The Washington Post released unsubstantiated reports from anonymous sources that the DNC emails were hacked by Russia and released through Wikileaks. This is an extraordinary claim, and the evidence should be likewise extraordinary
4 years later, however, these remain allegations only, the lack of which drives the idea of a deep state conspiracy in conservative circles
If you're inclined to believe the Russia hacking allegations, this story will seem like a completely different, false equivalence, because one is true (the hacking allegations) and the other is false (the Hunter Biden allegation). But consider: there is as much hard evidence for one as the other, and both are damaging, destabilizing allegations
> 4 years later, however, these remain allegations only, the lack of which drives the idea of a deep state conspiracy in conservative circles
There was an indictment by the federal government[1][2]. That's certainly more reliable than a computer repairman finding an email on a hard drive on an abandoned computer.
An indictment is an allegation, as I said. An allegation is not proof
If you are indicted for a crime, the prosecutor must prove the allegations
If you are inclined to believe the allegation, your bar for proof will be quite low. Perhaps the accusation is enough.
For me, a destabilizing accusation like that requires more proof than anonymous CIA sources saying its true. I wish more Americans would put their dislike of Trump aside and demand that proof. It's not about Trump, it's about a destabilizing accusation from a government department. If they can do that about the President you don't like, they can do it about the President you do like
Again, the hard evidence, tangible and verifiable, is about the same for both
I am open to be proven wrong, believe me, but links to indictments is not proof
> unsubstantiated reports from anonymous sources that the DNC emails were hacked by Russia and released through Wikileaks.
A US government report is not anonymous. That's very clear who the source of that report is. It's the US government. I would also hesitate to call is unsubstantiated. There's a lot of substance in the indictment, including specific dates and times of actions, and names of the attackers.
> there is as much hard evidence for one as the other, and both are damaging, destabilizing allegations
No, there is more hard evidence for the DNC hack. If you want more hard evidence, see CrowdStrike's analysis[1], Google Search logs[2][3], ThreatConnect's analysis of email headers[4][5], Secureworks's analysis[6], Fidelis's analysis[7], FireEye's analysis[8].
I know that you believe it's true, and so your bar for hard evidence is lower than if you were skeptical, but I personally don't find affidavits on "The Smoking Gun" convincing; neither am I impressed by Crowdstrike's blog saying they have evidence, and then providing a bunch of links to other people who also say they have evidence, much as you have done here
[8] mentions "forensic details in the malware". Great! I want to be convinced! That is hard evidence! However, [8] does not contain details.
What specific forensic details, though? I have followed that rabbit hole. There was a limited release of the forensic details: the unclassified, public forensic evidence does not and cannot show the allegations to be true. It doesn't refute them, either, but it only shows that someone used (outdated!) malware that is available to any script kiddie, not state-level superhackerware. Stuxnet it ain't.
There are allusions to classified evidence that irrefutably demonstrates that Russia and Putin were involved. So, again, if you are inclined to believe the story, then "The CIA and NSA have evidence, but it's classified" is enough. Maybe it's true? Unknown.
If you are disinclined to believe it, or want hard evidence before you decide, then it looks suspicious. Destabilizing governments and throwing FUD is what the CIA does. This is documented. That's its expertise. That's its hammer. It doesn't mean that they are lying this time, but ... I mean, come on, it's the CIA. Reasonable people can be suspicious that the spooks are lying, here. Perhaps they are partisan Democrats, distracting from the content of the emails. Perhaps they are never-Trump Republicans. Perhaps Trump is a Russian asset indeed. Who knows? They don't show their hand. Nor hard evidence.
Hard evidence is not "Trust us, we have names, dates and credible intelligence" with lots and lots of footnotes
Now that you know what hard evidence would convince me, would you mind going through that list of links and finding it? If it's not there, consider that hard evidence does not exist. So, to recap: specific forensic evidence is great! Specifically "forensic details in the malware". That. Show me that. Or something equivalent
Links to people saying they have reviewed the forensic evidence and concluded Russians were involved, testimony before Congress, CIA reports without that forensic evidence, HN discussions, affidavits and such are not it.
>but I personally don't find affidavits on "The Smoking Gun" convincing
Are you saying you think the affidavit is fake? Or that the info in the affidavit is not a strong indicator of Russia's involvement?
> but it only shows that someone used (outdated!) malware that is available to any script kiddie, not state-level superhackerware. Stuxnet it ain't.
