RandomGuy I thought you'd find this very interesting as you seem to be convinced it was Russia who was responsible for the hacking, even after being shown how highly flawed the lol CrowdStrike report was.

I'll post the summary here but it's important to go to the actual site so you can follow all of the links/evidence.

http://g-2.space/

Guccifer 2.0: Game Over
Metadata suggests it took only 30 minutes to go from a DNC tech/data strategy consultant creating documents to Guccifer2.0 tainting them - all occurring on a date that Guccifer2.0 claimed to be after he was locked out of the DNC Network - occurring on the same day that Guccifer2.0 emerged.

Data found deeper in files now also demonstrates there was a misdirection effort, that, in its larger scope - seems to have been intended to discredit leaks by having leaks blamed on Russian hackers
LATEST: An extremely rare pair of meetings has been discovered solely by following where Flood would likely have installed MS-Word (he worked for Biden at the White House for a year) and checking Biden's visitors on the 15th of June around 1:38pm. - Considering the attendees potential motives to frame Russia in both meetings, this is either a phenomenal coincidence or Guccifer 2.0's first batch of files came from the White House.

INTRODUCTION

There are individuals, who, in reality, have a higher likelihood of being linked to Guccifer2.0 than anyone in Russia. - The intention of this article is to inform readers, extensively about everything there is to know about Guccifer2.0 and from that, be armed with enough information to give motive and means the regard they deserve.

To understand who Guccifer2.0 is likely to be - it is imperative to understand WHAT Guccifer2.0 is. - What did he do? - What did he say? - Are his claims now confirmed, debunked or yet to be verified? - What were the results of his actions? - What do any lies told and the likelihood of them being debunked or remaining secret really imply about his intent? - Was there anything misreported or omitted that may have been relevant?

The answers to the above questions will probably be surprising to many considering what the USIC, CyberSecurity researchers and the MSM have repeatedly insisted over and over again.

The first step is to catalog events - and then, retrospectively review the data.
CONTENTS

1. Timeline - What Happened & When Did It Happen
2. Guccifer2.0's Claims Debunked & Discredited
3. 3rd Party Assessments - Assumptions & Conjecture vs Evidence & Facts
4. Actions, Consequences & Convenience For Anti-Leak Narratives
5. Rushing To Be Russian - The Donkey In A Bear Costume Made A Mistake
6. Language & Text Analysis
7. Recognizing Intent From Deceptions
8. With Motive & Means - Those More Likely Linked to G2 than Russians
9. Updates & Inquiries With Third Parties
10. 3rd Party Research & Further Reading
11. Frequently Asked Questions

(8) With Motive & Means - Those More Likely Linked to G2 than Russians

It seems like there's a good chance Warren Flood has involvement to some degree but even if that's true - he personally had nothing to lose due to the emails, so, who would really be behind such a scheme?

The more thought I've given it, it seems most probable that one particular group would have been particularly desperate precisely at that time, for the emergence of a narrative about Russian hackers to discredit proper leaks / justify claims that all leaks are 'probably doctored' and they will have very likely known Flood too.

That group is the Clinton Campaign.

As of June 12th, they were in a position where Julian Assange had just announced WikiLeaks' upcoming release of Hillary's emails, she was still under FBI investigation, Trump was attacking Hillary for her use of a private server with his supporters frequently chanting "lock her up!" at rallies).

The campaign was in a desperate position and really needed something similar to a Russian hacker narrative and one where they would be fortunate to have a seemingly clumsy hacker that leaves lots of 'fingerprints' tainting files and bringing the reputation of leaks into question... Sure enough, 2-3 days later, Guccifer2.0 - the world's weirdest hacker - was spawned and started telling lies in an effort to attribute himself to the malware discoveries, etc.




================================================== ===============================





Also...I posted this tweet from Anonymous Scandanavia yesterday thinking it was more pedo related since it focused on Biden being creepy with the children, but it seems to be directly tied to this article and the Ukranians that were visiting Biden in the White House during the time of the server breach and Warren Flood (Biden's technology director)

859135853322547201


Details in link

http://g-2.space/jb/

White House Meetings on Ukraine Coincide With Time of Russian Fingerprint Fabrications - Pursuing Guccifer2.0's 'Warren Flood' Connections
By Adam Carter --- April 29th, 2017

In my research to investigate the real identity of Guccifer 2.0, I discovered that the name Warren Flood applied to more documents than had originally been reported and highlighted the unusual nature of those documents both in terms of the metadata and the RSIDs (and Russian Stylesheet that existed in multiple documents even before the content in each document did) and explained that this demonstrates an effort to try to discredit Wikileaks by blaming leaks on Russian hackers.

Considering where copies of Microsoft Word installed by Flood (highlighted in the photo above with Biden) might exist besides on computers he owns, I considered his past role as Sen. Joe Biden's Technology Director (as noted on his Linked-In profile) and thought one place to look for interesting activity would be computers residing in Biden's office or generally at the White House.

So, I wondered who may have visited Biden that day around that time. I thought I'd check out visits to the White House hosted by Biden, wondering whether there'd be any interesting activity anywhere near 1:38pm on June 15th 2016.

It turns out that Biden was hosting visits from a number of Ukrainians around that time, on that date. To see how frequent this sort of activity occurred I checked the whole of June. - It seems such visits were not a regular occurance.

(Times below are appointment times, some individuals turned up before their 2pm appointment)

An attempt to quickly identify visitors in June showed the folllowing had a Ukraine connection:

While this doesn't prove anything, it certainly is a curious coincidence to stumble upon while looking for activity of people that might have had a motive (or helped with an effort) to frame Russia.

US visitors that day also have ties back to events surrounding the Ukrainian 2014 revolution and/or reporting on it (with the exception of Kuklish who is an English-Ukrainian translator).

I'm not going to get into speculation. I've let journalists who have written extensively on the Ukraine coup know about this and will leave this up to them to pursue, if they wish to.

UPDATE: A closer look at the actual booking/arrival times, room numbers, other visits, etc. shows that, on the 15th, there were effectively 2 meetings. One of which had at least 18 individuals attending (Stoliarchuk is listed at 1:30pm and 2:00pm) and another with at least 4 attending.

TLDR.

Summary?

Have to plead a bit of eyestrain here. My old ass is in need of reading glasses, sorry, my eyes are watering and blurry.

TLDR.

Summary?

Hack/breach sloppily made to look like Russians
Most likely Ukranians responsible


The links give way more detail. Trying to copy/paste did not format well and left links cold.

Have to plead a bit of eyestrain here. My old ass is in need of reading glasses, sorry, my eyes are watering and blurry.

I feel your pain. :lol

Putting this together with the news that CrowdStrike had to rewrite their original Russia report (FBI based their conclusion off original report because DNC wouldn't allow them in their server) twice now because of errors really takes a fat shit on the Russian hacking narrative that has been pushed.

Game over: Take 100. :lol

Boom

Boom

Millions of tax dollars wasted having FBI/CIA/DOJ/Congress investigating Russia and one guy named Adam Carter figures it all out and is able to link it back to Democrats/Ukrainians trying to frame Russia to discredit the leaks about to drop from Wikileaks.

Ballsy plan by the Democrats, poorly executed from the start. CrowdStrike report blew up on them as well after several revisions and it's founder being linked to Clinton.

"The firm’s CTO and co-founder, Dmitri Alperovitch, is a senior fellow at the Atlantic Council, a think tank with openly anti-Russian sentiments that is funded by Ukrainian billionaire Victor Pinchuk, who also happened to donate at least $10 million to the Clinton Foundation."

TLDR.

Summary?

Game over

Whatever happened to vault7?

part 3 released a few days ago. Simple Google.

TSA must contact the US govt, or RNC, immediately with this astonishing discovery

CROFL. Comey implied Stone was invloved with Guccifer. TSA losing again.

Stone himself admitted to messaging Guccifer :lmao

...

Stone himself admitted to messaging Guccifer :lmao

Hey, did you not read this thread? GAME OVER!

CROFL. Comey implied Stone was invloved with Guccifer. TSA losing again.

With the knowledge you've just acquired in this thread, why would it matter Stone was communicating online through social media with "Guccifer"?

Try and articulate a point and not resort to a tweet or emoji.

TSA must contact the US govt, or RNC, immediately with this astonishing discovery

Whoever this Adam Carter guy is he figured it out and presents a compelling case, much more so than any shit the Dems have thrown at the wall. To think the IC doesn't now know what's going on now is just complete ignorance. Question now is whether or not those involved are held to the fire.

This thread will be the antithesis of djohn2oo8's Flynn thread.

This thread will deliver.

Game over.

Hack/breach sloppily made to look like Russians
Most likely Ukranians responsible


The links give way more detail. Trying to copy/paste did not format well and left links cold.

Shocking that something online that would clear the Russians has appeared. I'm sure that faking evidence online is completely not within the Russian intelligence capabilities or interests.

Was the guy writing the webpage in the same country as Guccifer?

This thread will be the antithesis of djohn2oo8's Flynn thread.

This thread will deliver.

Game over.

Make you a deal. You read through the dossier, and I will read this. Quid pro quo.

Russian efforts to influence the 2016 US presidential election represent the most recent expression of Moscow’s longstanding desire to undermine the US-led liberal democratic order, but these activities demonstrated a significant escalation in directness, level of activity, and scope of effort compared to previous operations.
https://www.dni.gov/files/documents/ICA_2017_01.pdf

Something else for TSA to read.

We assess Russian President Vladimir Putin ordered an influence campaign in 2016 aimed at the US
presidential election. Russia’s goals were to undermine public faith in the US democratic process,
denigrate Secretary Clinton, and harm her electability and potential presidency. We further assess
Putin and the Russian Government developed a clear preference for President-elect Trump. We
have high confidence in these judgments.


https://www.dni.gov/files/documents/ICA_2017_01.pdf


Something else for TSA to read.

We also assess Putin and the Russian Government aspired to help President-elect Trump’s election chances when possible by discrediting Secretary Clinton and publicly contrasting her unfavorably to him. All three agencies agree with this judgment. CIA and FBI have high confidence in this judgment; NSA has moderate confidence.
https://www.dni.gov/files/documents/ICA_2017_01.pdf

Something else for TSA to read.

Moscow’s approach evolved over the course of the campaign based on Russia’s understanding of the electoral prospects of the two main candidates. When it appeared to Moscow that Secretary Clinton was likely to win the election, the Russian influence campaign began to focus more on undermining her future presidency.
https://www.dni.gov/files/documents/ICA_2017_01.pdf


Something else for TSA to read.

Further information has come to light since Election Day that, when combined with Russian behavior since early November 2016, increases our confidence in our assessments of Russian motivations and goals.
https://www.dni.gov/files/documents/ICA_2017_01.pdf

Something else for TSA to read.

I am sure that couldn't possibly include covering up their efforts. Nah.

Make you a deal. You read through the dossier, and I will read this. Quid pro quo.

That's not how this is going to work, I've read the dossier multiple times. In fact you still have questions you told me to hold you to concerning the dossier that have gone unanswered.

The dossier can be discussed in the proper thread, let's try and stick to the topic here and focus on the links provided.

Shocking that something online that would clear the Russians has appeared. I'm sure that faking evidence online is completely not within the Russian intelligence capabilities or interests.

Was the guy writing the webpage in the same country as Guccifer?

Are all of the US private security experts who tore apart the DNI also Russian operatives? Is Glenn Greenwald a Russian operative? Are the ex-NSA people who dismantled the CrowdStrike report Russian operatives?

https://www.dni.gov/files/documents/ICA_2017_01.pdf

Something else for TSA to read.

I've read through the DNI many times and posted about it even more, this isn't something new.

The DNI was laughed at by experts in the business of cyber security. The FBI's contribution to the DNI was based on the CrowdStrike report since they were not allowed to run their own forensics on the DNC server, I believe the CIA had to resort to the CrowdStrike report as well but can't confirm. Do I need to provide links to the highly flawed CrowdStrike report that has been revised twice now since the DNI came out or will you just assume whatever author wrote the story is a Russian operative? The NSA obviously did not need access to the server, and low and behold they had the least amount of confidence attributing to Russia. No actual evidence was provided to attribute the hacking to Russia in the DNI.

The only thing the DNI was able to prove was that Russia did not like Hillary and ran propaganda against her online and paid trolls to post on social media. I agree with this assessment and basically it just confirmed that Russian shitposted to influence the election...groundbreaking news.

That's not how this is going to work, I've read the dossier multiple times. In fact you still have questions you told me to hold you to concerning the dossier that have gone unanswered.

The dossier can be discussed in the proper thread, let's try and stick to the topic here and focus on the links provided.

Good. That is all I ask. Thank you.

I've read through the DNI many times and posted about it even more, this isn't something new.

The DNI was laughed at by experts in the business of cyber security. The FBI's contribution to the DNI was based on the CrowdStrike report since they were not allowed to run their own forensics on the DNC server, I believe the CIA had to resort to the CrowdStrike report as well but can't confirm. Do I need to provide links to the highly flawed CrowdStrike report that has been revised twice now since the DNI came out or will you just assume whatever author wrote the story is a Russian operative? The NSA obviously did not need access to the server, and low and behold they had the least amount of confidence attributing to Russia. No actual evidence was provided to attribute the hacking to Russia in the DNI.

The only thing the DNI was able to prove was that Russia did not like Hillary and ran propaganda against her online and paid trolls to post on social media. I agree with this assessment and basically it just confirmed that Russian shitposted to influence the election...groundbreaking news.

Interesting. Did the "experts in the business of cyber security" have access to the full range of classified data and sources supporting this assessment?

A simple yes or no will do.

Interesting. Did the "experts in the business of cyber security" have access to the full range of classified data and sources supporting this assessment?

A simple yes or no will do.

A simple yes or no will not do.

No they did not have access to the full range of classified data. Yes they had full access to the CrowdStrike report that we know the FBI (and quite possibly the CIA) was forced to use for their assessment.

Have you read the original CrowdStrike report?
Have you read the dismantling of the original CrowdStrike report?
Have you read the revised CrowdStrike reports due to said dismantling?
Having read the above three do you still have the same confidence in the FBI's assessment in the DNI report?

boom

Checkmate, tbh

yahtzee

ballgame

curtains

tic tac TOE motherfuckers

This Fancy Bear’s House is Made of Cards: Russian Fools or Russian Frame-up?

Much has been made of the links between Guccifer2.0, Apt28, and whether the Russians have been using Wikileaks as a ‘cut-out’ (‘cut out’ of Russia’s grand scheme to fuck with NATO.) In this article I will attempt to trace said scheme, with the assumption that, at the very least, Wikileaks received the Podesta emails from Russia while DCLeaks and Guccifer2.0 leaked everything else.

Let’s entertain the consensus logic and see where it takes us, beginning with a few (many) basic points of fact.

In December of 2015, an IP address, ‘176.31.112.10,’ was used as command and control for Apt28 X-tunnel for the German parliament hack, which turned up hard-coded in the DNC hack malware, that later shared its SSL certificate with IP ‘45.32.129[.]185.’
Apt28 allegedly spear-phish Podesta emails on March the 19th, 2016. This has been inferred by phishing style fingerprints in the phishing email from the Podesta leaks, dated March 19th.
Podesta emails uploaded from Gmail to Apt28 on March the 21st. Inferred by last email date included in Podesta Leaks.
On the 22nd of March, ‘45.32.129[.]185’ (remember that IP?) registered as misdepatrment.com, presumably a phishing base-station, by ‘[email protected].’
DCLeaks.com registered on 19th April via THCServers.com. THCServers.com name server registered to ‘[email protected],’ which is the same webmail server used to register misdepatrment.com. This is the weakest link. However, THCServer’s name server has 14 other domains registered. Two of which have already been associated with Fancy Bear. Quote from link: “This hosting company [thcservers] also operates larger name servers with over 4,000 domains, so it is unclear why they also operate these smaller name servers. Given that both of these name servers have multiple domains previously associated with FANCY BEAR activity, these could be dedicated to specific customers or those purchasing a certain type of hosting service.” Indeed, ThreatConnect, indeed.

The implication is that DCLeaks.com was part of secret Apt28 infrastructure that was already stinking to high-heaven, on a host known to have produced dodgy hits such as this, this, and this, etc. Funny, I didn’t know Russian secret agents were into using stinky secret agent infrastructure, on top of compromised ransomware and petty scams ‘advanced’ infrastructure. Mustn’t get paid much I guess.

But let’s not conflate these cited scams with Apt28, which would be super outrageous and completely uncharacteristic of cyber-attribution methodology. *Cough*.

Pushing on…

June 8th, ‘latest updates’ posted on DCLeaks.com
Apt28 hackers kicked from DNC network on June the 11, which is super weird because CrowdStrike said Apt28 were ‘in’ during and prior to April, and we know CrowdStrike were working at the DNC by May, so why only kick them out a day before Assange’s impending leaks were announced on June 12? Weird foreshadowing skills. Superhero-like even.
Wikileaks announce impending Clinton campaign leaks on June 12.
June 13th DCLeaks.com page content is archived.
CrowdStrike and DNC announce on June 14–15 that Russia hacked the DNC back in April (but did nothing about it till that previous weekend.)
Guccifer2.0 appears, June the 15th.
The next day the grugq explains it all. Explains that Guccifer2.0 is “A cover hacker identity” … “created to claim credit and shift blame away from the Russian intelligence services,” even though Guccifer2.0 inserted Russian metadata into pristine documents, and even though…
On the 27th of June, Guccifer2.0 points journalists to DCLeaks.com, with a password to an exclusive folder hosted on DCLeaks.com. “Guccifer 2.0 persona responded [to TSG journalists] indicating he had a relationship with DCLeaks, claiming that it was a Wikileaks subproject. He also provided a username and password to the exclusive DCLeaks content. Finally the Guccifer 2.0 persona asked TSG not to link or associate the DCLeaks content to the the Guccifer 2.0 blog.” source

So Guccifer2.0 explicitly linked himself to DCLeaks.com, knowing (I assume) DCLeaks.com was set up all the way back in April using a FANCY BEAR infested name sever. Claimed he gave DCLeaks material, yet DCLeaks started leaking as early as the 8th, a Week before Guccifer2.0 appeared. Guccifer also claimed it was a Wikileaks project. My god, Gucc, trying so hard. Thank Christ someone spotted the Russian metadata; I imagine the whole dog and pony show was getting downright tiring.

Hang on, so this was clearly an overt cyber war now? So Guccifer2.0 was not designed to take the heat off CrowdStrike’s Russia claims, but to help connect the dots? Explains the apparent redundancy of DCLeaks, I guess…

August, Apt28 identified carrying out WADA hack.
September, FancyBear.net claims responsibility for WADA hack. Overtly (apparently) Russian type dudes doing Russian type shit.

So remember the WADA hack? When a bunch of Russians were ejected from the Olympics for doping, and then FSB/GRU allegedly set up a site called fancybear.net, overtly claiming to be The Russians, using Apt28 infrastructure to leak WADA records? Remember, this was after DCLeaks and Guccifer2.0? So, like, making Russian grunty noises even louder, having abandoned subtlety all together? Yep.

Woah there, let’s not jump the gun just yet. Instead of assuming Guccifer2.0 had been intended to connect the dots to DCLeaks, let’s assume his job had been to leak documents not given to Wikileaks. Why not just use DCLeaks? It was already set up. OK, maybe he was simply a mouthpiece, who for some reason didn’t want to be connected to DCLeaks publicly — yet was happy to publish documents which had been pasted into a Russian styled template that also had metadata deliberately altered. Mkay. Oh yeah, and who also claimed DCLeaks was a Wikileaks sub-project. If Wikileaks had set up DCLeaks.com wouldn’t it imply they were part of the THCHosting ‘house of cards’ — Apt28 themselves? Why would Guccifer2.0 want to burn Wikileaks with a great big poisoned ivy bear hug? If Apt28 did indeed give Wikileaks the Podesta emails, could it have been a poisoned chalice? So that’s two birds with one stone: U.S. Russia relations damaged and Wikileaks’ credibility tarnished. Job Done?

Meanwhile it looked as if Hillary was obviously going to be front runner, while NATO continued to build-up along Russian borders, and U.S. disunity on Syria reached fever pitch. Why would Russia want to provoke NATO and mess up their handy-work in the middle east even more, if such a thing were possible? No, let’s kick the hornet’s nest and see what happens with more build-up and tension! Fair enough. Turned out good in the end I suppose, but at the time? No one could have thought Trump would win.

Remember, the ‘sprung with hands in the cookie jar’ theory is completely debunked. These guys were not ‘sprung.’ They were dressed up in giant babushka doll suits, jumping up and down, attempting every conceivable manoeuvre to expose their house of cards to the xth estate and beyond. In addition to the THCServers connection, the command and control IP connection, and inserted Russian metadata connections, just about every high profile target hit had been assumed to be FSB/GRU since as early as 2014 — all based on political motivations and overtly sloppy metadata alone — so cover was already blown.

Since as early as 2014 security professionals had been cautious to point out that the hacks seemed overt — smash and grab — as in ‘to sacrifice a pawn’ — hence dubbed the operation ‘pawn storm.’ But clearly these same security professionals felt the dissonance of a thin veneer (“CyberCaliphate” in the case of the TV5Monde hack) pasted haphazardly over Russian paw prints with a year-old glue-stick that had been left exposed to the sun for too long. So this is inverse reflexive control?

It’s as if Guccifer2.0 deliberately took the hands of journalists and dragged them kicking and screaming to demonstrate his/her links to DCLeaks.com, to see the documents containing Russian metadata, to notice the re-used infrastructure in frikken shared name servers for some reason. FOR CRYING OUT LOUD!

And I’m sorry, but why would Guccifer2.0 be ‘impatient to publish’ when Assange only announced imminent leak days before, and when DCLeaks.com had been registered months before? This ‘impatient to publish’ theory is also debunked. Publishing to Guccifer2.0 and DCLeaks was pretty clearly premeditated, Wikileaks be damned.

Oh yeah, and before I forget, why would you hack outdated Ukrainian artillery software, a version that was probably never used, with an implant that does nothing useful, with recycled Apt28 malware, a variant of which was later found on the DNC? Hmmf. I think I might be beginning to see it now.

Could it be that DCLeaks.com, Guccifer2.0 and Apt28 themselves are at the centre of some kind of deliberately built novelty-sized house of cards? It’s possible.
Possibilities

a) The Russians did it, being cocky fucking Russians, whilst surrounded by NATO, whilst genuine threat of U.S wrathful sanctions threaten fragile economy, whilst Hillary Clinton prepares for no fly zones and operation walking-on-eggshells-around-Turkey and operation inflame-refugee-crisis by constantly re-animating FSA and other ‘rebel’ forces... While deliberately leaving paw prints all over everything. Seems very fucking stupid.

Remember, this is not some covert operation the Russian’s are famous for. It was an operation so scatter-shot and overt it was called pawn storm. Wouldn’t this kind of operation warrant tippy-toes, as opposed to smash and grab while speaking loudly in Russian while leading pet bears around all over the place?

Seems legit.

b) Would even the dastardly ‘deep state’ attack American democracy to hurt Clinton, and to inflame Russian relationships? Definitely do that to other countries sure, but shit on your own front door step? And why target Clinton? She would have been CIA ally number one, and more than complicit in middle east plans to fracture Russia U.S. relations. Very fucking stupid too.

c) Or could it perhaps be… someone else… pretending to be Russian to inflame tensions between the U.S. and Russia? Makes a little more sense, but no evidence. Funnily enough this option is almost never suggested. Everything is always Russia. Even the recent Vault 7 dump has been blamed on Russia.

d) Reality ???
Cards Tumble Across the Grizzly Steppe

At the time of writing, Wikileaks’ Vault 7 was released. Within the trove can be found references to ‘UMBRAGE,’ a CIA program to collect Malware stolen from external sources, presumably to obfuscate attribution. I assume this will be expanded upon in further releases.

“The CIA’s Remote Devices Branch’s UMBRAGE group collects and maintains a substantial library of attack techniques ‘stolen’ from malware produced in other states including the Russian Federation.” — Wikileaks press release

Already one AV researcher, alluded to here …

“has told me that a virus they once suspected came from the Russians or Chinese can now be attributed to the CIA, as it matches the description perfectly to something in the leak.”

Funnily enough the same article dismisses the possibility of false-flag operations altogether. Now I don’t personally think it makes any sense to assume the CIA were Apt28 for stated reasons, but when security insiders scramble to dismiss such claims I tend to think: “The lady doth protest too much, methinks.”

Are the curious events discussed in this article a demonstration of something similar to UMBRAGE? Could such program have been fired against Russia? Stay tuned and unload the jumbo popcorn bags; the story is still unfolding.

https://medium.com/@nyetnyetnyet/this-fancy-bears-house-is-made-of-cards-russian-fools-or-russian-frame-up-59a714243b91

In answer to critics, the Department of Homeland Security and the FBI issued a joint analysis report, which presented “technical details regarding the tools and infrastructure used” by Russian intelligence services “to compromise and exploit networks” associated with the U.S. election, U.S. government, political, and private sector entities. The report code-named these activities “Grizzly Steppe.” [19]

For a document that purports to offer strong evidence on behalf of U.S. government allegations of Russian culpability, it is striking how weak and sloppy the content is. Included in the report is a list of every threat group ever said to be associated with the Russian government, most of which are unrelated to the DNC hack. It appears that various governmental organizations were asked to send a list of Russian threats, and then an official lacking IT background compiled that information for the report, and the result is a mishmash of threat groups, software, and techniques. “PowerShell backdoor,” for instance, is a method used by many hackers, and in no way describes a Russian operation.

