, 204 tweets, 71 min read Read on Twitter
It’s time we all learn the Truth.

The Truth isn’t always what you want it to be, it’s not something you just invent out of thin air.

The Truth is the foundation that we mere mortals must build our lives on, if not then we are doomed to failure, that’s why addicts live such ...
... a hard life. You can’t build a life on a lie and you can’t build a society on a lie.

I will attempt to lay out the Truth as best as I can for everyone, some people will already know a lot of what I’m about to post, but I tried to build this so anyone can follow it.
There are a few things in here that even those of you who are well informed will not know.

Pay attention to the timing of how this all fits together, it was hard to lay this out as multiple things are happening simultaneously and we have to back up and run back through things ..
.. a 2nd time to see how events relate to one another.

This really only covers around 4yrs of time, roughly 2008 thru 2012, but it took me a couple of months to put it together.
Glen Simpson and Mary Jacob write an article for the WSJ about lobbying activity for ex Soviets (that’s Russians for you young people).

3-17-2007

wsj.com/articles/SB117…
5-14-2008

wsj.com/articles/SB121…

Joel Pollak points out Lee Smith may have nailed down the origins of the Dossier to some old articles in the WSJ.

breitbart.com/the-media/2017…
The Pentagon was hacked by China in 2007.
Robert Gates personal computer was taken off line for at least a week.

foxnews.com/story/pentagon…
From CNN Timeline

cnn.com/2013/11/07/wor…

December 2007 - A US intelligence report finds that Iran abandoned a nuclear weapons program in 2003.

cnn.com/2007/POLITICS/…

What happened in 2003? US Tanks rolled into Baghdad, but that’s another story.
Defense Security Information Exchange (DSIE) is formed by members of the Defense Industrial Base (DIB) that are Defense Contractors to deal with information sharing on cyber issues.

obamawhitehouse.archives.gov/files/document…
Read this article and Reidy’s appeal very well. We will refer back to the appeal several times as we move forward, if you are not already familiar with this, read the appeal very well.

mcclatchydc.com/news/nation-wo…

This is the appeal, read it!
media.mcclatchydc.com/static/graphic…
US Cyber Command is established in response to an intrusion into Military Communication and data systems in Afghanistan in the Fall of 2008.

en.m.wikipedia.org/wiki/2008_cybe…
The intrusion into the pentagon computer systems in 2008 takes 14 months to clear out.

It looks like the Aurora attack overlaps with what is going on here.

It also lines up with what Reidy describes in his appeal.

wired.com/2010/08/inside…
The attack gets into the classified system. Some people says it’s the Russians, but other information will come to light later that throws doubt on this.

theregister.co.uk/2010/08/25/mil…
The Nation hits McCain with Russian Collusion October surprise.

PD 10-1-2008 Everything old is new again.

thenation.com/article/mccain…
John Podesta email dated 10-10-2008.
Contains research on Russian Collusion to hit McCain with, must go to attachments tab and download it.

John McCain’s Campaign was marred by more direct ties to Russians than Trump yet he was not investigated by authority’s.

independentsentinel.com/john-mccains-2…
The Guardian reports on 11-7-2008 that China hacked both McCain and Obama downloading large quantities of information from both campaign’s networks.

PD 11-7-2008
theguardian.com/global/2008/no…
Newsweek reported this also at the time.

PD 11-4-2008

newsweek.com/highlights-new…
Both the following articles are published right around the time when Obama and Pres Xi Jinping meet in 2013.

Notice the publish dates, five years after hacking occurred and after Hillary left office.

PD 6-7-2013

theguardian.com/world/2013/jun…
The Chinese confront McCain about a letter her wrote on 7-25-2008 to the Pres of Taiwan but never sent.

PD 6-7-2013
nydailynews.com/news/politics/…
You can’t tell me the Chinese hacked Obama and McCain and didn’t hack Hillary also, give me a break.

The FBI has known that Hillary used the same server that she used during her 2008 Campaign since they interviewed Justin Cooper in September of 2015.
Hillary Clinton suspends her Campaign on 6-7-2008. The Chinese confront McCain about a letter he wrote on 7-25-2008, you figure it out.

cbc.ca/amp/1.755018?_…
Did Hillary use the same Blackberry that she used during the campaign? If she did, that could also be a problem.

foreignpolicy.com/2010/01/22/the…
Pagliano assembles Hillary’s private server from components left over from her Campaign HQ.

