The Sanders campaign had access to proprietary information showed the strategy and thinking of the Clinton plan for its GOTV efforts in key states. This was not a harmless exercise and the information accessed could hurt the Clinton campaign

I get that was a breach in the firewall. I get that Sanders team saw Clinton's data on donors. But what could Sanders do with that data that would harm Clinton's team? Honestly, this is a question. Could he then solicit monies from those donors? Ones, that probably have heard of him and still chosen to donate to Clinton's campaign?


That seems to be the only thing Bernie's team could do with this information, or am I missing something?

I understand that it is not on, that they shouldn't do it, but is that the worse case scenario from all of this?

Honestly, this is a real question, not snark. You are very well known as a Clinton supporter and I think you could tell me the fears of what could be done with this breach. You seem less excitable than a few on the board and I would be inclined to believe what you post.

That, at best, the Sanders team would identify which areas to exclude from their efforts/canvassing walks (the "strong" Hilary supporters), and to get a general litmus of what the Clinton campaign thought their chances were (if I'm reading it right). His words:

and the author mentions that actually getting use out of it outside the system would take months of work and would basically be impossible to do fast enough to benefit a campaign..

Other than potentially being able to get an idea of the Clinton campaign' confidence level there was really nothing else that could be gained through what was saved in the system.

I'm also a little more than uncomfortable with acting as if citizens are somehow a specific candidate's/campaign's "customer." I understand there's time, effort, and money expended in gathering the data, but still...

to the Bernie campaign without viewing those files.

There was not enough time for the Bernie campaign to learn much about Hillary's strategies.

I saw the list of searches, and my first thought was that they were intended to show the existence of the breach of the firewall and the extent of that breach.

That's all. And the information is back in Hillary's file.
I am inclined to believe Uretsky's explanation of his conduct.

If I had been in his place and had wanted to exploit that opportunity to study Hillary's files, I would have done it quite differently so that less of a history was left.

I suspect that Hillary's campaign is a lot weaker than Uretsky or the Bernie campaign even thought possible. You don't need to look at a database to know that. You just look at the crowd numbers in Iowa. Bernie is getting crowds many times the sizes of Hillary's crowds.

Hillary is desperate and trying to make a big deal out of this breach knowing that people don't understand what happened.

Hillary supporters are trying to spread as much misinformation and innuendo regarding what happened as possible.

It is disgusting and will backfire.

I hope Bernie insists on a court-appointed referee and investigator to determine what really happened. Uretsky can testify under oath if need be.

Here are some facts for the Sanders supporters to ignore or not be able to understand http://www.politifact.com/truth-o-meter/statements/2015/dec/22/bernie-s/Sanders-take-Clinton-voter-data/

Be explained on how the Clinton Campaign has exploited the software.

On the other hand, what was the intent of Uretsky, it would sound more reasonable Uretsky exploited the software and breached Clinton Campaign data.

Twisting the truth could be the attempted exploitation. After the report is announced by the audit then everyone can put this to sleep.

"time to put this to sleep"

Because when it happened in October he had no proof that it happened. He knew it had because he could see Clintons scores in his results. He knew it was probably also occurring the other way around. Van and DNC would not believe him with out proof. He created the proof and left it on the DNC's servers. VAN stated that Sanders group did not export it. It stayed on the servers as proof that the breach had happened.

As someone who has dealt with large systems before, the vender does NOT believe the customer when a problem has occurred. The customer has to prove to the vender that something has happened. Usually the customer has to give the vender a step by step list of actions that the customer did to achieve the error.

Fully agree.
🌟💥🌟

what they can do.

That's my experience anyway.

He was testing the parameters. He did a lot of quick searches in a relatively short period of time. You don't really learn that much from it. But it does prove the existence of the capacity to access the entire database and measures the extent of Bernie's ability to access Hillary's information.

The time frame was too short to really get much specific information. And Uretsky knew that NGP Van would have the history of his searches.

But the damage has been done.

Debbie Wasserman-Schultz who, without understanding what happened made so much over this and damaged Bernie's campaign with her over-reacting, needs to resign. And now.

An apology from Wasserman-Schultz is in my opinion not sufficient.

