It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

Roger Stone Asks for Evidence Russians Hacked DNC Server

page: 3
43
<< 1  2    4  5  6 >>

log in

join
share:

posted on May, 14 2019 @ 04:54 AM
link   
a reply to: pavil

if you copy the hard drive you have the whole computer dont you?

What is the point of being able to copy data if you have to keep transporting it within the same physical machine?

You guys are acting like you cant pull data from a computer.
So tell me how you are typing on your keyboard or phone where ever you are but I can read what you write here in good old Virginia USA.

How do e mails work then?
You write an email and then send your computer to the person you want to read it?

I thought you guys were smarter than this. Well I hoped anyway.
edit on 5142019 by Sillyolme because: (no reason given)




posted on May, 14 2019 @ 04:55 AM
link   
a reply to: chr0naut

And they could not make the image and inspect the server themselves, it had to be crowdstrike that did it, makes total sense.



posted on May, 14 2019 @ 04:56 AM
link   
a reply to: Sillyolme

And if someone else copies it you have the whole of whatever they decided to give you.



posted on May, 14 2019 @ 05:07 AM
link   
a reply to: chr0naut

The images MAY be admissible. They may not be. Them being an image is not the problem, the fact the FBI had nothing to do with making them could be.



posted on May, 14 2019 @ 05:09 AM
link   

originally posted by: OccamsRazor04
a reply to: chr0naut

And they could not make the image and inspect the server themselves, it had to be crowdstrike that did it, makes total sense.


Yeah, it's rather specialist equipment and isn't really available for non-espionage use. It would only be available to NSA or CIA asset 'fronts'. But I deny saying that, it is a figment of your imagination.

(Like the bits they always leave out of publicly available diagrams of how an a-bomb works).




posted on May, 14 2019 @ 05:17 AM
link   
a reply to: chr0naut

Yes, that is why the FBI wanted to do it and the DNC denied their request. The FBI wanted to do it because they couldn't. Makes total sense.



posted on May, 14 2019 @ 08:53 AM
link   

As any admin of Exchange will tell you, mail stores can only ever grow.



edit on 14-5-2019 by Dem0nc1eaner because: (no reason given)

edit on 14-5-2019 by Dem0nc1eaner because: (no reason given)



posted on May, 14 2019 @ 08:55 AM
link   
"We have the server"



posted on May, 14 2019 @ 09:05 AM
link   

originally posted by: chr0naut

originally posted by: shooterbrody

originally posted by: chr0naut

originally posted by: pavil
a reply to: xuenchen

Why was it "not possible" for the FBI to actually have the DNC Server and Hard Drive in its possession to prove an International Event of the scope of Russia directly spying on a Presidential Campaign?

Wouldn't that be something you'd want to prove beyond a shadow of a doubt?

Between that, and the immunity deals they were handing out like condoms at Spring Break, I knew the whole thing smelled to high heaven.


Well, really in-depth security audit forensics takes time. If you switch of the server to pass it from location to location, you can't actually be doing any forensics on it.

The first step in any such forensics is to produce a bit-wise image of all the drives, so that you can re-try things if you accidentally mess with the content. You do this by removing the drives and mounting them in a different machine and then imaging them at a low level (called a bitwise image) this ignores format and partitioning on the drive and copies everything identically at the base level.

The other advantage in removing the drives is that you can read data from the side of the data tracks (in a magnetic rerecording HDD). This works because of a thing called magnetic hysteresis which means that magnetic domains spread out over time through the media and that greater energy is required to erase the data than it took to originally write it. This means that older data is still on the media even though overwritten by later magnetization. In a solid state drive, however, this does not work. To do this side-track reading, you have to modify the drive controller hardware. Standard hardware will not allow this type of operation.

The result is that you get two bitwise images for each drive and it is trivial to determine what data has been recently erased, by simply doing a comparison between them.

Once the original drives are imaged, they can be returned to the original machine, which can either continue to be used or it can be rebuilt. The hardware isn't actually the critical component anymore. The data content is.

Crowdstrike provided the FBI with the same images that it was using to do the forensics. Essentially, the FBI had the server, complete and frozen in time at the time the images were made.

Once you have bitwise images, you no longer require the physical server and it is better to mount copies of those images on another machine entirely. In this way, there are no files on the drive locked by the server operating system - you have full access to everything and don't have to fight for access with any the processes that run the server.

