-
Features
Forensic data shows Russians did not hack the DNC
- Thread starter tupac chopra
- Start date
barbos
Contributor
Interesting. But I was under impression that DNC hack was unsuccessful, no? I mean people here on this board said that. All leaked emails were result of phishing of Podesta.
In any case they seem to be claiming that at some point someone on eastern coast copied multiple files from one place to another with average speed of 23 MB/sec. This is consistent with USB2 hard drive. or probably fast flash drive. It does not preclude hacking, it just means there were some copying and repackaging afterwards. as for the time zone then russian hackers could be on eastern coast, after all russian embassy is on eastern coast.
In any case they seem to be claiming that at some point someone on eastern coast copied multiple files from one place to another with average speed of 23 MB/sec. This is consistent with USB2 hard drive. or probably fast flash drive. It does not preclude hacking, it just means there were some copying and repackaging afterwards. as for the time zone then russian hackers could be on eastern coast, after all russian embassy is on eastern coast.
LordKiran
Veteran Member
As I recall, people were constasntly having to remind one person over and over again that this was the case.
- Joined
- Oct 22, 2002
- Messages
- 39,115
- Location
- Frozen in Michigan
- Gender
- Old Fart
- Basic Beliefs
- Don't be a dick.
Copied locally from the hacker's computer? They conveniently forgot about that possibility.
Copied locally is not incompatible with being hacked.
Hackers often subvert a weakly-guarded machine that's within the network and use that to attack the more strongly guarded ones. Security settings are generally much more liberal with machines on one's intranet than those coming from the outside.
beero1000
Veteran Member
So I read through this and had a question:
The 'copied locally' conclusion is based solely on the speed of the transfer, i.e. taking the file sizes and dividing by the transfer times. Forget the fact that 23MB/s isn't that fast, and fiber connections can do that pretty easily, but they did some adjustments based on 'gap times' too. Specifically:
But then in Conclusion 4:
Does that seem fishy to anyone else?
The 'copied locally' conclusion is based solely on the speed of the transfer, i.e. taking the file sizes and dividing by the transfer times. Forget the fact that 23MB/s isn't that fast, and fiber connections can do that pretty easily, but they did some adjustments based on 'gap times' too. Specifically:
Conclusion 3 said:
But then in Conclusion 4:
Conclusion 4 said:
Does that seem fishy to anyone else?
Jimmy Higgins
Contributor
- Joined
- Jan 31, 2001
- Messages
- 44,388
- Basic Beliefs
- Calvinistic Atheist
Sounds like a circular reference.
fromderinside
Mazzie Daius
- Joined
- Oct 6, 2008
- Messages
- 15,945
- Basic Beliefs
- optimist
Fire Dan Rather!
beero1000
Veteran Member
Worse, it looks like it was done to tweak the numbers to get the desired speed result.
According to the analysis, the time difference between the earliest and latest files is 14 min 15 sec and 1976 MB were copied. They 'corrected' the gap time by removing 12 minutes 48 seconds so that the 1976 MB over 1 min 27 seconds gives the 22.7 MB/s. If we do the 1976 MB over the full 14:15, we get 2.3 MB/s.
So how did they get the 12:48 'gap time' to remove? They don't give the exact details, but they found the time difference between consecutive files and then probably removed some amount proportional to the file's size. Any remaining time was included as a 'gap', which was then removed. That is sketchy because of the effect the assumed speed will have on the results. Pick a larger constant of proportionality and get a faster speed or pick a smaller one to get a slower speed, what could go wrong?
I didn't get a consistent estimate for the proportion they used because their gaps are all rounded to the nearest second (and I hope the rounding was just cosmetic and that the constant they used wasn't too big), but it seems to me like an easier way to determine average transfer speed is to look at the times for the largest files. Taking the biggest file listed, stuffformike.zip, which has size 125,157,664 B, the time difference with the preceding file was about 31.1 seconds. There's no gap listed, so presumably they think that the file transferred in about that time, but that's only a 4 MB/s transfer rate.
So, yeah...
Jimmy Higgins
Contributor
- Joined
- Jan 31, 2001
- Messages
- 44,388
- Basic Beliefs
- Calvinistic Atheist
Thanks. Based on the OP'er, I wasn't wasting my time with what was probably crap. Jebus! They slash the time with their new "gap time" and viola... no hacking.
