Kroll is running an indie audit, but NGP audit already turned up 9 save files equaling 27 lists.

Hardly indy. Bush/Clinton/CIA. That is NOT an 'indy audit'.

[hr][font color="blue"][center]Everything is a satellite to some other thing.[/center][/font][hr]

nt

Someone else told me that the problem was with field level database permissions. We were talking about why any users would have access to the database during maintenance. Others have said it was a patch. A patch would be considered maintenance. My argument was- no users should have been logged on while maintenance was being performed.

Their argument was that field level database permissions wern't difficult to change and not a big deal(Sysadmin opens a window, clicks on which permissions that they want you to have- and you got it. Unclick the permissions and the user doesn't have that permission anylonger) and could be done while users are logged onto the database.

Permissions are exactly that. Some part of the database or function that the user is authorized to use or access.

I pretty much ceded the point. However, I pointed out, that if it was a field level database issue with user or group permissions- then either the sysadmin or the dba had to turn them off or on every single time. They just don't turn themselves on and off. I also pointed out that if they were turning themselves off and on randomly, then that would be a bigger problem.

I also pointed out that we don't know if the vendor who was performing the maintenance- was working on the "firewall" issue or some other issue not related to what the Sander's campaign reported in October.

Bottom line- if a critical fix was being performed on the database by the vendor- no users should have been able to log on before the fix was implemented and tested for success before being returned to the users. Having users logged in would risk corrupting the database.

If it wasn't a critical fix- why was it being implemented during normal business hours and not during their regular scheduled maintenance window?

If it was the simple fix as the user I was discussing this with had indicated. Then someone- sysadmin or dba had to have logged on and given the Sanders Group the permissions to access the Clinton's Group as it is not possible for users to turn these permissions off and on themselves.

So, my question is- Does anyone know what exactly the vendor was working on? A patch? A field level permission? Or something else? And why were users on the database when it was being performed by the vendor?

The story is nonsensical according to my colleagues who work with databases.

Frankly I am stunned that the data was all mixed up in a single DB.

Or something.

I think the DNC and the media have taken advantage of people's ignorance. Most don't have enough technical experience to even begin to speak to what happened.

It's been a long time since I've been in the field (at least 15 years) and I'm no database expert by any means. But I do know enough to know, there's a rat in here somewhere.

Really, I'm surprised that the sysadmins here haven't chimed in and given some insight as to how things work so people can understand. They've recently migrated onto a new server and DU's database was not available to users while the migration occurred.

of the database. But It bothers me that people are only thinking things half through. Like some are sayingthat only the Sanders campaign inappropriately accessed the database. When in fact no one knows how many times it was accessed by others- unnoticed.

That is why it needs to be investigated from day 1.

NGP VAN Denies responsibility for the October Breach Reported by Sanders Team to the DNC. So If NGP VAN is NOT Accountable for the October Data Breach then HOW did that occur? Who "caused" it? We Need to know all communications between campaigns, Debby, Hillary, Bernie and his team and NGP VAN. Emails, phone calls made/received on cells... Depositions... The entire material data on this. Hillary/Debbie started it and now Bernie and his team will FINISH IT!

that won't work

And there are some Technicolor distortions going on in the HRC group.

Truly, I really don't care and am willing to let it go but, since you insist ... and since Bernie gave you guys the hole (which btw, most intelligent people QUIT digging when they realize they are in a hole)

KEEP DIGGING !!!

On Mon Dec 21, 2015, 07:49 PM an alert was sent on the following post:

What information from the Sanders campaign does Clinton have? When did they get it? How many times
http://www.democraticunderground.com/1251934584

REASON FOR ALERT

This post is disruptive, hurtful, rude, insensitive, over-the-top, or otherwise inappropriate.

ALERTER'S COMMENTS

Making unfounded accusations about a Democratic presidential candidate when all of the evidence demonstrates it to be absolutely false.

You served on a randomly-selected Jury of DU members which reviewed this post. The review was completed at Mon Dec 21, 2015, 07:53 PM, and the Jury voted 1-6 to LEAVE IT.

