
Why Some U.S. Ex-Spies Don't Buy the Russia Story - necessity
https://www.bloomberg.com/view/articles/2017-08-10/why-some-u-s-ex-spies-don-t-buy-the-russia-story
======
nl
This is stupid. No intruder is going to copy files straight to their home
computer. They'll use a compromised server somewhere, and there is plenty of
server to server bandwidth.

It's fine to be skeptical of course, and to be _very_ skeptical of direct
"hacking the election" (whatever that means) claims.

But there is plenty of public evidence that Russia was involved in the DNC
hack. This evidence was available before the election, which makes it more
credible against claims of political interference.

I've posted this before, but I think it's important people understand what
public evidence is available:

2014 report into ATP-28: [https://www.fireeye.com/blog/threat-
research/2014/10/apt28-a...](https://www.fireeye.com/blog/threat-
research/2014/10/apt28-a-window-into-russias-cyber-espionage-operations.html),
presenting pretty compelling (if circumstantial) evidence that group is
Russian state backed.

(July) 2016 report into the DNC hacking, showing it was first breached by
ATP-29 (The other Russian state backed hacking group), but the leaks almost
certainly came from a second breach by ATP-28 later:
[https://www.crowdstrike.com/blog/bears-midst-intrusion-
democ...](https://www.crowdstrike.com/blog/bears-midst-intrusion-democratic-
national-committee/)

~~~
mc32
My question would be, has Julian lied about sources before, and would he
deviate from that if he didn't?

His claim is that the source is not Russia --people who were happy to see
Julian leak things (and believe his leaks) while Bush was president are now
calling him a puppet of Putin. I have no idea if Putin has goods on him. Or
whether Julian is just a medium. It is, however, interesting to see people
shift along political axes though.

If there was a Russian angle, I think their aim was to cause uncertainty
regardless of winner. Be it Trump or Hillary, whoever the winner was, the
voters of the opposition would question the results --despite there being no
actual election hacking (altering the vote count).

One interesting thing though is that since the media writ large expected
Hillary to win, had she won, this same evidence would have been "page 6" news
and would have been rather quickly forgotten but for a few "sore losers".

~~~
nl
This is speculation and personal opinion, unlike the stuff I wrote above.

I suspect what happened is that the hacking groups gave Wikileaks the dump via
a cut-out. It's entirely possible that cut-out isn't aware how the data was
obtained.

I don't think Assange is a Russian agent (even though he receives money from
RT etc). I think he has his own motives. At the time this was more anti-
Clinton that pro-Trump specifically.

More recently his Tweets have become more supportive of Trump personally
(although interestingly not really his agendas necessarily). My uncharitable
suspicion is that he's hoping for a presidential pardon.

 _this same evidence would have been "page 6" news and would have been rather
quickly forgotten but for a few "sore losers"._

Of course. There's plenty of similar evidence that the Russians also supported
the Green party and Sanders campaigns in various forms. No one talks about
them because they ended up not mattering.

~~~
yters
Isn't it most plausible Russia is in every party and branch as much as
possible, so whoever wins they win? We need Russia out of our government all
together and not make it a partisan issue.

~~~
mc32
If you want Russia to pull back, you have to pull back too (ala Bill Clinton
detente) Pull back on the sanctions, pull back on hovering over and picking up
pieces in their former sphere of influence (former central Asia soviet reps).

We might be able to influence N Korea with these tactics, but Russia has a lot
of natural resources, people and materiel. It's a diff game.

You have had (some) people on the left defending Kim Jun-un's actions as
predictable (he's being bullied, etc). Putin's are predictable too, given what
he has to work with.

