It’s like Nixon with these Clinton people. You’ve got enemies lists, plumbers, hatchet men, goon squads. So many that not even the principal knows what they’re all doing.
In my analogy it looks like Hillary and Mook would be Nixon and McCord and Elias and Sussmann would be Hunt and Liddy, and the political law group Elias split off from Perkins Coie were the Watergate burglars. Or would they be CREEP?
One thing we can say for certain is that there was no hacking and no Russians involved in Russiagate that weren’t working for Democrats in exchange for pay and green cards.
I doubt, however, that it was a single operation—there are too many moving pieces. How to coordinate meetings with FBI guys in DC that need to happen nearly simultaneously with London honeypot attempts? One way to do that is to have several operations running in parallel rather than in sequence using a window of dates, say 2-3 days, when your tasks must be complete, as a control measure. Added advantage of no one knows what everyone else is doing. EG Downer just knows he’s supposed to meet with a low level Trump staffer so he can say crap about him later, he doesn’t need to know that’s the same time a fake cyber attack will be mounted on the DNC.
IMO, this has always been behind Barr and Durham's claim that events leading to the CH investigation did not start in a London Pub or with Downer's report to the FBI.
The "hack" of the DNC has never looked legit.
ALL the firewalls break if Durham proves it was faked.
Former DNI Ratcliffe says he's given Durham 1,000 intel documents he thinks support more charges
>> Quote:
Former Director of National Intelligence John Ratcliffe says he's given John Durham, investigating the Justice Department actions in its Russia collusion probe, a trove of documents that he thinks support charges beyond those recently filed against cybersecurity lawyer Michael Sussman.
"Sussmann's is the first of what I would hope would be a number," of additional people charged, he told Fox News on Sunday.
Ratcliffe made the argument on what he said was "1,000 intelligence community documents" that he thinks support additional charges that he would "expect" Durham to bring, in addition to the declassified documents he's provided. [snip] <<
And don't forget that Trump delegated declassification authority to Durham. I have not heard of Biden yanking it back.
Also, note the fact that Durham's prosecutors notified the court that classified material could come into evidence in a trial in the Sussmann indictment.
There is subtle implication here: since US Intel cannot collect on domestic targets without a warrant, if the documents Ratcliffe provided to Durham's investigation are normal intel products, it has to have a Foreign component to it. That raises all sorts of intriguing possibilities of where Durham is going and how it plays into the investigation and prosecutions.
The other possibility is that much of the Ratcliffe material could be internal documentation from US IC entities, as opposed to intel they produced. Records of oh, say, "unmasking requests" by the Obama administration, for example. Or documents showing who in the IC was in direct or indirect contact with people implicated in the Russia Collusion Hoax.
Now, recall how Sarah Carter and John Solomon first became involved in exposing the hoax: they had started to report tantalizing details suggesting the possibility of improprieties in regard to the Trump/Russia investigation, when Solomon got a late night visit from two guys parked at the end of his driveway who simply identified themselves as people who worked in US IC, and that they had seen his and Carter's reporting, and they felt there was a story that needed to be told to the public about wrongdoing in the IC related to the Trump/Russia investigation. The stated motive for them to encourage Solomon and Carter to pursue the story was that the IC had been given many tools to do their job to help detect and thwart terrorist attacks, for example, and that these tools had been misused somehow by unspecified people in the IC in relation to the Trump/Russia investigation, and they feared if the people responsible were not held to account, the abuse would continue until such time that the public demanded the tools be taken away from the IC due to such ongoing abuses, drastically undercutting their ability to protect the country from bad guys.
Thus we know there is some component of the Russia Collusion Hoax that involves misuse of IC tools and capabilities.
This may be part of what Ratcliffe is alluding to wrt the classified documents he turned over to Durham, that support more charges.
This is going to get very interesting before its all over.
It's very long, very detailed, and very professionally done. He documents all manner of astounding linkages related to the production, dissemination. and promotion of the Steele Dossier. He is clearly not an amateur.
Again: all those linkages when connected to digital comms--even sometimes just metadata--turns into something bigger. I once had a big case--still one of the biggest in the district--in which I constructed a chart that tied physical surveillance to records of surveillees calling one another. It made a powerful impression on the jury--I know, because they told after the trial.
Something to consider re: the origins of the Russia Hoax:
>> “January 2016, is when Glenn Simpson, Christopher Steele, and Bruce Ohr start speaking together about a bunch of things they’re up to.” -- Kash Patel <<
Another thought: Cody Shearer was circulating a mini-version of the Dossier material in April 2016, including the sex perversion in a Moscow Hotel allegations.
