Seth Rich, Craig Murray and the Sinister Stewards of the National Security State

a reply to: introvert

Sure the media is just reporting the news. Like the Russia pee story. Oh and lets not forget the dreaded two scoops of ice cream story.

Just the hard news from the media!

originally posted by: Grambler
a reply to: introvert

Sure the media is just reporting the news. Like the Russia pee story. Oh and lets not forget the dreaded two scoops of ice cream story.

Just the hard news from the media!

Yes, reporting real news stories that they did not create out of thin air.

I agree that some of the stories may be trivial or even ridiculous, but that's nothing new and Trump is not the first president to have to deal with it.

originally posted by: introvert
a reply to: proximo

Yes, I know the conspiratorial side of the issue. We have to wait for facts to be presented before we come to any cnclusion.

If you wish to go with the conspiracy aspect, that's fine.

I'm fine with waiting it out before I invest too much in to this.

Please explain to me how Seth rich is more of a conspiracy than Russia collusion.

As far as I can tell there is far more evidence for Seth rich being the leaker, than Russia colluding with the trump campaign. Meetings with Russian ambassadors mean nothing, the investigation has found nothing in months. Yet you are still dismissing Seth rich being the source, despite his motive, his opportunity, and Wikileaks practically telling you he is the source.

That is an obvious sign your bias is preventing you from looking at the facts with an open mind.

originally posted by: introvert

originally posted by: Grambler
a reply to: introvert

Sure the media is just reporting the news. Like the Russia pee story. Oh and lets not forget the dreaded two scoops of ice cream story.

Just the hard news from the media!

Yes, reporting real news stories that they did not create out of thin air.

I agree that some of the stories may be trivial or even ridiculous, but that's nothing new and Trump is not the first president to have to deal with it.

The hatred of the media towards trump is unprecedented, as even liberal such as Glenn Greenwald agree.

We have had media members proudly claim its their job to take down Trump, and even offer reward money for people to break the law and illegally leak documents about Trump (like his tax returns).

The fact you do not see this leads me to question your supposed impartiality.

a reply to: Grambler

Thats not what the fbi has said.

And seeing as how the Democrats and many others hav portrayed this Russian hacking story as one of the biggest threats to our country, whatever they were hiding must have been damning then.

And why won't the Dems now leave the FBI look at their server if the problems was they just weren't asked? Don't you think they would want to get to the bottom of this?

Initially, the FBI claims came from an unnamed FBI source but it has since been confirmed by Comey but he didn't shed much light on things:

The FBI requested direct access to the Democratic National Committee’s (DNC) hacked computer servers but was denied, Director James Comey told lawmakers on Tuesday.

The bureau made “multiple requests at different levels,” according to Comey, but ultimately struck an agreement with the DNC that a “highly respected private company” would get access and share what it found with investigators.

“We’d always prefer to have access hands-on ourselves if that’s possible,” Comey said, noting that he didn’t know why the DNC rebuffed the FBI’s request.

I tend to believe the FBI account more so than the DNC's but without more information, we've got two contradictory sides to the story and not much to reconcile them except our own beliefs in one or the other.

Do you disagree with the 7 problems i quoted from the article about the ICA, or with the Intercepts comment that crowdstrike both touts the shrewdness of the Russian hackers while at the same time acknowledging that they know it was them because they were extremely sloppy?

To be honest, the ICA wasn't anything that had any considerable impact on me. Was the operation that generated it abnormal? Sure, I guess. Or maybe it wasn't? From the testimony, it was basically a task force of two dozen agents put together in mid-December to review what was on hand at the time and report back to the directors.

I don't know that there is a SOP for this sort of thing. I don't want to get bogged down with the ICA because it's not really terribly informative. It's a broadstroke assessment, short on details, thrown together in a couple weeks nearly six months ago. It hardly mentions the hacking and nothing in detail.

(ICA is here in PDF for those who haven't seen it.)

If you don't think it's an accurate assessment of the evidence on hand at the time, disregard it. I don't think I've ever referenced it myself so in essence, I guess I have de facto disregarded it myself.

As for The Intercept piece. I believe this thread from January was the most recent I created on the topic of the Russian hacking.

