Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
View Regular
Chet Ramey Profile picture
Chet Ramey
@chetramey
Senior Technology Architect. In my spare time, I do Bash and Readline. Tweets are my own.

Feb 13, 2022, 14 tweets

@DrewShirleySpx @emptywheel Sure, I'll take a shot here. There's no "infiltrating" or "spying." It's all just dumb and sensational.

@DrewShirleySpx @emptywheel 1. DNS traffic records are lookups and responses. They are not confidential. There's no "infiltrating" going on here. In fact, Joffe's company (Neustar) ran a huge DNS resolver.

@DrewShirleySpx @emptywheel 2. DNS servers and load balancers change DNS information, or return different answers to the same query, all the time. This is normal behavior, just to head off the "queries were changed" BS.

@DrewShirleySpx @emptywheel 3. Infosec monitors DNS lookups all the time for evidence of attempted attacks and misuse. There's nothing unusual about that. This is basic data mining and aggregation.

@DrewShirleySpx @emptywheel 4. DNS monitoring as a service is a very popular business; a large number of companies engage with it as part of their infosec activities.

@DrewShirleySpx @emptywheel 5. Joffe's company was hired to monitor DNS traffic as part of a contract, and had been doing so for the government since at least 2014. This is legal.

@DrewShirleySpx @emptywheel 6. Neustar had multiple contracts with the federal government, including one to provide DNS service. It's right there in Durham's statement. Together with its other business, it had the data, so no "spying."

@DrewShirleySpx @emptywheel 7. Neustar also provided researchers with DNS data that allowed them to map internet trends and look for malicious activity, among other things. These researchers found multiple mysterious lookups between Trump/Alfa/Spectrum Health.

@DrewShirleySpx @emptywheel 8. So: the DNS information (lookups/responses) from the Trump Tower server indicated some weird behavior. There's probably nothing there, but it was pretty strange, and has not been explained.

@DrewShirleySpx @emptywheel 9. Joffe gave this information to Sussmann, his lawyer, who gave it to the FBI (or CIA, depending on the story). This was after Sussmann stopped representing the DNC. All of this came out last fall.

@DrewShirleySpx @emptywheel 10. Durham is trying to create a narrative that this indicates Sussmann's guilt of something or other, but he has produced little evidence of this.

@DrewShirleySpx @emptywheel 11. To try and demonstrate this, Durham conducted the same data analysis he says proves Sussmann's guilt, but against the Obama WH (2014).

@DrewShirleySpx @emptywheel 12. Oh, and everyone just sat on this for five years until the SOL expired. It's all just so dumb.

@DrewShirleySpx @emptywheel And this has been out there in the press since at least October, 2016, and in the Infosec community before that.

Share this Scrolly Tale with your friends.

A Scrolly Tale is a new way to read Twitter threads with a more visually immersive experience.
Discover more beautiful Scrolly Tales like this.

Keep scrolling