Significant misunderstanding from #Durham filing being circulated about the "White House Servers" that were used in the Clinton-funded and media & deep state fueled #RussiaHoax operation ultimately used to spy on President Trump 1/
NOTE, this analysis is constrained to the publicly available information about the DNS servers. As I've said before, there is currently no indication anything was "hacked" or "infiltrated". Irresponsible to suggest otherwise IMO 2/
Oversimplified tech primer: DNS is the system the internet uses under the hood to take the website name and convert it to an IP address. Pretty benign, but essential (and powerful if you control it) 3/
First, what controlling a DNS server *DOESN'T* do for you: it doesn't get you access to the *contents* of the traffic (see #11 below for a huge caveat) 4/
This is because DNS is inherently a referral service. Think of it like this: "hey DNS server, I want to go here", and it sends back the directions of how to get there. Then you get there on your own. 5/
But what controlling a DNS server *DOES* do for you is give you indications of what sites are being accessed. This can be very powerful when aggregated (think marketing) but narrower data is also powerful in different ways 6/
Let's say I know Executive Office of the President is hitting up Pfizer dot com the night before a big FDA news conference? 7/
Or the EOP is repeatedly hitting up Obscureistan dot gov all of a sudden during a geopolitical shift? etc, etc.. basic, contrived examples, but you get the idea. 8/
Controlling an organization's DNS server gives you tremendous insight into what a given organization is doing on the internet. Huge privacy hole. 9/
But controlling an organization's DNS server can be equally powerful if you're trying to create a narrative about how they're doing something they're not. (e.g. #RussiaHoax in general and the #AlphaBank garbage in specific) 10/
Now, if you're particularly unscrupulous, you can use this information to redirect/hijack those communications, which in some cases COULD give you even greater insight or even access to the actual content of the communications. 11/
Hard to do that without leaving other fingerprints, so I don't see that as very likely here. It certainly isn't being alleged in the #Durham filings at this point. That's why I think "infiltrate" and "hack" are irresponsible terms 12/
EXACTLY what "service" Joffe & the boys were providing & how they were leveraging it (and/or exploiting it) remains unclear. IDK, maybe permission to pull the "telemetry" from Trump-affiliated servers for clandestine subterfuge was buried in the Terms of Service? 13/
A sidenote about this in regards to DNSSEC - basically an enhancement to DNS that uses cryptographic signatures to mitigate the risk of those domain hijacking/redirecting/etc attacks. 14/
DNSSEC is only in-use by ~50% of major sites, and other methods like requiring HTTP strict transport security are arguably more efficient ways of mitigating it. 15/
Because client operating systems don't generally support DNSSEC, all of those security mitigations are effectively useless when you've chosen to delegate your DNS resolution to a server that isn't actually trustworthy. 16/
Bottom line: using untrustworthy people to manage the resolution of your DNS request exposes you in non-obvious ways. How they abuse that trust could be illegal, but it doesn't necessarily mean they've "hacked" you. 17/
ALSO, one ironic twist (and some catnip for the Trump haters) about DNSSEC and federal policy: the Obama-era OMB mandate M-08-23 to require it's use on Gov sites was rescinded by Mick Mulvaney in M-18-23 whitehouse.gov/wp-content/upl… 18/18 
• • •
Missing some Tweet in this thread? You can try to
force a refresh