Per NBC article the malware was designed to stay buried in computers for months, if not years.

politico.com/magazine/story…
The Chinese are very familiar with both Bill and Hillary, all you have to do is an internet search on the 1996 election scandal Chinagate.

Read this article about the Clintons and China in the 90’s.

You want real collusion? Here you go

spectator.org/chinagate-and-…
How did Clinton get away with this setting up a private server in the first place?

She had no IG the entire time she was Sec State, Obama never appointed one.

All roads lead back to Obama.

thenewamerican.com/usnews/politic…
Why didn’t Obama ever appoint an IG for State? Good question.

Let’s answer that with another question.

I call this data point one. (DP1).

All roads lead back to Obama.

In Jan 2009 DP1 knows all about clintonemail dot com!

Remember this, Obama knows about clintonemail dot com in Jan 2009!

FBI Vault HC 3/28. Page 93
Tracking Ghost net is released March of 2009.

Read this entire thing on Ghostnet, this will come up again later.

en.m.wikipedia.org/wiki/GhostNet
3-29-2009

If your more technical minded and want more information read this report, if not skip it.

scribd.com/doc/13731776/T…
The open use of the GhostRAT reported here is not amateur, it is just open source. This allows the Chinese to take a look whoever is using it and see if they are interested in any of the info.

Read what you can do with GhostRAT

3-31-2009

thestar.com/news/gta/2009/…
Ghostnet, why is it a big deal? GhostRAT is Poison Ivy, this becomes important later.

I believe the video links are dead, this article is 10yrs old, but read the whole thing.

4-13-2009
techrepublic.com/blog/it-securi…
Per Spygate timeline

June 3, 2009, the CIA picks up Iranian spy Shahram Amiri in Saudi Arabia (KSA). [July 13, 2010 NYT]

thespygateproject.org/timeline/
He returns to Iran on 7-14-2010.

(Remember Reidy’s appeal, the compromise he warned of happened throughout 2010).

7-15-2010

nytimes.com/2010/07/16/wor…
These dates become important because I’m laying out an accurate time line as best I can so you can understand what is actually happening, pulling back the curtain of spin so to speak.

You can read up on Shahram Amiri here, read his amazing story.

en.m.wikipedia.org/wiki/Shahram_A…
Per CNN Timeline

9-21-2009 - In a letter to the IAEA, Iran reveals the existence of a second nuclear facility. It is located underground at a military base, near the city of Qom.
Obama kept the Intel on Iran’s nuclear program secret for months while he made a decision. (The time lapse between June 2009 & September 2009)

9-25-2009

nytimes.com/2009/09/26/wor…
FBI VAULT HC 21/28. Page 55
11-6-2009 email with malicious attachment poison Ivy RAT received by HRC, It is associated with APT activity. Found by FBI in lexar micron thumb drive archive of Hillary’s emails. (Don’t download it)

wikileaks.org/clinton-emails…
What is referenced as the 1st incident on page 55 will be covered in the 2011 section of the timeline.

This is malware that is distributed pre full on Aurora attack of Google in mid Dec 2009.

FBI Vault HC. 21/28 page 55
This piece states the Big Tech World Domination meeting at the State Dept was held on 1-7 or 1-8 of 2010.

PD 1-7-2010
mediamemo.allthingsd.com/20100107/guess…
The article puts the date of the Big Tech World Domination meeting at the State Dept on 1-8-2010.

PD 1-9-2010

foreignpolicy.com/2010/01/09/cli…
This piece doesn’t give a date, just says it was last week.

Read this whole article.

The agency said in a blog that it plans to promote Twitter as a “worldwide platform in which people can discuss the meaning of democracy and exchange ideas from diverse perspectives”
You may want to look at this regarding google and Hillary.

You can read what Wikipedia has listed for Aurora but it’s a much bigger occurrence than what’s actually listed there.

Remember the hack of the Pentagon systems in Afghanistan, that is still happening (near the end) around the same time this attack on Google starts.
en.m.wikipedia.org/wiki/Operation…

This FAQ from CNET is probably a better source for basic information on the attack on google.

