127 comments

[ 3.7 ms ] story [ 196 ms ] thread
The site you linked: Strategic Culture Foundation, a Moscow think tank run by Yuri Profokiev, a former head of Moscow’s Communist Party and member of the Soviet Politburo.
Still waiting for the evidence behind this growing Russian conspiracy.
Odd how you made this account 8 minutes ago to attempt to discredit this idea
That's not counterpoint, it's just typical right wing propaganda.
why is right full of 'typical' propaganda while left is honest ppl with verifiable facts. seems curious
The "left" are good at circular quotations. They are also in complete control of Wikipedia, Snopes, and a few other "authoritative" websites.
> He says stories like this work because they fit into existing right-wing conspiracy theories.

>"The people wanted to hear this," he says. "So all it took was to write that story. Everything about it was fictional: the town, the people, the sheriff, the FBI guy. And then ... our social media guys kind of go out and do a little dropping it throughout Trump groups and Trump forums and boy it spread like wildfire."

>Coler says his writers have tried to write fake news for liberals — but they just never take the bait.

https://www.npr.org/sections/alltechconsidered/2016/11/23/50...

Becuase it's got nothing to do with left or right, just true or false.

The left just seems to value the truth more than the right. That is being vividly illustrated by our current president.

>it's got nothing to do with left or right

> left just seems to value the truth more than the right.

huh?

That is not a "counterpoint" to anything, there is zero mention of bitcoin, blockchain or anything cryptocurrency related within. I think it's pretty clear you're here to push a political agenda.
You can check my karma and how long I've been around, in addition to my comments.

Anyone who does this will know that your claim as to why I'm here doesn't hold water.

That says nothing about this article, which is basically "lol, I can do trivial financial analysis to strip the anonymity of Bitcoin. Think how much more information government experts at tracking money laundering have."
Wow, they’re even pulling bitcoin into this witch hunt!

None of this changes the fact that Bitcoin is the real occupy wallstreet movement. The world needs a money which can protect us from central banks. Bitcoin is it.

You can protect yourself from those evil central banks: just send that toxic fiat currency over to me. I'll dispose of it responsibly.
Odd how you made this account 8 minutes ago to attempt to discredit this idea
Hacker news has a shadow banning problem. Unpopular opinions are downvoted into oblivion. Then your posts start going into the void.
I mean if your speech cannot survive in a free marketplace of ideas...
The other side in this situation is far into the barrel.

But it's mistaken to say HN is a free marketplace of ideas.

I could give some substantive points in support of this statement, but it's an old conversation and I've gotten in trouble for the ways I've expressed it in the past.

HN is a "marketplace of ideas" the way Mao's Hundred Flowers campaign was. Post article on controversial or flamebait-ish topic, wait for users to take the bait, then yell at them.

Their house, their rules, and IMHO the good outweighs the bad... but make no mistake, calling HN a "marketplace of ideas" is inappropriate.

Come on guys, you know the rules, no substantive debate. Hn censors, please flag this.
Details on count 10 are pretty damning. They managed to correlate their various sources of information pretty well. There's not much to say, they managed to tie a wallet address to a person/ip address and were able to trace a surprising amount of attempted money laundering that way.
Well, maybe something is damning, but if you believe that these "operatives" signed their e-mails with their full names including patronymics and ranks like "GRU captain" I have a cheap sunny beach in Greenland for sale. Or if you believe that the US spies had somehow full access to this info and are not afraid to compromise their sources by these revelations. Or, finally, if you believe that the US security agencies including Mueller himself

https://en.wikipedia.org/wiki/Robert_Mueller#Director_of_the...

are to be trusted on anything at all.

What is your explanation of those ledger entries? Was Mueller setting up Russia before he was named Special Counsel?

Also, I read the indictment (https://d3i6fh83elv35t.cloudfront.net/static/2018/07/Mueller...) but I missed the part about, "these "operatives" signed their e-mails with their full names including patronymics and ranks like "GRU captain"". Please point me to it?

I assumed they used stolen identities, like it seems to state in count 10's paragraph 59 and 60, and uses multiple accounts across multiple exchanges to obscure the money trail (paragraph 63).

edit: It's common knowledge who Robert Mueller is. He's been a public figure for decades, and nobody ever made any effort conceal his background. Why are you providing me a wikipedia link?