Russia sometimes intentionally uses unsophisticated malware because it helps to make attribution harder.[1]
> Destabilizing governments and throwing FUD is what the CIA does.
Yes, but it's not what CrowdStrike, ThreatConnect, Secureworks, Fidelis, or FireEye do. Their business is to perform computer security investigations. Why would they jeopardize their business by publishing lies?
> Perhaps [the CIA] are partisan Democrats, distracting from the content of the emails. Perhaps they are never-Trump Republicans.
(a) Just because you're a partisan Democrat doesn't mean you do your job entirely wrong and fill your reports with lies. Same for never-Trump Republicans.
(b) The CIA is not a homogeneous unit. There are people there of various political backgrounds.
(c) Senator Richard Burr, who endorsed Trump[2], who was chosen by Trump to be a national security advisor[3], and who was accused of being "too close to Trump to lead an impartial investigation"[4], led a Senate committee that unanimously said the report was correct:
> A three-year review by the Republican-led Senate Intelligence Committee unanimously found that the intelligence community assessment, pinning blame on Russia and outlining its goals to undercut American democracy, was fundamentally sound and untainted by politics.
> “The I.C.A. reflects strong tradecraft, sound analytical reasoning and proper justification of disagreement in the one analytical line where it occurred,” said Senator Richard M. Burr, Republican of North Carolina and the panel’s chairman. “The committee found no reason to dispute the intelligence community’s conclusions.”[5]
Also, the CIA wasn't the only federal organization involved, the FBI was as well. That would make it harder for the CIA to introduce any lies into the investigation. And the DHS and ODNI agree with the conclusion.[6]
So you want a list of specific hard pieces of evidence. Here are some:
(a) The attackers registered a domain (misdepatrment.com) and pointed it to a known APT-28 command and control IP: 45.32.129.185.[7]
(b) The domain shared an https certificate with a previous attack by Russian APT-28, on Germany.[7]
(c) The malware contained a hardcoded IP (176.31.112.10) that was previously hardcoded in malware used in that attack on Germany.[7][8][9]
(d) A Guccifer 2.0 document contained metadata with the name of a famous Russian person.[7]
(e) A Guccifer 2.0 document contained a message indicating it was edited by a computer with Russian language settings.[7][10][11]
(f) The way Guccifer 2.0 spoke to reporters indicated he was a team of people, because his English skills changed.[7][12]
(g) APT-28 beginning in 2015 launched phishing attacks using a bit.ly account to target 1,800 Google accounts. In 2016, they used that exact same bit.ly account to target Hillary Clinton's campaign.[13][14]
(h) APT-28 previously had created false hacker personas, similar to Guccifer 2.0.[15]
(i) The SeaDaddy malware from the DNC had nearly identical code obfuscation techniques and methods to SeaDuke malware previously attributed to APT-29.[8][16][17]
(j) Guccifer 2.0 used a Russian VPN with a custom config. Possibly an indication that it's a custom government-only deployment of the VPN.[18][19]
(k) Guccifer 2.0 once didn't use the VPN, and the IP was from Moscow.[19]
I've barely scratched the surface here, and intend to continue, but it's been awhile and I want to honor your efforts here with a progress report.
While I am critical, I have not yet come to any overall conclusion about everything you have presented here. These are just some observations and comments about one article, the Vice article. I really want to stress that my pushback is not a refutation of the argument as a whole.
>> Yes, but it's not what CrowdStrike, ThreatConnect, Secureworks, Fidelis, or FireEye do. Their business is to perform computer security investigations. Why would they jeopardize their business by publishing lies? <<
This is not very convincing, to me. I don't think speculating on why someone would lie is fruitful. People and organizations lie or are mistaken all the time. In following the rabbit-hole of the vice article ([7], above) I found this [1] "A security firm made headlines earlier this month when it boasted it had thwarted plans by organized Russian cyber criminals to launch an attack against multiple US-based banks. But a closer look at the details behind that report suggests the actors in question were relatively unsophisticated Nigerian phishers who’d simply registered a bunch of new fake bank Web sites.... Colorado Springs, Colo.-based security vendor root9B, which touts a number of former National Security Agency (NSA) and Department of Defense cybersecurity experts among its ranks." Why would a security firm with NSA and DoD experts exaggerate or be mistaken about a Russian hacking intrusion? Again, I don't care to speculate, but for our purposes it's enough to note that people and organizations do lie, or exaggerate, or are mistaken, and get headlines anyway from credulous media outlets
Speaking of rabbit holes, let's compare the coverage of the DNC hack to the coverage of the German Bundestag attack. This article [2] is very straight-forward. The investigator lays out the report clearly without lots and lots and lots of footnotes and testimonials and circumstantial, distracting links. I urge you do read it. It's quite short. The evidence is there, in the report. The language is simple. Russian hackers may have been behind the malware used in the attack on the Bundestag left. Could I read a such a clear and unadorned report about the DNC hack?
