WTF Community

🇷🇺 All Things Trump/Russia! (Resources)

Here’s an interactive link to bio’s of the Mueller team

2 Likes

Nice! Thanks for the useful tool - will go check it out.

1 Like

Just came across this link…

2 Likes

A new documentary out today Active Measures

Active Measures, a new documentary from director Jack Bryan, would be timely even without the presence of John McCain. And yet the senator, who died of brain cancer less than a week before this film’s August 31st release, adds an additional dose of relevance and urgency to its central thesis: that President Donald Trump and his Russian counterpart Vladimir Putin are far more intertwined than you know.

The fact that there was an attack on the fundamental—the absolute fundamental—a free and fair election, should alarm all of us,” McCain says in the exclusive clip below. He’s referring to the reports from August of 2016 that Russian hackers were targeting voter registration databases in states like Arizona.

3 Likes

Yes, Active Measures is on iTunes! :heart_eyes_cat:

1 Like

Good to know. It is only playing in one theater here…:+1:

Here’s a link to the Jack Bryan Documentary, Active Measures on iTunes :point_down:

2 Likes

Watched it…wow!

2 Likes

@dragonfly9

Wow is right, I watched Active Measures last night. The comparisons between imprisoning the former Ukrainian leader Yulia Tymoshenko and the lock her up chants for Hillary Clinton were stunning. :tired_face:

If you want to learn more, here’s Yuri Bezmenov USSR defector and former KGB propagandist explaining in 1983 how the KGB uses subversion tactics to disrupt other other countries. I watch these videos back to back. Talk about a Friday night double feature!

Note: Since the USSR fell in the 90’s, Russia is no longer comunist/leftist. They are now promoting a more Right wing ideology around the world. So if you watch this just remember that the ideology has flip-flopped and ingnore his more personal views on progressivism and concentrate on the process he is discussing. I know it’s long but he does explain how to stop subversion tactics.

https://youtu.be/5gnpCqsXE8g

I found this through Asha Rangappa’s twitter feed.

5 Likes

NYTimes: From Criminal Convictions to Ethical Lapses: The Range of Misconduct in Trump’s Orbit

2 Likes

Benjamin Wittes speaks with John Sipher about the N.Y. Times story about Russian sources “drying up” on Lawfare podcast. What I found the most insightful about this conversation was John Sipher explaining how difficult it is for US agents to cultivate these sources and his reaction to what is lost when information from these sources appears to dry up. Worth a listen if you enjoy stories about clandestine services.

Episode Summary:

The New York Times reports that CIA human sources in Moscow are drying up: “vital Kremlin informants have largely gone silent, leaving the C.I.A. and other spy agencies in the dark about precisely what [Vladimir] Putin’s intentions are for November’s midterm elections, according to American officials familiar with the intelligence.” The newspaper speculates that this may be because of the political environment in the United States, an environment in which the president tweets about the intelligence community and the Steele dossier, and the House Intelligence Committee goes after human sources and outs them: “[O]fficials also raised the possibility that the outing of an F.B.I. informant under scrutiny by the House intelligence committee—an examination encouraged by President Trump — has had a chilling effect on intelligence collection,” write reporters Julian Barnes and Matthew Rosenberg.

John Sipher knows something about human sources in Moscow. He was stationed there for the CIA in the 1990s and had to deal with sources. And he joined Benjamin Wittes in the Jungle Studio to talk about the fragility of those operations, the plausibility of the New York Times story, and what we could do tamp down negative impacts on intelligence collection.

2 Likes

If you like this article by Craig Unger you will love the book…he just released, House of Trump, House of Putin. Also a very good read on the 30+ Trump-Russian_mob-$$ money story.

2 Likes

New Politico magazine think piece from Molly McKew on the Russian endgame.

It’s chaotic—but chaos is the strategy. Putin’s goal isn’t a puppet president so much as a U.S. society permanently at war with itself. Russia can’t compete in the rules-based international order, but if the American bulwark of that order fractures, a weakened Russia has more space to act as a global power. Its new form of warfighting is evident in the details of special counsel Robert Mueller’s indictments and across the Russian investigation writ large: information warfare conducted by the Internet Research Agency and Russian intelligence; widespread hacking of campaigns and election systems by Russian military hackers; the new informal “illegals,” represented by Mariia Butina and Konstantin Kilimnik, each of whom has been the focus of an indictment.