I don't think there has been any public release of information confirming the evidence revealed in the indictment. Indictments are supposed to be somewhat hyperbolic in appearance (not literally, but figuratively). They aren't supposed to lie, but at the same time they will omit key facts explaining how or why they know or suspect person X did action Y. Those facts will be revealed to the defense or during trial. Unfortunately, these indictments will never result in a trial or pre-trial discovery on part of the defense, so the public may never know the reasons.

That said, the Dutch were able to watch[0] Unit 26165 (a/k/a Cozy Bear, APT29) on CCTV, so it doesn't seem entirely implausible that the NSA or some other FVEY group was capable of retrieving emails from whatever webmail provider Unit 26165 was using (appears to be yandex and mail.com in the indictment).

0: https://www.volkskrant.nl/wetenschap/dutch-agencies-provide-...

Sure, I agree with you on all counts. My point was more that the poster I was replying to either has 1) something not in the indictment 2) some non-yet-public information, or 3) has made something up. I thought it might be 3, but wanted to extend the benefit of the doubt.
> information confirming the evidence

People will never be satisfied. If/When the full emails quoted in the indictment are released, they will point out that e-mails are just UTF-8 characters in a file that anybody could have created. There simply is no evidence, nor is it even possible for there to be any evidence, that people could verify at home. Even if the official Russian "Certificate of Excellence in Hacking Democracy", printed on Russia's own polonium-laced paper, affixed with "Putin's Seal of Outrageous Heterosexuality" self-appointed sceptics will complain that all they can access is a photo, and the FBI isn't letting them stop by and inspect the original.

>I missed the part about, "these "operatives" signed their e-mails with their full names including patronymics and ranks like "GRU captain"". Please point me to it?

that was sarcasm, sorry, I forgot it doesn't go well here. there is nothing in the indictment about how they were able to identify particular perpetrators including their full names.

>I assumed they used stolen identities,

No one in Russia uses their full names with patronymics spelled out in paper mail or e-mail or in official paperwork, except in e.g. a job application or similar i.e. where one must be fully identified. So unless it's a bad case of a Hollywood movie script, those could have come only from hacked internal databases. I am not sure a spy agency would thus reveal it has hacked those internal databases or had a mole in GRU. And on top of that they would be somehow able to match a record in that database with a hacker out there - a truly miraculous feat. On the other hand if those are stolen identities, there are no hints of that in the indictment. They are presented as true identities. And still, full patronymics just don't compute.

>Why are you providing me a wikipedia link?

What do you want me to provide to prove that he is not to be trusted? My own investigation?

Dutch intelligence watched them do it. They were able to watch people coming and going through a security camera.

https://www.volkskrant.nl/wetenschap/dutch-agencies-provide-...

The interesting thing about the article is its sourcing:

> according to six American and Dutch sources who are familiar with the material, but wish to remain anonymous.

It is clear the reporter was not shown any of the evidence or videos:

> It's unknown what exact information the hackers acquire about the Russians

So what we have is anonymous sources with no way to verify anything. It does not mean it's false, but some skepticism is in order.

That's what grand juries, juries, and transparent trials are all about. The first set of Russians indicted months ago have had lawyers representing them in front of a judge this entire time, despite the fact that there is no Russia-US extradition treaty and zero chance of then facing trial. The Office of Special Counsel is fully aware of that fact and yet they keep going, despite the risk that a judge could force them to reveal evidence, sources, and methods that would undermine the entire investigation.

This isn't Iraq WMDs 2.0 where an administration pressured career civil servants until they found one who was partisan enough to back them up. This is an international counterintelligence operation stretching the Five Eyes, Dutch AIVD, and half a dozen other countries.

Indictments are not evidence. It is my understanding (correct me if I'm wrong) that no actual evidence has been presented (yet) in the trial of the first batch of Russians. I'll maintain skepticism until after discovery and cross examination.

> This isn't Iraq WMDs 2.0 where an administration pressured career civil servants until they found one who was partisan enough to back them up. This is an international counterintelligence operation stretching the Five Eyes, Dutch AIVD, and half a dozen other countries.

I think this is a very kind way of describing the Iraq fiasco. The US intelligence agencies claimed there were WMDs, the UK intelligence services produced the Dodgy Dossier[1], and don't get me started about what the Israeli intelligence claimed (I was stupid enough to believe them and prepare the bomb shelter for a chemical attack).

The one thing I learned is that claims by intelligence agencies or anonymous sources in those agencies are meaningless until hard evidence is provided.

Indictments are not evidence. It is my understanding (correct me if I'm wrong) that no actual evidence has been presented (yet) in the trial of the first batch of Russians.

