Monday, December 19, 2016


1.     To provide you with  a full range of “public information” on the alleged Russian hacking of John Podesta  and the Democratic National Committee we are  attaching  an article + comments  which dispute statements made by the Obama administration. We have not evaluated these sources  and/or the credibility of their “analyses”.

2.      Previously, MIL-ED reported that the John Podesta penetration was a result of a Podesta staffer responding to a phishing request. This statement was denied by both the Obama administration and by the Democratic National Committee. However, now, all sides accept this explanation as the actual initiator of the penetration.

3.    . After the DNC penetration was detected, CrowdStrike, the consultants brought in by the Democratic National Committee  offered an explanation as to the penetration of the   Democratic  National Committee computer system. CrowdStrike’s explanation is accepted by both the Obama administration and the Democratic National Committee as to the actual initiation/operation of the penetration: 

CrowdStrike installed software on the DNC’s computers so that it could analyze data that could indicate who had gained access, when and how.The firm identified two separate hacker groups, both working for the Russian government, that had infiltrated the network, said Dmitri Alperovitch, CrowdStrike co-founder and chief technology officer. [The firm had analyzed other breaches by both groups over the past two years.]

One group, which CrowdStrike had dubbed Cozy Bear, had gained access last summer and was monitoring the DNC’s email and chat communications, Alperovitch said. The other, which the firm had named Fancy Bear, broke into the network in late April and targeted the opposition research files. It was this breach that set off the alarm. The hackers stole two files.  And they had access to the computers of the entire research staff — an average of about several dozen on any given day.
The computers contained research going back years on Trump. 

CrowdStrike is not sure how the hackers got in. The firm suspects they may have targeted DNC employees with “spearphishing” emails. These are communications that appear legitimate — often made to look like they came from a colleague or someone trusted — but that contain links or attachments that when clicked on deploy malicious software that enables a hacker to gain access to a computer. “But we don’t have hard evidence,” Alperovitch said.

The two groups did not appear to be working together, Alperovitch said. Fancy Bear is believed to work for the GRU, or Russia’s military intelligence service, he said. CrowdStrike is less sure of whom Cozy Bear works for but thinks it might be the Federal Security Service, or FSB, the country’s powerful security agency, which was once headed by Putin.

The lack of coordination is not unusual, he said. “There’s an amazing adversarial relationship” among the Russian intelligence agencies, Alperovitch said. “We have seen them steal assets from one another, refuse to collaborate. They’re all vying for power, to sell Putin on how good they are.”
The two crews have “superb operational tradecraft,” he said. They often use previously unknown software bugs — known as “zero-day” vulnerabilities — to compromise applications. In the DNC’s case, the hackers constantly switched tactics to maintain a stealthy presence inside the network and used built-in Windows tools so that they didn’t have to resort to malicious code that might trigger alerts. “They flew under the radar,” Alperovitch said.

The two groups have hacked government agencies, tech companies, defense contractors, energy and manufacturing firms, and universities in the United States, Canada and Europe as well as in Asia, he said.

Cozy Bear, for instance, compromised the unclassified email systems of the White House, State Department and Joint Chiefs of Staff in 2014, Alperovitch said.

“This is a sophisticated foreign intelligence service with a lot of time, a lot of resources, and is interested in targeting the U.S. political system,”
Russia has always been a formidable foe in cyberspace, but in the past two years, “there’s been a thousand-fold increase in its espionage campaign against the West,” said Alperovitch.

CrowdStrike is continuing the forensic investigation. The firm has installed special software on every computer and server in the network to detect any efforts by the Russian cyberspies to break in again. 

4.    A group of retired senior intelligence officials, including the NSA whistleblower William Binney (former Technical Director, World Geopolitical & Military Analysis, NSA), have posted an open letter  that directly contradicts   the Obama administration's "Russian hacking" narrative. 

 Within the letter, Binney argues that, due  to  NSA’s "extensive domestic data-collection network," any data removed remotely from Hillary Clinton or DNC servers would have passed over fiber networks and therefore would have been captured by  NSA who could have then analyzed packet data to determine the origination point and destination address of those packets. 
 Binney claims that, the only way the leaks could have avoided NSA detection is if they were never passed over fiber networks but rather downloaded to a thumb drive by someone with internal access to servers.

Binney states: We have gone through the various claims about hacking. For us, it is child’s play to dismiss them. The email disclosures in question are the result of a leak, not a hack. [Here’s the difference between leaking and hacking: [Leak: When someone physically takes data out of an organization and gives it to some other person or organization, as Edward Snowden and Chelsea Manning did. Hack: When someone in a remote location electronically penetrates operating systems, firewalls or any other cyber-protection system and then extracts data.]

"All signs point to leaking, not hacking. If hacking were involved, the National Security Agency would know it – and know both sender and recipient.
 Thanks largely to the material released by Edward Snowden, we can provide a full picture of NSA’s extensive domestic data-collection network including Upstream programs like Fairview, Stormbrew and Blarney. These include at least 30 companies in the U.S. operating the fiber networks that carry the Public Switched Telephone Network as well as the World Wide Web. This gives NSA unparalleled access to data flowing within the U.S. and data going out to the rest of the world, as well as data transiting the U.S. These data transfers carry destination addresses in what are called packets, which enable the transfer to be traced and followed through the network.”