Now it appears that the metrics of success for the Kremlin’s online campaigns have shifted from likes and clicks to physically mobilizing Americans—and that should worry us, deeply. Multiple lines of effort are underway—targeting us as individuals, as citizens, testing us to see how we react. And right now, unfortunately, they like what they see.

3 Likes

Good review of how Russian money from Oligarchs is going to the GOP.

I checked with Media Bias Fact Check and Dallas News is part of The Dallas Morning News and is a conservative paper. They say they do factual reporting

Updated version May 2018

https://www.dallasnews.com/opinion/commentary/2017/12/15/putins-proxies-helped-funnel-millions-gop-campaigns

August 2017

3 Likes

Putting this article here as well - also here Day 608

A good recap of events that took place…see timeline graphs

2 Likes

In the run up to the 2016 election, when Obama and Brennan are aware that the Russians (directed by Putin) are interfering with the 2016 election, there is a meeting where Brennan tells them -members of the Senate specifically Mitch McConnell etc. that Russia is indeed interfering. But McConnell threatens to claim that Dems intention would be to throw the election, and he wants to not let it be known.

All this from Greg P Miller’s new book “The Apprentice.” Out today Oct 2nd.

3 Likes

Complicated article on the question of whether Alfa Bank, Trump Organization and Spectrum Health were communicating just up to Sept 2016. Dexter Filkins, of the New Yorker does a deep dive into the what may have happened.

I do not fully understand the ins and outs of this, so if someone who wants to decipher, please do.

Excerpts
The hack of the D.N.C. seemed like a pernicious attack on the integrity of the Web, as well as on the American political system. The scientists decided to investigate whether any Republicans had been hacked, too. “We were trying to protect them,” Max said.

Max’s group began combing the Domain Name System, a worldwide network that acts as a sort of phone book for the Internet, translating easy-to-remember domain names into I.P. addresses, the strings of numbers that computers use to identify one another. Whenever someone goes online—to send an e-mail, to visit a Web site—her device contacts the Domain Name System to locate the computer that it is trying to connect with. Each query, known as a D.N.S. lookup, can be logged, leaving records in a constellation of servers that extends through private companies, public institutions, and universities. Max and his group are part of a community that has unusual access to these records, which are especially useful to cybersecurity experts who work to protect clients from attacks.

As Max and his colleagues searched D.N.S. logs for domains associated with Republican candidates, they were perplexed by what they encountered. “We went looking for fingerprints similar to what was on the D.N.C. computers, but we didn’t find what we were looking for,” Max told me. “We found something totally different—something unique.” In the small town of Lititz, Pennsylvania, a domain linked to the Trump Organization (mail1.trump-email.com) seemed to be behaving in a peculiar way. The server that housed the domain belonged to a company called Listrak, which mostly helped deliver mass-marketing e-mails: blasts of messages advertising spa treatments, Las Vegas weekends, and other enticements. Some Trump Organization domains sent mass e-mail blasts, but the one that Max and his colleagues spotted appeared not to be sending anything. At the same time, though, a very small group of companies seemed to be trying to communicate with it.

Examining records for the Trump domain, Max’s group discovered D.N.S. lookups from a pair of servers owned by Alfa Bank, one of the largest banks in Russia. Alfa Bank’s computers were looking up the address of the Trump server nearly every day. There were dozens of lookups on some days and far fewer on others, but the total number was notable: between May and September, Alfa Bank looked up the Trump Organization’s domain more than two thousand times. “We were watching this happen in real time—it was like watching an airplane fly by,” Max said. “And we thought, Why the hell is a Russian bank communicating with a server that belongs to the Trump Organization, and at such a rate?

The D.N.S. records raised vexing questions. Why was the Trump Organization’s domain, set up to send mass-marketing e-mails, conducting such meagre activity? And why were computers at Alfa Bank and Spectrum Health trying to reach a server that didn’t seem to be doing anything? After analyzing the data, Max said, “We decided this was a covert communication channel.”

The Trump Organization, Alfa Bank, and Spectrum Health have repeatedly denied any contact. But the question of whether Max’s conclusion was correct remains enormously consequential. Was this evidence of an illicit connection between Russia and the Trump campaign? Or was it merely a coincidence, cyber trash, that fed suspicions in a dark time?

