IP address is not a proof

Since the 45th President of America won the election, I have been carefully watching the mass hysteria about Russian hackers surrounding the entire thing. To clarify immediately, regardless of what side you are on (Democrat or Republican), if you look at the real-world evidence, it is very clear that the 45th President is the worst president so far.

Now, regarding Russian hacking, was there involvement? Probably, in similar ways U.S. was involved in any other election in the world. Here I would like to address something else, people have claimed that clear evidence of hacking is the IP address origin, and I will give a few examples of why that’s not true, at least not the 'clear' part.

Original photo source: "Threat Cloud Monitor" 

Today, many people us VPN (Virtual Private Network) services, in order to hide their own true IP address, so they will get behind some server faraway in the world, and then access either areas with limited content or download movies. Also, this gives them extra layers of security. Now, traces of the connection exist, but these can be faked or wiped out; it all depends on the VPN provider and nodes in between.

Now, at this point, you can think that U.S. hackers can connect to VPN servers in Russia and, from there, connect to some website in the U.S. In the case of a malicious attack, it would appear the attack is coming from Russia, although the origin is really the same country where the hacker lives.

A second example is the Tor network: usually, to connect between computers on the internet, you would go through servers, but the Tor network uses people’s personal computers, called node relays, to provide connections with the ability to hide the origin of the connection.

On top of all this, imagine that each computer can be infected by a special type of virus that does not do any harm (spy, delete or encrypt files, or similar) to the host computer; it only uses the host to hide its own origin. It will just use a portion of your PC’s or mobile’s bandwidth to transmit requests. If you multiply this by millions of PCs, this can be used for DOS (denial of services) attacks without the PC owners even knowing that their computers were part of that attack.

That being said, the NSA has the most sophisticated tools, and, as of late, we know that many other hackers have the same tools, so, basically, there are many possibilities that the entire thing could have been done from U.S. soil—or any other country, for that matter—blaming Russia for involvement.

Am I trying to defend Russia? No, I am not. In my opinion, there is no such thing as an innocent government. I am merely saying that an IP address cannot be used as relevant evidence, and it would be more beneficial if we stop this paranoia rhetoric that could lead to an even deeper conflict. With everything going right now, it is very easy to imagine things getting out of hand.

Now, people may jump up and start screaming, “What, are you saying we should do nothing?”

No, I am saying being hacked should be thought of like an earthquake: you cannot stop it from happening, but you can do many things to prepare and reduce the damage, and, if you do everything correctly, your defence will be so good that the hack won’t have an impact on any aspect of your life.