BACKGROUND:
Who did Russia want
as the US president
in 2016?
I think the answer is obvious
-- another Democrat,
who was like Obama:
(1)
Obama looked
the other way as Russia
grabbed Crimea, and
eastern Ukraine,
(2)
Obama drew a red line
in the sand in Syria,
and then backed down
to let Russia rescue Assad, and
(3)
Obama sent $150 billion
to Russian ally Iran
for an empty promise
to stop their
nuclear program.
The claim that Russia
wanted Trump, a tough guy
who wanted a lot more
US military spending,
to be the next US president,
makes no sense to me.
Of course now
Putin claims that he
had favored Trump in 2016,
just to hurt Trump's reputation.
In fact, if you look at the Trump
relationship with Russia
after the election, it's
very obvious he has been
tough on Russia -- challenging
them in Syria, sending heavy
arms to the Ukraine, and
killing and wounding
several hundred Russian
mercenary troops fighting
for Assad in Syria.
SUMMARY:
Twelve Russian spies
have been indicted
for hacking the
Democrat National
Committee (DNC),
and other interference
with the 2016 US election
(which did not involve
any Americans).
Russian interference,
that we know of,
consisted of the lame
Russian internet trolls
with their $100,000
of Facebook ads,
most after the election
of Facebook ads,
most after the election
and the usual spying
and hacking that
has gone on
for many decades.
The Russian meddling
was incompetent,
having no effect
on election results.
The meddling by Democrats
in the Obama administration,
was also incompetent --
because Trump won !
The claim that Russians
hacked the DNC eMails,
and sent them to WikiLeaks,
is the most important claim
for me to focus on.
DNC eMails initially made
Democrats look bad,
but Hillary quickly
reversed the issue
by claiming
'the Russians did it',
then claiming Trump
was colluding with Putin,
and she tried to create
a (false) image of herself
being tough on Russia!
In the end,
I don't know whether
the DNC eMails ended up
costing Hillary any votes.
The meddling by Democrats
in the Obama administration,
was also incompetent --
because Trump won !
The claim that Russians
hacked the DNC eMails,
and sent them to WikiLeaks,
is the most important claim
for me to focus on.
DNC eMails initially made
Democrats look bad,
but Hillary quickly
reversed the issue
by claiming
'the Russians did it',
then claiming Trump
was colluding with Putin,
and she tried to create
a (false) image of herself
being tough on Russia!
In the end,
I don't know whether
the DNC eMails ended up
costing Hillary any votes.
I wondered why
this indictment
did not come
one year ago.
Perhaps Robert Mueller
needed another year
to gather evidence
that could convict
the Russian defendants
in court ?
The timing is suspicious !
My guess is that Mueller
wanted to embarrass Trump
just before his summit
with Putin?
So far, real evidence,
assuming it exists,
has not been revealed
to the American public
... and I suspect
it does not exist.
I have several big issues
with the indictment:
-- It is a 'show indictment'
because everyone knows
there will not be a trial,
making this a smarmy
prosecution
(because most people
assume indicted
people are guilty,
instead of assuming
they are innocent.)
Indictments are also
too easy to get
(an indictment
only means that
a grand jury thinks
there is a case
-- it is said that
a good prosecutor
could indict
a ham sandwich!)
Here are
my two issues:
(1)
No evidence
has been presented,
so we have no idea
if any of the claims
could ever be
proven in court.
No evidence
will ever be presented,
because there will be
no trials.
We just have to
trust Mr. Mueller,
and his team
of 13 angry Democrats
-- and I don't trust them !
(2)
Are Russian government spies
such unsophisticated hackers
that they left an electronic trail
back to themselves?
They are most likely
among the best hackers,
in Russia, easily able
to leave a false trail
to another country
(our CIA can do that too).
There was no reason
to deliberately leave
a trail back to Russia,
a trail back to Russia,
unless Russians
wanted us to know,
wanted us to know,
which doesn't make sense.
Did Russia's GRU
(Russian military intelligence)
and FSB
(Russian Federal Security Service,
that replaced the KGB)
try to spy on Americans
by hacking computers,
and have they had
some successful hacks ?
Of course they did !
That's what spies do !
I'm very confident
they've been doing that
since Al Gore invented
the internet !