Just remember this is what is publicly reported at the time, in reality its way worse than what is reported.

cnet.com/news/behind-th…
1-12-2010 google announced they had been the victim of a major cyber attack. Read this whole post very carefully. Notice the part about Ghostnet.

Ignore the part about activist emails that’s just spin to promote the upcoming Internet Freedom Speech.

googleblog.blogspot.com/2010/01/new-ap…
Who did this investigation that found out over 20 large companies had been affected?

Dimitri did, a lot of these companies contracted with McAfee for security services.
That 2nd half at the bottom of the picture is messed up, the quote is from H’s 1-21-10 Internet freedom speech which is not 3 days from anything.

H made a statement on 1-12-10, that may be 3 days from something.

esquire.com/news-politics/…
How did he find this out?

Well he found this out because he got the C&C server.

That line about 3 days after his discovery could refer to getting the C&C server and reviewing the logs, although the server was shut down on 1-4 so this doesn’t sound right.
This becomes important later.

Remember kids, you always want to get the server.

1-14-2010
nartv.org/2010/01/14/cha…
Look at these quotes by Dimitri.

“I was leading research at McAfee and had been involved in investigations of criminal activity online, working closely with law enforcement”.
“I was briefing the State Department as they crafted statements for Hillary Clinton to make publicly about the issue”.

technologyreview.com/lists/innovato…
Read this Computerworld article very carefully, it’s full of stuff.

Notice how it reports things other outlets won’t report for years.

Now compare the quote from the Technologyreview article with this highlighted passage from the Computerworld article.
“I was briefing the State Department as they crafted statements for Hillary Clinton to make publicly about the issue”.

This put Dimitri at the State Dept on 1-12-2010, if the Esquire article is right about him traveling to Washington.

1-13-2010
computerworld.com/article/252251…
We will continue to dissect the Computerworld article.

Now pay attention to this highlighted portion.

This is very important.

As I have researched this I have gotten the impression more and more that China was well aware of big tech’s/big think tank/Intel community plans
This statement is along those lines as it indicates China may have been inside googles network while this closed door meeting was happening. That’s why I put all that info about Ghostnet in earlier.
Now I don’t see how you can get into the systems (plural) that are used for FISA warrants and not also get more info than they are letting on here. It says right in the highlighted area that it’s the system to provide data on google users.
They did query several Chinese names in the system. The 2nd picture is actually from the VanityFair article Enter the Cyber Dragon coming up, I just wanted to put these 2 side by side.
Look here, like I told you it looks to me that China was well aware of Big Tech and Intel Community plans.

They had already been successfully engaging in cyber espionage for years at this point.
George Kurtz seems to know all kinds of technical details about the hack, yet as we will see in a few post an actual FBI agent that investigates Chinese espionage cases shows up at google and is told no thanks, go away.

1-14-2010
theregister.co.uk/2010/01/14/cyb…
The poison ivy dropper found in Hillary’s email archive was actually used in the RSA attack, it’s mentioned in the article.

Google calls the NSA after the attack and says “hey you guys were suppose to protect us”.

vanityfair.com/news/2011/09/c…
Dave Aucsmith, senior director of Microsoft's Institute for Advanced Technology in Governments says hackers were running a Counter Intel Operation.

4-13-3013. The article was published 3 yrs after the Computerworld article and after Hillary left office.

cio.com/article/238654…
Like I said an FBI supervisory agent that works on Chinese cyber espionage cases shows up at google and is told no thanks, go away.

Bureau officials told Robert Mueller who briefed Pres Obama.
There is a months long dispute between google, the FBI and the DOJ.

Google won’t let them access logs or data.

Yet George and Dimitri are all over it in a matter of days?

The FBI and DOJ can’t look at googles super secret stuff but George and Dimitri can?
That only means one thing.

That means that the FBI & DOJ don’t have the proper clearance and are not read into what is going on at google, but George and Dimitri are.
Remember when google was upset that the NSA did not help them? Well at the time it wasn’t their job, members of the DIB contracted for their own security, many with McAfee.

dhs.gov/xlibrary/asset…

Page 17
Not only did many private members of DIB have contracts with McAfee for security, it also appears the Feds had some sort of contract with them also as Dimitri consulted with Federal Agencies also.

