> The theory of a purported covert Trump-Alfa channel had been cooked up by an unnamed tech executive positioning himself for a top cybersecurity job in the anticipated Clinton administration.
The indictment itself specifies that nothing Michael Sussmann said was false, merely that he misrepresented on who's behalf he was sending it. No amount of spin will turn this into "Russia didn't interfere with the US election to elect Trump, potentially with the assistance of his own staff"
I'm confused which claim is factually incorrect, that there was a connection between the Trump Campaign and Russia's Alfa Bank. Or that the Attorney who provided that information to the FBI was was not working "for any client," and was simply passing on information that had been provided to him by "multiple cyber experts" who had come across the suspicious web traffic.
So are my eyes and ears lying to me? I didn't hear with my own ears that Trump asked Russia to hack for him on TV? I didn't hear that happen!? And Trump never went to Russia, was never compromised, never invited Russian spies to the white house, etc? I don't get it, this piece is ridiculous and doesn't match reality _at all_. Why is this trash on HN?
If I were a conspiracy theorist, and if I had read many times about how troll farms worked (and where they originated, and about their goals to destabilize regions and create divides amongst the people), I might guess that this story was posted and promoted by such people.
For years at least, perhaps a decade or more, there has been a decent-size far-right crowd on HN that subscribes to conspiracy theories themselves. Perhaps this post is a troll farm's doing, perhaps it is organic behavior on HN. From my perspective, HN is very conservative/right leaning at least, and large numbers of voters and commenters are on here and support far-right-wing views. There is a lot of racism, white supremacy, misogyny, and anti-LGBT sentiment here. I have been called more hateful slurs on HN than I have anywhere else online or IRL.
shrug. Hard to say about how organic this story is.
HN has always had space for some political stories—the ones that overlap with intellectual interest. This one arguably does. Whether HN is capable of discussing it substantively is a separate issue.
"Intellectual interest" is a new one. You are once again letting too much snake oil promulgate through this service. You have a responsibility here to do a better job that you're shirking on the thinnest of excuses.
All snake oil is intellectually interesting in some way. If you're entirely agnostic to it, then why do you even have a moderator? Just sit back, relax, and let these people continue their relentless slide into the absurd depths of navel-gazing political conflict found everywhere else.
If you're interested in stopping the promulgation of snake oil, then the linked article should be catnip for you. It features lying to the FBI, thin DNS evidence, and a coordinated media disinfo campaign.
This predictably turned into a flamewar. I didn't learn anything new, and it doesn't seem like anyone else did, either. I don't think this community does pure politics well, and I also think that's fine. No forum (IRL or digital) does.
I agree that these types of posts become (IMO, on HN, reasonably well-mannered) flamewars. I disagree that it's pure politics. Manipulation of public opinion by shaping or inventing narratives is a non-partisan, matter of public interest. Consider (hypothetically, of course) the danger of a global war in the nuclear age brought about by demonisation of The Enemy in mass and social media.
I don't think this site can or should be a venue to discuss 100% of matters of public interest. It's one of the few social media that isn't rage-inducing
Also, the author is a hyper-partisan and (left-wing, not right-wing as some here have assumed) and this report has a political agenda.
I'm not sure if this subission was entered into the second-chance queue before or after this comment, but HN did put its thumb on the scale here, as it does from time to time.
(Disclaimer: I've both benefitted from that in the past and nominated other items for the queue.)
"Whether HN is capable of discussing it substantively is a separate issue." Indeed...
Did the Trump/Russia thing actually matter? The whole thing just seemed like a clickbait scam for liberals who - let's be honest - were always going to vote against Trump.
It sounds like swing voters didn't really care about Trump's scandals - they perhaps were just frustrated with his conduct and handling of the pandemic and ensuing social unrest.
This doesn't appear to be true - as another commenter pointed out: "the only thing here is speculation on the motivation of the delivery of the information, not on the veracity of the information"
The indictment is about whether the lawyer who sent a computer scientist's DNS analysis lied to the FBI about whether he was bringing the analysis on behalf of anyone. He said No, but was working for the Clinton campaign at the time. The indictment doesn't challenge the contents of the analysis and the lawyer claims this was unrelated to his work on/for the campaign. They better have some hard evidence that the Clinton campaign directed him to go to the FBI or the Trump special prosecutor will lose this case badly.
As least try and understand the details of what is going on.
Of course it's completely unrelated. All lawyers are interested in DNS sniffing, haven't you heard? It's going to be more popular with that crowd than golf soon! /s
The Russia thing was cover for politicians (such as the Clintons, who have served on boards of WalMart etc, and of course the Bidens) who had been selling out US interests to that other country which many consider to be the main adversary to the US. Planting the idea that it was Russia, and not that other country, that was really interfering in US domestic politics, was a very important distraction. A lot of people in the US think that Russia is the main enemy of the US. Can't make this stuff up!
