It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

Somebody's Lying — FBI Denies Evidence of Chinese Hacking Found on Clinton Email Server

page: 3
30
<< 1  2    4  5  6 >>

log in

join
share:

posted on Aug, 29 2018 @ 10:46 PM
link   
a reply to: underwerks

Can you quote me in that report the IG saying the ICIG never met with these people to discuss chinese hacks?

Funny thing is even the creator of this thread acknowledges both sides of this story are reliant on anonymous sourcing, yet still you persist.




posted on Aug, 29 2018 @ 10:49 PM
link   

originally posted by: Grambler
a reply to: underwerks

Can you quote me in that report the IG saying the ICIG never met with these people to discuss chinese hacks?

Funny thing is even the creator of this thread acknowledges both sides of this story are reliant on anonymous sourcing, yet still you persist.


No offense to ante, but I’d rather go with what the report says over what someone posts on the internet.

I can’t copy and paste from a pdf. But the information is right there for all who want to do a little research.

Have at it.



ETA: It’s on page 104-105 of the report. I’m trying to find a way to copy and paste on my phone...
edit on 29-8-2018 by underwerks because: (no reason given)

edit on 29-8-2018 by underwerks because: (no reason given)

edit on 29-8-2018 by underwerks because: Crap

edit on 29-8-2018 by underwerks because: (no reason given)

edit on 29-8-2018 by underwerks because: (no reason given)



posted on Aug, 29 2018 @ 11:16 PM
link   
a reply to: underwerks

Right the report said that the FBI midyear agent said that there may have been a hack, but he saw no proof of it.

Nowhere in that report does it mention the Intel community inspector general (ICIG) or their findings, or rather or not the had these meetings.


repeatedly with FBI officials to warn them of the Chinese intrusion, according to a former intelligence officer with expertise in cybersecurity issues, who was briefed on the matter. He spoke anonymously, as he was not authorized to publicly address the Chinese’s role with Clinton’s server.

Among those FBI officials was Peter Strzok, who was then the bureau’s top counterintelligence official. Strzok was fired this month following the discovery he sent anti-Trump texts to his mistress and co-worker, Lisa Page. Strzok didn’t act on the information the ICIG provided him, according to Gohmert.

Gohmert mentioned in the Judiciary Committee hearing that ICIG officials told Strzok and three other top FBI officials that they found an “anomaly” on Clinton’s server.

The former intelligence officer TheDCNF spoke with said the ICIG “discovered the anomaly pretty early in 2015.”

“When [the ICIG] did a very deep dive, they found in the actual metadata — the data which is at the header and footer of all the emails — that a copy, a ‘courtesy copy,’ was being sent to a third party and that third party was a known Chinese public company that was involved in collecting intelligence for China,” the former intelligence officer told TheDCNF.

“The [the ICIG] believe that there was some level of phishing. But once they got into the server something was embedded,” he said. “The Chinese are notorious for embedding little surprises like this.”


Again, I concede that I dont know which story is true.

But the IG report just says the FBI could not definitively find eveindce iof a hack, it doesnt mention anything to do with the ICIG or meetings they had.



posted on Aug, 29 2018 @ 11:24 PM
link   
a reply to: Grambler


Thats a fancy way of saying the FBI did not look at the physical evidence.

Instead the got second hand evidence form a DNC hired company.


No.

1. The physical hardware is all but irrelevant. It's not like they're lifting prints off the chassis or looking for residue on a motherboard. This is particularly true because the servers were apparently virtual. With virtual servers, there's not a single physical server. Instead, there are virtualization hosts running a hypervisor and some sort of shared storage and multiple virtual servers share them.

My setup at work is Citrix Xenserver with 8 hosts in the main pool and storage repositories on a total of 4 storage servers. On that, we're running around two dozen virtual servers.