Binney further notes that the manner in which the media's "sources" are equivocating by using phrases like "our best guess" implies that the NSA has not been able to trace the Hillary or DNC "hacks" across fiber networks.  And, since the NSA tracks basically every packet that travels across U.S. networks, Binney concludes that it's effectively impossible that the WikiLeaks data came from a "hack."
"The evidence that should be there is absent; otherwise, it would surely be brought forward, since this could be done without any danger to sources and methods. Thus, we conclude that the emails were leaked by an insider . Such an insider could be anyone in a government department or agency with access to NSA databases, or perhaps someone within the DNC.”     


As the hysteria about Russia’s alleged interference in the U.S. election grows, a key mystery is why U.S. intelligence would rely on “circumstantial evidence” when it has the capability for hard evidence, say U.S. intelligence veterans.

Allegations of Hacking Election Are Baseless
A New York Times report on Monday alluding to “overwhelming circumstantial evidence” leading the CIA to believe that Russian President Vladimir Putin “deployed computer hackers with the goal of tipping the election to Donald J. Trump” is, sadly, evidence-free. This is no surprise, because harder evidence of a technical nature points to an inside leak, not hacking – by Russians or anyone else.

Monday’s Washington Post reports that Sen. James Lankford, R-Oklahoma, a member of the Senate Intelligence Committee, has joined other senators in calling for a bipartisan investigation of suspected cyber-intrusion by Russia. Reading our short memo could save the Senate from endemic partisanship, expense and unnecessary delay.

In what follows, we draw on decades of senior-level experience – with emphasis on cyber-intelligence and security – to cut through uninformed, largely partisan fog. Far from hiding behind anonymity, we are proud to speak out with the hope of gaining an audience appropriate to what we merit – given our long labors in government and other areas of technology. And corny though it may sound these days, our ethos as intelligence professionals remains, simply, to tell it like it is – without fear or favor.

We have gone through the various claims about hacking. For us, it is child’s play to dismiss them. The email disclosures in question are the result of a leak, not a hack. Here’s the difference between leaking and hacking:

Leak: When someone physically takes data out of an organization and gives it to some other person or organization, as Edward Snowden and Chelsea Manning did.

Hack: When someone in a remote location electronically penetrates operating systems, firewalls or any other cyber-protection system and then extracts data.

All signs point to leaking, not hacking. If hacking were involved, the National Security Agency would know it – and know both sender and recipient.

In short, since leaking requires physically removing data – on a thumb drive, for example – the only way such data can be copied and removed, with no electronic trace of what has left the server, is via a physical storage device.

Awesome Technical Capabilities
Again, NSA is able to identify both the sender and recipient when hacking is involved. Thanks largely to the material released by Edward Snowden, we can provide a full picture of NSA’s extensive domestic data-collection network including Upstream programs like Fairview, Stormbrew and Blarney. These include at least 30 companies in the U.S. operating the fiber networks that carry the Public Switched Telephone Network as well as the World Wide Web. This gives NSA unparalleled access to data flowing within the U.S. and data going out to the rest of the world, as well as data transiting the U.S.

In other words, any data that is passed from the servers of the Democratic National Committee (DNC) or of Hillary Rodham Clinton (HRC) – or any other server in the U.S. – is collected by the NSA.  These data transfers carry destination addresses in what are called packets, which enable the transfer to be traced and followed through the network.

Packets: Emails being passed across the World Wide Web are broken down into smaller segments called packets. These packets are passed into the network to be delivered to a recipient. This means the packets need to be reassembled at the receiving end.

To accomplish this, all the packets that form a message are assigned an identifying number that enables the receiving end to collect them for reassembly. Moreover, each packet carries the originator and ultimate receiver Internet protocol number (either IPV4 or IPV6) that enables the network to route data.

When email packets leave the U.S., the other “Five Eyes” countries (the U.K., Canada, Australia, and New Zealand) and the seven or eight additional countries participating with the U.S. in bulk-collection of everything on the planet would also have a record of where those email packets went after leaving the U.S.

These collection resources are extensive [see attached NSA slides 1, 2, 3, 4, 5]; they include hundreds of trace route programs that trace the path of packets going across the network and tens of thousands of hardware and software implants in switches and servers that manage the network. Any emails being extracted from one server going to another would be, at least in part, recognizable and traceable by all these resources.

The bottom line is that the NSA would know where and how any “hacked” emails from the DNC, HRC or any other servers were routed through the network. This process can sometimes require a closer look into the routing to sort out intermediate clients, but in the end sender and recipient can be traced across the network.

The various ways in which usually anonymous spokespeople for U.S. intelligence agencies are equivocating – saying things like “our best guess” or “our opinion” or “our estimate” etc. – shows that the emails alleged to have been “hacked” cannot be traced across the network. Given NSA’s extensive trace capability, we conclude that DNC and HRC servers alleged to have been hacked were, in fact, not hacked.

