Crowdstrike had no evidence Russia -- or anyone else -- hacked the DNC server !!!

originally posted by: chr0naut

To do this, it uses AI and a library of known exploits, and speculatively applies them and then looks for pattern matches to those exploits. From those exploits, it does a lookup of who those particular exploits are attributed to and can produce a weighted estimate as to who may have been likely to have placed them there.

Much of the Falcon AI is proprietary but there have been several academic papers describing the concepts. My understanding of it is based upon those.

Do you really not see the problem here? So malicious actors, having studied CS's system and knowing that the DNC will go to CS, know exactly how to execute their operation to fool the AI into concluding that someone else did it. They also know what the typical exploits of other actors are. Because AI doesn't factor in intuitive things, like "Damn, these clues were so obviously left to make it look like the Russians that either the Russians have 12-year-olds doing their hacking or this was a set up." Instead the AI just concludes it was likely the Russians.

How you can think you're an "expert" and not understand this is beyond me.

The first thing you learn when you start studying computer security is that it's always a back and forth process. As soon as you come up with some ingenious security (or in this case analytical) method, the bad guys work out a way to either get around or manipulate it.

I'm still not gonna respond to your garbage posts to me but I just had to point out how naive your analysis is for someone with all that "experience" and "expertise." I feel sorry for whatever company you work for. Between your naivety, arrogance, and lack of willingness to learn new things that contradict your prior perceptions, malicious actors must really take you guys for a ride.

originally posted by: face23785

originally posted by: UKTruth

originally posted by: chr0naut

originally posted by: shooterbrody
a reply to: UKTruth
Some dont know a computer from a car lot.
Tho Wikipedia tells them they do.
I think the testimony under oath is enough.

I am currently the CIO IT&T Manager for the company I currently work for. I have worked for more than 30 years at a number of technology companies, including IBM and IBMGSA. I have done disaster recoveries several times, for several companies, and have held an MCSE and A+ and other IT qualifications in the past. I have also written some commercial applications and have a software development portfolio. I would consider myself an expert in IT and computing.

I am confident that what CrowdStrike wrote in their blog post, or what is in the Wikipedia article on the DNC compromise, is technically correct.

Technically, they said they had no proof that the Russians hacked the DNC.
I would agree that they were technically correct when they said that.

It's always rather sad to witness the last person holding on to a lie many swallowed. I pity you in that respect.

That's the funniest part to me. It's so obvious he was tricked into believing something that wasn't true. But he thinks he's sooooo smart he can't possibly have been fooled and come to the wrong conclusion, so he has to pretend the lie is still true despite the evidence to the contrary.

The arrogance and lack of self-awareness is just hilarious. As smart as he tries to look, he ends up looking dumber and dumber because he can't just grow up and admit he got fooled by our media, whether he heard it directly from them or from his media who parroted some CNN garbage to him.

Thats spot on. It's hard for some people to admit they've been fooled.
We now know that there is not only no proof Russia hacked the DNC but Crowdstrike can't even say whether any information was taken by the intrusion they did allegedly find.
The reality of the situation is so far from the media and Democrat propaganda and yet he can't take even a step back from this hoax. At this stage he's fully invested in his own ego. When you start seeing someone throwing around their credentials, which can never be validated, it's time to just let them get on with it. They lost the argument.

None of that explains why they both went directly to the same data.

It's not like the DNC is going to have some folder on its server labeled "potentially incriminating data", or "keep this secret from hackers".

Once the two hacking entities got access, they should have both needed to spend some time randomly rumaging around, to find something juicy.

But they didn't. They both went straight to the same files.

a reply to: chr0naut
Good
Cause crowdstrike said they have no concrete evidence.
Glad you finally understand such.
As to your claimed expertise, yeah sure.
You do understand my middle school kid can edit Wikipedia?
Like I said, yeah sure you are.

And I am the king of england!

originally posted by: face23785

originally posted by: UKTruth

originally posted by: chr0naut

originally posted by: shooterbrody
a reply to: UKTruth
Some dont know a computer from a car lot.
Tho Wikipedia tells them they do.
I think the testimony under oath is enough.

I am currently the CIO IT&T Manager for the company I currently work for. I have worked for more than 30 years at a number of technology companies, including IBM and IBMGSA. I have done disaster recoveries several times, for several companies, and have held an MCSE and A+ and other IT qualifications in the past. I have also written some commercial applications and have a software development portfolio. I would consider myself an expert in IT and computing.