Instead of physical hard drives, the disks are virtual disks (VHDs in this case but there are other formats like VMDK) which are basically extremely large files which contain everything that would be present in a physical disk. The VHDs themselves are stored on storage servers on the SAN.

I can live migrate the VMs between any of the hosts in ~1-2 min. I can also live migrate the VHDs between storage repos.

Anyway, aside from the virtual disks, there's config data stored in a database and that's about it except for in the case of a running VM which will have a chunk of the RAM in use on whatever host it's currently running on.

If I needed to somehow give you one of the servers, there's not a piece of hardware I would give you. What I'd give you would be a copy of the VHD(s) (you can create a new VM and attach the VHD) or maybe export the VM into an OVF package (which could be imported) which would contain not only the VHDs but also XML files with various config parameters.

2. The insinuation in "second hand" is that the images are somehow less reliable as evidence, that they could have been modified somehow in copying or something. The problem with this is that if there was some funny business, if CrowdStrike was faking a hack, they could just fake the forensic evidence of one on the servers in the first place.

In fact, they could have planted all the forensic evidence and turned over a physical server too if these were physical servers. Handing the FBI images wouldn't really do anything to facilitate pulling off a hoax.

So in that regard, they're exactly as reliable as the physical server would be. And forensic images are bit for bit copies so it's not like making dubbing songs on cassette or something.


Seeing as how this hack was such a big issue that some people called it an act of war, why would the FBI insist on seeing the physical server?

Why wouldnt the DNC insist they did that?


Why would they?



posted on Aug, 29 2018 @ 11:25 PM
link   
a reply to: Grambler

After reading the report, you’re right, either side may be lying. The FBI agent who was in charge of the analysis isn’t specifically named. What I was talking about is on page 104-105 under intrusion analysis.

Regardless, the DOJ IG signed off on this report. So it really just comes back to who you believe more, Donald Trump, or the Justice Department.



posted on Aug, 29 2018 @ 11:35 PM
link   
Did the last IG report mean much from a legal perspective?

Horowitz referred McCabe to Sessions for Criminal investigation after 1st IG report.

Any referrals from the 2nd Report, on FBI / Hillary?



posted on Aug, 29 2018 @ 11:37 PM
link   
a reply to: theantediluvian

No matter what you say, the truth is there will always be room for error, no matter how small, between using a copy vs the original.

And you are conveniently failing to mention that the FBI did not make the copy of the server themselves, they accepted the dnc paid for firms copy that they made.

Crowdstrike could have made a mistake, or could have had an agenda to make it look as if Russia committed the hacks.

Given that this situation was so serious it could have swung an election for president, or lead to war, why take any chances?

So there was a negative, even if you think it was a small chance, of relying on thye dnc paid for company to provide a copy.

What would the negative been to the FBI having access to the physical server?

NONE!!!!!

So now we are left hoping that the dnc paid for firm didnt make a mistake or have an agenda when copying the server.

GIve me one good reason for the fbi not taking the server.



posted on Aug, 29 2018 @ 11:46 PM
link   
a reply to: Lumenari


As an afterthought, Mike Flynn came into the white house with a pretty big mission...


I thought you were going to say make sure Erdogan got his hands on Gulen!

But seriously, stop pretending like Mike Flynn is some lily white crusader for truth, justice and the American way come to clean up corruption.

Mike Flynn, as he was serving as a nat sec advisor to Trump's campaign, was also in the employ of the Turkish government. He didn't register as a foreign agent and in fact, he received payment ($530k) through a corporate cut out to hide his lobbying activities. He was paid to among other things, author this op-ed published on 11/8/2016:

Our ally Turkey is in crisis and needs our support

In fact, Flynn and his son were meeting with Erdogan's son-in-law and the Turkish foreign minister in NY and discussing over dinner, a plot to kidnap Gulen and deliver him to Erdogan. They were allegedly offered $15 million to make this happen. One of those meetings on Sept 19, 2016, was attended by James Woolsey.