The evidence that should be there is absent; otherwise, it would surely be brought forward, since this could be done without any danger to sources and methods. Thus, we conclude that the emails were leaked by an insider – as was the case with Edward Snowden and Chelsea Manning. Such an insider could be anyone in a government department or agency with access to NSA databases, or perhaps someone within the DNC.

As for the comments to the media as to what the CIA believes, the reality is that CIA is almost totally dependent on NSA for ground truth in the communications arena. Thus, it remains something of a mystery why the media is being fed strange stories about hacking that have no basis in fact. In sum, given what we know of NSA’s existing capabilities, it beggars belief that NSA would be unable to identify anyone – Russian or not – attempting to interfere in a U.S. election by hacking.

For the Steering Group, Veteran Intelligence Professionals for Sanity (VIPS)
William Binney, former Technical Director, World Geopolitical & Military Analysis, NSA; co-founder, SIGINT Automation Research Center (ret.)
Mike Gravel, former Adjutant, top secret control officer, Communications Intelligence Service; special agent of the Counter Intelligence Corps and former United States Senator
Larry Johnson, former CIA Intelligence Officer & former State Department Counter-Terrorism Official
Ray McGovern, former US Army infantry/intelligence officer & CIA analyst (ret.)
Elizabeth Murray, Deputy National Intelligence Officer for Middle East, CIA (ret.)
Kirk Wiebe, former Senior Analyst, SIGINT Automation Research Center, NSA (ret.)

 Comments for “US Intel Vets Dispute Russia Hacking Claims”

• FobosDeimos 
December 12, 2016 at 11:27 pm 
It is simply incredible that this hysteria about Russian “hackers” has reached such proportions. The way they phrase these accusations (or the headlines) it sounds as if Russia had actually hacked the electronic voting machines!!! However, as the authors explain, what the NYT and the rest of the MSM are insinuating seems to be that Russia is somehow responsible for having disclosed or helped disclose (leaked) a ton of emails that show the machinations of the DNC when they sabotaged Bernie Sanders’ campaign, and HRC’s true nature as a corporate puppet. In other words, “Russia” would be responsible for allowing the American voters to gain access to such vital true FACTS through Wikileaks, which were eventually published by the media (as they had no other choice). None of these  even try to insinuate that the leaked emails contained “fake news”. I don’t think that Russia is behind this turn of events, while it is obvious that the NYT, the Washington Post and most of the media worked 24/7 at full speed to “tilt” the US elections in favor of Hillary, by publishing and airing non-stop diatribes and insults against Trump and his voters.
December 13, 2016 at 2:22 am 
Hillary Clinton herself first used the “Russian hackers” as a campaign ploy, along with the “Trump is Putin’s puppet” meme around the time of the conventions. It got no traction, as most people thought the notion was ludicrous. Moreover, if the intelligence agencies entertained it seriously they either bungled any investigation or put such an investigation on the back burner for any number of  reasons. This assumes that, even if real, the public actually read and paid any mind to the wikileaks emails. How many of you ever read a single such email? We may have read accounts of them, but who read the actual documents, and, amongst those who did, how many were swayed to cast their vote based, even partially, on them? 
• The emails were such a low profile issue in the campaign that it seemed over the top (at least to me) when Hillary went to the bother of claiming that they were “faked,” along with most of the news and analysis not coming from the “mainstream” media. 
• The actions of most politicians, like Hillary, and state governments, like that of Russia, are governed by probabilities. If she didn’t think she’d have an excellent chance of winning, she wouldn’t have run, unless she also thought that a little cheating (as perpetrated against Bernie Sanders) could improve her odds. In fact, I would submit that, in addition to taking actions to hold Sanders back, the Clinton campaign probably did everything in their power to increase the probably that a candidate with the high unfavorability ratings of Trump would be her opponent in the general election. I know that the mainstream media did everything to enhance Trump’s chances during the primaries, always covering his every move and portraying his series of wins to be history in the making. It seemed like they were hand-picking Hillary’s opponent as yet another favor to her. Hillary seemed like a sure thing and Trump seemed like a guy being set up to lose, like the Washington Generals do without fail to the Harlem Globetrotters.
With all those probabilities in mind, what would it gain Putin to risk alienating the anticipated future American president by hacking her emails and putting them on display to the world? Apparently, he’s reaped the downside of such subterfuge without even a shred of evidence that he ordered it, or that any Russian, even a free-lancer, was involved.
• Or that, as those who suggest that the emails were leaked rather than hacked by a Washington insider (perhaps someone from the NSA, the CIA or the FBI), he received any benefit whatsoever from the release of this information which was mostly ignored or actually used as a cudgel against Trump by Hillary herself.. Why should Russia expect that they could swing the election to a huge underdog in Trump on the basis of evidence that was already being condemned as “fake” or “illgotten goods” by Hillary herself and was largely ignored by the public? Putin is usually very smart, why would he be so reckless for such little in return in this one instance? That would be very un-Putin-like. In fact, it sounds much more Hillary-like, as we’ve already established that she cheated against Bernie in the primaries. I am sure that Putin also realizes that just having damning information against Hillary would in no way give him the power to stuff American ballot boxes or to hack the actual voting machines (even if such were possible) which are not interfaced with the internet. Even internal American political partisans have yet to find a way to hack the machines without setting hands on them. In fact, they rely more on various voter suppression laws–all nice and legal which rarely get overturned by the courts. So, unless Lindsey Graham and the rest of the Republican establishment work for Putin, the Russians did nothing to change the outcome of this election. Nor could they. The idea is risible: this is not Ukraine.

