Russian Hacking

Our little Q Tree has grown and the talents of various members continue to pleasantly surprise us all. Collecting and sharing info about the Mueller report, yesterday, as we have done so many times before, was a group effort. I’m asking for your help, again.
Within this thread, please DUMP everything you know about Crowdstrike, whether or not the Russians did hack the DNC/Podesta. The info I’ve added is long, technical, and includes many links. Take it in sections if needed, or disregard it altogether.

Since the release of the Mueller report, the DNC + MSM is attempting to establish a narrative. It goes something like this: Okay – So, Trump and his team did not specifically collude with Russia (or we don’t have a smoking gun that he did – but Adam Schiff has secret info), but Russia meddled in the election…. we (the legacy media) were right about it…. and so were our precious 17 intel agencies. If not for Russian meddling…. Hillary would have won. This “SPIN” will save the media’s credibility, DNC politicians, and the Deep State. 

For the following reasons, we cannot allow this narrative, “The Russians Swung the Election”, to survive.

1. Such a narrative will continue to make our President appear as illegitimate.
2. The narrative diminishes and demoralizes Trump supporters massive turnout and effort to get Trump elected…. and elected for 2020.
3. Establishment of such a narrative allows the Obama team, FBI and other intel officials from the 17 agencies, to escape without questions or prosecution.
4. If members of the old Obama team + MSM, can successfully sell, “Russians hacked”, then the premise for their investigation is legitimate in the eyes of the public – and the “institutions” remain protected. The Deep State blends back into the shadows and will not be deterred from acting again.
5. The Special Counsel accepted the results of “17 Intel Agencies” and did not delve into an investigation of whether or not the findings of the intel agencies was valid.
6. We’re being asked to accept, verbatim, Crowdstrike findings and frankly, we’re not sure they are true……. and neither is Crowdstrike. Their findings never rise above the word “possibility” of the Russians being the hackers.

 
Let’s try to create a Timeline: I’ll start off and plug in more details as others contribute.
June 12th, 2016: Julian Assange announces he has Hillary emails.
June 14th, 2016: Crowdstrike announcement in WaPost about DNC hacks. (For those who pay WaPost for a subscription, in the search bar, please type in Washington Post, June 14 2016 Alperovitch, and the article will come up.) For those of us who do not pay for a WaPost subscription, synopsis found here: Link

“…..its forensic analysis of the DNC server had determined malware had been injected into the server — and it had been done by Russians. Not just any Russians, mind you, but agents of Vladimir Putin. Alperovitch and CrowdStrike’s Shawn Henry (a former FBI executive under Director Robert Mueller and President Obama) told the Post that their investigation revealed the DNC server had been hacked by the cyber-espionage groups known as “Fancy Bear,” allegedly associated with the Russian GRU (military intelligence) and “Cozy Bear,” allegedly associated with the FSB (the successor to the infamous Soviet KGB).”

June 15, 2016: Guccifer 2.0 published a single WordPress blog (Link here) reinforcing the “Russian hacking” narrative. Details of Guccifer 2.0 statement and details can be found at a Snopes on June 17, 2016. Link: Snopes Link HereSnopes Link Here Guccifer 2.0 ALSO published a smattering of DNC emails he claimed were obtained in the hack. The Snopes link is RICH with detailed references and other links – also noting Shaun King, from NY Daily News, who immediately became interested and followed the Seth Rich story. 
June 21, 2016: By June 21, Guccifer 2.0 gave an interview with VOX, admitting he was Hungarian, not Russian, and released docs from Clinton Foundation on his WordPress Blog: Link Here
July 28, 2016: By now, the DNC convention is in full swing, and we’ve had over a month to investigate potential hacking. We get the following article from BBC: Link Here The BBC article is REVEALING because the “Doubts about Guccifer 2.0” section is almost identical to the report from 17 Intel Agencies we received in January of 2017, right before President Trump took office. Did Clapper and Brennan copy and paste?

Why are many sceptical about the identity of Guccifer 2.0?

For three main reasons:

• Detailed analysis of the attack on the DNC by US security firm CrowdStrike suggests the organisation was actually penetrated twice – both times by hacking groups, dubbed Cozy Bear and Fancy Bear, known to have links to the Russian state. These groups have successfully penetrated US federal organisations in other hack attacks. (We later learn the logic of Crowdstrike assessment falls apart on this primary point. See below for theory on targeting software for D-30 Howitzers)

• Forensic examination of metadata in copies of documents distributed by Guccifer 2.0 suggest they were edited on a machine set up for a Russian language user. (We later learn the same hardware is available in Brooklyn for about $14 – it’s a Russian language keyboard)

• Technical information including IP addresses extracted from messages sent by Guccifer 2.0 to journalists show a link to the Russian cyber-underground – even though many of the conversations were routed through a French VPN firm. In the past, some of the same infrastructure was used to send junk spam on behalf of Russian crime groups. (Should we be surprised Guccifer 2.0 communicates with underground Russian cyber groups? Or that Russian cyber crime groups sent out spam? How is this proof the GRU or FSB, specifically connected to Putin, hacked Hillary, Podesta, or the DNC?) 