I think we'd be better off reluctantly working with him (in the ME, for ex.)
than blocking them every corner. It sets them back into a cold-war mentality.
We (the world) need the biggest powers, US, CN, RU, to get along, if not be
friends. We don't see eye to eye in many things (human rights wise, ex,
pollution, ex) but we can work toward a more stable planet.

~~~
PeterisP
Why do you believe that the Russian reaction to pulling back would be to pull
back as well? If anything, all experience shows that they'll use that to do a
power grab in the neighbouring countries instead. Treating "sphere of
influence" as a valid concept is immoral, it essentially means allowing Russia
to do whatever they want to others against their will; there's a good reason
why their neighbours are allying with the west - it's because they want
protection from being "sphereofinfluenced".

If anything, we can say that the current sanctions and other have been
somewhat effective in deescalating violence, and if the west would have pulled
back, then we'd have Ukraine dismembered by now through increased direct
Russian military involvement.

Nothing "sets back" Russia to cold war mentality; they have never left it,
won't will without a regime change, they won't stop treating the west as their
enemy and they will aggressively (re)take the now independent states we let
them to.

~~~
Udik
Do you think the West has no sphere of influence?

And, was it Russia that expanded to the NATO borders, or were the NATO borders
that expanded to eventually reach Russia?

~~~
PeterisP
I'm saying that the whole concept of spheres of influence is outdated, immoral
and invalid. Instead, you should think in terms of alliances or some other
concept that gives agency to the people _there_ , not "the West" or Russia.

The sovereign countries themselves must get a choice - if they want to join
NATO, that is their right, and Russia shouldn't get a veto (nor even a vote)
in that. Countries should be free to join/leave the "spheres" at will, not be
placed there or given or taken.

And, actually, the whole reason why NATO is at their borders is the Russian
insistence of their sphere of influence. If Russia agreed in practice that
their borders stop where they are and that they won't ever poke beyond them,
then their neigbours wouldn't need to even consider NATO.

~~~
gspetr
> And, actually, the whole reason why NATO is at their borders is the Russian
> insistence of their sphere of influence.

Uhh, no.

[https://en.wikipedia.org/wiki/Enlargement_of_NATO#German_reu...](https://en.wikipedia.org/wiki/Enlargement_of_NATO#German_reunification)

------
nextstep
Even the language used in this article is misleading: “hacked the election”.
The actual allegations are that Russia was behind the hacks of the DNC
servers. That is not election hacking! Hacking the election sounds like the
Russians found some vulnerability with voting machines. There is no evidence
of this.

In either case, Trump won the election because he won more electoral votes
than Hillary. And he did this by winning more popular votes in key states.
It’s that simple. The Democrats had an unappealing candidate who ran a weak
campaign in key states. And lost.

What the DNC leaks do show, however, is that the Democrats ran a fraudulent
primary election where they colluded with the Clinton campaign and suppressed
any opposition from the left. This resulted in an unpopular candidate in the
general election, and a public even more untrusting of the Clintons and the
process. The Democrats needs to look in the mirror instead of playing to fears
of Russian boogeyman.

~~~
ece
Trump won because in MI, PA, and WI, Jill Stein received more votes than the
difference between Trump and Hillary.

3rd party candidates in FL in 2000 and MI, PA, and WI in 2016 were the
spoilers for the whole nation. Don't be an idealistic, naive American voter,
be a pragmatic voter!

Yes I know the electoral college is racist, and we need to abolish it.

~~~
xtreme
Why do you assume that all the third party voters would have voted for Hillary
if there were no third party candidate? They could have abstained, or even
voted for Trump. Many libertarian party supporters find the Republicans more
tolerable than the Democrats.

In any case, shaming people because they voted for a candidate who they felt
best represented their views goes against the very idea of representative
democracy.

~~~
ece
I'm not shaming the fact that they voted, I'm shaming who they voted for. You
aren't a responsible voter if you're not up to accepting responsibility for
your vote. If you voted for Trump, hope he's making you happy. If you voted
for Jill Stein or Ralph Nader in 2016 or 2000 in WI, MI, PA, or FL, you are
very much responsible for Bush and Trump respectively in the electoral and
government system we have since your candidate was a spoiler.

These 3rd party voters could have abstained or voted for another 3rd party or
went Republican, but they didn't. They could have traded their vote to someone
in a safe state ([https://www.nytimes.com/2016/09/16/opinion/anti-trump-
republ...](https://www.nytimes.com/2016/09/16/opinion/anti-trump-republicans-
dont-waste-your-vote-trade-it.html)), if Hillary was their 2nd preference. If
not, go ahead, vote for 3rd party candidate who could be a spoiler and has no
chance of winning.