Nor will any evidence be presented because there will not be a trial. Mueller purposely indicted all Russians who are physically in Russia, knowing that they could not and would not be extradited.

Great, now I know how to frame someone using Bitcoin.

1. Select a victim 2. Every time you are about to make a Bitcoin transaction, send an email to the victim's address requesting the amount you are about to send. (Bonus point if you can get directly into the spam folder.) 3. Send bitcoins as you intended to do.

Now lay back and wait for your victim to be linked to your shady activities.

(I'm writing this as a critique of the technique used and conclusions reached in the article. Hopefully the investigation has something more robust.)

Next time you want to frame someone, send money simultaneously to them AND to the Bitcoin address cited in the article, and they'll be linked to a Russian conspiracy...
If they find evidence the wallet owner communicated with you to send the money and then used the transaction to pay for goods and services used in the course of a criminal act, then you might be in trouble. Otherwise, I don't see why you think it would be viewed as anything but a stupid prank.
I guess the government investigating why your wallet is somehow related to a russian spy's wallet may cause quite some trouble in your life.

Maybe they'll accuse you of financing terrorism in the end. It's your right to trust justice to never make mistakes.

Hopefully the investigation has something more robust.

That's quite unlikely, because of exactly what you pointed out. The reality is that this case could not and was not meant to be able to stand up to the rigors of a federal prosecution with good defense attorneys in a US court. People that could not be arrested or extradited were indicted for a reason - Mueller knew this case would never actually be litigated. This was Mueller's ham sandwich indictment for the day [1].

This indictment was meant for Mueller to justify his existence and the expenses that we, the taxpayers, have incurred on this investigation. He got a PR win that satisfied the media's need for headlines about Russian involvement in the election by putting together some broad strokes, knowing that he'd never have to actually prove it beyond a reasonable doubt.

[1] https://www.barrypopik.com/index.php/new_york_city/entry/ind...

Those are random pictures of people not in this indictment just FYI. Your comment is completely off topic.
Indicted. You know, the first step before someone can get convicted?
I know that Russia will never extradite them, and so does Mueller.
Well then, you should also know that these indictments were filed under oath by Mueller and his team, under the penalty of disbarment and literal criminal charges. You would also know that these indictments would be relevant to any future charges of conspiracy (the thing Trump is accused of) and would be open to challenge by any relevant defendant, regardless of whether they were Russian or not, right?

You see, that's how a system based on law and order works.

Oh and did I mention, Mueller and the vast majority of his team are career Republicans, were appointed by Republicans, and gave up multi-million dollar a year jobs to do this? You know, the DEEP STATE.

Well then, you should also know that these indictments were filed under oath by Mueller and his team, under the penalty of disbarment and literal criminal charges

They didn't lie, they don't have to. Everything in this indictment may be what they believe happened. But these are broad strokes. It looks like any of these allegations would be difficult or impossible to prove beyond a reasonable doubt. Grand juries indict based on probable cause, which an entirely different (and far lower) standard. They have probable cause if a credible witness, such as an FBI agent, simply tells them that they believe something happened.

You're kidding, right? You can't possibly be this thick.

The first set of indictments against Russians involved in the social media manipulation campaign have lawyers actively representing them in US courts while they hide in Russia.

How the fuck is Mueller and his team going to lie when they know that their adversary is a nation-state with essentially unlimited resource, one that has already hired half a dozen American lawyers to slow down the process?

How the fuck is Mueller and his team going to lie

The comment you are replying to specifically says that they didn't lie, and didn't have to. This and your other comments seem to imply that you have some sort of angry agenda here. I'm new to commenting here, but I've been lurking for a long time and your goals here seem to be in conflict with the spirit of HN. One person pointed out some facts that you seem to not like, and you basically screamed and didn't even read the comment you were replying to.

Personally, I don't like Trump. But you cannot deny that none of the people in this indictment face any risk of being arrested, which means the allegations in this specific indictment will never be challenged or proven.

> The comment you are replying to specifically says that they didn't lie, and didn't have to.

They strongly implied that Mueller probably lied because they didn't have to tell the truth and no one could prove it.

> This and your other comments seem to imply that you have some sort of angry agenda here.

I do have an agenda: Support and defend the Constitution and laws of the United States against all enemies, foreign and domestic. Unlike most natural born Americans, I take my Oath of Allegiance very seriously.

> One person pointed out some facts that you seem to not like, and you basically screamed and didn't even read the comment you were replying to.

Bingo: I don't like facts that are completely disconnected from reality. By definition, they're not facts.

