It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
originally posted by: JBurns
a reply to: Dudemo5
But he didn't say anything about a destination or source IP. What he does say is that data was copied in two separate bursts, 12 minutes apart totaling 87 seconds. 16GB is a lot of data to copy in such a short time, and it is unlikely they would do so with such speed over the network/WAN. Doing so would certainly raise red flags, so it would've been split into much smaller chunks and possibly transmitted as another type of data (for instance, HTTP requests/responses).
By "it" what do you mean? The Windows event log? Or /var/log? My point is that USB file transfer wouldn't be documented the same way as data going across a network. Anything having to do with an IP address would be separate from local file transfer disk I/O stuff. You might have a hardware address that is specific to that USB device, but it wouldn't have an assigned IP in any way.
originally posted by: underwerks
So a NSA whistleblower said the Russians didn't hack the DNC in a story on Russia Today, the main propaganda arm of the Russian government.
Seems legit.
originally posted by: underwerks
So a NSA whistleblower said the Russians didn't hack the DNC in a story on Russia Today, the main propaganda arm of the Russian government.
Seems legit.
A mysterious IT specialist, who goes by the name The Forensicator, published a detailed report that appears to disprove the theory that the DNC was hacked by Russia.
The documents were copied on July 5th, five days before Seth Rich was murdered.
The Forensicator summarized the complex report into 10 bullet points.
The report as laid out by The Forensicator:
Based on the analysis that is detailed below, the following key findings are presented:
On 7/5/2016 at approximately 6:45 PM Eastern time, someone copied the data that eventually appears on the “NGP VAN” 7zip file (the subject of this analysis). This 7zip file was published by a persona named Guccifer 2, two months later on September 13, 2016.
originally posted by: Dudemo5
originally posted by: JBurns
a reply to: Dudemo5
But he didn't say anything about a destination or source IP. What he does say is that data was copied in two separate bursts, 12 minutes apart totaling 87 seconds. 16GB is a lot of data to copy in such a short time, and it is unlikely they would do so with such speed over the network/WAN. Doing so would certainly raise red flags, so it would've been split into much smaller chunks and possibly transmitted as another type of data (for instance, HTTP requests/responses).
By "it" what do you mean? The Windows event log? Or /var/log? My point is that USB file transfer wouldn't be documented the same way as data going across a network. Anything having to do with an IP address would be separate from local file transfer disk I/O stuff. You might have a hardware address that is specific to that USB device, but it wouldn't have an assigned IP in any way.
Right. The disk I/O stuff is separate from the network activity. However, we have the destination IP address, so clearly there was an IP address associated with the breach through which logs show significant outbound traffic.
No, the USB drive does not have an IP address.
originally posted by: jadedANDcynical
a reply to: Dudemo5
See this thread for details:
BOMBSHELL: New Report Shows Guccifer 2.0-DNC Files Were Copied Locally—Not Hacked
Salient excerpt
A mysterious IT specialist, who goes by the name The Forensicator, published a detailed report that appears to disprove the theory that the DNC was hacked by Russia.
The documents were copied on July 5th, five days before Seth Rich was murdered.
The Forensicator summarized the complex report into 10 bullet points.
The report as laid out by The Forensicator:
Based on the analysis that is detailed below, the following key findings are presented:
On 7/5/2016 at approximately 6:45 PM Eastern time, someone copied the data that eventually appears on the “NGP VAN” 7zip file (the subject of this analysis). This 7zip file was published by a persona named Guccifer 2, two months later on September 13, 2016.
So, no, not Crowdstrike but rather an independent examination of the files themselves.
originally posted by: JBurns
a reply to: Dudemo5
Is it possible there is an error? Sure. I am sure Binney, with his many years of NSA experience thought of that precise thing.
Since he didn't mention any such concern, however, he is confident in his statements as he always is. Binney has never been shown to "just say things" for the sake of saying them. He is a man of integrity, and has a history of honest and unbiased analysis (no doubt from his NSA experience).
How are you so certain he is wrong? You speak almost as though you've seen some actual evidence linking this to Russia. There has been no such evidence released. Crowdstrike's investigation is not classified, there is no reason not to release the evidence and prove their claim definitively.
There are no sources/methods to protect with system logs - every sysadmin/enthusiast knows how to do that. Heck, anyone running MS [popular pentesting application] can even clear those logs in difficult-to-detect ways. This whole thing feels sloppy, especially its conclusion.
If there is evidence to prove this connection, we deserve to see it. I say deserve specifically because after all of the rumors and innuendo driven narrative they put out there, they owe it to the people to prove the basis of these claims.
No one should accept others at their word on important matters, always take the time to verify things yourself and demand facts. We are all intelligent adults capable of making our own informed analysis of facts.
originally posted by: Dudemo5
originally posted by: underwerks
So a NSA whistleblower said the Russians didn't hack the DNC in a story on Russia Today, the main propaganda arm of the Russian government.
Seems legit.
Good lord it's like a non-stop fake-news fest around this place.
originally posted by: jadedANDcynical
a reply to: Dudemo5
What you're not getting is the analysis done by the Forensicator confirm is confirmed by Binny's statements.
There are two separate and unconnected entities (the Forensicator and Binny) that have come to the same conclusion.
originally posted by: JBurns
originally posted by: Dudemo5
originally posted by: underwerks
So a NSA whistleblower said the Russians didn't hack the DNC in a story on Russia Today, the main propaganda arm of the Russian government.
Seems legit.
Good lord it's like a non-stop fake-news fest around this place.
The source isn't RT. The source is Binney, a well respected NSA whistle-blower. But great tactic though, when you can't attack the information attack the source - classic logical fallacy actually
More Russia conspiracy talk I see
There is evidence that the hack came from Russia.
originally posted by: jadedANDcynical
a reply to: Dudemo5
There is evidence that the hack came from Russia.
Are you unfamiliar with Vault 7?
What about Crowdstrike's flawed analysis?