonard’s website was created in and run from the UK, using servers owned by Creative Insomnia of Newport, Gwent. Leonard is listed in company records as a shareholder and director. His activity was not known of or authorised by others in the company (see below). Leonard admits hosting g-2.space, a website which published numerous articles giving mutually contradictory and often nonsensical theories, each attempting to prove that the pretend Romanian was not a Russian disinformation invention. Leonard also admits that he secretly built another website inside the servers he was employed to manage. His first hidden site, Defianet (d3f.uk), initially campaigned on piracy and privacy, themes familiar to programmers who had worked with him on unrelated projects and who spoke with Computer Weekly. Defianet’s front page proclaimed “United in the shadows” when it went online in September 2014. During 2017, he transformed Defianet to make it a focus for US extremist and conspiracy “independent media” groups, many of which are notorious for spreading false news. The site also promoted WikiLeaks and Russia Today (RT), the state-owned media channel. Leonard has created and managed a library of disinformation manuals and techniques shared with his supporters, including “Weaponisation of social media”, “Deception techniques” and “Information warfare”. He moved the library to g-2.space after being ordered to close Defianet. Leonard, who lives in a modest red-brick house in Darlington, is the technical director of Creative Insomnia. He admits that he built websites “making use of Creative Insomnia’s infrastructure”, including g-2.space, without the knowledge of his company, a fellow director and other workers. It was “entirely my responsibility ... not a board-approved decision”, he confessed in a letter. G-2.space claims to be written by an anonymous persona called Adam Carter. The name was copied from a character in Spooks, a BBC spy drama series broadcast from 2002 to 2011. Computer Weekly has established that the email address used by the fictional Adam Carter – op@d3f.uk – was set up on Creative Insomnia’s email system in 2014, and used to run accounts on Reddit, Twitter and Disqus. The email used was on the same domain as Leonard’s Defianet site. As the company’s sole server manager, Leonard was the only person able to create new websites and email addresses.

When the Twitter account @with_integrity used the email address in 2016, the writer described himself as a “CTO/software developer/ex-blackhat” from England – a description matching Tim Leonard. During the US elections, @with_integrity and Leonard’s other accounts began circulating media attacks on Hillary Clinton, describing her as a “fracking warmonger”. The Twitter account, which was later also given the fake name Adam Carter, trolled mainstream journalists or academics who disagreed with conspiracy theories Leonard encouraged in early 2017. On unmoderated social networks permitting hate speech, “Carter” later linked to American neo-Nazis such as “Anna” and promoters of the Daily Stormer neo-Nazi website. One @with_integrity tweet asked for confirmation that the cyber security expert who first spotted Russian hackers was Jewish. “Social media activity patterns [suggest] possible observance of the Sabbath,” he told followers. After his hidden sites were discovered in December 2017, Leonard told Creative Insomnia founder Mark Butler that he had created g-2.space for an “old friend” called Ken. In a letter, he referred to “further enquiries regarding g-2.space in relation to some points Adam/Ken has asked me to look into”. Leonard told Butler that Ken – the mysterious friend he claimed was running the Adam Carter operation – was Ken McClelland, a programmer who had worked with Leonard in Methlabs, a group building a software firewall. This was untrue, Computer Weekly has found. Journalists traced McClelland to western Canada, and interviewed him. Asked why he had lied about McClelland and the accounts he had created, Leonard did not reply.