The author focuses on Crowdstrike and he misses the mark a few times. Here's one example:

[exnews[Compare that description to CrowdStrike’s claim it was able to finger APT 28 and 29, described above as digital spies par excellence, because they were so incredibly sloppy. Would a group whose “tradecraft is superb” with “operational security second to none” really leave behind the name of a Soviet spy chief imprinted on a document it sent to American journalists?

The problem here is that the author is talking about different things. The "tradecraft is superb, operational security second to none" quote comes from the first blog post and refers to the hack itself.

Going off memory, I don't recall Crowdstrike claiming that "Guccifer 2.0" was part of either APT28 or APT29. In fact, the prevailing theory has been that "Guccifer 2.0" was an operation from somewhere else in the Russian intelligence appartus (think propaganda agent) from everything I can remember reading on the topic.

Here's one example from security expert Thomas Rid, writing in Motherboard in July (5 months prior to The Intercept article):

The forensic evidence linking the DNC breach to known Russian operations is very strong.

(he goes on to cite some forensic evidence and then turns to "Guccifer 2.0")

The evidence linking the Guccifer 2.0 account to the same Russian operators is not as solid, yet a deception operation—a GRU false flag, in technical jargon—is still highly likely. Intelligence operatives and cybersecurity professionals long knew that such false flags were becoming more common. One noteworthy example was the sabotage of France's TV5 Monde station on 9/10 April 2015, initially claimed by the mysterious "CyberCaliphate," a group allegedly linked to ISIS. Then, in June, the French authorities suspected the same infamous APT 28 group behind the TV5 Monde breach, in preparation since January of that year. But the DNC deception is the most detailed and most significant case study so far. The technical details are as remarkable as its strategic context.

Other features are also suspicious. One is timing, as ThreatConnect, another security company, has pointed out in a useful analysis: various timestamps indicate that the Guccifer-branded leaking operation was prompted by the DNC's initial publicity, with preparation starting around 24 hours after CrowdStrike's report came out. Both APT 28 and Guccifer were using French infrastructure for communications. ThreatConnect then pointed out that both the self-proclaimed hacker's technical statements on the use of 0-day exploits as well as the alleged timeline of the DNC breach are most likely false. Another odd circumstantial finding: sock-puppet social media accounts may have been created specifically to amplify and extend Guccifer's reach, as UK intelligence startup Ripjar told me.

I can cite other examples if you need but my point here is that The Intercept author is conflating characterizations of what are thought to be separate but possibly connected operations, coming from different sources, and claiming that it's an inconsistency from Crowdstrike.

That's simply not the case. The "sloppy" parts are all related to the "Guccifer 2.0" operation. The "superb tradecraft" statements are all in regards to the hacking operation. So the would be criticism of Crowdstrike is on its face demonstrably inaccurate based on what I know.

I won't speculate on whether the conflation by the author was deliberate or not.

a reply to: theantediluvian

As far as the FBI vs DNC account of why the FBI didn't get access to the server, what we know is that they didn't get access and they now claim they want it. The DNC could still leave them look, but chose not to. This is suspicious.

Your motherboard aricle does nothing to counter the INtercept article whatsoever.

The article in the inetrcept is saying that Crowdstrike praised the hackers as being very shrewd, yet claims they caught them because of things such as signatures they left in. Here is what your motherboard article states.

The forensic evidence linking the DNC breach to known Russian operations is very strong. On June 20, two competing cybersecurity companies, Mandiant (part of FireEye) and Fidelis, confirmed CrowdStrike's initial findings that Russian intelligence indeed hacked the DNC. The forensic evidence that links network breaches to known groups is solid: used and reused tools, methods, infrastructure, even unique encryption keys. For example: in late March the attackers registered a domain with a typo—misdepatrment[.]com—to look suspiciously like the company hired by the DNC to manage its network, MIS Department. They then linked this deceptive domain to a long-known APT 28 so-called X-Tunnel command-and-control IP address, 45.32.129[.]185.

One of the strongest pieces of evidence linking GRU to the DNC hack is the equivalent of identical fingerprints found in two burglarized buildings: a reused command-and-control address—176.31.112[.]10—that was hard coded in a piece of malware found both in the German parliament as well as on the DNC's servers. Russian military intelligence was identified by the German domestic security agency BfV as the actor responsible for the Bundestag breach. The infrastructure behind the fake MIS Department domain was also linked to the Berlin intrusion through at least one other element, a shared SSL certificate.

motherboard.vice.com...