Indeed, one must take the list on faith, because nowhere in the document is any evidence provided to back up the claim of a Russian connection. Indeed, as the majority of items on the list are unrelated to the DNC hack, one wonders what the point is. But it bears repeating: even where software can be traced to Russian origination, it does not necessarily indicate exclusive usage. Jeffrey Carr explains: “Once malware is deployed, it is no longer under the control of the hacker who deployed it or the developer who created it. It can be reverse-engineered, copied, modified, shared and redeployed again and again by anyone.” Carr quotes security firm ESET in regard to the Sednit group, one of the items on the report’s list, and which is another name for APT28: “As security researchers, what we call ‘the Sednit group’ is merely a set of software and the related infrastructure, which we can hardly correlate with any specific organization.” Carr points out that X-Agent software, which is said to have been utilized in the DNC hack, was easily obtained by ESET for analysis. “If ESET could do it, so can others. It is both foolish and baseless to claim, as Crowdstrike does, that X-Agent is used solely by the Russian government when the source code is there for anyone to find and use at will.” [20]

The salient impression given by the government’s report is how devoid of evidence it is. For that matter, the majority of the content is taken up by what security specialist John Hinderaker describes as “pedestrian advice to IT professionals about computer security.” As for the report’s indicators of compromise (IoC), Hinderaker characterizes these as “tools that are freely available and IP addresses that are used by hackers around the world.” [21]

In conjunction with the report, the FBI and Department of Homeland Security provided a list of IP addresses it identified with Russian intelligence services. [22] Wordfence analyzed the IP addresses as well as a PHP malware script provided by the Department of Homeland Security. In analyzing the source code, Wordfence discovered that the software used was P.A.S., version 3.1.0. It then found that the website that manufactures the malware had a site country code indicating that it is Ukrainian. The current version of the P.A.S. software is 4.1.1, which is much newer than that used in the DNC hack, and the latest version has changed “quite substantially.” Wordfence notes that not only is the software “commonly available,” but also that it would be reasonable to expect “Russian intelligence operatives to develop their own tools or at least use current malicious tools from outside sources.” To put it plainly, Wordfence concludes that the malware sample “has no apparent relationship with Russian intelligence.” [23]

Wordfence also analyzed the government’s list of 876 IP addresses included as indicators of compromise. The sites are widely dispersed geographically, and of those with a known location, the United States has the largest number. A large number of the IP addresses belong to low-cost server hosting companies. “A common pattern that we see in the industry,” Wordfence states, “is that accounts at these hosts are compromised and those hacked sites are used to launch attacks around the web.” Fifteen percent of the IP addresses are currently Tor exit nodes. “These exit nodes are used by anyone who wants to be anonymous online, including malicious actors.” [24]

If one also takes into account the IP addresses that not only point to current Tor exits, but also those that once belonged to Tor exit nodes, then these comprise 42 percent of the government’s list. [25] “The fact that so many of the IPs are Tor addresses reveals the true sloppiness of the report,” concludes network security specialist Jerry Gamblin. [26]

Cybersecurity analyst Robert Graham was particularly blistering in his assessment of the government’s report, characterizing it as “full of garbage.” The report fails to tie the indicators of compromise to the Russian government. “It contains signatures of viruses that are publicly available, used by hackers around the world, not just Russia. It contains a long list of IP addresses from perfectly normal services, like Tor, Google, Dropbox, Yahoo, and so forth. Yes, hackers use Yahoo for phishing and maladvertising. It doesn’t mean every access of Yahoo is an ‘indicator of compromise’.” Graham compared the list of IP addresses against those accessed by his web browser, and found two matches. “No,” he continues. “This doesn’t mean I’ve been hacked. It means I just had a normal interaction with Yahoo. It means the Grizzly Steppe IoCs are garbage.” Graham goes on to point out that “what really happened” with the supposed Russian hack into the Vermont power grid “is that somebody just checked their Yahoo email, thereby accessing one of the same IP addresses I did. How they get from the facts (one person accessed Yahoo email) to the story (Russians hacked power grid)” is U.S. government “misinformation.” [27]

The indicators of compromise, in Graham’s assessment, were “published as a political tool, to prove they have evidence pointing to Russia.” As for the P.A.S. web shell, it is “used by hundreds if not thousands of hackers, mostly associated with Russia, but also throughout the rest of the world.” Relying on the government’s sample for attribution is problematic: “Just because you found P.A.S. in two different places doesn’t mean it’s the same hacker.” A web shell “is one of the most common things hackers use once they’ve broken into a server,” Graham observes. [28]

The intent of the joint analysis report was to provide evidence of Russian state responsibility for the DNC hack. But nowhere does it do so. Mere assertions are meant to persuade. How much evidence does the government have? The Democratic Party claims that the FBI never requested access to DNC servers. [32] The FBI, for its part, says it made “multiple requests” for access to the DNC servers and was repeatedly turned down. [33] Either way, it is a remarkable admission. In a case like this, the FBI would typically conduct its own investigation. Was the DNC afraid the FBI might come to a different conclusion than the DNC-hired security firm Crowdstrike? The FBI was left to rely on whatever evidence Crowdstrike chose to supply. During its analysis of DNC servers, Crowdstrike reports that it found evidence of APT28 and APT29 intrusions within two hours. Did it stop there, satisfied with what it had found? Or did it continue to explore whether additional intrusions by other actors had taken place?

In an attempt to further inflame the hysteria generated from accusations of Russian hacking, the Office of the Director of National Intelligence published a declassified version of a document briefed to U.S. officials. The information was supplied by the CIA, FBI, and National Security Agency, and was meant to cement the government’s case. Not surprisingly, the report received a warm welcome in the mainstream media, but what is notable is that it offers not a single piece of evidence to support its claim of “high confidence” in assessing that Russia hacked the DNC and released documents to WikiLeaks. Instead, the bulk of the report is an unhinged diatribe against Russian-owned RT media. The content is rife with inaccuracies and absurdities. Among the heinous actions RT is accused of are having run “anti-fracking programming, highlighting environmental issues and the impacts on health issues,” airing a documentary on Occupy Wall Street, and hosting third-party candidates during the 2012 election.[34]

The report would be laughable, were it not for the fact that it is being played up for propaganda effect, bypassing logic and appealing directly to unexamined emotion. The 2016 election should have been a wake-up call for the Democratic Party. Instead, predictably enough, no self-examination has taken place, as the party doubles down on the neoliberal policies that have impoverished tens of millions, and backing military interventions that have sown so much death and chaos. Instead of thoughtful analysis, the party is lashing out and blaming Russia for its loss to an opponent that even a merely weak candidate would have beaten handily.

Mainstream media start with the premise that the Russian government was responsible, despite a lack of convincing evidence. They then leap to the fallacious conclusion that because Russia hacked the DNC, only it could have leaked the documents.

So, did the Russian government hack the DNC and feed documents to WikiLeaks? There are really two questions here: who hacked the DNC, and who released the DNC documents? These are not necessarily the same. An earlier intrusion into German parliament servers was blamed on the Russians, yet the release of documents to WikiLeaks is thought to have originated from an insider. [35] Had the Russians hacked into the DNC, it may have been to gather intelligence, while another actor released the documents. But it is far from certain that Russian intelligence services had anything to do with the intrusions. Julian Assange says that he did not receive the DNC documents from a nation-state. It has been pointed out that Russia could have used a third party to pass along the material. Fair enough, but former UK diplomat Craig Murray asserts: “I know who the source is… It’s from a Washington insider. It’s not from Russia.” [36]

http://www.counterpunch.org/2017/01/13/did-the-russians-really-hack-the-dnc/#_edn16

True if huge

boom


Checkmate, tbh


yahtzee


ballgame


curtains


tic tac TOE motherfuckers

:lol

http://i.imgur.com/4GDv03n.gif

:lol game over
:lol boom

https://i.imgur.com/EmIkpdD.gif

https://i.makeagif.com/media/4-08-2015/7edS1s.gif
DOMINO, MOTHERFUCKERS

https://i.makeagif.com/media/4-08-2015/7edS1s.gif
DOMINO, MOTHERFUCKERS
http://i.imgur.com/0xYSMu0.jpg

A simple yes or no will not do.

No they did not have access to the full range of classified data. Yes they had full access to the CrowdStrike report that we know the FBI (and quite possibly the CIA) was forced to use for their assessment.

Have you read the original CrowdStrike report?
Have you read the dismantling of the original CrowdStrike report?
Have you read the revised CrowdStrike reports due to said dismantling?
Having read the above three do you still have the same confidence in the FBI's assessment in the DNI report?

Reading all of your material requires more time than I have available, and exceeds my interest bandwidth for the minutae.

Does seem like there is a decided effort afoot in the rightwing blogosphere to pick apart the Crowdstrike report, based on the sheer number of links that came up when I did a search for "Crowdstrike report".

Saw a few things that looked like the report, but if you have a quick link or two that might help.

I have some financial analyses I have to knock out today, but if you could provide a specific link I will get reading.

http://i.imgur.com/0xYSMu0.jpg

:lol

The report would be laughable, were it not for the fact that it is being played up for propaganda effect, bypassing logic and appealing directly to unexamined emotion. The 2016 election should have been a wake-up call for the Democratic Party. Instead, predictably enough, no self-examination has taken place, as the party doubles down on the neoliberal policies that have impoverished tens of millions, and backing military interventions that have sown so much death and chaos. Instead of thoughtful analysis, the party is lashing out and blaming Russia for its loss to an opponent that even a merely weak candidate would have beaten handily.


So let's put this information in perspective. Let's put on our critical thinking hats.

What I know:
Russia has both official and unofficial cyberwarfare capabilities. Unofficial capabilities are always very useful as it gives the primary actor plausible deniability. Pay sympathetic private parties to do dirty-work is one of the oldest tricks in the book.

The linked website in the OP obviously displays a sophisticated understanding of a skillset I do not possess.
The author has a very definite point of view, and that is very markedly anti-Clinton. It drips of scorn, in passages like the above, which is why alt-right websites have picked this up and ran with it.

In the full context of a nation-state actor with a clear capability and motive, one has to be skeptical to some degree of the analysis as presented, especially when one lacks the professional skillset to evaluate the technical aspects of the claims.

A simple yes or no will not do.

No they did not have access to the full range of classified data. Yes they had full access to the CrowdStrike report that we know the FBI (and quite possibly the CIA) was forced to use for their assessment.

Have you read the original CrowdStrike report?
Have you read the dismantling of the original CrowdStrike report?
Have you read the revised CrowdStrike reports due to said dismantling?
Having read the above three do you still have the same confidence in the FBI's assessment in the DNI report?

So we don't have full access to the range of items.

I read through the Crowdstrike material. It earned some valid criticisms.

No, I do not have the same confidence in the FBI's assessment.

I still am, however, forced to accept their assessment, and am inclined to agree with it, given all available information that I have seen. Your linked article is something to assign some modest credibility to, but leaves a lot to be desired in terms of credibility itself, especially given the current information warfare environment.

Cybersecurity analyst Robert Graham was particularly blistering in his assessment of the government’s report, characterizing it as “full of garbage.” The report fails to tie the indicators of compromise to the Russian government. “It contains signatures of viruses that are publicly available, used by hackers around the world, not just Russia. It contains a long list of IP addresses from perfectly normal services, like Tor, Google, Dropbox, Yahoo, and so forth. Yes, hackers use Yahoo for phishing and maladvertising. It doesn’t mean every access of Yahoo is an ‘indicator of compromise’.” Graham compared the list of IP addresses against those accessed by his web browser, and found two matches. “No,” he continues. “This doesn’t mean I’ve been hacked. It means I just had a normal interaction with Yahoo. It means the Grizzly Steppe IoCs are garbage.” Graham goes on to point out that “what really happened” with the supposed Russian hack into the Vermont power grid “is that somebody just checked their Yahoo email, thereby accessing one of the same IP addresses I did. How they get from the facts (one person accessed Yahoo email) to the story (Russians hacked power grid)” is U.S. government “misinformation.” [27]


The DNC hacks have strong evidence pointing to Russia. Not only does all the malware check out, but also other, harder to "false flag" bits, like active command-and-control servers. A serious operator could still false-flag this in theory, if only by bribing people in Russia, but nothing in the CIA dump hints at this.

http://blog.erratasec.com/2017/03/a-note-about-false-flag-operations.html#.WRNDb1XyuM8

Again, I am at the mercy of the determinations of experts. This is outside my skillset.

People with more knowledge, and more information than I can possibly have available, barring re-entering the intelligence community, have reached a fairly strong conclusion.

The OP material does not outweigh that.

Reading all of your material requires more time than I have available, and exceeds my interest bandwidth for the minutae.

Does seem like there is a decided effort afoot in the rightwing blogosphere to pick apart the Crowdstrike report, based on the sheer number of links that came up when I did a search for "Crowdstrike repor

Saw a few things that looked like the report, but if you have a quick link or two that might help.

I have some financial analyses I have to knock out today, but if you could provide a specific link I will get reading.

Guardian, The Intercept, tech dirt, tech crunch, ars technica aren't rightwing blogosphere.

http://blog.erratasec.com/2017/03/a-note-about-false-flag-operations.html#.WRNDb1XyuM8

Robert Graham is all over the place.

http://blog.erratasec.com/2017/01/dear-obama-from-infosec.html?m=1#.WItOqlUrKM8

Robert Graham is all over the place.

http://blog.erratasec.com/2017/01/dear-obama-from-infosec.html?m=1#.WItOqlUrKM8

LOL TSA



http://blog.erratasec.com/2017/01/dear-obama-from-infosec.html?m=1#.WItOqlUrKM8
Tuesday, January 03, 2017
"Obama, release the data so we can look at it ourselves, otherwise your claims aren't credible"



http://blog.erratasec.com/2017/03/a-...l#.WRNDb1XyuM8
Wednesday, March 08, 2017
"I looked at the data and the evidence is pretty strong that Russia did it."


Sure, he's all over the place. :rolleyes

Look on the Brightside TSA... at least Obamacare will cover that burn, for now.

LOL TSA




Sure, he's all over the place. :rolleyes

Graham provides no evidence for his below claim. And he's dismissing it being a CIA false flag. The OP does not make that claim.

"The DNC hacks have strong evidence pointing to Russia. Not only does all the malware check out, but also other, harder to "false flag" bits, like active command-and-control servers. A serious operator could still false-flag this in theory, if only by bribing people in Russia, but nothing in the CIA dump hints at this"


The OP actually took the time to back his claim and did so with great detail.

The OP actually took the time to back his claim and did so with great detail.

Do you have the technical expertise to evaluate that detail?

How have you ruled out that something important, yet vital, got missed?

How have you ruled out that something important, yet vital, was deliberately withheld?

Graham was cited by your own OP's author, which I would assume assigns some credibility. He seems knowledgeable enough to accept as such.

Was this author's review of "Guccifer 2.0"'s activities the sum total of the evidence that Russia hacked the DNC?

My understanding is that there were two different episodes and actors doing so.

Was this author's review of "Guccifer 2.0"'s activities the sum total of the evidence that Russia hacked the DNC?

My understanding is that there were two different episodes and actors doing so.

OP was just on 2.0

OP was just on 2.0

So, your whole thing here is based on part of the evidence, and nothing on the classified shit supporting the report.

Gotcha.

So we don't have full access to the range of items.

I read through the Crowdstrike material. It earned some valid criticisms.

No, I do not have the same confidence in the FBI's assessment.

I still am, however, forced to accept their assessment, and am inclined to agree with it, given all available information that I have seen. Your linked article is something to assign some modest credibility to, but leaves a lot to be desired in terms of credibility itself, especially given the current information warfare environment.

Updates from same author


Guccifer 2.0: Game Over - Intent Concluded

This page covers conclusions that relate to the evidence highlighted here and here.

If you don't know about the RTF/RSID evidence already - please read this first.

Having seen the initial evidence of intent - we know that the first 3 documents were all created from the same blank Russian-language template and that contents from original documents were then copied into each at a later stage.

Now we can take a look at the metadata - and see that it corroborates and helps provide more detail to what we know about the process used.

File Created By Time Modified By Time
1.doc Warren Flood 1:38pm Феликс Эдмундович 2:08pm
2.doc Warren Flood 1:38pm Феликс Эдмундович 2:11pm
3.doc Warren Flood 1:38pm Феликс Эдмундович 2:12pm
We can see that a copy of MS-Word registered to "Warren Flood" was apparently used to create all 3 documents at the same time, this would seem odd usually - but we know he was just saving a tainted blank template as multiple files.

We then see that "Феликс Эдмундович" (the founder of the soviet secret police and someone who has been deceased for 90 years!) opens the files in sequence 30 minutes later, doing something (copying in the contents from original documents into the blank 'pre-tainted' template) and then saving the files, within the space of a few minutes.

SUMMARY: The files were constructed from the same template document with a Russian stylesheet entry in it and then each file, in sequence, was opened to add a secondary layer (writing the Russian name to metadata) when content was copied into them. - TWO layers of Russian "fingerprints", with one existing in the documents even before the main content was present in them!

Guccifer 2.0, from day one, was intending to be identified as a Russian and knew anything he could forge a perceived attribution with would later be easy to discredit because of their association with the 'Russian Hacker' persona.

Update March 18th: u/tvor_22 has confirmed that there are no textual differences between these files and the original files they were copied from. - So, it seems the only reason for the edit was pasting the content in and placing the Russian name.

1.doc did have some additional errors in Russian language but these are likely to be errors generated when pasting in the document between 2:08 and 2:11 (the 2nd phase) due to the process of converting a modern .docx file's content into the RTF format.
This research has been shared with a few independent security experts and they too have struggled to find any reasonable & substantiated alternative explanations for what we have discovered.

Everything we have shown you on RTF/RSID & metadata can be CHECKED and VERIFIED by ANYONE independently and immediately!

WHAT YOU HAVE BEEN TOLD FOR THE LAST 9 MONTHS IS NOT WHAT THE EVIDENCE SUPPORTS

http://g-2.space/intent-conclusion.html

Updates from same author


Guccifer 2.0: Game Over - Intent Concluded

This page covers conclusions that relate to the evidence highlighted here and here.

If you don't know about the RTF/RSID evidence already - please read this first.

Having seen the initial evidence of intent - we know that the first 3 documents were all created from the same blank Russian-language template and that contents from original documents were then copied into each at a later stage.

Now we can take a look at the metadata - and see that it corroborates and helps provide more detail to what we know about the process used.

File Created By Time Modified By Time
1.doc Warren Flood 1:38pm Феликс Эдмундович 2:08pm
2.doc Warren Flood 1:38pm Феликс Эдмундович 2:11pm
3.doc Warren Flood 1:38pm Феликс Эдмундович 2:12pm
We can see that a copy of MS-Word registered to "Warren Flood" was apparently used to create all 3 documents at the same time, this would seem odd usually - but we know he was just saving a tainted blank template as multiple files.

We then see that "Феликс Эдмундович" (the founder of the soviet secret police and someone who has been deceased for 90 years!) opens the files in sequence 30 minutes later, doing something (copying in the contents from original documents into the blank 'pre-tainted' template) and then saving the files, within the space of a few minutes.

SUMMARY: The files were constructed from the same template document with a Russian stylesheet entry in it and then each file, in sequence, was opened to add a secondary layer (writing the Russian name to metadata) when content was copied into them. - TWO layers of Russian "fingerprints", with one existing in the documents even before the main content was present in them!

Guccifer 2.0, from day one, was intending to be identified as a Russian and knew anything he could forge a perceived attribution with would later be easy to discredit because of their association with the 'Russian Hacker' persona.

Update March 18th: u/tvor_22 has confirmed that there are no textual differences between these files and the original files they were copied from. - So, it seems the only reason for the edit was pasting the content in and placing the Russian name.

1.doc did have some additional errors in Russian language but these are likely to be errors generated when pasting in the document between 2:08 and 2:11 (the 2nd phase) due to the process of converting a modern .docx file's content into the RTF format.
This research has been shared with a few independent security experts and they too have struggled to find any reasonable & substantiated alternative explanations for what we have discovered.

Everything we have shown you on RTF/RSID & metadata can be CHECKED and VERIFIED by ANYONE independently and immediately!

WHAT YOU HAVE BEEN TOLD FOR THE LAST 9 MONTHS IS NOT WHAT THE EVIDENCE SUPPORTS

http://g-2.space/intent-conclusion.html

So there were some copy/pasting errors? That is proof positive of what exactly? Be specific.


How have you evaluated that this is more credible than publicly available statements by the US intelligence community?


The U.S. Intelligence Community (USIC) is confident that the Russian Government directed the recent compromises of e-mails from US persons and institutions, including from US political organizations. The recent disclosures of alleged hacked e-mails on sites like DCLeaks.com and WikiLeaks and by the Guccifer 2.0 online persona are consistent with the methods and motivations of Russian-directed efforts. These thefts and disclosures are intended to interfere with the US election process. Such activity is not new to Moscow—the Russians have used similar tactics and techniques across Europe and Eurasia, for example, to influence public opinion there. We believe, based on the scope and sensitivity of these efforts, that only Russia's senior-most officials could have authorized these activities.

Some states have also recently seen scanning and probing of their election-related systems, which in most cases originated from servers operated by a Russian company. However, we are not now in a position to attribute this activity to the Russian Government. The USIC and the Department of Homeland Security (DHS) assess that it would be extremely difficult for someone, including a nation-state actor, to alter actual ballot counts or election results by cyber attack or intrusion. This assessment is based on the decentralized nature of our election system in this country and the number of protections state and local election officials have in place. States ensure that voting machines are not connected to the Internet, and there are numerous checks and balances as well as extensive oversight at multiple levels built into our election process.

"This research has been shared with a few independent security experts and they too have struggled to find any reasonable & substantiated alternative explanations for what we have discovered."


This stands out to me.

Conspiracy theorists rely on this kind of flawed logic all the time.

This is called a "argument from ignorance" fallacy.

"I don't know what the explanation is, so therefore the explanation must be X".


Argument from Ignorance

ad ignorantiam

(also known as: appeal to ignorance)

Description: The assumption of a conclusion or fact based primarily on lack of evidence to the contrary. Usually best described by, “absence of evidence is not evidence of absence.”

Logical Forms:

X is true because you cannot prove that X is false.
X is false because you cannot prove that X is true.
Example #1:

Although we have proven that the moon is not made of spare ribs, we have not proven that its core cannot be filled with them; therefore, the moon’s core is filled with spare ribs.

I know it's game over and all but it just doesn't feel like it, fwiw tbh imho

So there were some copy/pasting errors? That is proof positive of what exactly? Be specific.


How have you evaluated that this is more credible than publicly available statements by the US intelligence community?More than just copy/paste errors. The Russian "fingerprints" were purposely put there. Do you really find it plausible Russia's highly sophisticated state run hacking groups would leave these easily found breadcrumbs to expose themselves?



SUMMARY: The files were constructed from the same template document with a Russian stylesheet entry in it and then each file, in sequence, was opened to add a secondary layer (writing the Russian name to metadata) when content was copied into them. - TWO layers of Russian "fingerprints", with one existing in the documents even before the main content was present in them!

Guccifer 2.0, from day one, was intending to be identified as a Russian and knew anything he could forge a perceived attribution with would later be easy to discredit because of their association with the 'Russian Hacker' persona.


The statements from the USIC don't do much for me as they do not go into any detail on attribution other than saying they are consistent with Russian methods. Also the vault 7 release by Wikileaks showed how just how easy it was to "fake" attribution to another actor.

Quote Originally Posted by RandomGuy

So there were some copy/pasting errors? That is proof positive of what exactly? Be specific.


How have you evaluated that this is more credible than publicly available statements by the US intelligence community?



More than just copy/paste errors. The Russian "fingerprints" were purposely put there. Do you really find it plausible Russia's highly sophisticated state run hacking groups would leave these easily found breadcrumbs to expose themselves?



SUMMARY: The files were constructed from the same template document with a Russian stylesheet entry in it and then each file, in sequence, was opened to add a secondary layer (writing the Russian name to metadata) when content was copied into them. - TWO layers of Russian "fingerprints", with one existing in the documents even before the main content was present in them!

Guccifer 2.0, from day one, was intending to be identified as a Russian and knew anything he could forge a perceived attribution with would later be easy to discredit because of their association with the 'Russian Hacker' persona.


The statements from the USIC don't do much for me as they do not go into any detail on attribution other than saying they are consistent with Russian methods. Also the vault 7 release by Wikileaks showed how just how easy it was to "fake" attribution to another actor.

So you don't know what the relevance of the copy/paste errors is, and this provided link just addresses part of the evidence of hacking.

What other possible explanations for those copy/paste errors, or alternatively data aspect (may not have even been an error, no data as to intent was presented), have you considered?

So you don't know what the relevance of the copy/paste errors is, and this provided link just addresses part of the evidence of hacking.

What other possible explanations for those copy/paste errors, or alternatively data aspect (may not have even been an error, no data as to intent was presented), have you considered?

Everything on RTF/RSID & metadata can be checked and verified. I don't know enough about it so I'm not going to bother. You should check it out for yourself.

So you don't know what the relevance of the copy/paste errors is, and this provided link just addresses part of the evidence of hacking.

What other possible explanations for those copy/paste errors, or alternatively data aspect (may not have even been an error, no data as to intent was presented), have you considered?


Everything on RTF/RSID & metadata can be checked and verified. I don't know enough about it so I'm not going to bother. You should check it out for yourself.

So:

you don't know what the relevance of the copy/paste errors is,
the provided link just addresses part of the evidence of hacking, and
you haven't looked into anything in the link you provided to see if the claims about the data might be explained by something other than a cover up by some secret person at the DNC.



I am content to accept that the features of the data are there, on a tentative basis, since the person doing the claiming appears to be technically competent. That seems reasonable to me.

I am, however, not the one making claims based on this material. You are.