Let us contrast it to the link-flood above, and in the Vice article ([7], above) and in all of the coverage of the DNC hack. Perhaps there is a simple report like [2] that lays out the evidence clearly, but if so it is buried beneath baffling bullshit. It's almost as if the analogy of [2] does not actually exist anywhere, and the link-flood is an attempt to convince us that where there is smoke there's fire, and somewhere there must be hard evidence.
Specifically, let's unpack the Vice article a little bit. It takes 11 or so paragraphs to get to this, which arguably should have led the article:
"One of the strongest pieces of evidence linking GRU to the DNC hack is the equivalent of identical fingerprints found in two burglarized buildings: a reused command-and-control address—176.31.112[.]10—that was hard coded [a] in a piece of malware found both in the German parliament as well as on the DNC's servers. Russian military intelligence was identified [b] by the German domestic security agency BfV as the actor responsible [c] for the Bundestag breach. The infrastructure behind the fake MIS Department domain was also linked to the Berlin intrusion through at least one other element, a shared [d] SSL certificate."
(I use letters, because I want to make a clear distinction between my links/footnotes versus those of Vice)
(Note that the shared SSL certificate, mentioned in Vice and [2], is also mentioned in Krebs On Security [1] - and rejected there as evidence of Russian hackers)
It should have led with its strongest evidence. Why didn't it?
I have supplied three footnotes, one of them to a very clear example of the kind of evidence or report I am looking for. This single Vice article, by contrast, provides no less than four in this single paragraph alone, never mind the entire article which is replete with them. Let's go through them
[This comment is a continuation from a previous comment. Please read that one before reading this one]
[... continued]
[a] is to a Twitter post, itself a reply to a now-deleted Twitter post. It's a person looking for clarification from the now-deleted OP! This is "one of the strongest pieces of evidence" that Vice (and yourself, apparently?) can muster, and it's a Twitter reply, seeking clarification, from a deleted tweet.
[b] is a German-language report from BfV about, as far as I can tell, Russian cyber attacks on Germany, and not relevant to the DNC attack.
[c] an article about the Russian attack on the German bundestag and the German response. Not relevant to the DNC attack.
[d] is the to the same thread as in [a], the fellow looking for clarification from the now deleted OP
Why would Vice provide so many links to only peripherally related material? Why didn't it link directly to [2]? The author must have seen it, and it far more supports the assertion than [a]-[d]
Could it be to bolster the appearance of overwhelming evidence when there actually is very little?
Let's evaluate that actual claim itself, the strongest evidence: "a reused command-and-control address—176.31.112[.]10—that was hard coded in a piece of malware found both in the German parliament as well as on the DNC's servers"
First, from the Bundestag report [2]:
"While attribution of malware attacks is rarely simple or conclusive , during the course of this investigation I uncovered evidence that suggests the attacker might be affiliated with the state-sponsored group known as Sofacy Group (also known as APT28 or Operation Pawn Storm). Although we are unable to provide details in support of such attribution, previous work by security vendor FireEye [i] suggests the group might be of Russian origin, however no evidence allows to tie the attacks to governments of any particular country. " (emph. mine)
The researcher is much less certain that the attack was from Russia than Vice is, apparently. Cannot provide details, literally says "no evidence allows to tie the attacks to governments of any particular country"
From [i] "SOURFACE: This downloader is typically called Sofacy within the cyber security community. However because we have observed the name “Sofacy” used to refer to APT28 malware generally (to include the SOURFACE dropper, EVILTOSS, CHOPSTICK, and the credential harvester OLDBAIT), we are using the name SOURFACE to precisely refer to a specific downloader."
This is the only mention of Sofacy in the entire report, which goes on to link SOURFACE to Russia. The link to Russia, and it's a fair point, is that SOURFACE has been deployed in niche situations that support Russian interests. So SOURFACE is Russian. Russian state? Perhaps.
The evidence is even more tenuous: The FireEye report links Russia to SOURFACE, a piece of malware, and not Sofacy. But let's grant it. SOURFACE is Russian State, and we now know that Russia engages in cyber attacks.
