[addicted]

So the proof that a certain set of files were not hacked by an expert hacking agency is that the last modified time stamps are not consistent with them...

I remember fooling my 9 year old sister by modifying the metadata for files when I was 14. I didn’t realize expert hackers are incapable of figuring out what I did as a 14 year old.

[nickysielicki]

I can't stand to see this sort of logical inversion take place.

There are exactly two possibilities:

A. The timestamps weren't modified at all, and the modification time on the file truly represents the time at which they were written. ie: the timestamps are a roughly accurate indicator of transfer speed.

B. The timestamps were modified, but the hackers specifically went through the effort to calculate timestamps that align with 23MB/s, and then set those timestamps on the files.

Possibility B is much more contrived, is unfalsifiable, and yet you're defending it as if those that believe Possibility A are the real conspiracy theorists.

In reality, you're the conspiracy theorist! You're saying there must have been an explicit effort (say, a conspiration) to set modification times to align with 23MB/s. It's ridiculous.

[AaronFriel]

There is a much more plausible explanation:

1. The timestamps reflect some process that occurred before the files were uploaded to the internet.

That's it. That's the plausible explanation.

* Secondary transfer to removable media that changed timestamps

* Transfer to network file server, likewise

* Archival

* Compression/decompression

* Encryption/decryption

* Analysis of files that touched them (set timestamp) to indicate completion

Basically any process that proceeded at an average of 23MB/s would produce that pattern. And note, that it doesn't preclude the possibility that the timestamps changed many times between when they were on the DNC server and when they were made public. So indeed, the 23MB/s could indicate removeable media was involved, but it could have been from one Russian intelligence officer's computer to another's.

Occam's razor: the simplest explanation is the most likely one: The timestamps reflect a process that occurred at a rate of about 23MB/s.

We just can't speculate on what process that is.

[justinclift]

It'd be interesting to note which application was supposedly used to copy the files around.

eg `rsync -aP` widely used by SysAdmin/DevOps people specifically sets the timestamp of copied files to match their source.

[themacguffinman]

How is it a conspiracy theory that the timestamps were modified? Timestamps aren't difficult to modify and it's not hard to imagine a script introducing jitter to make it realistic. It's also not a stretch to believe that real USB transfers were used to create the timestamp, but it doesn't indicate that the primary hack/exfiltration was done via a USB transfer.

I don't think you know what a conspiracy theory is or why they tend to be ridiculous.

It's hardly wild to think that a bad actor capable of exfiltrating sensitive data might also cover its tracks by easily modifying metadata of files that the bad actor itself is leaking. That's not a conspiracy at all, timestamps can be modified alone without much difficulty and without recruiting a conspiracy of people and institutions.

Binney's argument, however, is wildly conspiratorial. Let me highlight a quote from the AMA [1]:

> They all blocked any reference to the forensic evidence we were coming up with, publicly. They were all part of it. It includes the Mueller investigation and the Rosenstein indictments.

Apparently it's more likely that multiple political and judicial institutions were "part" of an effort to block critical evidence. But wait, there's more:

> The MSM doesn't want anyone to know it happened!

Ah, all the "mainstream media" outlets were also in on it! Apparently they also worked with the multiple political and judicial institutions to hide this fact from the people.

Apparently The Mueller report, the intelligence agencies, the Senate Select Committee on Intelligence are all wrong, were all part of an effort to hide important evidence, and even the many organizations that comprise the "Mainstream Media" are all in it together to stop people from knowing about it.

Wow, this is a secret and intimate collaboration between massive organizations on a scale we've never seen before. It's ridiculous.

It's not that I don't believe timestamps are usually accurate, it's that I don't believe easily modifiable timestamps is more reliable as evidence than the extensive intelligence and investigation carried out and reported by multiple independent institutions.

[1] https://www.reddit.com/r/IAmA/comments/igeixp/i_am_william_b...