Replies

-- The fact the FBI allowed Crowdstrike to examine the DNC servers is a giant red flag. --

I've been rooting around some old articles. The FBI sends mixed signals ...

Comey: DNC denied FBI's requests for access to hacked servers - TheHill - January 10, 2017

Director James Comey told lawmakers on Tuesday ... "We'd always prefer to have access hands-on ourselves if that's possible," Comey said, noting that he didn't know why the DNC rebuffed the FBI's request.

The subject of "server access" invites confusion, and all the parties involved have an interest in increasing the level of confusion. At any rate, a more accurate and generic description of FBI Standard Operating Procedure (SOP) appears in this article:

FBI, Dems bicker over investigation of hacked servers | TheHill | January 5, 2017

But a former FBI official told The Hill it's not unusual for the bureau to bypass a direct examination of a hacked server.
"In nine out of 10 cases, we don't need access, we don't ask for access, we don't get access. That's the normal [procedure]," Leo Taddeo, a former special agent in charge of the cyber division of the FBI's New York office, told The Hill.
"It's extraordinarily rare for the FBI to get access to the victim's infrastructure because we could mess it up," he added. "We usually ask for the logs and images, and 99 out of a hundred times, that's sufficient."
Asking for direct access to a server wouldn't be necessary, Taddeo said, "unless there was a reason to think the victim was going to alter the evidence in some way."

"Images" is a jargon reference to an EXACT copy of a hard drive, or part of a hard drive, for example a "partition" on a hard drive. Think of it as an exact duplicate - not a backup of the files, but an exact bit-for-bit copy of the infected hard drive.

My questions are: Did the FBI request logs and images? Did the DNC deliver the logs and images?

All the evidence cited in the CrowdStrike report relates to material that would exist in logs and images.

Some hacking techniques leave scant or even ZERO tracks in the hard drive, and are transient in memory and network traffic. For those sorts of attack, access to the server -while it is running- is necessary to see the attack while it is underway. Also, some servers have crappy logging, so intrusions are not logged.

Maybe this is a case of Keystone Cops meet victim who has something to hide. Both sides prefer the investigation be botched, and to be able to blame it on the other.

This is going almost exactly no where. I've gone full pessimist on Seth Rich. I don't think anything will come out of it. It's too important. The fact that no law enforcement inside the government, nor any oversight entity, will do the simple data forensics above, let alone the hard job of challenging those whose duty it is to investigate these things, LET ALONE the time worn hard cold truth that the media wont trust it and thus it is all happening in a void where the alternate media is aware but everyone else blissfully believes Russia hacked the elections per CNN's 24/7 wall to wall propaganda feed...

Keep beating the drum. I admire the fact that there are people who ask questions. The powers involved will tell you that you don't have a right to ask questions, but you do. But we live this the world of the ministry of truth wearing a journalist's mask. This will die and the prevailing narrative will prevail.

...and if it wasn’t a hack, but an insider who snagged a copy of the emails on the server from a backup, there would be nothing on the log. The dog that didn’t bark, so to speak.