I am confident that what CrowdStrike wrote in their blog post, or what is in the Wikipedia article on the DNC compromise, is technically correct.

Technically, they said they had no proof that the Russians hacked the DNC.
I would agree that they were technically correct when they said that.

It's always rather sad to witness the last person holding on to a lie many swallowed. I pity you in that respect.

That's the funniest part to me. It's so obvious he was tricked into believing something that wasn't true. But he thinks he's sooooo smart he can't possibly have been fooled and come to the wrong conclusion, so he has to pretend the lie is still true despite the evidence to the contrary.

The arrogance and lack of self-awareness is just hilarious. As smart as he tries to look, he ends up looking dumber and dumber because he can't just grow up and admit he got fooled by our media, whether he heard it directly from them or from his media who parroted some CNN garbage to him.

Spot on sir!

originally posted by: bloodymarvelous
None of that explains why they both went directly to the same data.

It's not like the DNC is going to have some folder on its server labeled "potentially incriminating data", or "keep this secret from hackers".

Once the two hacking entities got access, they should have both needed to spend some time randomly rumaging around, to find something juicy.

But they didn't. They both went straight to the same files.

He's an expert, you'd think he'd understand this.

But the media told him the Russians did it, so that's all he can understand.

originally posted by: chr0naut

originally posted by: bloodymarvelous

originally posted by: chr0naut

originally posted by: UKTruth

originally posted by: chr0naut

originally posted by: UKTruth

originally posted by: chr0naut

originally posted by: UKTruth
a reply to: chr0naut

That's all very interesting, but it still remains a fact that there is no proof that the Russians hacked the DNC.

Until we open up your head, we can't really be sure your brain is mostly grey in color.

You can speculate that the Russians hacked the DNC, but there is no proof of that.
Speculate all you like, it just smacks of you not being able to admit you got taken for a ride by the media. Obama holdovers and Democrats.

It isn't speculative. There is strong circumstantial evidence. There are the hacking tools left behind on the drives. There are the logs of when files were written to the drives. There was even a connection log of an IP address traced back to Russia. And the data retrieved was released to the public by people with links to Russian hackers.

Can you provide the logs with time stamps?

I don't have those. And neither do any of those who deny that Russia was behind the hacks. Some of the date details of the compromises are in the transcript under discussion.

The data forensics people who have the VEEAM images would have the full logs. Strangely, ALL of them (CrowdStrike, Fidelis Cybersecurity, Mandiant, SecureWorks, ThreatConnect, the FBI, and US Intelligence services) are saying it was Russian hackers.

However, the following blog post includes the hash values of the tools found on the hard drives. It is evidence written into the data of the drive that the tools used by hackers were present. It does not absolutely indicate that they were Russians but there are numerous indicators that circumstantially identify them as Russian:

CrowdStrike’s work with the Democratic National Committee: Setting the record straight - Crowdstrike Blog

If you start at the line that says:

"Bears in the Midst: Intrusion Into the Democratic National Committee"

And read from there, and know a little bit about programming, it is actually pretty convincing. He's saying that he found various kinds of malware, and some Powershell (direct command to the operating system) instructions that shouldn't be there.

Stuff only somebody at Dmitri Alperovich's level of knowledge would even know how to fake.

So either

A: A pair of true pro hackers were hired to hack the DNC.

or

B: A pair of true pro hackers were hired the plant hacker-ish data.

What is fishy (or should I say "Phishy"????) about it all though, is they both went straight after exactly the same pieces of data.

Alperov passes this off as "Typical Russian intelligence redundant objectives" or something like that.

But what is the probability of them going after exactly the same data immediately?

If they were looking through a haystack for something incriminating, there should have been some randomness to it.

But no: they make B line straight to exactly the same files (but using two entirely different hacking methods.)

It's like someone told them exactly where, on the system, to look.

That's pretty fishy (/"Phishy")

CrowdStrike's way of doing data forensics is somewhat different to other companies. It looks through data not just for specific strings, or sequences of data, but also heuristically, as in looking at the sequence of operations indicative of getting particular tasks done.

