Trump Tower’s “Stealth Russian Data Machine”

We pull back the curtain on Jared Kushner’s “Stealth Data Machine.”


Stealth Data Machine

Jared Kushner is currently taking a victory lap, crowin’ about his “Stealth Data Machine” that put Donald Trump over the top in the 2016 race.  Let’s pry off the lid and peer into the inner-workings of this “Data Machine.”

The Signal in the Noise

Building on the data analysis by @Conspirator0 on Twitter, Tea Pain has stumbled onto a possible “signal in the noise” that opens a window into the data-swappin’ shenanigans going on between Trump Tower, Spectrum Health and Russia’s Alfa Bank during the election.

Spectrum Health, owned by Michigan’s powerful Devos family, attempted to explain the IP activity as “Voice over IP traffic”, whereas Alfa Bank offered an even more exotic explanation that “hackers attempted to make it look like we contacted Trump Tower.”

The data traffic, when analyzed, tells a very different story, a story of automated, orchestrated data sharing among multiple sites for a strategic end.

Tea Pain originally dismissed this story as a possible red-herring.  With the Russia craze at a fever pitch, this activity could be explained by what Tea’s daddy used to say, “When you got a new hammer, everything looks like a nail.”  But when Tea Pain saw the data patterns analyzed by Conspiritor0, he knew he’d spotted something mighty familiar: Database Replication.  Put a pin in that, more on that later.

Ping Duration

At first, data analysts were puzzled by what appeared to be random activity with no apparent pattern.  Perhaps it was email activity?  Maybe money transfers?  But there were literally thousands of these IP “pings.”

Once the activity was charted, a pattern emerged.  For example, a connection is made from Alfa Bank to Trump Tower, which may last anywhere from 1 minute to 15 minutes or more, followed by a longer “sleep” period.  When averaged over months, these events charted an average time between connections to be 3660 seconds, or 1 hour and 1 minute.  Whatever was running, it would hook up, transfer data for a few minutes, then go to sleep for an hour.

This was the clue that led Tea Pain to formulate a much clearer working model to explain what we were all seeing:  SQL Server Database Replication between multiple sites.

Database Replication

What Is Database Replication?

Database Replication is a rather simple concept.  When you have a database with millions of records representing hundreds of gigabytes of data, and you would like to keep a copy of that database housed in 2 or more locations, it makes no sense to continually copy the entire database from point A to point B every time a change is made, so you “replicate” it.

This allows only the changes made to be sent from one database to another.  This is accomplished by a process that runs on timely intervals, usually an hour, that wakes up and checks the changes made since the last hour and broadcasts those changes to the other database.  The other database, in turn, check for its changes and broadcasts them in the other direction.  Voila!  Both databases are identical!

So what does the data traffic patterns suggest?  Check out the chart below.  Behold, Kushner’s “Stealth Data Machine.”

Russia Data Traffic

The white box illustrates the scope of data we can now observe.  The bulk of the replication took place between Trump Tower and Alfa Bank, while smaller amounts of data were transferred between Trump Tower and Spectrum Health.  If, for example, Trump Tower talked to Alfa Bank for 10 minutes, the next Spectrum-Trump Tower connection might last only one minute, indicating data replicated from Trump Tower to the Devos health care empire was being filtered, perhaps by “WHERE StateCode=’MI'” for example.  But when changes were made at Spectrum, things looked very different.

IP Packetts

Conspiritor0 noted that when Spectrum connected to Trump Tower, Trump Tower’s next connect time was significantly longer, indicating Spectrum had modified a large chunk of records that had to be synced to Trump Tower, then pushed on to Alfa Bank. This detail was important in identifying that replication was in use.  In this scenario, Trump Tower was functioning as a center-point, a data distribution center if you will.

We don’t know what was in these data packets; that info is beyond our purview at this time, but ask yourself a simple question and you find your answer: “What do Trump Tower, the Devos Family and the Russians all have in common?  A desire for Donald Trump to be President of the United States.