One document – a tip-off file obtained in June 2017 by Leonard’s site from an “anonymous source” – took new disinformation all the way to the White House and the CIA. The untitled file included complex details explaining how to unlock information inside a tranche of files released by Guccifer 2.0 in London. Metadata in the files had been manipulated to “prove” that the documents could have been stolen by a Democratic National Committee (DNC) employee. Until the file arrived, the information hidden in the files, created by the GRU hackers and known only to them, had not been detected by security experts. The document, rewritten for propaganda effect, was published three weeks later and claimed to be the work of a new fake personality called Forensicator, which claimed that stolen DNC documents were copied to a computer located in the eastern US. If correct, it was devastating news for US intelligence – because it cleared the Russians. Some former intelligence officials, from a group called Veteran Intelligence Professionals for Sanity (VIPS), backed up the claim. A group, including William Binney, a former technical director at the US National Security Agency (NSA), and former CIA officer Ray McGovern, were persuaded, without checking the file data, to say that the hacking was the work of insiders. According to former NSA technical manager Tom Drake, “Ray’s determination to publish claims he wanted to believe without checking facts and discarding evidence he didn’t want to hear exactly reproduced the Iraq war intelligence failures which the VIPS group was formed to oppose”. He and other VIPS members refused to sign McGovern’s report. But the VIPS endorsement was repeated by American media, from respected left-wing publication The Nation to controversial right-wing site Breitbart News. The ploy succeeded – and made it to the White House. Binney was invited on to Fox News and said allegations that Russia had hacked the DNC were unproven. Trump then told CIA director Mike Pompeo to see Binney to find evidence to support the claims. Pompeo met with Binney on 24 October 2017. Binney said he told the CIA chief that he had no fresh information. But he said he knew where to look – in the surveillance databases of his former intelligence agency, NSA. As a former top NSA insider, Binney was correct, but not in the way he expected. NSA’s top secret records, disclosed in the DoJ indictment earlier this month, lifted the lid on what the Russians did and how they did it. A month after visiting CIA headquarters, Binney came to Britain. After re-examining the data in Guccifer 2.0 files thoroughly with the author of this article, Binney changed his mind. He said there was “no evidence to prove where the download/copy was done”. The Guccifer 2.0 files analysed by Leonard’s g-2.space were “manipulated”, he said, and a “fabrication”.

The GRU used multiple units to conduct “large-scale cyber operations to interfere with the 2016 US presidential election”, according to the US hacking indictment. The operations involved “staged releases of documents stolen through computer intrusions”, including by Guccifer 2.0, WikiLeaks and DCLeaks, another front observed being set up by the GRU. Security experts have been stunned by the depth and detail of US intelligence information on the hackers in the indictment. Some of the detail could likely only have come as the results of counter-attacks on the GRU, implanting malware that was copying screens and keystrokes, at the same time they were doing the same to officials in the Democratic Party. The main Russian attack began in March 2016, and used large-scale phishing attacks that acquired the email accounts of members of Hillary Clinton’s campaign team, including campaign chairman John Podesta. Staged releases began in June 2016. Three days before the start of the Democratic National Convention on 22 July 2016, WikiLeaks published the first of 44,053 emails from the senior democrats’ accounts, including 17,761 attachments. Some of the emails appeared to show bias by top-level Democratic Party officials in favour of Clinton. Four top DNC officials quickly resigned, throwing Clinton’s nomination convention into disarray. Guccifer 2.0 claimed credit, tweeting – accurately, it now appears – that WikiLeaks had published documents “I'd given them”. Donald Trump loved it, telling a Florida news conference that Russia should increase its cyber espionage: “Russia, if you’re listening, I hope you’re able to find the 30,000 emails that are missing.” Trump repeated his view a month before US election day, telling a Pennsylvania crowd: “I love WikiLeaks!” The Russian attacks included creating fake social media “posing as US persons... to interfere with US political and electoral processes” in order to defeat “the lawful governmental functions of the United States”, according to another grand jury indictment released in February. The indictment charged 13 Russians working for the St Petersburg Internet Research Agency – known as the “troll factory”. Impersonating a US citizen to interfere in elections is a crime in the US, irrespective of the country where it takes place. Leonard’s @with_integrity Twitter account had also posed as a US citizen in the same period.