It is your responsibility to show that you did the legwork on this to see if the conclusions drawn by your expert are good ones, not mine. There are, further, reasons to be more than a little skeptical of their conclusions, reasons that you appear to have actively ignored.

Sorry.

As I said, what you provided doesn't go nearly as far as you think it does.

So:

you don't know what the relevance of the copy/paste errors is,
the provided link just addresses part of the evidence of hacking, and
you haven't looked into anything in the link you provided to see if the claims about the data might be explained by something other than a cover up by some secret person at the DNC.



I am content to accept that the features of the data are there, on a tentative basis, since the person doing the claiming appears to be technically competent. That seems reasonable to me.

I am, however, not the one making claims based on this material. You are.

It is your responsibility to show that you did the legwork on this to see if the conclusions drawn by your expert are good ones, not mine. There are, further, reasons to be more than a little skeptical of their conclusions, reasons that you appear to have actively ignored.

Sorry.

As I said, what you provided doesn't go nearly as far as you think it does.

Honestly I haven't read the whole thing again since we last discussed it. I will try to get back around to it soon.

https://i.ytimg.com/vi/ougz6Jkswew/hqdefault.jpg

COMEY: The first cyber — there was all kinds of cyber intrusions going on all the time. The first Russian-connected cyber intrusion I became aware of in the late summer of 2015.

BURR: And in that time frame, there were more than the DNC and the D triple C that were targets?

COMEY: Correct, a massive effort to target government and nongovernmental, near governmental agencies like nonprofits.

BURR: What would be the estimate of how many entities out there the Russians specifically targeted in that time frame?

COMEY: It's hundreds. I suppose it could be more than 1,000, but it's at least hundreds.

BURR: When did you become aware that data had been exfiltrated?

COMEY: I'm not sure exactly. I think either late '15 or early '16.

BURR: And did you, the director of the FBI, have conversations with the last administration about the risk that this posed?

COMEY: Yes.

BURR: And share with us, if you will, what actions they took.

COMEY: Well, the FBI had already undertaken an effort to notify all the victims, and that's what we consider the entities attacked as part of this massive spear-phishing campaign so we notified them in an effort to disrupt what might be ongoing, and then there was a series of continuing interactions with entities through the rest of '15 into '16, and then throughout '16, the administration was trying to decide how to respond to the intrusion activity that it saw.

More than just copy/paste errors. The Russian "fingerprints" were purposely put there. Do you really find it plausible Russia's highly sophisticated state run hacking groups would leave these easily found breadcrumbs to expose themselves?



SUMMARY: The files were constructed from the same template document with a Russian stylesheet entry in it and then each file, in sequence, was opened to add a secondary layer (writing the Russian name to metadata) when content was copied into them. - TWO layers of Russian "fingerprints", with one existing in the documents even before the main content was present in them!

Guccifer 2.0, from day one, was intending to be identified as a Russian and knew anything he could forge a perceived attribution with would later be easy to discredit because of their association with the 'Russian Hacker' persona.


The statements from the USIC don't do much for me as they do not go into any detail on attribution other than saying they are consistent with Russian methods. Also the vault 7 release by Wikileaks showed how just how easy it was to "fake" attribution to another actor.

More updates

https://www.reddit.com/r/The_Donald/comments/6d9xcm/breaking_ive_found_evidence_that_the_dnc/?sort=new

C O V E R U P

C O V E R U P

We finally agree on something. Guccifer 2.0 was created by the DNC to be able to point the finger at Russia and get ahead of the pending Wikileaks dumps

Somewhat related

tEbyw-xEmAc

guccifer, mensch, y'all assholes grabbing at straws of deflecting sideshows.

NOTHING deflects from Trash's and his entourage's

C O V E R U P

https://i.ytimg.com/vi/ougz6Jkswew/hqdefault.jpg

:lol

Boom!

RandomGuy

Conclusion 7. A transfer rate of 23 MB/s is estimated for this initial file collection operation. This transfer rate can be achieved when files are copied over a LAN, but this rate is too fast to support the hypothesis that the DNC data was initially copied over the Internet (esp. to Romania). This transfer rate can also be achieved when copying directly from a computer’s hard drive to a fairly slow USB flash drive; there is a lot variability in USB flash drive speeds. We can shorten this statement and say that the 23 MB/s transfer rate supports the conclusion that the files were initially copied locally and not over the Internet.

https://theforensicator.wordpress.com/guccifer-2-ngp-van-metadata-analysis/

Guccifer 2.0 NGP/VAN Metadata Analysis

Overview

This study analyzes the file metadata found in a 7zip archive file, 7dc58-ngp-van.7z, attributed to the Guccifer 2.0 persona. For an in depth analysis of various aspects of the controversy surrounding Guccifer 2.0, refer to Adam Carter’s blog, Guccifer 2.0: Game Over.

Based on the analysis that is detailed below, the following key findings are presented:

On 7/5/2016 at approximately 6:45 PM Eastern time, someone copied the data that eventually appears on the “NGP VAN” 7zip file (the subject of this analysis). This 7zip file was published by a persona named Guccifer 2, two months later on September 13, 2016.
Due to the estimated speed of transfer (23 MB/s) calculated in this study, it is unlikely that this initial data transfer could have been done remotely over the Internet.
The initial copying activity was likely done from a computer system that had direct access to the data. By “direct access” we mean that the individual who was collecting the data either had physical access to the computer where the data was stored, or the data was copied over a local high speed network (LAN).
They may have copied a much larger collection of data than the data present in the NGP VAN 7zip. This larger collection of data may have been as large as 19 GB. In that scenario the NGP VAN 7zip file represents only 1/10th of the total amount of material taken.
This initial copying activity was done on a system where Eastern Daylight Time (EDT) settings were in force. Most likely, the computer used to initially copy the data was located somewhere on the East Coast.
The data was likely initially copied to a computer running Linux, because the file last modified times all reflect the apparent time of the copy and this is a characteristic of the the Linux ‘cp’ command (using default options).
A Linux OS may have been booted from a USB flash drive and the data may have been copied back to the same flash drive, which will likely have been formatted with the Linux (ext4) file system.
On September 1, 2016, two months after copying the initial large collection of (alleged) DNC related content (the so-called NGP/VAN data), a subset was transferred to working directories on a system running Windows. The .rar files included in the final 7zip file were built from those working directories.
The computer system where the working directories were built had Eastern Daylight Time (EDT) settings in force. Most likely, this system was located somewhere on the East Coast.
The .rar files and plain files that eventually end up in the “NGP VAN” 7zip file disclosed by Guccifer 2.0 on 9/13/2016 were likely first copied to a USB flash drive, which served as the source data for the final 7zip file. There is no information to determine when or where the final 7zip file was built.
Analysis

The Guccifer 2 “NGP VAN” files are found in a password protected 7zip file; instructions for downloading this 7zip file can be found at https://pastebin.com/fN9uvUE0.

Technical note: the size of the 7zip file is 711,396,436 bytes and the MD5 sum is: a6ca56d03073ce6377922171fc8b232d.

This .7z file contains several .rar files – one for each top-level directory, as shown below.

The times shown above are in Pacific Daylight Savings Time (PDT). The embedded .rar files are highlighted in yellow. The “*” after each file indicates that the file is password encrypted. This display of the file entries is shown when the .7z file is opened. A password is required to extract the constituent files. This aspect of the .7z file likely motivated zipping the sub-directories (e.g. CNBC and DNC) into .rar files; this effectively hides the structure of the sub-directories, unless the password is provided and the sub-directories are then extracted. The last modification dates indicate that the .rar files were built on 9/1/2016 and all the other files were copied on 7/5/2016. Note that all the times are even (accurate only to the nearest 2 seconds); the significance of this property will be discussed near the end of this analysis. The files copied on 7/5/2016 have last modified times that are closely clustered around 3:50 PM (PDT); the significance of those times will be described below.

The Guccifer 2 “NGP/VAN” file structure is populated by opening the .7z file and then extracting the top-level files inclusive of the .rar files. The .rar files are further unpacked (using WinRAR) into directories with a name derived by dropping the .rar suffix.

Note: although other archive programs claim to handle .rar files, only WinRAR will reliably restore the archived files, inclusive of their sub-microsecond last modification times.

The times recorded in those .rar files are relative times. The times recorded in the .7z file are absolute (UTC) times. If you look at the recorded .rar file times, you will see times like “7/5/2016 6:39:18 PM” and the times in the .7z file will be at some offset to that depending on your time zone. For example, if you are in the Pacific (daylight savings) time zone, the files shown in the .7z file will read 3 hours earlier than those shown in the .rar files, as shown below.

In this case, we need to adjust the .7z file times to reflect Eastern Time. Something like this command if you are on the West Coast (using Cygwin) will make the adjustment.
find . -exec touch -m -r {} -d '+3 hour' {} \;
The .rar files can be unpacked normally because they will appear with the same times as shown in the archive.

Conclusion 1: The DNC files were first copied to a system which had Eastern Time settings in effect; therefore, this system was likely located on the East Coast. This conclusion is supported by the observation that the .7z file times, after adjustment to East Coast time fall into the range of the file times recorded in the .rar files.

Next, we generate (for example, using a Cygwin bash prompt) a tab-separated list of files sorted by last modified date.

echo -e 'Top\tPath\tFile\tLast Mod\tSize' > ../guc2-files.txt
# Truncate the 10 fractional digits in last mod time to 3.
# Excel won't print more than 3 fractional digits anyway.
find * -type f -printf '%h\t%f\t%TF %TT\t%s\n' | \
sort -t$'\t' -k3 -k1 -k2 | \
perl -F'/\t/' -lane '$F[2] =~ s/(?<=\.\d{3})\d+$//;
($top=$F[0])=~s{/.*}{};
print join ("\t", $top, @F);' \
>> ../guc2-files.txt

This file is then imported into an Excel spreadsheet for analysis.

Many archive file formats (e.g., zip and 7zip) record file times only to whole second resolution. The .rar format however records file times to a higher (nanosecond) resolution. This can be difficult to confirm; the GUI interface will only display whole seconds. The included command line utility, rar, however can be used to display the sub-second resolution. The lt (“list technical”) command will provide further detail. For example, the following command will list additional detail on the file 48HourNotice-20081019-174240.fec in the FEC.rar archive.

"c:\Program Files\WinRAR\rar" lt FEC.rar FEC\48HourNotice-20081019-174240.fec

Conclusion 2: The DNC files were first copied to a file system that was formatted either as an NTFS file system (typically used on Windows systems) or to a Linux (ext4) file system. This conclusion is supported by the observation that the .rar file(s) show file last modified times (mtime) with 7 significant decimal digits (0.1 microsecond resolution) ; this is a characteristic of NTFS file systems.

It is possible that the DNC files were initially copied to a system running Linux and then later copied to a Windows system. Modern Linux implementations use the ext4 file system by default; ext4 records file times in nanoseconds. Thus, if the files were initially copied to a Linux ext4 file system and subsequently copied to a Windows NTFS file system the file times would have been preserved with the 0.1 microsecond precision shown above.

We observe that the last modified times are clustered together in a 14 minute time period on 2016-07-05. If the DNC files were copied in the usual way to a computer running a Windows operating system (e.g., using drag-and-drop in the File Explorer) the last modified times would typically not change (from the original) — the create time would change instead (to the time of the copy). The Windows File Explorer will typically only show the last modified time (by default). A file copy operation using the ‘cp’ command line utility commonly found on a UNIX system (e.g., Linux and Mac OS X) however will (by default) change the last modified time to the time that the copied file was written.

Conclusion 3: The DNC files may have been copied using the ‘cp‘ command (which is available on Linux, Windows, and Mac OS X in some form). This (tentative) conclusion is supported by the observation that all of the file last modified times were changed to the apparent time of the copy operation. Other scenarios may produce this pattern of last modified times, but none were immediately apparent to this author at the time that this article was published.

The combination of an NTFS file system and the use of the UNIX ‘cp’ command is sufficiently unusual to encourage a further search for a more plausible scenario/explanation. One scenario that fits the facts would be that the DNC files were initially copied to a system running Linux (e.g., Ubuntu). The system might have had Linux installed on the system’s hard drive, or Linux may have been booted from a USB flash drive; bootable flash drive images with Linux installed on them are widely available.

A review of the DNC file metadata leads to the observation that significant “time gaps” appear between various top-level directories and files. In the spreadsheet, we first mark (with x’s) places where the top-level directory name changes or the top-level directory is the root (“.”) directory. We further calculate the “time gap” which is the difference between the last mod. time of a current entry and its previous entry; from this we subtract an approximation of the transfer time (using our knowledge of average transfer speed) to go from the last mod time to a likely time that the transfer started. We use a cut off of at least 3 seconds to filter out anomalies due to normal network/OS variations. Here are the entries with significant time gaps.

Guc2-ngp-van-time-gaps

Conclusion 4: The overall time to obtain the DNC files found in the 7z file was 14 minutes; a significant part of that time (13 minutes) is allocated to time gaps that appear between several of the top-level files and directories.

Note that significant time gaps always occur at top-level directory changes (only x’s in the “Top-Level Changed” column). To put the time gaps in better perspective, here is a listing of all top-level changes. A top-level change is defined as either a change in the top-level directory name, or when the parent directory of a file is the root (“.”) directory.

Guc2-ngp-van-top-changes

In the “Last Mod” ordered list above, top-level directories and files are intermixed, and they are not in alphabetic order. This pattern can be explained by the use of the UNIX cp command. The cp command copies files in “directory order”, which on many systems is unsorted and will appear to be somewhat random.

The time gaps that appear in the chronologically ordered listing above could indicate that these files and directories were chosen from a much larger collection of copied files; this larger collection of files may have first been copied en masse via the ‘cp -r’ command.

Initially when this data was analyzed, the “time gaps” were attributed to “think time”, where it was assumed that the individual who collected the files would copy the files in small batches and in between each batch would need some “think time” to find or decide on the next batch to copy. This may be an equally valid way to explain the presence of time gaps at various junctures in the top-level files and folders. However, in this analysis we will assume that a much larger collection of files were initially copied on 7/5/2016; the files in the final .7z file (the subject of this analysis) represent only a small percentage of all the files that were initially collected.

We can estimate the transfer speed of the copy by dividing the total number of bytes transferred by the transfer time. The transfer time is approximated by subtracting the time gap total from the total elapsed time of the copy session. This calculation is shown below.

Conclusion 5: The lengthy time gaps suggest that many additional files were initially copied en masse and that only a small subset of that collection was selected for inclusion into the final 7zip archive file (that was subsequently published by Guccifer 2).

Given the calculations above, if 1.98 GB were copied at a rate of 22.6 MB/s and all the time gaps were attributed to additional file copying then approximately 19.3 GB in total were initially copied. In this hypothetical scenario, the 7zip archive represents only about 10% of the total amount of data that was initially collected.

Conclusion 6: The initial DNC file collection activity began at approximately 2016-07-05 18:39:02 EDT and ended at 2016-07-05 18:53:17 EDT. This conclusion is supported by the observed last modified times and the earlier conclusion that the ex-filtrated files were copied to a computer located in the Eastern Time zone.

Conclusion 7. A transfer rate of 23 MB/s is estimated for this initial file collection operation. This transfer rate can be achieved when files are copied over a LAN, but this rate is too fast to support the hypothesis that the DNC data was initially copied over the Internet (esp. to Romania). This transfer rate can also be achieved when copying directly from a computer’s hard drive to a fairly slow USB flash drive; there is a lot variability in USB flash drive speeds. We can shorten this statement and say that the 23 MB/s transfer rate supports the conclusion that the files were initially copied locally and not over the Internet.

We turn our attention to the .rar files embedded in the .7z file. Here is an illustrative example (FEC.rar).

Guc2-fec-rar

From this listing of FEC.rar above, we make the following observations:

The directories were last modified on 9/1/2016 at approximately 12:50 PM.
The file entries are shown with last modified times on
7/5/2016 at approximately 6:45 PM.
We note that the last modification date for FEC.rar is 12:56:56 PM, EDT on 9/1/2016 after adjusting this time stamp to the Eastern Time zone.
As mentioned earlier, the seconds part of the file and directory last modified times are recorded in the .rar file with a 0.1 microsecond resolution, which is typical of an NTFS file system.
The file last modified times maintain the 7/15/2016 date – they were not changed to dates and times on 9/1/2016 when the sub-directories were created.
When WinRAR restored the .rar files it preserved the directory last modification times recorded in the .rar file.
Recall that the NGP/VAN 7zip file has several .rar files which unpack into top-level directories. We can correlate the last modified times of the .rar files with the last modified times of the directories saved in the .rar files as shown below.

Guc2-7z-rar-vs-rar-dirs

Conclusion 8: The .rar files that ultimately are included in the NGP/VAN 7zip file were built on a computer system where the Eastern Daylight Savings Time (EDT) time zone setting was in force. This conclusion is supported by the observation that if the .rar last modified times are adjusted to EDT they fall into the same range as the last modified times for the directories archived in the .rar files.

In the following table, we combine the last modified times of the directories restored from the .rar files with the last modified times of the .rar files themselves and sort by last modified time. The .rar file last modified times shown have been adjusted so that they reflect Eastern Daylight Savings Time (EDT).

From this data, we make the following observations.

On 9/1/2016, some of the directories that were initially collected on 7/5/2016 were copied to working directories. The working directories were zipped into .rar files that were added to the 7zip file that is the subject of this analysis.
The working directories likely reside on an NTFS-formatted file system (they have last modified times with 0.1 microsecond resolution – typical of NTFS). The NTFS file system is commonly used in modern Windows operating system installations.
The DNC directory was the first directory copied to its working directory.
Shortly after that, “DNC.rar” was created.
A series of directories (“DonorAnalysis” through “FEC”) were copied to their working directories.
Shortly after that, the .rar files were created from those working directories.
Approximately 7 minutes later, two more directories were copied to their working directories: “Reports for Kaine” and “Security“.
Finally, almost 3 hours after that, the .rar files were created from those two working directories
We notice no obvious pattern in the order of choosing the directories to copy to their working copies nor in the creation of .rar files.
The varying order of copying directories to their working copies and the observation that they may have been copied in at least three separate batches adds support to the theory that these directories were selected from a larger collection of files and directories that was initially collected on 7/5/2016.
Given the lack of uniformity in the metadata, we decided not to try to estimate the transfer times for the copy operations which copied the source directories to their working copies.

A question that comes up at this point is: Why were the directories first copied to a working directory before zipping them into .rar files? Two alternative explanations are offered:

The larger collection of files that were copied on 7/5/2016 reside on a computer running the Linux operating system. They need to be copied to a Windows operating system if programs like WinRAR (which runs only on Windows) are going to be used. In this case they may have been exported from the Linux system via a Samba network share.
Or, the larger collection of files that were copied on 7/5/2016 is some distance away from the system where the .rar files will be built; they need to be copied over the Internet. It makes sense to transfer only the directories that have been selected for inclusion into the 7zip file, because copying the entire collection over the Internet may be relatively slow.
Neither of the alternatives above suggest that making local working copies was truly necessary, because if we hypothesize that the original collection was exported via a network share, it would seem that this share could have been used directly. That may not have occurred to the person building the .rar files, or perhaps they had some other motivation to make local copies. One idea might be that the local working copies were made to facilitate some internal pruning, but we so no evidence of that — the time gaps occur only at the top level (as discussed earlier).

Conclusion 9: The final copy (on 9/1/2016) from the initial file collection to working directories was likely done with a conventional drag-and-drop style of copy. This conclusion is based on the observation that the file last modified times were preserved when copying from the initial collection to the working copies, unlike the first copy operation on 7/5/2016 (which is attributed to the use of the cp command).

Conclusion 10: The final working directories were likely created on an NTFS file system present on a computer running Windows. This conclusion is based on the following observations: (1) the file timestamps have 0.1 micro-second resolution (a characteristic of NTFS file systems), (2) NTFS file systems are widely used on Windows systems, (3) NTFS file systems are typically not used on USB flash drives, and (4) WinRAR is a Windows based program and was likely used to build the .rar files.

At the beginning of this analysis, we noted that the seconds part of the file last modified times that appear at the top-level in the .7z file were all even (a multiple of 2). Windows FAT formatted volumes are constrained to represent times only to the nearest two (2) seconds. USB flash drives are typically formatted FAT or FAT32.

Conclusion 11: The .rar files and plain files that were combined into the final .7z file (the subject of this analysis) were likely copied to a FAT-formatted flash drive first. This conclusion is supported by the observation that the seconds part of all the last modified times are all exact multiples of 2.

tl:dr guccifer 2.0 hack was done locally

Anonymous blog created today?

Mother of all BOOM.

"Due to the estimated speed of transfer (23 MB/s) calculated in this study, it is unlikely that this initial data transfer could have been done remotely over the Internet.

The initial copying activity was likely done from a computer system that had direct access to the data. By “direct access” we mean that the individual who was collecting the data either had physical access to the computer where the data was stored, or the data was copied over a local high speed network (LAN)."

His name was Seth Rich

His name was Seth Rich

1GaF2TK5P0A

tl:dr guccifer 2.0 hack was done locally

Would that include a potential Russian operative copying data from within the DNC?

A yes or no would do.

Next question:

Does the KGB have the human intelligence capability to place an asset into a large political organization in the US?

Would that include a potential Russian operative copying data from within the DNC?

A yes or no would do.

Yes

Next question:

Does the KGB have the human intelligence capability to place an asset into a large political organization in the US?

Yes

One of the main principles of Russian intelligence and military actions is plausible deniability. (reference "Little Green Men" and documented use of proxies)

Is it within the capabilities of Russian intelligence to provide an asset with a method of badly altering data to make it seem Russian, in order to easily discredit it, if the hack was ever made public or discovered?

Would that include a potential Russian operative copying data from within the DNC?

A yes or no would do.

Would it be more likely to be a Russian operative copying data from with the DNC or a disgruntled DNC employee such as Seth Rich?

Next question:

Would it be more likely to be a Russian operative copying data from within the DNC or three Pakistani brothers who were IT specialists working for Wasserman-Schultz and other members of congress?

So, we still can't quite rule out Russian intelligence. Hard to have a "game over", innit?

If I were extra paranoid, I would note that the circumstances around Rich's death bear some parallels to the deaths of Putin critics, and was about the same time, if memory serves, as the death of that Russian intelligence officer.

Next question:

What do you know about the Awan brothers and the investigation being led by Capitol police?

The three Pakistani-born brothers — Abid, Imran, and Jamal — had been information technology specialists for some members of Congress, including those who sat on the House Permanent Select Committee on Intelligence and the House Committee on Foreign Affairs, according to reporting by Luke Rosiak of the Daily Caller News Foundation Investigative Group.

Among those who were victims of the Awan brothers’ data theft was Wasserman Schultz, the former DNC head. Rosiak reported that as many as 80 members of Congress may have been targets of the Awans, who are now the subjects of a criminal probe by the U.S. Capitol Police.

What, exactly, the Awan brothers took from Wasserman Schultz and other members of the House is not known, though “equipment and data” have been cited by Politico, one of the few mainstream organizations to report on the Awans. But in the series of articles Rosiak wrote about the brothers for The Daily Caller over the last several months, there emerges something like the plot of a John le Carré novel: secret loans from Iraqi politicians, ties to terror group Hezbollah, debts on a car dealership the Awan family in Northern Virginia—and apparently untrammelled access to politicians’ emails.

http://www.newsweek.com/whisenant-fake-news-far-right-theory-618744


Next question:

Why would Wasserman-Schultz retain the Awan's services after the investigation started?

Wasserman Schultz for some reason retained Awan in an advisory capacity even after the Capitol Police’s investigation into the Awan family seemed to be ramping up. And in late May, there emerged video of Wasserman Schultz confronting a member of the Capitol Police over computer equipment that had been taken from her in the course of the Awan investigation. Wasserman Schultz demands the return of the equipment, telling Capitol Police deputy chief Matthew R. Verderosa that “there will be consequences.”

http://www.newsweek.com/whisenant-fake-news-far-right-theory-618744

Would it be more likely to be a Russian operative copying data from with the DNC or a disgruntled DNC employee such as Seth Rich?

Not enough data to evaluate likelihood. You seem to have also not considered the possibility that the two could be the same person.

lunch is up. back to reading. Oi, I have had to buy reading glasses for the first time in my life.

I'm old.

lunch is up. back to reading. Oi, I have had to buy reading glasses for the first time in my life.

I'm old.

You have a few unanswered questions and a little reading to do when you come back from lunch.

TSA demand answers!

Next question:

Would it be more likely to be a Russian operative copying data from within the DNC or three Pakistani brothers who were IT specialists working for Wasserman-Schultz and other members of congress?

Not enough data to evaluate likelihood.

Have you at least come to the conclusion now that the information was stolen locally?

Next question:

What do you know about the Awan brothers and the investigation being led by Capitol police?

The three Pakistani-born brothers — Abid, Imran, and Jamal — had been information technology specialists for some members of Congress, including those who sat on the House Permanent Select Committee on Intelligence and the House Committee on Foreign Affairs, according to reporting by Luke Rosiak of the Daily Caller News Foundation Investigative Group.

Among those who were victims of the Awan brothers’ data theft was Wasserman Schultz, the former DNC head. Rosiak reported that as many as 80 members of Congress may have been targets of the Awans, who are now the subjects of a criminal probe by the U.S. Capitol Police.

What, exactly, the Awan brothers took from Wasserman Schultz and other members of the House is not known, though “equipment and data” have been cited by Politico, one of the few mainstream organizations to report on the Awans. But in the series of articles Rosiak wrote about the brothers for The Daily Caller over the last several months, there emerges something like the plot of a John le Carré novel: secret loans from Iraqi politicians, ties to terror group Hezbollah, debts on a car dealership the Awan family in Northern Virginia—and apparently untrammelled access to politicians’ emails.

http://www.newsweek.com/whisenant-fake-news-far-right-theory-618744


Next question:

Why would Wasserman-Schultz retain the Awan's services after the investigation started?