Then you do the forensic audit on the data. Looking both for files, and for formats of data similar to files (even in erased space). Also you have the comparison deltas which tell you which stuff to target first.

Or you can just follow our law and turn over the evidence.
You know the nsa has all this, right?
Remember the name rogers.
Barak obama wanted to fire him but was too late.


The images of the drives are the evidence and were handed over.


No they aren't, that like saying the image barru sotoro's birth certificate rendered from altered pdf is the evidence lol. You can't have it both way because of your bias :-)

Cheers - Dave



posted on May, 14 2019 @ 10:07 AM
link   
At this point it is pretty obvious that Us Intelligence services have ZERO evidence that the Russians hacked the DNC server.
From the very start they have asked the world to take their word for it.
At the same time ex British Ambassador Craig Murray says HE received the leaked documents from a DNC employee, but the FBI never even bothered to contact him. I suspect the FBI know exactly who LEAKED the emails.



posted on May, 14 2019 @ 10:19 AM
link   
This makes the 20 FBI agents busting down his door at 2:00 am even more outrageous.

Unfortunately...
Or maybe fortunately for us leftist have a memory that only lasts about as long as your average news cycle. So Roger Stone is a long forgotten memory to these idiots at this point.



posted on May, 14 2019 @ 11:47 AM
link   
a reply to: chr0naut


Hysteresis reading requires that you remove the digital control board from the drive and replace it with a far more complicated and analogue set up where a bias voltage/timing can offset the magnetostrictive head position, allowing it to read each track off center.

That's what I said.

What you don't seem to get is that in order to remove the control boards, the drive must be disassembled in a clean environment. One speck of dust can destroy the drive. One. That can include a single particle of dead skin, or a single dust speck too small to see with the naked eye. The operation is usually performed in a 'clean room' with humans not actually even present... humans interact with the drive via latex gloves.

Normal procedure is to create a bitwise copy of the drive, replace the original with the copy, then perform the diagnostics on the original. The fact that a copy is being used does not matter to the computer under investigation, as it can only read/write in digital format (as you seem to agree with me on). The original is required in order to correctly analyze the drive.

In this case, a bitwise image was created and given to the FBI. The original was not; it was returned to the server. Therefore, there can be no analog analysis performed. That invalidates your entire argument in this case.

Also, programs like BleachBit can and do remove hysteresis information, at least to the point of being illegible. They do this via several passes of fill, changing between zero fill and one fill in a pattern designed to remove as much of the initial hysteresis as possible. A normal deletion removes nothing; a single overwrite can leave plenty of hysteresis data intact, and even a few rewrites can leave enough information to be analyzed. It takes several passes to remove enough hysteresis to make the changes sufficient to foil analog analysis.

Nice links you found though. Keep reading and learning!

TheRedneck



posted on May, 14 2019 @ 11:56 AM
link   
a reply to: xuenchen

Bless his heart. He doesn't seem to know how to use Google.

The Mueller report lays everything bare. He should try reading it.

Here's one excellent timeline about the DNC hacks (and how the Russians did it):




* Mid-March: Two cyber units of the Russian military agency called "GRU" send hundreds of spear-phishing emails to "hillaryclinton.com" emails, DNC emails and gmail accounts used by the Clinton campaign. The spear-phishing campaign allows them to gain access to John Podesta's email accounts. Podesta was a Clinton's campaign chairman.

* April 12, 2016 – GRU gains access to the Democratic Congressional Campaign Committee (DDDC) server.

* April 18, 2016 – GRU gains access to the Democratic National Committee (DNC) server.

* April 18-June 8, 2016 – GRU compromises more than 30 computers on the DNC network, infecting them with malware.

* April 19, 2016 – GRU registers a domain name to release stolen documents. The website is called dcleaks.com. DCLeaks also creates a Twitter, Facebook and email address.

* June 14, 2016 – DNC announces the breach and theft of documents. That same day, DCLeaks and Guccifer 2.0 (both aliases of the Russian cyber military group) begin to communicate with WikiLeaks about combining forces.

* June 15, 2016 – GRU uses the Guccifer WordPress blog to begin releasing data online.

* June 22, 2016 – WikiLeaks tells Guccifer 2.0 “send any new material here for us to review and it will have a much higher impact than what you are doing.”

* July 14, 2016 – Guccifer 2.0 sends stolen emails and documents to WikiLeaks

* July 22, 2016 – WikiLeaks releases more than 20,000 emails and other documents stolen from the DNC computer networks, three days before the Democratic National Convention.