Now we know from Wikileaks that not only does the US have tech to fake these signatures and make it look like another actor could do it, but that these tools have gotten loose and others now have them.

This is not referring to Guccifer, but to the Russians themselves.

But we are led to believe that the Russians didn't even bother attempting to mask their hack, and used the same address they had used in previous hacks of theirs?

To continue from my last post:

I would also point out that evidence of the attacks came from other sources, independent of Crowdstrike. I mention in my thread Dell SecureWorks and Thomas Rid's own work. At the point, we're getting into forensic evidence that is beyond the reach of the DNC or Crowdstrike, unlike the servers.

Another source is the FBI itself. Remember that the FBI attempted to alert the DNC of the hack?

NYT - The Perfect Weapon: How Russian Cyberpower Invaded the U.S.

WASHINGTON — When Special Agent Adrian Hawkins of the Federal Bureau of Investigation called the Democratic National Committee in September 2015 to pass along some troubling news about its computer network, he was transferred, naturally, to the help desk. His message was brief, if alarming. At least one computer system belonging to the D.N.C. had been compromised by hackers federal investigators had named “the Dukes,” a cyberespionage team linked to the Russian government.

The F.B.I. knew it well: The bureau had spent the last few years trying to kick the Dukes out of the unclassified email systems of the White House, the State Department and even the Joint Chiefs of Staff, one of the government’s best-protected networks.

Yared Tamene, the tech-support contractor at the D.N.C. who fielded the call, was no expert in cyberattacks. His first moves were to check Google for “the Dukes” and conduct a cursory search of the D.N.C. computer system logs to look for hints of such a cyberintrusion. By his own account, he did not look too hard even after Special Agent Hawkins called back repeatedly over the next several weeks — in part because he wasn’t certain the caller was a real F.B.I. agent and not an impostor.

How did the FBI know to alert the DNC? Clearly, there is forensic evidence there that hasn't been released to the public. That would seem to independently corroborate the fact that a hack happened in the first place. And as I said, that's just one thread. Another comes straight from the emails published by WikiLeaks. I mention that at the top of my thread linked in the last post:

Ironically, evidence of this happening can be found in the hacked DNC emails published by WikiLeaks. In the DNC emails archive, refer to the email with id 3962. Here's the text of the email which was forwarded to by Miranda to Mark Paustenbach:

From: Chalupa, Ali
Sent: Tuesday, May 03, 2016 11:56 PM
To: Miranda, Luis
Subject: Re: You saw this, right?

A lot more coming down the pipe. I spoke to a delegation of 68 investigative journalists from Ukraine last Wednesday at the Library of Congress - the Open World Society's forum - they put me on the program to speak specifically about Paul Manafort and I invited Michael Isikoff whom I've been working with for the past few weeks and connected him to the Ukrainians. More offline tomorrow since there is a big Trump component you and Lauren need to be aware of that will hit in next few weeks and something I'm working on you should be aware of. Since I started digging into Manafort these messages have been a daily occurrence on my yahoo account despite changing my password often:

Here again, we're dicussing publically available evidence. I would imagine that various ISPs have provided logs and other details that haven't been shared. It's EXTREMELY likely that our intelligence agencies, the NSA in particular, have other bits and pieces that we'll never hear about.

None of that means they'll ever conclusively tie the Russian government to the hacks. The NSA has a lot more reach in the West because of cooperation from Western governments and ISPs. Once those packets get into Russia's sphere of influence, it would be much more difficult for the NSA to track the traffic.

The only smoking gun I could imagine would be intercepts from the time discussing the operation but the chances of those seems awfully slim or somebody involved leaking something or possibly, somebody flipping and seeking asylum. The stakes are awfully high. I don't see that happening either but one can hope.

a reply to: theantediluvian

So we just have to accept that the FBI and NSA gave evidence they cant show us. And that justified the never ending stream of leaks against Trump?

How can an organization that has members so flippantly commit felonies by releasing classified info almost everyday to undermine a President they don't like be trusted at face value.

And if the FBI thought the DNC was hacked by Russians before the current investigation started, did they bother to look at evidence that didn't fit in with their preconceived notion, like Murrays testimony?

