This was originally posted by the user /u/biglymagaback. His account has since b

1. This was originally posted by the user /u/biglymagaback. His account has since been deleted. Justice beats in the hearts of the forgotten. I have no intention of deleting this account. Archive this for posterity.
2.  
3. https://twitter.com/julianassange/status/853242264272998400?
4.  
5. There are two narratives at stake here - the Russian Narrative, and the Seth Rich Narrative. Both are true, from a certain point of view. I'll explain.
6.  
7. Background Info:
8.  
9. /u/stonetear = Paul "I have full access to the server" Combetta
10.  
11. "Hillary Clinton spied on her own campaign staff"
12.  
13. “She believed her 2008 campaign had failed her — not the other way around — and she wanted ‘to see who was talking to who, who was leaking to who,’ said a source familiar with the operation,”
14.  
15. Timeline:
16.  
17. Podesta Email, March 25, 2014: Re: Google Account recovery phone number changed:
18.  
19. That was me [Eryn Sepp is Podesta's secretary]. Changed it from CAP cell phone to your current personal cell phone #. Did that on Sunday when I was downloading Herb's files to your CF thumbdrive (also added it to your "google drive" that has a good deal of space on it).
20.  
21. June 2014 -- Seth Rich joins the DNC as the national data director.
22.  
23. July 23, 2014 -- Stonetear crowdsources e-mail scrub via Reddit - however, specifically asks about hiding email addresses - not whole emails. Also claims he has separate storage.
24.  
25. /u/stonetear, December 10, 2014: "Auto-delete/retention policy and 'save' folder":
26.  
27. Hello- I have a client who wants to push out a 60 day email retention policy for certain users. However, they also want these users to have a 'Save Folder' in their Exchange folder list where the users can drop items that they want to hang onto longer than the 60 day window.
28.  
29. All email in any other folder in the mailbox should purge anything older than 60 days (should not apply to calendar or contact items of course). How would I go about this? Some combination of retention and managed folder policy?
30.  
31. Hillary Clinton email, December 22, 2014: "Re: Could you talk today or over the weekend?"
32.  
33. Sorry. Can't tell what happened with the email elves. I can do tonight after 8:00 or anytime tomorrow before 4:30."
34.  
35. A PHONE CALL?! TO HIS PERSONAL CELL PHONE?!
36.  
37. /u/stonetear Reddit post, December 22, 2014: Bypassing two-factor authentication with domain name?:
38.  
39. Hello- I have a firewall (200D) which seems to be allowing domain users (Whether authenticated via RADIUS or LDAP) to bypass the request for their token by logging in with domainame\username for the SSL VPN. If they use just username, they get the token prompt.
40.  
41. As stated above, I have been testing with both RADIUS and LDAP authentication to the domain controllers, but the behavior seems to be the same with either.
42.  
43. I've been doing a bunch of searching but am coming up empty so far. Before I open a case with Fortinet, I figured I'd ask here. Thanks in advance!
44.  
45. Edit: They can bypass the token via the web portal as well as the Forticlient by logging in as domain\username
46.  
47. "Here’s How an Attacker Can Bypass Your Two-Factor Authentication":
48.  
49. Two-factor authentication systems aren’t as foolproof as they seem. An attacker doesn’t actually need your physical authentication token if they can trick your phone company or the secure service itself into letting them in.
50.  
51. The two-step authentication systems on many websites work by sending a message to your phone via SMS when someone tries to log in.
52.  
53. All an attacker has to do is call your cell phone company’s customer service department and pretend to be you. They’ll need to know what your phone number is and know some personal details about you. These are the kinds of details — for example, credit card number, last four digits of an SSN, and others — that regularly leak in big databases and are used for identity theft. The attacker can try to get your phone number moved to their phone.
54.  
55. Heck, an attacker might not need access to your full phone number. They could gain access to your voice mail, try to log in to websites at 3 a.m., and then grab the verification codes from your voice mailbox. How secure is your phone company’s voice mail system, exactly? How secure is your voice mail PIN — have you even set one? Not everyone has! And, if you have, how much effort would it take for an attacker to get your voice mail PIN reset by calling your phone company?
56.  
57. The intruders so thoroughly compromised the DNC’s system that they also were able to read all email and chat traffic, said DNC officials and the security experts.
58.  
59. Podesta Email, March 5, 2015: Re: Thought:
60.  
61. When I worked for the leadership we had a records retention policy to actively destroy all emails after 3 or 6 months . Each office made up its own policy. Reporters should be asking congress and individual members what their policy is ? Do they use private accounts for biz ? Why does fioa not apply to them ?
62.  
63. We are. Limited Success.
64.  
65. Podesta Email, March 16, 2015: FW: Email retention/deletion:
66.  
