Reds Under The Bed

Last year during the election campaign, the servers at the Democratic National Committee were penetrated by still unknown actors. From early on, I’ve held that the Russian Government did NOT hack the DNC computer. I have not seen any evidence that says otherwise. Here are two equally probable Russian suspects with no ties to Vladimir Putin … the man with the best villian-name ever, Boris Badunov, and his lovely partner in crime, Natasha Fatale …

boris and natasha.png

Let me lay out the ideas and the evidence in the DNC server case, and you can decide for yourself.

My initial unease, the very first thing that set off my urban legend detector, was the following thought—The Russians are usually interested in material for blackmail, not for publicity. They know how well blackmail works. If they had found “compromat” on the DNC servers, compromising material, surely they would have held on to it so they could apply future pressure on a clearly anticipated Clinton administration. Why waste valuable compromat on the lost cause of vainly attempting to deny her the inevitable Presidency, when the same material would be much more useful for post-election blackmail?

Like everyone else, the Russians were sure that Clinton would win. What possible good would it do the Russians to publish the damning DNC information? They’d just be antagonizing her for no gain.

The Russians had no reason to prefer Trump over Clinton, and every reason to prefer Clinton over Trump. They’d watched her foolishly pushing her big red “RESET” button on TV, and they had taken her measure as Secretary of State. They’d been able to get her to agree to selling them 20% of our uranium in exchange for money for Bill Clinton and money for the Clinton Foundation; they’d watched her negotiating skills; they seen her actions in Libya and knew her views on the Syrian “red line”; they figured they could predict her responses … what’s not to like?

Trump, on the other hand, was known to be unpredictable, to be a hard-nosed negotiator, and to approve of and surround himself with strong generals and alpha males … which, as the Russians surely knew, is not a good combo for Putin and the Russian global ambitions, as post-election events have proven. See “T. Rex” Tillerson and General Mattis as examples …

The US Government intelligence report on the DNC server intrusion, which was widely reported to be put together by “all seventeen US intelligence agencies”, merely parroted the findings of CrowdStrike, the private company hired by the DNC to investigate the penetration.

The intelligence agents writing the report never got to examine the DNC server. This is one of the most damning pieces of evidence, regardless of the interpretation put on it. What was on the computer that the DNC was working so hard to protect from their very own FBI???

As a result of having been denied access to the DNC server, the US Government intelligence analysts could not and did not have anything to go on except what CrowdStrike had reported. Unfortunately, in a case involving the penetration of a server, if there is no server to analyze, there is no evidence … and with no evidence there can be no analysis.

The intelligence report analysis was not done by 17 intelligence agencies, it was done by only three. And not three agencies, mind you. Three very carefully “hand-selected” individual researchers … and when you have to puff up the provenance of your three-person analysis by bringing in 14 other agencies to give it fake credibility, it greatly ups the odds that you are telling porkies

If the Russian Government hacked the DNC, do you seriously think they would use what were obviously Russian code tools and identities? Yet that is exactly what CrowdStrike, the private company that “investigated” the leak, and who were shamefully parroted by the US Government, would have us believe. They basically said that they found Russian bootprints at the scene of the crime, and that proves it was Russians what done it, honest it was … really? The hackers I read say that if they find Russian bootprints at a scene, the Russians automatically become the last suspects, not the first. Because as you might expect, any hacker who is worth his salt wears someone else’s boots …

Two hackers whose computer abilities I respect greatly, John McAfee and Kim Dotcom, both say it was not done by the Russians.

CrowdStrike, the company used by the DNC to investigate the DNC penetration, was forced shortly afterward to publicly retract false information and bogus accusations that they had put forward about another claimed Russian hacking operation.

The founders of CrowdStrike, two Ukrainians, are very anti-Russian. The organization has ties to both the US Government and to the Clintons. So it is no surprise that they would conclude that Russian bootprints mean Russian actors, and look no further …

Julian Assange says it was not done by the Russians, that the information was leaked to his organization rather than being hacked. And while Assange is no friend of the US, I don’t know of his ever having made a false statement about the provenance of his revelations.

Julian Assange’s “close associate” Craig Murray says that he was the one who personally picked up the memory stick containing the leaked information from the leaker (or the leaker’s confederate) and passed it to Assange. 

And finally, an analysis of the timing of the interchange shows that the DNC server information was transferred to either leakers or hackers at a speed of 22.6 Mb per second. And while this speed is much too fast to be achievable online, whether from Russia or even over a local VPN, it is a typical speed for transfer of files to a memory stick.

Given all of that, I’d say that the case that it was all the actions of the usual Russian suspects is far, far from being established. Where is the tiniest scrap of actual evidence that the Russian Government had anything at all to do with the DNC penetration? It may indeed be the case that they did it … but without evidence, to date we can’t begin to claim that the accusations against the Russian Government  are true in the slightest.

It’s my belief that the information above is accurate. If you find otherwise you are welcome to post your information. Free and open discussion is the source of an informed population and a core strength of democracy.

My best to everyone,

w.

Advertisements

18 thoughts on “Reds Under The Bed

  1. My day job is computer security and the point about ‘russian hacking tools’ is extremely important.

    Take a look at the CIA hacking tool leaks and how they routinely used tools designed to leave fingerprints that look like someone else.

    The thing about hacking tools is that they run on the target system, so anyone you deploy them against can copy the tools and use it themselves.

    Like

  2. The Grand Jury has handed down a 37-page indictment against “the Russians” with fine details about who, how, when and why they attempted to impact the US democratic process. The Prosecution is “the dog that didn’t how in the night-time” viz-a-viz the DNC server.