It appears Dimitri was at the State Dept on 1-12-2010.

fcw.com/articles/2011/…
Remember this, Officials at google in this case means Dimitri and the McAfee team.

1-20-2010
cnn.com/2010/TECH/01/2…
1-21-2010 Hillary gives the 1st Internet Freedom Speech called the Newsuem Speech because that’s where she gave it.

It’s sad at this point how all these same people have turned around and adopted China’s policy’s of censorship and internet filtering.

theguardian.com/technology/201…
Read this entire article, you have to click next, or on the 2 for page 2.

Google approached the NSA shortly after the attack and they began working out an information sharing agreement and hammered out details for the NSA/FBI/Homeland Security to investigate the incident.
This is the start of the DIB cyber pilot program which we will get into later.

2-4-2010
archive.fo/hVTVl
If you have not read this you need to read the whole thing, it explains a lot.

Remember google is directly involved in Big Tech/Intel Community “plans”.

I will come back to this in the 2011 time frame, it is important for another reason.

newsweek.com/assange-google…
2-4-2010

Watch this video of Alec Ross, Jared Cohen, and Schmidt at google on 2-4-2010.

Then read this, just to be totally clear about what they are talking about.

foxnews.com/politics/feds-…
It’s hard not to think this attack on google had something to do with the CIA com system failure, the timing of it just matches up to good. (Keep reading)

Reidy states in his appeal that the compromise was known before this attack occurred and other facts will support this ..
... as we go further along, but man the timing is just perfect.

This attack on google appears to be the event where the Chinese broke thru the CIA firewall.

foreignpolicy.com/2018/08/15/bot…
There is something that doesn’t make sense and that’s the time periods being reported in these articles, the FP and Yahoo articles. (I haven’t posted the yahoo article yet and won’t post it till the 2011 section)

I will now attempt to clean up the reporting.
If we look at Reidy’s appeal it says the compromise of he warned of occurred “throughout 2010” and the task force was being established in 2011.

media.mcclatchydc.com/static/graphic…
Now we will will look at this Politico article, it says a mole hunt investigation began in late 2010, after assets in China began disappearing, which means they began disappearing before late 2010.

politico.com/story/2018/02/…
This is in fact what is reported in the NYT in screenshot #1.

The opposite thing is then reported in screenshot #2 where it says assets were killed starting the end of 2010. How can you report info dried up throughout the year in one part and the say assets where killed ..
.. at the end of the year in the next?

They may be conflated being rounded up with being killed which are different thing that can happen at different times.

This issue started sometime in 2010 and an investigation was launched after assets had disappeared.
This highlighted section about the killing starting in the last weeks of 2010 appears to be wrong to me.

What is layed out in Politico appears to be more correct, you open an investigation in late 2010 after your assets are killed earlier in the year.

See time line 👇🏻
Lets look at the NBC article about sharing info with Russia and then look at when the Russian spy’s were arrested in 2010.

We can see US CI people feared for assets in Russia in June of 2010.

nbcnews.com/news/china/cia…
We will now attempt to put together an accurate timeline of events we know happened.

May 2010 - Poteyev requests leave to visit his lover in Odessa, It is denied.

thedailybeast.com/is-this-americ…
5-28-2010 US Gov applies for Warrant to spy on James Rosen’s Gmail account.

scribd.com/doc/142666070/…

6-11-2010 Obama briefed about illegals program.

PD 7-19-2017
cnn.com/2017/07/19/us/…
You can read all about the illegals program here, this takes on a entire new light when viewed in context. Read the whole thing.

en.m.wikipedia.org/wiki/Illegals_…

6-24-2011 Poteyev gets on a train out of Russia to the Ukraine. [DailyBeast article again 7-9-2016]
6-27-2010 The Russians spies are arrested.
. [CNN, 7-19-2017. The spies next door]

7-9-1010. Spy swap with Russia completed.

cnn.com/2010/CRIME/07/…
Iranian CIA spy Shahram Amir returns to Iran on 7-14-2010.

The Russian spy’s have been rounded up and are back in Russia by the time Shahram Amir returns to Iran. There are actual news reports of people being rounded up in Iran in 2011.

bbc.com/news/36998747
China is a police state, there are not going to be articles about rounding up CIA assets, this is about the best you can do.