Tea Pain’s working theory is that Russia created a voter targeting database with information gleaned from hacked DNC data rolls and other data rolls “acquired” from other states to feed this growing contact database.  That database originated at Russian Intelligence which was in turn replicated to Russia’s Alfa Bank.  This is where the “data laundering” takes place,  Alfa Bank is the pivot point where the FSB’s data fingerprints are wiped clean.  Ironically Russia launders its data at the same place it launders its money.

At Trump Tower, more data could merged into this system using various legal sources as well.  Spectrum Health could also add value to the data by matching names and addresses in their extensive healthcare databases to harvest email addresses and phone numbers to flesh out this list.  All these changes would be promptly replicated back to Russia in a matter of hours.

Once back in the hands of Russian Intelligence, this massaged data could be programmatically matched up with social media handles to create a micro-targeted “hit list” for the thousand Russian trolls employed by Putin.

The Payoff

How is this a breakthrough? Now that we have identified the likely means of how this data was transferred, data analysts now have more precise points to search for to arrive at a complete reveal of the massive data collusion between Team Trump and America’s foremost adversary.

The “beauty” of this system is its simplicity.  Here’s some bullet-points to sum up.

  1. No special software needed. SQL Server is used in most every major enterprise.  Replication is a built-in tool.  No mysterious hidden processes, viruses, malware, etc.
  2. Virtually undetectable. No one would blink an eye at data replication, a standard business practice.
  3. Could all be set up remotely with only VPN credentials and remote desktop access, information that is often shared via routine third-party data audits. No one inside Trump Tower or Spectrum’s IT department need be involved. One Russian Intelligence data operative could set this up in less than an hour at each location.  No low-level “conspirators” needed.
  4. Value could be added to the data anywhere in the chain and it would promote back to Russian Intelligence within 2-3 hours.
  5. All data-transmission would be out in the open, mixed in with the daily flow of business.
  6. Even if found, the data would look benign, just names, addresses, phone numbers, email addresses, social media handles, etc. No financial information. It would look just like a contact lead database purchased from any data-mining merchant.
  7. Trump/Spectrum operatives and employees in the United States could interact with this list and have no clue the origins of the data were nefarious.  This plain-sight approach was the key to its success.

261 thoughts on “Trump Tower’s “Stealth Russian Data Machine””

  1. Tea Pain… Your ‘user-friendly information layout was so incredibly easy to follow I think it’s right up Rachel Maddow’s alley. Have you reached out to TRMS to book a segment yet? If not, I’m SURE WE’LL ALL BE IN ATTENDANCE ! Pretty Please with a cherry on top? 🍒

    Liked by 11 people

      1. Humm. Diabolical. And Kushner tried or wanted to open a back channel to Russia from the WH.For all we know maybe he has? Talk about organized crime….RICO. I hope this is some of what Mueller and Team are working on.😈

        Liked by 1 person

    1. Betsy”s server said to be run for her brother Eric? the black ops guy owns Blacksmithing that worked for Trump campaign and got her slot as he has a long history with Russia and other Intl dictator regimes. They have sold out America. Indict and Impeach now!


    2. What if the DeVos/Spectrum Health Server was involved only as a Back-up Server in case the others were attacked or destroyed?

      What if the Spectrum Health Server only provided targeting information for Michigan residents and facilitated just that end of the equation?

      Don’t get me wrong, I believe all of this. There’s no real need to think these things have to be mutually exclusive, is there?


      1. Review the billionaire far-right-wing DeVos family and Erik Prince connection before assuming an “innocent” role for Spectrum Health. After the election, an unqualified anti-public schools Betsy DeVos, sister to the head of the mercenaries-for-hire evangelically driven murderous (GW’s no-bid contractor) BLACKWATER group. Prince’s father was behind the AMWAY scam, and Erik Prince, who created Prince Group, attempted to convince Trump to let his mercenaries take over ($3000 per day per person) in Afghanistan. Follow the money and the lust(s) for power.


  2. What I think gets lost in the analysis is what does the Kremlin actually do with the voter email addresses? They wouldn’t need them to troll Twitter. And they would be of no use with Facebook… UNLESS using those addresses to target FB ads to specific people.

    When advertising on FB, you can upload email addresses, and FB then matches them to the appropriate UserID and shows your ads to that person.