Janet Masleid 
December 15, 2016 at 3:07 am
• There is one person who actually says he met with the leaker of the emails. 
• Glenn Greenwald (Pulitzer Prize winner and co-founder of The Intercept) quotes Mr. Murray as well. 
”Craig Murray, the former UK ambassador to Uzbekistan, who is a close associate of Assange, called the CIA claims “bullshit”, adding: “They are absolutely making it up.”
• “I know who leaked them,” Murray said. “I’ve met the person who leaked them, and they are certainly not Russian and it’s an insider. It’s a leak, not a hack; the two are different things.
• “If what the CIA are saying is true, and the CIA’s statement refers to people who are known to be linked to the Russian state, they would have arrested someone if it was someone inside the United States.
• “America has not been shy about arresting whistleblowers and it’s not been shy about extraditing hackers. They plainly have no knowledge whatsoever.”
They haven’t had any real knowledge about ‘Russian hacking’ all summer and they still don’t. HRC hasn’t had special security briefings and hasn’t even held office. This is all circumstantial ‘evidence’ and pretty sure we are meant to fear the Russians at the end of the day no matter what. 
Unless something changed, as of the weekend of December 11, 2016, there was a conversation between Jake Tapper and RNC chair, Reince Preibus with Preibus basically yelling at Tapper insisting that he had personally been assured by the FBI that no hacking (or leaking) of RNC emails had occurred. So… this talk of treason that is being promoted… good Heavens. Actually, there was quite a bit of yelling… to get his point across and be heard. How odd that MSM has come to this? How odd that we are being directed as to who we can and cannot listen to (”fake news”). How sad and frightening that MSM cannot fathom for themselves what is their own fake news. How easily will we allow ourselves to be manipulated?
Manufactured Consent. It is what they require from us.
Who are these opinionated people any way? Isn’t Clapper the one who is retiring and who stood there and lied to Congress’ face about there not being any spy program against us U.S. citizens–until wikileaks and Edward Snowden proved otherwise (about the presence of the N.S.A. program?) And isn’t the CIA the same outfit that kept having the documents ‘massaged’ until they found the wording suitably inflammatory to be used to show ‘evidence’ of weapons of mass destruction in Iraq? 
I mean, really! 
Any way, here is former UK ambassador to Uzbekistan and what he has to say about the so-called Russian ‘evidence.’ He is quite the fellow.

Janet Masleid 
December 15, 2016 at 6:18 am 
I just read this article on the NYT’s. They are Hell bent on accusing Putin/Kremlin of having ‘military’ hackers alter our elections. It looks like numerous parties were phishing. .not even in a coordinated fashion at times. So maybe everyone wanted to leak info?
• Thought I’d post it here as it has great links in it. The comments on the NYT’s are always interesting. Apparently CrowdStrike has the proof behind the claims for some of this. Perhaps only Assange et al will ever really know who all the players are who gave this information. 
Did exposing unpleasant truths actually subvert our democracy? Are we really going to ”blame the Russians” for all of the many issues that we as a nation have with our election process? Are we going to pretend that the Russians are so magical that they could physically access our electronic voting machines and corrupt the output (as has been suggested in past elections). Electronic voting machines do not need to be proprietary and off limits.

December 13, 2016 at 6:48 am 
Craig Murray and Julian Assange are two of the the very few people with access to the source of the DNC leak. They have stated the same thing that VIPs have figured out.
“I know who leaked them,” Murray said. “I’ve met the person who leaked them, and they are certainly not Russian and it’s an insider. It’s a leak, not a hack; the two are different things.”

• <
December 14, 2016 at 9:46 pm 

 The CIA keeps raising the ante, saying today that they have the personal words of spies in the Kremlin that Putin personally ordered the meddling in our election. There are at least two people, including an ambassador from Great Britain who says he received personal word that it was a Washington insider who leaked, not hacked, the emails. 
December 13, 2016 at 9:06 am 
Here’s a quote that tends to reinforce what was stated in this article —
Craig Murray, the former UK ambassador to Uzbekistan, who is a close associate of Assange, called the CIA claims “bullshit”, adding: “They are absolutely making it up.”
“I know who leaked them,” Murray said. “I’ve met the person who leaked them, and they are certainly not Russian and it’s an insider. It’s a leak, not a hack; the two are different things.”