Hackers can obfuscate their code by inserting garbage skips or nulls, or by chopping up their code and shuffling the order with a number of jumps, and pushing and popping code onto different CPU registers or in memory locations. However, despite the shuffling around, the sequence of operations to achieve a particular goal must remain the same.

CrowdStrike's technology steps through the sequence of operations and therefore can 'see' the heuristic process, despite the obfuscation attempts. To do this, it uses AI and a library of known exploits, and speculatively applies them and then looks for pattern matches to those exploits. From those exploits, it does a lookup of who those particular exploits are attributed to and can produce a weighted estimate as to who may have been likely to have placed them there.

While there is some expert disagreement as to the 100% accuracy of the attribution (being one identified by an AI with nothing more to go on than previous assumptions), it is definitely more accurate, more comprehensive (the data set of potential compromises is inhumanly huge), faster, and unbiased than a human interpretation based upon those same inputs would be.

Much of the Falcon AI is proprietary but there have been several academic papers describing the concepts. My understanding of it is based upon those.

You're not really helping yourself with this.

But I believe you, because even though my experience in hacker world is just limited to messing around with Autohotkey scripts that last couple of months (to try and automate copying and pasting stuff into googletranslate)

I have some limited familiarity with the stuff Alperov was saying about malware, and powershell instructions.

Stuff you would use if you're trying to talk directly with someone else's operating system so you can roam through their files.

I totally believe there was a real hack. (Faking a hack like the one Alperov was describing would actually be HARDER than doing it for real.)





What I don't get is: why did they go after exactly the same files?

There is no sign of them looking around for something interesting. Just directly entering, and grabbing a few specific pieces of data.


How would Trump know exactly which files to steal?

(It's obvious how the DNC would know which files to ask to have stolen, though. Nothing too incriminating. Just enough to say they were victimized.)

a reply to: chr0naut

I'll give you a star for that

originally posted by: face23785

originally posted by: chr0naut

No, I don't think that they are entirely unbiased. I said that they get far less out of any bias than American news sources do.

Your posts here make it pretty clear that this is not true. Your perceptions about American politics are skewed incredibly far to the left. You routinely parrot left-wing talking points that float around on CNN and MSNBC. Your perception is not reality.

In my country, I have previously voted fairly consistently for the right leaning National Party and I would consider myself very much a centrist.

The thing is, that from a far-right-wing perspective, everything else appears to be to the left. I suspect you have not realized how much American politics has shifted to the right in recent years.

Faux News is a 24 x 7 opinion delivery system.

It takes a few seconds of soundbite, or a few lines of text, and somehow stretches it out over days of "commentary". As we have just seen with this topic thread, they also misrepresent the little actual source content that they have and spin it into all sorts of garbage. That's not 'News'.

The number of times they have pronounced "This is it", "The smoking gun!", "Boom...", etc, and absolutely nothing comes of it, might raise a question about giving Faux News and their ilk any credence.

And this here reinforces my point. You've been told to think this about Fox, despite it being objectively not true, and you swallowed that propaganda hook, line, and sinker. Then you come here and think you have an objective view of things, despite your views being overwhelmingly skewed to one side.

Just as CNN and MSNBC's commentary hours are overwhelmingly biased left, Fox's are biased right. That's different than their news coverage. As usual, you don't even know the basics about the subject on which you're trying to opine. Getting informed about the subject matter before you post would help you tremendously. But you're diametrically opposed to actually learning anything. You'd rather just spout propaganda, because you're a troll.

Again, you are comparing one American 'news' company to another and trying to label me by their standards. LOL. You just aren't getting it.



But, I want you to consider here, are Tucker Carlson's talk shows, news, or commentary? This whole thread is based upon something from his show.

Why would I be brainwashed about anything in American politics at all? It is just another country and has very little impact upon my life. The fact that you believe that the world is somehow polarized upon American party lines is indicative of how much you are in fact indoctrinated in your own country's propaganda.

The USA is just another country, among a hundred or so, to me.

Again, your posts do not align with what you're claiming here. You post about American politics an inordinate amount, and your views are overwhelmingly skewed, so yes, you are brainwashed, and it matters more to you than you want to admit. The fact that you believe you're NOT polarized along our party lines is indicative of how indoctrinated you've been by media coverage. Everything you see and read about us is skewed, and you absorb it that way, and your perceptions are all out of whack because of it. You think you know the truth, but all you know is the DNC's talking points.

You have no idea of what I see or read about the US. There is no way you could know.