If screaming means rejecting abject bullshit, I'll die happy.

> But you cannot deny that none of the people in this indictment face any risk of being arrested, which means the allegations in this specific indictment will never be challenged or proven.

The first group of Russians that were indicted for social media manipulation have lawyers defending them in court despite the fact that there is zero chance of extradition.

I don't know what your definition of "never" is, but it can't possibly overlap with the English cognate.

They strongly implied that Mueller probably lied because they didn't have to tell the truth and no one could prove it.

The comment literally says:

"They didn't lie, they don't have to. Everything in this indictment may be what they believe happened".

How is that ambiguous in any way?

By definition, they're not facts.

Russia does not extradite its own citizens to the US. That seems to be an undisputed fact. It's also a fact that the people named in this indictment - the indictment being discussed in this thread and the only people relevant to these comments - are Russian citizens. Accordingly, there is a 0% chance that these people will see the inside of a courtroom to litigate these charges.

Too bad there’s still that pesky trial part which comes after the indictment. You know, the part where the defendant is innocent till proven guilty and the prosecution actually needs to make a case.
> Great, now I know how to frame someone using Bitcoin.

> 1. Select a "victim" under investigation by all US law enforcement agencies involved in counterintelligence and a significant fraction of Western intelligence agencies in general

Fixed that for you.

Or just pick someone and watch the chain and send the appropriate emails.

I used to do that in a weird way with a lightly paranoid coworker (he wasn't battling mental illness or anything, he was fine). He did have a lot of concerns about e-privacy in the 90s (legit forward thinking stuff) and I would send him emails through open mail relays like whitehouse.gov and such "Hey man I dropped off all the magic white powder stuff in your blue Honda Accord.". It was all in jest, he was fine last I heard.

Hahaha, I like how much you justify him being okay
Well I said paranoid... didn't want anyone to think he was in a clinical sense.
I have to imagine that the first person at the FBI (or whichever agency is responsible for tracking money laundering) to come across bitcoin fell out of their chair laughing when they came across it. It's a protocol that has a public, dated, irrefutable log of every transaction made... and its users think it untraceable (or at least, they thought it untraceable back when it first came out).
it's about as untraceable as cash. If you pick some up anonymously, then use a different address for each transaction, all while obfuscating your connection using Tor or the like, your transactions should be difficult to trace.
You don't have to do any of that with cash.
Really? you think cash that you withdraw from the ATM is not traceable to you?
No. Banks don't tie the serial numbers on bills dispensed at an ATM to the cardholder who withdrew it.

Assuming you're right, though, other anonymous ways to get cash include:

- selling something

- getting paid in cash (as many restaurant and undocumented workers do)

- laundering it

- stealing it

- using a stolen ATM card

At the two American banks that I'm familiar with the cash serial numbers are not tracked.
> If you pick some up anonymously,

That's quite the premise. For the layperson, there are very few ways to come across Bitcoin anonymously.

Mine it
Mining requires enough infrastructure and investment to be easily identified. Mining might have been anonymous 4+ years ago, but not now.
Mine some alt-coin such as ETC and then exchange it for BTC using shapeshift or changelly.
What makes cash difficult to trace is the difficulty of establishing that transactions took place in the first place, let alone other potentially pertinent details.

The fact that Bitcoin has a public record of all transactions makes it far easier than cash to deanonymize addresses. Suppose you bought $2.56 worth of Bitcoin via credit card from a friendly Bitcoin seller that doesn't keep any record of this transaction. The government can go to VISA and ask "okay, who gave $2.56 to this vendor within this time frame." Now the government knows your credit card, and can then ask VISA to find all of the other transactions you did, and then look for bitcoin movement of the appropriate size to those transactions involving single-use addresses. All of those addresses are now tied together.

See, the untraceability is entirely dependent on how good your operational security is, and how well you know the capabilities of government financial tracking. And, when you consider that governments have been trying to tackle this problem for difficult-to-trace cash flow, bitcoin is at best no harder and at worst much easier.

Visa would not be considered an anonymous source.

And cash has ID numbers, of which official entities and corporations also track.

Both cash and bitcoin require good opsec.

Perhaps not outright, but it CAN be anonymous / difficult to trace depending on HOW you do things.
How do you trace mined coins?
Watch the markets and exchanges.
Presumably GRU was using its mined coins to spend on things like hosting for shady sites. The idea isn't to cash it out for rubles.
They’re not traced until someone wants to do something with them that then makes them traceable (along with many related accounts). Is owning an “asset” useful if you can’t do anything with it? At that point when someone:

1. Converts to Fiat 2. Buys/Ships something online 3. Transfers to an exchange

It’s now fairly visible to entities keeping a close eye (governments).