I can't tell if you're satirically impersonating a conspiracy theorist ("insert country here"), or if you do actually have a country in mind and are not saying it as some form of sarcasm.
I tend to do the same about that other country. Too dangerous to name it, too many lists. What if you're on a flight that gets diverted there? I don't want to end up in a camp.
In case this is a real lack of understanding instead of a pretend one: " that other country which many consider to be the main adversary to the US". If it's not Russia, there's pretty much only one choice left (unless you're deliberately trying to misunderstand).
> A lot of people in the US think that Russia is the main enemy of the US.
That depends on how you define "the main enemy". I'm not sure why the distinction between #1 and #2 enemies matters, anyway.
Russia may not be the #1 enemy, but it is certainly among the top 2 enemies and perhaps the most likely to succeed in destabilizing the US as the most powerful country.
China is attempting many of the same tactics as Russia, but their success seems to be more limited (and their open authoritarianism, as opposed to Russia's façade of democracy, is easier for Americans to identify as objectively evil, regardless of their level of hostility toward the US).
> Russia may not be the #1 enemy, but it is certainly among the top 2 enemies and perhaps the most likely to succeed in destabilizing the US as the most powerful country.
Russia has been pretty irrelevant to US geopolitical interests for over thirty years. Their economy is 1/10 of the size of the US economy. Russia gets overwhelmingly negative coverage in mainstream US media, which proves how weak their leverage in the US really is.
The idea that Russia has a serious amount of influence in the US is a joke. What business leverage do they have here? The total trade between Russian and US is very small so the opportunity for economic leverage is low. How fearful is anyone to post anything negative online about Russia? Not very fearful.
If anything Russia is the victim of misinformation campaigns in the US, they are not the perpetrator.
You seem like a moron. Even if you want to ignore the obvious effect fake Facebook ads had on people's perceptions of the candidates, the outcome was still the US moving away from Europe. This benefits Russia geopolitically. Don't be obtuse
>It sounds like swing voters didn't really care about Trump's scandals
Really? My impression was that they were the only ones who cared (in the sense that they could make a decision one way or the other, as opposed to being fated to a decision by one's sociopolitical loyalties/hatreds).
Please see https://news.ycombinator.com/item?id=28647191 and don't post like this again. If you have evidence (by which I mean any shred of anything objective), please email us at hn@ycombinator.com and we'll look into it.
Asking the question about HN manipulation, when several other people have been asking, "How is this on HN", is unreasonable?
Is HN somehow immune from the manipulation that much larger, much better funded sites have experienced (where ample evidence exists)?
This was not some criticism of HN, this was a valid question which people should ponder on. Presumably most of us HN readers do not expect the content to be targeted manipulation or disinformation. But we cannot be blind to the possibility... else what is the point of even being here?
When I am hitting HN (tonight at least) about every 15 minutes out of boredom, and I see a story pop up on the front page with rapidly increasing votes - especially a story that is rather controversial and not typically what HN people get uniformly excited about - I wonder if something unusual is going on.
Perhaps it really is a lot of pro-Trump HN readers using their Friday afternoons to upvote this story, but that also seems unlikely.
Ok, I take your point that you were asking in good faith. The line between question and insinuation can be blurry. The fact is, though, that astroturfer/shill/bot/foreign-agent/paid-troll/infiltrating-spies is the explanation internet users reflexively invoke at the slightest provocation, nearly always with zero evidence. The overwhelming majority of the time, it's nothing but a sinister, sensational fantasy. This poisons discussion and community. Therefore we have a rule asking people not to post such things, but rather to email us at hn@ycombinator.com if they're worried about manipulation. That way we can base the response on something objective (by looking at the data) and the threads won't go haywire down the poisonous path.
I don't think you need to invoke "pro-Trump readers" to explain why a story like this might get upvoted. Not everyone is a passionate partisan.
Both broke the site guidelines. We can't respond to every case of that—there are just too many. Insinuation about the astroturf/shill/bot/spy thing is the bigger problem.
You can see an example of the DNS logs collected on page 803 of the Senate Intelligence report rather than reading blog. Clearly the Alfa bank did DNS lookups of the Trump domain and the explanation doesn't pass the smell test.
And the evidence of a cover-up by the Trump Corporate IT director (Cho) is on the following pages.
