One of the now factual pieces of the Spygate puzzle from John Durham's filing regarding conflicts on Saturday was Rodney Joffe's crew were spying on the President in Trump Tower and the White House. Yes, that's big.
I listened to the Spaces gathering where a bunch of the Spygate diggers go, and something stood out to me in regards to framing what data could have been exfiltrated.
Side note: if you're a Spygate junkie like myself, those Spaces are mandatory listening because the who's who of the researchers (who provide the information to be stolen by the larger conservative publications) join in and give their input. Even those directly involved like Felix Sater and Michael Caputo have joined in. You don't need a Twitter account to listen. At a minimum, listen to the replays after a Durham event, like a filing or indictment.
The assumption by the researchers seems to be only DNS queries were captured, like what websites or destinations the White House and Trump Tower staff were visiting. With Joffe's infrastructure presence in the White House, he can certainly hijack the lookups and do evil DNS things, but I think something else was happening.
Not many people know (including a lot of technical people) that you can tunnel data through DNS. For example, there's an implementation called "Iodine" (my firm used this in the past):
This is a piece of software that lets you tunnel IPv4 data through a DNS server. This can be usable in different situations where internet access is firewalled, but DNS queries are allowed.
This is very useful because to network administrators, the data going back and forth looks like DNS requests in the logs, so no alarms are raised, and the firewalls don't know any better.
It seems quite feasible to me that White House and Trump Tower computers were compromised (by someone) and data was intercepted and tunneled through DNS (because Joffe is ALREADY IN THERE). This is speculation on my part, but if I were spying on the President, and I had an in-place infrastructure with a corrupt provider like Rodney Joffe's, then this is something I would do.
For example, perhaps key loggers were set up on the machines, so every keystroke was collected and smuggled through DNS. Joffe and his team of goons have plenty of tools to use for spying (for example, remember Vault 7?).
Here's food for thought: Joffe's arrangement to provide DNS services to the White House goes back to 2014 (if I read correctly). Remember when Samantha Powers' credentials were used for unmasking?
Was that because her access was stolen from her computer when she typed in her credentials? I'm not saying this IS what happened, but I'm just spit-balling here on what useful stuff you can gather if you were a treasonous piece of dung with the utmost confidence that you'd never be caught.
If you believe the White House was bugged from top to bottom (as I believe) then why would you not assume the computers used by the White House executive staff were compromised? To me, it's a no-brainer.
To the Spygate researches, in the pursuit of nailing down what happened, I'd put a damper on the firm assumption that Joffe's role was simply collecting DNS lookups, because you can smuggle data through DNS.
One small request to Spygate researchers, PLEASE stop calling DNS lookups "pings". A ping is an ICMP exchange. I know when you're saying "ping" you mean "lookup", but let's use some precision since we're getting more into the weeds.