Agreed. Just take the largest file, look at the transfer rate and there. Though, maybe include some "pause gaps" just in case they paused the transfer to get coffee or something.
What's so fishy about it? The analysis seems reasonable. However, it doesn't say that the hacker wasn't simply working through a local machine that was compromised. Since a local, compromised machine is a common means of attack I don't see that it provides any useful information (beyond showing that we are only seeing a small part of what was stolen.)
repoman
Contributor
Seymour Hersh talking about Seth Rich and Wikileaks
KeepTalking
Code Monkey
- Joined
- Jan 15, 2010
- Messages
- 4,641
- Location
- St. Louis Metro East
- Basic Beliefs
- Atheist, Secular Humanist, Pastifarian, IPUnitard
That's not what we said. We had to repeatedly remind WP that Hillary Clinton's email server was not hacked.
Partially correct. Podesta's leaked emails were the result of Podesta being phished. There were other emails that were obtained using other methods, including a Hillary staffer who had her emails on Clinton's server stolen due to compromised login credentials.
barbos
Contributor
It's all true, but why do you refuse to apply this argument to "Russia did it" theory as well?
barbos
Contributor
So how many separate successful leaks or attacks happened there?
I just had a thought about this factoid. How do we know it was not successfully hacked?
I find it awfully convenient and fortunate For Hillary to claim "It's true, these bad russians tried to hack my (not quite legal) server but they failed so it's OK to have it". I mean both these "facts" are awfully favorable for Clinton.
Jimmy Higgins
Contributor
- Joined
- Jan 31, 2001
- Messages
- 44,388
- Basic Beliefs
- Calvinistic Atheist
You mean other than the arbitrariness of selecting such a metric?
beero1000
Veteran Member
Because it induces a tweak-able parameter to influence the conclusion. A parameter they left completely opaque, not mentioning what value they chose or how they chose it. Depending on the number they picked, they could have gotten any speed above 2.3 MB/s. What value did they pick? How did they choose that value to get 22.7 MB/s? They don't say...
Spending all that time talking about time zones and the details of the cp command and NTFS filesystems, but glossing over the single most important detail of their 'analysis' isn't fishy?
KeepTalking
Code Monkey
- Joined
- Jan 15, 2010
- Messages
- 4,641
- Location
- St. Louis Metro East
- Basic Beliefs
- Atheist, Secular Humanist, Pastifarian, IPUnitard
I'm not sure what you mean by "there", or what leaks have to do with hacking, but if my memory is correct on this, there were 4 successful attacks against the Clintons / DNC. Those would be the Guccifer 2.0 hack of the DNC emails, the phishing attack on Podesta's email, the compromised Clinton aide's email account accessed using Tor, and the original Guccifer hacking of Sid Blumenthal's email. It is the Blumenthal hack that I think is often confused for a hack of the Clinton server, as Guccifer originally claimed to have hacked her server, but later admitted that he was lying about it.
If her server had been hacked, and emails retrieved from it, they would have been released during the 2016 campaign, if not earlier, in an attempt to damage her.
That is not a claim that Hillary ever made, so I am not sure why you are trying to put those words in her mouth. The first thing you should realize is that Hillary Clinton only served as Secretary of State from 2009 to 2013, and her server was shut down long before Trump announced his candidacy and began colluding with the Russians to steal the election. Also, the original Guccifer is Romanian, not Russian.
barbos
Contributor
So there were 4 successful attacks which were NOT attributed to russians, Plus 2 failed attempts which WERE attributed to russians by some russian expat who happened to be friend of Clinton and whose other report on russia was demonstrated to be 100% false and biased if not fraudulent. And yes, FBI were not allowed to examine servers. Is that all we know?
Jimmy Higgins
Contributor
- Joined
- Jan 31, 2001
- Messages
- 44,388
- Basic Beliefs
- Calvinistic Atheist
And we must remember that Clinton and the DNC is framing the Russians for an election loss that is 4 months away and looking quite unlikely... and if Clinton won (according to barbos), there wouldn't have even been sanctions.