Wasserman Schultz for some reason retained Awan in an advisory capacity even after the Capitol Police’s investigation into the Awan family seemed to be ramping up. And in late May, there emerged video of Wasserman Schultz confronting a member of the Capitol Police over computer equipment that had been taken from her in the course of the Awan investigation. Wasserman Schultz demands the return of the equipment, telling Capitol Police deputy chief Matthew R. Verderosa that “there will be consequences.”

http://www.newsweek.com/whisenant-fake-news-far-right-theory-618744


Earlier this week, however, the far right found a new subject for its feverish theorizing, a young Florida federal prosecutor who, some are insisting, was murdered because of his role in an investigation involving former DNC head and current South Florida congresswoman Debbie Wasserman Schultz.


:lmao

To answer your questions:

Very little.

and

No idea. You should get right on it, conservative jones.

http://r3.creativeloafing.com/files/base/scomm/clatl/image/2010/02/640w/352c2_fall_modernworld1_1_45.jpg

:lmao

To answer your questions:

Very little.

and

No idea. You should get right on it, conservative jones.


I left that part of the article out for a reason.


You really should read up on the Awan brothers and the investigation being led by Capitol police.

Have you at least come to the conclusion now that the information was stolen locally?

I lack the knowledge to effectively evaluate the data, and have no independent expert opinion to evaluate the material you have supplied.

Nope.


(edit)

The most I can do is extend some provisional credibility to the material, since it does seem to be knowledgeable. There is still not enough evidence to really reach anything approaching a firm conclusion. Necessary, but not sufficient.

I left that part of the article out for a reason.


You really should read up on the Awan brothers and the investigation being led by Capitol police.

No, really I shouldn't.

Let me know how it shakes out.

No, really I shouldn't.

Let me know how it shakes out.

This is a case of actual foreign nationals stealing data from the head of the DNC and congress, sending it to private servers, and you don't give a shit :lol

Too embarrassing to admit it was someone inside. CIA can't even protect their own damn hacking tools. Remember Vault 7?

Too embarrassing to admit it was someone inside. CIA can't even protect their own damn hacking tools. Remember Vault 7?
Was that the one where TSA said Boom game over? Or was that pizzagate one? Either way I think the game was over I don't member much about it but was definitely a lot of booms and games being over. It kind of passed without much coming of it other the than the game being over of course. I mean definitely, I remember the game being over for sure.

Was that the one where TSA said Boom game over? Or was that pizzagate one? Either way I think the game was over I don't member much about it but was definitely a lot of booms and games being over. It kind of passed without much coming of it other the than the game being over of course. I mean definitely, I remember the game being over for sure.


Well, they've been hard selling the Russia narrative for over a year -- all based on Crowdstrike. I hope the public eventually gets more compelling evidence.

Darrin never believe Dear Leader Putin even try ever hack US computers or influence election.

Darrin great patriot.

Darrin never believe Dear Leader Putin even try ever hack US computers or influence election.

Darrin great patriot.

Phish email is very sophisticated attack, no?

Phish email is very sophisticated attack, no?Yes, phishing is only thing Dear Leader Putin ever try in history of computer.

Patriot Darrin argument very sophisticated!

Yes, phishing is only thing Dear Leader Putin ever try in history of computer.

Patriot Darrin argument very sophisticated!

All phish emails directed by Putin, tbh

All phish emails directed by Putin, tbhPatriot Darrin say phish enough everything else go away!

Patriot Darrin say phish enough everything else go away!

DNC and CIA need extreme vetting, tbh

DNC and CIA need extreme vetting, tbhYes! Everything joke to Patriot Darrin!

Dear Leader Putin great friend to USA freedom and democracy!

Say phish again!

Yes! Everything joke to Patriot Darrin!

Dear Leader Putin great friend to USA freedom and democracy!

Say phish again!


It's a Unix system! I know this!

http://thesmokinggun.com/sites/default/files/assets/fullgmailalert.jpg

It's a Unix system! I know this!

http://thesmokinggun.com/sites/default/files/assets/fullgmailalert.jpgYes! Concentrate on joke!

Do Dear Leader Putin's work for him! Don't know when you decide to shit on your own country but thanks be to you for it, Darrin.

Yes! Concentrate on joke!

Do Dear Leader Putin's work for him! Don't know when you decide to shit on your own country but thanks be to you for it, Darrin.


Phish email is the first indicator of super sophisticated hacker. :lmao

Phish*ding*

:lol at the alleged "forensic analysis" of rar file dates... like you can't change those to whatever you want...

Yahtzee!

This is a case of actual foreign nationals stealing data from the head of the DNC and congress, sending it to private servers, and you don't give a shit :lol

I do care. You should not lie about what I think, just because we disagree on things.

I just don't care enough to spend much of my time on it, as I figure that the police are investigating, as you noted, and it seems awfully ancillary to other larger problems that I think are worth my time. I skimmed the article you provided.

Too embarrassing to admit it was someone inside. CIA can't even protect their own damn hacking tools. Remember Vault 7?

http://billmoyers.com/episode/the-deep-state-hiding-in-plain-sight/

FWIW.

TSA might find it interesting as well, although it paints some Republicans in a bad light as well as Democrats. (gasp)

:lol at the alleged "forensic analysis" of rar file dates... like you can't change those to whatever you want...

Yahtzee!

Eyup. Just because something says "forensic analysis" doesn't make it authoritative.

The opposite really. "forensic" just means "legal", and is very commonly misused by people attempting to add legitimacy.

:lol at the alleged "forensic analysis" of rar file dates... like you can't change those to whatever you want...

Yahtzee!

Source Materials

https://guccifer2.files.wordpress.com/2016/06/1.doc (link)
https://guccifer2.files.wordpress.com/2016/06/2.doc (link)
https://guccifer2.files.wordpress.com/2016/06/3.doc (link)

Mirror copies are available below (please use originals above if available):

Host: d3f.uk -> 1.doc 2.doc 3.doc
Host: g-2.space -> 1.doc 2.doc 3.doc

link to metadata
http://g-2.space/intent-conclusion.html

Can't metadata be manipulated just by downloading and couldn't it have been manipulated by saving the file at times you haven't considered?

While downloading the files to your PC will cause the file headers to have the current time/date recorded - these are completely separate from the RTF metadata (which remains untouched and will still have the creation/modification dates in June of 2016). - So the downloading, etc. process and copying/moving the file around in your OS won't cause the RTF metadata to be altered.
That said, there still ARE circumstances in which the data can be reset, etc. (when opening and saving the file in apps, etc).

We have given a lot of consideration to this too...

To figure out the sort of application behaviors we are likely dealing with - it helps to know what application was likely used to generate and save them. - fortunately, this can be evaluated to some degree because we can see that all 5 RTF files have the following string in them:

{\xmlns1 http://schemas.microsoft.com/office/word/2003/

You can test using OpenOffice, LibreOffice, WordPad and other apps that can save to the RTF format and check which ones produce the above string and which ones don't . We can't entirely rule out the possibility of other apps producing this but of those tested, only MS-Word seemed to leave this in files. (There are other things we can test if it ever turns out other applications have this behavior).

So testing was carried out with a few recent copies of MS-Word to see the various circumstances when the actual RTF metadata changes.

The following was observed:

Author name
Set on creation, retained when saving and saving-as (people who edit the document subsequently are recorded as 'operator' rather than 'author'.)

Creation date
Set on creation, CAN BE REFRESHED by someone saving document as a new copy.

Operator name
(last person who edited) - Set on creation, set when saving.

Modified date
Set on creation, set when saving.

We have tried to consider various possibilities and even if the creation timestamps are modified on the documents in a way we had not accounted for (eg. due to a Save-As event we perhaps had not considered) - the only difference it really makes is that it changes the time/date on which someone using an account named "Warren Flood" created the initial Russian-tainted template that the first 3 files are all based on.

(This is because the RTF-RSID correlations on the Russian language stylesheets in the first 3 documents allow us to evaluate the chronological order in which they and the actual content became present in each of the files - regardless of the metadata.).

UPDATE (May 13th, 2017): Following some tests on RTF files generated on Mac (h/t Steve Cunningham) and Windows versions of MS Office it seems highly likely the RTF docs produced by Guccifer 2.0 were generated using the Windows version of Microsoft Office.

http://billmoyers.com/episode/the-deep-state-hiding-in-plain-sight/

FWIW.

TSA might find it interesting as well, although it paints some Republicans in a bad light as well as Democrats. (gasp)

Thanks for this. I'll try and listen after work today.

It's a Unix system! I know this!

http://thesmokinggun.com/sites/default/files/assets/fullgmailalert.jpg

If memory serves, the Steele dossier mentions a concerted Russian effort to affect the election, including infiltration of the campaigns, and I would guess the major political party HQs.

Russian methodology is to develop and place human assets where they want them, and always to add in layers of plausible deniability. (e.g. the hacker"patriots" alluded to by Putin, who just happen to do whatever is in the interest of the Russian government)

The evidence you presented in this thread shows an insider copying and pasting data, with a clumsy attempt to make it look Russian that would be easily identifiable as such by anyone with any sophistication. That insider was, apparently Seth Rich, who met an unfortunate and mysterious end. An end that mirrors, coincidentally, that of a Russian inteligence general who was killed shortly after the Steele dossier was made public, as was Rich.

Hypothesis:
Rich was a Russian intelligence asset in the mold of so many Americans who have been recruited through greed and/or blackmail, and downloading what data he could, in a way that would provide the Russians with an easy way to say they were being framed if it ever came to light.
The Russians, per the Steele dossier, were said to be somewhat alarmed about getting caught out, and were scaling back their activities. Their efforts in this regard, were to tie up loose ends, Rich being one, and the Russian intel general being another.

This hypothesis explains, without many extra assumptions, the observed evidence, as well as conforming to known Russian intelligence methodology.

Both the aim, and methods here appear consistant with Russian intelligence carrying out directives from the leadership in the Kremlin.

If memory serves, the Steele dossier mentions a concerted Russian effort to affect the election, including infiltration of the campaigns, and I would guess the major political party HQs.

Russian methodology is to develop and place human assets where they want them, and always to add in layers of plausible deniability. (e.g. the hacker"patriots" alluded to by Putin, who just happen to do whatever is in the interest of the Russian government)

The evidence you presented in this thread shows an insider copying and pasting data, with a clumsy attempt to make it look Russian that would be easily identifiable as such by anyone with any sophistication. That insider was, apparently Seth Rich, who met an unfortunate and mysterious end. An end that mirrors, coincidentally, that of a Russian inteligence general who was killed shortly after the Steele dossier was made public, as was Rich.

Hypothesis:
Rich was a Russian intelligence asset in the mold of so many Americans who have been recruited through greed and/or blackmail, and downloading what data he could, in a way that would provide the Russians with an easy way to say they were being framed if it ever came to light.
The Russians, per the Steele dossier, were said to be somewhat alarmed about getting caught out, and were scaling back their activities. Their efforts in this regard, were to tie up loose ends, Rich being one, and the Russian intel general being another.

This hypothesis explains, without many extra assumptions, the observed evidence, as well as conforming to known Russian intelligence methodology.

Both the aim, and methods here appear consistant with Russian intelligence carrying out directives from the leadership in the Kremlin.

Not sure if serious. Do you believe the hypothesis you laid out?

William Binney, former NSA Technical Director for World Geopolitical & Military Analysis; Co-founder of NSA’s Signals Intelligence Automation Research Center

Skip Folden, independent analyst, retired IBM Program Manager for Information Technology US (Associate VIPS)

Matthew Hoh, former Capt., USMC, Iraq & Foreign Service Officer, Afghanistan (associate VIPS)

Michael S. Kearns, Air Force Intelligence Officer (Ret.), Master SERE Resistance to Interrogation Instructor

John Kiriakou, Former CIA Counterterrorism Officer and former Senior Investigator, Senate Foreign Relations Committee

Linda Lewis, WMD preparedness policy analyst, USDA (ret.)

Lisa Ling, TSgt USAF (ret.) (associate VIPS)

Edward Loomis, Jr., former NSA Technical Director for the Office of Signals Processing

David MacMichael, National Intelligence Council (ret.)

Ray McGovern, former U.S. Army Infantry/Intelligence officer and CIA analyst

Elizabeth Murray, former Deputy National Intelligence Officer for Middle East, CIA

Coleen Rowley, FBI Special Agent and former Minneapolis Division Legal Counsel (ret.)

Cian Westmoreland, former USAF Radio Frequency Transmission Systems Technician and Unmanned Aircraft Systems whistleblower (Associate VIPS)

Kirk Wiebe, former Senior Analyst, SIGINT Automation Research Center, NSA

Sarah G. Wilton, Intelligence Officer, DIA (ret.); Commander, US Naval Reserve (ret.)

Ann Wright, U.S. Army Reserve Colonel (ret) and former U.S. Diplomat


In a memo to President Trump, a group of former U.S. intelligence officers, including NSA specialists, cite new forensic studies to challenge the claim of the key Jan. 6 “assessment” that Russia “hacked” Democratic emails last year.

MEMORANDUM FOR: The President

FROM: Veteran Intelligence Professionals for Sanity (VIPS)

SUBJECT: Was the “Russian Hack” an Inside Job?

Executive Summary

Forensic studies of “Russian hacking” into Democratic National Committee computers last year reveal that on July 5, 2016, data was leaked (not hacked) by a person with physical access to DNC computers, and then doctored to incriminate Russia.

After examining metadata from the “Guccifer 2.0” July 5, 2016 intrusion into the DNC server, independent cyber investigators have concluded that an insider copied DNC data onto an external storage device, and that “telltale signs” implicating Russia were then inserted.

Key among the findings of the independent forensic investigations is the conclusion that the DNC data was copied onto a storage device at a speed that far exceeds an Internet capability for a remote hack. Of equal importance, the forensics show that the copying and doctoring were performed on the East coast of the U.S. Thus far, mainstream media have ignored the findings of these independent studies [see here and here].

Independent analyst Skip Folden, a retired IBM Program Manager for Information Technology US, who examined the recent forensic findings, is a co-author of this Memorandum. He has drafted a more detailed technical report titled “Cyber-Forensic Investigation of ‘Russian Hack’ and Missing Intelligence Community Disclaimers,” and sent it to the offices of the Special Counsel and the Attorney General. VIPS member William Binney, a former Technical Director at the National Security Agency, and other senior NSA “alumni” in VIPS attest to the professionalism of the independent forensic findings.

The recent forensic studies fill in a critical gap. Why the FBI neglected to perform any independent forensics on the original “Guccifer 2.0” material remains a mystery – as does the lack of any sign that the “hand-picked analysts” from the FBI, CIA, and NSA, who wrote the “Intelligence Community Assessment” dated January 6, 2017, gave any attention to forensics.

NOTE: There has been so much conflation of charges about hacking that we wish to make very clear the primary focus of this Memorandum. We focus specifically on the July 5, 2016 alleged Guccifer 2.0 “hack” of the DNC server. In earlier VIPS memoranda we addressed the lack of any evidence connecting the Guccifer 2.0 alleged hacks and WikiLeaks, and we asked President Obama specifically to disclose any evidence that WikiLeaks received DNC data from the Russians [see here and here].

Addressing this point at his last press conference (January 18), he described “the conclusions of the intelligence community” as “not conclusive,” even though the Intelligence Community Assessment of January 6 expressed “high confidence” that Russian intelligence “relayed material it acquired from the DNC … to WikiLeaks.”

Obama’s admission came as no surprise to us. It has long been clear to us that the reason the U.S. government lacks conclusive evidence of a transfer of a “Russian hack” to WikiLeaks is because there was no such transfer. Based mostly on the cumulatively unique technical experience of our ex-NSA colleagues, we have been saying for almost a year that the DNC data reached WikiLeaks via a copy/leak by a DNC insider (but almost certainly not the same person who copied DNC data on July 5, 2016).

From the information available, we conclude that the same inside-DNC, copy/leak process was used at two different times, by two different entities, for two distinctly different purposes:

-(1) an inside leak to WikiLeaks before Julian Assange announced on June 12, 2016, that he had DNC documents and planned to publish them (which he did on July 22) – the presumed objective being to expose strong DNC bias toward the Clinton candidacy; and

-(2) a separate leak on July 5, 2016, to pre-emptively taint anything WikiLeaks might later publish by “showing” it came from a “Russian hack.”

* * *

Mr. President:

This is our first VIPS Memorandum for you, but we have a history of letting U.S. Presidents know when we think our former intelligence colleagues have gotten something important wrong, and why. For example, our first such memorandum, a same-day commentary for President George W. Bush on Colin Powell’s U.N. speech on February 5, 2003, warned that the “unintended consequences were likely to be catastrophic,” should the U.S. attack Iraq and “justfy” the war on intelligence that we retired intelligence officers could readily see as fraudulent and driven by a war agenda.

The January 6 “Intelligence Community Assessment” by “hand-picked” analysts from the FBI, CIA, and NSA seems to fit into the same agenda-driven category. It is largely based on an “assessment,” not supported by any apparent evidence, that a shadowy entity with the moniker “Guccifer 2.0” hacked the DNC on behalf of Russian intelligence and gave DNC emails to WikiLeaks.

The recent forensic findings mentioned above have put a huge dent in that assessment and cast serious doubt on the underpinnings of the extraordinarily successful campaign to blame the Russian government for hacking. The pundits and politicians who have led the charge against Russian “meddling” in the U.S. election can be expected to try to cast doubt on the forensic findings, if they ever do bubble up into the mainstream media. But the principles of physics don’t lie; and the technical limitations of today’s Internet are widely understood. We are prepared to answer any substantive challenges on their merits.

You may wish to ask CIA Director Mike Pompeo what he knows about this. Our own lengthy intelligence community experience suggests that it is possible that neither former CIA Director John Brennan, nor the cyber-warriors who worked for him, have been completely candid with their new director regarding how this all went down.

Copied, Not Hacked

As indicated above, the independent forensic work just completed focused on data copied (not hacked) by a shadowy persona named “Guccifer 2.0.” The forensics reflect what seems to have been a desperate effort to “blame the Russians” for publishing highly embarrassing DNC emails three days before the Democratic convention last July. Since the content of the DNC emails reeked of pro-Clinton bias, her campaign saw an overriding need to divert attention from content to provenance – as in, who “hacked” those DNC emails? The campaign was enthusiastically supported by a compliant “mainstream” media; they are still on a roll.

“The Russians” were the ideal culprit. And, after WikiLeaks editor Julian Assange announced on June 12, 2016, “We have emails related to Hillary Clinton which are pending publication,” her campaign had more than a month before the convention to insert its own “forensic facts” and prime the media pump to put the blame on “Russian meddling.” Mrs. Clinton’s PR chief Jennifer Palmieri has explained how she used golf carts to make the rounds at the convention. She wrote that her “mission was to get the press to focus on something even we found difficult to process: the prospect that Russia had not only hacked and stolen emails from the DNC, but that it had done so to help Donald Trump and hurt Hillary Clinton.”

Independent cyber-investigators have now completed the kind of forensic work that the intelligence assessment did not do. Oddly, the “hand-picked” intelligence analysts contented themselves with “assessing” this and “assessing” that. In contrast, the investigators dug deep and came up with verifiable evidence from metadata found in the record of the alleged Russian hack.

They found that the purported “hack” of the DNC by Guccifer 2.0 was not a hack, by Russia or anyone else. Rather it originated with a copy (onto an external storage device – a thumb drive, for example) by an insider. The data was leaked after being doctored with a cut-and-paste job to implicate Russia. We do not know who or what the murky Guccifer 2.0 is. You may wish to ask the FBI.

The Time Sequence

June 12, 2016: Assange announces WikiLeaks is about to publish “emails related to Hillary Clinton.”

June 15, 2016: DNC contractor Crowdstrike, (with a dubious professional record and multiple conflicts of interest) announces that malware has been found on the DNC server and claims there is evidence it was injected by Russians.

June 15, 2016: On the same day, “Guccifer 2.0” affirms the DNC statement; claims responsibility for the “hack;” claims to be a WikiLeaks source; and posts a document that the forensics show was synthetically tainted with “Russian fingerprints.”

We do not think that the June 12 & 15 timing was pure coincidence. Rather, it suggests the start of a pre-emptive move to associate Russia with anything WikiLeaks might have been about to publish and to “show” that it came from a Russian hack.

The Key Event

July 5, 2016: In the early evening, Eastern Daylight Time, someone working in the EDT time zone with a computer directly connected to the DNC server or DNC Local Area Network, copied 1,976 MegaBytes of data in 87 seconds onto an external storage device. That speed is many times faster than what is physically possible with a hack.

It thus appears that the purported “hack” of the DNC by Guccifer 2.0 (the self-proclaimed WikiLeaks source) was not a hack by Russia or anyone else, but was rather a copy of DNC data onto an external storage device. Moreover, the forensics performed on the metadata reveal there was a subsequent synthetic insertion – a cut-and-paste job using a Russian template, with the clear aim of attributing the data to a “Russian hack.” This was all performed in the East Coast time zone.

“Obfuscation & De-obfuscation”

Mr. President, the disclosure described below may be related. Even if it is not, it is something we think you should be made aware of in this general connection. On March 7, 2017, WikiLeaks began to publish a trove of original CIA documents that WikiLeaks labeled “Vault 7.” WikiLeaks said it got the trove from a current or former CIA contractor and described it as comparable in scale and significance to the information Edward Snowden gave to reporters in 2013.

No one has challenged the authenticity of the original documents of Vault 7, which disclosed a vast array of cyber warfare tools developed, probably with help from NSA, by CIA’s Engineering Development Group. That Group was part of the sprawling CIA Directorate of Digital Innovation – a growth industry established by John Brennan in 2015.

Scarcely imaginable digital tools – that can take control of your car and make it race over 100 mph, for example, or can enable remote spying through a TV – were described and duly reported in the New York Times and other media throughout March. But the Vault 7, part 3 release on March 31 that exposed the “Marble Framework” program apparently was judged too delicate to qualify as “news fit to print” and was kept out of the Times.

The Washington Post’s Ellen Nakashima, it seems, “did not get the memo” in time. Her March 31 article bore the catching (and accurate) headline: “WikiLeaks’ latest release of CIA cyber-tools could blow the cover on agency hacking operations.”

The WikiLeaks release indicated that Marble was designed for flexible and easy-to-use “obfuscation,” and that Marble source code includes a “deobfuscator” to reverse CIA text obfuscation.

More important, the CIA reportedly used Marble during 2016. In her Washington Post report, Nakashima left that out, but did include another significant point made by WikiLeaks; namely, that the obfuscation tool could be used to conduct a “forensic attribution double game” or false-flag operation because it included test samples in Chinese, Russian, Korean, Arabic and Farsi.

The CIA’s reaction was neuralgic. Director Mike Pompeo lashed out two weeks later, calling Assange and his associates “demons,” and insisting, “It’s time to call out WikiLeaks for what it really is, a non-state hostile intelligence service, often abetted by state actors like Russia.”

Mr. President, we do not know if CIA’s Marble Framework, or tools like it, played some kind of role in the campaign to blame Russia for hacking the DNC. Nor do we know how candid the denizens of CIA’s Digital Innovation Directorate have been with you and with Director Pompeo. These are areas that might profit from early White House review.

Putin and the Technology

We also do not know if you have discussed cyber issues in any detail with President Putin. In his interview with NBC’s Megyn Kelly, he seemed quite willing – perhaps even eager – to address issues related to the kind of cyber tools revealed in the Vault 7 disclosures, if only to indicate he has been briefed on them. Putin pointed out that today’s technology enables hacking to be “masked and camouflaged to an extent that no one can understand the origin” [of the hack] … And, vice versa, it is possible to set up any entity or any individual that everyone will think that they are the exact source of that attack.”

“Hackers may be anywhere,” he said. “There may be hackers, by the way, in the United States who very craftily and professionally passed the buck to Russia. Can’t you imagine such a scenario? … I can.”

Full Disclosure: Over recent decades the ethos of our intelligence profession has eroded in the public mind to the point that agenda-free analysis is deemed well nigh impossible. Thus, we add this disclaimer, which applies to everything we in VIPS say and do: We have no political agenda; our sole purpose is to spread truth around and, when necessary, hold to account our former intelligence colleagues.

We speak and write without fear or favor. Consequently, any resemblance between what we say and what presidents, politicians and pundits say is purely coincidental. The fact we find it is necessary to include that reminder speaks volumes about these highly politicized times. This is our 50th VIPS Memorandum since the afternoon of Powell’s speech at the UN. Live links to the 49 past memos can be found at https://consortiumnews.com/vips-memos/.

are you paid to post stuff like that? you cant possibly believe anyone here is reading that shit

are you paid to post stuff like that? you cant possibly believe anyone here is reading that shit

:lol

Seriously.

Not sure if serious. Do you believe the hypothesis you laid out?

Serious, yes.

Belief?

Not enough information in any event to form a hypothesis I would have much confidence in either way.

Merely pointing out that your evidence doesn't exactly say what you think it does, and can be interpreted in a way that you seem blind to, in addition to having some rather obvious flaws.

"game over" = overreach

are you paid to post stuff like that? you cant possibly believe anyone here is reading that shit


It thus appears that the purported “hack” of the DNC by Guccifer 2.0 (the self-proclaimed WikiLeaks source) was not a hack by Russia or anyone else, but was rather a copy of DNC data onto an external storage device. Moreover, the forensics performed on the metadata reveal there was a subsequent synthetic insertion – a cut-and-paste job using a Russian template, with the clear aim of attributing the data to a “Russian hack.” This was all performed in the East Coast time zone.