Lastly, the copying of the DNC emails has been narrowed down to a small window of time of several days in late May 2016, given the dates on the emails themselves and the apparent 30 day retention of emails policy for the DNC email server. (The very small number of emails with dates > 30 days old all have some digital defect in the date field, and the operative hypothesis is if the server can't read the date on an email, it default is to retain it.) Whoever copied the emails and gave them to Wikileaks didn't do it in April or even early May.
And, as we all know by now, an analysis of the start/stop times for the file transfers and the total number of bytes transferred produces an average transfer rate that can't be done via internet between Europe and the US. The only technology that fits in with the the file transfer time stamp features and transfer rates are things like a USB thumb drive with solid state memory with a very specific file structure format common to USB thumbdrives.
Somebody desperately didn't want the FBI to have access to the DNC email servers. That could include high up officials within FBI as well as DNC, Perkins Coie, and Crowdstrike, because access could have revealed the hoax that was being perpetrated. (Note the same players from Perkins Coie are coordinating the DNC Hack Hoax just as Sussmann did with Joffe's Alfa bank DNS data hoax. Quite a coincidence. Pattern and practice?)
I'm still going with my hypothesis that Crowdstrike (or somebody like them) planted the malware in early April, in preparation for "Operation Blame the Russians" for a hack that wasn't supposed to actually happen, but just faked. Then someone like Seth Rich came along, copied the emails and gave them to Wikileaks, nearly blowing up the nicely planned fake hack op.
Funny. That's exactly the theory that I proposed to a friend earlier today.
Re the dynamic trio in early 2016, when Kash says they "started speaking together" you can probably take it to the bank that that includes emails and texts, etc. Which Durham probably has. That's the dynamic that changes speculation and correlation of events into something more solid.
BTW, the thing that is goofy about Crowdstrike's "attribution" methodology -- based on the manner and type of malware "tools" found on the targeted network, is demonstrably nonsense. The APT28, APT29 designations apparently apply to collections of malware tools, not organizations. The problem is once a set of malware tools are used, they are essentially released into the wild, and get scarfed up by many other hackers who repurpose the tools. The fact that some Russian hacking team used the tools a few years earlier does not mean the SAME PEOPLE ARE USING THEN ON THE DNC. It could literally be anyone.
A related question to which I do not know the answer, nor have I ever seen anyone one else raise this point: the hacking tools include things called "X-tunnel" and "X-transfer." The problem: those tools are apparently UNIX based tools, but the DNC email server ran on a Windows Email server O/S, not Unix!
Unless Unix tools will run on a Windows Email Server O/S, the whole thing is a fraud from the get go.
If you just at what is the likely scenario, someone (maybe SR) ran the Ms exchange routines that allow you to dump user or users emails to file(s). There likely would be some remnants of this in the server logs unless the user covered their tracks. Once the files were generated, which can be large depending on the amount of emails and attachments, you either 1) transfer them though the firewall (which is logged), 2) someone pulls them (external user) with tools through the firewall (logged), 3) transfers the files through a back door device which gave them access to the network (possible, but you would need to get into the building to install the device, or 4) a good old hard or thumb drive.
I don't buy the argument that the transfer rate was too slow, yada yada as you can send the files to some other machine possibly within the same hosting vendor (as if they hosted their servers alongside other company's servers in a big DC), or sent the files somewhere in the network providers local area as an interim dropoff and then forwarded to the final destination. This one is just too easy to poke holes in. I'm going with #4 as someone external would need to gain access through either a bug in the firewall or by sending malware through enail or someone clicking on malware and all would likely leave footprints. The simplest solution is SR ran the extract scripts and spun it off and they "bad guys" had to come up with some "plausible" nonsense to misdirect everyone from the fact that their IT guy got robbed/killed, but no one stole his valuables.
By the way, was starting to wonder where's Mark as you were offline for a short while. given your prolific nature. Thanks again for all the excellent analysis.
Thanks, Brian. I have no total solution, but it doesn't look right from multiple aspects. One thing I meant to add is: Don't forget that Durham probably has digital comms data for lots of people. That will tell him a lot.
It’s like Nixon with these Clinton people. You’ve got enemies lists, plumbers, hatchet men, goon squads. So many that not even the principal knows what they’re all doing.
In my analogy it looks like Hillary and Mook would be Nixon and McCord and Elias and Sussmann would be Hunt and Liddy, and the political law group Elias split off from Perkins Coie were the Watergate burglars. Or would they be CREEP?
One thing we can say for certain is that there was no hacking and no Russians involved in Russiagate that weren’t working for Democrats in exchange for pay and green cards.