>According to Cho, at the time of the suspicious activity, the domain maill.trumpemail.com belonged to the Trump Organization's email marketing company, Cendyn Hospitality
Marketing.5142 Cho learned from Cendyn that the trump-email.com domain was originally
created for Trump Hotels email marketing sometime between 2009 and 20115143 and the domain
had been used as recently as November 2015 for Trump Hotel marketing emails.5144 At some
point prior to September 29, 2016, the domain registration was transferred from Cendyn to the
Trump Organization; internal emails suggested it may have occurred on September 23, 2016,
around the time the press began inquiring, although Cho could not identify any specific date with
certainty.5145 According to Cho, the Trump domain had been used to send mass marketing
emails, but not to receive email.5146
>Cho looked up the IP addresses belonging to the two Alfa Bank servers. Based on a
port scan of one server's IP address on October 1, 2016, Cho found that it was not configured as
an email or web server: "It only had port 53 open, which is a port for DNS lookup."5147 From this, he inferred that both of the Alfa Bank servers were configured as DNS servers, and
therefore could not have been used to transmit email communications to the Trump domain. 5148
Cho did not explain if he also conducted a port scan of the other Alfa Bank IP address, or how he
determined that the configuration on October 1, 2016 would have been the same as the server's
configuration during the time period in question.
>Cho did not recall conducting a system-wide review of the Trump Organization
network to determine if there wer~ any connections from the Trump Organization side with any
of the Alfa Bank servers.5149 Instead, he looked up the public IP addresses for two separate Alfa
Bank email servers he had identified, which he then provided to Cendyn to check if Cendyn
could identify communications involving those servers.5150 In response, Cendyn found six
messages to Alfa Bank recipients from clients using one of its email applications, but stated that
these communications were not connected to the Trump Organization.5151 Cendyn identified
these as emails sent by existing banking or hotel customers of Cendyn through a meeting
management application to an Alfa Bank email address.5152 Cho did not locate any substantive
communications between the Trump Organization and the two Alfa Bank servers and did not
pursue further investigation of the DNS activity.5
>Cendyn did not explain how the unusualDNS lookup activity might relate to those
emails and did not filter its records to find information like the DNS logs at issue.515~
Nonetheless, based on Cendyn's findings, Cho concluded that the rough "correlation" between
these email~ and the DNS logs might explain how the press had "put these together as some kind
of activity between Alfa Bank and Cendyn, which happened to have one of their host names with
our Trump name in it, 'Trump-email.com."'5155 The Committee did not engage C,endyn on this
matter.
> Unprompted, the Committee also received two letters, dated March 16 and July 20,
2018, from an attorney representing Alfa Bank conveying the findings of internal investigations
into the unusual DNS activity. The letters represented that Alfa Bank had retained Mandiant, acyber incident response firm, to conduct an internal investigation based on the DNS logs and had
found no ...
It's a pretty common and standard practice for the mail servers to check that the domain specified in the MAIL FROM command of SMTP does exist. If it doesn't, the mail is immediately rejected at the SMTP level.
This check goes through a local recursive DNS server. You often have to have the DNS port open for recursive DNS servers to work properly (over UDP). Which would be the IP address where the lookup were to originate from.
How exactly is receiving a spam marketing email from a big hotel chain by a bank employee controversial?
Because if it was a marketing campaign, there would be other IP addresses doing a DNS lookup. Alfa bank was 77% of the DNS requests and another 20% were from Spectrum Health which is associated with the DeVos family. That doesn't sound like a marketing campaign. And the marketing company said they stopped sending emails before the DNS lookups happened. The Trump org also created a new domain and the first DNS request was Alfa bank.
>But Cendyn told CNN that its contract to provide email marketing services to the Trump Organization ended in March 2016 — weeks before the DNS lookups chronicled by the researchers started appearing. Cendyn told CNN that a different client had been communicating with Alfa Bank using Cendyn communications applications — a claim that Alfa Bank denied.
>Scrutinizing the Trump Organization’s online footprint, the researchers determined that for several months during the spring and summer of 2016, Internet servers at Alfa Bank in Russia, Spectrum Health in Michigan, and Heartland Payment Systems in New Jersey accounted for nearly all of the several thousand DNS lookups for a specific Trump Organization server (mail1.trump-email.com).
>Foer wrote that The Times hadn’t yet been in touch with the Trump campaign about the DNS data when the Trump email domain suddenly went offline. Odder still, four days later the Trump Organization created a new host — trump1.contact-client.com — and the very first DNS lookup to that new domain came from servers at Alfa Bank.
That log of 10 IP addresses accounting for 100% of DNS requests over a period of 4.5 months (from Krebs) is complete BS. The domain name in question was publicly known — records available in DomainTools per Ankura report. There's way more background DNS scanning of public names going on, all the time, for there to not be maybe an order of magnitude more requests.