Russian intelligence services work to put people on the inside.
They work to have plausible deniability.

Evidence in TSA's posts here are consistent with both, and he has not provided evidence that would rule out this possibility, which is ironic, because all he was attempting to do was to show it couldn't possibly have been Russians, but some scheme at the DNC.

What he has done is show evidence very consistent with Russian intel methods, but doesn't seem to want to admit that now that it has been pointed out.

Russian intelligence services work to put people on the inside.
They work to have plausible deniability.

Evidence in TSA's posts here are consistent with both, and he has not provided evidence that would rule out this possibility, which is ironic, because all he was attempting to do was to show it couldn't possibly have been Russians, but some scheme at the DNC.

What he has done is show evidence very consistent with Russian intel methods, but doesn't seem to want to admit that now that it has been pointed out.

whats happening is he spends hours every day in a 4chan/reddit echo chamber and thinks everyone will find the stuff they obsess over interesting.

are you paid to post stuff like that? you cant possibly believe anyone here is reading that shit

Not only reading but replying as well.

Unlike your dud

http://www.spurstalk.com/forums/showthread.php?t=269808&p=9098556#post9098556

Russian intelligence services work to put people on the inside.
They work to have plausible deniability.

Evidence in TSA's posts here are consistent with both, and he has not provided evidence that would rule out this possibility, which is ironic, because all he was attempting to do was to show it couldn't possibly have been Russians, but some scheme at the DNC.

What he has done is show evidence very consistent with Russian intel methods, but doesn't seem to want to admit that now that it has been pointed out.

I presented evidence to show it was not a hack but done from the inside. After months of presenting the findings you have finally come around to accepting this.

Where we differ is who the insider was.

You think the Russians had a DNC insider, possibly Seth Rich.
I think it was a disgruntled DNC insider, probably Seth Rich.

You think the Russians were sloppy on purpose to point back to themselves.
I think it was crafted to frame the Russians.

Serious, yes.

Belief?

Not enough information in any event to form a hypothesis I would have much confidence in either way.

Merely pointing out that your evidence doesn't exactly say what you think it does, and can be interpreted in a way that you seem blind to, in addition to having some rather obvious flaws.

"game over" = overreach

I also think the Awan brothers could have been the source of the stolen emails.


EXCLUSIVE: FBI Seized Smashed Hard Drives From Wasserman Schultz IT Aide’s Home

FBI agents seized smashed computer hard drives from the home of Florida Democratic Rep. Debbie Wasserman Schultz’s information technology (IT) administrator, according to an individual who was interviewed by Bureau investigators in the case and a high level congressional source.

Pakistani-born Imran Awan, long-time right-hand IT aide to the former Democratic National Committee (DNC) Chairwoman, has since desperately tried to get the hard drives back, the individual told The Daily Caller News Foundation’s Investigative Group.

The congressional source, speaking on condition of anonymity because of the sensitivity of the probe, confirmed that the FBI has joined what Politico previously described as a Capitol Police criminal probe into “serious, potentially illegal, violations on the House IT network” by Imran and three of his relatives, who had access to the emails and files of the more than two dozen House Democrats who employed them on a part-time basis.

Capitol Police have also seized computer equipment tied to the Florida lawmaker.

Awan’s younger brothers, Abid and Jamal, his wife, Hina Alvi, and Rao Abbas, Imran’s best friend, are also under investigation. There have been no arrests in the case.

There is also evidence of financial schemes that extend beyond the Capitol Police’s purview and may expand to Pakistan, where Imran spends significant portions of the year.

Speaker of the House Paul Ryan said in March that the Capitol Police are “getting the kind of technical assistance they need to do that. This is under an active criminal investigation, their capabilities are pretty strong but, they’re also able to go and get the kind of help they need from other sources.”

The brothers’ stepmother independently filed court documents in Virginia accusing the brothers of wiretapping and extorting her.

Soon after Imran began working for Wasserman Schultz in 2005, his two brothers and two of their wives — plus Abbas and another friend — began appearing as IT staffers on the payrolls of other House Democrats. Collectively, the Awan group has been paid $4 million since 2009.

Fellow IT staffers interviewed by TheDCNF said the Awans were often absent from weekly meetings and email exchanges. One of the fellow staffers said some of the computers the Awans managed were being used to transfer data to an off-site server.

Shortly after the criminal probe was revealed in February, Imran abruptly moved out of his longtime home on Hawkshead Drive in Lorton, Va., and listed it for rent on a website that connects landlords with military families.

One of new tenants — a Marine Corps veteran married to a female Navy Officer — said he found “wireless routers, hard drives that look like they tried to destroy, laptops, [and] a lot of brand new expensive toner.”

The tenants called the Naval Criminal Investigative Service, and not long after, FBI agents arrived together with the Capitol Police to interview them and confiscate the equipment. The Marine spoke on condition of anonymity because of concerns for his wife’s naval career, saying she doesn’t want to be associated with a national security incident.

“It was in the garage. They recycled cabinets and lined them along the walls. They left in a huge hurry,” the Marine said. “It looks like government-issued equipment. We turned that stuff over.”

Wasserman Schultz resigned as DNC chief in July 2016 after the committee’s IT system was hacked. She has since refused to fire Imran despite learning that he is a target of a criminal investigation.

The Marine said Imran wanted the hard drives back so desperately that he threatened to sue the renter for stealing them.

“It was unbelievable. I don’t know where they get off thinking they’re going to sue us for items we have no obligation to hold onto,” he said.

Imran came to the house for the items “three to four times,” but the Marine wouldn’t let him enter.

“Their lawyer contacted us today via email and said we owed $350 in late charges and the items he left in the house,” the Marine said.

The Marine heard about the House investigation on the radio, and by that time, he had noticed other bizarre signs of desperation from his landlord.

“When we first moved in, a mailman came with certified mail from the House of Representatives. We were trying to be nice and signed for it. They lost their shit, saying ‘why did you sign for it, this is illegal!’ It was certified from the [Chief Administrative Officer of the House],” he said.

“The postman came a second time with a certified letter and I called Imran on the spot, asking ‘what do you want me to do.'” He said ‘just send him away, I’m homeless.’ They refused to forward their mail.”

Imran’s brother Abid has also been evasive about his location, failing to provide an accurate address for delivery of court materials in a lawsuit in which he is accused of defrauding the brothers’ stepmother. Imran’s wife, Hina, has traveled to Pakistan since the probe was revealed, according to neighbors.

Wasserman Schultz has demanded return of a laptop seized by the Capitol Police because it was purportedly used by Imran and was found hidden in a vacant office. The Florida Democrat used a Capitol Police budget hearing to threaten “consequences” for them if the laptop wasn’t returned.

On Thursday it was reported that police have not examined its contents because of the invocation of the Constitution’s “Speech and Debate clause,” and after months of refusal, her lawyer is now “negotiating” access to the data on yet-to-be-determined terms.

Members have been unusually mum about the apparent cybersecurity breach, especially given the pattern of cyberattacks on other government and political institutions.

The Marine expressed disgust with the muted reaction, saying “I served in the Marine Corps for 14 years; if I downloaded files to an offsite server, I’m going to prison for a lot of years.”

He implied he’s a Democrat but said when it comes to national security “political ideology doesn’t matter.”

He believes “there’s no way they could get this far without help” from some of the Democratic members of Congress for whom the brothers worked. Other Democrats have ignored a major security breach because it could look like a “black eye” in that they failed to vet the Pakistanis, he said.

“He’s dangerous. This is a crime syndicate that has successfully indicated Congress,” he said.

“If Donald Trump and the Republicans had hired foreign nationals to be their top IT guys and somehow their congressional files had been compromised, this would have been all over the news,” he continued.

A Bureau spokesman said the “FBI does not have anything to provide on this and I will still have to refer you to [Capitol Police] for any public comment.”

http://dailycaller.com/2017/07/23/exclusive-fbi-seized-smashed-hard-drives-from-wasserman-schultz-it-aides-home/

I have a question since I don't know much about this stuff. Where did all these guys get this metadata? Is it something anyone can see on the Wikileaks files?

I have a question since I don't know much about this stuff. Where did all these guys get this metadata? Is it something anyone can see on the Wikileaks files?

I believe all the metadata was taken directly from guccifer 2.0's blog.

Click some links on my post #130 I think it's all explained in there.

Not only reading but replying as well.

Unlike your dud

http://www.spurstalk.com/forums/showthread.php?t=269808&p=9098556#post9098556


:lmao dud? you think i was trying to create an in-depth discussion on whether or not the republicans are stuck in the 50s? no one responded to that thread because theres nothing to say. i assume you trump apologists would just prefer not to think about it.

:lmao dud? you think i was trying to create an in-depth discussion on whether or not the republicans are stuck in the 50s? no one responded to that thread because theres nothing to say. i assume you trump apologists would just prefer not to think about it.

Much like your assumptions on my view of buttsecks you are also dead wrong on my views on marijuana.

I believe all the metadata was taken directly from guccifer 2.0's blog.

Click some links on my post #130 I think it's all explained in there.OK, I looked and found this:


We can see that a copy of MS-Word registered to "Warren Flood" was apparently used to create all 3 documents at the same time, this would seem odd usually, but we know they were just saving a tainted blank template as multiple files.

We then see that "Феликс Эдмундович" (the founder of the soviet secret police and someone who has been deceased for 90 years!) opens the files in sequence 30 minutes later, doing something (copying in the contents from original documents into the blank 'pre-tainted' template) and then saving the files, within the space of a few minutes.

SUMMARY: The files were constructed from the same template document with a Russian stylesheet entry in it and then each file, in sequence, was opened to add a secondary layer (writing the Russian name to metadata) when content was copied into them. - TWO layers of Russian "fingerprints", with one existing in the documents even before the main content was present in them!

Guccifer 2.0, from day one, was using a Russian masquerade and knew anything he could forge a perceived attribution with would later be easy to discredit because of their association with the 'Russian Hacker' persona.http://g-2.space/intent-conclusion.html

So the theory is that Seth Rich was putting all the oddly specific Russian stuff in himself?

Seriously though, whether it's Seth Rich or not, Assange and Kim Dot Com are being complete assholes teasing that they know it's him for personal gain.

Much like your assumptions on my view of buttsecks you are also dead wrong on my views on marijuana.

i assume youre pro marijuana, so you probably dont want to talk about marijuana issues much because your mo here is pro trump and those two things conflict. way to support the team.

OK, I looked and found this:

http://g-2.space/intent-conclusion.html

So the theory is that Seth Rich was putting all the oddly specific Russian stuff in himself? I was under the impression the oddly specific Russian stuff was put in after the DNC realized it'd been compromised from within.


Seriously though, whether it's Seth Rich or not, Assange and Kim Dot Com are being complete assholes teasing that they know it's him for personal gain.Assange has basically said it was Rich without naming him. He also said the person wasn't Russian or a Russian state actor. Craig Murray has backed this account up and said the same. I'd really like the FBI to take up Dot Com on his offer to come over and testify but as of now the FBI has still refused. If they think he is bluffing call him on it and bring him over. Dot Com's claims could be legit as he was in the business of massive file storage and it would be needed for some of these file dumps.

i assume youre pro marijuana, so you probably dont want to talk about marijuana issues much because your mo here is pro trump and those two things conflict. way to support the team.

I'm not going to get my panties in a wad over some marijuana legislation that hasn't even happened. When my 6 plants per person limit is threatened in my state you'll see me speak up, not that it matters anyways on spurstalk.

I was under the impression the oddly specific Russian stuff was put in after the DNC realized it'd been compromised from within.How would that even work? They find out the data is stolen, then fake a hack using their own data with Russian signatures to take the heat off of Seth Rich, whom they would murder five days later? Where is the originally stolen stuff and the metadata for them?


Assange has basically said it was Rich without naming him. He also said the person wasn't Russian or a Russian state actor. Craig Murray has backed this account up and said the same.Great, they can actually use his name then. Dude is dead. All they are doing is torturing his family.


I'd really like the FBI to take up Dot Com on his offer to come over and testify but as of now the FBI has still refused. If they think he is bluffing call him on it and bring him over.Nah, fuck him and his conditions.


Dot Com's claims could be legit as he was in the business of massive file storage and it would be needed for some of these file dumps.Was it needed for the DNC files? I can't even find a file size for those dumps. If Rich gave Murray the files in the woods like Murray says, why would Kim know anything about Rich in the first place?

I mean, it's just like 9/11. So many bits of gossip and nuggets of theory get posted without any real comment except GAME OVER, I don't see the narrative that would cover all of them. If you have that narrative, TSA, go ahead and post it, because the number of people apparently in on the conspiracy grows with every article paste.

I mean, it's just like 9/11. So many bits of gossip and nuggets of theory get posted without any real comment except GAME OVER, I don't see the narrative that would cover all of them. If you have that narrative, TSA, go ahead and post it, because the number of people apparently in on the conspiracy grows with every article paste.
https://i.gyazo.com/87ac72a3af86d4172c8c264c336fafac.png

I'm not going to get my panties in a wad over some marijuana legislation that hasn't even happened. When my 6 plants per person limit is threatened in my state you'll see me speak up, not that it matters anyways on spurstalk.

right, you only get your panties in a wad over things that definitely did happen.

I presented evidence to show it was not a hack but done from the inside. After months of presenting the findings you have finally come around to accepting this.

Where we differ is who the insider was.

You think the Russians had a DNC insider, possibly Seth Rich.
I think it was a disgruntled DNC insider, probably Seth Rich.

You think the Russians were sloppy on purpose to point back to themselves.
I think it was crafted to frame the Russians.

"You think the Russians were sloppy on purpose to point back to themselves." ...not exactly.

Better:
"You think the Russians were sloppy on purpose to provide plausible deniability in case the actions of the insider were discovered."

Best:
"Sloppy papering is consistent with known Russian intelligence methods, in which establishing plausible deniability is fundamental to all operations if at all possible."

I also think the Awan brothers could have been the source of the stolen emails. http://dailycaller.com/2017/07/23/exclusive-fbi-seized-smashed-hard-drives-from-wasserman-schultz-it-aides-home/

I think that websites like the daily caller have very specific points of view that colors their interpretations of data. When I read this website I apply a fair amount of skepticism when I see any kind of statement of conclusion.

I presented evidence to show it was not a hack but done from the inside. After months of presenting the findings you have finally come around to accepting this.

Where we differ is who the insider was.

You think the Russians had a DNC insider, possibly Seth Rich.
I think it was a disgruntled DNC insider, probably Seth Rich.

You think the Russians were sloppy on purpose to point back to themselves.
I think it was crafted to frame the Russians.

From what I understand, there were multiple entities targeting these systems. "the hacker", "the insider" is phrasing it in a way that limits that.

To be fair, the information could have been stolen by an insider for some reason, yet to be fully established, and an attempt to make it seem like Russians was made.

I believe that the evidence is inconclusive, ultimately. Since the evidence is inclusive, I withhold belief about the ultimate cause of the actions we know about, which is the logical default position.

One useful tool in determining good workable theories is simplification.

Which theory makes fewer assumptions?

List the assumptions underlying what you think happened.

HUMINT


Both the GRU, and the SVR as the successor to the KGB, conduct HUMINT operations that target the United States. The most recent example of a HUMINT operation conducted by Russia is the case of Aldrich Ames. Ames was a Central Intelligence Agency employee in the Directorate of Operations. In his work with the Directorate of Operations, Ames was able to obtain information pertaining to ongoing operations targeting the former Soviet Union and later Russia. Ames volunteered to work for the KGB in April 1985 as a walk-in to the Soviet Embassy in Washington and continued to work for the SVR after the fall of the Soviet Union. His espionage activities continued until his arrest on the morning of February 21, 1994. Upon his arrest, it was determined that Ames had been paid at least $2.5 million for his services and that he had compromised, by his own admission, "virtually all Soviet agents of the CIA and other American and foreign services known to me." In addition, he stated that he provided the former Soviet Union and Russia with a huge quantity of information on U.S. foreign, defense, and security policies.[12]

It is very likely that the Russians will continue to place a significant emphasis on the development of HUMINT sources because of the quality of information they have received in the past.[13] Since the August 1991 coup, the number of HUMINT operations conducted by the SVR and KGB that target the United States and the West have risen rather than fallen. In March 1993, the FBI and German counterintelligence authorities reported that SVR/GRU activities in their respective countries had grown by over 12 percent from pre-coup levels.[14] This is due to a number of factors. First, as a result of arms control treaties, joint business opportunities, and numerous cultural and economic exchanges, the Russian intelligence services now have greater access to American society, government, and industry. Second, there has been a significant influx of Russian emigres into the United States. The FBI estimates that over 105,000 Russians emigrated to the United States in the late 1980s. The Russians have traditionally used emigres as a means to gather intelligence. Third, there has been a substantial influx of Russian students into the United States; many of these students are studying technical disciplines that are required by the Russians to improve both military and civil industries. Fourth, travel restrictions on Russian diplomatic and consular personnel in the United States have been lifted, making it easier to collect information on U.S. activities.[15]

sections also on SIGINT, IMINT, and MASINT sections. See link below for those:

https://fas.org/irp/nsa/ioss/threat96/part03.htm

Russian Intelligence Collection Trends


Russia is likely to continue to aggressively use its intelligence services to gain information concerning the United States. They will retain the ability to develop all source intelligence and will use the information gained through these efforts to improve their standing in global political, economic, and security matters. Russia will continue to pursue intelligence concerning U.S. military capabilities, foreign policy initiatives, and the development of military technologies. There is likely to be an increased emphasis on obtaining commercial or dual use technology through intelligence operations.[29]

Defectors from the former Soviet and the Russian intelligence services have stated that industrial espionage activities will escalate in the years ahead. Russia requires advanced technology to bolster its economy and foster increased technological progress. Defectors have stated that the SVR will target the increasing number of joint U.S./Russian business ventures in an effort to legally obtain or steal desirable Western technologies. The Russians do not in many cases have the ability to pay for those items they need to improve economic growth so they are willing to steal them or obtain them through other illegitimate means. Additionally, the Russians still must contend with restrictions on certain technologies that they desire. Most of these technologies are dual use technologies that would play a significant role in the development of advanced weapons systems or improved Command, Control, Communications, and Intelligence (C3I) systems. In 1994, the United States denied a request by the Russian government to purchase advanced telecommunications systems from AT&T. The request was denied based on an assessment by the National Security Agency that the technology would be used in C3I systems. Based on past collection patterns, it should be assumed that the Russians are still targeting these technologies.[30]

Another likely trend is that, because of the reported reduction in the number of SVR intelligence officers, the Russians will place increasing emphasis on gaining information through technical intelligence disciplines, and open source analysis.[31] Although the opportunity to collect HUMINT has expanded as a result of the relaxation of security standards in focused on Russia; the reduction in the number of SVR intelligence officers, the closing of diplomatic facilities throughout the world, and the loss of access to former Warsaw Pact intelligence services will lead to a overall reduction in intelligence acquired through HUMINT. HUMINT is likely to be more carefully targeted to gain information not readily available through technical intelligence collection or through open source exploitation. The Russians have always relied on open source information and will continue to obtain intelligence by analyzing public data in comparison with intelligence derived through classified sources. The Soviets used a variety of research and political institutes for the analysis of open source data. The majority of these institutes have been retained by the Russians and are likely performing the same roles as they did under the Soviet Union. The Russians will continue to use information gained through these research institutes and from the collection opportunities provided by joint trade, research, and educational activities.[32]

Sources

1 - Statement of William S. Sessions, Director of the Federal Bureau of Investigation, contained in United States House of Representatives, The Threat of Foreign Economic Espionage, Hearings before the Subcommittee on Economic and Commercial Law, Committee on the Judiciary, April 29 and May 7, 1992, pp. 41, 42, 46, and 47.

2 - U.S. House of Representatives, FBI Oversight and Authorization Request, Hearings Before the Subcommittee on Civil and Constitutional Rights, Committee on the Judiciary, 101 Congress, 2d Session, 1990, p. 281.

3 - Jeffrey T. Richelson, Sword and Shield: The Soviet Intelligence and Security Apparatus, Cambridge, MA: Ballinger, 1986; and U.S. House of Representatives, FBI Oversight and Authorization Request, Hearings Before the Subcommittee on Civil and Constitutional Rights, Committee on the Judiciary, 101 Congress, 2d Session. 1990. p. 281.

4 - Sander Thoenes and Alan Cooperman, "Yeltsin's Eyes and Ears," U.S. News and World Report, 119:6, August 7, 1995, pp. 36-39; and Victor Yasmann, "Security Services Reorganized: All Power to the Russian President?" RFEXRL Reports, 3:6, February 1 1, 1994, pp. 7-14.

5 - Victor Yasmann "Security Services Reorganized: All Power to the Russian President?" RFE/RL Reports, 3:6, February 11, 1994, pp. 7-14.

6 - James Sherr, "Change and Continuity in the Former KGB," Jane's Intelligence Review, March 1993, pp. 110-112; and Adam Zagorin, "Still Spying After All These Years," Time, June 29, 1992, pp. 58-59.

7 - Carey Schofield, "Interview with the Head of Russian Military Intelligence," Jane's Intelligence Review, March 1993, pp. 112-116.

8 - Jeffrey T. Richelson, Sword and Shield: The Soviet Intelligence and Security Apparatus, Cambridge, MA: Ballinger, 1986, pp. 34-38.

9 - Christopher Andrew and Oleg Gordievsky, KGB: The Inside Story of Its Foreign Operations from Lenin to Gorbachev, New York: Harper Collins, 1990, p. 609; and Viktor Suvorov, Inside Soviet Military Intelli~ence, New York: MacMillan, 1984, pp. 60 and 66.

10 - Jeffrey T. Richelson, Sword and Shield: The Soviet Intelligence and Security Apparatus, Cambridge, MA: Ballinger, 1986.

11 - Victor Yasmann, "Security Services Reorgamzed: All Power to the Russian Presidentt, RFE/RL Reports, 3:6, February 11, 1994, pp. 7-14; and James Sherr, "Change and Continu ty in the Former KGB," Jane 's Intelligence Review, March 1993, pp.110-112.

12 - United States Senate, An Assessment of the Aldrich H. Ames Espionage Case and Its Implications for U.S. Intelligence: A Report of the U.S. Senate Select Committee on Intelligence, Washington, DC: USAGPO, November 1,1994, pp. l9, and 85-86.

13 - U.S. House of Representatives, FBI Oversight and Authorization Request, Hearings Before the Subcommittee on Civil and Constitutional Rights, Committee on the Judiciary, 101 Congress, 2d Session, 1990, p. 281-282.

14 - James Sherr, "Change and Continuity in the Former KGB," Jane's Intelligence Review, March 1993, pp. 110-112.

15 - Kenneth E. deGraffenreid, "Tighter Security Needed to Protect U.S. Intelligence," Signal, 45:1, ,Sgptember 1990, pp. 101-104.

16 - Christopher Andrew and Oleg Gordievsky, KGB: The Inside Story of Its Foreign Operations from Lenin to Gorbachev, New York: Harper Collins, 1990, p. 609-610; and Desmond Ball, Soviet Signals Intelligence (SIGIN77: Intercepting Satellite Communications, Strategic and Defence Studies Centre, Canberra: Australian National University, 1989, pp. 62-63.

17 - Department of Defense publication, "Soviet Military Power,,' 1987, p.128.

18 - William Rosenau, "A Deafening Silence: U.S. Policy and the Sigint Facility at Lourdes," Intelligence and National Security, 9:4, October 1994, pp. 723-734.

19 - Christopher Andrew and Oleg Gordievsky, KGB: The Inside Story, New York: Harper Collins, 1990, p. 609; and Desmond Ball, "Soviet Signals Intelligence: Vehicular Systems and Operations," Intelligence and National Security, 4:1, January 1989, pp. 5-23.

20 - Desmond Ball, "Soviet Signals Intelligence: Vehicular Systems and Operations,,' Intelligence and National Security, 4:1, January 1989, pp. 5-23.

21 - Christopher Andrew and Oleg Gordievsky, KGB: The Inside Story, New York: Harper Collins, 1990, pp. 608-610; and Craig Covault, "Russian Space Program Advances Despite Crisis," Aviation Week and Space Technology, January 16, 1995, pp. 22-24.

22 - Desmond Ball, Soviet Signals Intelligence (SIGINT), Canberra Papers on Strategy and Defence No. 47, Strategic and Defence Studies Center, Canberra: Australian National University, 1989; and Jeffrey T. Richelson,. "The Future of Space Reconnaissance," Scientific American, 264:1, January 1991, pp. 38-44.

23 - Jeffrey T. Richelson, "The Future of Space Reconnaissance," Scientific American, 264:1, January 1991, pp. 38-44.

24 - Nicholas L. Johnson and David M. Rodvold, 19911992 Europe and Asia in Space, Kirtland AFB, NM: USAF Phillips Laboratory, Technical Report DC-TR22191.103-1, 1992, pp. 241-245.

25 - Nicholas L. Johnson and David M. Rodvold, 19911992 Europe and Asia in Space, Kirtland AFB, NM: USAF Phillips Laboratory, Technical Report DC-TR2191.103-1, 1992, pp. 241-245.

26 - Nicholas L. Johnson and David M. Rodvold, 19911992 Europe and Asia in Space, Kirtland AFB, NM: USAF Phillips Laboratory, Technical Report DC-TR2191.103-1, 1992, pp. 241-245; and Craig Covault, "Russian Space Program Advances Despite Crisis," Aviation Week and Space Technology, January 16, 27995' PP 22-24

27 - Nicholas L. Johnson and David M. Rodvold, 19911992 Europe and Asia in Space, Kirtland AFB, NM: USAF Phillips Laboratory, Technical Report DC-TR2191.103-1, 1992, pp. 241-245; and Craig Covault, "Russian Space Program Advances Despite Crisis," Aviation Week and Space Technology, January 16, 1995, pp. 22-24.