And, yes I do post frequently on US political topics, but very rarely as OP. I am usually responding to the posts of others and I often take the adversarial position. That is how debate works.

If everyone just was a "yes" man, posting nothing but affirmation and providing no new information to the topics posted, then the ATS forums would just be advertising for whatever platform shouted the loudest.

There is significant circumstantial evidence that the DNC e-mail hacks were Russian state-sponsored actions. There is absolutely no evidence, even circumstantial, that it wasn't.

The weight of evidence that does exist, even if some of it is not "concrete", is that there was a hack and Russia is behind it.

If you have "concrete" evidence to the contrary, present it and I will reconsider my opinion.

Like most of what you say, that's not true at all, and has been addressed in numerous posts in this thread. Of course, you ignored the ones you didn't want to read that explained why this is not true, and instead have chosen to just continue trolling.

See you in the next thread I have to debunk your baseless CNN talking points that you magically just know somehow even though you swear you're not tainted by our partisan biased news.

My work is done in this one. Next thread, try to actually learn something about the subject matter before you post, for once? I know that will be really hard, but trust me it's worth it.

Please post some of that hard evidence, and add some content to the debate.

originally posted by: face23785

originally posted by: chr0naut

To do this, it uses AI and a library of known exploits, and speculatively applies them and then looks for pattern matches to those exploits. From those exploits, it does a lookup of who those particular exploits are attributed to and can produce a weighted estimate as to who may have been likely to have placed them there.

Much of the Falcon AI is proprietary but there have been several academic papers describing the concepts. My understanding of it is based upon those.

Do you really not see the problem here? So malicious actors, having studied CS's system and knowing that the DNC will go to CS, know exactly how to execute their operation to fool the AI into concluding that someone else did it. They also know what the typical exploits of other actors are. Because AI doesn't factor in intuitive things, like "Damn, these clues were so obviously left to make it look like the Russians that either the Russians have 12-year-olds doing their hacking or this was a set up." Instead the AI just concludes it was likely the Russians.

You should reverse engineer Google rank and make your millions now!

How you can think you're an "expert" and not understand this is beyond me.

The first thing you learn when you start studying computer security is that it's always a back and forth process. As soon as you come up with some ingenious security (or in this case analytical) method, the bad guys work out a way to either get around or manipulate it.

I'm still not gonna respond to your garbage posts to me but I just had to point out how naive your analysis is for someone with all that "experience" and "expertise." I feel sorry for whatever company you work for. Between your naivety, arrogance, and lack of willingness to learn new things that contradict your prior perceptions, malicious actors must really take you guys for a ride.

Haven't you noticed, the malicious actors do take big and otherwise well-protected companies and groups for a ride. That is what the DNC hacks were.

originally posted by: shooterbrody
a reply to: chr0naut
Good
Cause crowdstrike said they have no concrete evidence.
Glad you finally understand such.
As to your claimed expertise, yeah sure.
You do understand my middle school kid can edit Wikipedia?
Like I said, yeah sure you are.

And I am the king of england!

The one with the big ears?

I think you are getting a bit ahead of yourself.

originally posted by: bloodymarvelous
None of that explains why they both went directly to the same data.

Umm, because it was there?

It's not like the DNC is going to have some folder on its server labeled "potentially incriminating data", or "keep this secret from hackers".

Once the two hacking entities got access, they should have both needed to spend some time randomly rumaging around, to find something juicy.

But they didn't. They both went straight to the same files.

70 GB of e-mails? That sounds a fair bit indiscriminate to me.

It's in the transcript.

But perhaps if a state-sponsored cyberespionage group was involved, they might have an idea of a target?

originally posted by: shooterbrody

originally posted by: face23785

originally posted by: UKTruth

originally posted by: chr0naut

originally posted by: shooterbrody
a reply to: UKTruth
Some dont know a computer from a car lot.
Tho Wikipedia tells them they do.
I think the testimony under oath is enough.

I am currently the CIO IT&T Manager for the company I currently work for. I have worked for more than 30 years at a number of technology companies, including IBM and IBMGSA. I have done disaster recoveries several times, for several companies, and have held an MCSE and A+ and other IT qualifications in the past. I have also written some commercial applications and have a software development portfolio. I would consider myself an expert in IT and computing.

