Stories Claiming DNC Hack Was 'Inside Job' Rely Heavily On A Stupid Conversion Error No 'Forensic Expert' Would Make

from the don't-trust-anonymous-sources-unless-you-agree-with-them dept

While we wait for the Mueller investigation to clearly illustrate if and how Russia meddled in the last election, there's no shortage of opinions regarding how deep this particular rabbit hole goes. While it's pretty obvious that Putin used social media and media propaganda to pour some napalm on our existing bonfires of dysfunction, just how much of an impact these efforts had on the election won't be clear until a full postmortem is done. Similarly, while Russian hackers certainly had fun probing our voting systems and may have hacked both political parties, clearly proving state involvement is something else entirely.

Quite fairly, many folks have pushed for caution in terms of waiting for hard evidence to emerge, highlighting the danger in trusting leaks from an intelligence sector with a dismal track record of integrity and honesty. There's also the obvious concern of ramping up tension escalation between two nuclear powers. But last week, many of those same individuals were quick to highlight several new stories that claimed to "completely debunk" Russia's involvement in hacking the DNC ahead of last year's election. The problem? These reports were about as flimsy -- if not flimsier -- than the Russian hacking theories they supposedly supplanted.

In fact, these reports took things one step further by claiming that the hack of the DNC was something committed solely by someone within the DNC itself. This particularly overlong, meandering piece by The Nation, for example, claimed to cite numerous anonymous intelligence sources who have supposedly grown increasingly skeptical over the "Russian hacking narrative." Quite correctly, the report starts out by noting that while there's oodles and oodles of smoke regarding Putin's involvement in the election hacks, the fire (hard evidence) has been hard to come by so far:

"Lost in a year that often appeared to veer into our peculiarly American kind of hysteria is the absence of any credible evidence of what happened last year and who was responsible for it. It is tiresome to note, but none has been made available. Instead, we are urged to accept the word of institutions and senior officials with long records of deception. These officials profess “high confidence” in their “assessment” as to what happened in the spring and summer of last year—this standing as their authoritative judgment.

But it's then that's where things get a little weird. The report repeatedly proclaims that a laundry list of anonymous "forensic investigators, intelligence analysts, system designers, program architects, and computer scientists of long experience and strongly credentialed" have been hard at work "producing evidence disproving the official version of key events last year." But one of the key conclusions by these experts -- and a key cornerstone for of all of these stories -- makes absolutely no sense.

The reports lean heavily on anonymous cybersecurity experts calling themselves "Forensicator" and "Adam Carter," who purportedly took a closer look at the metadata attached to the stolen files. Said metadata, we're breathlessly informed, indisputably proves that the data had to have been transferred from inside of the DNC network and not over the internet, since the internet isn't supposedly capable of such transfer speeds:

"Forensicator’s first decisive findings, made public in the paper dated July 9, concerned the volume of the supposedly hacked material and what is called the transfer rate—the time a remote hack would require. The metadata established several facts in this regard with granular precision: On the evening of July 5, 2016, 1,976 megabytes of data were downloaded from the DNC’s server. The operation took 87 seconds. This yields a transfer rate of 22.7 megabytes per second. These statistics are matters of record and essential to disproving the hack theory. No Internet service provider, such as a hacker would have had to use in mid-2016, was capable of downloading data at this speed . Compounding this contradiction, Guccifer claimed to have run his hack from Romania, which, for numerous reasons technically called delivery overheads, would slow down the speed of a hack even further from maximum achievable speeds."

That reads like a semi-cogent paragraph, but it's largely nonsense. 22.7 megabytes per second (MB/s) sounds impossibly fast if you don't know any better. But if you do the simple conversion from megabytes per second to megabits per second necessary to determine the actual speed of the connection used, you get a fairly reasonable 180 megabits per second (Mbps). While the report proclaims that "no internet service provider" can provide such speeds, ISPs around the world routinely offer speeds far, far faster -- from 500 Mbps to even 1 Gbps.

And despite the report oddly pooh pooh'ing Romanian broadband's "delivery overheads," many Romanian cities actually have faster internet connectivity than either Russia or in the States (check out Akamai's global broadband rankings). Bernie Sanders learned this last year when he unintentionally pissed off many Romanians when trying to highlight the dismal state of U.S. connectivity. Even then, the hacker in question could have used any number of tricks to hide his or her location and real identity from a high-bandwidth vantage point, so the claim that the hacker couldn't achieve 180 Mbps through a VPN is simply nonsense.

Obviously this raises some questions about what kind of cyber-sleuths we're talking about when they can't do basic conversions or look at some fairly obvious broadband speed availability charts. And it also raises some questions about why reporters thought flimsy anonymous experts were the perfect remedy to the other flimsy anonymous leaks they hoped to debunk. While The Nation couldn't even be bothered to do the simple calculation to determine the speed of the connection used by the hacker was relatively ordinary, in a story titled "Why Some U.S. Ex-Spies Don't Buy the Russia Story," Bloomberg actually did the conversion to get the 180 Mbps speed, and still somehow told readers that such speeds were impossible:

"The VIPS theory relies on forensic findings by independent researchers who go by the pseudonyms "Forensicator" and "Adam Carter." The former found that 1,976 MB of Guccifer's files were copied from a DNC server on July 5 in just 87 seconds, implying a transfer rate of 22.6 megabytes per second -- or, converted to a measure most people use, about 180 megabits per second, a speed not commonly available from U.S. internet providers . Downloading such files this quickly over the internet, especially over a VPN (most hackers would use one), would have been all but impossible because the network infrastructure through which the traffic would have to pass would further slow the traffic."

Yes, all but impossible! Provided you ignore that DOCSIS 3.1 cable upgrades and fiber connections deliver speeds consistently faster than that all around the world every day -- including Romania. False claims and sloppy math aside, after the Bloomberg column ran, several actual, identifiable intelligence experts also came forward doubting the legitimacy of the supposed intelligence sources for these stories altogether:

Where else besides twitter can you find two former CIA officers with experience in Russia knocking down a dodgy Bloomberg column? pic.twitter.com/t9zPk7tGG9 — southpaw (@nycsouthpaw) August 12, 2017

Surrounded by raised eyebrows, The Nation is now apparently reviewing its story for accuracy after numerous people highlighted that a major cornerstone of the report was little more than fluff and nonsense. Bloomberg has so far failed to follow suit.

So again, there's certainly every reason to not escalate hostility between the United States and Russia with many details still obfuscated and investigations incomplete. And there's also every reason to view reports leaning heavily on anonymous intelligence insiders skeptically after generations of distortions and falsehoods from those same agencies. That said, if you want to debunk the anonymous claims of a growing number of intelligence insiders who claim Russia played pinball with our electoral process, perhaps running into the arms of even more unreliable, anonymous intelligence sources -- without checking your math -- isn't your best path toward the truth.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community. Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis. While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: bandwidth, dnc, election, hack, math, russia