7-15-2010
theguardian.com/technology/201…
China shut down 1 Million web sits in 2010.

This is more important than you would 1st think.

Who controls a website’s certification in China? China does.

eweek.com/blogs/security…
What is FBI CI doing in late 2010? They are looking for a spy at the NSA.

Remember Reidy’s appeal? The authorities don’t even realize the com system was compromised till Mayish of 2011. (About the time the assets in Iran are rounded up)

12-1-2010
washingtontimes.com/news/2010/dec/…
Now we go back to March 2010.

I would go back and review the 2-4-2010 WaPo archive article about the NSA helping google and match it up with the next post about McAfee.

archive.fo/hVTVl
This would be a good guess for a start date for the NSA helping to protect google and it indicates just how involved McAfee was in the formation of the DIB cyber pilot program. This shows how important George and Dimitri are at the intersection of Google and the NSA.
The FBI and National Security Letters.

7-30-2010

economictimes.indiatimes.com/tech/internet/…
Shawn Henry gets promoted.

9-15-2010
archives.fbi.gov/archives/news/…
Thumb through this Tunisia timeline to see what’s been going on in Tunisia.

aljazeera.com/indepth/spotli…
Look what’s been going on in Egypt.

aljazeera.com/news/middleeas…
There has been an ongoing campaign since April 2010 by Chinese APT to target top US Officials private email accounts, I have not mentioned it yet.

It ramps up in Jan 2011.

No links or anything yet, just be aware that it happening as we move forward.
1-5-2011 Hillary meets the Chinese foreign minister in advance of the visit of the Head of State of China.

hillaryclintonquarterly.com/meetingwithChi…
Jan 2011.

The Canadian Gov suffers a massive hacking attack and has to shut down the computer systems in three different departments.

blogs.marketwatch.com/canada/2011/02…
This CBC article indicates the attack happened in early Jan 2011.

No article I could find would give the actual date.

cbc.ca/news/politics/…
Remember Ghostnet? Well the Canadian Gov went on high alert in the fall of 2010 and started looking for signs they had been compromised, turned out they had. This is important, the Canadian gov had been compromised for an unknown period of time and they did not even realize it.
Here is a short video about the hacking attack.

'Significant' cyber attack on Canada linked to China via @YouTube
What else happened in early Jan 2011?

Katica thread indicates Hillary’s server suffered a brute force attack on 1-9-2011.

Justin Cooper also sent Abedin an email on Jan 9 an other on Jan 10 with the subject line: Don’t email hrc anything sensitive. I can explain more in person.

FBI Vault HC 3/28 page 89
Justin Cooper spoke to the SS agent who was detailed at Bill and Hillary’s house about this.

FBI Vault 4/30 page 93
Pagliano billed Hillary 2hrs conference with security team about this on 1-11-2011. Then it looks like he changed some configurations around a few days later.

FBI Vault HC 31/31 page 149
Chinese President Hu Jintao has a four day visit to D.C. including a state dinner.

As part in Intel gathering the Chinese will attempt to hack their adversaries, especially after a meeting. That’s why I included these two Chinese visits that occurred in Jan 2011.
2-10-2011

McAfee puts out Night Dragon White Paper.

americanbar.org/content/dam/ab…

PC world article.
pcworld.com/article/219251…
Hillary gives 2nd Internet Freedom Speech.

2-16-2011
cnn.com/2011/POLITICS/…
Can you say “regime change” kids?

I like the part about the panic button and other spy tools in here.

brookings.edu/research/inter…
Look what’s going on in Libya.

reuters.com/article/us-lib…
Feb 2011. Look what’s happening in China.

There ain’t no Jasmine Revolution in China, the CCP knows what’s going on and shut it down. Like I pointed out earlier the Bulk of CIA assets in China where rounded up in 2010, what’s left are mainly Human Rights Activist.
China slows Gmail in China down so much as to be practically useless, can’t have those activist acting up.

3-22-2011
theguardian.com/world/2011/mar…
The PD on this article is 6-1-2011 but the events start happening in Jan 2011 and run throughout the year.