At the start of his career, Leonard helped create a firewall system, PeerGuardian, which was designed to block music industry investigators from infiltrating networks where computer users shared music in breach of copyright laws. Leonard worked with a group of privacy and piracy activists in Europe, Canada and the US. His online name was Method. Leonard’s website Methlabs was used to develop and support PeerGuardian. His blog posts on Methlabs promoted Ecstasy test kits, shared cracked programs and hacks, and threatened distributed denial of service (DDOS) attacks on film industry anti-piracy teams. Leonard was later hired to run servers for Simplyclick, a now-defunct portal which provided intranets for British schools. Evidence recorded by the Internet Archive shows that he hid blocking lists of film industry investigators’ addresses inside Simplyclick’s infrastructure. Archived evidence from Simplyclick also refers to a Methlab tool, XS. Leonard began creating networks of anonymous media accounts after he joined Welsh internet firm Creative Insomnia. In many of the accounts, he pretended to be a US citizen and Democratic Party supporter, posting thousands of angry, expletive-loaded comments. With a hissing cat as avatar, in August 2010 he signed up to blog host Disqus as @Retaliate. He added more anonymous Disqus accounts – @InconvenientProof and @OptimumCognition. Leonard again offered to exploit servers he was responsible for managing. In November 2010, he told other programmers: “I can certainly host a site ... the boxes I’ve got should be able to handle a fair bit of traffic ... of course it would be free.” Leonard has refused to explain why he started building and running profiles in which he pretended to be a US citizen. Social media activity seen by Computer Weekly shows that he subscribed to US conspiracy theory sites, including Breitbart News, Infowars and Bulltruth. After building Defianet’s website, he added a new Disqus account – @Inviolable – and joined Reddit as d3fi4nt (Defiant). Both accounts used his Creative Insomnia email address, op@d3f.uk. On Reddit, d3fi4nt posed as a US-based Democrat supporter of Bernie Sanders, publishing hate messages targeted at Clinton, and signed up to The Donald, an exclusive Reddit location for Trump supporters, as well as r/Conspiracy, a notorious watering hole for conspiracy theorists. On Disqus, @Retaliate and @InconvenientProof posted attacks on Clinton, following the same messaging at the same times as known Russian trolls. @InconvenientProof and d3fi4nt also operated as sockpuppets, referencing other Leonard-operated accounts and activity. @OptimumCognition focused on media industry claims to be losing revenue to pirates, writing: “Prove your alleged losses ... or shut up and fuck off.” His @Retaliate and @InconvenientProof Disqus accounts participated in alt-right US news groups, including Breitbart News Network, a far right-wing platform created by former Trump advisor Steve Bannon. Disqus expelled the Breitbart group in 2017 after it was described as “one of the vilest cesspools on the internet ... the worst of humankind” for supporting racism and neo-Nazis. On a Creative Insomnia domain called ciuk.eu, Leonard created multiple private personal mailboxes, using initials and false names. According to the website Have I been pwned?, email address t@ciuk.eu subscribed to games hacking websites PS3hax and Multiple Game Player Hacks (MGPH) in 2014 and 2015. On a single day in 2015, Leonard created two new Disqus accounts using ciuk.eu addresses: @InconvenientProof, linked to tix@ciuk.eu; and @OptimumCognition, linked to a ciuk.eu mail address for a Sarah Thomas. IP addresses used to log in to these accounts, seen by Computer Weekly, showed that the user often used a VPN anonymiser service. When, like Guccifer, Leonard forgot to switch on his VPN, he was using addresses provided by Virgin Media broadband in the UK. Fixed Virgin IP addresses used were assigned to Haughton Le Skerne – the small Darlington district where Leonard purchased a house in 2007. At first, Defianet looked like the work of an ambitious hacktivist. The site focused on torrents and security, advertised discussion fora, claimed to run unique “d3fcrypt” encrypted chat channels, as well as a torrent “magnet link collection” called MASS. A “proxy relay” offered to users was built inside Creative Insomnia’s systems (see image above). The Defianet link was running at the time of publication, and is archived here. Logged in test users included Method and Retaliate. Defianet’s original front page stated that it was created by m3th0d (Method) and three others. Method is Leonard’s nickname. On Reddit, Disqus and Twitter, Leonard published the email address op@d3f.uk. Emails sent by that account passed through Creative Insomnia’s mail server, mail.creativeinsomnia.co.uk.

