Jump to content
Objectivism Online Forum

Adam Carter

Newbies
  • Posts

    2
  • Joined

  • Last visited

Everything posted by Adam Carter

  1. Hi Nicky, "His intelligence services hacked the DNC" APT29 malware was there since the Summer 2015, IC suspects it's related to RU intelligence but nothing solid demonstrating that. APT28 malware was apparently compiled just before and during CrowdStrike's visit in early May, IC suspects APT28 is related to RU intelligence too due to array of targets exposed by Fidelis (which is considerably more compelling than APT29 attribution) but the compile dates and significantly outdated C2 server IP addresses in the APT28 malware raise doubts about the authenticity of it). Furthermore, CrowdStrike, despite having Falcon installed across the DNC network by the May 11, 2016 and the emails being acquired at least 8 days later - only managed to release out-of-context IOCs and malware code samples - there was no incident specific evidence, something they should have had thanks to their monitoring capabilities at that time. CrowdStrike have never been able to explain how or when any of the malware discovered interacted with emails or transferred any significant data to remote hosts. "released compromising information to Wikileaks in order to prevent a Clinton victory." We don't know who gave WikiLeaks the emails. "This was an unprecedentedly hostile act. While espionage, including hacking, is par for the course between competing world powers, none of them have dumped the information they obtained through espionage onto the web, to influence elections, before. As such, this is a new level of hostility, which warrants an equally hostile response." The DNC is a private organization, attacking them is not an attack on the state (the law may change on that in future but for now, they aren't technically part of the government). We also don't have any hard evidence that they were complicit, so you're essentially demanding a hostile response on the basis of what is assumed but not demonstrated. "No, what would've helped voters make better decisions was if both parties private mail was released at the same time." There's no indication WikiLeaks had RNC emails or the tax returns but I do agree that it would have been nice if those were leaked to WikiLeaks and then published at the same time. "Having the Russian government decide which dirty secrets to release and which not to doesn't help American voters make good decisions. It's an absurd suggestion" There's nothing to show WikiLeaks obtained the emails that they published from Russia or any other state. "Freitas dismantled the whole thing in a sentence." Freitas was using the average rate rather than peak rate and his alternate hypotheses (pivot server theory, etc) would inherently have made the hack needlessly easier to detect, something most hackers would typically avoid (it's more of a convenient way to explain the bitrate than be something hackers would typically do or choose to do). To try to explain away the FAT32 anomalies Freitas has suggested that a server may have an NTFS primary drive and FAT32 secondary (possible but very rare these days). It would be a completely unnecessary risk of detection moving gigabytes of files to a secondary drive at those rates. While Freitas is pointing out possibilities, they are already significantly less probable scenarios than those stated by Forensicator. Freitas also suggests that, using the RAT, hackers may have archived the files. Again, triggering a CPU and disk intensive process... something that is inadvisable for anyone wanting to remain stealthy. Most of the other things he mentioned after that point are addressed in the article that I linked to in my previous post..
  2. Freitas made assumptions that he didn't test... so I tested them for him. http://g-2.space/thenation/ Foreniscator didn't just get USB stick usage from the speed (reliable peak was 38MB/s fwiw, outlier peak of 49MB/s) - there were also indicators of FAT filesystem use. There was also the Eastern Time observation too (ie. the main archive was created in September by some whose computer had eastern time set as their timezone) So he's not "making stuff up", the USB stick is very likely rather than "mythical" and there are certainly multiple indicators of USB stick usage compared to your "There's no evidence of a USB stick ".
×
×
  • Create New...