Daniel Foley 
December 13, 2016 at 12:15 pm 
Last May a group of members of the VIPS (a lot more than have signed onto this letter/story) ran a story about what was taking place about the e-mails released by Assange. They referred to the e-mails as being “hacked”. Now they insist that they weren’t hacked they were only leaked. They now claim that there is no Russian involvement because of their word change. Call it what you like it did take place and you provide no proof that Russia was not involved. Provide names of people who have proof that Russia has not been involved. There are many on this site that claim to have knowledge of who is really involved. “Where there is smoke there is usually fire”?
Steve Naidamast 
December 13, 2016 at 4:11 pm 
There is absolutely nothing wrong with the majority of US analysts that work in our intelligence agencies. Most of them are hard working honest men and women who most often make solid analysis of the situations they are studying. It is the people above them who as often take good intelligence and politicize it for their own purposes.
“In short, since leaking requires physically removing data – on a thumb drive, for example – the only way such data can be copied and removed, with no electronic trace of what has left the server, is via a physical storage device.”
Second, I am very surprised that William Binney would sign off on a letter that promotes the idea that transferring data from any machine to any device could possibly hide such activity from the activity logs. There are many activity tracking programs in the public domain that do just this job alone (ie:, which are used to monitor such activity in US corporations. I am quite sure that our intelligence agencies have their own versions of such software.
As a result, it is highly unlikely that such data would be easily taken out of an intelligence center unless one of two things occurred; one, such programs are not implemented on all workstations and servers where certain personnel may not be under such restrictions, which is highly unlikely, or two, a person in the intelligence agencies was able to get around such restrictions prior to making the copies of such data, which is a possibility given the nature of sophistication that hackers today have let alone agency technical personnel. The people who have the minds to build such software know how to bypass it as well.
The more likely scenario was that such data was leaked by a person that routinely gets such information as part of a larger group where such tracking restrictions cannot apply to hard copy data though the names of such people are registered.
If however, the data ‘leaked” was from a person inside one our intelligence agencies than that person would have to perform some level of a “hack” in order to get around any activity tracking software (this includes using an administrator password he or she may have stolen or have gotten through legitimate means that overrides any activity tracking) and then “leak” the data.
Anything else would have simply been pure sloppiness on the part of the intelligence agencies, which is quite possible considering that Mr. Binney and an associate (If I remember correctly) developed probably one of the finest data analysis programs in computer history only to have their efforts thrown away so that agency heads could spend billions more on similar but completely useless software…
December 13, 2016 at 4:59 pm 
Another weakness in this Russian hackers story is that someone was trying to tip the election in favor of Trump. But the real revelation from the DNC emails was how the party leadership conspired to thwart Sanders. If anyone was trying to ‘tip’ the election they would have released this information during the primaries where they just might have pushed the Sanders campaign over the top. 
The Wall Street speech emails again might have been fatal for Clinton if they had been released during a key primary stretch when Bernie was gaining momentum. Hillary’s relationship with Wall Street was a central issue for the Sanders campaign, but was barely mentioned by Trump since he and Clinton both had cozy relations with the banks. In other words, the motive and the means simply don’t match up.

Aren Haich 
December 13, 2016 at 5:16 pm 
When Americans talk of Russian interference in the US elections, they should remember what happened in Russia in 1996.
• President Yeltsin’s public opinion was at a historical low point, a fifth place among presidential candidates, with only 8 percent support, while Communist Party leader Gennady Zyuganov was in the lead with 21 percent just before the 1996 elections.
• Then an American team of four experts in PR arrived in Moscow and turned the whole thing around and Yeltsin won the presidency.,8599,2107565,00.html

December 13, 2016 at 5:27 pm 
The CIA’s apparent lack of direct reporting from a source inside the Kremlin or an electronic intercept points to an internal threat to US security.
The notion that US and NATO cyber operations are purely defensive is a myth.
The US and UK possess elite cyber capabilities for both cyberspace espionage and offensive operations.
Both the US National Security Agency (NSA) and the British Government Communications Headquarters (GCHQ) are intelligence agencies with a long history of supporting military operations. US military cyber operations are the responsibility of US Cyber Command, whose commander is also the head of the NSA.
US offensive cyber operations have emphasized political coercion and opinion shaping, shifting public perception in NATO countries as well as globally in ways favorable to the US, and to create a sense of unease and distrust among perceived adversaries such as Russia and China.
The Snowden revelations made it clear that US offensive cyber capabilities can and have been directed both domestically and internationally.
Recent US domestic cyber operations have been used for coercive effect, creating uncertainty and concern within the American government and population.
The perception that a foreign attacker may have infiltrated US networks, is monitoring communications, and perhaps considering even more damaging actions, can have a disorienting effect.
US offensive cyber warfare operations work in tandem with aggressive US and NATO propaganda efforts against the governments of Iran, Libya, Syria, Ukraine, Russia and China.
The US perpetually seeks to portray these governments as human rights violators against whom an oppressed population has risen in defiance.
Despite its clumsiness, a good portion of the Western public has found the US/NATO propaganda persuasive. Western factions critical of Russia will find new complaints about “Russian hacking” credible.
The recent memorandum by Veteran Intelligence Professionals for Sanity (VIPS) concerning the baseless allegations of hacking highlights a critical point:
“As for the comments to the media as to what the CIA believes, the reality is that CIA is almost totally dependent on NSA for ground truth in the communications arena.”
Journalists are encouraged to investigate NSA involvement in domestic offensive cyber warfare operations.

