COURTESY of NSA WHISTLEBLOWER BILL BINNEY
How to Instantly Prove or Disprove Russian Hacking
by WashingtonsBlog / November 14, 2017
“It’s newsworthy that CIA head Mike Pompeo recently met with Bill Binney – who designed the NSA’s electronic surveillance system – about potential proof that the DNC emails were leaked rather than hacked. It’s also noteworthy that the usual suspects – Neocon warmongers such as Max Boot – have tried to discredit both Binney and Pompeo. But there’s a huge part of the story that the entire mainstream media is missing. Specifically, Binney says that the NSA has long had in its computers information which can prove exactly who hacked the DNC … or instead prove that the DNC emails were leaked by a Democratic insider. Remember – by way of background – that the NSA basically spies on everyone in America … and stores the data long-term.
After the story of Pompeo’s meeting with Binney broke, Binney told Washington’s Blog:
Here’s what they would have from the programs you list [i.e. NSA’s Fairview, Stormbrew and Blarney spying programs, which Edward Snowden revealed] plus hundreds if not thousands of trace route programs embedded in switches in the US and around the world.
First, from deep packet inspection, they would have the originator and ultimate recipient (IP) of the packets plus packet series 32 bit number identifier and all the housekeeping data showing the network segments/path and time to go though the network.
— Matt Couch 🔸 (@RealMattCouch) September 15, 2017
And, of course, the number of packet bits. With this they would know to where and when the data passed. From the data collection, they would have all the data as it existed in the server taken from. That’s why I originally said if the FBI wanted Hillary’s email, all they have to do is ask NSA for them. All this is done by the Narus collection equipment in real time at line rates (620 mbps [mega bits per second,] for the STA-6400 and 10 gbps [giga bits per second] for the Insight equipment).
Binney explained what these numbers mean: Each Narus Insight device can monitor and record around 1,250,000 emails each second … or more than 39 trillion emails per year. Wired reported in 2006:
Whistle-blower Klein allegedly learned that AT&T was installing Narus boxes in secure, NSA-controlled rooms in switching centers around the country.
Binney told us there are probably 18 or so Narus recording systems throughout the U.S. deployed by the NSA at AT&T facilities, drawing our attention to the following NSA document leaked by Edward Snowden:
And this AT&T graphic:
(Binney has figured out their locations from publicly-available sources. He has also mapped out similar monitoring systems at Verizon facilities.) Binney also sent me hard-to-find company literature for Narus. Here are some interesting excerpts:
Narus Insight …
- Provides full visibility into network traffic …
- Analyzes at macro or micro level targeting specific or aggregate full-packet data for forensic analysis
Universal data collection from links, routers, soft switches, IDS/IPS, databases, etc. provides total network view across the world’s largest IP networks.
Binney also pointed me towards a couple of network engineering principles that show that figuring out who hacked the emails (or proving they were leaked) is well within NSA’s capabilities. Initially, when data is transmitted online, it is sent using the TCP/IP Packet format. Put simply, data is not sent in a vacuum, but rather as part of a bundle containing a lot of other information. Here’s the TCP part of the bundle:
And here’s the IP part of the bundle:
So any data analyst can learn a tremendous amount about the source address of the sender, the destination address of the receiver and a boatload of other information by using a “packet sniffer” to inspect the “packets” of information being sent over the web. Additionally, it’s simple to conduct “traceroute” searches. “Traceroute” is a computer network diagnostic tool for displaying the route and measuring transit delays of packets across an Internet Protocol network. Wired reported in 2006:
“Anything that comes through (an internet protocol network), we can record,” says Steve Bannerman, marketing vice president of Narus, a Mountain View, California, company. “We can reconstruct all of their e-mails along with attachments, see what web pages they clicked on, we can reconstruct their (voice over internet protocol) calls.”
So NSA can easily use basic packet sniffers and traceroutes, and see this. Remember, Edward Snowden says the NSA could easily determine who hacked the Democratic National Committee’s emails:
Even if the attackers try to obfuscate origin, #XKEYSCORE makes following exfiltrated data easy. I did this personally against Chinese ops.
— Edward Snowden (@Snowden) July 25, 2016
Binney told us:
Snowden is right and the MSM is clueless. Do they have evidence that the Russians downloaded and later forwarded those emails to wikileaks? Seems to me that they need to answer those questions to be sure that their assertion is correct… You can tell from the network log who is going into a site. I used that on networks that I had. I looked to see who came into my LAN, where they went, how long they stayed and what they did while in my network…
Further, if you needed to, you could trace back approaches through other servers etc. Trace Route and Trace Watch are good examples of monitoring software that help do these things. Others of course exist … probably the best are in NSA/GCHQ and the other Five Eyes countries. But, these countries have no monopoly on smart people that could do similar detection software.
If it were the Russians, NSA would have a trace route to them and not equivocate on who did it. It’s like using “Trace Route” to map the path of all the packets on the network. In the program Treasuremap NSA has hundreds of trace route programs embedded in switches in Europe and hundreds more around the world. So, this set-up should have detected where the packets went and when they went there.
As Edward Snowden said, once they have the IP’s and/or other signatures of 28/29 [the supposed Russian hacking groups] and DNC/HRC/etc. [i.e. the DNC and Hillary Rodham Clinton], NSA would use Xkeyscore to help trace data passing across the network and show where it went. [Background.]
WikiLeaks offers a $20,000 reward over the murder of Democrat staffer Seth Rich https://t.co/S4MQUTaDK6
— The Telegraph (@Telegraph) August 11, 2016
In addition, since Wikileaks is (and has been) a cast iron target for NSA/GCHQ/etc for a number of years there should be no excuse for them missing data going to any one associated with Wikileaks… Too many words means they don’t have clear evidence of how the data got to Wikileaks.
And he stressed:
If the idiots in the intelligence community expect us to believe them after all the crap they have told us (like WMD’s in Iraq and “no we don’t collect data on millions or hundreds of millions of Americans”) then they need to give clear proof of what they say. So far, they have failed to prove anything. Which suggests they don’t have proof and just want to war monger the US public into a second cold war with the Russians. After all, there’s lots and lots of money in that for the military-industrial-intelligence-governmental complex of incestuous relationships…
— LIZ THE🌪IS HERE‼️🍕 (@LizCrokin) November 14, 2017
If you recall, a few years ago they pointed to a specific building in China that was where hacks on the US were originating. So, let’s see the same from the Russians. They don’t have it. That’s why they don’t show it. They want to swindle us again and again and again. You cannot trust these intelligence agencies period.
And he told Newsweek:
U.S. officials “know how many people [beyond the Russians] could have done this but they aren’t telling us anything. All they’re doing is promoting another cold war.”
Binney … compared allegations about Russian hacks to previous U.S. fabrications of intelligence to justify the invasion of Iraq in 2003 and the bombing of North Vietnam in 1964. “This is a big mistake, another WMD or Tonkin Gulf affair that’s being created until they have absolute proof” of Russian complicity in the DNC hacks, he charged during a Newsweek interview. He noted that after the Kremlin denied complicity in the downing of a Korean Airlines flight in 1983, the U.S. “exposed the conversations where [Russian pilots] were ordered to shoot it down.” Obama officials “have the evidence now” of who hacked the DNC, he charged. “So let’s see it, guys.“
— NT (@NewTemplar77) May 22, 2017
NSA either doesn’t have solid evidence of Russian hacking of DNC emails – which means the Russians didn’t do it – or those with the power to demand NSA produce the evidence simply haven’t asked the right questions.”
HOW to RUN a TRACEROUTE (cont.)
SEXUAL BLACKMAIL in GOVERNMENT