Then sometime, I believe it was just before the election, he entered into an agreement with Cambridge Analytica parent company, SCL to basically use his contacts to obtain contracts for the firm.

Then of course, if the administration is to be believed, he lied to everyone and in particular, lied straight to Mike Pence's face, about his contacts with Kislyak.

Hardly an anti-corruption luminary or paragon of honesty.



posted on Aug, 29 2018 @ 11:47 PM
link   
a reply to: Grambler


I guess we need to find out what Rucker and McMillian say about this.


That seems the obvious next step as well as getting their emails, appointments ect. If the DC article about them is true, there HAS to be a paper trail.



posted on Aug, 29 2018 @ 11:54 PM
link   

originally posted by: Deplorable
Just pull their funding and be done with them.

Seriously: What has the FBI done for any of us? EVER??


I was arrested by the FBI about 25 years ago, it was one of the most interesting events of my life... I had been working in a local computer store and was just pouring myself a cup of coffee one morning just as we opened for business, when, all of a sudden, about 15 agents stormed the location and told everyone to get away from the computers and get up against the wall.

The agents looked like typical K-Mart shoppers (I guess nowadays they would be Wal-Mart shoppers), EXCEPT for the 2 agents in charge who bore an AMAZING resemblance to Scully & Mulder. I was briefly handcuffed by "Scully" with gold colored handcuffs, and was then released because I was a new employee and had not been involved in any fashion with the matter that was under investigation (selling Windows 95 CD-ROMs pirated in China).

So, the FBI did get me out of work for the day and gave me a memorable experience.



posted on Aug, 30 2018 @ 12:28 AM
link   
a reply to: theantediluvian

You seem to overlook that the fact that when a VHD is used in the server, the data is still saved within physical hard drives. Ergo, any deleted data "may" be recoverable to some extent. Which in the case it isn't, it may indicate that they were intentionally "swiped" or re-encrypted and in effect tampered.

In my opinion, this was the main reason for the servers to go through CroudStrike.
If the FBI does not have the physical disks, no forensic analysis can be done of the data outside the VHD.

Not even the drive life data to see if the disks were switched!
I mean, this whole thing stinks.

edit on 8/30/2018 by efabian because: (no reason given)



posted on Aug, 30 2018 @ 12:56 AM
link   
Plot twist: Trump is the source.



posted on Aug, 30 2018 @ 01:01 AM
link   

originally posted by: theantediluvian
a reply to: Grambler


Thats a fancy way of saying the FBI did not look at the physical evidence.

Instead the got second hand evidence form a DNC hired company.


No.

1. The physical hardware is all but irrelevant. It's not like they're lifting prints off the chassis or looking for residue on a motherboard. This is particularly true because the servers were apparently virtual. With virtual servers, there's not a single physical server. Instead, there are virtualization hosts running a hypervisor and some sort of shared storage and multiple virtual servers share them.

My setup at work is Citrix Xenserver with 8 hosts in the main pool and storage repositories on a total of 4 storage servers. On that, we're running around two dozen virtual servers.

Instead of physical hard drives, the disks are virtual disks (VHDs in this case but there are other formats like VMDK) which are basically extremely large files which contain everything that would be present in a physical disk. The VHDs themselves are stored on storage servers on the SAN.

I can live migrate the VMs between any of the hosts in ~1-2 min. I can also live migrate the VHDs between storage repos.

Anyway, aside from the virtual disks, there's config data stored in a database and that's about it except for in the case of a running VM which will have a chunk of the RAM in use on whatever host it's currently running on.

If I needed to somehow give you one of the servers, there's not a piece of hardware I would give you. What I'd give you would be a copy of the VHD(s) (you can create a new VM and attach the VHD) or maybe export the VM into an OVF package (which could be imported) which would contain not only the VHDs but also XML files with various config parameters.