She capitalized on this glitch which was the fault of the vendor she selected -- NGP Van.

Is Bernie still suing the DNC? I hope so.

doing much more than was done by Uretsky.

So indeed, if nothing more was done by either side it should be put to sleep.

The problem is that this is being handled for political gain. So I would fully expect that common sense will not prevail if there is an opportunity to exploit the public's understanding further.

Please read the article and the NGP Van blog on their website.

I believe based on my experience with databases that Uretsky is telling the truth. He knew his searches would leave a history, a trace. If he had wanted to glean information, he would not have done so many searches so quickly and filed them away. That's not how you get much useful information from a database.

This is strictly the fault of NGP Van and may be (I haven't seen the contract) a breach of contract by them. I don't know this for a fact, but in a normal business contract, NGP Van's duty to maintain the separation, the firewall between Hillary's and Bernie's information would be there in print, in black and white, or in the computer equivalent of a contract.

Your concerns could be answered.

The searches Urestsky did sure looked like they were intended to determine the extent of the breach and prove the existence of the breach.

Do you have experience using a large database?

My experience is with a much smaller database than all the voters in a number of states.

The data Uretsky viewed for a short time was of virtually no value to the Bernie campaign.

As for exposing Hillary's strategy, that would not be necessary. It's pretty obvious from the crowd numbers that Hillary is not doing nearly as well in Iowa as she claims.

This situation looks to me like it COULD HAVE BEEN a trap set by the DNC and the vendor chosen by the DNC to make the Bernie campaign look bad. It could also have been a set-up so that Hillary's campaign could view specific information from Bernie's portion of the website. No searches would have been necessary to do that, I suspect. (Don't know for sure but the website was probably open with no firewall up for either campaign. What was Hillary's campaign doing during the time period of the breach? That question also has to be answered. Just because they weren't doing specific searches to measure the extent of the breach does not mean they weren't looking. Was every view of every bit of information on the website tracked? I seriously doubt it but it is possible. What does the history tell us was going on on Hillary's side of the database during the breach?)

A really independent review and investigation is needed of this.

The Clinton campaign and the DNC have milked every bit of anti-Bernie propaganda out of this COMPUTER BUG-caused incident possible.

To us Bernie supporters, this is not over by a long-shot.

It's a shame that the DNC and the Hillary campaign tried to exploit it to make Bernie look bad. That's really a miserable, under-handed thing to do.

A lot of Hillary supporters really think that Bernie's campaign "stole" information from Hillary.

The DNC and Debbie Wasserman-Schultz need to apologize and then Debbie needs to resign.

Otherwise this could divide the Democratic Party irreparably insofar as the 2016 campaign is concerned.

Bernie fired an employee over this. The DNC needs to fire Debbie over her handling of it.

We are waiting.

They admit the breach was their fault.

Just read the blog on the NGP Van website.

It's all there.

Data? This may sound reasonable to some people, the staff members breached the Data.

and they searched.

I have explained my view. That is all I have to say about it.

Thank you.

We will have to agree to disagree.

The breach was by the staff members, the ability to do so may be on NGP Van allowing a window but the breach was not by NPG Van. Some may want to deny responsibility of the staff members breaching the data. Who forced these staff members to breach the data?

I'd still like to know exactly what was "another system" in October.

Does anyone have another way of getting it??

doesn't come up from your link or from the link in OP

Very interesting read.

substantive.

My previous posted analysis:
http://www.democraticunderground.com/1251913752


This "crisis" was mostly (somewhat dishonest) political gamesmanship.


The summary basically states that:

1. The data pulled had little if any feasible real campaign use.

2. There is *no* "data to be recovered" and there was no way to "download" it in the first place. This is just made up.

3. It is consistent that Uretsky's searches began as an investigation, but it appears he got carried away and possibly did attempt to use the data to determine the Clinton campaign's confidence level. So it was right to fire him for crossing the line.

Last edited Thu Dec 24, 2015, 09:22 PM - Edit history (1)

in order to protect Bernie's information.

What do you think about that?

