Starkiller

Why didn’t the DNC turn over their server!?!?

Recommended Posts

Just now, JakePA_Titan said:

Ok, we'll go in this direction.

 

You're an investigator. You need that image/server. You know how to do it yourself.

 

You would be comfortable with someone else, whom you don't know, doing it?  Especially when that someone else was hired by the ppl you are investigating?

 

Let me ask you this. Is it possible for them to delete anything off the hard drive before they make their 100% exact replica? It is, right?

If I was an investigator and handed an image and told that's the server, don't worry about confirming it - yes, I'd be skeptical. I'm not sure that accurately describes the situation here (did they really not know or trust who did it? was it really them they were investigating, or were they just part of the investigation?), but assuming it is accurate, I'd want to make my own copy.

 

And no, it's not really likely to delete like that. Deleting data is not gone from a forensic perspective, especially when you're talking about a subset of data on a system (vs the entire disk). It's often just gone from your perspective as a user of the operating system. It gets complex, and depends on the type of media and filesystem etc, but it would be quite difficult if not impossible to do that reliably. There's a reason companies and departments with sensitive data must magnetically wipe and often incinerate hard drives - it's the nuclear option and the only one you can safely rely on.

 

 

Share this post


Link to post
Share on other sites
10 minutes ago, JakePA_Titan said:

Its also funny that you believe the FBI would have not known its better to take an image and use that.

 

But yall are quick to believe them in other findings as if they are always 100% accurate.

 

Funny. Think they cant do one job right, but ise them for something they find that favors your argument. Fascinating.

I don't understand - what makes you think I believe this? I can't recall saying I don't think the FBI would know to do this. As I stated, images are computer forensics 101, something students would learn about possibly on day 1.

Share this post


Link to post
Share on other sites
3 minutes ago, OzTitan said:

If I was an investigator and handed an image and told that's the server, don't worry about confirming it - yes, I'd be skeptical. I'm not sure that accurately describes the situation here (did they really not know or trust who did it? was it really them they were investigating, or were they just part of the investigation?), but assuming it is accurate, I'd want to make my own copy.

 

And no, it's not really likely to delete like that. Deleting data is not gone from a forensic perspective, especially when you're talking about a subset of data on a system (vs the entire disk). It's often just gone from your perspective as a user of the operating system. It gets complex, and depends on the type of media and filesystem etc, but it would be quite difficult if not impossible to do that reliably. There's a reason companies and departments with sensitive data must magnetically wipe and often incinerate hard drives - it's the nuclear option and the only one you can safely rely on.

 

 

You mean like Hillary did? She wanted to make sure, huh?

 

So cpu savy ppl, can they alter anything on there with their coding abilities?

 

Change dates on files, change the names of files, maybe make something invisible for an image?

Share this post


Link to post
Share on other sites
5 minutes ago, OzTitan said:

I don't understand - what makes you think I believe this? I can't recall saying I don't think the FBI would know to do this. As I stated, images are computer forensics 101, something students would learn about possibly on day 1.

So what would have been the harm in them handing it over so the FBI can do their own imaging?

 

If there would be no harm, why keep it from them and insist on doing it yourself?

Share this post


Link to post
Share on other sites
1 minute ago, JakePA_Titan said:

You mean like Hillary did? She wanted to make sure, huh?

I guess? but it would be standard procedure for most areas of government to dispose of disks like this, at least those from servers.

 

1 minute ago, JakePA_Titan said:

You mean like Hillary did? She wanted to make sure, huh?

 

So cpu savy ppl, can they alter anything on there with their coding abilities?

 

Change dates on files, change the names of files, maybe make something invisible for an image?

Images are just data and files. You can do whatever you want to them (except make something "invisible" - it's bit for bit, if it exists on a disk it's being copied too). Any change no matter how small would render it changed from the source, which is provable/testable using cryptographic hashing. Changes can leave trails though, it's all very conditional.

 

1 minute ago, JakePA_Titan said:

So what would have been the harm in them handing it over so the FBI can do their own imaging?

 

If there would be no harm, why keep it from them and insist on doing it yourself?

Well there would be considerable forensic harm in turning it off and physically handing it to them - as covered, you don't want to lose the volatile memory content from RAM. So you may want to do it yourself if you don't want to move it and it's time critical, and you have the capabilities to do it.