The BBC article (linked above) even concludes this is NOT proof of Russian hacking.

Does this prove that Russia is involved?

No. Attribution, the experts say, is always difficult. Translated, this means nobody knows who to blame. One of the first lessons that any competent hacker or hacktivist learns is how to cover their tracks and how to use proxies, encryption and other techniques to obscure who they are and from where they are operating.

January 3, 2017: Important article, examining issue from all aspects, from George Eliason, worth reading. Link here

How does Crowdstrike’s story part with reality? First is the admission that it is probably, maybe, could be Russia hacking the DNC.  “Intelligence agencies do not have specific intelligence showing officials in the Kremlin ‘directing’ the identified individuals to pass the Democratic emails to Wiki Leaks.”

The Intel Community Report on Russian Hacking, the JA Report

January 6, 2017: Two weeks before the inauguration of President Trump and at the same time President Elect Trump was shown part of the Discredited Dossier, the Intel Community (Obama’s IC) comes out with a “definitive” report on who hacked the DNC. Please follow the NYTimes link for the full 25 page report, Link here  Please read it. The IC Report on Russian hacking is 25 pages of boilerplate and obviously bad logic.
Pages 1-6 tell us why the Intel communities are spectacular and we should trust them. The IC will tell us what to think and their conclusions, but because of “sources and methods” cannot reveal any proof to the public. At the bottom of page 6, the report reveals they are relying on old methods, because we know how Kremlin works.
By Page 7, we get to the meat of the matter in “Key Judgements” = Undermine the public faith in the democratic process, hurt Hillary’s chances at election or her Presidency, because Russia concluded she was the likely winner. We are offered no proof of Russian preference for Hillary and at the bottom of page 7, we see the “Kremlin” targeted both campaigns with social media trolls. And here is the kicker, “High degree of confidence, the GRU used the persona of Guccifer 2.0 and DCLeaks to release US Victim data obtained in cyber operations publicly and in exclusives to media outlets and relayed material to Wikileaks.”    
Page 8: details an old story about Russians looking at publicly available information on voters in state and local boards, as if it’s somehow secret or related.
Page 11: FBI and CIA think Putin and Russia want to discredit Hillary and help Trump. NSA has “moderate confidence. It’s the first time we see the NSA break from the others. Here, on page 11, we see the weakest possible explanation for Putin preference of Trump over Hillary. Page 11 is a must see.   Because Putin “most likely” held a grudge against Hillary from 2011? Did a third grader write this report?  We see words like “probably” and “most likely”, which is a persuasive argument, not fact-based. We also see an argument from IC that Trump/Russia could work together on ISIS and welcomed more friendly relations. No proof, just poorly written persuasion.
Page 12: Accusation Russian intel gained access to DNC in July, 2015, and maintained access until June of 2016. Hard and fast accusation. Proof? Further, GRU “probably” began targeting both sides in March, 2016……. no proof, just speculation. Bottom of page, important, the report claims Guccifer 2.0 and DC Leaks info, as attributed to Russia, was publicly available…., info gleaned from various journalists, info not received as a result of anything the intel community did. .. except for an accusation DCLeaks published emails stolen by GRU in March, 2016 (page 13).
Page 13: Accusation the GRU fed information to Wikileaks (high confidence) but reasoning is weak – because the head of RT visited Assange at Ecuadorian Embassy? Or because RT and Sputnik are pro-Russia? Or more friendly to Trump and cooperation between USA and Russia?
Page 14: Or better yet, because RT/Sputnik noticed American media was often unfair to Trump? (page 14) And cast Trump’s victory as a win against globalism, an outsider unfairly targeted by establishment media…. versus Hillary…. islamic extremist, poor health, and corrupt. And the important point: Russia as the likely financier of, The IRA, Internet Research Agency, St Petersburg, group of internet trolls. By the time we got to the Mueller Report, “likely” became assumed fact — AND Mueller indicted them.
Page 15: History of Cold War = Russia bad. The effort to interfere in 2016 = “boldest yet”.
Page 16-22: Dramatic focus on RT America TV, which was allowed in 2012 into the US, had two shows the IC claimed sowed discord. I believe Mueller’s Special Counsel charged RT with FARA violation. Another show, anti Occupy Wall Street, more accusation of RT America being pro-Russian and claims of Putin/Kremlin tight control over RT. More details on RT Arabia. No discussion of Washington Post printing propaganda directly from China.
In summary, the IC Report on Russian Hacking of DNC/Hillary?/Podesta is alarmingly weak. We have one claim of entry to DNC in July, 2015-June, 2016, with no proof or public explanation. Did the Intel community make the assessment or did it come from Crowdstrike? We have an accusation of GRU entry of DNC in March, 2016, again, no explanation. Was it the IC or Crowdstrike? We KNOW the FBI never looked at the DNC servers. Finally, we see the IC relying on public reporting for an accusation against Guccifer 2.0 and DCLeaks. Pages 1-6 were boilerplate, pages 7-15 were, at most, 6th grade persuasive writing, and pages 16-22 were a copy and paste of someone’s report on RT TV in America.
The Intel Community Report does not leave the reader with a “high degree of confidence”, especially when we consider the TIMING of it’s release, 2 weeks before the inauguration of President Trump.