It's never even explained where the log comes from in the first place! How convenient!
You can tell this is political drivel because the only thing here is speculation on the motivation of the delivery of the information, not on the veracity of the information itself.
Is there any evidence in that article that you can cite for us? That website was started by an extremely pro-Trump Fox News contributor and I have no intention on clicking on it.
It's a PDF document produced by Ankura Consulting Group.
I didn't read it, but it's extremely trivial to generate outgoing DNS traffic from many networks with their own mail and DNS infrastructure (i.e., any big bank that has their own IT department), to any other domain name. All you do is connect to their mail server, and provide the domain name to query in MAIL FROM via SMTP.
Which is basically the whole evidence that connects the parties together.
Ankara reports that the use of the domains in question is consistent with marketing campaigns in the hospitality industry.
I'm still confused where the original DNS lookup dataset came from and why is it trusted. It cannot possibly be a complete dataset of all the requests for the domain in question. If anything, there's way more bot activity happening during a period of 4.5 months. A mere 10 IP addresses accounting for all requests that were ever made during a period of 4.5 months, for a public domain name (proof available from DomainTools per Ankara), is not realistic.
The trump domain wasn't set-up for bulk marketing email and wasn't configured like the other trump marketing domains.
>The report notes that unlike other domains the Trump Organization used to send mass marketing emails, the domain at issue — mail1.trump-email.com — was configured in such a way that would have prevented it from effectively sending marketing or bulk emails. Or at least prevented most of the missives sent through the domain from ever making it past spam filters.
>Nor was the domain configured like other Trump Organization domains that demonstrably did send commercial email, Jones’ analysis found. Also, the mail1.trump-email.com domain was never once flagged as sending spam by any of the 57 different spam block lists published online at the time.
>“If large amounts of marketing emails were emanating from mail1.trump-email.com, it’s likely that some receivers of those emails would have marked them as spam,” Jones’ 2018 report reasons. “Spam is nothing new on the internet, and mass mailings create easily observed phenomena, such as a wide dispersion of backscatter queries from spam filters. No such evidence is found in the logs.”
The domain became public after the public reporting. Show me where in the Ankara report that shows that the domain mail1.trump-email.com was public during the period of the DNS activity.
>Also, the mail1.trump-email.com domain was never once flagged as sending spam by any of the 57 different spam block lists published online at the time.
Ankura reports that DomainTools reports the First Seen for the FQDN — with the exact same IP address throughout — as early as 2010-07-02.
If you don't believe Ankura, just purchase a report for the domain yourself from DomainTools or one of their resellers. Probably only costs a few bucks for a few lookups.
Krebs literally posts a PNG image citing court filings listing 10 IP addresses responsible for 100% of DNS traffic for a public domain name over a period of 4.5 months. Actual origin of the underlying data is never explained, of course, but I do like how the total of the 10 is explicitly listed as 100%! Nevermind the internet bots scanning the whole internet, DomainTools and PassiveTotal reportedly having a long-term record of these same domain names since 2010 (for the "old" mail1 domain) and 2009 (for the "new" domain at the same IP address), respectively, and many other internet scanning services knowing about it, too, as per Ankura's 2020 report linked in the sibling comment. When did Krebs stop being an investigative journalist and went to being a political hack saying we shouldn't prosecute people for lying to the authorities to spur phantom investigations?
Most ironic is an out of context quote from Paul Vixie about a conspiracy with out-of-band communication for DNS discovery, because clearly there's no other possible explanation for discovering public FQDNs that have been known to exist since 2009! Meanwhile, if you've ever looked at Paul's Twitter feed over the last 4 years, it's pretty clear which party he supports and which single president he despises and would have done anything to get rid of; but I'm sure that has no relevance to the case, and he is still being objective in suggesting conspiracy theories that involve DNS in some way, without ever bothering to verify the authenticity of the data that he's presented with to make public comments on.
You lost me at “fabricated Steele dossier” because as I was closely following everything Muller related in real time, including reading all 300+ pages of the report (which it seems few bothered to do) one thing became abundantly clear is that Steele got it so much closer than anyone could have expected
The Mueller report concluded: "Ultimately, the investigation did not establish that the Campaign coordinated or conspired with the Russian government in its election-interference activities."
How do you square that with the Steele report, which alleged exactly that? Steele and Mueller may have agreed about some details, but not about the primary claim.
Yea because Trump campaign manager Paul Manafort coordinated through KGB asset Konstantin Kilimnik, as documented in the Republican-led Senate intelligence report, and not directly with the Russian government.