> ...they thought it untraceable back when it first came out

I'm guessing you haven't read the white paper where this was directly addressed - by the creator. Page 6 of a 9 page document: https://bitcoin.org/bitcoin.pdf

Monerro is the only currency that is very very hard to trace. Most other currencies are a joke.
Why? It seems to me that Z-Cash is much stronger than monero.
With ZCash, you have to trust the few men that did the "trusted setup". The point about privacy is to trust no one.
This reminds me what I learned about secrets as a child: the only way to keep a secret is to not share it.
Or what I learned from the Hells Angels: Two can keep a secret, if One is dead.
(comment deleted)
> and its users think it untraceable

In my experience this is very rarely the case for any serious bitcoin user I have met. In fact, those seeking anonymity have moved on to monero etc. For many the traceability just doesn't matter that much.

As long as you're able to create btc addresses without having to show an id to an official, it should be possible to anonimize them. Or at least create a pseudo plausible story of getting them in a legal fashion. Of course, it's pretty difficult for an authority to believe that you received 10k stolen BTCs from donations in the address that you posted on your blog, but it's also pretty difficult to prove that you sent them yourself.
The only problem is there is no way to prove that that address actually belongs to the GRU.

The transaction referenced in the indictment clearly happened, but Mueller and his team could have easily searched through the Bitcoin blockchain to find any transaction that paid for a VPN, hosting, or domain registration using Bitcoin on or around the date of the hack.

The indictment makes it sound like the request for 0.026043 BTC came via email. I think that is a bit strange. If you are Russian Military Intelligence about to hack the government of the United States, why would you include references and payment info related to your Bitcoin transactions in hundreds of emails? Surely just keeping track of the Bitcoin addresses on the blockchain would be enough since that is the entire point of the Blockchain. Keeping a reference via email sounds like a good plot for an episode of America’s Dumbest Criminals, not the Russian military.

It is certainly possible that this is exactly what happened, but I think the American people deserve to see some evidence.

You might be interested in Micah F. Lee's take: https://theintercept.com/2018/07/18/mueller-indictment-russi...
TY, that is very interesting... also surprisingly lazy by the Russians.

I would have thought there would have been clear protocols about VPNs, some "we're 99.999% sure this is a clean laptop, don't do anything else here, and only do thing here and inside this brand new VM each day..." kinda stuff that would prevent such mistakes.

The problem with these allegations is they always seem to have this sort of issue, as well as logical problems. Some of the things in the article don't really make any sense. For instance they state that they way they decided that Guccifer was part of the GRU is that on one occasion the IP for that Twitter account was from the GRU.

They then state that that must mean that the Russians must have forgotten to log onto their VPN first. But I mean, what? Using a dedicated VPN makes no real sense in the era of TOR, and such a mistake would have been literally impossible with TOR. It's also mentioned in the article that "The US (or a partner)" hacked at least two GRU computers. If this is the case then it's safe to assume other actors could have as well, and suddenly what exactly does a login from the GRU IP actually mean?

Or in the machines that the GRU allegedly hacked, their behavior was discovered by the presence of logs that the hackers apparently had to manually delete? State level malware does not automatically delete logs? Wow. And then they allegedly rented servers in Arizona and Illinois for illicit activities, knowing full well that their are a gazillion different domestic digital surveillance programs being carried out by the NSA? And then apparently they were exchanging emails, literally discussing theft of DNC materials, in plain text without encryption?

These things just never really make any logical sense. It simultaneously tries to paint Russians as these super hackers capable of achieving anything. And then it also shows them getting busted making mistakes that I'd like to call amateur, but that implies that these are mistakes even an amateur might reasonably make, which is probably doubtful. It's bizarre.

I really don't see your descriptions as that odd or "problems." So some Russians didn't use Tor because you think they should have (it's not like the US government isn't already aware of TOR...). I just don't see that as a big deal or at all surprising...

Beyond that are you saying that some other actor hacked a GRU computer and framed them or something? That's a pretty big leap there without anything to it.

As for logs having your malware just delete logs automatically could be useful at times... less so other times. I would think you would want to choose to do it when you wanted. A lot of malware does log wiping, I'd be tempted to look for log changes over time just to find malware based on that alone..... suddenly missing logs would be a big sign.