Bernie's campaign had experienced a previous breach on a different website that it complained about to the DNC. It seems logical to me that they would run searches to discover and determine the extent of the data available due to the NGP Van "bug" which might constitute a breach of contract if not worse.


I haven't seen the contract but it probably required NGP Van to protect the proprietary data of the Bernie and Hillary campaigns from the view of the opposing campaign. I would guess that.

I am inclined to believe Uretsky. He knew very well that a log was being kept of the searches. And the log does prove the extent and quality of the breach.

I hope the Bernie keeps up his lawsuit and that we find out the full truth on this.

I think that Bernie's campaign is doing a lot better than the press or Hillary want to admit. This incident suggest that to me.

Hillary's campaign had access to Bernie's information and could have viewed all or important portions of that information without any log of searches. The fact that there is no log of Hillary searches that look incriminating is not meaningful. The question is whether Hillary's campaign did any overall searches during that time period. Because it would be conceivable that a party could do a general search of the information for a particular factor and save that file then search for its own information and save that file. Later it could compare the two files -- the more comprehensive one including Sanders' information against its own file. The differences would be Sanders information. Of course, what I am assuming in that hypothesis is that Hillary would still be able to maintain Sanders' file information in a general file after NGP Van put the firewall back up. I do not know that to be true. So this hypothesis may be wrong.

I said more than once, if I were in his boots and someone had left my data naked for my competitors to see more than once before, as has been alleged, I'd do something similar to what Uretsky did and I stand up to the media and defend him. You cannot roll over and let your vendor or the DNC keep doing that to you.

If he hadn't done what he did, there's a good chance we wouldn't be having this discussion. Because his efforts gathered a lot of proof that the security of that data wasn't great - one security layer vendor controlled.

I generally believe what Uretsky said and feel the logs largely back him up.

I would have gone after O'Malleys data instead, if he's on that system and that data was exposed. And I would have stayed away from Iowa and New Hampshire to help keep the campaign's nose clean. (They'd probably be stuck to work on states that were coming up because that's where unique campaign data would be developed)

This was an example of dirty politics, plain and simple.

The Hillary campaign may be a lot less confident than it pretends. Judging from the turnouts at speeches in Iowa, I bet that is the case.

That is my suspicion. And Debbie Wasserman Schultz really took advantage of this minor problem.

The anti-Bernie propaganda has done far more harm than Uretsky's glance at Hillary's information.

The expected documentation under these circumstances would be a screenshot of the score filtering interface showing Clinton scores.

A reference to a list or two created using the scores might be helpful, but once it has been established that one is in fact able to filter, additional lists are not in any way useful to the engineer debugging. If the thinking was that the score access bug had only affected certain states, surely after the third or fourth attempt it would be clear this was not the case.

So what was Uretsky thinking? He most likely ran the queries to sound out the Clinton campaign’s estimation of its chances in upcoming races. With every query they ran, Sanders staff learned something about what the Clinton campaign thought the distribution of support among voters in early primary states looked like.

Perhaps Uretsky really did begin searching with the intent of assessing the scope of the breach and his curiosity simply got the better of him. In doing this, he touched a very sensitive nerve indeed. But his actions were less comparable to copying sheets from the opposing team’s playbook than opportunistic eavesdropping on its pre-game chatter.

weapons are alleged to have been transferred to the Syrian rebels with the help of Turkey.

Read the article by Seymour Hersh.

http://www.lrb.co.uk/v36/n08/seymour-m-hersh/the-red-line-and-the-rat-line

This rat line could well be the ruination of a Clinton candidacy. The CIA was certainly deeply involved, and apparently the State Department via the Libyan ambassador may have been too.

If Hillary was supportive of the transfer of arms to Syrian rebels, then her campaign is in trouble. This is probably why the Republicans wanted her e-mails so much. We shall see.

But that is a bad metaphor.

Sorry.

So you think they attacked this compound because weapons were stored there? Hmmmm....would Ambassador Stevens have approved that? He wasn't into fighting, he was an ambassador of peace, so I kind of doubt it.

from wiki:

Ambassador J. Christopher Stevens was named the first liaison with the Libyan opposition in March 2011.[31] After the end of the war, both the CIA and the U.S. State Department were tasked with continuing to identify and collect arms that had flooded the country during the war, particularly shoulder-fired missiles taken from the arsenal of the Gaddafi regime,[32][33] as well as securing Libyan chemical weapons stockpiles, and helping to train Libya's new intelligence service.[29]

campaign was. He interprets their intent as nefarious.