December 13, 2016 at 6:46 pm 
Question to folks here…I read/heard “somewhere” that the “digital fingerprints” on the hacked email servers at DNC showed tools used that are considered rather rudimentary, available to and from a variety of sources ( read Wikileaks ) and most likely NOT be used by the sophisticated Russian security services. Have you heard any of this?

December 13, 2016 at 8:50 pm 
Question: What if the hacked payload was encrypted and sent over some anonomyzing network like Tor? Wouldn’t it be hard for the NSA to track it then, if it was hacked in that way?

December 13, 2016 at 11:15 pm 
Couldn’t there have been a hack of the DNC server to send the data to a computer somewhere (anywhere) for transfer to a physical device that would end the trace route trail? I could well be missing something as I am no expert on these matters, but the argument here does not persuade me one way or the other. I would like to see an end to this interference in our election by the CIA, which is illegitimate regardless of where Wikileaks got the DNC emails, but hesitate to cite this article without knowing it is conclusive.

John XYZ 
December 13, 2016 at 11:34 pm 
I tend to agree with the conclusions of the article – that the info was leaked rather than hacked, and that the effort to blame Russia was McCarthyist in nature – if only for intuitive reasons.
I don’t think the reasoning given in the article is clear-cut, though:
Yes, the NSA probably has a much clearer picture than it has shown, giving people a reason to expect a more convincing case than an argument from authority. But it’s not as strange that the CIA is the one making allegations, if the NSA is in the role of preparing the research and the CIA is taking the responsibility of presenting it.
Yes, the NSA and all of its appendages have very sophisticated mechanisms for monitoring Internet traffic when it’s a system they care about, but who’s to say that the DNC records never passed through some “don’t care” zone? Just taking Clinton as an example, it’s clear that security isn’t a top priority within highly political circles, and while the NSA is likely to monitor many things, even they might be uninterested in recording every detail of terrabytes upon terrabytes of packets of kitten videos and the like, and if they didn’t they wouldn’t be able to call upon the information later if an incident occurred. If a packet falls down in a subnet and nobody’s there to record it, does it make a sound?
Yes, a normal packet is traceable, but if it hits an anonymizing network or a proxy the trail could be lost. Maybe the NSA is shooting for some kind of surveillance at all ends, but if you encrypt or reconstruct the packet along the way, it will be harder to tell that it’s the same packet unless you’re also able to compare the contents of the message. And there are possible countermeasures to that, too.
Yes, under normal circumstances each packet is its own visible entity, so a large stream of packets going in some unexpected direction would be noticeable, but a sophisticated hacker would spend effort to obscure their activities. If they can compromise many machines, or disassemble messages into many small pieces which can piggyback on legitimate messages, the promise of a tell-tale packet containing a hack becomes more tenuous.
Yes, blame-the-Russians is a tedious propaganda ploy of the desperate, but it’d be next to impossible to establish that no technically competent individual with some association with Russia (hey, it’s a big country) made any effort to cyber-influence the election, and it’s certainly well within the realm of the plausible that one superpower would try to exert some influence over another.
Yes, a leak isn’t the same thing as a hack, but it doesn’t mean that a would-be leaker can’t be affiliated with Russia, and the distinction between a leak and a hack is probably lost on the general public.

Coleen Rowley 
December 14, 2016 at 11:40 am 
It’s great that this piece has initiated such great questions and deep thinking about the various issues involved in what may or may not have happened, especially since our mainstream media reporters–most recently NYT reporters Lipton, Sanger and Shane–mostly just simply regurgitate what their CIA officials are green-lighted to “leak” to them in hushed tones as “Operation Mockingbird” has been revived. 
By the way, my decision not to sign the above piece had nothing to do with political partisanship as one comment suggests. I agree with many of the comments that suggest we actually should realize there are more questions than we have answers for. If only our mainstream media would probe their CIA (and NSA) handlers a little to find out such things as why, if the two groups–“Cozy Bear” and “Fancy Bear” hackers—were both working under the direction of the Russian Govt and military, then why did they step on each others’ toes so much and not coordinate anything, if in fact they were being “directed” from on high as part of nation spycraft? If the DNC is so critical to US democracy and infrastructure, why is it not given any cyber-security assistance? There are many more questions that should be asked and answered before CIA conclusions are blindly accepted.

December 14, 2016 at 1:48 pm 
CrowdStrike, an American cybersecurity technology firm based in Irvine, California, gained notoriety for allegedly outing nation state actors conducting economic espionage and IP theft. The Democratic National Committee hired CrowdStrike to investigate a possible breach of their system in May 2016.
In June 2016, Dmitri Alperovitch, co-founder and chief technology officer of CrowdStrike, presented findings that alleged “two separate Russian intelligence-affiliated adversaries” dubbed “Cozy Bear” and “Fancy Bear” had penetrated the DNC network in May.
Seldom reported is the fact that Alperovitch is a Senior Fellow at the Atlantic Council “regime change” think tank.