Beyond that I'm not going to get into it. These seem like just you and me logicing things out in our head and that doesn't mean we're right or wrong. Humans don't make sense at times, they dork up, that isn't surprising to me.

Just because some of it is curious to me and maybe choices I wouldn't have made, doesn't make it not true, or those choices as odd or wrong as we might thing anyway.

Two other points worth noting

1. The FBI never had physical access to the hacked servers and were relying completely on the report from a third party company, CrowdStrike:

http://thehill.com/policy/national-security/313555-comey-fbi...

2. The former tech director of the NSA, William Binney, claimed that the data could not have been copied remotely because the download speed was around 22 MB/s (176 Mb/s) which he and a team concluded was not possible for a remote hack with servers in Russia and routing through a commercial VPN service:

https://consortiumnews.com/2017/07/24/intel-vets-challenge-r...

>During former FBI director James Comey’s testimony to the House Intelligence Committee, Comey was asked whether the FBI had ever received the DNC’s hacked hardware.

>He said they did not, but obtained access from a review of the system performed by CrowdStrike, a third-party cybersecurity firm.

>"We got the forensics from the pros that they hired which -- again, best practice is always to get access to the machines themselves, but this, my folks tell me, was an appropriate substitute," Comey said.

>DNC spokeswoman Adrienne Watson told PolitiFact that the DNC cooperated with the FBI’s requests, which resulted in the DNC providing a copy of their server.

>"An image of a server is the best thing to use in an investigation so that your exploration of the server does not change the evidence (just like you don’t want investigators leaving their own DNA around a physical crime scene) and so that the bad actors cannot make changes to the evidence while you are looking at it," Watson said. "Any suggestion that they were denied access to what they wanted for their investigation is completely incorrect."

http://www.politifact.com/truth-o-meter/statements/2018/jul/...

> 2. The former tech director of the NSA, William Binney etc

It's interesting, this is the second time I've seen this talking point in two days. The first one linked to a slightly less blog-ish source, and pointed out that this "fact" had been established in _The Nation_, a reasonably well-respected and left-sympathetic newspaper.

Here's the article in The Nation:

https://www.thenation.com/article/a-new-report-raises-big-qu...

It now has a gigantic disclosure in front of it which takes most of the weight of the "findings" away.

http://thehill.com/policy/cybersecurity/346468-why-the-lates...

"In the end, Fidelis, FireEye, SecureWorks, Threat Connect and other CrowdStrike competitors all confirmed Crowdstike’s results."

What a great quote from that article:

"I find it interesting that people are so eager to [ignore credible evidence], but willing to accept the forensics of an anonymous blogger, with no reputation, that no one knows anything about”

Holy 2018.

First of all, I was not presenting it as fact. Merely as a possibility and something to consider.

Second, I read the disclosure, and all it does is point out that it is a possibility and not a fact. It also points out that the intelligence agencies have not provided any hard evidence that Russia was behind the leak, and they are the same groups who lied to the public about WMDs in Iraq to justify that invasion.

This article also says that the original reports were published by Consortium News, the source I linked to.

http://thehill.com/policy/cybersecurity/346468-why-the-lates...

Your point two is is based on an embarrassingly incorrect assumption.

I wouldn’t say it is embarrassingly incorrect. Nothing in that article proves that the report I referenced is not a possibility.

I agree it makes it less likely because the files could have been copied multiple times which could change the metadata, but that doesn’t prove definitively that they were.

I would. I would go further and say it is reputation-threatening (if not ending), mortifyingly embarassing for the members of VIPS that wrote and signed off on the memo. If you had hacked a well-protected target, would you go in directly through your origin? There were probably dozens of hops, some of which may have been fairly indirectly. I doubt they leaked it directly, too.
I agree, but if you had financed the operation with Bitcoin would you have left a trail of hundreds of emails specifying each Bitcoin transaction and what they were used for like the indictment claims?

Only saying that if they were dumb enough to do that they may have been dumb enough to go directly too.

"left a trail of hundreds of emails specifying each Bitcoin transaction"

Show me where in the indictment it talks about that? I only saw a reference to a much smaller number of emails.

Nothing in that article proves that the report I referenced is not a possibility.

Right, because you can't prove a negative.

That's a great article, but it misses a point:

There were two batches of emails published by WikiLeaks. The second batch wasn't published by GRU's front DCLeaks / Guccifer 2.0. So it's possible that the source of that second batch is a different one, and it's certainly possible it could be Seth Rich.

https://archive.is/6MKz4#selection-1021.1-1025.3

The only problem is there is no way to prove that that address actually belongs to the GRU.