    If investigators really want to know if the Trump campaign was using stolen data, they should subpoena Facebook advertising records — then they can see exactly what data was used when targeting pro-Trump ads during the campaign, where the data came from, in what form it came (literally, the excel files containing the addresses), and who paid for the advertising.

    An extremely easy way for Putin or ANYONE to support a political campaign on Facebook using unlimited funds is to simply buy advertising. You don’t even need bots.

    Liked by 6 people

    1. And intel agencies KNOW that Russia sent social media posts to align with their disuade fence post HRC fans into voting for the Heinous one, or for BS. Or even Mcmullin

      Liked by 2 people

      1. If this data were a list of registered democratic voters, then if could be used for large scale disenfranchisement, e.g. By sending out voter confirmation cards and removing voters who didn’t respond quickly, as was done in many areas.

        Liked by 4 people

      2. And they still do it. After a terrorist attack they had their bots go to work so that FakeTerroristAttack was trending on twitter.

        Liked by 2 people

    2. Since we know the Russians are in the hacking business, the email accounts of regular people could simply be another means to gain access to the contact lists of those folks whose email addresses they have, too. They could then bombard them with all sorts of things, whether it be a scam opportunity such as “You’ve won! Now click this link to collect your prize.” Or something like, “We’ve detected a virus on your computer, click here immediately!” If someone bites, they are in and controlling that computer. Let your imagination run wild with the options there.

      Liked by 2 people

      1. And now WH is asking for voter information which has all of the makings of cyber ID’s. mothers maiden, last 4 of SS, etc.


      2. “If someone bites, they are in and controlling that computer.”

        Actually, following a link does not allow anyone to “control the computer”, but nice try.


      3. simple-touriste: While following a link doesn’t necessarily automatically infect every computer that bites, that’s mostly because most people have some kind of malware protection installed, either as a separate utility, or part of their computer’s operating system, or they’re using a browser, like Chrome, that refers to a blacklist and warns users that they may be infected if they proceed. But there are plenty of people whose computers aren’t secure, for which following a link to a malicious web page can indeed automatically inject malware that can do whatever the malware was programmed to do. If there are no barriers on the computer that just bit, and if the malware has been written cleverly enough, it can steal data and indeed “take control”, at least in the sense of becoming a bot computer for whoever distributed the malware. If none of this were true, then there wouldn’t be any malware like this, but there obviously is.


    3. Didn’t Kushner play “moneyball” with the campaign? Strategically targeted areas in states that could go red if you can convince voters. Then you have DNC voter information, rolls, etc. and enough misinformation to sway people through targeted attacks to question what is real in regards to the candidate of their party.

      Liked by 4 people

      1. In today’s modern technology, if you have older voting systems, it should be fairly easy to hack. WI and all those special elections were not won fairly. There was vote tampering. Once Russia had all Democratic voters information they would know whose votes they had to manipulate. Then on voting day they would sync people voting with a Republican vote instead of a Democratic vote. Please note: More people are beginning to see that Trump has a strategic agenda to cry voter fraud, fake media, etc… which keeps us busy so that the nefarious plans can be implemented. We are not dealing with a forgetful 70 year old man. We are dealing with a skilled con-artist that has never taken the fall for anything. Every politician or staff in the White House or Congress have skeletons in their closet. Trump used the rebelation of Russia’s hacking as a means to intimidate all politicians. His message is, if Russia can hack into the DNC, it can also find the bones in your closet.

        Liked by 1 person

      2. I remember how hot to trot Trump and campaign were to hit those 3 states all of a sudden like.Now its apparent. Amazing.They dont seem to have a worry in the world. Thinking they can outsmart with fake news bots and troll proaganda….Come on GOV get it together 😱😈😨🤢

        Liked by 1 person

      3. “Then on voting day they would sync people voting with a Republican vote instead of a Democratic vote.”

        OK that made no sense.



      Jon Iadonisi, a friend and business associate of former national security adviser Michael Flynn, had two under-the-radar projects underway in the fall of 2016.

