Give me one reason why they wouldn't

He should have pointed out the Russian hacking and all the other peculiarities mentioned instead of firing people.

Last edited Sun Jun 25, 2017, 01:30 PM - Edit history (1)

Even though I think he believed they had no ill intent. That happens in life as well as politics. Sanders was under a ton of pressure to fire them because they made some on the spot decisions that it was difficult for the Sanders campaign to defend, which would have hurt the Sanders campaign at that moment in time if he had tried to shield them from the consequences of their impromptu choices. He made the right call, I think the fired staffers probably understood that also - it's called falling on your sword.

(supposedly) didn't do? Are you sure? I thought Bernie was for the little guy.

I said they probably understood why they were fired, not that they appreciated being fired. And I said that they were understandably fired for what they did do, even if their intent wasn't malicious.

valor and sacrifice for their cause type of verbiage, taking the focus off being wrongfully fired. That didn't seem plausible. Thanks for the further explanation of your point.

even for a Bernie devotee.

I don't want to go back and relitigate the original incident. I don't think that it is important that we have to find total agreement on it. The employees I believe offered explanations for their actions. Even if one accepted those at face value, however, they made a poor decision that required their removal from the campaign. I'm sure they understood that, if they wanted Bernie to succeed.

Did you intend your comment to sound like a slur against me, even from a Bernie detractor?

which looks like a slur there.

First, the question I asked was honest - "did you intentionally mean to slur me?" I allowed for the possibility of a misunderstanding. You wrote: "Yeah, making it an act of valor or honor to get fired seems like a stretch, even for a Bernie devotee". One interpretation of that could be seen as "Crazy as Bernie devotees such as you often are, I was surprised at reading a position that seemed that extreme." I also wasn't sure if you were grouping Bernie supporters as devotees.

On reflection, reading your reply, I believe your point was simply that you had a hard time believing that even the most crazed backer of Sanders would equate their firing with valor. I apologize for my misreading. Honest I intentionally chose "detractor" as the mildest contrasting term I could think of - in the context of my question. I gladly retract that.

Thanks again for calmly seeking a clarification.

decided to go exploring in Hillary's data, and save some of her data to their files.

Like if we saw a neighbor's door open, we don't take the opportunity to look around inside and open their desk drawers to see what's there.

If someone breaks into your home and then leaves your door open when they leave, it is still stealing if someone else comes in and takes stuff.

That isn't far out there considering the timing. Gucifer has even mentioned that Uretskys actions were clearly intentional.

cause and explanation to a lot of what transpired. It makes a lot of sense, especially in the bigger picture.

Thanks for that great link!

That looks even stranger than firing people.

Why blame the DNC for this instead of calling out the Russian hacking...?

Rather than just take the L and embarrassment, the campaign decided to go on the offensive distracting from the original crime. It was a useful tool in pushing the narritive of Bernie being an outsider vs. a colluding Clinton and the DNC.

Remember that the DNC had at first, understandably after that event, denied the Sanders campaign access to the DNC databases. With the DNC-Clinton collusion rhetoric heating up, this lawsuit was a vehicle to suggest the DNC was playing favorites.

What he was reacting to was that the honest thing to do if you found the wall down was to immediately notify both the DNC and Bernie's campaign manager AND to not look at anything .

Yes, I realize that would take a lot of will power. It is similar to finding a store that was unlocked. Would you be arrested if you went in and took stuff?

They still stole data from someone else's servers.

Also, even if the Russians had done what's claimed here, I don't see how Bernie would know that. That would have looked worse too. As is he was able to do the right thing in firing them, and also somehow turn the scandal to make the Clinton campaign and DNC look like the bad guys to a lot of people. It was kind of crazy.

I have been thinking about this also, but had not thought of a constructive way to raise the issue that didn't risk sounding like sour grapes and refighting the primaries. We all were being played, why wouldn't we be? The Russians were on a lot of fishing trips, if they could get us to blame each other over them, all the better.

I'm glad that you understood I was trying to speak "constructively" here, and to put the focus on the Russian meddling, rather than the all-too-human response to it.

One had pledged not to peek into other campaign's proprietary data - which I assume would include NOT downloading it - while the other made no such pledge.

A lot of really weird stuff going on, for sure.

investigated the situation and determined that the Clinton people did not do the same thing.

Did he stumble upon the vulnerability or was he directed?

"You may remember Josh Uretsky, the national data director for Sander’s presidential campaign. He was fired in December, 2015 after improperly accessing proprietary data in the DNC system. As it was agreed, he was intentionally searching for voter information belonging to other campaigns."

https://www.google.com/amp/s/www.forbes.com/sites/thomasbrewster/2016/09/13/hacker-guccifer-2-0-dnc-hacker-london-slags-tech-companies/amp/

run its course, we're likely to find out, one way or another.

Thanks for posting this update, pnwmom

Let's come together and beat the GOP.
The republicans are the enemy.

Got it?

Good.

Thank you.

