July 17, 2018

PITY THE POOR TRUMPBOTS:

Trump's 'Missing DNC Server' Is Neither Missing Nor a Server (Kevin Poulsen, 07.16.18, Daily Beast)

The "server" Trump is obsessed with is actually 140 servers, most of them cloud-based, which the DNC was forced to decommission in June of 2016 while trying to rid its network of the Russian GRU officers working to help Trump win the election, according to the figures in the DNC's civil lawsuit against Russia and the Trump campaign. Another 180 desktop and laptop computers were also swapped out as the DNC raced to get the organization back on its feet and free of Putin's surveillance.

But despite Trump's repeated feverish claims to the contrary, no machines are actually missing.

It's true that the FBI doesn't have the DNC's computer hardware. Agents didn't sweep into DNC headquarters, load up all the equipment and leave Democrats standing stunned beside empty desks and dangling cables. There's a reason for that, and it has nothing to do with a deep state conspiracy to frame Putin.

Trump and his allies are capitalizing on a basic misapprehension of how computer intrusion investigations work. Investigating a virtual crime isn't a like investigating a murder. The Russians didn't leave DNA evidence on the server racks and fingerprints on the keyboards. All the evidence of their comings and goings was on the computer hard drives, and in memory, and in the ephemeral network transmissions to and from the GRU's command-and-control servers.

When cyber investigators respond to an incident, they capture that evidence in a process called "imaging." They make an exact byte-for-byte copy of the hard drives. They do the same for the machine's memory, capturing evidence that would otherwise be lost at the next reboot, and they monitor and store the traffic passing through the victim's network. This has been standard procedure in computer  intrusion investigations for decades. The images, not the computer's hardware, provide the evidence.

Both the DNC and the security firm Crowdstrike, hired to respond to the breach, have said repeatedly over the years that they gave the FBI a copy of all the DNC images back in 2016. 

Posted by at July 17, 2018 4:12 AM

  

« THANKS, W!: | Main | WAIT, THERE'S NOTHING THERE ABOUT BEING EMOTIONAL AND HYSTERICAL: »