December 14, 2016 at 6:56 pm 
If Mr.Putin had all the email material before the election why would he give it to Wikileaks? It would surely be better to hold onto it for use as required after Mrs. Clinton had been elected. Had she become an irritation to him he could have dropped a few choice pages into the mix, when the furore was subsiding drop a few more in. He could have kept her term of government in a constant paralysis of scandal maybe even impeachment. No, giving them to Wikileaks would have been a waste of valuable assets from his point of view. He never had them, perhaps wished he had.

December 14, 2016 at 10:19 pm 
I don’t mean to sound skeptical because I’m not but would this information in fact contradict any claims that they know about the hacks, can trace them to a server, but don’t know where it went after that? Once it leaves US servers, can they still trace the packets? I think that’s the claim isn’t it? I could be wrong so please do correct and/or infom me if I am.

Thomas J Mattingly 
December 14, 2016 at 11:11 pm 
Given former ownership of a telecom company and my work with intel veterans (who are not necessarily sane) related to the above letter, I’ll give you a first bite at an answer — and encourage more knowledgeable folks to provide you with a more definitive answer…
NSA & “Five Eyes” intel agencies can track sender & receiver of most data streams in most if not all countries — especially something as large as the DNC/Podesta emails. There are NO public claims (so far) that CIA/NSA can trace this data to a specific (email) server.
What the six (6) VIPS signatories say is that CIA is overreaching when CIA says ‘Russia did the DNC/Podesta email hacks’ (or something close). What others say that CIA says is NOT consistent with any such intel, analysis & conclusion — and CANNOT be (for technical reasons — having nothing to do with “sources & methods”).

December 15, 2016 at 4:48 am 
Poor technical knowledge demonstrated here. the 5 eyes an see the data while it is in transit from sender to receiver, but NOT if a hacker broke in remotely and transferred the files out using some other protocol(no one would hack in and email shit out….LUNACY) also, hackers tend to hide their trail with proxies and vpns, proxies make it more difficult to trace, but not impossible, but vpns, especially chained, it’s gonna be a lot harder to trace with certainty. Email may be broken wide open for them, but ssh and other methods of obscuring packet contents exist, widely.

Sustainable Abundancy 
December 15, 2016 at 1:59 pm 
James: No one said that hackers “would hack in and email shit out.” In fact, VIPS & Veterans Today (VT) say that the DNC/Podesta emails were a “leak” — NOT a “hack.” Based on open & accepted sourcing, VT says that Israel gets much RAW intel data directly from NSA. VT says that NSA & Israelis are the original & proximate sources (respectively) of the DNC/Podesta emails for WikiLeaks.
Yes, intel agencies & hacker groups use proxies & VPNs etc. to hide their hacking — very effectively. However, WikiLeaks possession of the DNC/Podesta emails were almost undoubtedly due to a “leak,” not a hack (as said).
Use of hacker code names such as “Cozy Bear” and “Fancy Bear” appear to be (or at least might be) a concerted effort to cast aspersions on the Russian “bear.” Definitive public intel on who did what to whom (and when) is not yet available.

Mark H 
December 15, 2016 at 10:11 am 
How can NSA trace if multiple VPN are used, that go in part through countries where there is no juristiction, also using hacked Devices in multiple countries, which also use multiple VPN in multiple countries to do the hack, ultimately ending up going in a circle back to the source, leaving a copy where ever the data traversed. 
A hacker could also deposit the data on ever increasing number of devices, spreading it like a virus, world wide. It could be encrypted also so only intended hacker could read it. The device doing the initial hack could be a pre hacked zombie device in unfreindly nation or the USA its self.
Where theres a will theres a way it would be impossible to say who did the hacking and any country could be set up like they did it.

December 15, 2016 at 4:34 pm 
I was going to ask :
• 1) can we really be sure that “The evidence that should be there is absent; otherwise, it would surely be brought forward”
• and
• 2) are we really sure “this could be done without any danger to sources and methods” ?
I think you and Sustainable Abundancy answered my question #1 and pretty sure there is no way to asses the veracity of an intelligence agency claiming “danger to sources and methods “

Sustainable Abundancy 
December 15, 2016 at 7:01 pm 
Jagger: For one answer to your Q#1, you’re welcome. Re Q#2, others with clearances can easily determine any danger to “sources & methods.” 
Regardless, both anti-Russia NeoCon hawks & liberal hawks in Congress appear to want to drag out investigations & hearings — to stop Trump from working with Russia to eliminate ALL terrorist groups in Mideast & elsewhere and on trade issues & sanctions elimination, both of which have great potential to benefit U.S. & other workers & businesses.

December 16, 2016 at 5:27 pm 
I agree; this article seems distressingly specious. It’s founded entirely on the assumption that (1) the NSA would know if packets went to Russia (which just raises another question, what if Russians did the hacking from a different country?); and (2) the NSA would tell us if it did. This totally ignores basic computer technology like VPNs, spoofing,and other measures that intelligent computer programmers can use to falsify or hide packet routing. The first thing I’d do if I was going to steal a bunch of computer data would be to make it look like someone on the inside released the data.
There are so many problems with this article from the standpoint of the state of computer technology and general logic that I question not just its veracity, but the reason for its existence. It’s incredibly poorly-researched and falls apart by the introduction of simple logic. This is the first time I’ve read anything here, and will probably be the last.