The only allegation I've ever heard is that Manafort shared polling data with Kilimnik. I'd hardly call that coordinating election interference, and apparently Mueller agreed because he knew about the polling data and still reached the conclusion above.[1]
And in the interest of accuracy you should also mention that Manafort was only campaign manager for two months, from June 20 to August 19 of 2016, and he was removed from the campaign, reportedly, because of his Russian connections.
"On August 17, 2016, Trump received his first security briefing. The same day, August 17, Trump shook up his campaign organization in a way that appeared to minimize Manafort's role. It was reported that members of Trump's family, particularly Kushner, who had originally been a strong backer of Manafort, had become uneasy about his Russian connections and suspected that he had not been forthright about them. Manafort stated in an internal staff memorandum that he would "remain the campaign chairman and chief strategist, providing the big-picture, long-range campaign vision". However, two days later, Trump announced his acceptance of Manafort's resignation from the campaign after Steve Bannon and Kellyanne Conway took on senior leadership roles within that campaign."[2]
That was NOT Mueller's conclusion. That was Bill Barr's politically motivated summary of the Mueller report. Mueller concluded there was contacts between Trump campaign and the Russians government but it wasn't enough evidence to successfully prosecute. The actual Mueller report says:
>As explained in Section IV above, the Office’s investigation uncovered evidence of numerous links (i.e., contacts) between Trump Campaign officials and individuals having or claiming to have ties to the Russian government. The Office evaluated the contacts under several sets of federal laws, including conspiracy laws and statutes governing foreign agents who operate in the United States. After considering the available evidence, the Office did not pursue charges under these statutes against any of the individuals discussed in Section IV above—with the
exception of FARA charges against Paul Manafort and Richard Gates based on their activities on behalf of Ukraine.
>One of the interactions between the Trump Campaign and Russian-affiliated individuals—the June 9, 2016 meeting between high-ranking campaign officials and Russians promising derogatory information on Hillary Clinton—implicates an additional body of law: campaign finance statutes. Schemes involving the solicitation or receipt of assistance from foreign sources raise difficult statutory and constitutional questions. As explained below, the Office evaluated
those questions in connection with the June 9 meeting [REDACTED]. The Office ultimately concluded that, even if the principal legal questions were resolved favorably to the government, a prosecution would encounter difficulties proving that Campaign officials or Investigative Technique individuals connected to the Campaign willfully violated the law.
>Finally, although the evidence of contacts between Campaign officials and Russia affiliated individuals may not have been sufficient to establish or sustain criminal charges, several U.S. persons connected to the Campaign made false statements about those contacts and took other steps to obstruct the Office’s investigation and those of Congress. This Office has therefore charged some of those individuals with making false statements and obstructing justice.
Don't spread misinformation, that was a DIRECT QUOTE from the Mueller report: "Ultimately, the investigation did not establish that the Campaign coordinated or conspired with the Russian government in its election-interference activities." You can see it in [1] or [2] or in the report itself.
So there were a few contacts. So what? Presidential campaigns talk to a lot of people and don't vet them all in advance.
As your own quote says: "After considering the available evidence, the Office did not pursue charges under these statutes against any of the individuals discussed in Section IV above—with the exception of FARA charges against Paul Manafort and Richard Gates based on their activities on behalf of Ukraine [not Russia]."
I find it surprising that the Russians conspiracy was seemingly forgotten during the voting machine debate after getting Trump out. As far as picking our favourite conspiracy I do find some of the inconsistencies of the 2020 election to be interesting-for-interesting-sake.
I'd love to see someone do a teardown or analysis on the voting machines or that "F" vote curve. But that probably won't happen for another 30 years until this all blows over and we can talk about it objectively again.
The torrent of comments smearing Aaron and his work as drivel is indicative of how incredibly effective the Russiagate media spectacle really was. Americans are so thoroughly propagandized, so lavishly disinformed and lied to that they actually think the interests of the security state are THEIR interests.
84 comments
[ 3.4 ms ] story [ 161 ms ] threadPresumably Eric Schmidt?
https://www.emptywheel.net/2021/09/22/john-durham-is-the-jim...
Or if you'd prefer a more technical discussion, Krebs has a nice update;
https://krebsonsecurity.com/2021/09/lawsuits-indictments-rev...
https://news.ycombinator.com/item?id=28629227
You might move the discussion there and away from this one.
shrug. Hard to say about how organic this story is.
I've explained hundreds of times why we have that rule. Many of the explanations are reachable by scrolling back through https://hn.algolia.com/?sort=byDate&dateRange=all&type=comme... for the longer comments.