As US election campaigns ramped up in May 2016, Leonard’s Defianet email address, op@d3f.uk, was used to create a new Twitter account, @with_integrity. The name, he said, was a parody of Clinton’s campaign slogan, “I’m with Hillary”. The profile displayed a WikiLeaks avatar. For 10 days in 2016, @with_integrity trolled and attacked the Democratic Convention, accusing the Democrats of collusion, conspiracy, cheating, corruption, rigging elections and sabotage. On 22 July 2016, @with_integrity tweeted a link to the Russian propaganda and news channel, RT, claiming that primary elections had been rigged. On 26 July, as delegates voted, @with_integrity tweeted a new RT attack on Hillary Clinton. After Clinton was nominated, @with_integrity followed the Russian trolls’ path in supporting Donald Trump, retweeting Trump slogans, including #CrookedHillary, #LockHerUp, #MakeAmericaGreatAgain and #VoteOnlyTrump, and a third link to a “special episode” on RT. Two months after g-2.space was launched, Leonard’s @with_integrity Twitter account also started claiming to be run by Adam Carter. The previous WikiLeaks symbol was replaced by angular lettering (IWI – I’m with Integrity) created in an obscure typeface called Critical Mass LDR. Leonard used the identical typeface to create Defianet’s logo and for a special program used by “Carter”, which he called Hexcell. Fragments of Hexcell were left inside Creative Insomnia’s servers after Leonard was ordered to shut down Defianet. Leonard has admitted that he ran the Hexcell program from his personal folder inside Creative Insomnia, called Timtest. Leonard created the Hexcell program in a failed attempt to find data proving Guccifer was a former Democratic Party manager. On g-2.space, Leonard published multiple contradictory descriptions of who Carter was supposed to be. His blog first claimed: “I am NOT a journalist or reporter ... I’m just a civilian that noticed some oddities.” Days later, it claimed the opposite: “An independent, investigative ‘citizen journalist’ from the UK.” Meanwhile on Twitter, “Carter” described himself as a chief technology officer (CTO), a software developer and ex-blackhat, an Englishman living in England – an accurate description of Leonard. “[I was] schooled by other hackers while working as a software developer and maintaining servers,” Leonard posted on Disqus in 2011, as @Retaliate. Last month, his Carter account claimed on Steemit: “I know what it feels like to have unauthorised access to hundreds of servers that you’re not supposed to have access to. Fortunately, for the past 15 years, I’ve been working in IT in a far more legitimate capacity and currently manage an array of servers.” Hacking to gain unauthorised access to computer stystems – blackhat hacking – is an offence in the UK under the Computer Misuse Act, punishable by a maximum of 10 years in prison and a fine.

Leonard’s first theory about Guccifer 2.0, posted to Reddit’s “r/conspiracy” subreddit in October 2016, was that “the feds (FBI) did it”. Guccifer 2.0 (G2) was really being used by the FBI, similar to compromised Lulzsec hacker Sabu in 2011, he claimed. Leonard had blogged at the time that he was the first person accurately to spot that the FBI had got control of Lulzsec. In February 2017, Leonard’s g-2.space site proclaimed “Game Over”. On Reddit, he threatened a campaign of “disruption” against media outlets unless they agreed to stop reporting the US intelligence assessment on Russia, or failed to report as fact his theory that Guccifer 2.0 was a Democratic Party insider. “Media entities will then be given seven days from confirmation of receipt to clean up their act and cease reporting” – otherwise, he would “red card violators”, he told Reddit.

The second theory, published on g-2.space, was that G2 could not be a hacker, because a stolen DNC “opposition research” file published on 15 June 2016 “took a mere 30 minutes to go from a DNC contractor creating documents to Guccifer2”. This theory was unfounded.

Leonard’s third theory involved the program called Hexcell, which he had installed on a Creative Insomnia server. Hexcell’s purpose was to decode “binary large objects” to prove that G2 was “a misdirection effort”. He tweeted Goo.gl short links using the program to hashtag #Guccifer2. When run, the links accessed cached copies of analyses stored inside Creative Insomnia. The cached copies recorded giveaway internal filepaths to his Timtest folder (blocked from external access). After Leonard admitted creating the Timtest folder and the giveaway Hexcell links, the files disappeared.

Theory number four claimed that the DNC was hacked by Crowdstrike, the security company it had hired to kick out the Russian hackers. Four days later, according to g-2-space theory number five, a group of Ukrainians were claimed to be the real hackers – citing evidence that they had visited the White House on the day of the hack.

His g-2.space site then complained to 100 US senators that they had ignored his finding that the hacking could not have been done by Russians. None were interested. He then circulated 150 foreign ambassadors in London complaining of a “serious ... threat to global stability” if his theories were “not investigated properly”. The g-2.space theory that worked – the theory that President Trump pushed to the CIA – was based on a unique document dump by Guccifer 2.0, in Britain.