Crowdstrike + Cozy Bear and Fancy Bear + IISS

Among the many authoritative refutations of CrowdStrike claims are an early analysis by former top IBM executive Skip Folden, entitled “Non-Existent Foundation for Russian Hacking Charge”  — which has since been deleted from WordPress. In fact, one by one, MANY tech experts offering detailed analysis have had their articles removed or taken down. Odd, eh? Binney and other veterans also attacked the findings but have been ignored by both, Haspel and Pompeo at CIA. Binney’s “Memorandum for the President” can still be found here: Link to Binney Memorandum
In other groups, we closely followed the CrowdStrike story from the interview of Dmitri Alperovitch on PBS, December 22, 2016. Senators and Congressmen confirmed CrowdStrike as the originator of the Russian Hacking story. Let’s not forget, the DNC and Hillary were the ones who hired CrowdStrike, just as they hired Fusion GPS.
CrowdStrike based their theory of Russian hacking on, 1. the Russian keyboard, 2. the targeting software for Ukrainian D-30 Howitzers, and 3. Historical behavior of Russia.
The following is a personal post I made on March 23, 2017, and thus, PURE opinion. Several of the links included are no longer active, yet, I described the material within the links. It may help give us all a closer look at CrowdStrike.
March 23, 2017: Daughn’s personal opinion post – NOT legacy media.
On March 22, I found an article from VOA and others and summed up the article in a post as follows: 
In a nutshell, Crowdstrike asserts that Ukrainian D-30 howitzers had an “app” that was hacked by the Russians during the Crimea incursion. Crowdstrike points to a report by IISS (English think tank which counts the sizes of armies and armaments available to various countries around the world) which claims significant loss of D-30 howitzers as evidence the Russians were successful in targeting this artillery.
But CrowdStrike’s argument falls apart, here:
1. IISS was never contacted about it’s report or conclusions and the creator of the “app” was never contacted by Crowdstrike. IISS claims they were reordering the estimates of global arms forces and were, in fact, making a correction for howitzer counts two years prior to the Crimea incursion.
2. Sherstyuk, maker of the Ukrainian military app in question, called the company’s report “delusional” in a Facebook post. CrowdStrike never contacted him before or after its report was published, he told VOA.
3. Jeffrey Carr, a cyberwarfare consultant who has lectured at the U.S. Army War College, the Defense Intelligence Agency, and other government agencies calls the evidence “flimsy” and goes further ….. “He (Carr) told VOA in an interview that CrowdStrike mistakenly assumed that the X-Agent malware employed in the hacks was a reliable fingerprint for Russian actors.
“We now know that’s false,” he said, “and that the source code has been obtained by others outside of Russia.””
4. Pavlo Narozhny, a technical adviser to Ukraine’s military, told VOA that while it was theoretically possible the howitzer app could have been compromised, any infection would have been spotted. “I personally know hundreds of gunmen in the war zone,” Narozhny told VOA in December. “None of them told me of D-30 losses caused by hacking or any other reason.”
Remember, CrowdStrike is the ONLY ONE who actually analyzed the DNC servers. FBI access to the physical servers (for examination) was denied. Strangely, instead of merely performing analysis for the DNC and issuing a report, the co-founder of Crowdstrike ALSO made appearances and gave interviews to PUSH the “Russian hacking” story.
That’s odd.
Why would Dmitri Alperovitch, co-founder of Crowdstrike, Russian ex-pat and senior fellow at the Atlantic Council policy research center in Washington, give interviews to the Washington Post and appear on PBS News Hour on December 22 of 2016, ONE WEEK prior to Obama’s actions against 35 Russian diplomats? 
It gets better. 
During these interviews, Alperovitch speculates the only person/entity who would gain from Russian hacking of an app to control D-30 Ukrainian howitzers AND the DNC would have been Vladimir Putin.
No kidding.
Understand, the world-wide media had been consumed by a story of Russian hacking and the only entity with the servers is Crowdstrike. NO ONE has questioned their results. Why?
Crowdstrike refused to answer questions from VOA and cancelled a March 15th interview. Why?