One remarkable aspect of Foer’s story involved the way that the Trump domain had stopped working. On September 21st, he wrote, the Times had delivered potential evidence of communications to B.G.R., a Washington lobbying firm that worked for Alfa Bank. Two days later, the Trump domain vanished from the Internet. (Technically, its “A record,” which translates the domain name to an I.P. address, was deleted. If the D.N.S. is a phone book, the domain name was effectively decoupled from its number.) For four days, the servers at Alfa Bank kept trying to look up the Trump domain. Then, ten minutes after the last attempt, one of them looked up another domain, which had been configured to lead to the same Trump Organization server.
“I bark and I bark but I never feel like I effect real change.”

Max’s group was surprised. The Trump domain had been shut down after the Times contacted Alfa Bank’s representatives—but before the newspaper contacted Trump. “That shows a human interaction,” Max concluded. “Certain actions leave fingerprints.” He reasoned that someone representing Alfa Bank had alerted the Trump Organization, which shut down the domain, set up another one, and then informed Alfa Bank of the new address.

A week after the Times story appeared, Trump won the election. On Inauguration Day, Liz Spayd, the Times’ ombudsman, published a column criticizing the paper’s handling of stories related to Trump and Russia, including the Alfa Bank connection. “The Times was too timid in its decisions not to publish the material it had,” she wrote. Spayd’s article did not sit well with Baquet. “It was a bad column,” he told the Washington Post. Spayd argued that Slate had acted correctly by publishing a more aggressive story, which Baquet dismissed as a “fairly ridiculous conclusion.” That June, Spayd’s job was eliminated, as the paper’s publisher said that the position of ombudsman had become outdated in the digital age. When I talked to Baquet recently, he still felt that he had been right to resist discussing the server in greater depth, but he acknowledged that the Times had been too quick to disclaim the possibility of Trump’s connections to Russia. “The story was written too knowingly,” he said. “The headline was flawed. We didn’t know then what we know now.”

Trump’s advocates claimed that the investigations sponsored by Alfa Bank had proved that Alfa and the Trump Organization were not communicating. In fact, they sidestepped the question. Mandiant, one of the cybersecurity firms, said that it was unable to inspect the bank’s D.N.S. logs from 2016, because Alfa retained such records for only twenty-four hours. The other firm, Stroz Friedberg, gave the same explanation for why it, too, was “unable to verify” the data.

For some, the most baffling part of the puzzle was the way that the lookups stopped. The Trump domain vanished from the Web on the morning of Friday, September 23rd, two days after the Times presented its data to B.G.R., Alfa Bank’s lobbyists in Washington, but before it called Trump or Cendyn. In Max’s view, this was evidence of direct contact between Alfa Bank and Trump. One researcher whom Foer interviewed put it vividly: “The knee was hit in Moscow, the leg kicked in New York.” There is, however, at least one possibility that doesn’t involve Moscow: the lobbyists in Washington could have passed along a warning to Trump, as a courtesy. But B.G.R. denies doing this, calling the idea “ridiculous on its face.”

If Trump and Alfa Bank—as well as Spectrum Health and Heartland Payment Systems—were communicating, what might they have been talking about? Max and some of the other scientists I spoke to theorized that they may have been using the system to signal one another about events or tasks that had to be performed: money to be transferred, for instance, or data to be copied. “My guess is that, whenever someone wanted to talk, they would do a D.N.S. lookup and then route the traffic somewhere else,” Richard Clayton, of the University of Cambridge, said. Camp also speculated that the system may have been used to coördinate the movement of data. She noted that Cambridge Analytica, which was working for the Trump campaign, took millions of personal records from Facebook. In Camp’s scenario, these could have been transferred to the Russian government, to help guide its targeting of American voters before the election.