December 15, 2016 at 10:29 am 
I appreciate this article, esp. the distinction between hacking and leaking. However, still difficult for me to know what to believe. From other reporting, it seems the agencies and security firms DO have the info supporting a hack by, or from Russia. 
Would you please followup or expand on this, particularly, would you please specifically address this article in NYT By ERIC LIPTON, DAVID E. SANGER and SCOTT SHANE DEC. 13, 2016?

Geoffrey de Galles 
December 15, 2016 at 3:12 pm 
• Bill Binney and Ray McGovern have just now given excellent interviews to Brian Becker for his “Loud and Clear” show on Sputnik Radio (@ Wash DC), both of them posted on YouTube today (go find!). A query:- Is it conceivable that the documents published by Wikileaks were both a hack and a leak, as it were? Seeing as not just the NSA but also the snooping organizations of the other four ‘Five Eyes’ nations have access to the bulk of the NSA’s data-base, couldn’t it well have been that, e.g., an employee at the UK’s GCHQ in Cheltenham, animated by some kind of intense personal animus against Hillary Clinton, hacked the Podesta & DNC emails, downloaded them onto a thumb-drive, and delivered the latter physically to some kinda place like the Ecuadorian Embassy in London? (Here one has to factor in the fact that, understandably enough, HRC has been much feared & loathed way beyond the shores of the US; also, no doubt, that GCHQ has a significant number of US citizens in its employ.) Why do I focus here on GCHQ? Only because former British Ambassador Craig Murray, resident in the UK, has recently asserted that he has met personally the Podesta + DNC leaker — which could well have occurred when in September he visited Wash DC to present the Sam Adams Award for Integrity in Intelligence to John Kiriakou, or may just as well have occurred somewhere back in the UK, where after all his good buddy Assange is resident (… well, sort of). — But my real point, in the spirit of a thought-experiment, is simply to raise this hypothesis as exemplary of any number of such notional rival hypotheses, only with the definitive elimination of which could the CIA, in lieu of having any kind of ‘smoking gun’, rationally point a finger at Russia (and Putin) as having been the actual author of the putative ‘hacks’. — Pray tell me, by the way, is epistemology 101 not taught any more at US universities?


Sustainable Abundancy 
December 15, 2016 at 6:25 pm 
Parry’s analysis of the probable anti-Russia Status-Quo-preserving fallout from NeoCons & liberal hawks is very good.
Don’t know whether a September 2015 date would be sufficient to account for all DNC/Podesta emails that WikiLeaks received.
Much additional intel/info is still unpublished. However, what is published so far is “bullshit,” as Craig Murray rightfully says. intel veterans are still saying that Russians DID participate — but NOT in the DNC/Podesta WikiLeaks stuff.

Sustainable Abundancy 
December 15, 2016 at 9:48 pm 
Geoffrey: Craig Murray was NOT WikiLeaks’ source for more recent (post-Sept-15) DNC emails — despite Craig’s ‘confession.’
Some if not many DNC emails are from 2016 (e.g., an 18 May 2016 email featured yesterday on The Young Turks).
Therefore: (1) CM was NOT the ONLY WikiLeaks emails source; OR (2) CM was NOT WikiLeaks’ emails source (at all).

De Braeckeleer Ludwig 
December 16, 2016 at 10:43 am 
Dear Sir,
• Good comment, but it seems the media have not reported correctly what Murray says. For instance, the meeting with the “source” occured in Sept 2016!
Here is what I wrote on my blog: DNC & Podesta Emails Were Leaked by US ‘Insiders’, as well as Hacked by Russia!
Best, L

Sustainable Abundancy 
December 17, 2016 at 2:17 am 
Ludwig: Thank you for the additional info and your blog, all of which I checked. However, a September 26, 2016 transfer date from the “source” to Craig Murray is also problematic for at least three reasons: 
(1) WikiLeaks released 40,000+ DNC emails on July 22, 2016 (before the July 25 DNC Convention); 
(2) If Craig Murray was barred from entering the U.S. in September 2016 (as per the link in your blog), how was Craig able to be present at a meeting near American University to receive the transfer of emails and/or related files? and 
(3) In the Craig Murray podcast, Murray says that he was NOT the source of 40K+ DNC emails released in July 2016 but did “have a small role to play” (in & after September 2016).
To Ludwig or to anyone else who knows, please address the above three (3) points. Thanx.

Sustainable Abundancy 
As indicated above, the September 2016 ‘transfer’ to Craig Murray could NOT have been responsible for the July 2016 WikiLeaks leak of the DNC emails; and Murray said that he “only played a minor role”… 

brad becker 
December 16, 2016 at 6:47 pm 
This is what Assange has been saying for months. Assange won’t say who it is, even if knows who it is which he may not. The persons life would be in Jeopardy and his career would be over.