~~~
yellowapple
You aren't a responsible voter if you pretend that voting for a "lesser of two
evils" over a candidate who actually represents your beliefs is ever anything
better than a wasted vote.

~~~
ece
This is the very definition of idealism and being naive about how much your
vote matters, when you should give a thought to your 2nd preference and be
pragmatic if you are in a non-safe state for your 2nd preference. Do vote
trading with someone in a safe state, and your candidate will still get the
same percentage of nationwide votes, and your 2nd preference will win.

Again, I am not saying that don't vote for 3rd party candidates anywhere.

There is no equivalence between Trump and Hillary, and if Voting for Hillary
in a non-safe or safe state would have been a wasted vote, pity the 65 million
who voted for her.

~~~
yellowapple
"This is the very definition of idealism and being naive about how much your
vote matters,"

I was a California resident at the time. My vote was about as close to
irrelevant as one can get; California's electoral votes haven't turned red
since Reagan.

Even if I had moved to Nevada by then (that is: a few months before I actually
did), I would have had zero regrets voting for Johnson. Neither Trump nor
Clinton deserved my vote, simple as that.

"There is no equivalence between Trump and Hillary"

There is plenty of equivalence between two corrupt and most-likely-actually-
criminal sociopaths. There's also plenty of equivalence between two
presidential campaigns that went out of the way to present a "if you're not
with me, then you're against me" mentality and alienate every supporter of the
other candidate.

Importantly, and more specifically, both candidates' campaigns utterly
alienated me as a voter simply because I did not precisely align with their
"one true policy" or whatever. Neither candidate gave me any reason to vote
for them, and every reason to _not_ vote for them.

"2nd preference"

I had no second preference. If I _did_ have a second preference, it might as
well have been Mickey Mouse.

"vote trading"

Oh yeah, and make my vote even more worthless than it already is.

(Of course, vote trading as a California resident would've been an upgrade no
matter what, but now that I live in Nevada, it'd be entirely irrational to
want to _dilute_ the power of my individual vote any further than it already
is).

~~~
ece
I am not sure how to help with your perceptions of campaigns and candidates,
but their likely policies and cabinet appointments were there for anyone to
see. Trump institutionalizing xenophobia is a degree of difference that is
hard for me to see past.

------
eclipxe
The author of this opinion piece:
[https://en.wikipedia.org/wiki/Leonid_Bershidsky](https://en.wikipedia.org/wiki/Leonid_Bershidsky)

~~~
nautilus12
Suddenly we are quick to point out opinion pieces in a media landscape where
that has become otherwise irrelevant.

Left = 'unverified facts', Right = 'opinion piece'

~~~
willstrafach
If you check the article, this really is an opinion piece, not an article
based on solid verifiable facts.

------
slackingoff2017
This points to using a cheap Linux box at host VPS.

AWS micro instances run Linux basically by default and have about 150-250
megabit connections.

I assume they loaded the documents onto a hacked AWS box running WordPress or
similar and downloaded them later from there. Hackers almost always tunnel
through at least one compromised machine because they don't trust a VPN alone
for anonymity.

In no way does this imply anyone was or was not responsible. This is a common
thing to do for any hacking group

------
bradleyjg
It's odd that the bloomberg piece has a whole bunch of links but doesn't link
the VIPS letter. It's here: [https://consortiumnews.com/2017/07/24/intel-vets-
challenge-r...](https://consortiumnews.com/2017/07/24/intel-vets-challenge-
russia-hack-evidence/)

Also it goes out it's way to mention William Binney, and The Nation article
linked from it mentions other ex-government employees associated with VIPS,
but neither mentions the mysterious Skip Folden that VIPS relied on as thier
technical expert.

This is what the VIPS letter says about him:

 _Independent analyst Skip Folden, who retired after 25 years as the IBM
Program Manager for Information Technology_

but if he spent 25 years as a high or even medium level employee at IBM I
would expect some kind of internet trail and I couldn't find one.

