So Trump made so many horrifying comments in Helsinki that some stuff passed without anyone having the time to notice. I did. Because I’ve now worked for over two years as head of cloud sales at an IT company, providing more or less that particular service. And as a funny side twist, the company is in fact based in Helsinki, even though I’m not.
When asked about the Russian attack on the U.S., his response was as almost always to ramble about Hillary Clinton, and the DNC server.
”You have groups that are wondering why the FBI never took the server—haven’t they taken the server. Why was the FBI told to leave the office of the Democratic National Committee?
I’ve been wondering that, I’ve been asking that for months and months and I’ve been tweeting it out and calling it out on social media.
Where is the server?
I want to know where is the server and what is the server saying?”
Journalists are so tired of this extreme whataboutism that even Anderson Cooper just called it ”Hillary Clinton’s server” without even bothering to unpack any of it, and it’s understandable that they don’t want to go down that rabbit hole but instead keep the focus on what actually matters.
But it was never about ”Hillary’s server”. It was about the DNC’s server.
The way that not only Trump but also his minions like Trey Gowdy speak of it, it brings an image to mind of a dark corner far away in an attic or a tower, where there would be a dusty server tucked away much like Aurora’s parents tried to hide away all the kingdom’s spinning wheels. It’s sitting there, waiting to be found, filled with intriguing secrets.
”What is the server saying?”
The tale of the DNC server merits being discussed, even though it’s not the most important topic of today, because there are several interesting angles to it. Not to the server per se. But to the tale.
First, the facts:
There was no single physical server. There was a private-hosted cloud-based system with a third party provider. We don’t know which, but it seems to be very similar to that we provide where I work and in companies like the one where I work.
So you obviously don’t rent a physical computer, but infrastructure in the shape of virtual machines (VMs). And they can be located anywhere, in theory. A VM is what it sounds like. A program that imitates a physical server. And the fact is that unless someone had actually broken or snuck into the server hall and left marks or finger prints, the computer in itself is completely irrelevant. What does matter is the entire network, the digital content and the context surrounding it.
What happened after the DNC was hacked by the Russian government in order to support the election of Donald Trump on the very day that Trump asked them to through the infamous ”Russia, if you’re listening …” plea, was that the DNC contacted the FBI to make sure the crime was investigated, and they also, simultaneously, contacted a security company called CrowdStrike to get help to ensure this would never happen again. CrowdStrike created ”a complete image including a memory dump of everything that was in the memory of the server at the time, including traffic and connections at the time”, says Professor Thomas Rid at John Hopkins. Do read the whole article in the link, because the analysis is interesting even though not very surprising to anyone who knows anything about IT. Also, check out Politifact’s debunking for more info!
But Trump is somehow insinuating that the DNC were not cooperating with the FBI, thereby trying to move the blame from himself to the actual victims. Pretty much like when a alleged rapist blames the victim for not cooperating with the police, insinuating that she had something to hide.
But the FBI got the image, for all we know, and that helped them to, if not catch, at least name the intruders in their indictment. Therefore, there is no criticism from anyone actually involved towards neither the DNC nor the security company nor FBI.
It’s true that Comey, as well as other senior law enforcement officials, had previously said that the DNC rebuffed requests for direct access to the servers. But those familiar with FBI procedures insist that it is far from unusual for the agency to forego physically obtaining servers targeted by an attack. The former special agent in charge of the FBI’s New York field office cyber division, Leo Taddeo, told the Hill last year that “In nine out of 10 cases, we don’t need access, we don’t ask for access, we don’t get access. That’s the normal [procedure]. It’s extraordinarily rare for the FBI to get access to the victim’s infrastructure because we could mess it up.”
Taddeo added that direct access would be unnecessary “unless there was a reason to think the victim was going to alter the evidence in some way,” while another intelligence official told the Hill that CrowdStrike was “pretty good.”
Concluding: ”The president unsurprisingly either has no idea how digital forensics work or is playing stupid.”
And finally there’s the fun/sad/bizarre part where the leader of the free world, with access to the most advanced intelligence ever known says: ”for months and months and I’ve been tweeting it out and calling it out on social media”.
Social Media is where all the answers to all the intelligence mysteries in the world are to be found.
If you shout out your questions on Twitter, some day, someone will tweet the answer:
”The server is in the highest tower in a hidden castle near a river close to a willow tree with the face of Barack Obama, guarded by six golden dragons that will let you enter if you say Hillary Clinton three times backwards.”