      One of his companies was helping Flynn with an investigative effort for an ally of the Turkish government — details of which Flynn revealed only after he was forced to step down from his White House post.

      At the same time, Iadonisi was also doing work for the Trump campaign, although his role was not publicly reported, according to people familiar with his involvement.

      The project Iadonisi was engaged in for Trump’s campaign focused on social media, according to a person with knowledge of the arrangement. What that work consisted of — and why his company was not disclosed as a vendor in campaign finance reports — remains a mystery.

      Liked by 3 people

      1. Likely he was researching just how outrageously stupid a story they could pass on to certain voters. Witness Pizzagate.

        Liked by 1 person

    5. it is being kicked around that the russians attacked the voter rolls of states, did voter purge or changed registration on Dems so voila no vote for you Dem Dog. Feasible and no direct attack at election system.

      Liked by 3 people

    6. Jared did exactly this, legally, to improve the sale of Trump gear over Facebook. Used data from Cambridge Analytica. Improved sales 10x.


    7. Fake public comments on federal rule-making, using the identities of real people, for one thing. Millions of fake comments, originating in Russia, always in support of whatever idiocy Trump and his goon squad are attempting.


    1. Seriously? OMG…He’s the spitting image of his father-in-law…sigh. But of course, the same lying, entitled, idiot who thinks he’s playing w/ cards instead of people’s lives around the world. Thinking of KARMA and knowing it will be fast and furious on the unconscious.

      Liked by 2 people

    2. NIGHTMARE. And, his dad was tryin’ to get the the rest of the info from voter registration. Hats off to the states that said a ReSOUNDING “NO!!!!” No dicktatorship for us. No one is above the law even ‘weeeee-zils.’ Karma is faster and swifter: my consolation today. And, knowing Mueller is in charge of bringin’ the TRUTH to light.


  3. Awesome work Tea Pain! I became aware of certain propaganda campaigns, and then became horrified to see a front running presidential candidate delivering it, then even more horrified when he became president. I am praying that he will be successfully stopped, and greatly appreciate your work towards that end. Many thanks!

    Liked by 5 people

    1. In here by researching all-things-Trump on May 20 2017, I realize that Jared is the ‘killer’ mind behind the whole thing, no wonder Trump loves him – altho right now he may be getting push-back from Trump becos of all the investigatin’ going on ! BUT it has me wondering if FBI etc will discover now that yes – ‘collusion’ was going on to get Trump elected via all the methods described here, but no actual crime was committed – in other words it is all a huge complicated set of Russian assisted machinations for whatever advantage there could be to them – but there will be nobody going to jail in the end because it was all an exercise in data marketing – Super Duper & really envied now by Democrats – but is this a crime ?????

      Liked by 1 person

      1. Yes, if this is indeed what happened, it is collusion. And collusion with a foreign government to affect an American election is treasonous.

        Liked by 4 people

      2. I would see it as a crime any time that an American citizen, especially one so close to the president, works to further common goals with a known enemy, and all the more when there is strenuous effort at secrecy. That is the very definition of ‘espionage’! I wouldn’t have wanted my personal information provided to them, nor do I want it provided to Trump now! There has been no valid explanation as to why he wanted it or what would be done with it. But in light of what’s in this article, since Trump is already looking forward to the 2020 election, it’s entirely plausible that he wants us to hand over the very information that would rig the next election in his favor.

        Liked by 1 person

      3. Not if one is a Repugnant. Nor if one is hangin’ by a thread of denial. Is that the real question? These ‘kids’ lives need to change: look who they have to look up to….that’s what I find criminal. Worst Parent Award vs. Give me Obama as a Dad any Day! @POTUS44


      4. that’s a good question, but it would be considered a crime because a campaign cannot legally receive something of value from another country and there is no question that services like online marketing (ads), data (hacked or otherwise) and/or data intelligence have tremendous value. As does opposition research like what was offered to Trump Jr that he was so excited about. All of those things have value and therefore are illegal for a campaign to receive; so if these things are proven to be true then there likely won’t be a collusion happened but no crime was committed situation.