Many past explanations here:
https://hn.algolia.com/?dateRange=all&page=0&prefix=false&so...
Also, the author is a hyper-partisan and (left-wing, not right-wing as some here have assumed) and this report has a political agenda.
(Disclaimer: I've both benefitted from that in the past and nominated other items for the queue.)
"Whether HN is capable of discussing it substantively is a separate issue." Indeed...
It sounds like swing voters didn't really care about Trump's scandals - they perhaps were just frustrated with his conduct and handling of the pandemic and ensuing social unrest.
This was misleading due to me misunderstanding and my own biases.
As least try and understand the details of what is going on.
That depends on how you define "the main enemy". I'm not sure why the distinction between #1 and #2 enemies matters, anyway.
Russia may not be the #1 enemy, but it is certainly among the top 2 enemies and perhaps the most likely to succeed in destabilizing the US as the most powerful country.
China is attempting many of the same tactics as Russia, but their success seems to be more limited (and their open authoritarianism, as opposed to Russia's façade of democracy, is easier for Americans to identify as objectively evil, regardless of their level of hostility toward the US).
Russia has been pretty irrelevant to US geopolitical interests for over thirty years. Their economy is 1/10 of the size of the US economy. Russia gets overwhelmingly negative coverage in mainstream US media, which proves how weak their leverage in the US really is.
When Russia has active, long-running disinformation campaigns designed to destabilize the US, I'm pretty sure that I disagree.
The idea that Russia has a serious amount of influence in the US is a joke. What business leverage do they have here? The total trade between Russian and US is very small so the opportunity for economic leverage is low. How fearful is anyone to post anything negative online about Russia? Not very fearful.
If anything Russia is the victim of misinformation campaigns in the US, they are not the perpetrator.
Really? My impression was that they were the only ones who cared (in the sense that they could make a decision one way or the other, as opposed to being fated to a decision by one's sociopolitical loyalties/hatreds).
Is HN somehow immune from the manipulation that much larger, much better funded sites have experienced (where ample evidence exists)?
This was not some criticism of HN, this was a valid question which people should ponder on. Presumably most of us HN readers do not expect the content to be targeted manipulation or disinformation. But we cannot be blind to the possibility... else what is the point of even being here?
When I am hitting HN (tonight at least) about every 15 minutes out of boredom, and I see a story pop up on the front page with rapidly increasing votes - especially a story that is rather controversial and not typically what HN people get uniformly excited about - I wonder if something unusual is going on.
Perhaps it really is a lot of pro-Trump HN readers using their Friday afternoons to upvote this story, but that also seems unlikely.
I don't think you need to invoke "pro-Trump readers" to explain why a story like this might get upvoted. Not everyone is a passionate partisan.
https://www.kcrw.com/news/shows/lrc-presents-all-the-preside...
https://www.intelligence.senate.gov/sites/default/files/docu...
And the evidence of a cover-up by the Trump Corporate IT director (Cho) is on the following pages.
>According to Cho, at the time of the suspicious activity, the domain maill.trumpemail.com belonged to the Trump Organization's email marketing company, Cendyn Hospitality Marketing.5142 Cho learned from Cendyn that the trump-email.com domain was originally created for Trump Hotels email marketing sometime between 2009 and 20115143 and the domain had been used as recently as November 2015 for Trump Hotel marketing emails.5144 At some point prior to September 29, 2016, the domain registration was transferred from Cendyn to the Trump Organization; internal emails suggested it may have occurred on September 23, 2016, around the time the press began inquiring, although Cho could not identify any specific date with certainty.5145 According to Cho, the Trump domain had been used to send mass marketing emails, but not to receive email.5146
>Cho looked up the IP addresses belonging to the two Alfa Bank servers. Based on a port scan of one server's IP address on October 1, 2016, Cho found that it was not configured as an email or web server: "It only had port 53 open, which is a port for DNS lookup."5147 From this, he inferred that both of the Alfa Bank servers were configured as DNS servers, and therefore could not have been used to transmit email communications to the Trump domain. 5148 Cho did not explain if he also conducted a port scan of the other Alfa Bank IP address, or how he determined that the configuration on October 1, 2016 would have been the same as the server's configuration during the time period in question.