And none of the evidence from the FBI, Dell secure works or Thomas Rid takes into account the admitted ability for the US and other actors to now be able to use tools to make it look like another actor hacked someone.

And the ICA was released to prove to people that Russia did it. This was how the intelligence agencies sold this document, and the fact that it was so lacking makes me question what evidence they have.

And again, you are asking us to take the words of known liars, people who have illegally hacked elections without seeing any proof over Assange who has never once been found to be lying.

I wonder how the family feels about this theory? Anyone else interested, seeing that they have the most invested into knowing the truth about the murder of their own family member?

If not previously posted I'll post for posterity.

A lawyer for the Rich family sent a cease and desist letter Thursday to Rod Wheeler, a private investigator and Fox News contributor who had been working on behalf of the family.

Furthermore.....

"Anyone who continues to push this fake news story after it was so thoroughly debunked is proving to the world they have a transparent political agenda or are a sociopath," Brad Bauman, the family spokesperson, wrote in a statement. "In either case, they should be taken off the air because they are either blind to the damage they are doing to a murder victim's family or don't care, showing a profound lack of judgement and common decency."

Chicago Tribune

Damn......

But hey, maybe they're in cahoots with the DNC and have participated in the coverup of their own family members' murder.

Pretty sad to see to be quite honest.

a reply to: Grambler

The article in the inetrcept is saying that Crowdstrike praised the hackers as being very shrewd, yet claims they caught them because of things such as signatures they left in. Here is what your motherboard article states.

Those "fingerprints" are not what The Intercept article is referring to. The Intercept article is referring to metadata from the Microsoft Office documents posted to the Guccifer 2.0 Wordpress blog and provided to journalists.

From The Intercept article:

Compare that description to CrowdStrike’s claim it was able to finger APT 28 and 29, described above as digital spies par excellence, because they were so incredibly sloppy. Would a group whose “tradecraft is superb” with “operational security second to none” really leave behind the name of a Soviet spy chief imprinted on a document it sent to American journalists?

From the Motherboard article:

The metadata in the leaked documents are perhaps most revealing: one dumped document was modified using Russian language settings, by a user named "Феликс Эдмундович," a code name referring to the founder of the Soviet Secret Police, the Cheka, memorialised in a 15-ton iron statue in front of the old KGB headquarters during Soviet times.

Neither Crowdstrike, to the very best of my knowledge, nor any of the other prominent voices in this discussion (including Rid) have ever claimed that "Guccifer 2.0" is part of the hacking operation. In fact, they have instead pointed to the many issues with GC2.

I don't know how else to explain this point. The Intercept author is falsely asserting that Crowdstrike made contradictory characterizations of the hackers. They did not. Crowdstrike said the tradecraft of the hackers was superb. Period. The prevailing theory, as I have tried to explain, is that GC2 is NOT a part of APT28/APT29, NOT an actual hacker but rather a completely independent operation that may have been fed some documents to serve as a public front for the release.

Remember that GC2 appeared LITERALLY overnight, the day after Crowdstrike announced the hack. The theory is that it was hastily thrown together to deflect attention, not part of the hacking itself.

So there's no superb tradecraft/sloppy dilemma.

a reply to: GD21D
Its been covered. They also put out a video thanking people online for helping getting to the bottom of this investigation.

His cousin also reportedly said right after the murder that he felt it was more than a simple robbery.


But kudos for trying to stop any questions or discussions!

a reply to: Grambler

Its been covered. They also put out a video thanking people online for helping getting to the bottom of this investigation.

That's not accurate. It's another meme that is floating around like the bit about Podesta talking about "making an example." The video was thanking people for contributing to the GoFundMe campaign.

It was posted on April 24th, here's the original on YouTube:



The description of the video is: "Thank you from parents for GoFundMe support."

originally posted by: Grambler
a reply to: GD21D
Its been covered. They also put out a video thanking people online for helping getting to the bottom of this investigation.

His cousin also reportedly said right after the murder that he felt it was more than a simple robbery.


But kudos for trying to stop any questions or discussions!