28 - William B. Scott, "Russian Pitches Common Early Warning Network," Aviation Week and Space Technology, January 9, 1995, pp. 46-47; and Jeffrey T. Richelson, Sword and Shield: The Soviet Intelligence and Security Apparatus, Cambridge, MA: Ballinger, 1986, pp. 108-111.

29 - Adam Zagorin, "Still Spying After All These Years," Time, June 29, 1992, pp. 58-59.

30 - U.S. House of Representatives, The Threat of Foreign Economic Espionage to U.S. Corporations, Testimony of William S. Sessions, director of the Federal Bureau of Investigation, Hearings before the Subcommittee on Economic and Commercial Law, Committee on the Judiciary, 102:2, Washington, DC: USGPO, 1992, p.42.

31 - Adam Zagonn, "Still Spying After All These Years," Time, June 29, 1992, pp.58-59.

32 - James Adams, Sellout: Aldrich Ames and the Corruption of the CIA, New York: Viking, 1995, pp. 43-45; and Wayne Madsen, "Intelligence Agency Threats to Computer Security," International Journal of Intelligence and Counterintelligence, Winter 1993, pp. 418, 420, and 422.

33 - Jeffrey T. Richelson, Foreign Intelligence Organiz3ations, Cambridge, MA: Ballinger, 1988, p. 295.

34 - Nicholas Eftimiades, "China's Ministry of State Security: Coming of Age in the International Arena," Intelligence and National Security, 8:1, January 1993, pp 23-43.

35 - Wendell Minnick, "China Under Cover," Far Eastern Economic Review, March 2, 1995, p. 38.

36 - Desmond Ball, "Signals Intelligence in China," Jane's Intelligence Review, 7:8, August 1, 1995, pp.365-368; Jeffrey T. Richelson, Foreign Intelligence Organizations, Cambridge, MA: sallinger' 1988, p. 287; and Ellis Joffe, The Chinese Army After Mao, pp. 55, 60, and 104.

37 - Desmond Ball, "Signals Intelligence in China," Jane's Intelligence Review, 7:8, August 1, 1995, pp. 365-368.

38 - Nicholas Eftimiades, Chinks Ministry of State Security: Coming of Age in the International Arena," intelligence and National Security, 8:1, January 1993, pp. 23~3; and Jeffrey T. Richelson, Foreign Intelligence Organizations, Cambridge, MA: Ballinger, 1988, p.293.

39 - U.S. House of Representatives, FBI Oversight and Authorization Request, Hearings Before the Subcommittee on Civil and Constitutional Rights, Committee on the Judicialy, 101st Congress, 2d Session, 1sso, p. 282.

40 - Nicholas Eftimiades, "China's Ministry of State Security: Coming of Age in the International Arena," Intelligence and National Security, 8:1, pp. 23 43.

41 - Desmond Ball, "Signals Intelligence in China," Jane's Intelligence Review, 7:8, August 1, 1995, pp. 43265-368.

42 - Jeffrey T. Richelson, "The Future of Space Reconnaissance," Scientific American, 264:1, January 1991, pp. 38-44.

43 - Nicholas Eftimiades, "China's Ministry of State Security: Coming of Age in the International Arena," Intelligence and National Security, 8:1, pp. 23 43: and Jeffrey T. Richelson, Foreign Intelligence Organizations, Cambridge, MA: Ballinger, 1988, pp. 297-298.

44 - H.P. Klepak, "The Cuban Armed Forces," Jane's Intelligence Review Year Book, December 31, 1994, pp. 136-138; and Jeffrey T. Richelson, Sword and Shield: The Soviet Intelligence and Security Apparatus, Cambridge, MA: Ballinger, 1986, pp. 210-212.

45 - Calvin Sims, "Engineer Says He Stole Secrets of Chip Makers," The New York Times, ~yr 22, 1995, p.l; and Christopher Andrew and Oleg Gordievsky, KGB: The Inside Story, New York: Harper Collins, 1990, pp. 561-563.

46 - Andrea Mattes Sevada, ed. North Korea: A Country Study, Washington, DC: USGPO, June 1993, pp. 261-262; Joseph S. Bermudez, Jr. "North Koreans Intelligence Agencies and Infiltration Operations," Jane's Intelligence Review, June 1991, pp. 269-271; and Kongdan Oh, North Korea in the 1990s: Implications for the Future of the U.S.-South Korean Security Alliance, RAND Note 3480, Santa Monica, CA: RAND, 1992.

47 - Joseph S. Bermudez, Jr. "North Korea's Intelligence Agencies and Infiltration Operations," Jane's Intelligence Review, June 1991, pp. 269-271.

48 - Marko Milovojevic, "Romania's Intelligence Services: Purges and Politics," Jane's Intelligence Review, 7:1, January 1995, p. 12-13; and Dan Ionescu, "Personnel Changes in the Romanian Intelligence Service," RFE/RL Report, 3:27, July 8, 1994, pp. 22-23.

I think that websites like the daily caller have very specific points of view that colors their interpretations of data. When I read this website I apply a fair amount of skepticism when I see any kind of statement of conclusion.

What specifically in that article are you skeptical about? The only thing I hadn't seen before was that the FBI was now working with capitol police and the interview with the marine. Everything else has been reported by Politico multiple times and there is video of Wasserman-Schultz threatening consequences if the laptops weren't returned.

I can imagine Pootin flipping Seth Rich with $100Ks, got him to steal the data, turns it over, is verfied, then have him murdered.

Pootin's people know how to murder with clean getaway.

The data goes to Pootin stooge Assange to be leaked slowly to distract from Hillary's vampaign.

That's still a Pootin hack of USA.

During the 1920s and 1930s, the Soviets developed a unique model of espionage. They would certainly recruit government officials or steal documents. What they excelled at, however, was placing undetectable operatives in key positions. Soviet talent scouts would range around left-wing meetings to discover potential recruits. These would be young people with impeccable backgrounds and only limited contact with the left. They would be recruited based on ideology, and less often via money, sex or blackmail. They would never again be in contact with communists or fellow travelers. They would apply for jobs in their countries' intelligence services, foreign or defense ministries, and so on. Given their family and academic backgrounds, they would be hired. They would then be left in place for 20 or 30 years while they rose in the ranks — and, on occasion, aided with bits of information from the Soviet side to move their careers ahead. The Soviets understood that a recruited employee might be a double agent. But stealing information on an ad hoc basis was also risky, as the provenance of such material was always murky. Recruiting people who were not yet agents, creating psychological and material bonds over long years of management and allowing them to mature into senior intelligence or ministry officials allowed ample time for testing loyalty and positioning. The Soviets not only got more reliable information this way but also the ability to influence the other country's decision-making. Recruiting a young man in the 1930s, having him work with the OSS and later the CIA, and having him rise to the top levels of the CIA — had that ever happened — would thus give the Soviets information and control. These operations took decades, and Soviet handlers would spend their entire careers managing one career. There were four phases:

Identifying likely candidates,
Evaluating and recruiting them,
Placing them and managing their rise in the organization,
And exploiting them.





https://worldview.stratfor.com/weekly/20100712_russian_spies_and_strategic_intelligence

How would that even work? They find out the data is stolen, then fake a hack using their own data with Russian signatures to take the heat off of Seth Rich, whom they would murder five days later? Where is the originally stolen stuff and the metadata for them?

Great, they can actually use his name then. Dude is dead. All they are doing is torturing his family.

Nah, fuck him and his conditions.

Was it needed for the DNC files? I can't even find a file size for those dumps. If Rich gave Murray the files in the woods like Murray says, why would Kim know anything about Rich in the first place?

Guccifer 2.0 announced the "hack" on June 15th...Seth Rich killed on July 10th.

Phish email is the first indicator of super sophisticated hacker. :lmao


win Goals and the Espionage Challenge
One of the Russian operatives, Don Heathfield, once approached a STRATFOR employee in a series of five meetings. There appeared to be no goal of recruitment; rather, the Russian operative tried to get the STRATFOR employee to try out software he said his company had developed. We suspect that had this been done, our servers would be outputting to Moscow. We did not know at the time who he was. (We have since reported the incident to the FBI, but these folks were everywhere, and we were one among many.) Thus, the group apparently included a man using software sales as cover — or as we suspect, as a way to intrude on computers. As discussed, the group also included talent scouts. We would guess that Anna Chapman was brought in as part of the recruitment phase of talent scouting. No one at STRATFOR ever had a chance to meet her, having apparently failed the first screening. Each of the phases of the operatives' tasks required a tremendous amount of time, patience and, above all, cover. The operatives had to blend in (in this case, they didn't do so well enough). Russians have always had a tremendous advantage over Americans in this regard. A Russian long-term deployment took you to the United States, for example. Were the Americans to try the same thing, they would have to convince people to spend years learning Russian to near-native perfection and then to spend 20-30 years of their lives in Russia. Some would be willing to do so, but not nearly as many as there are Russians prepared to spend that amount of time in the United States or Western Europe. The United States can thus recruit sources (and sometimes it gets genuine ones). It can buy documents. But the extremely patient, long-term deployments are very difficult for it. It doesn't fit with U.S. career patterns or family expectations.

https://worldview.stratfor.com/weekly/20100712_russian_spies_and_strategic_intelligence

Guccifer 2.0 announced the "hack" on June 15th...Seth Rich killed on July 10th.The "fake cover up hack" you've been pimping was July 5.

From what I understand, there were multiple entities targeting these systems. "the hacker", "the insider" is phrasing it in a way that limits that.

To be fair, the information could have been stolen by an insider for some reason, yet to be fully established, and an attempt to make it seem like Russians was made.

I believe that the evidence is inconclusive, ultimately. Since the evidence is inclusive, I withhold belief about the ultimate cause of the actions we know about, which is the logical default position.

One useful tool in determining good workable theories is simplification.

Which theory makes fewer assumptions?

List the assumptions underlying what you think happened.

There were multiple breaches so it does get confusing. Here is a pretty decent timeline to work with the events---just ignore the opinion pieces added in.

>>November, 2013: Trump is staying in the Moscow Ritz-Carlton, during the Miss Universe pageant. He appears in a music video with a Russian pop star: Emin Agalarov. Later:

A person with knowledge of the 2013 trip to Moscow said Emin Agalarov offered to send prostitutes to Trump’s hotel room, but the repeated offers were rejected by Keith Schiller, Trump’s longtime bodyguard.
https://www.washingtonpost.com/world/europe/unlikely-middlemen-trump-jr-emails-point-to-father-son-duo/2017/07/11/bf31e5a2-6678-11e7-94ab-5b1f0ff459df_story.html

>>Reminder: this is when Trump allegedly hired the "peeing prostitutes".

>>>March 19, 2016: John Podesta receives a phishing email purportedly from Google, telling him to change his password. After a staffer tells him it is "legitimate" (and subsequently claimed that was a typo), Podesta purportedly used it to change his password.

>>June 3, 2016: the same Emin Agalarov contacts Trump, Jr. through Rob Goldstone, promising compromising info on Clinton's campaign.

>>June 9, 2016: Trump, Jr. holds the meeting with an attorney connected with FusionGPS, but she instead tries to lobby against anti-Russian legislation (the Magnitsky Act).

>>June 12, 2016: Wikileaks announces they have "emails relating to Hillary Clinton" and will be publishing them soon.<< The Podesta Emails

>>June 14, 2016: DNC announces their server was "hacked" back in April, and the perpetrator stole "Trump opposition research".

>>June 15, 2016: DNC/Crowdstrike announces "it was the Russians!", with very thin evidence, some of which they subsequently retracted.

>June 15, 2016 (yes, the same day): Guccifier 2.0 appears, takes credit for the "hack" and sends the Trump opposition research to several media outlets. Documents appear to have "Russian fingerprints", but it's a sham.... the documents were first created by an English language user -- possibly in the office of a Democrat politician -- and then opened and saved again on a computer with Russian language settings, all within 30 minutes on 2016-06-15: http://g-2.space/

>>July 5th James Comey Makes public statement concluding Clinton Server investigation

>>July 5, 2016: On that same day 3 weeks after DNC/Crowdstrike announces they were "hacked", And Seven Hours After James Comey's Public conclusion of the Clinton Ivestigation, a second set of files are copied onto a USB memory drive or over a local area network. File modification timestamps indicate it was probably done with Linux, and a copy speed of 22.6 megabytes/second -- too fast to be done remotely: https://theforensicator.wordpress.com/guccifer-2-ngp-van-metadata-analysis/



>>July 10th 2016: Seth Rich is Shot, 5 days after the second breech was mae.

>>July 22, 2016:17 days after the second DNC breech, Wikileaks starts to publish first batch DNC emails.

>>September 1, 2016: a second set of files (copied on 7/5) are repackaged into new archives, on a computer with US Eastern timezone settings[/u].

>>September 13, 2016: the New archives of that second set of files are released by Guccifer 2.0

>>September, 2016: Craig Murray, former British ambassador to Uzbekistan and a close associate of WikiLeaks founder Julian Assange, says he flew to Washington for a clandestine handoff with one of the (Podesta?) email sources in September.<<Those were probably the DNC Emails released a day or two before the election on November 6th.


>>October 10, 2016: Wikileaks starts to publish Podesta's emails, six months after he received the "change your password" phishing email.

>>November 6th releases the emails retrieved by Murray.

RELEASE: 8263 new emails from the DNC #DNCLeak2 #feelthebern #imwithher #demexithttps://t.co/ftwH5t57lj pic.twitter.com/EljYHE0n9E
WikiLeaks WikiLeaks (@wikileaks) November 7, 2016

>>December 13, 2016: Craig Murray goes public, saying that: "Neither of [the leaks] came from the Russians," said Murray in an interview. 'The source had legal access to the information. The documents came from inside leaks, not hacks.'


My working theory right now is Podesta Knew that Wikileaks had his emails since June of 2016.

Guccifer, TeaLeaves, The Piss dossier, The Russian Lawyers Meeting with Trump, and the April theft of DNC opo research were creations of FusionGPS with collaboration from Crowdstrike.

I think the April Hack was a FusionGPS creation from the start with collaboration from Crowdstrike.

I think it was a way to get Steeles dossier in the pipeline as evidence for the second FISA attempt by Obama.

Seth Rich Stole the emails July 5th after Comey dropped the server investigation. Rich gave some or all of them to someone who could get them to Assange between the 6th and the 9th, and was then shot late at night, early the next morning walking home after a hard night drinking.

Assange, realizing his source was murdered, Releases the DNC stuff from Rich starting on the 22nd of July 2016. They did a lot of damage.

To cover up the Murder of Rich, the Guccifer2 cut out is used to release a set of spoof files with the time stamp of 7/5 and everything else that would match up with the embed on the disk of the serve in early September, well after the Wikileaks dumps..

The September leaks by guccifer2 were not meant to hurt Clinton. And the didn't. Same goes for all earlier guccifer2 releases.

The Podesta Emails released by wikileaks On October 10th a full month later, and our Spy agencies would have known real time when Assange planned to release the emails, because his communications are tapped constantly. A good idea would be to see the difference from when the Billy Bush tape was leaked until wikileaks published.

The video was probably released within minutes of the time when Wikileaks committed to a publishing time for Podesta's emails.

Hacktivists and cyber-criminal syndicates have been a central feature of
Russian offensive cyber operations, because of the anonymity they afford and
the ease with which they can be mobilized. However, the crowd-sourced
ii
approach that has typified how the Kremlin has utilized hackers and criminal
networks in the past is likely to be replaced by more tailored approaches, with
the FSB and other government agencies playing a more central role.
PDF:

https://www.cna.org/CNA_files/PDF/DOP-2016-U-014231-1Rev.pdf


“We’re not doing this on the state level,” Mr. Putin said on Thursday.

The boundary between state and private action, however, is often blurry in Russia, particularly in matters relating to the projection of Russian influence abroad. This provides a measure of plausible deniability for actions that the Kremlin does not want to be linked to publicly.

https://www.nytimes.com/2017/06/01/world/europe/vladimir-putin-donald-trump-hacking.html

"Mr Putin said that Russian hackers could have taken it upon themselves to try and influence the 2016 US election, saying that hackers "are like artists" who make decisions on who to target depending on how they feel on any given day."


"If they are patriotically minded, they start making their contributions - which are right, from their point of view - to fight against those who say bad things about Russia," he said.

The "fake cover up hack" you've been pimping was July 5.

Two separate "hacks"

June 15th
July 5th

There were multiple breaches so it does get confusing. Here is a pretty decent timeline to work with the events---just ignore the opinion pieces added in.

>>November, 2013: Trump is staying in the Moscow Ritz-Carlton, during the Miss Universe pageant. He appears in a music video with a Russian pop star: Emin Agalarov. Later:

A person with knowledge of the 2013 trip to Moscow said Emin Agalarov offered to send prostitutes to Trump’s hotel room, but the repeated offers were rejected by Keith Schiller, Trump’s longtime bodyguard.
https://www.washingtonpost.com/world/europe/unlikely-middlemen-trump-jr-emails-point-to-father-son-duo/2017/07/11/bf31e5a2-6678-11e7-94ab-5b1f0ff459df_story.html

>>Reminder: this is when Trump allegedly hired the "peeing prostitutes".

>>>March 19, 2016: John Podesta receives a phishing email purportedly from Google, telling him to change his password. After a staffer tells him it is "legitimate" (and subsequently claimed that was a typo), Podesta purportedly used it to change his password.

>>June 3, 2016: the same Emin Agalarov contacts Trump, Jr. through Rob Goldstone, promising compromising info on Clinton's campaign.

>>June 9, 2016: Trump, Jr. holds the meeting with an attorney connected with FusionGPS, but she instead tries to lobby against anti-Russian legislation (the Magnitsky Act).

>>June 12, 2016: Wikileaks announces they have "emails relating to Hillary Clinton" and will be publishing them soon.<< The Podesta Emails

>>June 14, 2016: DNC announces their server was "hacked" back in April, and the perpetrator stole "Trump opposition research".

>>June 15, 2016: DNC/Crowdstrike announces "it was the Russians!", with very thin evidence, some of which they subsequently retracted.

>June 15, 2016 (yes, the same day): Guccifier 2.0 appears, takes credit for the "hack" and sends the Trump opposition research to several media outlets. Documents appear to have "Russian fingerprints", but it's a sham.... the documents were first created by an English language user -- possibly in the office of a Democrat politician -- and then opened and saved again on a computer with Russian language settings, all within 30 minutes on 2016-06-15: http://g-2.space/

>>July 5th James Comey Makes public statement concluding Clinton Server investigation

>>July 5, 2016: On that same day 3 weeks after DNC/Crowdstrike announces they were "hacked", And Seven Hours After James Comey's Public conclusion of the Clinton Ivestigation, a second set of files are copied onto a USB memory drive or over a local area network. File modification timestamps indicate it was probably done with Linux, and a copy speed of 22.6 megabytes/second -- too fast to be done remotely: https://theforensicator.wordpress.com/guccifer-2-ngp-van-metadata-analysis/



>>July 10th 2016: Seth Rich is Shot, 5 days after the second breech was mae.

>>July 22, 2016:17 days after the second DNC breech, Wikileaks starts to publish first batch DNC emails.

>>September 1, 2016: a second set of files (copied on 7/5) are repackaged into new archives, on a computer with US Eastern timezone settings[/u].

>>September 13, 2016: the New archives of that second set of files are released by Guccifer 2.0

>>September, 2016: Craig Murray, former British ambassador to Uzbekistan and a close associate of WikiLeaks founder Julian Assange, says he flew to Washington for a clandestine handoff with one of the (Podesta?) email sources in September.<<Those were probably the DNC Emails released a day or two before the election on November 6th.


>>October 10, 2016: Wikileaks starts to publish Podesta's emails, six months after he received the "change your password" phishing email.

>>November 6th releases the emails retrieved by Murray.

RELEASE: 8263 new emails from the DNC #DNCLeak2 #feelthebern #imwithher #demexithttps://t.co/ftwH5t57lj pic.twitter.com/EljYHE0n9E
WikiLeaks WikiLeaks (@wikileaks) November 7, 2016

>>December 13, 2016: Craig Murray goes public, saying that: "Neither of [the leaks] came from the Russians," said Murray in an interview. 'The source had legal access to the information. The documents came from inside leaks, not hacks.'

I don't see any underlying meta-assumptions.

You do understand my question, yes?

There were multiple breaches so it does get confusing. Here is a pretty decent timeline to work with the events---just ignore the opinion pieces added in.

>>November, 2013: Trump is staying in the Moscow Ritz-Carlton, during the Miss Universe pageant. He appears in a music video with a Russian pop star: Emin Agalarov. Later:

A person with knowledge of the 2013 trip to Moscow said Emin Agalarov offered to send prostitutes to Trump’s hotel room, but the repeated offers were rejected by Keith Schiller, Trump’s longtime bodyguard.
https://www.washingtonpost.com/world/europe/unlikely-middlemen-trump-jr-emails-point-to-father-son-duo/2017/07/11/bf31e5a2-6678-11e7-94ab-5b1f0ff459df_story.html

>>Reminder: this is when Trump allegedly hired the "peeing prostitutes".

>>>March 19, 2016: John Podesta receives a phishing email purportedly from Google, telling him to change his password. After a staffer tells him it is "legitimate" (and subsequently claimed that was a typo), Podesta purportedly used it to change his password.

>>June 3, 2016: the same Emin Agalarov contacts Trump, Jr. through Rob Goldstone, promising compromising info on Clinton's campaign.

>>June 9, 2016: Trump, Jr. holds the meeting with an attorney connected with FusionGPS, but she instead tries to lobby against anti-Russian legislation (the Magnitsky Act).

>>June 12, 2016: Wikileaks announces they have "emails relating to Hillary Clinton" and will be publishing them soon.<< The Podesta Emails

>>June 14, 2016: DNC announces their server was "hacked" back in April, and the perpetrator stole "Trump opposition research".

>>June 15, 2016: DNC/Crowdstrike announces "it was the Russians!", with very thin evidence, some of which they subsequently retracted.

>June 15, 2016 (yes, the same day): Guccifier 2.0 appears, takes credit for the "hack" and sends the Trump opposition research to several media outlets. Documents appear to have "Russian fingerprints", but it's a sham.... the documents were first created by an English language user -- possibly in the office of a Democrat politician -- and then opened and saved again on a computer with Russian language settings, all within 30 minutes on 2016-06-15: http://g-2.space/

>>July 5th James Comey Makes public statement concluding Clinton Server investigation

>>July 5, 2016: On that same day 3 weeks after DNC/Crowdstrike announces they were "hacked", And Seven Hours After James Comey's Public conclusion of the Clinton Ivestigation, a second set of files are copied onto a USB memory drive or over a local area network. File modification timestamps indicate it was probably done with Linux, and a copy speed of 22.6 megabytes/second -- too fast to be done remotely: https://theforensicator.wordpress.com/guccifer-2-ngp-van-metadata-analysis/



>>July 10th 2016: Seth Rich is Shot, 5 days after the second breech was mae.

>>July 22, 2016:17 days after the second DNC breech, Wikileaks starts to publish first batch DNC emails.

>>September 1, 2016: a second set of files (copied on 7/5) are repackaged into new archives, on a computer with US Eastern timezone settings[/u].

>>September 13, 2016: the New archives of that second set of files are released by Guccifer 2.0

>>September, 2016: Craig Murray, former British ambassador to Uzbekistan and a close associate of WikiLeaks founder Julian Assange, says he flew to Washington for a clandestine handoff with one of the (Podesta?) email sources in September.<<Those were probably the DNC Emails released a day or two before the election on November 6th.


>>October 10, 2016: Wikileaks starts to publish Podesta's emails, six months after he received the "change your password" phishing email.

>>November 6th releases the emails retrieved by Murray.

RELEASE: 8263 new emails from the DNC #DNCLeak2 #feelthebern #imwithher #demexithttps://t.co/ftwH5t57lj pic.twitter.com/EljYHE0n9E
WikiLeaks WikiLeaks (@wikileaks) November 7, 2016

>>December 13, 2016: Craig Murray goes public, saying that: "Neither of [the leaks] came from the Russians," said Murray in an interview. 'The source had legal access to the information. The documents came from inside leaks, not hacks.'

Originally Posted by waterglass
My working theory right now is Podesta Knew that Wikileaks had his emails since June of 2016.

Guccifer, TeaLeaves, The Piss dossier, The Russian Lawyers Meeting with Trump, and the April theft of DNC opo research were creations of FusionGPS with collaboration from Crowdstrike.

I think the April Hack was a FusionGPS creation from the start with collaboration from Crowdstrike.

I think it was a way to get Steeles dossier in the pipeline as evidence for the second FISA attempt by Obama.

Seth Rich Stole the emails July 5th after Comey dropped the server investigation. Rich gave some or all of them to someone who could get them to Assange between the 6th and the 9th, and was then shot late at night, early the next morning walking home after a hard night drinking.

Assange, realizing his source was murdered, Releases the DNC stuff from Rich starting on the 22nd of July 2016. They did a lot of damage.

To cover up the Murder of Rich, the Guccifer2 cut out is used to release a set of spoof files with the time stamp of 7/5 and everything else that would match up with the embed on the disk of the serve in early September, well after the Wikileaks dumps..

The September leaks by guccifer2 were not meant to hurt Clinton. And the didn't. Same goes for all earlier guccifer2 releases.

The Podesta Emails released by wikileaks On October 10th a full month later, and our Spy agencies would have known real time when Assange planned to release the emails, because his communications are tapped constantly. A good idea would be to see the difference from when the Billy Bush tape was leaked until wikileaks published.

The video was probably released within minutes of the time when Wikileaks committed to a publishing time for Podesta's emails.Great, where did you get all this? Reddit?