On 20 August 2016, UK conference organisers PSBE Events, part of iMember Media group (iMM), announced a world exclusive. They had booked the world’s then most notorious hacker – Guccifer 2.0. Guccifer 2.0 would appear in person for the first time, they promised, in a video “live stream” at their September conference in London, Future of Cyber Security Europe 2016. Publicity for his talk, called Hacking Insights from Guccifer 2.0, generated “an awful lot of excitement”, they tweeted. The GRU team had three weeks to decide what to say and do in London, after getting the conference invite. They played up a theory which had started to circulate in obscure conspiracy-focused chat-rooms on 4chan and Reddit, placing blame on Seth Rich, a then recently murdered DNC employee, for the DNC leaks. Two bullets in the back had taken the life of 27-year-old DNC researcher Rich, as he walked home from work late at night in Washington. The date, significant to how his death was later exploited, was 10 July 2016. Two weeks later, in a private message exchange with Guccifer 2.0 published by a US actress, the pretend hacker referred to Rich’s death and claimed, “His name is Seth, he was my whistleblower”. Rich’s bereaved parents have repeatedly pleaded for the torrent of conspiracy claims about their dead son to come to an end. “Anyone who claims to have such evidence is either concealing it from us or lying,” his father Joel said, adding: “They have a transparent political agenda or are a sociopath.” WikiLeaks founder Julian Assange also planted a public pointer to Rich, after Guccifer 2.0 claimed to have provided the stolen DNC emails to WikiLeaks – a claim also shown to be accurate, according to evidence described in the latest US indictment. On 9 August 2016, WikiLeaks tweeted a $20,000 reward offer for information leading to the conviction of Rich’s killer. WikiLeaks had previously offered rewards for leaks, but never, before or since, used the tactic to point to a possible confidential source. WikiLeaks attempted to backtrack the next day. Forensic analysis of the files prepared for the conference suggests that the GRU team then hoped to exploit the London conference opportunity by framing Rich. By early September 2016, Guccifer 2.0’s operators had 2,280 stolen DNC files ready to publish at the conference. None of the files concerned Rich or his work. File internal data analysis shows that they were all stale, deadwood information, and of no relevance in 2016. All had been completed and closed before the previous presidential election in 2012. Using a combination of copying and compression techniques, the “last modified” timestamps of all but 12 of the aged files was changed to 5 July 2016, just five days before Rich was killed and 17 days before WikiLeaks published its first share of the DNC hacks. While this was done, the computer in use for copying had its clock set to Eastern Daylight Time (EDT), the zone covering Washington DC and the eastern US seaboard. Conference organisers had previously asked former British hackers to present the speech, but they declined. Mustafa Al-Bassam, a former hacker from the Lulzsec group, said: “I didn’t want to be a representative for potentially illegal hacking activities.” News teams arrived at Prospero House, a conference centre near London Bridge, on 13 September 2016, and were disappointed. There would be no live streaming. Instead, the hackers had sent the organisers instructions, including a prepared speech, a PowerPoint show published here for the first time, and a link to a uniquely structured compressed file of stolen data. Conference presenter Tim Holmes read Guccifer’s long, rambling, ungrammatical statement. Holmes displayed a slide giving an internet address from which to download the files, and the password to unlock them. Guccifer’s PowerPoint presentation, a pseudo-hacktivist rant, mixed much-derided Comic Sans lettering with images lifted from TV’s Mr Robot. The Guccifer script claimed that the hacks had exploited flaws in NGP-VAN, the voter analysis system used by the Democrats. This claim was not supported by an explanation, or by the contents of the stolen files, and has been refuted by the company. Mark Hilton, solicitor for iMM group and Cyber News, told Computer Weekly: “My client simply invited [Guccifer 2.0] to present at the conference. My client did not stipulate or dictate the concept of the presentation. My client ... was never informed as to the existence and content of the hacked information/data.” When users on Twitter asked how to open the hacked container of DNC files, the Twitter account run from Leonard’s d3f.uk’s email server – @with_integrity – tweeted the password “for anyone struggling”. The password was GuCCif3r_2.0 – the fake hacker’s name in “leet speak”.