~~~
Animats
The name is "Norman (Skip) Folden", and people on Reddit have been trying to
ID him.[1] There's someone 85 years old with that name, but that seems an
unlikely match. "Program Manager for Information Technology" is usually a job
title at a customer site, says Payscale.[2] An "IBM Program Manager for
Information Technology" may just designate someone who ran an IBM mainframe
shop.

[1]
[https://www.reddit.com/r/conspiracy/comments/6q49di/july_5_2...](https://www.reddit.com/r/conspiracy/comments/6q49di/july_5_2016_in_the_early_evening_someone_working/)
[2]
[http://www.payscale.com/research/US/Job=Program_Manager%2C_I...](http://www.payscale.com/research/US/Job=Program_Manager%2C_IT/Salary)

~~~
PhantomGremlin
_may just designate someone who ran an IBM mainframe shop_

It's quite possible that he worked for IBM running mainframes on site for the
NSA or CIA or any of a myriad of relatively secretive US government agencies.

If so, together with IBM's historic penchant for secrecy, and given that
Folden is perhaps closer in age to The Greatest Generation than to The
Millenials, he just might not be very visible on Google.

I'd bet that searching "real" databases, e.g. DMV records, Social Security
records, IBM employee payroll lists, property tax records, etc, would be far
more productive.

------
redm
I find it interesting that no one is discussing the fact that the DNC's leaks
were damaging only because they were not operating impartially. Regardless if
the leaks came from Russia or a whistleblower in the DNC, isn't the fallout
somewhat self inflicted?

~~~
grandalf
Yes, and the only reason I was interested in the leaked information was
because of the transparency it provided into the DNC and Clinton Foundation.

In a democracy, transparency is a good thing.

There are still a variety of things that were in the emails pertaining to
campaign finance violations and DOJ improprieties that have essentially been
ignored. Regardless of how the American people came to know about these
things, they should be the focus of the investigation.

------
tootie
I don't get either of their arguments. Yes, 180mbps is pretty fast for
residential internet, but it's certainly not hard to get nor is there any
reason to believe he was using residential broadband. The MS Word thing I
didn't follow at all.

~~~
jgacook
According to the website of "Adam Carter" (linked in the article:
[http://g-2.space/](http://g-2.space/)) the 180MBPS is only unusual if you
assume the hacker was Russian - it's very fast for a VPN connection and,
according to Carter's website, is consistent with USB 2 download speeds.

For more about the MS Word stuff, here's the page on that:
[http://g-2.space/intent/](http://g-2.space/intent/)

~~~
mjevans
Was this based on file timestamps in some archive?

I'll grant that it could also be related to some way the files were prepared
in the interim, but it is at least worthy of considering where that metadata
might have come from or been replaced through normal activity or intentional
operations.

~~~
ajross
It was. And in fact afaict the archive was never public.

------
fulafel
Obviously wrong bit: "Downloading such files this quickly [at 22.6 megabytes
per second] over the internet, especially over a VPN (most hackers would use
one), would have been all but impossible because the network infrastructure
through which the traffic would have to pass would further slow the traffic."

------
Cacti
This is an interesting analysis, but determining download speeds (and the
resulting conclusions about how the data was moved about) from zip file
metadata is still basically guesswork. You have to make a number of
assumptions for this to work out, and yes, they are reasonable assumptions, I
guess, but they are still assumptions.

I would also point out that this article is mostly revolving around whether
_some_ portion of the DNC emails were purposefully leaked, but it doesn't say
much at all about the remaining incidents and data. It certainly doesn't
disprove the "russia story."

~~~
thomasko
Additionally the claims they make about timezones are also only based on the
difference of timestamps. Eg they see that the difference between 7z (Unix
timestamps thus UTC) and RAR3 (MS-DOS localtime) is three hours. The way they
then conclude it's Eastern time is very flimsy.