They don't have to. This case isn't going to trial; it was basically a PR stunt. It wouldn't survive a trial. The strategy is simple: Indict a bunch of people that you cannot extradite, and you get a PR win with just some broad strokes and have to prove nothing. You get to keep your unlimited budget to continue the investigation, and the press keeps listening to you.

That's idiotic and completely ignorant of how large scale criminal prosecutions work.

Conspiracy and RICO charges necessitate many low level indictments to demonstrate to the court that there is probable cause to the indict the bigger fish and restrict them until trial. Since indictments have a lower threshold than convictions, they are easily challenged when they are brought up as relevant evidence.

Mueller has already brought these charges in front of a judge and he decided that the evidence warrants serious consideration of the allegations. Until another judge says otherwise, you are doing nothing but spreading clearcut propaganda.

Conspiracy and RICO charges necessitate many low level indictments to demonstrate to the court that there is probable cause to the indict the bigger fish

If you cannot arrest the people in the "low level indictments" or threaten them with prison then they aren't going to help you with the "bigger fish".

Mueller has already brought these charges in front of a judge

You're entirely wrong. This went in front of a grand jury, not a judge. That shows that your understanding of this whole process may not be what it needs to be to make the arguments you are making. Anger in no way makes up for lack of knowledge.

> That shows that your understanding of this whole process may not be what it needs to be to make the arguments you are making.

You don't even know that judges preside over grand jury proceedings. That's, like, the most fundamental aspect of the entire legal system: there is a judge deciding things.

You have no business criticizing someone's understanding of the judicial system.

Grand juries indict people, not judges.
Grand juries follow the instructions of the judge presiding over the proceedings.
And then the grand jury, completely independent of any judge, makes a decision as to whether or not to indict. Your argument is like saying the referees decide who wins the Super Bowl.
Grand juries cannot even exist independent of a judge, let alone decide things of consequence like an indictment.

What planet do you live on?

You're actually trying to argue that judges have an active decision making role in deciding whether or not a grand jury issues an indictment? You're really destroying your own credibility and making my point for me the deeper this conversation goes.

There's an old saying: When you find yourself in a hole, stop digging.

You're actually trying to argue that judges don't play an active role in the JUDICIAL SYSTEM.

You're literally arguing that water isn't wet.

I'm not going to let this go, because you are trying to deliberately spread information about how our legal system works that is factually false, and that is damaging both to HN and to our country. So let me make it clear: In our system of justice, judges do not have any vote in whether or not federal grand juries issue indictments.
Conspiracy and RICO charges necessitate many low level indictments to demonstrate to the court that there is probable cause to the indict the bigger fish and restrict them until trial.

There will be no trial in this case, so your point is moot. The government gained no leverage with these indictments either, because the people it indicted are beyond the reach of the US government. That was the whole point of my comment. There is exactly one person that was affected in any way by this indictment - and that was Mueller himself, who was congratulated on a job well done by a press that is hungry for Russia-related headlines. The case itself will not be prosecuted unless one of these guys happens to come to the US on vacation or something, but that is extremely unlikely since they know they are under indictment.

Mueller has already brought these charges in front of a judge

I see that someone else already corrected you on this, but for the record, that person is correct. No judge has ruled on the merits of this case, and the standard that the grand jury uses to indict is very low relative to the standard used at trial.

So, in closing, there are 2 undeniable facts at issue here:

1) All of those indicted are Russians residing in Russia; and

2) Russia does not extradite its citizens to the US.

Therefore, it is not "clearcut propaganda" but rather an undeniable fact to say that this case has no chance of actually being prosecuted in the US, and that the only person affected by this indictment at all was Mueller himself. Mueller presumably knew that he was indicting only Russians that would never be extradited, and therefore knew that the case was not going to actually be prosecuted.

You don't know if that is true, you are just recycling unsubstantiated conspiracy theory propaganda.
Dude's profile:

>HN used to be a place where thoughtful conversation could take place; now it's nothing more than a den of bullies attempting to spread misinformation that supports their political views. It's a hyper-liberal echo chamber.

>I am going continue posting because I hate bullies and won't allow them to tell me what to do, but each and every one of my comments now gets auto-downvoted by GDPR zealots. I don't expect that any comment of mine will ever have a positive score again, but that's OK. I have karma to burn.

>I win, you lose.

I guess this means you lost.

> I guess this means you lost.