What about "the strongest piece of evidence", that hard-coded C&C IP address `176.31.112[.]10`? I'm not rejecting the evidence, but am going to push back on it. I don't know enough to evaluate this claim: "Those servers were dead at the time, so at best these would be leftover artifacts, not in-use infrastructure" [3]
Is it not possible that the Bundestag attack and DNC servers were attacked by script kiddies, using outdated malware? I have a feeling the Bundestag researcher [2] would shrug and say "It's possible". Not Vice though.
If "those servers were dead at the time" is true, it wouldn't just be misdirection from Russian state actors, it would bespeak profound incompetence. It might even be evidence against Russian state actors at least, in these cases.
Why do I give a shit? Why spend an hour and a half writing this already too-long response, evaluating what's turning out not to be the hard evidence I asked for?
Remember: the original claim is that the DNC was definitely attacked by Russia, that Russia helped Trump to win with both the collusion of the Trump campaign and WikiLeaks. In support of this claim were quotes from anonymous sources and a baffling maze of links designed to obfuscate the fact that it's far from definite.
Because of this dubious claim (again presented as definitely proven without a doubt):
* The legitimacy of the Office of the Presidency has been destabilized. I don't think most Americans understand how dangerous this is. It's more dangerous than an actual terrible, shitty President. It's more dangerous than Pol Pot himself being elected President, because checks and balances would reign in a genocidal maniacs worst impulses. Once that legitimacy is destabilized, all bets are off: peaceful transfer of power is destabilized and all hell breaks loose. The stability and prosperity that Americans have enjoyed for 150 years becomes civil war, strongmen, competing Presidents, ruin. This is not within living American experience, so people can be cavalier about saying "I know the President is a Russian asset" and then pass off a maze of nonsense as "proof". I don't get it, I really don't.
* With respect to Julian Assange, the erstwhile leader of WikiLeaks, the rule of law and inalienable human rights are being egregiously violated, with the encouragement of rank-and-file Democrats, because of this dubious claim that WikiLeaks colluded with Russia to get Trump elected. If it can happen to Assange, it can happen to any journalist, if the accusation is terrible enough. If it can happen to any journalist, it can happen to anyone.
I really do want to see the strongest evidence, not get worn down by looking at Twitter feeds and irrelevant German-language reports and such
So, please, for the love of everything you care about, don't make me dig through a flood of nonsense to find that one gem of [2] with falsifiable information. Link directly to the report, the strongest piece of evidence, if you can. Please, supply one link. If you keep flooding me with a maze of links, that will take me hours and hours to go through, it will make me think that you don't actually read what you're sending me, or that you don't have evidence.
In any case, I will continue to look more in detail at everything you have here. Maybe something there is that gem.
>4 years later, however, these remain allegations only
As the other user already pointed out this was has been proven. And they also have the exact unit and names of the Russian intelligence officers who did the hacking.
How are you going to convict Russian intelligence officers? You think Russia will hand them over?
Again the hard evidence that you are dying to see is classified and would reveal American hacking capabilities. If Putin is not willing to send over his officers who did that hacking, then why should the US government give up the evidence for nothing in return?
Revealing how America identified the Russian hackers would be extremely valuable for Putin and his KGB/GRU operatives. They can use this information to better their hacking operations in the future.
> Again the hard evidence that you are dying to see is classified and would reveal American hacking capabilities. <
Then we are back to exactly what I said at the start: they remain allegations only. Nothing has been proven, as you said. One either believes anonymous sources within the CIA and the people who believe them, or one wants evidence for such an extraordinary claim.
Remember: it's not just about Russians, but the original allegation was that the Trump campaign was involved. That has been very quietly walked back.
The DNC was definitely hacked and the content of the emails were embarrassing to powerful people, but whenever the content of the emails are discussed, people start shouting about Russians and Trump's love of Putin. This is very convenient to these same powerful people
The email exposure could have been a revelatory renaissance for the DNC, a real moment of self-aware house-cleaning. I was really hoping they would slim down and become a truly effective opposition party. Instead, it's Russians.
Given the lack of evidence and the unprecedented political climate, particularly the distraction from the emails themselves, I would like more evidence than "Trust the DNC and the CIA and the NSA when we say: Trump colluded with Russians to get elected!"
Do new Presidents have a meeting with Head Spook who says "Support our illegal, unethical mass surveillance program or we'll make everyone think you like to get peed on"?
