16 Comments

The difference between "illegally monitoring traffic that flows through the servers stored at your site that you maintain for them" and "illegally monitoring traffic that flows through the servers stored at their site but you maintain for them" is almost nil. It's a technicality.

Certainly nothing LIKE enough of a difference to accuse someone of "liar, liar, pants on fire."

When you focus on technicalities, it sounds like you have something to hide. Just sayin'.

Expand full comment

They didn't illegally monitor the traffic. If you think they broke a law, cite the law.

Expand full comment

They were mining the records the government had hired them to supervise on behalf of the public for their own, personal purposes. That is strictly forbidden under 5 C.F.R. § 2635.702. The DoJ has a good write up on misuse of position and government resources at https://www.justice.gov/jmd/misuse-position-and-government-resources

In the private sector, doing that kind of thing gets you fired on the spot. I'm in IT. We understand we are in positions of very high trust.

Expand full comment

inapplicable, nobody involved is a government employee. 5 USC 2105.

Presumably, they were authorized to use the data, but used for purposes other than specified in the contract.

I don't see how it was a crime unfortunately. It's not unauthorized access, its not exceeding access, and its not an SCA violation.

Expand full comment

These contractors abused their positions of trust and misused the data that you, I, and every other citizen paid them to manage for us. We didn't authorize them to mine the DNS logs of official government networks and try to sell them to the New York Times, as these people tried to do. These people aren't whistle blowers, they're on the take. Trying to make a buck.

Trying to run and hide from the obvious wrongdoing that was done here isn't a good look. It looks like you have something to hide.

And that was exactly my original critique of this blog post. The author wanted to make a case that since they didn't physically "hack" into anything, the whole narrative blows up. Au contraire. They didn't need to hack because they already had admin access -- access that they misused, dreadfully.

Expand full comment

I don't read OP as saying "nothing bad happened", I read it as "blown out of proportion".

You are correct, they abused data in their possession. Unfortunately, that's not a crime. What rjoffe did was highly unethical - given the trust placed in neustar, and his relationships with internet infrastructure operators. rjoffe initiated this without being paid by Clinton.

Sussmann on other hand, committed a crime (making false statements/perjury) - by saying that he was not acting on behalf of Clintons when talking to FBI.

Unfortunately, although it appears that there was a common plan by rjoffe and sussmann after initial discovery by rjoffe, no evidence that rjoffe knew that sussmann would lie, but even if he did, there's no crime of conspiracy to commit perjury.

It's not a good look, they are not whistleblowers, that's all granted.

Expand full comment

Of course there's a conspiracy. By definition, its two or more planning or participating to conduct an illegal act. Joffe was acting outside of any authority, and so were the Ga Tech idiots.

Expand full comment

What authorization did Joffe have to present this data to the Ga Tech idiots using DARPA resources? By who's authority was this activity authorized? Not FBI, not DOD, and not DOJ. The FIRST thing the Ga Tech idiots should have requested was a LOA for the activity from a government official. There is your first sign this was illegal as f*.

Expand full comment

"Abusing data in their possession" - not a crime? You obviously are unaware of statutes where unauthorized access or misuse of data is a FELONY. 18 U.S. Code § 1030. EOP data is TS/SCI "read on" program stuff. Yes, if you knowingly access data for an improper purpose or unauthorized (and they were not authorized and they targeted a private citizen, much less a candidate for POTUS) it is a Felony and many have lost careers or gone to prison doing so. What shocks me is the Ga Tech idiots still have a clearance or are allowed within 10 miles of DARPA.

Expand full comment

By misusing the data, It was now an infiltration. This company did not respect the data they were gathering and had a contract to gather this data.. The infiltration happened years ago when they were first hired and then they executed it by handing the data to unauthorized parties. This is like putting malware on your computer and years later it executes itself and steals your sensitive data. The firm was corrupt from the git go.

Expand full comment

We're making a big assumption here, aren't we, that Trump's companies used Neustar's DNS.

And if they did, everyone on the planet should immediately stop using Neustar. Privacy? What's that?

Expand full comment

Huh. Show me in the DNS request packets where a DNS server can determine the application using the resolver library. If you are collecting user-agent strings and application information, you are doing more than DNS resolution. Say, what if a malicious user with a Yotaphone connects to WIFI in Trump Towers and then surfs to known bad web sites in order to paint a picture of Trump folks colluding with Russia. You think that is possible?

Expand full comment

They did not know the application.

They did not know the resolver library used by the application.

They did not collect user-agent strings or other application information.

All they knew were DNS lookups.

If you can log onto somebody's WiFi, then of course you can maliciously plant lookups. Indeed, you can spoof DNS queries pretending to be from the network without even logging in.

Expand full comment

You are totally correct on the technology issues. It pains me when I hear people saying "servers" when DNS logs are created by routers and stored on file servers of some sort (and often not). But as far as this wasn't basic commerce going on (I provide confidential data to you, you give me a better job when you win), for heaven's sake, don't be naïve.

Expand full comment

Absolutely correct.

Expand full comment

You are totally correct on the technology issues. It pains me when I hear people saying "servers" when DNS logs are created by routers and stored on file servers of some sort (and often not). But as far as this wasn't basic commerce going on (I provide confidential data to you, you give me a better job when you win), for heaven's sake, don't be naïve.

Expand full comment