The team that created Forensicator, including Leonard, gave away that they were not the real authors of the analysis when they inaccurately copied a Linux “Bash” script they had been sent, breaking it. This suggested that they did not write, understand, or test the script before they published. Someone else had sent the script, together with the fake conclusion they wanted discovered and published – that DNC stolen files had been copied in the US Eastern Time zone on 5 July 2016, five days before DNC employee Seth Rich was killed. Uncritical reporters failed to spot that the Forensicator blog gave no evidence for its conclusion, which was that the data analysed was evidence of theft by local copying happening within the eastern US. The Forensicator report avoided pointing out that the time stamps examined were present only in the special London group of documents, and not in tens of thousands of other DNC files published by WikiLeaks or Guccifer 2.0. The files were manipulated using an unusual method of file packing, forensic checks show. Because of computer clock settings, the packing operations appeared to have created “evidence” that the stolen files had been copied in the US Eastern Time zone, which includes Washington. US Eastern Standard Time (EST) is normally five hours behind Coordinated Universal Time (UTC) – better known in Britain as Greenwich Mean Time (GMT). In summer months, clocks are set forward, placing the US Eastern Daylight Time (EDT) four hours behind UTC. The difference between a time zone and UTC is the offset. It is trivially easy for any computer user to change their time, date and time zone offset, using standard controls. The files released in London, we found, had first been processed in this way to show timestamps for 5 July 2016. Some 13 groups had then been compressed using WinRAR 4.2. Nine additional files were compressed using 7zip. The archive, called 7dc58-ngp-van.7z, was published in this format, as a single file of 680MB. This dual compression method was unique to the London documents. It was not used in other file dumps released by Guccifer 2.0, WikiLeaks or other publishers of stolen DNC material. The special method used two different file compression systems, 7zip and WinRAR, and required using a four-year-old, superseded version of WinRAR to obtain the required result. The way the Russians did it, the two compression operations appeared to overlap within a single 20-minute period. The tampering may have been done on 1 September, a week before the London conference. On inspecting the full data analysis, Binney agreed: “It’s clear G2 is messing with the data. Everything G2 says is suspect and needs to be proven by other sources/means. I agree there is no evidence to prove where the download/copy was done.” He added: “The merger of data from 5 July and 1 September ... makes all the G2 crap a fabrication ... we should only say what we can prove with evidence.” Privately, Binney says his colleague Ray McGovern, who has also pushed the Forensicator theories, accepts that there is no evidence where the files were really copied. “Ray no longer argues that point – except to call it an ‘alleged location’,” said Binney. McGovern has refused to confirm this, or to answer questions about evidence for his claims. Despite accepting that there was no evidence, Binney and McGovern have not retracted the claims in the 2017 VIPS report at the time of writing. In a bizarre and telling sequel, a retired engineer later spotted that some files released in London had popped up a second time in a batch of so-called “Clinton Foundation” files published by Guccifer 2.0 in October. But the file modification times were one hour different. This happens if computer time zone settings are being manipulated as files are copied and recopied, as described above. This was an inconvenient truth. Accepting that the engineer, Steve McIntyre, was factually correct, the Forensicator came up with a comic and far-fetched explanation to avoid talking about clock tampering. Their explain-it-away theory was that in 2016 their alleged DNC leaker had transferred the aged problem files from Washington to a computer using US Central Time, one hour behind DC time. The leaker then copied the files to a thumb drive in the Central Time zone, flew “back to the East Coast” and copied it again for public release. To assist readers’ understanding, they published a large map showing how to fly memory sticks from Washington to New Orleans, and back again. The obvious, simple explanation was that hackers were manipulating computer clock settings. The observed changes would have taken seconds.

It took a month to locate Ken McClelland, the Canadian programmer who Leonard told his boss was the real Adam Carter – the friend he claimed to have built the sites for. With the assistance of Canadian TV company Global, we found and spoke to McClelland. McClelland lives in Kelowna, a scenic British Columbia town in the eastern Rockies, astride Canada’s main east-west highway. Leonard’s claim that McClelland was the real Russian disinformation agent had initially appeared to have substance. At the time Leonard and McClelland worked together, McClelland’s online name had been d3f, as used in the Defianet site name, d3f.uk. Leonard and McClelland, then 16 years old, had worked together to build PeerGuardian, the firewall system designed to block music industry investigators from infiltrating P2P networks. Leonard was “lying”, says McClelland. Leonard had “set him up to cover himself”. He had never heard or known of d3f.uk or Defianet. McClelland added that he had stopped using d3f as an online nickname by 2010, he and Leonard had never met in person, and Leonard had not asked for permission to use his online name. “I haven’t talked to the man in a decade. It’s a pissoff,” McClelland added, in the TV interview.