"Anyone who continues to push this fake news story after it was so thoroughly debunked is proving to the world they have a transparent political agenda or are a sociopath," Brad Bauman, the family spokesperson, wrote in a statement. "In either case, they should be taken off the air because they are either blind to the damage they are doing to a murder victim's family or don't care, showing a profound lack of judgement and common decency."

Chicago Tribune

Article is from the 20th of May 2017

Have a nice day

a reply to: theantediluvian

So whats your point, the intercept confused the crowdtrike investigation into Russia with guccifer on this point.

Fine its irrelevant.

Did crowdstrike find out it was Russia because they left some directories the same name and used the same address?

Is this unbelievably sloppy hacking?

Did crowdstrike claim that these hackers were incredibly sophisticated at one point, but also claim they found them do to the above extreme carelessness?

And your motherboard article is also linking the Guccifer hacls to russia. As did the crowdstrike folk it appears.

Rid in the motherboard article specifically states that the name drop discussed here proves Guccifer was in fact Russian. The part of the article you don't paste.

The evidence linking the Guccifer 2.0 account to the same Russian operators is not as solid, yet a deception operation—a GRU false flag, in technical jargon—is still highly likely. Intelligence operatives and cybersecurity professionals long knew that such false flags were becoming more common. One noteworthy example was the sabotage of France's TV5 Monde station on 9/10 April 2015, initially claimed by the mysterious "CyberCaliphate," a group allegedly linked to ISIS. Then, in June, the French authorities suspected the same infamous APT 28 group behind the TV5 Monde breach, in preparation since January of that year. But the DNC deception is the most detailed and most significant case study so far. The technical details are as remarkable as its strategic context.

The metadata in the leaked documents are perhaps most revealing: one dumped document was modified using Russian language settings, by a user named "Феликс Эдмундович," a code name referring to the founder of the Soviet Secret Police, the Cheka, memorialised in a 15-ton iron statue in front of the old KGB headquarters during Soviet times. The original intruders made other errors: one leaked document included hyperlink error messages in Cyrillic, the result of editing the file on a computer with Russian language settings. After this mistake became public, the intruders removed the Cyrillic information from the metadata in the next dump and carefully used made-up user names from different world regions, thereby confirming they had made a mistake in the first round.

Then there is the language issue. "I hate being attributed to Russia," the Guccifer 2.0 account told Motherboard, probably accurately. The person at the keyboard then claimed in a chat with Motherboard's Lorenzo Franceschi-Bicchierai that Guccifer 2.0 was from Romania, like the original Guccifer, a well-known hacker. But when asked to explain his hack in Romanian, he was unable to respond colloquially and without errors. Guccifer 2.0's English initially was also weak, but in subsequent posts the quality improved sharply, albeit only on political subjects, not in technical matters—an indication of a team of operators at work behind the scenes.

...

The combative yet error-prone handling of the Guccifer account is in line with the GRU's aggressive and risk-taking organizational culture and a wartime mindset prevalent in the Russian intelligence community. Russia's agencies see themselves as instruments of direct action, working in support of a fragile Russia under siege by the West, especially the United States.

motherboard.vice.com...

The fact that you claim Rid doesn't claim Guccifer 2 isn't involved with Rusian hacks when the very article from him you post says the exact opposite makes me question rather you are so willing to discredit this story that you are misreading, or that you are intentionally misleading people as to what your article says.

a reply to: Grambler

Another meme that has been deliberately spread has to do with a Tweet that is being mischaracterized as referring to Seth Rich as an embarassment.

Here's an example from Zero Hedge

UPDATE: Former DNC director of Data Science Andrew Therriault shot off a tweet posthumously mocking Seth Rich - referring to him as "An Embarrasment." Clearly he knew this was Rich's account. Therriault deleted the tweet today, but the internet never forgets...

What was retweeted to the account which is alleged to be Seth Rich's was a tweet that said:

"TIL: A group of Pandas is called an "Embarassment" #pandafacts"

Somehow this becomes not only proof that "Clearly he knew this was Rich's account" but furthermore, that it was "mocking" Seth Rich posthumously.

As it turns out, an "embarassment of pandas" is actually one of the ways to refer to a group of pandas. It is indeed a fun fact about pandas. The sort of thing you might tweet to somebody who loves pandas. If that was Seth Rich's account, Therriault knew that it was, Seth Rich was murdered by the DNC and Therriault had some knowledge of this — why in the hell would he tweet a "mocking" tweet to him in April?