CrowdStrike said it was long familiar with the methods used by Fancy Bear and another group with ties to Russian intelligence nicknamed Cozy Bear. Soon after, U.S. cybersecurity firms Fidelis and Mandiant endorsed CrowdStrike’s conclusions. THUS, the media claims SEVERAL experts in cyber-security have confirmed the results of Crowdstrike.
Their spokesperson, spokeswoman Ilina Dimitrova defended the company’s conclusions. “It is indisputable that the [Ukraine artillery] app has been hacked by Fancy Bear malware,” Dimitrova wrote. “We have published the indicators to it, and they have been confirmed by others in the cybersecurity community.” Do you see what happened there?
To claim the D-30 howitzers “app” was hacked, with no other corroborating evidence, is a fundamentally invalid claim on its surface.
To tie an alleged D-30 howitzer hack (unproven and now contested) to an obscure report of worldwide armament loss (when you never called the guy who made the report on howitzer loss for verification) is tortured logic. To claim these two events are related….. and furthermore tied to a hack at the DNC………. in a conspiracy by Vladimir Putin……… is a bridge too far.
May 22, 2017: Daughn’s Personal post/opinion, NOT legacy media. This is an update and a compilation of new info about CrowdStrike, their walk-back of the D-30 software targeting claim, and twisted logic from their spox, who claimed – paraphrasing, even though they were wrong, the 17 Intel Agencies back up their findings….. but what if the IC was depending on the info from CrowdStrike (as is clearly stated Link here )to reach their conclusions? 
Bombshell: 
Yep, the whole DNC/MSM Russian hacking story is unraveling before our eyes.
CrowdStrike, the ONLY company allowed access to the DNC servers and the ONLY ones, with any authority, to claim “Russia hacked the DNC”, has now changed its original report, questioning their theory about the Ukrainian howitzers. 
Well, if the theory about the app hacking of Ukrainian howitzers is no longer valid —– then Russian hacking of DNC is no longer valid.
PLUS – Evelyn Farkas, Obama holdover, went on MSNBC and actually admitted their were targeting Trump AND leaking. OMG. She is either stupid, the scapegoat, or it’s a headfake.
Are you sitting down?
Evelyn Farkas is a high ranking “fellow” with The Atlantic Council. And guess who else is a senior fellow of the Atlantic Council? Dmitri Alperovitch – the founder and CTO of CrowdStrike! Alperovitch is head of the Atlantic Council’s “Cyber Statecraft Initiative”. The Atlantic Council is funded in part by the US State Department, NATO, the governments of Latvia and Lithuania, the Ukrainian World Congress, and the Ukrainian oligarch Victor Pinchuk. The Atlantic Council has been among the loudest voices calling for a new Cold War with Russia.
Hmmmmmm
Here is an overview from Treehouse which includes the Varkas interview/confession of conspiracy on MSNBC. 
https://theconservativetreehouse.com/…/oh-…/comment-page-4/…
Here is the link to the article talking about CrowdStrike’s changing theory – walk back of claims. 
http://www.voanews.com/a/cyber-firm-rewrites-p…/3781411.html
Here is the link to the original VOA article from March 22 questioning CrowdStrike’s theory and claims plus my summation below:http://www.voanews.com/a/crowdstrike-comey-rus…/3776067.html
Remember the DNC did NOT allow the FBI access to the DNC servers, despite many requests at different levels of authority.
One more important tidbit. We always try to look for coordination between the DNC/Hillary/Deep State/Obama holdovers and the news media. We found one primary link which fed the Crowdstrike information and narrative into NBC: Link Here

Crowdstrike insists that it’s Russia behind both Clinton’s and the Ukrainian losses. NBC carried the story because one of the partners in Crowdstrike is also a consultant for NBC. According to NBC the story reads like this.”The company, Crowdstrike, was hired by the DNC to investigate the hack and issued a report publicly attributing it to Russian intelligence. One of Crowdstrike’s senior executives is Shawn Henry, a former senior FBI official who consults for NBC News.

This represents everything I have for CrowdStrike and Russian Hacking of DNC/Hillary?/Podesta. PLEASE, add to it at will. ALL info is welcome. We need to flush out the theory and help our President.
End ~~~~ for now.