In a letter admitting setting up the hidden Creative Insomnia sites, Tim Leonard wrote: “No crime has been committed by myself nor has any crime been committed through those sites.” Computer Weekly is not suggesting that Leonard or any of the websites associated with him has committed any crime. Last December, after another IT publication asked about Carter, staff received threats, sent through Creative Insomnia’s email systems, managed by Leonard and signed Adam Carter. The emails threatened: “I can generate a lot of noise... I already have an article prepared. I am prepared to write a much more muted, sanitised version that won’t inherently be propagated by a bunch of independent media outlets ... all depends on how everyone else wishes to proceed.” If a story was published, he said, the publication would “end up spontaneously combusting”, and the author of this article would “burn”. When Leonard was called, he claimed the author of this article was an “American-style Russiagater”. On Imgur, Leonard published all the enquiries sent to “Carter”, accompanied by his own evasive responses. On Twitter, “Carter” published part of an email addressed to Leonard. Two days later, the “Carter” operation merged with Disobedient Media, and Carter appeared on the site as a “technology correspondent”. Leonard’s other responses have been revealing about his operations. Within two hours of being approached and photographed by the Sunday Times at home in Darlington, the Adam Carter account was used to tweet: “I’m anticipating character attacks, straw man attacks and other flak from MSM [mainstream media] outlets. Of course, I’m not anticipating they’ll focus on the evidence and research raised.” Within two hours of a Computer Weekly editor asking Leonard’s company for comment, the Carter account clicked to start following him on Twitter. Last week, Computer Weekly sent Leonard a detailed email for comment, addressed to him as Mr Leonard, to his Creative Insomnia email address and his defianet@protonmail.com email. The reply was signed “Adam Carter” and came from the email address defianet@protonmail.com, which Leonard has used since the start of 2018. Leonard did not respond to the specific questions we asked. As Carter, he has tweeted: “Those behind Guccifer 2.0 sacrificed their own hacking claims in an effort to point out that Seth Rich had dealings w/Russians when alive.” On Reddit, as “d3fi4nt”, he has stated his target: “To be clear – I believe Seth Rich was the source for the DNC leaks.”

According to US deputy attorney general Rod Rosenstein when releasing the latest indictment, the hacking and disinformation activities he described were part of a larger plan to “spread divisive messages” and to “spread disinformation and to sow discord on a mass scale in order ... ultimately to undermine the appeal of democracy itself”.

150 дней за решеткой и 206 дней под домашним арестом провел киевлянин Антон Тимохин из-за то, что его никнейм Grower совпал с никнеймом хакера, которого разыскивает немецкая прокуратура.

4 ноября 2016 года Тимохин, сам того не зная, стал фигурантом резонансного уголовного дела в отношении организаторов международной мошеннической киберсети Avalanche. По данным прокуратуры Германии, мошенники украли у интернет-пользователей по всему миру сотни миллионов евро.

26 февраля 2018 года украинский суд арестовал главного организатора киберсети Avalanche Геннадия Капканова. Но были также и другие преступники, например, администратор киберсети.
Так, в международном расследовании принимало участие американское ФБР. Его специалисты взломали переписку организаторов Avalanche и установили, что администрирует ее человек под псевдонимом Grower.

После этого прокуратура Германии обратилась в Главное следственное управление Нацполиции с просьбой установить личность этого человека. Для установления личности хакера украинские правоохранители использовали поиск в сети интернет. В результате никнейм Grower совпал с никнеймом, который Тимохин указал в своем профиле "Вконтакте". Совпадения по никнейму, IT-образования и работы в IT-компании оказалось достаточно, чтобы попасть за решетку. По крайней мере, так посчитал замглавы Печерского райсуда Киева Олег Билоцерковец, который назначил Тимохину арест.

Сейчас с Тимохина снята мера пресечения в виде домашнего ареста, но он все еще подозреваемый. Досудебное следствие в отношении него не закрыто...

Мораль сей басни такова, что отец Юрия Луценко - первый секретарь Ровенского областного комитета КПСС и яблоко от грушки не далеко падает, а апельсины на яблоне не растут!

In Science on March 8th, Soroush Vosoughi and his colleagues at the Massachusetts Institute of Technology present evidence that, on Twitter at least, false stories travel faster and farther than true ones. The study, carried out at MIT’s Laboratory for Social Machines, showed this by examining every tweet sent between 2006 and 2017. The researchers used statistical models to classify tweets as false or true, by applying data taken from six independent fact-checking organisations. That allowed them to categorise over 4.5m tweets about 126,000 different stories. Those stories were then ranked according to how they spread among Twitter’s users. The results were stark. False information was retweeted by more people than the true stuff, and faster to boot. True stories took, on average, six times longer than falsehoods to reach at least 1,500 people. Only about 0.1% of true stories were shared by more than 1,000 people, but 1% of false stories managed between 1,000 and 100,000 shares.