So the theory as far as I can tell is the DNC would rather murder a guy (badly, amateur serial killer style apparently) than admit they were wrong about the source of a hack that the intel community agreed was the hack? Seems pretty stupid.

Actually seems really stupid.

I don't see any underlying meta-assumptions.

You do understand my question, yes?

Yes.

You think a simpler theory is Russia had a DNC insider, and I disagree with that theory.

I added the timeline so we are all on the same page about which "hacks" happened and when. Also found it very interesting to see how the chain of events unfolded.

Great, where did you get all this? Reddit?

So the theory as far as I can tell is the DNC would rather murder a guy (badly, amateur serial killer style apparently) than admit they were wrong about the source of a hack that the intel community agreed was the hack? Seems pretty stupid.

Actually seems really stupid.You are assuming the DNC was only worried about being wrong about the source of the hack. The DNC paid for a bogus dossier that the FBI used to obtain the FISA warrants on Trump's team. Not to mention the DNC still was working under the assumption that Hillary would win the election.

You are assuming the DNC was only worried about being wrong about the source of the hack. The DNC paid for a bogus dossier that the FBI used to obtain the FISA warrants on Trump's team. Not to mention the DNC still was working under the assumption that Hillary would win the election.The murder makes even less sense when you put it that way. It would be much easier for a Clinton administration to obfuscate all the dossier/FISA stuff (if it actually became an issue -- it hasn't been after everyone found out about it) and hacking "disinfo" than trying to derail a local investigation of a murder by an amateur serial killer hitman.

I really think you need to take a step back from r/thedonald and look at this objectively.

The murder makes even less sense when you put it that way. It would be much easier for a Clinton administration to obfuscate all the dossier/FISA stuff (if it actually became an issue -- it hasn't been after everyone found out about it) and hacking "disinfo" than trying to derail a local investigation of a murder by an amateur serial killer hitman.

I really think you need to take a step back from r/thedonald and look at this objectively.

The Seth Rich murder is the biggest head scratcher for me, and not surprisingly all you want to focus on.

In this thread I'm more interested in talking about the "hacks"

I can imagine Pootin flipping Seth Rich with $100Ks, got him to steal the data, turns it over, is verfied, then have him murdered.

Pootin's people know how to murder with clean getaway.

The data goes to Pootin stooge Assange to be leaked slowly to distract from Hillary's vampaign.

That's still a Pootin hack of USA.

See post #163

disinfo campaign still running strong

887752524484182017

The Seth Rich murder is the biggest head scratcher for me, and not surprisingly all you want to focus on.

In this thread I'm more interested in talking about the "hacks"

Murdering loose ends. Classic movie spy cliché.

It is a cliché for a reason.

Just sayin'

The Seth Rich murder is the biggest head scratcher for me, and not surprisingly all you want to focus on.

In this thread I'm more interested in talking about the "hacks"You're the one who keeps saying Seth Rich is the source of the leak and was murdered by an amateur serial killer hitman because of it.

Not surprisingly, your whole reddit conspiracy theory makes little sense.

You're the one who keeps saying Seth Rich is the source of the leak and was murdered by an amateur serial killer hitman because of it.

Not surprisingly, your whole reddit conspiracy theory makes little sense.

Yes I think he was the source of the second set of data copied to a thumb drive on July 5th.

Are you actually going to discuss the timeline?

disinfo campaign still running strong

887752524484182017The guy who funded the profiling project you posted last week?

OK.

Murdering loose ends. Classic movie spy cliché.

It is a cliché for a reason.

Just sayin'

Nothing about his murder leans towards botched robbery.

You're the one who keeps saying Seth Rich is the source of the leak and was murdered by an amateur serial killer hitman because of it.

Not surprisingly, your whole reddit conspiracy theory makes little sense.


As does the whole Russia conspiracy, all circumstantial, at best. There won't be blood, you guys are going to eat it for 3.5 more years minimum and your party is in shambles and destroying every major metro area they've dominated.


You're not a good person being anti-Trump, you're a bad person being a Nazi sympathizer and you still don't have to worry about being shamed for having 100k posts on this board, this board isn't the be-all, end-all for you. There's a perfectly awesome real world with real people out there for you to interact with. No need to log-in to log-in, pal. I wish you all the best and hopefully you do become a good person someday.

Yes I think he was the source of the second set of data copied to a thumb drive on July 5th.

Are you actually going to discuss the timeline?I am discussing the timeline lifted from reddit and how little sense it makes.

Who do you think was the source of the previous leaks and Podesta phish?

As does the whole Russia conspiracy, all circumstantial, at best. There won't be blood, you guys are going to eat it for 3.5 more years minimum and your party is in shambles and destroying every major metro area they've dominated.


You're not a good person being anti-Trump, you're a bad person being a Nazi sympathizer and you still don't have to worry about being shamed for having 100k posts on this board, this board isn't the be-all, end-all for you. There's a perfectly awesome real world with real people out there for you to interact with. No need to log-in to log-in, pal. I wish you all the best and hopefully you do become a good person someday.

Kansas.

The guy who funded the profiling project you posted last week?

OK.

I believe his heart is in the right place but he is being fed bullshit. Wouldn't be the first time it's happened to him.

Kansas.

Detroit. Chicago. Los Angeles. > Kansas.

As does the whole Russia conspiracy, all circumstantial, at best. There won't be blood, you guys are going to eat it for 3.5 more years minimum and your party is in shambles and destroying every major metro area they've dominated.


You're not a good person being anti-Trump, you're a bad person being a Nazi sympathizer and you still don't have to worry about being shamed for having 100k posts on this board, this board isn't the be-all, end-all for you. There's a perfectly awesome real world with real people out there for you to interact with. No need to log-in to log-in, pal. I wish you all the best and hopefully you do become a good person someday.Are you committing suicide? Is this goodbye?

OK.

I believe his heart is in the right place but he is being fed bullshit. Wouldn't be the first time it's happened to him.Fed by whom?

Fed by whom?
people spreading disinfo

people spreading disinfoBut who are these people?

DNC?

Clinton?

Podesta?

Fusion?

Chalupa?

What does reddit say?

Detroit. Chicago. Los Angeles. > Kansas.


I can tell you very specifically what Republican policy was responsible for Kansas.

Can you do the same for those cities?

But who are these people?

DNC?

Clinton?

Podesta?

Fusion?

Chalupa?

What does reddit say?

If you are so curious ask the guy yourself. The tweet clearly says "sources" and doesn't name anyone. Any more stupid questions I can't possibly answer?

Soooo...after the game was over because of pizzagate they started a new game and now this one's over too?

mabn they just keep hitting that reset button dont they

If you are so curious ask the guy yourself. The tweet clearly says "sources" and doesn't name anyone. Any more stupid questions I can't possibly answer?You say that Seth Rich was a source of the leaks and murdered by the DNC and now you can't be bothered to speculate on who is simply spreading disinfo.

:lol

Do you realize how stupid this all is?

didn't need it's own thread and somewhat related. :lol at that all star Hillary cast protecting our elections

Security experts from Google, Facebook, Crowdstrike want to save US elections

https://arstechnica.com/tech-policy/2017/07/campaign-managers-for-clinton-romney-team-up-to-fight-foreign-hackers/

You say that Seth Rich was a source of the leaks and murdered by the DNC and now you can't be bothered to speculate on who is simply spreading disinfo.

:lol

DNC?

Clinton?

Podesta?

Fusion?

Chalupa?

Your speculation is as good as mine

DNC?

Clinton?

Podesta?

Fusion?

Chalupa?

Your speculation is as good as mineYou're the one saying it's disinfo.

didn't need it's own thread and somewhat related. :lol at that all star Hillary cast protecting our elections

Security experts from Google, Facebook, Crowdstrike want to save US elections

https://arstechnica.com/tech-policy/2017/07/campaign-managers-for-clinton-romney-team-up-to-fight-foreign-hackers/884016887692234753

https://twitter.com/with_integrity?lang=en

link to the author of the g2space guy's twitter. he's got some interesting stuff to read through.

So now Crowdstrike is Guccifer2.0.

Conspiracy gets bigger every day.

So now Crowdstrike is Guccifer2.0.

Conspiracy gets bigger every day.

It's a logical conclusion.

It's a logical conclusion.So they're in on the murder too.

So they're in on the murder too.

Never said that and you're confusing the 2 breeches again.

Why would CrowdStrike not be a logical conclusion for the guccifer 2.0 hack?

Never said that and you're confusing the 2 breeches again. Am I?
You're the one who keeps saying Seth Rich is the source of the leak and was murdered by an amateur serial killer hitman because of it.

Not surprisingly, your whole reddit conspiracy theory makes little sense.
Yes I think he was the source of the second set of data copied to a thumb drive on July 5th.


Why would CrowdStrike not be a logical conclusion for the guccifer 2.0 hack?Hey, asking to prove a negative. These are your claims. Not mine.

Am I?

Yes, you are confusing the two breeches once again.

>>June 14, 2016: DNC announces their server was "hacked" back in April, and the perpetrator stole "Trump opposition research".

>>June 15, 2016: DNC/Crowdstrike announces "it was the Russians!", with very thin evidence, some of which they subsequently retracted.

>June 15, 2016 (yes, the same day): Guccifier 2.0 appears, takes credit for the "hack" and sends the Trump opposition research to several media outlets. Documents appear to have "Russian fingerprints", but it's a sham.... the documents were first created by an English language user -- possibly in the office of a Democrat politician -- and then opened and saved again on a computer with Russian language settings, all within 30 minutes on 2016-06-15: http://g-2.space/

>>July 5th James Comey Makes public statement concluding Clinton Server investigation

>>July 5, 2016: On that same day 3 weeks after DNC/Crowdstrike announces they were "hacked", And Seven Hours After James Comey's Public conclusion of the Clinton Ivestigation, a second set of files are copied onto a USB memory drive or over a local area network. File modification timestamps indicate it was probably done with Linux, and a copy speed of 22.6 megabytes/second -- too fast to be done remotely: https://theforensicator.wordpress.co...data-analysis/



>>July 10th 2016: Seth Rich is Shot, 5 days after the second breech was made.



Hey, asking to prove a negative. These are your claims. Not mine.

Considering what you know about CrowdStrike and it's ties to the DNC and DNC servers would CrowdStrike be a logical conclusion for the guccifer 2.0 hack?

Yes, you are confusing the two breeches once again.

>>June 14, 2016: DNC announces their server was "hacked" back in April, and the perpetrator stole "Trump opposition research".

>>June 15, 2016: DNC/Crowdstrike announces "it was the Russians!", with very thin evidence, some of which they subsequently retracted.

>June 15, 2016 (yes, the same day): Guccifier 2.0 appears, takes credit for the "hack" and sends the Trump opposition research to several media outlets. Documents appear to have "Russian fingerprints", but it's a sham.... the documents were first created by an English language user -- possibly in the office of a Democrat politician -- and then opened and saved again on a computer with Russian language settings, all within 30 minutes on 2016-06-15: http://g-2.space/

>>July 5th James Comey Makes public statement concluding Clinton Server investigation

>>July 5, 2016: On that same day 3 weeks after DNC/Crowdstrike announces they were "hacked", And Seven Hours After James Comey's Public conclusion of the Clinton Ivestigation, a second set of files are copied onto a USB memory drive or over a local area network. File modification timestamps indicate it was probably done with Linux, and a copy speed of 22.6 megabytes/second -- too fast to be done remotely: https://theforensicator.wordpress.co...data-analysis/



>>July 10th 2016: Seth Rich is Shot, 5 days after the second breech was made.So the second breach, just like you said. Not confused at all.

Crowdstrike is in on the murder, according to you.




Considering what you know about CrowdStrike and it's ties to the DNC and DNC servers would CrowdStrike be a logical conclusion for the guccifer 2.0 hack?Considering what I know, it would make more sense to conclude it was an amateur serial killer hitman who didn't know about metadata, but that also seems to be bullshit.

It's your conspiracy theory, TSA -- you are free prove it any time you please.

so now, independent cyber investigators believe the alleged "hack" was not a hack but an inside job. certainly, plausible. remember who we are dealing with here: the intelligence community. why are "liberals" suddenly so enamored with the intelligence community?

http://www.truthdig.com/report/item/was_the_russian_hack_an_inside_job_20170724

So the second breach, just like you said. Not confused at all.

Crowdstrike is in on the murder, according to you.

Working of this timeline as assuming the attributions are correct, where are you getting the first breech of CrowdStrike/Guccifer 2.0 has anything to do with the second breech?




Considering what I know, it would make more sense to conclude it was an amateur serial killer hitman who didn't know about metadata, but that also seems to be bullshit.

It's your conspiracy theory, TSA -- you are free prove it any time you please.

Again, why are you conflating the two separate hacks and trying to tie the first breech to Seth Rich?

Speaking of the first breech, considering what you know about CrowdStrike and it's ties to the DNC and DNC servers would CrowdStrike be a logical conclusion for the guccifer 2.0 hack yes or no?

so now, independent cyber investigators believe the alleged "hack" was not a hack but an inside job. certainly, plausible. remember who we are dealing with here: the intelligence community. why are "liberals" suddenly so enamored with the intelligence community?

http://www.truthdig.com/report/item/was_the_russian_hack_an_inside_job_20170724

"Independent analyst Skip Folden, a retired IBM Program Manager for Information Technology U.S., who examined the recent forensic findings, is a co-author of this Memorandum. He has drafted a more detailed technical report titled “Cyber-Forensic Investigation of ‘Russian Hack’ and Missing Intelligence Community Disclaimers,”


Been trying to find this since yesterday but have had no luck.

But who are these people?

DNC?

Clinton?

Podesta?

Fusion?

Chalupa?

What does reddit say?

Speaking of girl Chalupa

889327197894344706

Working of this timeline as assuming the attributions are correct, where are you getting the first breech of CrowdStrike/Guccifer 2.0 has anything to do with the second breech?The quote is yours, not mine.


Again, why are you conflating the two separate hacks and trying to tie the first breech to Seth Rich?So now someone else is responsible for the first hack? Who? The conspiracy widens once again.


Speaking of the first breech, considering what you know about CrowdStrike and it's ties to the DNC and DNC servers would CrowdStrike be a logical conclusion for the guccifer 2.0 hack yes or no?Not after you confused everything, no.

Speaking of girl Chalupa

889327197894344706Too bad she already said she spoke to the DNC. You might have been onto something, scoop.

The quote is yours, not mine.

So now someone else is responsible for the first hack? Who? The conspiracy widens once again.

Not after you confused everything, no.

You are the only one confused here. Please point to the event in that timeline that has you conflating the two separate breeches.

Too bad she already said she spoke to the DNC. You might have been onto something, scoop.

Chalupa was your girl not mine.

You are the only one confused here. Please point to the event in that timeline that has you conflating the two separate breeches.Sorry, that was you. Quotes were there.

Now that you say two different parties were responsible for each breach and Seth is responsible for one, who is responsible for the other?

Chalupa was your girl not mine.Nope, she's your conspiracy, not mine.

Sorry, that was you. Quotes were there.

Now that you say two different parties were responsible for each breach and Seth is responsible for one, who is responsible for the other?

Provide the quote.

Provide the quote.Already did. I will accept that you are correcting yourself.

Now that you say two different parties were responsible for each breach and Seth is responsible for one, who is responsible for the other?

Or is there another part to your conspiracy you haven't let us in on yet?

I do have to tell you, all the conspiracies make even less sense if Rich isn't responsible for the most damning leaks. Is this really the way you want this to go?

Already did. I will accept that you are correcting yourself.

Now that you say two different parties were responsible for each breach and Seth is responsible for one, who is responsible for the other?

Or is there another part to your conspiracy you haven't let us in on yet?

You haven't provided any quote to back your claim. Try again.

BOOM! Game overl

Oh wait didn't time that right

Post another knockout blow TSA I'll be like your hype man

Oh wait didn't time that right

Post another knockout blow TSA I'll be like your hype man

:bobo

You haven't provided any quote to back your claim. Try again.Already did in the quotes I posted above. If I am in error, I apologize. If you want to stonewall over this, that's fine too -- but I'm letting you define what your conspiracy is right here and now. Go ahead and tell us who you think is responsible for each breach and we can discuss them. I am perfectly willing to move forward and discuss your conspiracy as you see it.

The ball is completely in your court.

https://i.gyazo.com/87ac72a3af86d4172c8c264c336fafac.png

:lol

Already did in the quotes I posted above. If I am in error, I apologize. If you want to stonewall over this, that's fine too -- but I'm letting you define what your conspiracy is right here and now. Go ahead and tell us who you think is responsible for each breach and we can discuss them. I am perfectly willing to move forward and discuss your conspiracy as you see it.

The ball is completely in your court.

:lol stonewalls for two pages and then instantly deflects
:lol classic Chumpdumper


So now Crowdstrike is Guccifer2.0.

Conspiracy gets bigger every day.


It's a logical conclusion.


So they're in on the murder too.


Never said that and you're confusing the 2 breeches again.

Here is the timeline again. Please bold the lines showing where guccifer 2.0 and the second breech are the same.


>>June 12, 2016: Wikileaks announces they have "emails relating to Hillary Clinton" and will be publishing them soon.<< The Podesta Emails

>>June 14, 2016: DNC announces their server was "hacked" back in April, and the perpetrator stole "Trump opposition research".

>>June 15, 2016: DNC/Crowdstrike announces "it was the Russians!", with very thin evidence, some of which they subsequently retracted.

>June 15, 2016 (yes, the same day): Guccifier 2.0 appears, takes credit for the "hack" and sends the Trump opposition research to several media outlets. Documents appear to have "Russian fingerprints", but it's a sham.... the documents were first created by an English language user -- possibly in the office of a Democrat politician -- and then opened and saved again on a computer with Russian language settings, all within 30 minutes on 2016-06-15: http://g-2.space/

>>July 5th James Comey Makes public statement concluding Clinton Server investigation

>>July 5, 2016: On that same day 3 weeks after DNC/Crowdstrike announces they were "hacked", And Seven Hours After James Comey's Public conclusion of the Clinton Ivestigation, a second set of files are copied onto a USB memory drive or over a local area network. File modification timestamps indicate it was probably done with Linux, and a copy speed of 22.6 megabytes/second -- too fast to be done remotely: https://theforensicator.wordpress.co...data-analysis/



>>July 10th 2016: Seth Rich is Shot, 5 days after the second breech was mae.

>>July 22, 2016:17 days after the second DNC breech, Wikileaks starts to publish first batch DNC emails.

:lol stonewalls for two pages and then instantly deflects
:lol classic Chumpdumper









Here is the timeline again. Please bold the lines showing where guccifer 2.0 and the second breech are the same.


>>June 12, 2016: Wikileaks announces they have "emails relating to Hillary Clinton" and will be publishing them soon.<< The Podesta Emails

>>June 14, 2016: DNC announces their server was "hacked" back in April, and the perpetrator stole "Trump opposition research".

>>June 15, 2016: DNC/Crowdstrike announces "it was the Russians!", with very thin evidence, some of which they subsequently retracted.

>June 15, 2016 (yes, the same day): Guccifier 2.0 appears, takes credit for the "hack" and sends the Trump opposition research to several media outlets. Documents appear to have "Russian fingerprints", but it's a sham.... the documents were first created by an English language user -- possibly in the office of a Democrat politician -- and then opened and saved again on a computer with Russian language settings, all within 30 minutes on 2016-06-15: http://g-2.space/

>>July 5th James Comey Makes public statement concluding Clinton Server investigation

>>July 5, 2016: On that same day 3 weeks after DNC/Crowdstrike announces they were "hacked", And Seven Hours After James Comey's Public conclusion of the Clinton Ivestigation, a second set of files are copied onto a USB memory drive or over a local area network. File modification timestamps indicate it was probably done with Linux, and a copy speed of 22.6 megabytes/second -- too fast to be done remotely: https://theforensicator.wordpress.co...data-analysis/



>>July 10th 2016: Seth Rich is Shot, 5 days after the second breech was mae.

>>July 22, 2016:17 days after the second DNC breech, Wikileaks starts to publish first batch DNC emails.:lol Classic TSA. I acquiesce to whatever he wants his terms to be and he still wants to litigate.

I don't see where you say who is responsible for each hack, so I guess you just never will. This is your stonewall.

:lol Classic TSA. I acquiesce to whatever he wants his terms to be and he still wants to litigate.

I don't see where you say who is responsible for each hack, so I guess you just never will. This is your stonewall.editing a post to add a smilie? :rollin

This whole time I've just been asking you to show how you conflated the two hacks and you've refused to say, like you are now doing again. Classic Chumpdumper trying to tire out the other poster instead of just answering directly and owning up to his mistake.

edit: editing a post to remove a smilie? :rollin

You'll get one last shot at explaining yourself concerning this

Here is the timeline again. Please bold the lines showing where guccifer 2.0 and the second breech are the same.


>>June 12, 2016: Wikileaks announces they have "emails relating to Hillary Clinton" and will be publishing them soon.<< The Podesta Emails

>>June 14, 2016: DNC announces their server was "hacked" back in April, and the perpetrator stole "Trump opposition research".

>>June 15, 2016: DNC/Crowdstrike announces "it was the Russians!", with very thin evidence, some of which they subsequently retracted.

>June 15, 2016 (yes, the same day): Guccifier 2.0 appears, takes credit for the "hack" and sends the Trump opposition research to several media outlets. Documents appear to have "Russian fingerprints", but it's a sham.... the documents were first created by an English language user -- possibly in the office of a Democrat politician -- and then opened and saved again on a computer with Russian language settings, all within 30 minutes on 2016-06-15: http://g-2.space/

>>July 5th James Comey Makes public statement concluding Clinton Server investigation

>>July 5, 2016: On that same day 3 weeks after DNC/Crowdstrike announces they were "hacked", And Seven Hours After James Comey's Public conclusion of the Clinton Ivestigation, a second set of files are copied onto a USB memory drive or over a local area network. File modification timestamps indicate it was probably done with Linux, and a copy speed of 22.6 megabytes/second -- too fast to be done remotely: https://theforensicator.wordpress.co...data-analysis/



>>July 10th 2016: Seth Rich is Shot, 5 days after the second breech was mae.

>>July 22, 2016:17 days after the second DNC breech, Wikileaks starts to publish first batch DNC emails.

editing a post to add a smilie? :rollin

This whole time I've just been asking you to show how you conflated the two hacks and you've refused to say, like you are now doing again. Classic Chumpdumper trying to tire out the other poster instead of just answering directly and owning up to his mistake.

edit: editing a post to remove a smilie? :rollinStill litigating?

I already told you where I posted your quotes and that if I was in error I apologize. You obviously think I'm in error so fine -- I let what you say stand. It was never a gotcha moment in my mind -- just another part of the conspiracy that made no sense to me.

You'll get one last shot at explaining yourself concerning this Or what?

Your stonewall goes up again?

I already said whatever you say happened is fine since it's your conspiracy. I will admit being wrong about your conspiracy if you say I am. Now you won't say anything. This is where you end up every time someone actually questions your conspiracy. Fifth time it's happened with me since I came back.

Still litigating?

I already told you where I posted your quotes and that if I was in error I apologize. You obviously think I'm in error so fine -- I let what you say stand. It was never a gotcha moment in my mind -- just another part of the conspiracy that made no sense to me.

still stonewalling?

you are relentless

still stonewalling?

you are relentlessIt's your wall. I'm just watching you build it while you let the real Seth Rich killer go free.

Or what?

Your stonewall goes up again?

I already said whatever you say happened is fine since it's your conspiracy. I will admit being wrong about your conspiracy if you say I am. Now you won't say anything. This is where you end up every time someone actually questions your conspiracy. Fifth time it's happened with me since I came back.

This entire thread is full of what I think happened. Start on page 1 and knock yourself out.

This entire thread is full of what I think happened. Start on page 1 and knock yourself out.I don't blame you for stonewalling now -- or all the other times you have. You're veering close to Cat Stevens mind control territory again.

Damn, I concede a point to TSA and he forfeits the entire thread.

"Independent analyst Skip Folden, a retired IBM Program Manager for Information Technology U.S., who examined the recent forensic findings, is a co-author of this Memorandum. He has drafted a more detailed technical report titled “Cyber-Forensic Investigation of ‘Russian Hack’ and Missing Intelligence Community Disclaimers,”


Been trying to find this since yesterday but have had no luck.

https://consortiumnews.com/2017/07/24/intel-vets-challenge-russia-hack-evidence/

Stick the first sentence into google, let them do the work. "About 301,000 results (1.26 seconds) "

YW.

https://en.wikipedia.org/wiki/Veteran_Intelligence_Professionals_for_Sanity


The group, “Veteran Intelligence Professionals for Sanity,” has produced some of the most credible, and critical, analyses of the Bush Administration’s handling of intelligence data in the run-up to the March, 2003 invasion of Iraq. Starting with a next-day analysis of Colin Powell’s February 5, 2003 speech to the Security Council of the United Nations, the group’s steering committee of a half-dozen intelligence veterans has published eleven detailed analytical memoranda directed to President Bush, Colin Powell, and Kofi Annan, among others, assessing what the Bush Administration knew about Iraq before, during, and after the war, and how that intelligence has been used–and misused.

http://www.motherjones.com/politics/2004/03/skeptical-spy/

MJ article was pretty good. (from 2004)

They concluded the Republican administration fucked up in Iraq, though. I'm sure TSA is happy to detail all the faults of the Republican party in that fiasco. :lol

https://consortiumnews.com/2017/07/24/intel-vets-challenge-russia-hack-evidence/

Stick the first sentence into google, let them do the work. "About 301,000 results (1.26 seconds) "

YW.

I was the first to post the consortium news article. YW.

