One Article Review
| Source |  Errata Security |
|---|---|
| Identifiant | 3587242 |
| Date de publication | 2021-10-31 01:54:29 (vue: 2021-10-31 06:05:39) |
| Titre | Debunking: that Jones Alfa-Trump report |
| Texte | The Alfa-Trump conspiracy-theory has gotten a new life. Among the new things is a report done by Democrat operative Daniel Jones [*]. In this blogpost, I debunk that report.If you'll recall, the conspiracy-theory comes from anomalous DNS traffic captured by cybersecurity researchers. In the summer of 2016, while Trump was denying involvement with Russian banks, the Alfa Bank in Russia was doing lookups on the name "mail1.trump-email.com". During this time, additional lookups were also coming from two other organizations with suspicious ties to Trump, Spectrum Health and Heartland Payments.This is certainly suspicious, but people have taken it further. They have crafted a conspiracy-theory to explain the anomaly, namely that these organizations were secretly connecting to a Trump server.We know this explanation to be false. There is no Trump server, no real server at all, and no connections. Instead, the name was created and controlled by Cendyn. The server the name points to for transmitting bulk email and isn't really configured to accept connections. It's built for outgoing spam, not incoming connections. The Trump Org had no control over the name or the server. As Cendyn explains, the contract with the Trump Org ended in March 2016, after which they re-used the IP address for other marketing programs, but since they hadn't changed the DNS settings, this caused lookups of the DNS name.This still doesn't answer why Alfa, Spectrum, Heartland, and nobody else were doing the lookups. That's still a question. But the answer isn't secret connections to a Trump server. The evidence is pretty solid on that point.Daniel Jones and Democracy Integrity ProjectThe report is from Daniel Jones and his Democracy Integrity Project.It's at this point that things get squirrely. All sorts of right-wing sites claim he's a front for George Soros, funds Fusion GPS, and involved in the Steele Dossier. That's right-wing conspiracy theory nonsense.But at the same time, he's clearly not an independent and objective analyst. He was hired to further the interests of Democrats.If the data and analysis held up, then partisan ties wouldn't matter. But they don't hold up. Jones is clearly trying to be deceptive.The deception starts by repeatedly referring to the "Trump server". There is no Trump server. There is a Listrak server operated on behalf of Cendyn. Whether the Trump Org had any control over the name or the server is a key question the report should be trying to prove, not a premise. The report clearly understands this fact, so it can't be considered a mere mistake, but a deliberate deception.People make assumptions that a domain name like "trump-email.com" would be controlled by the Trump organization. It's wasn't. When Trump Hotels hired Cendyn to do marketing for them, Cendyn did what they normally do in such cases, register a domain with their client's name for the sending of bulk emails. They did the same thing with hyatt-email.com, denihan-email.com, mjh-email.com, and so on. What clear is that the Trump organization had no control, no direct ties to this domain until after the conspiracy-theory hit the press.Finding #1 - Alfa Bank, Spectrum Health, and Heartland account for nearly all of the DNS lookups for mail1.trump-email.com in the May-September timeframe.Yup, that's weird and unexplained.But it concludes from this that there were connections, saying the following:In the DNS environment, if "computer X" does a DNS look-up of "Computer Y," it means that "Computer X" is trying to connect to "Computer Y".This is false. That's certain |
| Envoyé | Oui |
| Condensat | *thus 133 2009 2015 2016 2017 216 about accept accepting accepts accordingly account action actually additional address after again agent alfa all allegation allegations allowed allowing also among analysis analyst anomalies anomalous anomaly another answer any anybody anything app apple approximately are aren asked assume assumption assumptions attempt august aware back back:“followed bad bank banks based because become been before behalf behave being better between blogpost bogus both built bulk business but called calling came can canceled cannot captured carefully case cases cause caused cendyn cendyn/listrak central certainly changed check claim claims clear clearly client clients coincidence com com domain com had com with come comes coming common communications company compare compared comparing comparison computer concerned concludes conclusion conclusionin conduct conferences confidence configuration configured confirmed connect connecting connection connections considered consistency consistent conspiracy contact contacting contract contradictory control controlled coordinating coordinationthe correctly could couldn course crafted create created curated customer customer1 cybersecurity daniel data days debunk debunked debunking: deceive deception deceptive deleted deletes deletion deliberate deliberately demanded democracy democrat democrats demonstrates demonstration denihan denying described designed did didn difference different direct disprove dmarc dns documents does doesn doing domain domain denihan domains don done dossier doubt during dynamics easy else email emails ended entire entity environment even everything evidence example excellent exhibit exist exists expect explain explained explains explanation explanation: explanations fact fail false far fbi find finding findings findingsafter first fix foer following:in following:on footnoted found franklin from from daniel front full fundamental funds further fusion george get getting going gotten gps grilled guess had hadn happen happened has have health heartland held here hired his hit hold hotel hotels how human hyatt idea identify identity includes inclusive incoming incompetence incompleteduh inconclusive indeed independent indicate infrastructure insist instead integrity interaction interests investigate involve involved involvement isn job jone jones jones and just key kicked knee know knowing knowingly lacked language leg less life like lingering link list listrak listrak/cendyn live logs longer look lookups lot lots made mail1 main make makes mandiant manner march marketing mass matching matter may mean means meetings mere merely messages misconfigurations missing mistake mjh more moreover morning moscow most name namely names nearly need never new news nobody none nonsense normal normally not note notes nothing now now:this nyt objective observed obviously offices often old one only operated operative opposite orange order org organization organizations other otherwise out outgoing over part partisan passing payments people perfectly phrase picture place point points premise premises press pretty probably problem programs project projectthe promoting proof proper properly prove proves proving public pumping purpose purposes queries question question the quite quoted rather real really reason recall receiving record records recordthe reference referring refute refuted register registered reject rejected rejects removed repeatedly report report: reported reporters repurposed repurposes reputations researchers resources review right russia russian same same:the say saying schedule secret secretly see send senders sendersthe sending sends september server servers set settings should show showing shown shows simply since sites slate article solid some somebody somehow someone something soros sorts spam spammer spammers specific spectrum spf squirrely standards started starts statements steele stories struck stuff subnet subset such suggesting summer suspicious switched systems taken tell test text than that |
| Tags | |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.