In fact that that alle files, even those in rar-files were all modified on the
same time, convinces me more that the timestamps have nothing to do with the
transmission. But that someone altered them after the hack, or that but more
unlikely is that all the timestamps are still untouched and exactly on how
they were on the DNC server

~~~
swiley
Eastern time is 4 hours (and at the time, probably 5) from UTC. 3 hours is
somewhere in the ocean.

------
Hasknewbie
So, maybe I'm missing something here, but since when does the Russian
_hacking_ stand for "the Russian _story_ " as a whole? Manaford's no-knock
warrant, Jared's Russian embassy back channel, or Donnie Junior's e-mails seem
like much more important items in said story so far. Within that context the
DNC hacking seems to me to be only a small piece of the puzzle. Its validity
(or not) does not call the other elements's veracity into question.

------
discardorama
> _VIPS instead surmises that, after WikiLeaks ' Julian Assange announced on
> June 12, 2016 his intention to publish Hillary Clinton-related emails, the
> DNC rushed to fabricate evidence that it had been hacked by Russia to defuse
> any potential WikiLeaks disclosures._

This is laughably stupid. Why would attributing the hack to Russia instead of
Wikileaks or whatever make any difference to the _contents_ of the hacks?

~~~
arca_vorago
Because the media and the mass conciousness is that easily manipulated? It
worked, didn't it?

------
willstrafach
> CrowdStrike, the firm whose conclusions informed much of the intelligence
> community's assessment

I don't think this is true at all. I do recall CS releasing their own report
in early summer, but my understanding is the January IC assessment was a
completely separate document which did not cite the CS report in any way.

(If I am missing something here, happy to be corrected, this aspect just stuck
out to me)

~~~
monocasa
The IC assessment was just regurgitating CS's report. The IC just took CS at
their word since they would have contracted out to someone like CS to begin
with. The FBI, for instance, wasn't allowed to look at any of the evidence
directly. AFAIK, no government entities have looked at the raw data.

Edit: [http://www.politifact.com/truth-o-
meter/statements/2017/jul/...](http://www.politifact.com/truth-o-
meter/statements/2017/jul/11/donald-trump/did-john-podesta-deny-cia-and-fbi-
access-dnc-serve/)

> In his testimony in January on the cyber attacks, then-director of the FBI
> James Comey said the agency never got access to the machines themselves, but
> obtained access to the forensics from a review of the system performed by
> CrowdStrike, a third-party cybersecurity firm.

~~~
willstrafach
To clarify, this is the report I am referring to, and it does not appear to
mention CrowdStrike at all:

[https://www.dni.gov/files/documents/ICA_2017_01.pdf](https://www.dni.gov/files/documents/ICA_2017_01.pdf)

~~~
monocasa
Sure, they didn't cite CrowdStrike, but there's no extra information in that
report other than what came from CrowdStrike's report.

~~~
willstrafach
There definitely appears to be additional information in the IC assessment
though.

~~~
monocasa
Like what?

~~~
willstrafach
They're different reports. I don't quite understand what you are saying.

> The IC assessment was just regurgitating CS's report. The IC just took CS at
> their word since they would have contracted out to someone like CS to begin
> with.

The IC assessment appears to be very different. It describes information
sourcing without any reference to an analysis of DNC servers (let alone
CrowdStrike). There does not appear to be any indication that information from
CrowdStrike's analysis or any information from DNC servers at all was used to
generate the IC assessment.

------
todd8
More technical details can be found here:
[http://g-2.space/sixmonths/](http://g-2.space/sixmonths/)

------
ece
So, as a motive, one possibility could be the DNC orchestrated the DNC leaks
to blunt the effect of trickling podesta/wikileaks emails if it was somehow an
insider. Why become the news during a campaign where every moment Trump spoke
his poll numbers went down? And show their own favoritism? It doesn't seem
plausible. This could all be more Russian disinformation. As far as the
podesta/wikileaks emails go:

1) Russia's history when it comes to election meddling and spreading dis-
information speaks for itself, yes the US does it too, but the Russia is on
another level (Every eastern European country has been a public target from
the same groups).

