- My Forums
- Tiger Rant
- LSU Recruiting
- SEC Rant
- Saints Talk
- Pelicans Talk
- More Sports Board
- Coaching Changes
- Fantasy Sports
- Golf Board
- Soccer Board
- O-T Lounge
- Tech Board
- Home/Garden Board
- Outdoor Board
- Health/Fitness Board
- Movie/TV Board
- Book Board
- Music Board
- Political Talk
- Money Talk
- Fark Board
- Gaming Board
- Travel Board
- Food/Drink Board
- Ticket Exchange
- TD Help Board
Customize My Forums- View All Forums
- Show Left Links
- Topic Sort Options
- Trending Topics
- Recent Topics
- Active Topics
Started By
Message
re: Durham has evidence that dnc email hack was done by someone with physical access to server
Posted on 10/6/21 at 7:29 am to HailHailtoMichigan!
Posted on 10/6/21 at 7:29 am to HailHailtoMichigan!
0
Posted on 10/6/21 at 9:10 am to CamdenTiger
To be clear people are confusing a few events, with likely different actors.
1) Podesta emails: retrieved remotely after a password phishing scam directly from his personal Gmail email inbox, unrelated to any DNC hacking, by parties unknown (but perpetrator later put a fake Wikipedia page of Podesta on the site used in the scheme, apparently to mock Podesta, which points to a non-state actor).
2) DNC emails (as published by WikiLeaks): according to former UK ambassador Murray these were given to him on a USB stick in Washington by an intermediary and were retrieved by a leaker directly from DNC systems. The set ONLY includes emails from a limited set of accounts, mostly related to DNC Finance, yet the more interesting & damaging accounts (such as DWS) are not in that set, which points to a DNC internal operative who has some problem with activities by DNC Finance (the HRC finance scheme, detrimental to local (state) DNC organizations and efforts undermining Bernie Sanders). These were retrieved from DNC MS Exchange server (either remotely, like Podesta, or via Powershell command issued by a person with admin level access to the DNC Exchange server).
3) Guccifer 2 (G2) data set: this data set was analyzed by many people and consists of mostly OLD documents which are all not harmful to the DNC. This data set was zipped in Central US time-zone, the files had been put on an USB stick earlier in Eastern US timezone (perhaps when copying from DNC file servers). This seems part of an attempt to muddy the waters, it is a fake which seems to have had help from inside the DNC (in order to copy the files). G2 later would go in to lot of effort to leave ‘Russian’ fingerprints on some of the documents (clearly a set-up). He also claimed to be Romanian, but when questioned in Romanian he answered in incorrect, strange and at time archaic ‘Romanian’, so he was disbelieved and assumed to be (say) Russian; yet this can’t have been done by a non-Romanian and non-Moldovan speaker using a service like Google Translate because then he would not have made such ‘errors’. A check of what he actually wrote points to a person who speaks Moldovan (a dialect of Romanian), which is spoken by people in Moldova and in the Ukraine. Also one of the documents published by G2 was a DNC Trump Opposition Research file (which was singled out by CrowdStrike as one of the stolen documents, yet it is unclear how they would know that, unless they cooperated with G2).
4) DNC Server hack: CrowdStrike (CS) reported this on Jun 14th (via WaPo) and published more details the next day. There were a few different Fancy Bear 64bit binaries that they claimed to have found, yet the re-imaged the servers (a few times) between May and June 2016. The main malware was a X-Agent binary was found in two slightly different versions (with different compile dates), but note that the source code for this malware is in the public hacker domain (at least among Russian, Ukrainian and other East European hackers; one EU IT security firm managed to get a copy; the Ukrainian hacker friends of the Ukrainian-American CEO of CS very likely also had access). The other binary was a helper utility X-Tunnel; it is likely (if not not known with certainty) that the source code for this binary was also in the public hacker domain. Note that this binary contained 3 IP addresses for Command and Control servers, one of which was identified as certainly belonging to Fancy Bear (as that one has been used in Bundesttag attack in 2015), the problem with that is that this IP address has been removed in May 2015 hence the hackers no longer could use that IP, yet it is still there in this freshly compiled binary (no doubt to point the finger at the Russians).
Note that all 3 binaries had been compiled in late April and early May 2016, shortly before or on the dates that CS is said to have visited the DNC.
5) The 2016 spear-phishing campaign against US targets (a.o. DNC): SecureWorks reported a large phishing campaign which was run in early 2016, which included hundreds of targets, including quite a few DNC (related) people. But note that there were also many other targets.
SecureWorks and others claimed that this was the same campaign as which targeted Podesta, but this is incorrect. The URLs used show that the Podesta phishing hack used a different server with a quite different name and both campaigns also used different server side software (different applications on the phishing scam servers) because the URL’s and parameters are completely different.
1) Podesta emails: retrieved remotely after a password phishing scam directly from his personal Gmail email inbox, unrelated to any DNC hacking, by parties unknown (but perpetrator later put a fake Wikipedia page of Podesta on the site used in the scheme, apparently to mock Podesta, which points to a non-state actor).