After these articles were published Chinese APT just changed up their strategy and just kept right on relentlessly coming.

washingtonpost.com/business/techn…
The PD on this article is 6-1-2011 but the events happened in Jan/Feb 2011

theguardian.com/technology/201…
This CNN video is actually pretty good.

6-2-2011 CNN
CNN: U.S. officials, Google hacked via @YouTube
Watch this Fox News report and listen to what Allen West says about the Chinese and military communications in Afghanistan, and remember that Wired article about the hack in Afghanistan in 2008.

6-2-2011. Fox News.

That’s right this phishing campaign was discovered in Feb 2011 like I told you already these phishing attacks are ongoing since at least April 2010.

telegraph.co.uk/technology/goo…
Remember when I told you that the Chinese had begun targeting top US Officials at least beginning in April 2010, well Parkour’s client fell victim in May of 2010.

PD 6-2-2011
reuters.com/article/us-goo…
So the FBI is investing this with google and other US government agencies “to identify the origins of this campaign and determine what information may have been compromised”.

money.cnn.com/2011/06/01/tec…
I have a question for you. Did you ever hear anything about this investigation?

There were a couple of article’s published in the middle of 2015 that mention this investigation, but beyond that it’s a black hole.

I could find nothing about the results of this investigation.
In an effort to begin to smooth things over, Clinton and Treasury Secretary Timothy Geithner hosted senior Chinese officials in Washington last month for high-level talks. (May 9, 2011 US & China strategic and economic dialogue).

abcnews.go.com/Politics/us-pr…
"US President Barack Obama is aware of it and is being updated on regularly," White House Press Secretary Jay Carney told reporters at his daily news conference.

zeenews.india.com/news/net-news/…
You want to know why there is nothing about this investigation publicly available? Look at the following article.

defensedaily.com/ex-fbi-cyber-c…
That’s right it’s classified. Why would it be classified?

Let’s take a look at what we can find, and it will become clear what is going on.
Let’s look at FBI Vault HC 21/28 page 55 again, we can see the first paragraph is heavily redacted and refers to this phishing campaign in 2011. It mentions a report and says the malware samples that matched the ones in the report were not examined any further.
Let’s take a look at FBI Vault HC 1/28 page 31 Under the heading potential loss of classified information.

We can read the first paragraph about the memo Boswell sent Hillary and then we notice there are two redacted paragraphs.
This entire section comes from the 2011 investigation, we will reconstruction it.

FBI Vault HC 1/28 page 31
The memo Boswell sent Hillary is included in the following Freebeacon article though they get the date wrong as the only date on the memo is just related to the attachment and not the memo.

freebeacon.com/issues/hillary…
Clinton skipped special cyber briefing in 2011, documents show fxn.ws/1pN7S9u #FoxNews
Ok let’s look at the memo. Boswell sent Clinton on 3/11/2011. Attachment dated (2/28/2011)
Read this memo carefully, look at how wide spread it is and Gates is mentioned.
Look at the name of the attachment [Personal targeted by (Chinese actors)] as known 2/28/2011.
Read that memo several times, it is off the hook crazy, yet you never heard of any of this. Why? Let’s continue.

FBI Vault HC 3/28 page 61 does indeed state in (approximately) Feb 2011 several State employees where the victims of Gmail and Yahoo account hacks.
FBI Vault 3/28 page 48 we can see the February 2011 language right before a redacted sentence in a section on Jake Sullivan.
FBI Vault 3/28. Page 112. Mull specifically recalls Jacob Sullivan’s personal email account was hacked.
We know also from point 4 in Strzok’s email that the people at the State Dept that got compromised where in fact Hillary’s staffers. (Plural)
Read also the very interesting statement after that. “It’s also accurate to say a sophisticated foreign actor would have likely known about her private email domain”

foxnews.com/politics/forei…
So you’re an FBI agent in the Counter Intel division investigating this in 2011, what do you do? Well one of the 1st things you do is look at the original source of these emails of Hillary’s staffers to figure out what the drop account address is, as described below.
Well, what’s one of the 1st things you’d notice when you did this?