I doubt, however, that it was a single operation—there are too many moving pieces. How to coordinate meetings with FBI guys in DC that need to happen nearly simultaneously with London honeypot attempts? One way to do that is to have several operations running in parallel rather than in sequence using a window of dates, say 2-3 days, when your tasks must be complete, as a control measure. Added advantage of no one knows what everyone else is doing. EG Downer just knows he’s supposed to meet with a low level Trump staffer so he can say crap about him later, he doesn’t need to know that’s the same time a fake cyber attack will be mounted on the DNC.
shipwreckedcrew.substack.com
@shipwreckedcrew
IMO, this has always been behind Barr and Durham's claim that events leading to the CH investigation did not start in a London Pub or with Downer's report to the FBI.
The "hack" of the DNC has never looked legit.
ALL the firewalls break if Durham proves it was faked.
Armageddon.
One last tidbit that may be relevant:
Former DNI Ratcliffe says he's given Durham 1,000 intel documents he thinks support more charges
>> Quote:
Former Director of National Intelligence John Ratcliffe says he's given John Durham, investigating the Justice Department actions in its Russia collusion probe, a trove of documents that he thinks support charges beyond those recently filed against cybersecurity lawyer Michael Sussman.
"Sussmann's is the first of what I would hope would be a number," of additional people charged, he told Fox News on Sunday.
Ratcliffe made the argument on what he said was "1,000 intelligence community documents" that he thinks support additional charges that he would "expect" Durham to bring, in addition to the declassified documents he's provided. [snip] <<
>> https://justthenews.com/government/white-house/asdfsdf-0 <<
And don't forget that Trump delegated declassification authority to Durham. I have not heard of Biden yanking it back.
Also, note the fact that Durham's prosecutors notified the court that classified material could come into evidence in a trial in the Sussmann indictment.
There is subtle implication here: since US Intel cannot collect on domestic targets without a warrant, if the documents Ratcliffe provided to Durham's investigation are normal intel products, it has to have a Foreign component to it. That raises all sorts of intriguing possibilities of where Durham is going and how it plays into the investigation and prosecutions.
The other possibility is that much of the Ratcliffe material could be internal documentation from US IC entities, as opposed to intel they produced. Records of oh, say, "unmasking requests" by the Obama administration, for example. Or documents showing who in the IC was in direct or indirect contact with people implicated in the Russia Collusion Hoax.
Now, recall how Sarah Carter and John Solomon first became involved in exposing the hoax: they had started to report tantalizing details suggesting the possibility of improprieties in regard to the Trump/Russia investigation, when Solomon got a late night visit from two guys parked at the end of his driveway who simply identified themselves as people who worked in US IC, and that they had seen his and Carter's reporting, and they felt there was a story that needed to be told to the public about wrongdoing in the IC related to the Trump/Russia investigation. The stated motive for them to encourage Solomon and Carter to pursue the story was that the IC had been given many tools to do their job to help detect and thwart terrorist attacks, for example, and that these tools had been misused somehow by unspecified people in the IC in relation to the Trump/Russia investigation, and they feared if the people responsible were not held to account, the abuse would continue until such time that the public demanded the tools be taken away from the IC due to such ongoing abuses, drastically undercutting their ability to protect the country from bad guys.
Thus we know there is some component of the Russia Collusion Hoax that involves misuse of IC tools and capabilities.
This may be part of what Ratcliffe is alluding to wrt the classified documents he turned over to Durham, that support more charges.
This is going to get very interesting before its all over.
My new blog article:
The Continuing Disappearance of Dossier Report 96
http://people-who-did-not-see.blogspot.com/2021/10/the-continuing-disappearance-of-dossier.html
This ties in well:
>> https://twitter.com/codyave/status/1444738151738527744 <<
The image attached to that tweet comes from Yaacov Aplebaum's magnificent work, " The Mechanics of Deception"
>> https://www.yaacovapelbaum.com/2018/03/17/the-mechanics-of-deception/ <<
It's very long, very detailed, and very professionally done. He documents all manner of astounding linkages related to the production, dissemination. and promotion of the Steele Dossier. He is clearly not an amateur.
Again: all those linkages when connected to digital comms--even sometimes just metadata--turns into something bigger. I once had a big case--still one of the biggest in the district--in which I constructed a chart that tied physical surveillance to records of surveillees calling one another. It made a powerful impression on the jury--I know, because they told after the trial.
Something to consider re: the origins of the Russia Hoax:
>> “January 2016, is when Glenn Simpson, Christopher Steele, and Bruce Ohr start speaking together about a bunch of things they’re up to.” -- Kash Patel <<
>> https://twitter.com/MonsieursGhost/status/1447967947759050756 <<
Another thought: Cody Shearer was circulating a mini-version of the Dossier material in April 2016, including the sex perversion in a Moscow Hotel allegations.