2. The insinuation in "second hand" is that the images are somehow less reliable as evidence, that they could have been modified somehow in copying or something. The problem with this is that if there was some funny business, if CrowdStrike was faking a hack, they could just fake the forensic evidence of one on the servers in the first place.

In fact, they could have planted all the forensic evidence and turned over a physical server too if these were physical servers. Handing the FBI images wouldn't really do anything to facilitate pulling off a hoax.

So in that regard, they're exactly as reliable as the physical server would be. And forensic images are bit for bit copies so it's not like making dubbing songs on cassette or something.


Seeing as how this hack was such a big issue that some people called it an act of war, why would the FBI insist on seeing the physical server?

Why wouldnt the DNC insist they did that?


Why would they?


[striketrough]For a Citrix admin you sure don't know #.[/strikethrough]

That was rude, sorry.

Those VHD's are written to a logical layer on the storage volumes, and depending on the FS of the NAS or SAN, they might even be block level.

Let's not forget here that the FBI NEVER HAD THE SERVER!

You say that's not important, I say you're DEAD WRONG.

If I was an FBI Forensic Analyst, I would KNOW that there's literally NO WAY to tell if the VHD I was handed by Crowdstrike was the actual or unvarnished copy of the server. If I hand you a VHD which had been copied off of the storage repository, i could've done anything to that VM prior to shipping it off.

The ONLY way to be sure it was untouched would be to immediately SEIZE the hypervisor and storage disks, JUST like they did to Cohen and Manafort. EXACTLY LIKE THAT.

I can tell you might know a little with your quaint office setup, but you need to trust me on this. There is NO way to tell if it was indeed unmolested without looking at an immediately-seized physical system. There are too many ways around it.

clearing logs, deleting files (then make a copy of that VHD again onto new disk which CAN'T be undeleted), etc. etc.

I don't want to let on any more about why I know this stuff, but you should trust me.


edit on 30-8-2018 by Tempter because: (no reason given)



posted on Aug, 30 2018 @ 01:06 AM
link   
a reply to: Tempter

Nah.

It's not a big deal to make a sector by sector image. I do it on my PC each month. Everything is there.

edit on 8/30/2018 by Phage because: (no reason given)



posted on Aug, 30 2018 @ 01:14 AM
link   

originally posted by: Phage
a reply to: Tempter

Nah.

It's not a big deal to make a sector by sector image. I do it on my PC each month. Everything is there.


Cool guys, just stop.

You don't know what you're talking about.



posted on Aug, 30 2018 @ 01:15 AM
link   
a reply to: Tempter

Can you elaborate?


Oh. I see you did. You don't know what you're talking about.

An image is an image. Bit for bit.
edit on 8/30/2018 by Phage because: (no reason given)



posted on Aug, 30 2018 @ 01:19 AM
link   

originally posted by: Phage
a reply to: Tempter

Can you elaborate?


Oh. I see you did. You don't know what you're talking about.

An image is an image.


An image is an image, sure. But you don't WHICH image I gave you, or was present.

*not unless you immediately seize the servers
edit on 30-8-2018 by Tempter because: (no reason given)

edit on 30-8-2018 by Tempter because: (no reason given)



posted on Aug, 30 2018 @ 01:22 AM
link   
a reply to: Tempter

People don't seem to understand hard drive forensics...
Without the original and untampered physical disk, anything can be hidden.



posted on Aug, 30 2018 @ 01:38 AM
link   
a reply to: Tempter

I don't understand. Why would an attempt be made to conceal a security breach on the server?

The bad thing, supposedly, was using the server at all. Right?

Are you thinking they knew about a breach and cleaned it up? Without a trace?

edit on 8/30/2018 by Phage because: (no reason given)



posted on Aug, 30 2018 @ 01:43 AM
link   
a reply to: vinifalou

Oh because trump the liar is so credible. Riiiiight.




top topics



 
30
<< 1  2    4  5  6 >>

log in

join