Thank you very much.

But they had already swallowed the HRC is evil look aide and felt that any means necessary was okay. It kind of blew my mind because I thought they were all about integrity. Nope. It was about beating her.

...and for many years before that on liberal social justice causes -- we didn't get together that often any more, maybe once a month or so, but we had lunch just a few weeks before the election, and I was utterly appalled at the shit she was saying about Hillary.

And I have not reached out to her in all the months since then.

And their techs screwed up. The contractor admitted it.

They did this multiple times as well. Only once was it "taken advantage of". And even that wasn't much.

Let's please not devolve into conspiracy theories around here, okay?

and poked around in it -- for months. The contractor screwed up no matter what -- even if the only mistake was in writing code that Guccifer could hack.

This isn't a conspiracy theory.

Further, Guccifer 1.0 is a well known liar. He bragged about hacking a lot of things that he didn't, including Hillary's email server.

While "Guccifer 2.0" which did the email hack on the DNC, courtesy of their idiot IT, was likely Russian in origin.


The NGP VAN "hack" was never external. It was just temporarily dropping firewalls between registered users internal to the system.

Don't start saying a bus went off its rails. Or saying that because some kids managed to hijack and joyride a bus, that that had anything to do with a commuter train.

were in there for months, probing for weaknesses.

Hacking email is inherently insecure and exponentially easier to get hold of than hacking a back end logistics database. All that the former requires is someone using the system who is naive concerning clicking on links, and you can easily get all their email. The latter requires breaking the fundamental security of the system, which is extremely hard to do under normal circumstances.

And systems are constantly being "probed for weaknesses". That's what threat actors do. They typically don't get very far.

I'd forgotten the explanation. It's open and shut, no need to get into anti-Sanders campaign creative speculation.

.

A firewall is not meant to be the sole protector of data.

You have userids, session and state tokens that ensure no one injects themselves, group and owner priviledges, database records are row and record locked, requiring user authentication, and the data center is set up with at least 3 tiers. All of these STANDARD practices were violated by the Data Center contracting firm. When firewalls go down, you deny traffic, you don't open your network up. There were no intrusion detections either.

No one sees other people's data just because a firewall, or any other component goes down.

Can you imagine a bank or credit card company doing this. They would be out of business in days.

.

and would have been able to take advantage of them.

They did have some sort of intrusion detection, which is why they were able to notify Debbie Wasserman Schultz that the Bernie people had gotten in.

.

There is not one data center in the world that would do what is claimed, without immediately losing its government and corporate contracts and indemnification insurance.

I've been in IT for almost 30 years, with variations from consulting, insurance, retail, and global banking.


The stuff that was claimed would not have even occurred 20 years ago, or even 10 years ago, let alone today.

The loss of a firewall does not open up back-end data for other people to view, it just allows access to certain systems to others systems. It is the first in the narrowing funnel of security steps that is used. The intrusion would have been detected immediately, not during a post-mortem process, or after the fact. And, the intrusion would have been instantly quelled. They had some process that ran after-the-fact, which does very little to alert people.

.

A firewall, as I am sure you know since you seem to have some IT knowledge, controls and filters access to a network by certain protocols, ports and hosts.

What was brought down in the case of the data on the DNC systems was database level security, not a firewall. All of the candidates had access to the network and to the database but not all of the data in the database, per the security rules.

Whatever happened brought down the database level security such that all candidates staff could see all data in the database, not just their own data.

.

Even if DB security were to fail, most every shop has a default of NO ACCESS, they don't open the shop up.

.

All you have to do is think this through.

All the folks involved had a right to access the site and to the database. We're not talking about a firewall issue.

.

I have thought this through, and until there is one technical article that describes what exactly happened, where it lays the fault on a database security issue, anything else is a subjective story to justify something that is not described anywhere. Nothing in Computerworld, Networkworld or any other technical publishing house supports your premise.

.

it's very obvious given the facts in play.

.

When reflecting, it's been more than 30 years, since 1984, taking a year off during my fathers illness and death.

.

.

Who knows how inept this contracting firm is, and whether they followed any best practice procedures.

They failed securing their database, their network, structuring their ESM, and had a seemingly hokey application design.


I have not read a database issue, as you seem to be the only one floating that hypothesis.

.

database.

It's not a hypothesis, it's fact.

Firewall: http://www.cisco.com/c/en/us/products/security/firewalls/what-is-a-firewall.html
A firewall is a network security device that monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on a defined set of security rules.

Firewalls have been a first line of defense in network security for over 25 years. They establish a barrier between secured and controlled internal networks that can be trusted and untrusted outside networks, such as the Internet.
-----------------------------------------------------------
The campaigns all had access to the DNC database, that's the point. If they had access to the database, they had access to the network. Ergo, this is not a firewall issue. The difference is, they had access to different data in the database. The controls between who had access to what data is what went away.

To anyone with even a modicum of IT knowledge this is as straightforward an issue as it gets.