Well, you’d see this weird email address with a domain that says clintonemail dot com right where that H use to be.............

money.cnn.com/2011/06/03/tec…
“The FBI did find that hostile foreign actors (plural) successfully gained access to the personal email accounts of individuals with whom Clinton was in regular contact and in doing so obtained emails sent to or received by Clinton on her personal account.”
The above statement comes directly from this 2011 investigation.

FBI Vault HC 1/28 page 2
So the FBI has know about clintonemail dot com since 2011.

That brings a lot of things into focus.

Q: Ok who at the FBI would be investigating this in 2011?

A: Shawn Henry

Q: Who was Director of the FBI?

A: Robert Mueller
Q: Who at google would be investigating this?

Remember who at least partially investigated Aurora and when it said google in articles it was actually the McAfee team. Good chance it was.

A: Dimitri Alperovich
Now we jump back out to Feb 2011

Feb 2011. Office of coordinator for cyber issues at the Stare Dept is established. That’s right, it’s established just about the same time as the compromised email accounts were discovered.
2-22-2011.

Christopher Painter is named coordinator.

state.gov/s/cyberissues/
He was the director for cyber policy at the NSC in the White House.

You know all those people in the White House Hillary would need to email often.

thehill.com/policy/cyberse…
End of Feb Beginning of March 2011.

Google begins purging dropper accounts at the end of Feb 2011 into the beginning of March. These are the accounts Chinese APT used as way points to move CC’d emails along toward China.
What was going on in March 2011? Dimitri was looking through C&C server logs. [Per Vanity Fair Shady Rat]

Purge dropper accounts

2-27-2011
cloudpropel.wordpress.com/2011/06/22/gma…

2-28-2011
money.cnn.com/2011/02/28/tec…

3-1-2011
cbsnews.com/news/microsoft…

3-3-2011
huffingtonpost.com/2011/03/03/goo…
April/May 2011. John Reidy informs co worker being transferred to secret task force Honey Badger about the “compromise” and advises her to talk to his ex boss.
May 2011. CIA Iranian spy Shahram Amiri is arested in May 2011 and tried for treason.

He has been back in Iran for around 10 months as of May 2011.

bbc.com/news/36998747
May 2011.

Iran starts killing CIA assets in May 2011 the same month Shahram Amiri is arrested. In June two high ranking members of Hezbollah are exposed as being US spies.

abcnews.go.com/Blotter/cia-sp…
August 2011.

Someone attempted to hijack googles web browser certifications to setup a fake google site in Iran.

If I was going to guess what is going on here I would tell you that Chinese APT probably did this and it gives a clue of what they probably did in China to
catch the assets in China.

Since China is able to issue its own certifications they could set up fake sites in China and do a man in the middle and “watch” all the traffic.

Something like this is mentioned in the article.

slate.com/technology/201…
Jan 2012 to May 2015. The time frame being reported for Witt in this article is not early enough to be involved in the initial roundup of assets in 2011, but as the article states she could very well be involved in events in Yemen.

freebeacon.com/national-secur…
Now you should be able to read this yahoo article with a more accurate understanding of the timeline because the article is conflating two different events in order to gloss over the investigation into Hillary’s aides having their private email accounts compromised.
The Obama Admin opens a Grand Jury on Assange a few months after they discover that Hillary’s aides and other top US Officials had their private email accounts hacked.

5-11-2011
theguardian.com/media/2011/may…
Obama request that Robert Mueller stay on another 2yrs, which will keep him FBI Director till Hillary leaves office.

5-13-2011
cnn.com/2011/POLITICS/…
Schmidt came to see Assange in June 2011, that’s when all those articles about private Email accounts of top US officials being hacked came out, remember.

Now do you understand the timing?

newsweek.com/assange-google…
The FBI sent agent to Iceland in June 2011 in their ramped up effort to get Wikileaks.

arstechnica.com/tech-policy/20…
Look at those dates of when they seized the account information. The dates line up with both a Grand Jury being seated in May and the articles being released on Top US Officials Gmail accounts.

arstechnica.com/tech-policy/20…
Here is the NYT article about this.

nytimes.com/2013/06/25/wor…
Mills tells fellow employees she was targeted by Chinese hackers.

6-4-2011. google hacking and woeful state.
wikileaks.org/clinton-emails…

Mills can’t remember who told her she had been targeted.