The reason false information does better than the true stuff is simple, say the researchers. Things spread through social networks because they are appealing, not because they are true. One way to make news appealing is to make it novel. Sure enough, when the researchers checked how novel a tweet was (by comparing it, statistically, with other tweets) they found false tweets were significantly more novel than the true ones. Untrue stories were also more likely to inspire emotions such as fear, disgust and surprise, whereas genuine ones provoked anticipation, sadness, joy and trust, leading to the rather depressing conclusion that people prefer to share stories that generate strong negative reactions. Perhaps not coincidentally, fake political news was the most likely to go viral. The paper also sheds some of the first peer-reviewed light on the impact of “bots”—automated accounts posing as real people. The idea that Russian bots in particular helped sway America’s presidential election has lodged itself firmly in the public consciousness. Yet the paper finds that, on Twitter at least, the presence of bots does not seem to boost the spread of falsehoods relative to truth.

Nuclear scientists working at the All-Russian Research Institute of Experimental Physics (RFNC-VNIIEF) have been arrested for using lab supercomputing resources to mine crypto-currency. Located at the Federal Nuclear Center in the Russian city of Sarov, the site is home to a 1 petaflops (peak) supercomputer, installed in 2011. Due to the organization’s high secrecy level the supercomputer is not publicly ranked, although it’s purported to have a Linpack score of 780 teraflops. The scientists’ plans were foiled when they attempted to connect the classified nuclear resource to the internet. The facility’s security team was alerted of the breach and the involved parties were turned over to the FSB, Russia’s principal security agency.

The closed city of Sarov is where USSR’s first nuclear bomb was produced leading to the testing of “First Lightning” on August 29, 1949. The city is overseen by Rosatom, Russia’s nuclear energy corporation, which its website attests, “produces supercomputers and software as well as different nuclear and non-nuclear innovative products” and is the largest electricity generating company in Russia.

Here’s response from the staff of Livermore Computing (LC) at the Lawrence Livermore National Laboratory (LLNL): "In general, though, it’s fun to think about how you could use lots of supercomputing power for Bitcoin mining, but even our machines aren’t big enough to break the system. The number of machines mining bitcoin worldwide has been estimated to have a hash rate many thousands of times faster than all the Top 500 machines combined, so we wouldn’t be able to decide to break the blockchain by ourselves. Also, mining bitcoins requires a lot of power, and it’s been estimated that even if you used our Sequoia system to mine bitcoin, you’d only make $40/day. The amount we pay every day to power the machine is a lot more than that. So even if it were legal to mine bitcoins with DOE supercomputers, there’d be no point. The most successful machines for mining bitcoins use low-power custom ASICs built specifically for hashing, and they’ll be more cost-effective than a general purpose CPU or GPU system any day."

Privately-networked government supercomputers are a hard target, but government websites this week proved vulnerable to cryptomining attacks. As reported, hackers exploited a number of government websites, including the U.K. Information Commissioner’s Office (ICO), using malware called Coinhive to turn visitors’ compute cycles into cryto-cash. According to British security research, more than 4,000 websites around the world were infected with the malicious program that mines for the anonymous cryptocurrency Monero by hijacking vistors’ computers.

China, Russia, soon all countries w strong computer science. Competition for AI superiority at national level most likely cause of WW3 imo.-- Elon Musk (@elonmusk) September 4, 2017

His fears were prompted by a statement from Vladimir Putin that "artificial intelligence is the future, not only for Russia, but for all humankind … It comes with colossal opportunities, but also threats that are difficult to predict. Whoever becomes the leader in this sphere will become the ruler of the world."

He's less worried about North Korea's increasingly bold nuclear ambitions, arguing that the result for Pyongyang if they launched a nuclear missile "would be suicide" -- and that it doesn't have any entanglements that would lead to a world war even if it did. His view is that AI is "vastly more risky" than the Kim Jong-un-led country.

Last month, he was one of more than 100 signatories calling for a UN-led ban of lethal autonomous weapons.

"Once developed, lethal autonomous weapons will permit armed conflict to be fought at a scale greater than ever, and at timescales faster than humans can comprehend," the letter read. "These can be weapons of terror, weapons that despots and terrorists use against innocent populations, and weapons hacked to behave in undesirable ways.

"We do not have long to act. Once this Pandora's box is opened, it will be hard to close."