2) Russia had a lot more to fear from Hillary than Trump. The sanctions and
military ratcheting would likely be more in force than it is now under Trump
and a dysfunctional congress. Hillary was a known hawk on Russia, compared
with Manafort/Flynn on Russia.

3) Putin himself said "some patriotic Russians might have done stuff" like
sending phishing emails.

When Russia faced the lemon of a Hillary administration, they made lemonade.
Arguably, it wasn't that hard and paid for itself. We as the voting public
knew most of this before the election, including partly about Trump's intent
of collusion and possibly collusion, and voted the way we did anyway.

Assange is kind of irrelevant, he has always had his own motives, and it's
pretty clearly being anti-US. Offering Damore a job with wikileaks, really?

------
wbillingsley
There's something I don't get about the "Trump-Russia scandal":

It seems to me the chances are Russia tries to hack most US politician's
emails every day, and probably twice on Sundays. Even the nice ol' US was
caught in 2009 spying on the UN Secretary General and the Security Council
delegations of its _allies_ ; do we really for one moment think that famously-
spy-heavy bad-guy Russia and its ex-spy-master President wouldn't be
constantly trying to get its hands on the emails of its Cold War enemy?

In which case, hunting whether Trump encouraged Russia seems like hunting for
who asked the clouds to rain this morning.

Which makes the US reaction not smell right. It smells somehow like a game of
pretexts.

So having "not got that" about the scandal -- something seems fishy here -- it
looks to my amateur, non-US, non-politician, probably-too-cynical eyes, like
there's five parties having a political fight for control (and yes I am being
deliberately simplistic and caricaturing):

\- The Trump team, who seem like they're recruited like the Dirty Dozen
(you're so unsuitable for any normal administration, and possibly borderline
insane, that you've got nothing to lose with this crazy mission...)

\- The powers that be / senior civil servants. Trump spent his entire campaign
calling Washington "the swamp" and declaring he'd drain it. Did you think they
wouldn't fight back, the FBI wouldn't leak, they wouldn't try to undermine
this braggart who's just come marching in telling them he's going to rip them
apart?

\- The Republican establishment (McCain, etc). Did you really think parts of
the Republican party that spent so long wanting anyone but Trump would grow to
like him?

\- The left-of-centre echo chamber (us techie types, journalists, other
professionals), whose typical MO is to use the levers of embarrassment,
twitterstorms, and rhetoric to try to shovel any government we are unfortunate
enough to have over us into following our agenda

\- Modern industry, which seems to have cottoned onto the idea that if
publicly you say enough "left" things (equality, diversity) and sound
passionate about social progress, you can pursue a "right" agenda (not paying
tax, disempowering employees, building private monopolies with moats around
them) without anybody making much fuss.

And though that may be a gross caricature, in that model somehow the behaviour
seems to make sense. For example, the Trump-Russia scandal as a way of tying
Trump's hands and forcing him down foreign policy lines he doesn't want. The
administration's seeming dysfunction, because anyone who joins them knows it
is the only administration they will ever serve, so you can only get amateurs
who don't know the game of White House politics or think they can change how
it is played. The constant storms over his latest tweet, despite his tweets
having been incoherent for years, because raising the level of outrage creates
social roadblocks -- making avenues hopefully too sensitive and already too
explosive for him to travel further down them.

Which makes Russia seem like an irrelevant bystander -- doing what it does
every day (which happens to be trying to hack American servers for everything
it can get, while trying to nibble at gaining more control and influence in
Eastern Europe and the Mediterranean).

~~~
dragonwriter
> hunting whether Trump encouraged Russia seems like hunting for who asked the
> clouds to rain this morning.

The Trump-Russia scandal isn't about whether Trump “encouraged” Russia, which
seems to be the basic error in your entire argument.