Did the specific Russians
named in the indictment
successfully hack the DNC,
get valuable blackmail material
for use AFTER Hillary was elected,
and then just give away
their blackmail material
to WikiLeaks, for publication
BEFORE the election?
That would make no sense.
But I doubt if we will ever
know the truth about how
WikiLeaks got the DNC eMails.
Here are the reasons
I doubt that the specific
Russians indicted
were the source of
WikiLeaks' DNC eMails:
(a)
WikiLeaks says
the DNC eMails
came from a DNC employee.
Should we trust WikiLeaks?
Well. when compared
with the dishonest Clintons,
and the DNC, I trust WikiLeaks
a lot more.
WikiLeaks has an good reputation
for never publishing fake information,
which is not easy to do,
and never revealing their sources.
WikiLeaks claimed
they got the eMails
from a DNC insider
who was unhappy
about how Bernie Sanders
was treated -- the information
allegedly came to WikiLeaks
on a flash drive.
Some people thought the leaker
was Seth Rich, a DNC employee
later murdered on the streets
of Washington, DC, at night,
with none of his valuables taken.
Julian Assange of WikiLeaks
fueled that theory by offering
a $10,000 reward for information
leading to Rich's killer(s).
But, since WikiLeaks has never
revealed its sources,
I find it hard to believe they
would mention Seth Rich's name
if he was really their source.
We'll never know the truth.
(b)
The DNC never allowed
the Obama FBI and CIA,
headed by people who
strongly preferred Hillary,
to examine their computers
and servers, and verify that
"the Russians did it".
All reports and data given
to the FBI and CIA had been
filtered through CrowdStrike,
who was hired by the DNC,
and that is very suspicious.
(c)
CrowdStrike's main
claim to fame
is "hacking attribution"
-- they'll tell clients who did it,
but that alleged skill is a fraud.
They just tell their clients
what they want to hear,
rather than the truth,
which is "we don't know",
in a way that can never
be verified.
When a big data loss
is announced,
victims want to know
who did it.
Honest cyber-security experts
rarely know because they
almost never catch
the hacking while it is
in progress.
CrowdStrike
falsely claims
they can identify
the hacker,
and then they blame
the governments of
China, Russia, Iran
or North Korea,
knowing those four nations
will never confirm or deny
the CrowdStrike claim,
and will never cooperate
in any investigation !
CrowdStrike attribution claims
can never be verified,
or falsified -- they are a fraud.
(d)
After just one day of
DNC forensic analysis,
CrowdStrike declared
"Russia did it".
According to CrowdStrike,
within 10 seconds
its software “found”
the DNC culprit !
But, in reality, attribution of
computer network intrusions
to specific actors
is universally accepted
as a VERY difficult problem.
Reasons:
-- Malware components
are often the same, or similar,
because hackers
will sell code to each other,
and frequently open source it.
-- Hackers can use
an intermediate computer,
anywhere else in the world,
to divert attention
from their own computer.
Intrusions usually start
after hackers obtain
some insider’s password
or trick a user
into installing malware
on his computer
inside of a network.
DETAILS:
CrowdStrike was called by the DNC
after a suspected a breach
in its network, in early May 2016.
CrowdStrike announced
there were two breaches
by “two separate Russian
intelligence-affiliated
adversaries”
-- Fancy Bear (APT28), and
-- Cozy Bear (APT29).
CrowdStrike suggested
Fancy Bear belongs to GRU
(Russian military intelligence)
and Cozy Bear belongs to FSB
(Russian Federal Security Service,
that replaced the KGB).
The mainstream media
claims that the “DNC hack”
has been confirmed by multiple
private security companies,
and also by the US
"Intelligence Community
Assessment (ICA)"
published January 6, 2017.
But all these "confirmations"
are based on the same data,
from the same source:
CrowdStrike.
The actual reports,
from IT companies
other than CrowdStrike,
included limitations,
qualifications, conditions,
and/or limited confidence in
he 'Russia did it' conclusion.
Obama’s initial request
for the ICA report
was highly biased too
-- he demanded
an “intelligence report
assessing RUSSIAN
activities and intentions
in recent U.S. elections.”