* July 25, 2016 – The FBI begins probing the DNC hack.

* June-August 2016 – Guccifer 2.0 begins talking to reporters about opposition research they stole.
Between August 2016 and September 9, 2016 – Guccifer 2.0 makes contact with “a former Trump Campaign member,” and sends him documents and asks what he thinks of them.

* October 7, 2016- WikiLeaks releases the first dump of Podesta emails stolen by GRU one hour after the Washington Post publishes Trump's unsavory Access Hollywood video.
Between October 7-November 7, 2016 – WikiLeaks releases more than 50,000 documents stolen from Podesta's personal email account.


Sourc e



posted on May, 14 2019 @ 12:18 PM
link   
a reply to: icanteven

So says the Bueller Horde 🤓🚬



posted on May, 14 2019 @ 12:23 PM
link   
a reply to: Sillyolme


if you copy the hard drive you have the whole computer dont you?

No. You have a copy of the computer. A copy that cannot be used for forensic analysis.

Let's see if I can fully explain this...

Inside the hard drive, data is written and read digitally to predetermined areas on the drive. Each area can hold one bit of information, as it is magnetized as a '1' or '0.' However, the magnetization process is not perfect. Magnetizing one area means that a little of the magnetization creeps into other areas. Digitally, this is not a problem, as the levels of interference are far less less the digital magnetization and everything works just fine.

If a file is deleted, the File Access Table entry for that file is simply removed. The file still exists, but the computer has no way to know where the file is. When the space is needed, the file is simply overwritten with a new file. But even though it is overwritten, the levels of magnetization will reflect a tiny bit of what was originally there. Each overwrite makes the original information harder and harder to detect.

When a hard drive is copied, the computer reads the magnetization digitally (as either a '1' or '0') and writes that same digital value to the copy. The operation does not copy over any residual magnetism, only the binary data. The computer simply cannot read the residual magnetism; it is not designed to. Assume for a moment that a '0' is represented by a magnetic footprint of +1, and a '1' is represented by a magnetic footprint of -1. The computer is hardwired to detect anything greater than, say, +0.1 as a logical '0' and anything less than -0.1 as a logical '1.' The original drive may have a magnetic intensity at a point of +0.563... doesn't matter to the computer, because that is greater than +0.1 and so it's a '0.' A forensics lab can replace the control board in the drive to detect exactly +0.563 and then get a good idea of what the value was before it was rewritten as '0.'

But that has to be done in a forensics lab, in a 'clean room,' and is useless with a clone of the original drive. The residual information is simply not there.

Normal procedure would be to clone the drive(s) and replace the originals with the clones. The fact that residual data is missing does not matter to the computer in the slightest; it can't read it anyway. The original drive(s) are necessary to any complete forensics evaluation, though, so those are given to the investigating body so the residual magnetism can be analyzed.

TheRedneck



posted on May, 14 2019 @ 01:17 PM
link   
Honestly, any server I've ever worked with of any importance had a back up in a different building if not different geographic location. Rule of thumb when setting up a server that holds data pertinent to a companies business would be protected in multiple ways from catastrophic loss.

In all actuality, it shouldn't take an 'expert' or 'specialist' to retrieve data from a backup only an expert to erase it from existence.



posted on May, 14 2019 @ 01:26 PM
link   
Old Thread from Jan 2017 ........


The FBI Never Asked For Access To Hacked Computer Servers
💁🚬🤫


The FBI Never Asked For Access To Hacked Computer Servers
The Democratic National Committee tells BuzzFeed News that the bureau “never requested access” to the servers the White House and intelligence community say were hacked by Russia.

The FBI did not examine the servers of the Democratic National Committee before issuing a report attributing the sweeping cyberintrusion to Russia-backed hackers, BuzzFeed News has learned.

Six months after the FBI first said it was investigating the hack of the Democratic National Committee’s computer network, the bureau has still not requested access to the hacked servers, a DNC spokesman said. No US government entity has run an independent forensic analysis on the system, one US intelligence official told BuzzFeed News.



posted on May, 14 2019 @ 01:44 PM
link   

originally posted by: Bluntone22
a reply to: xuenchen

That should be easy to find.
It's right under obamas college admissions, trumps tax returns, hillarys hard drive and tom Brady's cell phone....



Finally! Someone else has come to the same conclusion!
Brady did not destroy his phone because his balls ran out of air.
Hillary did not destroy her phone because of Benghazi.