How, exactly? And what is that you're saying signifies that I have "lost"?

That yet another random HN poster (@guelo in this case) intentionally mischaracterized hard facts - the fact that all of the people indicted were Russian citizens, and that Russia does not extradite its citizens - as "unsubstantiated conspiracy theory propaganda" hardly surprises me, but it in no way makes me "lose". Such is the nature of HN these days, and it saddens me to see this place devolve into this.

Many of the people here dismiss or ignore cold, hard facts when those facts are not favorable to their side in almost every comment thread on HN. @Guelo is the offender this time, but there are countless others. Facts cannot be argued with, and so in this case, he simply dismissed them because he didn't like those facts. It's wrong that people choose to do this, and that is the crux of the message on my profile page that you quoted, but they do it all the time and I will point it out whenever I see it.

Your comment is even more bizarre to me. You essentially said "You got schooled!" when someone said that the facts I presented were unsubstantiated propaganda, even though they are simply undeniable facts. He presented no argument to support his comment, such as proof of some sort of new extradition treaty that would allow for Russian spies in Russia to be extradited to the US. That would certainly make me "lose" this argument, and I would be happy to concede at that point. Short of that, I can't see that I have "lost" anything based on his comment. You essentially jumped a on a bandwagon where there was no wagon - but rather just a band, making meaningless noises.

Where exactly are these “cold hard facts”?
Assets can be frozen. Their travel to countries who do extradite will be restricted. And evidence for levying sanctions has been produced by the executive and judicial branches, providing the legislative branch cover. These charges are far from pointless.
Your reply is off topic. What does any of that have to do with the point of my comment? My point was that the indictment appears flimsy because prosecutors knew that they would never actually have to prove these charges beyond a reasonable doubt in a court of law. There is a reason that every single person indicted here happens to be beyond the reach of the US government. If you know that you will never have to try the case, you can make all the accusations you think are reasonable (even if you know you cannot prove them) and then drop the charges you can’t prove much later if one of these guys ever actually did wind up in custody (which is extremely unlikely).
> The only problem is there is no way to prove that that address actually belongs to the GRU.

Sure there is; for instance, you could have surveillance (video, keylogger, etc.) of the GRU officer at the GRU computer in GRU headquarters executing transactions on it.

> If you are Russian Military Intelligence about to hack the government of the United States, why would you include references and payment info related to your Bitcoin transactions in hundreds of emails? Surely just keeping track of the Bitcoin addresses on the blockchain would be enough since that is the entire point of the Blockchain.

Even if one grants that this is correct in some ideal sense, “government bureaucracy has operational staff proficient with new technology but imposes counterproductive documentation processes” is something literally no one would be surprised about int their own government.

> It is certainly possible that this is exactly what happened, but I think the American people deserve to see some evidence.

If Mueller files a report, and Congress decided to make it public, concerning the one subject of the investigation for whom normal criminal process is not likely to be the first response to any apparent crimes, and the evidence is directly germane to the findings of the report, the American people will have a legitimate right to demand the evidence.

If the indictment under discussion, or any other to which the allegation is necessary, goes to trial, the defendants will have a legitimate right—a Constitutional right—to demand the evidence.

Ultimately, by letting their servers unsecured, the DNC, RNC, and HRC, DTC are fully guilty of nothing [sic][sarcasm]

Cough b.s. DNC needs to sober up and admit defeat ahead of the RNC hack releases. Right now the hilarious Trump Derangement Disorder they're suffering from will only continue to promote inequality.

Bad security maybe, but facing a state sponsored and determined attack and I'm not sure given enough time that any security is enough.

We're already at a point where security researchers question if you can ever declare any device "clean" simply due to the complexity of devices and attacks.

That's not money laundering. There's no dirty money involved and it's not about the money at all
This is great,

I wish there was more technical discussion of the hack and the indicment. Due to the political nature of the case nearly everything written is extremely partisan. However there is actually quite a bit of "source material" out there: The indicment, the crowdstrike analysis, the published hacked data, the bitcoin blockchain. Which could use some cold headed technical analysis.

Due to the nature of the case the FBI seems to have thrown more resources after the investigation than they normally would do. One thing I notice is section 41 in the indicment.

As I am understanding this, the perpetrator, strugling to formulate the contents of the wordpress site he would publish the day after, was typing in phrases into Google (presumely) under that later would occur on the Guccifer 2.0-site.

Showing two things. That searches are logged extensively and are accessable to American authorities. And that the said GRU perpetrators didn't really care to cover their tracks that much.