FBI Vault HC 3/28 page 105
Lynn gave an overview of the Defense Industrial Base Cyber Pilot, a.k.a. DIB Cyber Pilot. Federal defense agencies have begun sharing secret threat data with selected corporations in the defense industry and partner Internet service providers.
U.S. State Dept issues memorandum about securing personal email accounts on 6-28-2011.

en.m.wikisource.org/wiki/Securing_…
William Lynn 7-14-2011
“An assessment of the program is expected to conclude by the end of the summer, and possible expansion will be considered in the fall, he said”.

gcn.com/articles/2011/…
This article is just a puff piece to promote Dimitri prior to the DIB expanding the Cyber Pilot Program.

He goes on a publicity tour around congress and meets with Feinstein.

The only real news is Dimitri was looking a C&C servers in March, you know when google was purging.
I put this article here to remind you these Chinese hacking allegations were well known for years prior to Dimitri’s publicity tour.

thestar.com/news/canada/20…
Joe Stewart, director of malware research for Dell SecureWorks, traced the command-and-control (C&C) servers used to oversee the RSA attack to networks in Beijing and Shanghai. (You know poison ivy)

8-4-2011
pcworld.com/article/237290…
You remember Poison Ivy, right.

FBI Vault HC 21/28 page 55
Now we will tie the RAT Hillary received on 11-6-2009, the same one used in the RSA attack, with the location of the C&C servers Joe Stewart found. Beijing fits right in that redacted location doesn’t it.

FBI Vault HC 21/28 page 145
Hillary receives Poison Ivy on Nov 6, 2009. It looks like the key logger was activated and someone signed onto Hillary’s server sometime between Nov 10-12, 2009.

history.state.gov/departmenthist…
Read the section call backs and control established of the 2012 Fireeye white paper to understand the unusual log in from China referenced above.

chippewa.ca/wp-content/upl…
The Chinese change tactics, and continue to send emails in a new wave of phishing attacks. Yet you never heard of any of this did you?

Tor? Where have I heard of Tor before?

8-11-2011
theregister.co.uk/2011/08/11/gov…
Chinese APT is relentless.

8-12-2011

helpnetsecurity.com/2011/08/12/us-…
Sure enough the program is expanded right about when Alpernovitch leaves McAfee.

9-7-2011

reuters.com/article/us-aer…
Look at the timing.

Crowdstrike is no accident.

9-26-2011

cbsnews.com/news/pentagon-…
Alperovitch leaves McAfee in September 2011.

Kurtz leaves McAfee at the end of Oct 2011

reuters.com/article/us-mca…
George went to Warburg in Nov 2011 and got the funding for Crowdstrike.

en.m.wikipedia.org/wiki/George_Ku…
In this article he says they called him but I don’t think this is that big of a conflict.

It’s not unusual for an investment firm to help out a start up.

inc.com/magazine/20160…
This article is from 2003. George has done lots of business with gov agency’s over the years, he has history going back to the Bush Admin.

2-28-2003
fastcompany.com/1538850/george…
NSA rules relaxed.

10-3-2011

techdirt.com/articles/20130…
Hillary Clinton pens Americans Pacific Century article.

Hillary wrote this?

This was the pivot to Asia.

10-11-2011

foreignpolicy.com/2011/10/11/ame…
Read this for more info on the Pivot to Asia.

fivethirtyeight.com/features/did-h…
Shawn Henry Speech.

Wait, Ukraine, United Kingdom and the Netherlands?

10-20-2011
archives.fbi.gov/archives/news/…
November 2011:

CIA Director Gen. David Petraeus, who’s married, allegedly begins an affair with his biographer, Paula Broadwell.

sharylattkisson.com/obama-era-surv…
I wanted to read this report but cannot find a link that is not blocked by McAfee. Try it yourself.

where it says “said the report.”

The word report is a link and if you click on it you will get what’s in the picture below.

11-3-2011

cnn.com/2011/11/03/us/…
Dec 2011.

John Kerry seeks out Omani officials to develop back-channel to Iran [see: Oct 22, 2015 WSJ

thespygateproject.org/timeline/
Finally I felt it appropriate to end this thread with the following article.

salon.com/2011/12/09/hil…
@threadreaderapp Please thread roll.
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Jason Keeney
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!