>Cho did not recall conducting a system-wide review of the Trump Organization network to determine if there wer~ any connections from the Trump Organization side with any of the Alfa Bank servers.5149 Instead, he looked up the public IP addresses for two separate Alfa Bank email servers he had identified, which he then provided to Cendyn to check if Cendyn could identify communications involving those servers.5150 In response, Cendyn found six messages to Alfa Bank recipients from clients using one of its email applications, but stated that these communications were not connected to the Trump Organization.5151 Cendyn identified these as emails sent by existing banking or hotel customers of Cendyn through a meeting management application to an Alfa Bank email address.5152 Cho did not locate any substantive communications between the Trump Organization and the two Alfa Bank servers and did not pursue further investigation of the DNS activity.5
>Cendyn did not explain how the unusualDNS lookup activity might relate to those emails and did not filter its records to find information like the DNS logs at issue.515~ Nonetheless, based on Cendyn's findings, Cho concluded that the rough "correlation" between these email~ and the DNS logs might explain how the press had "put these together as some kind of activity between Alfa Bank and Cendyn, which happened to have one of their host names with our Trump name in it, 'Trump-email.com."'5155 The Committee did not engage C,endyn on this matter.
> Unprompted, the Committee also received two letters, dated March 16 and July 20, 2018, from an attorney representing Alfa Bank conveying the findings of internal investigations into the unusual DNS activity. The letters represented that Alfa Bank had retained Mandiant, acyber incident response firm, to conduct an internal investigation based on the DNS logs and had found no ...
This check goes through a local recursive DNS server. You often have to have the DNS port open for recursive DNS servers to work properly (over UDP). Which would be the IP address where the lookup were to originate from.
How exactly is receiving a spam marketing email from a big hotel chain by a bank employee controversial?
>But Cendyn told CNN that its contract to provide email marketing services to the Trump Organization ended in March 2016 — weeks before the DNS lookups chronicled by the researchers started appearing. Cendyn told CNN that a different client had been communicating with Alfa Bank using Cendyn communications applications — a claim that Alfa Bank denied.
>Scrutinizing the Trump Organization’s online footprint, the researchers determined that for several months during the spring and summer of 2016, Internet servers at Alfa Bank in Russia, Spectrum Health in Michigan, and Heartland Payment Systems in New Jersey accounted for nearly all of the several thousand DNS lookups for a specific Trump Organization server (mail1.trump-email.com).
>Foer wrote that The Times hadn’t yet been in touch with the Trump campaign about the DNS data when the Trump email domain suddenly went offline. Odder still, four days later the Trump Organization created a new host — trump1.contact-client.com — and the very first DNS lookup to that new domain came from servers at Alfa Bank.
It's never even explained where the log comes from in the first place! How convenient!
Tried and true diversion tactic: a story that nobody can disprove and which will be believed even if it's denied. Yes, Prime Minister, S2E2, "Official Secrets", ©1987 BBC.
Krebson Security's take on this is the best one I've seen. Their conclusion is solid: https://krebsonsecurity.com/2021/09/lawsuits-indictments-rev...
https://justthenews.com/sites/default/files/2020-04/Ankura_A...
I didn't read it, but it's extremely trivial to generate outgoing DNS traffic from many networks with their own mail and DNS infrastructure (i.e., any big bank that has their own IT department), to any other domain name. All you do is connect to their mail server, and provide the domain name to query in MAIL FROM via SMTP.
Which is basically the whole evidence that connects the parties together.
Ankara reports that the use of the domains in question is consistent with marketing campaigns in the hospitality industry.
I'm still confused where the original DNS lookup dataset came from and why is it trusted. It cannot possibly be a complete dataset of all the requests for the domain in question. If anything, there's way more bot activity happening during a period of 4.5 months. A mere 10 IP addresses accounting for all requests that were ever made during a period of 4.5 months, for a public domain name (proof available from DomainTools per Ankara), is not realistic.
>The report notes that unlike other domains the Trump Organization used to send mass marketing emails, the domain at issue — mail1.trump-email.com — was configured in such a way that would have prevented it from effectively sending marketing or bulk emails. Or at least prevented most of the missives sent through the domain from ever making it past spam filters.
>Nor was the domain configured like other Trump Organization domains that demonstrably did send commercial email, Jones’ analysis found. Also, the mail1.trump-email.com domain was never once flagged as sending spam by any of the 57 different spam block lists published online at the time.
>“If large amounts of marketing emails were emanating from mail1.trump-email.com, it’s likely that some receivers of those emails would have marked them as spam,” Jones’ 2018 report reasons. “Spam is nothing new on the internet, and mass mailings create easily observed phenomena, such as a wide dispersion of backscatter queries from spam filters. No such evidence is found in the logs.”
>Also, the mail1.trump-email.com domain was never once flagged as sending spam by any of the 57 different spam block lists published online at the time.
Ankura reports that DomainTools reports the First Seen for the FQDN — with the exact same IP address throughout — as early as 2010-07-02.
If you don't believe Ankura, just purchase a report for the domain yourself from DomainTools or one of their resellers. Probably only costs a few bucks for a few lookups.