Juror #1 voted to LEAVE IT ALONE
Explanation: Not hideworthy.
Juror #2 voted to LEAVE IT ALONE
Explanation: Funny how alerter thinks it's unfounded when HRC campaign is accused but not when the Sanders campaign got accused.
Juror #3 voted to LEAVE IT ALONE
Explanation: No explanation given
Juror #4 voted to LEAVE IT ALONE
Explanation: The questions appear to be directed at the campaign and the vendor, not the candidate. Also, most of his comments are made as a question. Therefore, not legally an accusation.
Juror #5 voted to HIDE IT
Explanation: No explanation given
Juror #6 voted to LEAVE IT ALONE
Explanation: No explanation given
Juror #7 voted to LEAVE IT ALONE
Explanation: Early in the story

http://blog.ngpvan.com/data-security-and-privacy

for voters that a user already had access to, that user was able to search by and view (but not export or save or act on) some attributes that came from another campaign.
...
a one page-style report containing summary data on a list was saved out of VoteBuilder by one Sanders user. This is what some people have referred to as the “export” from VoteBuilder. As noted below, users were unable to export lists of people.

here's the four logs, came aware of breach at 10:40, breach ends at 11:27
http://i2.cdn.turner.com/cnn/2015/images/12/18/merged_document.pdf

User page 1 - did a search without saving any list (probably why they were not suspended)
User page 2 - saves 7 lists
User page 3 - saves 9 lists
User page 4 - saves 8 lists
================
4 users - saved 24 lists

They exported a Sanders report after the breach was over in NV (where they had not done anything during the breach). They did not export the other campaign lists they generated during the breach in the log.

I did not see in those logs where they generated the "one page-style report containing summary data on a list was saved out of VoteBuilder by one Sanders user" and exported that per NGP VAN above.

So they have a pretty good idea of what happened earlier this week. And NGP VAN claim that the Clinton campaign did not do anything like the above.

On Friday:

"We're actually very confident that some of our data was lost to one of the other campaigns" Sanders Campaign manager Jeff Weaver
Through that video and other reports, last October there were two breaches by different software companies or a company hired by the DNC - (one of them involved modeling software and that company could have been involved with both breaches)

If another campaign compromised Sanders data and the DNC just closed off the breach and didn't do anything more - like an audit of it, the DNC could have a real problem in terms of damages/liability (and old Debbie has them operating at financial loss right now about $20 mil behind the RNC). And the Clinton campaign could have an even bigger problem in terms of the public perception of her campaign doing this to Sanders after hypocritically having their surrogate DNC chairperson whack Sanders in the media.

Don't want to go over the top here but if Weaver truly has the solid evidence you'd think he'd have to be "very confident", he could nuke the Clinton campaign pretty badly here if they were the campaign who compromised his data. I don't know how the lawyers would haggle their way around that one. Could get interesting.

As for Debbie, I don't know how she could carry on in this capacity - even if Hillary wins. She's messed up pretty big here.

Lots of good information.

When did we decide to start making up serious accusations against fellow Democrats with no evidence at all?

The logs clearly show Uretsky and the others searched for, viewed and saved HFA campaign data. How is the Clinton campaign to blame for that? I'm still planning to vote Bernie in the CA Dem primary (finally get to cast a vote for him), but reading GD-P since the data breach/theft story broke has blown me away. Sorry to say, I think a lot of Bernie supporters are doing the absolute most with the least. It's not a good look. What will they say if the audit doesn't show that Clinton campaign staffers were doing what Sanders campaign staffers did? :/ I think it was kinda irresponsible of Bernie Sanders to make that accusation.

and thorough investigation and auditing while Hillary's campaign strongly supports it? They know that a thorough investigation and independent investigation will vindicate the Hillary campaign, the DNC and the vendor and prove once and for all that only Bernie's campaign did anything wrong.

So that's what they afraid of!? Oh wait a second. Did I get it backwards?

http://www.democraticunderground.com/?com=view_post&forum=1251&pid=935849



Pals.

Just extending a sign of goodwill and appreciation to you.

Fact is: he's gonna kick her butt.

Aides suspended, and more to come. The info coming out is showing it could even be worse than initially thought. Might want to care a little about tampering with a Federal Election.

Happy Holidays.

Hope YOU rest well.

like how did Bernie supporters suddenly get contacted from Hillary's campaign a few weeks ago (Evidence is already available)

After this lawsuit is said and done, it'll be Clinton that's finished for good.

These OPs are hilarious.