 

How all this relates precisely to the DNC case is hard to say without knowing intimate details or every step taken. The usefulness of even a forensic image obviously depends on when it was taken. I'd argue though it's really unlikely to be completely useless, even if someone tried to make it useless.

Share this post


Link to post
Share on other sites
36 minutes ago, OzTitan said:

I guess? but it would be standard procedure for most areas of government to dispose of disks like this, at least those from servers.

 

Images are just data and files. You can do whatever you want to them (except make something "invisible" - it's bit for bit, if it exists on a disk it's being copied too). Any change no matter how small would render it changed from the source, which is provable/testable using cryptographic hashing. Changes can leave trails though, it's all very conditional.

 

Well there would be considerable forensic harm in turning it off and physically handing it to them - as covered, you don't want to lose the volatile memory content from RAM. So you may want to do it yourself if you don't want to move it and it's time critical, and you have the capabilities to do it.

 

How all this relates precisely to the DNC case is hard to say without knowing intimate details or every step taken. The usefulness of even a forensic image obviously depends on when it was taken. I'd argue though it's really unlikely to be completely useless, even if someone tried to make it useless.

1) Especially after all the Foreign countries got what they needed...

2) Hence why you don't show them to anyone else... 

3) Hell, it sat there for a month while being cleaned --- what the heck --- got to get rid of that illegal FISA access

4) Yeah, we should just believe them after all they didn't tap, spy, conspire, or do anything illegal... 👍

Share this post


Link to post
Share on other sites
52 minutes ago, OzTitan said:

I guess? but it would be standard procedure for most areas of government to dispose of disks like this, at least those from servers.

 

Images are just data and files. You can do whatever you want to them (except make something "invisible" - it's bit for bit, if it exists on a disk it's being copied too). Any change no matter how small would render it changed from the source, which is provable/testable using cryptographic hashing. Changes can leave trails though, it's all very conditional.

 

Well there would be considerable forensic harm in turning it off and physically handing it to them - as covered, you don't want to lose the volatile memory content from RAM. So you may want to do it yourself if you don't want to move it and it's time critical, and you have the capabilities to do it.

 

How all this relates precisely to the DNC case is hard to say without knowing intimate details or every step taken. The usefulness of even a forensic image obviously depends on when it was taken. I'd argue though it's really unlikely to be completely useless, even if someone tried to make it useless.

But the timing is impeccable....pure coincidence, Im sure of it!

 

Ok, so maybe let them come and make their own images so it doesnt have to be moved or turned off. 

 

You can slice it anyway you want. But there is never going to be a concrete reason as to why they wouldn't let the FBI get their hands on the original. 

Share this post


Link to post
Share on other sites
1 hour ago, OzTitan said:

I don't understand - what makes you think I believe this? I can't recall saying I don't think the FBI would know to do this. As I stated, images are computer forensics 101, something students would learn about possibly on day 1.

 

*** Taken from the TIMELINE I posted for you ***

 

Every action taken by the DNC --- the secrecy, lack of server access, and material omissions of events... Points to something deeper than outside hacking...

 

I'm particularly troubled by the lack of detail concerning events in 2015...

 

And I find the timing of actions by the DNC extremely coincidental in light of Admiral Rogers' discoveries in late March of 2016...

 

 

Share this post


Link to post
Share on other sites

Accessing the server or handing over the server is a simple minded talking point. Because Trump doesn’t know what he’s talking about, he gives the image  of the FBI coming into an office and physically taking a server. Similar to taking a laptop or desktop computer.

 

In actuality, based on their IT provider or setup, you take one physical server and using VMWare, it becomes multiple servers. The FBI doesn’t need to take a physical server. All they need is a copy of the image.

 

A couple of years ago, my company was moving our 200+ servers to an external cloud provider.  Not one physical server moved from one location to another. They were virtual servers, so everything was a VM copy. After the migration, besides the IP address changing, the majority of users didn’t even know the data center was not even in the same state.

 

Before you talk about taking servers or accessing servers, you really need to understand what a server is in today’s networking environment. 

 

Share this post


Link to post
Share on other sites

It’s funny to me that since I’ve taken the time to read up on this, ask a few questions, and know what I don’t know, I understand fairly well what all you tech guys are talking about at this point. I even brought in a couple of sources saying different than you guys as a manner to bounce off. Fancy that, I had no preconceived notions and was therefore able to ascertain an understanding without bias. 

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.