What I am looking for is the more detailed technical report by Skip Folden: "“Cyber-Forensic Investigation of ‘Russian Hack’ and Missing Intelligence Community Disclaimers,”

TY.

https://en.wikipedia.org/wiki/Veteran_Intelligence_Professionals_for_Sanity


http://www.motherjones.com/politics/2004/03/skeptical-spy/

MJ article was pretty good. (from 2004)

They concluded the Republican administration fucked up in Iraq, though. I'm sure TSA is happy to detail all the faults of the Republican party in that fiasco. :lol

Iraq was an absolute disaster and should never have happened how it did.

"You think the Russians were sloppy on purpose to point back to themselves." ...not exactly.

Better:
"You think the Russians were sloppy on purpose to provide plausible deniability in case the actions of the insider were discovered."

Best:
"Sloppy papering is consistent with known Russian intelligence methods, in which establishing plausible deniability is fundamental to all operations if at all possible."It seems you find VIPS pretty credible in their assessment abilities. How does your theory work if the guccifer 2.0 leak was meant to taint the Wikileaks leak? Russia had an insider leak to Wikileaks and then pre-emptively tainted their own pending leak with guccifer 2.0 leak?

-(1) an inside leak to WikiLeaks before Julian Assange announced on June 12, 2016, that he had DNC documents and planned to publish them (which he did on July 22) – the presumed objective being to expose strong DNC bias toward the Clinton candidacy; and

-(2) a separate leak on July 5, 2016, to pre-emptively taint anything WikiLeaks might later publish by “showing” it came from a “Russian hack.”


The more plausible theory to me is that the DNC knew it was breeched, knew Wikileaks was going to release, and the DNC got with CrowdStrike to create guccifer 2.0 to taint the Wikileaks release.

So the theory is no one Crowdstrike knows anything about metadata. OK, I guess.

It seems you find VIPS pretty credible in their assessment abilities. How does your theory work if the guccifer 2.0 leak was meant to taint the Wikileaks leak? Russia had an insider leak to Wikileaks and then pre-emptively tainted their own pending leak with guccifer 2.0 leak?

-(1) an inside leak to WikiLeaks before Julian Assange announced on June 12, 2016, that he had DNC documents and planned to publish them (which he did on July 22) – the presumed objective being to expose strong DNC bias toward the Clinton candidacy; and

-(2) a separate leak on July 5, 2016, to pre-emptively taint anything WikiLeaks might later publish by “showing” it came from a “Russian hack.”


The more plausible theory to me is that the DNC knew it was breeched, knew Wikileaks was going to release, and the DNC got with CrowdStrike to create guccifer 2.0 to taint the Wikileaks release.

That is a good working hypothesis, that does explain the data we know.

It also creates co-conspirators within the DNC. Conspiracies are hard to maintain, so we can expect someone to talk eventually, if true.

Is this a game over within a game over? Are we incepting this?

Is this a game over within a game over? Are we incepting this?


Meh. Two competing theories, little evidence that might disprove either at the moment.

If G2 is some sort of internal conspiracy on the part of the DNC, someone will talk eventually. If it was a Russian plant/mole, you will not see that.

That is a good working hypothesis, that does explain the data we know.

It also creates co-conspirators within the DNC. Conspiracies are hard to maintain, so we can expect someone to talk eventually, if true.

The arrest of Wasserman-Schultz IT guy could be a link in all of this but won't know much until he starts talking.

How does your theory work if the guccifer 2.0 leak was meant to taint the Wikileaks leak? Russia had an insider leak to Wikileaks and then pre-emptively tainted their own pending leak with guccifer 2.0 leak?

Behind Fox News' Baseless Seth Rich Story: The Untold Tale

The Fox News Channel and a wealthy supporter of President Trump worked in concert under the watchful eye of the White House to concoct a story about the death of a young Democratic National Committee aide, according to a lawsuit filed Tuesday.

The explosive claim is part of the lawsuit filed against Fox News by Rod Wheeler, a longtime paid commentator for the news network. The suit was obtained exclusively by NPR.

Wheeler alleges Fox News and the Trump supporter intended to deflect public attention from growing concern about the administration's ties to the Russian government. His suit charges that a Fox News reporter created quotations out of thin air and attributed them to him to propel her story.

Fox's president of news, Jay Wallace, told NPR on Monday that there was no "concrete evidence" that Wheeler was misquoted by the reporter, Malia Zimmerman. The news executive did not address a question about the story's allegedly partisan origins. Fox News declined to allow Zimmerman to comment for this story.

The story, which first aired in May, was retracted by Fox News a week later. Fox News has, to date, taken no action in response to what it said was a failure to adhere to the network's standards.

The lawsuit focuses particular attention on the role of the Trump supporter, Ed Butowsky, in weaving the story. He is a wealthy Dallas investor and unpaid Fox commentator on financial matters who has emerged as a reliable Republican surrogate in recent years. Butowsky offered to pay for Wheeler to investigate the death of the DNC aide, Seth Rich, on behalf of his grieving parents in Omaha, Neb.

On April 20, a month before the story ran, Butowsky and Wheeler — the investor and the investigator — met at the White House with then-press secretary Sean Spicer to brief him on what they were uncovering.

The first page of the lawsuit quotes a voicemail and text from Butowsky boasting that Trump himself had reviewed drafts of the Fox News story just before it went to air and was published.

Spicer now tells NPR that he took the meeting as a favor to Butowsky, a reliable Republican voice. Spicer says he was unaware of any contact involving the president. Butowsky now tells NPR that he was kidding about Trump's involvement.

"Rod Wheeler unfortunately was used as a pawn by Ed Butowsky, Fox News and the Trump administration to try and steer away the attention that was being given about the Russian hacking of the DNC e-mails," says Douglas Wigdor, Wheeler's lawyer.

...

http://www.npr.org/2017/08/01/540783715/lawsuit-alleges-fox-news-and-trump-supporter-created-fake-news-story

https://www.thenation.com/article/a-new-report-raises-big-questions-about-last-years-dnc-hack/

A New Report Raises Big Questions About Last Year’s DNC Hack
Former NSA experts say it wasn’t a hack at all, but a leak—an inside job by someone with access to the DNC’s system.
By Patrick Lawrence

It is now a year since the Democratic National Committee’s mail system was compromised—a year since events in the spring and early summer of 2016 were identified as remote hacks and, in short order, attributed to Russians acting in behalf of Donald Trump. A great edifice has been erected during this time. President Trump, members of his family, and numerous people around him stand accused of various corruptions and extensive collusion with Russians. Half a dozen simultaneous investigations proceed into these matters. Last week news broke that Special Counsel Robert Mueller had convened a grand jury, which issued its first subpoenas on August 3. Allegations of treason are common; prominent political figures and many media cultivate a case for impeachment.

The president’s ability to conduct foreign policy, notably but not only with regard to Russia, is now crippled. Forced into a corner and having no choice, Trump just signed legislation imposing severe new sanctions on Russia and European companies working with it on pipeline projects vital to Russia’s energy sector. Striking this close to the core of another nation’s economy is customarily considered an act of war, we must not forget. In retaliation, Moscow has announced that the United States must cut its embassy staff by roughly two-thirds. All sides agree that relations between the United States and Russia are now as fragile as they were during some of the Cold War’s worst moments. To suggest that military conflict between two nuclear powers inches ever closer can no longer be dismissed as hyperbole.

All this was set in motion when the DNC’s mail server was first violated in the spring of 2016 and by subsequent assertions that Russians were behind that “hack” and another such operation, also described as a Russian hack, on July 5. These are the foundation stones of the edifice just outlined. The evolution of public discourse in the year since is worthy of scholarly study: Possibilities became allegations, and these became probabilities. Then the probabilities turned into certainties, and these evolved into what are now taken to be established truths. By my reckoning, it required a few days to a few weeks to advance from each of these stages to the next. This was accomplished via the indefensibly corrupt manipulations of language repeated incessantly in our leading media.

Lost in a year that often appeared to veer into our peculiarly American kind of hysteria is the absence of any credible evidence of what happened last year and who was responsible for it. It is tiresome to note, but none has been made available. Instead, we are urged to accept the word of institutions and senior officials with long records of deception. These officials profess “high confidence” in their “assessment” as to what happened in the spring and summer of last year—this standing as their authoritative judgment. Few have noticed since these evasive terms first appeared that an assessment is an opinion, nothing more, and to express high confidence is an upside-down way of admitting the absence of certain knowledge. This is how officials avoid putting their names on the assertions we are so strongly urged to accept—as the record shows many of them have done.

We come now to a moment of great gravity.

There has been a long effort to counter the official narrative we now call “Russiagate.” This effort has so far focused on the key events noted above, leaving numerous others still to be addressed. Until recently, researchers undertaking this work faced critical shortcomings, and these are to be explained. But they have achieved significant new momentum in the past several weeks, and what they have done now yields very consequential fruit. Forensic investigators, intelligence analysts, system designers, program architects, and computer scientists of long experience and strongly credentialed are now producing evidence disproving the official version of key events last year. Their work is intricate and continues at a kinetic pace as we speak. But its certain results so far are two, simply stated, and freighted with implications:

There was no hack of the Democratic National Committee’s system on July 5 last year—not by the Russians, not by anyone else. Hard science now demonstrates it was a leak—a download executed locally with a memory key or a similarly portable data-storage device. In short, it was an inside job by someone with access to the DNC’s system. This casts serious doubt on the initial “hack,” as alleged, that led to the very consequential publication of a large store of documents on WikiLeaks last summer.

Forensic investigations of documents made public two weeks prior to the July 5 leak by the person or entity known as Guccifer 2.0 show that they were fraudulent: Before Guccifer posted them they were adulterated by cutting and pasting them into a blank template that had Russian as its default language. Guccifer took responsibility on June 15 for an intrusion the DNC reported on June 14 and professed to be a WikiLeaks source—claims essential to the official narrative implicating Russia in what was soon cast as an extensive hacking operation. To put the point simply, forensic science now devastates this narrative.

This article is based on an examination of the documents these forensic experts and intelligence analysts have produced, notably the key papers written over the past several weeks, as well as detailed interviews with many of those conducting investigations and now drawing conclusions from them. Before proceeding into this material, several points bear noting.

One, there are many other allegations implicating Russians in the 2016 political process. The work I will now report upon does not purport to prove or disprove any of them. Who delivered documents to WikiLeaks? Who was responsible for the “phishing” operation penetrating John Podesta’s e-mail in March 2016? We do not know the answers to such questions. It is entirely possible, indeed, that the answers we deserve and must demand could turn out to be multiple: One thing happened in one case, another thing in another. The new work done on the mid-June and July 5 events bears upon all else in only one respect. We are now on notice: Given that we now stand face to face with very considerable cases of duplicity, it is imperative that all official accounts of these many events be subject to rigorously skeptical questioning. Do we even know that John Podesta’s e-mail was in fact “phished”? What evidence of this has been produced? Such rock-bottom questions as these must now be posed in all other cases.

Two, houses built on sand and made of cards are bound to collapse, and there can be no surprise that the one resting atop the “hack theory,” as we can call the prevailing wisdom on the DNC events, appears to be in the process of doing so. Neither is there anything far-fetched in a reversal of the truth of this magnitude. American history is replete with similar cases. The Spanish sank the Maine in Havana harbor in February 1898. Iran’s Mossadegh was a Communist. Guatemala’s Árbenz represented a Communist threat to the United States. Vietnam’s Ho Chi Minh was a Soviet puppet. The Sandinistas were Communists. The truth of the Maine, a war and a revolution in between, took a century to find the light of day, whereupon the official story disintegrated. We can do better now. It is an odd sensation to live through one of these episodes, especially one as big as Russiagate. But its place atop a long line of precedents can no longer be disputed.

Three, regardless of what one may think about the investigations and conclusions I will now outline—and, as noted, these investigations continue—there is a bottom line attaching to them. We can even call it a red line. Under no circumstance can it be acceptable that the relevant authorities—the National Security Agency, the Justice Department (via the Federal Bureau of Investigation), and the Central Intelligence Agency—leave these new findings without reply. Not credibly, in any case. Forensic investigators, prominent among them people with decades’ experience at high levels in these very institutions, have put a body of evidence on a table previously left empty. Silence now, should it ensue, cannot be written down as an admission of duplicity, but it will come very close to one.

It requires no elaboration to apply the above point to the corporate media, which have been flaccidly satisfied with official explanations of the DNC matter from the start.

Qualified experts working independently of one another began to examine the DNC case immediately after the July 2016 events. Prominent among these is a group comprising former intelligence officers, almost all of whom previously occupied senior positions. Veteran Intelligence Professionals for Sanity (VIPS), founded in 2003, now has 30 members, including a few associates with backgrounds in national-security fields other than intelligence. The chief researchers active on the DNC case are four: William Binney, formerly the NSA’s technical director for world geopolitical and military analysis and designer of many agency programs now in use; Kirk Wiebe, formerly a senior analyst at the NSA’s SIGINT Automation Research Center; Edward Loomis, formerly technical director in the NSA’s Office of Signal Processing; and Ray McGovern, an intelligence analyst for nearly three decades and formerly chief of the CIA’s Soviet Foreign Policy Branch. Most of these men have decades of experience in matters concerning Russian intelligence and the related technologies. This article reflects numerous interviews with all of them conducted in person, via Skype, or by telephone.

The customary VIPS format is an open letter, typically addressed to the president. The group has written three such letters on the DNC incident, all of which were first published by Robert Parry at www.consortiumnews.com. Here is the latest, dated July 24; it blueprints the forensic work this article explores in detail. They have all argued that the hack theory is wrong and that a locally executed leak is the far more likely explanation. In a letter to Barack Obama dated January 17, three days before he left office, the group explained that the NSA’s known programs are fully capable of capturing all electronic transfers of data. “We strongly suggest that you ask NSA for any evidence it may have indicating that the results of Russian hacking were given to WikiLeaks,” the letter said. “If NSA cannot produce such evidence—and quickly—this would probably mean it does not have any.”

The day after Parry published this letter, Obama gave his last press conference as president, at which he delivered one of the great gems among the official statements on the DNC e-mail question. “The conclusions of the intelligence community with respect to the Russian hacking,” the legacy-minded Obama said, “were not conclusive.” There is little to suggest the VIPS letter prompted this remark, but it is typical of the linguistic tap-dancing many officials connected to the case have indulged so as to avoid putting their names on the hack theory and all that derives from it.

Until recently there was a serious hindrance to the VIPS’s work, and I have just suggested it. The group lacked access to positive data. It had no lump of cyber-material to place on its lab table and analyze, because no official agency had provided any.

Donald Rumsfeld famously argued with regard to the WMD question in Iraq, “The absence of evidence is not evidence of absence.” In essence, Binney and others at VIPS say this logic turns upside down in the DNC case: Based on the knowledge of former officials such as Binney, the group knew that (1) if there was a hack and (2) if Russia was responsible for it, the NSA would have to have evidence of both. Binney and others surmised that the agency and associated institutions were hiding the absence of evidence behind the claim that they had to maintain secrecy to protect NSA programs. “Everything that they say must remain classified is already well-known,” Binney said in an interview. “They’re playing the Wizard of Oz game.”

New findings indicate this is perfectly true, but until recently the VIPS experts could produce only “negative evidence,” as they put it: The absence of evidence supporting the hack theory demonstrates that it cannot be so. That is all VIPS had. They could allege and assert, but they could not conclude: They were stuck demanding evidence they did not have—if only to prove there was none.

Research into the DNC case took a fateful turn in early July, when forensic investigators who had been working independently began to share findings and form loose collaborations wherein each could build on the work of others. In this a small, new website called www.disobedientmedia.com proved an important catalyst. Two independent researchers selected it, Snowden-like, as the medium through which to disclose their findings. One of these is known as Forensicator and the other as Adam Carter. On July 9, Adam Carter sent Elizabeth Vos, a co-founder of Disobedient Media, a paper by the Forensicator that split the DNC case open like a coconut.

By this time Binney and the other technical-side people at VIPS had begun working with a man named Skip Folden. Folden was an IT executive at IBM for 33 years, serving 25 years as the IT program manager in the United States. He has also consulted for Pentagon officials, the FBI, and the Justice Department. Folden is effectively the VIPS group’s liaison to Forensicator, Adam Carter, and other investigators, but neither Folden nor anyone else knows the identity of either Forensicator or Adam Carter. This bears brief explanation.

The Forensicator’s July 9 document indicates he lives in the Pacific Time Zone, which puts him on the West Coast. His notes describing his investigative procedures support this. But little else is known of him. Adam Carter, in turn, is located in England, but the name is a coy pseudonym: It derives from a character in a BBC espionage series called Spooks. It is protocol in this community, Elizabeth Vos told me in a telephone conversation this week, to respect this degree of anonymity. Kirk Wiebe, the former SIGINT analyst at the NSA, thinks Forensicator could be “someone very good with the FBI,” but there is no certainty. Unanimously, however, all the analysts and forensics investigators interviewed for this column say Forensicator’s advanced expertise, evident in the work he has done, is unassailable. They hold a similarly high opinion of Adam Carter’s work.

Forensicator is working with the documents published by Guccifer 2.0, focusing for now on the July 5 intrusion into the DNC server. The contents of Guccifer’s files are known—they were published last September—and are not Forensicator’s concern. His work is with the metadata on those files. These data did not come to him via any clandestine means. Forensicator simply has access to them that others did not have. It is this access that prompts Kirk Wiebe and others to suggest that Forensicator may be someone with exceptional talent and training inside an agency such as the FBI. “Forensicator unlocked and then analyzed what had been the locked files Guccifer supposedly took from the DNC server,” Skip Folden explained in an interview. “To do this he would have to have ‘access privilege,’ meaning a key.”

What has Forensicator proven since he turned his key? How? What has work done atop Forensicator’s findings proven? How?

Forensicator’s first decisive findings, made public in the paper dated July 9, concerned the volume of the supposedly hacked material and what is called the transfer rate—the time a remote hack would require. The metadata established several facts in this regard with granular precision: On the evening of July 5, 2016, 1,976 megabytes of data were downloaded from the DNC’s server. The operation took 87 seconds. This yields a transfer rate of 22.7 megabytes per second.

These statistics are matters of record and essential to disproving the hack theory. No Internet service provider, such as a hacker would have had to use in mid-2016, was capable of downloading data at this speed. Compounding this contradiction, Guccifer claimed to have run his hack from Romania, which, for numerous reasons technically called delivery overheads, would slow down the speed of a hack even further from maximum achievable speeds.

What is the maximum achievable speed? Forensicator recently ran a test download of a comparable data volume (and using a server speed not available in 2016) 40 miles from his computer via a server 20 miles away and came up with a speed of 11.8 megabytes per second—half what the DNC operation would need were it a hack. Other investigators have built on this finding. Folden and Edward Loomis say a survey published August 3, 2016, by www.speedtest.net/reports is highly reliable and use it as their thumbnail index. It indicated that the highest average ISP speeds of first-half 2016 were achieved by Xfinity and Cox Communications. These speeds averaged 15.6 megabytes per second and 14.7 megabytes per second, respectively. Peak speeds at higher rates were recorded intermittently but still did not reach the required 22.7 megabytes per second.

“A speed of 22.7 megabytes is simply unobtainable, especially if we are talking about a transoceanic data transfer,” Folden said. “Based on the data we now have, what we’ve been calling a hack is impossible.” Last week Forensicator reported on a speed test he conducted more recently. It tightens the case considerably. “Transfer rates of 23 MB/s (Mega Bytes per second) are not just highly unlikely, but effectively impossible to accomplish when communicating over the Internet at any significant distance,” he wrote. “Further, local copy speeds are measured, demonstrating that 23 MB/s is a typical transfer rate when using a USB–2 flash device (thumb drive).”

Time stamps in the metadata provide further evidence of what happened on July 5. The stamps recording the download indicate that it occurred in the Eastern Daylight Time Zone at approximately 6:45 pm. This confirms that the person entering the DNC system was working somewhere on the East Coast of the United States. In theory the operation could have been conducted from Bangor or Miami or anywhere in between—but not Russia, Romania, or anywhere else outside the EDT zone. Combined with Forensicator’s findings on the transfer rate, the time stamps constitute more evidence that the download was conducted locally, since delivery overheads—conversion of data into packets, addressing, sequencing times, error checks, and the like—degrade all data transfers conducted via the Internet, more or less according to the distance involved.

In addition, there is the adulteration of the documents Guccifer 2.0 posted on June 15, when he made his first appearance. This came to light when researchers penetrated what Folden calls Guccifer’s top layer of metadata and analyzed what was in the layers beneath. They found that the first five files Guccifer made public had each been run, via ordinary cut-and-paste, through a single template that effectively immersed them in what could plausibly be cast as Russian fingerprints. They were not: The Russian markings were artificially inserted prior to posting. “It’s clear,” another forensics investigator self-identified as HET, wrote in a report on this question, “that metadata was deliberately altered and documents were deliberately pasted into a Russianified [W]ord document with Russian language settings and style headings.”

To be noted in this connection: The list of the CIA’s cyber-tools WikiLeaks began to release in March and labeled Vault 7 includes one called Marble that is capable of obfuscating the origin of documents in false-flag operations and leaving markings that point to whatever the CIA wants to point to. (The tool can also “de-obfuscate” what it has obfuscated.) It is not known whether this tool was deployed in the Guccifer case, but it is there for such a use.

It is not yet clear whether documents now shown to have been leaked locally on July 5 were tainted to suggest Russian hacking in the same way the June 15 Guccifer release was. This is among several outstanding questions awaiting answers, and the forensic scientists active on the DNC case are now investigating it. In a note Adam Carter sent to Folden and McGovern last week and copied to me, he reconfirmed the corruption of the June 15 documents, while indicating that his initial work on the July 5 documents—of which much more is to be done—had not yet turned up evidence of doctoring.

In the meantime, VIPS has assembled a chronology that imposes a persuasive logic on the complex succession of events just reviewed. It is this:

On June 12 last year, Julian Assange announced that WikiLeaks had and would publish documents pertinent to Hillary Clinton’s presidential campaign.
On June 14, CrowdStrike, a cyber-security firm hired by the DNC, announced, without providing evidence, that it had found malware on DNC servers and had evidence that Russians were responsible for planting it.
On June 15, Guccifer 2.0 first appeared, took responsibility for the “hack” reported on June 14 and claimed to be a WikiLeaks source. It then posted the adulterated documents just described.
On July 5, Guccifer again claimed he had remotely hacked DNC servers, and the operation was instantly described as another intrusion attributable to Russia. Virtually no media questioned this account.

It does not require too much thought to read into this sequence. With his June 12 announcement, Assange effectively put the DNC on notice that it had a little time, probably not much, to act preemptively against the imminent publication of damaging documents. Did the DNC quickly conjure Guccifer from thin air to create a cyber-saboteur whose fingers point to Russia? There is no evidence of this one way or the other, but emphatically it is legitimate to pose the question in the context of the VIPS chronology. WikiLeaks began publishing on July 22. By that time, the case alleging Russian interference in the 2016 elections process was taking firm root. In short order Assange would be written down as a “Russian agent.”

By any balanced reckoning, the official case purporting to assign a systematic hacking effort to Russia, the events of mid-June and July 5 last year being the foundation of this case, is shabby to the point taxpayers should ask for their money back. The Intelligence Community Assessment, the supposedly definitive report featuring the “high confidence” dodge, was greeted as farcically flimsy when issued January 6. Ray McGovern calls it a disgrace to the intelligence profession. It is spotlessly free of evidence, front to back, pertaining to any events in which Russia is implicated. James Clapper, the former director of national intelligence, admitted in May that “hand-picked” analysts from three agencies (not the 17 previously reported) drafted the ICA. There is a way to understand “hand-picked” that is less obvious than meets the eye: The report was sequestered from rigorous agency-wide reviews. This is the way these people have spoken to us for the past year.

Behind the ICA lie other indefensible realities. The FBI has never examined the DNC’s computer servers—an omission that is beyond preposterous. It has instead relied on the reports produced by Crowdstrike, a firm that drips with conflicting interests well beyond the fact that it is in the DNC’s employ. Dmitri Alperovitch, its co-founder and chief technology officer, is on the record as vigorously anti-Russian. He is a senior fellow at the Atlantic Council, which suffers the same prejudice. Problems such as this are many.

“We continue to stand by our report,” CrowdStrike said, upon seeing the VIPS blueprint of the investigation. CrowdStrike argues that by July 5 all malware had been removed from the DNC’s computers. But the presence or absence of malware by that time is entirely immaterial, because the event of July 5 is proven to have been a leak and not a hack. Given that malware has nothing to do with leaks, CrowdStrike’s logic appears to be circular.

In effect, the new forensic evidence considered here lands in a vacuum. We now enter a period when an official reply should be forthcoming. What the forensic people are now producing constitutes evidence, however one may view it, and it is the first scientifically derived evidence we have into any of the events in which Russia has been implicated. The investigators deserve a response, the betrayed professionals who formed VIPS as the WMD scandal unfolded in 2003 deserve it, and so do the rest of us. The cost of duplicity has rarely been so high.

I concluded each of the interviews conducted for this column by asking for a degree of confidence in the new findings. These are careful, exacting people as a matter of professional training and standards, and I got careful, exacting replies.

All those interviewed came in between 90 percent and 100 percent certain that the forensics prove out. I have already quoted Skip Folden’s answer: impossible based on the data. “The laws of physics don’t lie,” Ray McGovern volunteered at one point. “It’s QED, theorem demonstrated,” William Binney said in response to my question. “There’s no evidence out there to get me to change my mind.” When I asked Edward Loomis, a 90 percent man, about the 10 percent he held out, he replied, “I’ve looked at the work and it shows there was no Russian hack. But I didn’t do the work. That’s the 10 percent. I’m a scientist.”