Most ironic is an out of context quote from Paul Vixie about a conspiracy with out-of-band communication for DNS discovery, because clearly there's no other possible explanation for discovering public FQDNs that have been known to exist since 2009! Meanwhile, if you've ever looked at Paul's Twitter feed over the last 4 years, it's pretty clear which party he supports and which single president he despises and would have done anything to get rid of; but I'm sure that has no relevance to the case, and he is still being objective in suggesting conspiracy theories that involve DNS in some way, without ever bothering to verify the authenticity of the data that he's presented with to make public comments on.
How's Krebs' the best take if it's the same lies propagated by the mainstream media? Not to mention that most DNS software doesn't even log any non-AXFR DNS requests at all (DNS works really fast over UDP and is very cheap unlike HTTP, and logging all requests to disk will slow down peak performance considerably), plus where the log comes from is never explained, either. Reminds me of diversion of media attention through "a story that nobody can disprove and which will be believed even if it's denied". Yes, Prime Minister, S2E2, "Official Secrets", ©1987 BBC.
How do you square that with the Steele report, which alleged exactly that? Steele and Mueller may have agreed about some details, but not about the primary claim.
And in the interest of accuracy you should also mention that Manafort was only campaign manager for two months, from June 20 to August 19 of 2016, and he was removed from the campaign, reportedly, because of his Russian connections.
"On August 17, 2016, Trump received his first security briefing. The same day, August 17, Trump shook up his campaign organization in a way that appeared to minimize Manafort's role. It was reported that members of Trump's family, particularly Kushner, who had originally been a strong backer of Manafort, had become uneasy about his Russian connections and suspected that he had not been forthright about them. Manafort stated in an internal staff memorandum that he would "remain the campaign chairman and chief strategist, providing the big-picture, long-range campaign vision". However, two days later, Trump announced his acceptance of Manafort's resignation from the campaign after Steve Bannon and Kellyanne Conway took on senior leadership roles within that campaign."[2]
1: https://www.huffpost.com/entry/paul-manafort-mueller-investi...
2: https://en.wikipedia.org/wiki/Paul_Manafort#Chairman_of_Trum...
>As explained in Section IV above, the Office’s investigation uncovered evidence of numerous links (i.e., contacts) between Trump Campaign officials and individuals having or claiming to have ties to the Russian government. The Office evaluated the contacts under several sets of federal laws, including conspiracy laws and statutes governing foreign agents who operate in the United States. After considering the available evidence, the Office did not pursue charges under these statutes against any of the individuals discussed in Section IV above—with the exception of FARA charges against Paul Manafort and Richard Gates based on their activities on behalf of Ukraine.
>One of the interactions between the Trump Campaign and Russian-affiliated individuals—the June 9, 2016 meeting between high-ranking campaign officials and Russians promising derogatory information on Hillary Clinton—implicates an additional body of law: campaign finance statutes. Schemes involving the solicitation or receipt of assistance from foreign sources raise difficult statutory and constitutional questions. As explained below, the Office evaluated those questions in connection with the June 9 meeting [REDACTED]. The Office ultimately concluded that, even if the principal legal questions were resolved favorably to the government, a prosecution would encounter difficulties proving that Campaign officials or Investigative Technique individuals connected to the Campaign willfully violated the law.
>Finally, although the evidence of contacts between Campaign officials and Russia affiliated individuals may not have been sufficient to establish or sustain criminal charges, several U.S. persons connected to the Campaign made false statements about those contacts and took other steps to obstruct the Office’s investigation and those of Congress. This Office has therefore charged some of those individuals with making false statements and obstructing justice.
Don't spread misinformation, that was a DIRECT QUOTE from the Mueller report: "Ultimately, the investigation did not establish that the Campaign coordinated or conspired with the Russian government in its election-interference activities." You can see it in [1] or [2] or in the report itself.
So there were a few contacts. So what? Presidential campaigns talk to a lot of people and don't vet them all in advance.
As your own quote says: "After considering the available evidence, the Office did not pursue charges under these statutes against any of the individuals discussed in Section IV above—with the exception of FARA charges against Paul Manafort and Richard Gates based on their activities on behalf of Ukraine [not Russia]."
1: https://www.factcheck.org/2019/04/what-the-mueller-report-sa...
2: https://www.theguardian.com/us-news/ng-interactive/2019/apr/...
Why cover up the meetings and contacts then? why obstruct the investigation?
I'd love to see someone do a teardown or analysis on the voting machines or that "F" vote curve. But that probably won't happen for another 30 years until this all blows over and we can talk about it objectively again.