2) DNC emails (as published by WikiLeaks): according to former UK ambassador Murray these were given to him on a USB stick in Washington by an intermediary and were retrieved by a leaker directly from DNC systems. The set ONLY includes emails from a limited set of accounts, mostly related to DNC Finance, yet the more interesting & damaging accounts (such as DWS) are not in that set, which points to a DNC internal operative who has some problem with activities by DNC Finance (the HRC finance scheme, detrimental to local (state) DNC organizations and efforts undermining Bernie Sanders). These were retrieved from DNC MS Exchange server (either remotely, like Podesta, or via Powershell command issued by a person with admin level access to the DNC Exchange server).
3) Guccifer 2 (G2) data set: this data set was analyzed by many people and consists of mostly OLD documents which are all not harmful to the DNC. This data set was zipped in Central US time-zone, the files had been put on an USB stick earlier in Eastern US timezone (perhaps when copying from DNC file servers). This seems part of an attempt to muddy the waters, it is a fake which seems to have had help from inside the DNC (in order to copy the files). G2 later would go in to lot of effort to leave ‘Russian’ fingerprints on some of the documents (clearly a set-up). He also claimed to be Romanian, but when questioned in Romanian he answered in incorrect, strange and at time archaic ‘Romanian’, so he was disbelieved and assumed to be (say) Russian; yet this can’t have been done by a non-Romanian and non-Moldovan speaker using a service like Google Translate because then he would not have made such ‘errors’. A check of what he actually wrote points to a person who speaks Moldovan (a dialect of Romanian), which is spoken by people in Moldova and in the Ukraine. Also one of the documents published by G2 was a DNC Trump Opposition Research file (which was singled out by CrowdStrike as one of the stolen documents, yet it is unclear how they would know that, unless they cooperated with G2).
4) DNC Server hack: CrowdStrike (CS) reported this on Jun 14th (via WaPo) and published more details the next day. There were a few different Fancy Bear 64bit binaries that they claimed to have found, yet the re-imaged the servers (a few times) between May and June 2016. The main malware was a X-Agent binary was found in two slightly different versions (with different compile dates), but note that the source code for this malware is in the public hacker domain (at least among Russian, Ukrainian and other East European hackers; one EU IT security firm managed to get a copy; the Ukrainian hacker friends of the Ukrainian-American CEO of CS very likely also had access). The other binary was a helper utility X-Tunnel; it is likely (if not not known with certainty) that the source code for this binary was also in the public hacker domain. Note that this binary contained 3 IP addresses for Command and Control servers, one of which was identified as certainly belonging to Fancy Bear (as that one has been used in Bundesttag attack in 2015), the problem with that is that this IP address has been removed in May 2015 hence the hackers no longer could use that IP, yet it is still there in this freshly compiled binary (no doubt to point the finger at the Russians).
Note that all 3 binaries had been compiled in late April and early May 2016, shortly before or on the dates that CS is said to have visited the DNC.
5) The 2016 spear-phishing campaign against US targets (a.o. DNC): SecureWorks reported a large phishing campaign which was run in early 2016, which included hundreds of targets, including quite a few DNC (related) people. But note that there were also many other targets.
SecureWorks and others claimed that this was the same campaign as which targeted Podesta, but this is incorrect. The URLs used show that the Podesta phishing hack used a different server with a quite different name and both campaigns also used different server side software (different applications on the phishing scam servers) because the URL’s and parameters are completely different.
Posted on 10/6/21 at 9:17 am to Viator106
quote:
His Name Was Seth Rich !
Seemed likely early on. The speed markers on the download were revealed as way too fast for the systems Internet early on too, but the corrupt mediots of the MSM ignored all of the facts that didn't support their narrative.
Given what Hillary did to Boinie, I'm not surprised that a Boinie boy is likely the one who let the cat out of the bag.
Posted on 10/6/21 at 10:54 am to Hooligan's Ghost
quote:
what is the password for the dnc server?
1DiDN0THavESeXuaLReLAt1onsWiThThatW0mAn
Posted on 10/6/21 at 11:26 am to UAinSOUTHAL
quote:
what is the password for the dnc server?
password
Posted on 10/6/21 at 11:33 am to Jbird
quote:
Which proggy was it that claimed the download speeds were capable from Russia?
Rexcatur?
Both DoucheTerry and the Buckeye guy who got caught lying about his military service.
Posted on 10/6/21 at 9:10 pm to HailHailtoMichigan!
quote:
How was this determined? The time stamps contained in the released computer files’ metadata established that at 6:45 P.M. on July 5, 2016, 1,976 megabytes (not megabits) of data were downloaded from the DNC’s server. This took 87 seconds, which means the transfer rate was 22.7 megabytes per second, a speed, according to VIPS, that “is much faster than what is physically possible with a hack.” Such a speed could be accomplished only by direct connection of a portable storage device to the server. Accordingly, VIPS concluded that the DNC data theft was an inside job by someone with physical access to the server.
This is the debunked "Foresicator" BS. Even Binney had to agree it was BS.
quote:
Durham has evidence that dnc email hack was done by someone with physical access to server
Nothing in that article suggests Durham has that. His name isn't even the body of the article. Why put that in the thread title?
Posted on 10/6/21 at 10:08 pm to HailHailtoMichigan!
Wow stupid frick is a few years to late.
Page 3 of 3
Popular
Back to top
Follow TigerDroppings for LSU Football News