I am confident that what CrowdStrike wrote in their blog post, or what is in the Wikipedia article on the DNC compromise, is technically correct.

Technically, they said they had no proof that the Russians hacked the DNC.
I would agree that they were technically correct when they said that.

It's always rather sad to witness the last person holding on to a lie many swallowed. I pity you in that respect.

That's the funniest part to me. It's so obvious he was tricked into believing something that wasn't true. But he thinks he's sooooo smart he can't possibly have been fooled and come to the wrong conclusion, so he has to pretend the lie is still true despite the evidence to the contrary.

The arrogance and lack of self-awareness is just hilarious. As smart as he tries to look, he ends up looking dumber and dumber because he can't just grow up and admit he got fooled by our media, whether he heard it directly from them or from his media who parroted some CNN garbage to him.

Spot on sir!

You are all in agreement, then!

a reply to: chr0naut
You are the only one disputing testimony under oath.
The sky is falling, right chicken little?

a reply to: face23785

Fascinating how you weren't able to offer any kind of expert rebuttal to what I said.

Does that one ever?
I don't remember ever seeing such.

originally posted by: shooterbrody
a reply to: face23785

Fascinating how you weren't able to offer any kind of expert rebuttal to what I said.

Does that one ever?
I don't remember ever seeing such.

To his credit, he did actually try on the last page. It just made our case more than it made his and he didn't realize it.

originally posted by: face23785
a reply to: chr0naut

Fascinating how you weren't able to offer any kind of expert rebuttal to what I said.

OK, the hackers, whoever they would be, were only interested in getting all that secret and potentially incriminating data.

Sure, the hackers could try and cover their tracks, all hackers do, but they would still leave traces, even with log editing tools and file 'touch' modifiers and a massive and complicated cleanup.

Their very last operation in the system could not be erased and so would evidence them as being present in the environment. If they erased that last bit of evidence, then the evidence of that erasure would be just as damning. And, after all, that isn't their goal, anyway. They wanted the data.

In this case, the hackers did clean up a bit, which was why MIS (the DNC's IT Support company) couldn't find who, or how, and so they called in CrowdStrike (it's in the transcript). And CrowdStrike and other data forensics groups did find traces and have published the findings.

Also, at the time of the hack, it wasn't a foregone conclusion that CrowdStrike would be called in and you are also forgetting the other data forensics guys who worked to find the details of the breach.

It makes no rational sense for the hackers to set up fake traces that would be misinterpreted by all the other guys using all their methods as well, otherwise, it would have been fairly pointless for the hackers to try and identify some other hacking group when there would still most likely be some trace of them, that they couldn't remove.

As it is, what do the Russians care that they have been fingered? It's "so what"? They won't cop any more or less flack over it. They did the hack, published the data, and then closed up shop, disbanded the groups, wiped their computers, and just disappeared into the woodwork (as they have done)?

The only ones who have any skin in the game about 'who did what' were the Trump and Hillary campaigns.

Just more trolling. What else is new?

ETA: Oh, I see you saved your real firepower for this guy:

originally posted by: bloodymarvelousNone of that explains why they both went directly to the same data.

originally posted by: chr0naut

Umm, because it was there?

Some real expert analysis there...

You've GOT to be getting paid for this. I refuse to believe someone would make such a fool of himself for free.

They went for the same data because it was the most exposed and the most likely to be useful.

originally posted by: chr0naut

originally posted by: Zanti Misfit
a reply to: chr0naut


Yeah , BEFORE they were Famous , So your Point Is > ?

As pointless and off topic as your post.

Oh Really ? Is it MORE Pointless than that Rubbish Picture you Posted of Donald J. Trump BUSINESSMAN , and that Deceiver Jeffery Epstein ? What were you Trying to Imply their Man > ?Hmm.......

originally posted by: Zanti Misfit

originally posted by: chr0naut

originally posted by: Zanti Misfit
a reply to: chr0naut


Yeah , BEFORE they were Famous , So your Point Is > ?

As pointless and off topic as your post.

Oh Really ? Is it MORE Pointless than that Rubbish Picture you Posted of Donald J. Trump BUSINESSMAN , and that Deceiver Jeffery Epstein ? What were you Trying to Imply their Man > ?Hmm.......

They were friends - years ago - and Trump also said on a TV show - years ago - that Epstein "liked them a bit young".

What do you think he meant by that?