Lastly, the copying of the DNC emails has been narrowed down to a small window of time of several days in late May 2016, given the dates on the emails themselves and the apparent 30 day retention of emails policy for the DNC email server. (The very small number of emails with dates > 30 days old all have some digital defect in the date field, and the operative hypothesis is if the server can't read the date on an email, it default is to retain it.) Whoever copied the emails and gave them to Wikileaks didn't do it in April or even early May.
And, as we all know by now, an analysis of the start/stop times for the file transfers and the total number of bytes transferred produces an average transfer rate that can't be done via internet between Europe and the US. The only technology that fits in with the the file transfer time stamp features and transfer rates are things like a USB thumb drive with solid state memory with a very specific file structure format common to USB thumbdrives.
Somebody desperately didn't want the FBI to have access to the DNC email servers. That could include high up officials within FBI as well as DNC, Perkins Coie, and Crowdstrike, because access could have revealed the hoax that was being perpetrated. (Note the same players from Perkins Coie are coordinating the DNC Hack Hoax just as Sussmann did with Joffe's Alfa bank DNS data hoax. Quite a coincidence. Pattern and practice?)
I'm still going with my hypothesis that Crowdstrike (or somebody like them) planted the malware in early April, in preparation for "Operation Blame the Russians" for a hack that wasn't supposed to actually happen, but just faked. Then someone like Seth Rich came along, copied the emails and gave them to Wikileaks, nearly blowing up the nicely planned fake hack op.
Funny. That's exactly the theory that I proposed to a friend earlier today.
Re the dynamic trio in early 2016, when Kash says they "started speaking together" you can probably take it to the bank that that includes emails and texts, etc. Which Durham probably has. That's the dynamic that changes speculation and correlation of events into something more solid.
BTW, the thing that is goofy about Crowdstrike's "attribution" methodology -- based on the manner and type of malware "tools" found on the targeted network, is demonstrably nonsense. The APT28, APT29 designations apparently apply to collections of malware tools, not organizations. The problem is once a set of malware tools are used, they are essentially released into the wild, and get scarfed up by many other hackers who repurpose the tools. The fact that some Russian hacking team used the tools a few years earlier does not mean the SAME PEOPLE ARE USING THEN ON THE DNC. It could literally be anyone.
A related question to which I do not know the answer, nor have I ever seen anyone one else raise this point: the hacking tools include things called "X-tunnel" and "X-transfer." The problem: those tools are apparently UNIX based tools, but the DNC email server ran on a Windows Email server O/S, not Unix!
Unless Unix tools will run on a Windows Email Server O/S, the whole thing is a fraud from the get go.
Do any readers here know the answer to this?
If you just at what is the likely scenario, someone (maybe SR) ran the Ms exchange routines that allow you to dump user or users emails to file(s). There likely would be some remnants of this in the server logs unless the user covered their tracks. Once the files were generated, which can be large depending on the amount of emails and attachments, you either 1) transfer them though the firewall (which is logged), 2) someone pulls them (external user) with tools through the firewall (logged), 3) transfers the files through a back door device which gave them access to the network (possible, but you would need to get into the building to install the device, or 4) a good old hard or thumb drive.
I don't buy the argument that the transfer rate was too slow, yada yada as you can send the files to some other machine possibly within the same hosting vendor (as if they hosted their servers alongside other company's servers in a big DC), or sent the files somewhere in the network providers local area as an interim dropoff and then forwarded to the final destination. This one is just too easy to poke holes in. I'm going with #4 as someone external would need to gain access through either a bug in the firewall or by sending malware through enail or someone clicking on malware and all would likely leave footprints. The simplest solution is SR ran the extract scripts and spun it off and they "bad guys" had to come up with some "plausible" nonsense to misdirect everyone from the fact that their IT guy got robbed/killed, but no one stole his valuables.
Absolutely.
By the way, was starting to wonder where's Mark as you were offline for a short while. given your prolific nature. Thanks again for all the excellent analysis.
Slow news day yesterday for the holiday--I hate to just repeat unless I can add something. Took another mental health morning today.
Shawn Henry, eh?
https://dark2light.bearblog.dev/dirty-trick-squad/
Good stuff, Mark.
Thanks, Brian. I have no total solution, but it doesn't look right from multiple aspects. One thing I meant to add is: Don't forget that Durham probably has digital comms data for lots of people. That will tell him a lot.
Read this site every day. Thanks.
I heard the Russian that hacked the server was named Sethchelkey Richesfky.