There is too much evidence
that CrowdStrike's attribution
to Russia for the DNC eMails
that were given to WikiLeaks,
contradicting WikiLeak's claim,
was a wild guess, and a fraud
that could never be proven
in court.
CrowdStrike gave the DNC and
Hillary Clinton what they wanted
to hear, because they used
the "Russia did it" claim to
tell the public that Putin
wanted Trump to win --
something that can only hurt
a candidate for US president.
2016
CrowdStrike / DNC Timeline:
CrowdStrike / DNC Timeline:
Apr 29, 2016 – 425 eMails are leaked.
DNC notice suspicious activity.
Apr 30+ – Leaks continue at high level.
May 4 – DNC calls in CrowdStrike.
May 5 – CrowdStrike installs software.
May 6 – CrowdStrike identifies “Russia” as hacker.
May, 3rd week – Leaks continue,
up to ~1500/day.
May 26 and later – No leaks
Jun 10-12 – CrowdStrike “cleanses”
the DNC system.
Jun 14 – DNC announces the hack,
and blames Russia.
Jun 15 – “Opposition research” document
released by “Guccifer 2.0”.
Jun 18-Jul 14 – Guccifer 2.0
releases more documents.
Jul 24 – Hillary starts to malign Russia.
Aug 25 – Hillary makes very aggressive
anti-Russia speech.
Aug 30 – Harry Reid accuses Putin
of attempting to rig
the US election.
Oct 7 – Obama publicly accuses Russia
of cyber attacks on US election systems,
and the democracy itself,
... but does nothing to stop them.
CrowdStrike's Strange History
of Hacking Attribution Fraud,
and Connections to Mueller:
In 2011, Dmitri Alperovitch,
a former McAfee VP,
falsely claimed that
advanced malware families
are unique to hacker groups,
and that the hacker groups
can be identified
by the kind of malware used.
Alperovitch also
falsely claimed
he could identify
a foreign government
behind most intrusions.
Alperovitch met a person
who fell for his trick:
Shawn Henry.
Henry was the
executive assistant director
to Robert Mueller,
who appointed him in 2010.
In March 2012, Shawn Henry retired
from the FBI to join Alperovitch
and George Kurtz in CrowdStrike.
Shawn Henry is currently president
of CrowdStrike Services & its CSO.
From its beginning in 2012,
CrowdStrike has used a
fraudulent attribution methodology
to attract publicity, and customers.
Alperovitch falsely pointed a finger
at the governments of China, Russia,
Iran, or North Korea.
CrowdStrike clients like
their attribution claims:
Being hacked by the China
or Russia government
sounds a lot better than
being hacked by some teenager
in his basement.
When CrowdStrike
encountered
a new type of malware,
the first thing it did
was a national attribution,
reflected in their name
for the hacker group.
Alleged Russian groups
were given a name
ending with Bear.
Steven Chabinsky,
a Deputy Assistant Director
of the FBI Cyber Division
under Robert Mueller,
was hired by CrowdStrike
in September 2012.
He became CrowdStrike’s
general counsel,
and chief risk officer.
By its own admission,
CrowdStrike watched over
the activities of two teams
of alleged Russian hackers
from May 6 until early June.
Just watching them
doesn’t make sense.
The DNC’s IT department
should have shut down
their Internet connection,
then changed all passwords,
and sanitized all computers.
There were 14,409 eMails
in the WikiLeaks archive
with dates AFTER
CrowdStrike’s installation
of its security software.
That means more eMails
were hacked AFTER
CrowdStrike’s discovery
on May 6, than BEFORE.
In CrowdStrike’s
original announcement
that “Russia” hacked the DNC,
Dmitri Alperovitch said,
on the one hand, that the
“tradecraft” of the hackers
was “superb”
and their “operational security
was second to none”
... but if that was true,
how was CrowdStrike
immediately able
to attribute Russia ?
The CrowdStrike company,
and similar “solutions peddlers”,
usually build their case on a chain
of very weak assumptions.
Malware is frequently
attributed to Russia
because Russian words
or Cyrillic fonts are found in it,
or in earlier versions of it.
But Russian is the mother language
for many people living in Ukraine, Belarus,
Kazakhstan, Estonia, Latvia, and Lithuania,
and tens of millions of emigrants
all over the world, including in the U.S.
