- On June 12 last year, Julian Assange announced that WikiLeaks had and would publish documents pertinent to Hillary Clinton’s presidential campaign.
- On June 14, CrowdStrike, a cyber-security firm hired by the DNC, announced, without providing evidence, that it had found malware on DNC servers and had evidence that Russians were responsible for planting it.
- On June 15, Guccifer 2.0 first appeared, took responsibility for the “hack” reported on June 14 and claimed to be a WikiLeaks source. It then posted the adulterated documents just described.
- On July 5, Guccifer again claimed he had remotely hacked DNC servers, and the operation was instantly described as another intrusion attributable to Russia. Virtually no media questioned this account.
It does not require too much thought to read into this sequence. With his June 12 announcement, Assange effectively put the DNC on notice that it had a little time, probably not much, to act preemptively against the imminent publication of damaging documents. Did the DNC quickly conjure Guccifer from thin air to create a cyber-saboteur whose fingers point to Russia? There is no evidence of this one way or the other, but emphatically it is legitimate to pose the question in the context of the VIPS chronology. WikiLeaks began publishing on July 22. By that time, the case alleging Russian interference in the 2016 elections process was taking firm root. In short order Assange would be written down as a “Russian agent.”We now know that it could not be hack -- the smoking gun, as it were -- because of what the metadata reveals about download speeds. As Lawrence explains:
Forensicator’s first decisive findings, made public in the paper dated July 9, concerned the volume of the supposedly hacked material and what is called the transfer rate—the time a remote hack would require. The metadata established several facts in this regard with granular precision: On the evening of July 5, 2016, 1,976 megabytes of data were downloaded from the DNC’s server. The operation took 87 seconds. This yields a transfer rate of 22.7 megabytes per second.
These statistics are matters of record and essential to disproving the hack theory. No Internet service provider, such as a hacker would have had to use in mid-2016, was capable of downloading data at this speed. Compounding this contradiction, Guccifer claimed to have run his hack from Romania, which, for numerous reasons technically called delivery overheads, would slow down the speed of a hack even further from maximum achievable speeds.
What is the maximum achievable speed? Forensicator recently ran a test download of a comparable data volume (and using a server speed not available in 2016) 40 miles from his computer via a server 20 miles away and came up with a speed of 11.8 megabytes per second—half what the DNC operation would need were it a hack. Other investigators have built on this finding. Folden and Edward Loomis say a survey published August 3, 2016, by www.speedtest.net/reports is highly reliable and use it as their thumbnail index. It indicated that the highest average ISP speeds of first-half 2016 were achieved by Xfinity and Cox Communications. These speeds averaged 15.6 megabytes per second and 14.7 megabytes per second, respectively. Peak speeds at higher rates were recorded intermittently but still did not reach the required 22.7 megabytes per second.
“A speed of 22.7 megabytes is simply unobtainable, especially if we are talking about a transoceanic data transfer,” Folden said. “Based on the data we now have, what we’ve been calling a hack is impossible.” Last week Forensicator reported on a speed test he conducted more recently. It tightens the case considerably. “Transfer rates of 23 MB/s (Mega Bytes per second) are not just highly unlikely, but effectively impossible to accomplish when communicating over the Internet at any significant distance,” he wrote. “Further, local copy speeds are measured, demonstrating that 23 MB/s is a typical transfer rate when using a USB–2 flash device (thumb drive).”Lawrence mentions a couple other forensic revelations of the metadata having to do with time stamps and the pasting of documents into a "a Russianified [W]ord document with Russian language settings and style headings," but to my mind it is the download-speed data -- something anyone who uses a computer and browses the internet understands intimately -- to which the intelligence community must respond:
By any balanced reckoning, the official case purporting to assign a systematic hacking effort to Russia, the events of mid-June and July 5 last year being the foundation of this case, is shabby to the point taxpayers should ask for their money back. The Intelligence Community Assessment, the supposedly definitive report featuring the “high confidence” dodge, was greeted as farcically flimsy when issued January 6. Ray McGovern calls it a disgrace to the intelligence profession. It is spotlessly free of evidence, front to back, pertaining to any events in which Russia is implicated. James Clapper, the former director of national intelligence, admitted in May that “hand-picked” analysts from three agencies (not the 17 previously reported) drafted the ICA. There is a way to understand “hand-picked” that is less obvious than meets the eye: The report was sequestered from rigorous agency-wide reviews. This is the way these people have spoken to us for the past year.
Behind the ICA lie other indefensible realities. The FBI has never examined the DNC’s computer servers—an omission that is beyond preposterous. It has instead relied on the reports produced by Crowdstrike, a firm that drips with conflicting interests well beyond the fact that it is in the DNC’s employ. Dmitri Alperovitch, its co-founder and chief technology officer, is on the record as vigorously anti-Russian. He is a senior fellow at the Atlantic Council, which suffers the same prejudice. Problems such as this are many.
“We continue to stand by our report,” CrowdStrike said, upon seeing the VIPS blueprint of the investigation. CrowdStrike argues that by July 5 all malware had been removed from the DNC’s computers. But the presence or absence of malware by that time is entirely immaterial, because the event of July 5 is proven to have been a leak and not a hack. Given that malware has nothing to do with leaks, CrowdStrike’s logic appears to be circular.
In effect, the new forensic evidence considered here lands in a vacuum. We now enter a period when an official reply should be forthcoming. What the forensic people are now producing constitutes evidence, however one may view it, and it is the first scientifically derived evidence we have into any of the events in which Russia has been implicated. The investigators deserve a response, the betrayed professionals who formed VIPS as the WMD scandal unfolded in 2003 deserve it, and so do the rest of us. The cost of duplicity has rarely been so high.Will there be a response? An "Aw, shucks" moment of mea culpa? I doubt it. All signs, such as recent evidence of a Google blacklist, point to the marginalization of dissent. The deep state has become so irrational it can no longer parry counter-narratives. It is sealed off and considers itself impregnable. Trump, for all his "As-Seen-on-TV" hucksterism, breached the castle walls. The effort underway is to make sure that doesn't happen again.