67. Good people of American Progress: As we flagged for you last month, we are in the process of implementing CAP/AF's longstanding records retention policy (attached) for email. This process requires your participation.
68.  
69. Over the next three months, you are required to identify and designate any Retention Category emails (defined below) in your possession. Beginning on June 16, all email older than two years that is not designated for preservation will be automatically and permanently deleted.
70.  
71. What is a Retention Category email?
72.  
73. For most employees, Retention Category emails are limited to emails containing important institutional records or knowledge that is not recorded elsewhere.
74.  
75. o This is a limited category, including only emails containing information (not memorialized elsewhere) that you believe will continue to be of importance to CAP/AF's work, even 2+ years after receipt. For instance correspondence setting forth guidelines for ongoing projects, memoranda describing major efforts, documentation of significant decisions with ongoing implications, etc. o Please be selective. Most employees should have few Retention Category emails.
76.  
77. o Legal and Tech will be conducting team briefings in the coming weeks, but please contact us at any time with questions. * Emails relevant to any actual or potential legal proceeding or government investigation must be preserved. However, outside of a small number of intellectual property issues, CAP/AF is not involved in any investigation or proceeding. If that changes, the legal team will let you know.
78.  
79. Legal, financial, HR, and administrative records are preserved under separate policies that apply the legal, finance, HR, and admin teams. What should I do with Retention Category emails? * In the coming weeks, Tech will create a "Retention" folder in your Outlook. Emails in the retention folder will be preserved indefinitely, and will not be automatically deleted.
80. In the meantime, we encourage you to begin identifying and marking Retention Category emails, either by flagging them or by dragging them into a new Outlook folder of your own creation. Once Tech has created a "Retention" folder for you, you can drag your marked emails into it.
81.  
82. Going Forward / Going Back
83.  
84. You have three months to go through your inbox, sent mail, and organizational folders to identify old retention category emails. Starting on June 16, email older than 2 years that is not in your Retention folder will be permanently deleted, on a rolling basis.
85. Going forward, you should move Retention Category emails into the Retention folder as needed. You will be able to create organizational subfolders within the Retention folder.
86. Do not place non-Retention Category emails in the Retention folder Legal and Tech will be going to-to-team to answer questions and help with implementation. But feel free to ask us questions at any time.
87.  
88. /u/stonetear email, July 30, 2015: "VPN log report?":
89.  
90. Hello- Is there any way to spit out a simple VPN connection report? Ie, who logged in, and when? I've been able to cobble something together from the raw log files, then filtering/massaging in Excel, but it's a real pain in the rear. We have several customers that would like to be able to get a weekly or monthly report on remote user logins. Is a syslog server setup/config or FortiAnalyzer the only way to do this?
91.  
92. September 2015 -- Josh Uretsky joins Bernie campaign as national data director, recommended by Seth Rich (according to Sanders in a Dec 2015 interview).
93.  
94. /u/stonetear Reddit post, Oct 26, 2015: "Attachment report?"
95.  
96. I have a customer who wants to be able to run a weekly or monthly report that shows all emails sent that have attachment(s) over X megabytes, along with the from/to/date info, in a format that is at least semi-management friendly. Third party software is fine, though I imagine this is doable via PowerShell/message tracking... however I have been striking out so far. Environment is Exchange 2010 SP3. Any suggestions are welcome!
97.  
98. *** December 16, 2015 -- NGP VAN applies new patch to DNC servers. According to email 15792, due to a "glitch in the code" the normal system barriers were lowered for four hours and users could access other users data. This data could still only be accessed by other DNC user accounts. Four unique users ran and downloaded the results of 25 unique searches, saved to private hard drives and were removed from the premises. ***
99.  
100. *** December 17, 2015 -- DNC officials discover the person who accessed information was connected to the Bernie team and demand discipline of the individual. ***
101.  
102. *** December 18, 2015 -- Bernie campaign fires Josh Uretsky, his campaign's national data director ***
103.  
104. *** December 19, 2015 (Saturday evening at 10pm) Amy Dacey reports the previous incident to Podesta (via Mary Fisher for some reason) ***
105.  
106. *** December 25, 2015 interview about break-in event where Sanders blames the DNC for recommending Josh Urutsky. He says that he was recommended by the DNC's national data director.
107.  
108. http://www.mediaite.com/online/sanders-adviser-suggests-staffer-that-breached-voter-data-may-have-been-dnc-plant/
109.  
110. So who was the DNC's national data director? Seth Rich!
111.  
112. http://www.p2016.org/parties/dnc16.html
113.  
114. Josh Urutsky was hired on Seth Rich's recommendation.
115.  
116. Sanders knew it was Uretsky. Sanders knew Rich recommended Uretsky.
117.  