Every single American should demand that evidence even if they despise Trump. The same destabilizing allegation can be made against anyone without that requirement for evidence irrespective of political persuasion. I would be this oppositional on behalf of Clinton, Biden, Obama, anyone. You should too.
>Remember: it's not just about Russians, but the original allegation was that the Trump campaign was involved. That has been very quietly walked back.
Well considering that Trump's attorney general William Barr shut down the investigation and is reversing Mueller's charges that is not surprising. So not only was there never a full investigation done but the mediocre investigation we had is being undone. We will never know the truth of Trump's and Putin's secret relationship until a proper investigation is done. Including Trump's finances.
No one walked back on anything. It was simply not investigated since Republicans (especially people like Mitch McConnell) are putting party over country and not holding the president accountable.
DNC has many problems including mediocre security and treating candidates differently and picking favorites but that is not the topic of the discussion.
>Every single American should demand that evidence even if they despise Trump.
The problem with your entire premise of demanding evidence is that it's a red herring. This is not about producing evidence because any evidence produced you can label as fake or made up or false flag. Once evidence is provided the goal post is moved to evidence being made up or not credible. There is absolutely no benefit in the US government revealing evidence except for making Putin's team of hackers smarter. The people who believed that Russia did it --- will continue to believe it and that people who didn't --- well they will find new excuses for themselves.
>> any evidence produced you can label as fake or made up or false flag... Once evidence is provided the goal post is moved to evidence being made up or not credible. <<
There was no goal-post moving here, and accusing others of bad faith is against the guidelines. Accusing me of bad faith here is unfair and inaccurate. I ask for evidence that matches the magnitude of the assertion and that has never changed. Evidence I would accept is falsifiable: the forensic footprints of the malware, or equivalent
Can I see the evidence myself and evaluate it on its own terms? The answer, after 4 years, is a hard no. Lots of articles; lots of partisans saying it's true; lots of people such as yourself who are convinced, accusing others of moving goalposts; but nothing tangible
My original assertion is that this all remains an allegation. In response, you and the other user posted lots of links to people affirming that they know it to be true.
Your original assertion was that it has been proven and to claim otherwise is "disinformation", but so far, and bear with me please: so far, you have people telling you that it's true. Only. And that's okay! It doesn't mean they are lying or misinformed. They could be telling us the truth. At the end of the day, if you trust those people not to be lying or misinformed, then it's good enough
I would hope that you see here that principled people can disagree, even if you find all the affidavits for it compelling and convincing.
>> No one walked back on anything. It was simply not investigated since Republicans (especially people like Mitch McConnell) are putting party over country and not holding the president accountable. <<
It could be that they are cynical, perhaps a bit evil, and know in their hearts the President is working against the interests of the country, but just gain too much personal benefit from looking too closely. Or, and stay with me here, perhaps at least some of them truly and reasonably believe that the evidence is not strong enough
I'm most likely done with this thread, but I do appreciate your contribution. If you would like to have the last word, know that I will read it and consider carefully what you have to say. I would love one link to the evidence you personally found most compelling. I will open-mindedly look at it
>perhaps at least some of them truly and reasonably believe that the evidence is not strong enough
Again this is why we need a thorough investigation into the matter. So far there has not been one. You of all people need to be demanding this since you want to get to the bottom of this and see the evidence.
Furthermore senate republicans have walked of committee hearings, they refuse to call witnesses, and they refuse to listen to witnesses. This shows you that they don't care about the evidence. And that answers your last question.
It is a straight-forward report on what the malware found on the German parliament's computers. The researcher is clear about what is known for certain and what is speculation.
No editorializing, no committees, no VIPs testifying before Congress, no confusing arrays of links to other links to other links ending up at broken links.
Does such a thing exist regarding the DNC hack? If you cannot find it (as I cannot, after 4 years), consider that it does not exist. And if it does not exist, why not?
The Washington Post released unsubstantiated reports from anonymous sources that the DNC emails were hacked by Russia and released through Wikileaks. This is an extraordinary claim, and the evidence should be likewise extraordinary
4 years later, however, these remain allegations only, the lack of which drives the idea of a deep state conspiracy in conservative circles
If you're inclined to believe the Russia hacking allegations, this story will seem like a completely different, false equivalence, because one is true (the hacking allegations) and the other is false (the Hunter Biden allegation). But consider: there is as much hard evidence for one as the other, and both are damaging, destabilizing allegations