Having used databases but not anywhere near to the extent that Jacobin has, I don't think it is that easy to determine the intent of Uretsky and his staff.

A thorough, unbiased investigation is needed.

As Jacobin admits, the history of the searches was on the database. NGP Van controlled the record of the searches and knows what was searched. They do not know, no one knows what the thoughts were of the people doing the searching.

An independent investigation, perhaps by a court-appointed investigation team is needed to study this.

If I had wanted to obtain information from Hillary's files, I would have searched and saved the results of the entire file then searched for Bernie's files and ratings on the voters. The difference in the two sets of data would be Hillary's information. That would have been less noticeable than the obvious way the Bernie campaign did this. That is something someone who works with databases would easily figure out. So that is why I ascribe a more innocent purpose to the searches and tend to believe Uretsky.

We shall see.

Clinton stealing my data from the October breaches and/or before. There's a pretty interesting way of dealing with it. You put in some fake data that only you know and your lawyer about - including for example, fake email addresses. Put in a few in each state that would have voter data that would appeal to the Clinton campaign (voter has money to donate, likes Hillary, you know ...). If the Clinton campaign starts sending emails to those bogus email addresses that only the Sanders campaign created and knows about, how do the Clinton campaign explain that?

Sanders campaign manager Weaver is "very confident" a campaign got a hold of their data. He wants an audit. If that audit doesn't turn up the trojan horse data, well, he can cry foul on the audit, can't he.

This thing isn't over because the Sanders campaign took Clinton's data last week. The logs and the software vendor have already established that didn't happen. They knew from those logs very quickly it didn't happen. I strongly suspect they did it to smear the Sanders campaign - to make them look bad - worse than they really were at the very least.

This thing isn't over because the Sanders campaign is pretty convinced somebody took their data ... and from the sounds of Weaver, they must have some pretty compelling evidence to keep the court case going and stand in front of the national media maintaining they're "very confident" somebody took their data.

If they're in possession of Trojan horse emails (as one example) or evidence that the Clinton campaign took their data last October or whenever and that comes out, oh, say a week or a few days before Iowa goes to the polls, the primary polls could get pretty interesting, doncha think? Bernie would be getting a little media attention then I'll bet.

You're damn right this isn't over. This thing smells bad. I have no evidence the Clinton campaign is guilty. But the stench to me isn't coming from the Sanders campaign. The way their heading with this, it could be a real problem for another campaign - they're not letting go. If they're truly convinced someone took their data, why should they?

I wonder if anyone who is reading this after 7:52 Central time can guess what it is.

to explain how it is simply just wrong to defend Vangate and Bernie's staff just has to be completely and utterly wrong. And Bernie himself is responsible.

And they let the story sink to the bottom out of view. They contest issues where they can deflect from the real issues and talk about polls.

This is precisely the type of story they would let drop uncontested so that nobody sees it. Then when you try to post the story to refute their lies on subthreads in other OPs they can deflect and not argue the present OP in full detail.

Watch it happen; I predict it.

of a third party server, especially when the third party may or may not have bias.


I totally get storing a shared list that all Democrats can access by the DNC. But if I were running a campaign's web server, I would sync a local copy of the list with the DNC's generic list then handle all my sensitive information locally. That would assure that all data is secured and accessible by my campaign only.


Don't give me that campaigns can't write their own filters in time, those are incredibly easy to accomplish, especially if someone makes a general template of the search code to distribute to the various campaigns. I also don't buy the logs being only readable by an NGP-VAN engineers. I know a number of IT professionals and programmers very able at reading even the most obscure logs (myself included).


The rest of the article is an interesting look into the inner workings of the Democratic party's setup. But they really need to decentralize this whole thing. Not only to protect against what happened here, but also to protect against a breach by a Republican operative. If they ever gained access to the VAN server, they would have campaign strategy information for who knows how many Democratic campaigns.