118. DNC wasn't stealing data, they were stealing votes. Sanders was under the umbrella of the DNC. Rich found out about the voter fraud and colluded with Uretsky.
119.  
120. Sanders found out both (he thought he still had a chance of winning the primaries), and gave them up to Amy Dacey, who was Seth Rich's boss. Dacey then confronts Rich, forwards it to Podesta and the rest is history:
121.  
122. *** Jan 2016 -- Sanders claims (in May 17 interview) that his Nevada HQ had shots fired and nearby employee apartments ransacked ***
123.  
124. Podesta Email, March 19, 2016: Re: Sоmeоne has your passwоrd:
125.  
126. Milia, can you change - does JDP have the 2 step verification or do we need to do with him on the phone? Don't want to lock him out of his in box!
127.  
128. This is a legitimate email. John needs to change his password immediately, and ensure that two-factor authentication is turned on his account. He can go to this link: https://myaccount.google.com/security to do both. It is absolutely imperative that this is done ASAP.
129.  
130. IP Address: 134.249.139.239
131.  
132. Location: Ukraine
133.  
134. So after two years from the initial email being sent out by /u/stonetear, two-factor authentication still hasn't been set up?
135.  
136. AND HIS IT HELP DESK THOUGHT A SCAM ATTEMPT WAS REAL?!
137.  
138. May 3, 2016 – Bernie pulls off surprise primary victory in Indiana Primary
139.  
140. *** May 14-15, 2016 -- Enraged Bernie supporters shut down Dem HQ in Nevada after a weekend of violence, vandalism ***
141.  
142. May 17, 2016 – Bernie wins Oregon primary (final Democrat primaries, including California, would be in June. Stuck fork in Sanders, because he was done by mid-June)
143.  
144. May 21, 2016 - WikiLeaks Director Gavin MacFadyen reportedly receives DNC email transfer from Seth Rich
145.  
146. May 24, 2016: "Midwest Deputy or Director" DNC Email:
147.  
148. Midwest Deputy or Director position is open. If you know of anyone who would be a good fit, let me know.
149.  
150. THE TRAP IS SET.
151.  
152. May 25, 2016 - Date of the last email in the DNC Email Archive released by Wikileaks [** KEY DATE]. Where was Seth Rich on this date? What was his state of mind? Did something happen on or about May 25, 2016 that resulted in Seth Rich losing access to high-level DNC emails? Or did he get one-time access to the DNC emails on May 25, 2016 and downloaded them all then? ←—— Investigation needed.
153.  
154. June 6, 2016 -- /u/MeGrimlock4 final post: https://archive.is/Ktts6
155.  
156. June 14, 2016: "Russian government hackers penetrated DNC, stole opposition research on Trump"
157.  
158. June 14, 2016 -- DNC hires Crowdstrike to find the "Russian hackers" who have been hacking the DNC for over a year. Claims that the past week has included purges to staff to weed out hackers.
159.  
160. July 3, 2016 -- DNC is served with a class action lawsuit
161.  
162. July 5, 2016 -- Seth Rich is invited to Hillary Clinton's campaign team according to Joel Rich in an August 16 interview. The Clinton team announced Rich received an invite to join their team as plausible deniability. The hit was already placed and they were laying the groundwork of reducing motive. An invite like this could only have come from Sanders's people - after all, who would be the recommendation?!
163.  
164. DEATH OF SETH RICH = JULY 10, 2016
165.  
166. DNC CONVENTION = JULY 25 - 28, 2016
167.  
168. July 22, 2016 – Wikileaks publishes 19,252 emails and 8,034 attachments from the DNC, including emails from seven key DNC Staff members. The leaked DNC emails have a date range of January 2015 to May 25, 2016 (* KEY DATE RANGE)
169.  
170. September 2016 -- Wikileaks Craig Murry claims to have met a "disgusted" DNC staffer that was one of multiple sources of the legally obtained leaks (revealed in a Dec 14, 2016 interview)
171.  
172. October 2016 -- Wikileaks publishes Pedosta emails
173.  
174. Tl;Dr: If this timeline is accurate it means someone ransacked employee apartments two weeks after the DNC accuses Sanders campaign of taking data off premises. This sounds like the real Watergate. Criminally implicating Bernie "30 pieces of silver" Sanders.
175.  
176. Tl:Dr: There are two "leaks" here. DNC / Podesta.
177.  
178. DNC was leaked by Seth Rich.
179.  
180. Podesta was leaked through Ukrainian hacking.
181.  
182. Russians only knew of Podesta's emails, not DNC.
183.  
184. DNC blaming Russia for an entirely separate leak.
185.  
186. It means Caesar lied and the enemy was not conquered! When the Empire finds out about this, the whole world will tremble!