They were sexting each other!



posted on May, 14 2019 @ 02:40 PM
link   

originally posted by: TheRedneck
a reply to: chr0naut


Hysteresis reading requires that you remove the digital control board from the drive and replace it with a far more complicated and analogue set up where a bias voltage/timing can offset the magnetostrictive head position, allowing it to read each track off center.

That's what I said.

What you don't seem to get is that in order to remove the control boards, the drive must be disassembled in a clean environment. One speck of dust can destroy the drive. One. That can include a single particle of dead skin, or a single dust speck too small to see with the naked eye. The operation is usually performed in a 'clean room' with humans not actually even present... humans interact with the drive via latex gloves.


Not true. The control board is external to the drive. Check out this video:

Normal procedure is to create a bitwise copy of the drive, replace the original with the copy, then perform the diagnostics on the original. The fact that a copy is being used does not matter to the computer under investigation, as it can only read/write in digital format (as you seem to agree with me on). The original is required in order to correctly analyze the drive.

In this case, a bitwise image was created and given to the FBI.


As explained, the FBI was given multiple images.


The original was not; it was returned to the server. Therefore, there can be no analog analysis performed. That invalidates your entire argument in this case.


The analogue analysis is obtained outside of the server, with another controller connected, and before the drive is reassembled back into the server. You also cannot mount an analogue image to compare it with the initial digital image. The analogue master has to be converted back to a digital image so that they can be mounted and compared.


Also, programs like BleachBit can and do remove
reduce

hysteresis information, at least to the point of being illegible. They do this via several passes of fill, changing between zero fill and one fill in a pattern designed to remove as much of the initial hysteresis as possible. A normal deletion removes nothing; a single overwrite can leave plenty of hysteresis data intact, and even a few rewrites can leave enough information to be analyzed. It takes several passes to remove enough hysteresis to make the changes sufficient to foil analog analysis.

Nice links you found though. Keep reading and learning!

TheRedneck


Bleach Bit, and the old chestnut 'DOD overwriting' aren't generally considered as effective these days. That is why physical destruction of drives that may contain classified or confidential data is now the preferred method. It is way quicker and simpler, too.

Media Destruction Guidance - NSA

I didn't provide any links in the post to which you were replying.



posted on May, 14 2019 @ 03:30 PM
link   
a reply to: chr0naut


Not true. The control board is external to the drive. Check out this video:

There are two PCBs on hard drives... one external (shown in the video) and a smaller one containing the ADCs that mates to it internally. To get to analog level data, you have to access the internal board.

Internal boards are very rare to fail, which is why they are not addressed in the video. They are quite simple, but they also convert the analog signals to and from the read/write heads and the servos into digital signals.


As explained, the FBI was given multiple images.

That simply does not matter. They can have a million images; not a single one will have the original analog data on it.


The analogue analysis is obtained outside of the server, with another controller connected, and before the drive is reassembled back into the server. You also cannot mount an analogue image to compare it with the initial digital image. The analogue master has to be converted back to a digital image so that they can be mounted and compared.

Again, you're trying to argue and agree at the same time. The drive itself is a self-contained unit that communicates on a higher level with the server (using something akin to an I2C protocol). As long as the original controller (including all processing boards) is used with the physical part pf the drive, the only thing that can be read is digital data. What you are discussing with the hysteresis (a better word is remnance) requires direct analog access to the heads and platters. The controller will not allow access to off-track reads, and the data from the heads will be read as digital data.


reduce

Agreed.


Bleach Bit, and the old chestnut 'DOD overwriting' aren't generally considered as effective these days. That is why physical destruction of drives that may contain classified or confidential data is now the preferred method. It is way quicker and simpler, too.

To be honest, I cannot say one way or another to that. I don't use data protection; my security requires direct access to my equipment to retrieve my files, and that security is consigned out through Smith & Wesson. I simply know how BleachBit works.

Forensic capability is improving every day, though, and each improvement makes it more and more difficult to successfully overwrite and destroy data. That's the big reason physical destruction (a nail through the platter works well) is preferred.


I didn't provide any links in the post to which you were replying.

I know you didn't. I was referring to the links you were reading to try and keep up with the argument.

Understand this is what I work with every day. I am giving information off the top of my head.

TheRedneck



new topics

top topics



 
43
<< 1  2    4  5  6 >>

log in

join