    Like

  3. Sounds about right to me.

    FWIW, I have a 7.5 year record of keeping bad guys out of Apple, followed by a few more years at other companies. I’ve worked on contract doing computer security related work for about a dozen years after that (the most recent contract at Disney). This is sort of my turf.

    In my professional opinion you are exactly right.

    Were I cracking a system and hacking into somewhere, one of the first things I’d consider is how to make it look like my origin was somewhere else and my identity was someone else. Once my “cover” was set, I’d proceed to selecting the tool kit (from the many ‘identities’ available) and planning my attack complete with time of day correctness, IP address (for the VPN origin) and plan to put the result on a Russian open server (as they have no extradition and don’t share their log files).

    In particular, your statement that if you don’t have the actual server hacked you have no evidence is exactly right and just the fact that the server was not forensically quarantined is a smoking gun of deception. When at Schwab, our forensics protocol had any suspect disk immediately powered down, full “chain of custody” kept (disk in a dedicated vault), and all work done on a bit by bit copy of that disk which was always write protected and never allowed to change. (A specific ‘rig’ existed to allow bit copy with no write to the source – with 2 folks minimum observing and swearing no write to the source disk happened). That was for things far less significant that the DNC / Clinton stuff… It’s basically industry standard for things that may go to the cops. No sworn chain of custody means no evidence…

    This was not a Russian Job, it was a leak, not a hack.

    Like

  4. As soon as I heard that Debbie Blabbermouth Schultz refused to “allow” FBI to investigate the “hacking” of the DNC server I knew it was all a lie. My guess is John Podesta was the person who downloaded the pertinent data to a flash drive and delivered it to who ever was paying for it. Standard Clintoon mode of operation, cash&carry!

    Like

    • especially since the ‘hacking’ of podesta’s e-mail was so trivial (tricking him into entering his password in a bad site, and then discovering his password was ‘password’)

      with that sort of security, getting access to their secrets may not qualify as hacking (did they have them somewhere that could be reached with a browser?

      David Lang

      Like

  5. That’s where the Trump’s dossier comes in. If you believe it, Trump is Putin’s puppet and (for Putin) far preferable to Clinton. Why was that totally unverified piece of excrement included in the security briefing? Out of abundance of caution, we are told. We have security services to sort information from disinformation. Not to exude an abundance of caution. An EPIC FAILURE.

    Like

  6. It always struck me as odd that you would blame those who had been helping you and backing you in so many ways for something like this.
    Joseph Goebbels had it right about the big lie.

    James Bull

    Like

  7. Note that Crowdstrike Installed security software on the DNC system on 5 May 2016. According to the Wickileaks email dates, exfiltration of email continued thru 25 May. Leak not hack seems to me.

    Like

  8. Unfortunately when the Democrats start accusing people of something I have to think it’s something they’re actually guilty of.

    The amount of coverup that went on of the Clinton’s campaign and during her time in the State Department is one of the great political scandals of the 21st century because it involves actions done by not only the DNC and Clinton campaign but by members of the federal government. The mere fact that the characters that used Bleachbit on Clinton’s hard drive should have been charged with of obstruction of justice but the person who did it was given immunity without any profers that would have probably implicated either Clinton or her henchmen.

    And we have Muller changing people for crimes that had no relation to what he was charged to investigate but there doesn’t seem to be any effort to investigate the activities you mentioned nor the ones I’ve referred to. They used to call Regan the Teflon President, but the Clintons deserve to be called the Teflon Politicians.

    I spent my career doing work with the federal government and I was appalled at some of the things I saw, but the revelations about the Deep State that are coming out scare the hell out of me.

    Like

    • The Manafort indictments far exceed the written scope of Mueller’s written Special Prosecutor charter from Rosenstein. I read both the Special Prosecutor law and Rosenstein’s charter letter. Manafort may not be innocent in his Ukraine dealing, but not up to Mueller to indict as took place long before Trump descended the escalator to announce his candidacy. So clear political witch hunt, very worrisome.

      Liked by 1 person

      • Apparently Manafort was working in conjunction with the Obama Admin to facilitate Russia’s encroachment into Ukraine and other former USSR client states.

        Like

  9. I have been studying this whole situation (Trump/Russia—Mueller, FISA/FBI, Comey/Clinton…). You have an excellent facts list on the question of DNC hacked by Russia. IMO the last point concerning the email metadata download speed is definitive. Shows Assange is truthful when he said source was not a foreign state’s operatives (implying not hacked). Was an inside leak, probably by an upset Sanders supporter. Assange probably knows who, both because would have had to establish leak bona fides and because sent Murry to DC to pick up the memory stick on the campus of American University one night at an arranged rendevouz. AU campus is in NW DC, a nice residential area where DNC staffers would be expected to reside.

    Liked by 1 person

  10. Last year during the election campaign ? Hi Willis, was it not the year before last year? btw, I enjoy your blog very much! keep it up, best regards from the Swiss mountains, Fred

    Like

  11. I revisited this posting today [May 2018] in light of the news of “Crossfire Hurricane” the FBI ‘investigation’ (if that’s the right word) into the Trump campaign as reported by the New York Times. It seems that the DNC server hack, and blame for it on the Russians, played a major part of triggering all these investigative efforts. And yet the provenance of that blame has never been believable. The VIPS report (and their response to those who dissented from their view, and their response to that dissent can all be found at link below).

    https://www.thenation.com/article/a-new-report-raises-big-questions-about-last-years-dnc-hack/

    and a direct link to the original report the link above is based on
    https://consortiumnews.com/2017/07/24/intel-vets-challenge-russia-hack-evidence/

    Like

You are invited to add your comments. Please QUOTE THE EXACT WORDS YOU ARE DISCUSSING so we can all be clear on your subject.

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s