Does that make sense? No, it doesn't make sense unless you assume that Therriault is bats# insane and trying to implicate himself by tweeting to a dead man. Yet, that's more "proof" for the true believers.

I'm a little burned out on this topic for the day. We'll see what happens with KDC tomorrow but I will go on record as saying that the chances of KDC releasing a bombshell that conclusively proves Seth Rich was the source of the emails leaked by WikiLekas is next to nil in my opinion.

a reply to: GD21D
So smug!!!

Congratulations this has been discussed over and over on these threads. But you are probably not able to be bothered with reading opinions counter to your own.

For starters, the statement was not directly from the family, but from the DNC spokesman that represents them. Again, a video from late april thanked people online for trying to get to the truth.

And once more, is it your contention then that we should not be able to have this discussion because a family is greiving?

I guess then we need to nuke Russia now then because it had to be them that hacked us and Trump has to be thjeir pawn because this family is grieving.

Oh and by the same token I assume the the greiving Benghazi families also mean to you that Obama and Hillary are scum bags that should be charged right?

Oh whats that, you are only interested in using a grieving family to silence your political opponents.

originally posted by: theantediluvian
a reply to: Grambler

Another meme that has been deliberately spread has to do with a Tweet that is being mischaracterized as referring to Seth Rich as an embarassment.

Here's an example from Zero Hedge

UPDATE: Former DNC director of Data Science Andrew Therriault shot off a tweet posthumously mocking Seth Rich - referring to him as "An Embarrasment." Clearly he knew this was Rich's account. Therriault deleted the tweet today, but the internet never forgets...

What was retweeted to the account which is alleged to be Seth Rich's was a tweet that said:

"TIL: A group of Pandas is called an "Embarassment" #pandafacts"

Somehow this becomes not only proof that "Clearly he knew this was Rich's account" but furthermore, that it was "mocking" Seth Rich posthumously.

As it turns out, an "embarassment of pandas" is actually one of the ways to refer to a group of pandas. It is indeed a fun fact about pandas. The sort of thing you might tweet to somebody who loves pandas. If that was Seth Rich's account, Therriault knew that it was, Seth Rich was murdered by the DNC and Therriault had some knowledge of this — why in the hell would he tweet a "mocking" tweet to him in April?

Does that make sense? No, it doesn't make sense unless you assume that Therriault is bats# insane and trying to implicate himself by tweeting to a dead man. Yet, that's more "proof" for the true believers.

I'm a little burned out on this topic for the day. We'll see what happens with KDC tomorrow but I will go on record as saying that the chances of KDC releasing a bombshell that conclusively proves Seth Rich was the source of the emails leaked by WikiLekas is next to nil in my opinion.

None of this has anything to do with the article in the OP. You are creating a straw man.

CNN posted an article about Trumps ice cream consumption, so this proves that the riussians didnt hack the DNC. Doesnt quite work, does it?

Get back to your rid article saying the exact opposite of what you said it did, thats relevant.

a reply to: proximo

Please explain to me how Seth rich is more of a conspiracy than Russia collusion.

Because you do not have an entire nation's IC community not only saying Russia may be involved, but they are currently investigating other Russian connections.

Seth Rich...nothing more than some people suggesting some things, being reported and then retracted.

originally posted by: introvert
a reply to: proximo

Please explain to me how Seth rich is more of a conspiracy than Russia collusion.

Because you do not have an entire nation's IC community not only saying Russia may be involved, but they are currently investigating other Russian connections.

Seth Rich...nothing more than some people suggesting some things, being reported and then retracted.

Again your comments belie your claims of waiting for evidence.

So you will take the IC word that Russia did it without the providing any evidence.

just be honest instead of attempting to appear impartial.

a reply to: Grambler

The hatred of the media towards trump is unprecedented, as even liberal such as Glenn Greenwald agree.

Ok. Does that mean they are creating fake news to smear Trump or providing any content that is more partisan than what we witnessed during the Obama admin?

No.

This is not unprecedented. This is par for the course in politics and the Right Wing/pro-Trump crowd are not dealing well, considering their victim mentality.

When it comes to their feet being held to the fire or experiencing criticism, they are snowflakes.