The researchers I spoke with were careful to point out that the limits of D.N.S. data prevent them from going beyond speculation.If employees of the companies were talking, the traffic reveals nothing about who they were or what they were saying; it is difficult to rule out something as banal as a protracted game of video poker. “If I’m a cop, I’m not going to take this to the D.A. and say we’re ready to prosecute,” Leto said. “I’m going to say we have enough to ask for a search warrant.” More complete information could be difficult to obtain. This March, after Republicans on the House Intelligence Committee announced that it had found no evidence of collusion between the Trump campaign and Russia, the committee’s Democrats filed a dissent, arguing that there were many matters still to be investigated, including the Trump Organization’s connections to Alfa Bank. The Democrats implored the majority to force Cendyn to turn over computer data that would help determine what had happened. Those records could show who in the Trump Organization used the server. There would probably also be a record of who shut down the Trump domain after the Times contacted Alfa Bank. Cendyn might have records of any outgoing communications sent by the Trump Organization. But the request for further investigation is unlikely to proceed as long as Republicans hold the majority. “We’ve all looked at the data, and it doesn’t look right,” a congressional staffer told me. “But how do you get to the truth?”

The enigma, for now, remains an enigma. The only people likely to finally resolve the question of Alfa Bank and the Trump Organization are federal investigators. Max told me that no one in his group had been contacted. But, he said, it wasn’t necessary for anyone in the F.B.I. to talk to him, if the agents gathered the right information from other sources, like Listrak and Cendyn. “I hope Mueller has all of it,” he said. :diamonds:

2 Likes

The original story from October 2016, Slate explains the DNS server activity a little better than The New Yorker story.

Hunting for malware requires highly specialized knowledge of the intricacies of the domain name system—the protocol that allows us to type email addresses and website names to initiate communication. DNS enables our words to set in motion a chain of connections between servers, which in turn delivers the results we desire. Before a mail server can deliver a message to another mail server, it has to look up its IP address using the DNS. Computer scientists have built a set of massive DNS databases, which provide fragmentary histories of communications flows, in part to create an archive of malware: a kind of catalog of the tricks bad actors have tried to pull, which often involve masquerading as legitimate actors. These databases can give a useful, though far from comprehensive, snapshot of traffic across the internet. Some of the most trusted DNS specialists—an elite group of malware hunters, who work for private contractors—have access to nearly comprehensive logs of communication between servers. They work in close concert with internet service providers, the networks through which most of us connect to the internet, and the ones that are most vulnerable to massive attacks. To extend the traffic metaphor, these scientists have cameras posted on the internet’s stoplights and overpasses. They are entrusted with something close to a complete record of all the servers of the world connecting with one another.

Earlier this month, the group of computer scientists passed the logs to Paul Vixie. In the world of DNS experts, there’s no higher authority. Vixie wrote central strands of the DNS code that makes the internet work. After studying the logs, he concluded, “The parties were communicating in a secretive fashion. The operative word is secretive. This is more akin to what criminal syndicates do if they are putting together a project.” Put differently, the logs suggested that Trump and Alfa had configured something like a digital hotline connecting the two entities, shutting out the rest of the world, and designed to obscure its own existence.

Read More Here :point_down:

Personal Note:
This is also the story that bugged me so much when first read it, I felt compelled to keep following the whole Trump/Russia connection. Two years later, later here we all are… :woman_shrugging:t2:

3 Likes

Infuriating…and built around Secretive = plausible denial = so far full denial.

Curious that Alfa Bank was the only contact that tried to reach the new T server…

Then areas which should be able to be transparent like server addresses have been queried.

Didn’t the some of the Cyber Security team leave the FBI?..You wonder if these guys helped on the investigation. And Mueller’s team lost one too…

Three top cybersecurity officials at the FBI are stepping down, The Wall Street Journal reported, citing people familiar with the matter.

The departures come at a particularly sensitive time for cybersecurity concerns in the U.S. as special counsel Robert Mueller investigates Russian interference in the 2016 election and top intelligence officials warn of continued Kremlin attempts to attack the American election system.

The Journal reported that David Resch, a cybersecurity head in the agency’s division that handles investigating financial crime and organized crime; Scott Smith, assistant FBI director and head of the Bureau’s cyber division; and Smith’s deputy, Howard Marshall, have either already departed or will leave within the month.

We need more cyber security experts from within FBI/Mueller’s team rather than fewer…:zipper_mouth_face:

2 Likes

We do know that the Mueller team does not leak to the press, making it hard to gage where and what they have investigated thus far. While what we’re reading is intriguing, it may not reflect on what is pertainant to the federal investigators. Fascinating none the less.

2 Likes