      5. Has it been est as false that a Russian bank “donated” 5 million to Spectrum Health in MI ; that there were multiple data exchanges betwn Russia, Trump Towers/Mar Lago/Spectrum.? Was that merely rumor because of the DeVos /Prince connection to Spectrum and their access to mi voter inf due to prior State elections?


      6. “All of those things have value and therefore are illegal for a campaign to receive”

        Nope. You made that up. That’s fascist BS.


  4. I will believe all of this if & only if a neutral body is formed to analyze this mess & normalize our poor manipulated world politics !!

    Many , must be imprisoned; many must be charged With treason… & euthanized !!

    Liked by 3 people

  5. Tea Pain, you are a genius! I hope this moves the investigations along in a timely manner. I don’t think our country can take much more. Already it is going to take us a long while to recover from what has happened to the US up to this point. I realize there are many pieces to the puzzle, but it seems as if there is more to the puzzle each day. Trump is a dangerous man, and he should not be in the WH. I truly believe this. Those around him must know it, so what is it that keeps them quiet? Food for thought. You are an interesting man. Thanks–Marilyn

    Liked by 4 people

  6. Tal como acusação comiseração acordo assumido no aliança, Função da Resistência isto em cima
    de era de estabelecimento compadecimento Programa Intestino a Suplementação
    com Ferrete perante a humanidade os municípios, cujo propósito é
    acionar a suplementação absoluto desde crias com 6 a 18
    meses, gestantes por meio da 20ª semana e também mulheres no pós-parto.


  7. If Spectrums health care data was used outside of a medical environment then each use is a HIPPA violation. That’s big trouble for everyone involved. String ’em all up.

    Liked by 4 people

    1. That’s true and the HIPAA law prescribes a fine of $4k per violation, if proven for millions of Michigan voters this translates to billions in fines to Spectrum – easily enough to bankrupt the DeVos family!

      Liked by 3 people

  8. TeaPain, great stuff, but I have a question regarding Cambridge Anal. All of the data including emails, CC info, personal data that is being shared could have been purchased legally through dozens of US data companies. I was in this business of marketing and I know I can buy all of this. So Trump Campaign and CA can claim they purchased or acquired all of this legally. My question is how can it be proven that “hacked data” entered the system? I have a theory that CA is the “front end” and legitimate business entity to a military grade targeting campaign. They appear to be doing legal, if not creepy, next gen social media marketing, but the secret sauce is they are a front to a much more sophisticated and illegal endeavor used by Flynn, Gorka and other Intel individuals at the campaign w the Russians.

    Liked by 2 people

  9. My honest opinion is, the reason they stole the voter rolls is to hack the votes. Why else? If they just wanted to troll on social networks, they didn’t need to hack voter rolls for that. Check out … they’ve figured out a lot of shady going on with voting machines. For example, the total of votes in certain precincts in WI have over 100% turn out for registered voters. How the hell does that happen? And coincidentally, these precincts lack paper ballot backups in order to audit votes…

    Liked by 2 people

    1. Unconnected machines require physical access, which would be extremely difficult to do—though not impossible, and only necessary to do in a few key locations. Fiddling with the actual registers of voters might be a bit easier.


    2. Online Marketing costs money and anyone in that business will tell you it’s all about the Return On Investment. So if you can target certain voters in swing precincts in swing states then you can get a great return on your investment! Target enough Bernie voters in PA, MI and WI with negative Hillary “news” and content on Facebook to keep them from turning out to the polls or even switch to Trump and you’ve got yourself the White House!

      Liked by 1 person

  10. One thing has been bugging the hell out of me (actually, thousands of things but I’ll keep it short) How is the stealing of names, emails and addresses by Spectrum Health not a violation of HIPAA??? This is part of protected medical info.

    Liked by 3 people

      1. Not necessarily. Colluding with Russia to steal an election is treason, so I don’t believe they were concerned about pesky HIPAA violations. However; maybe that could be the driver to access the details of these transactions–investigating possible HIPAA violations.

        Liked by 2 people

      2. Having worked on several healthcare systems, and on fixing problems from several HIPAA data breaches… It is considered to be a HIPAA violation if you disclose that someone is insured, or if that insurer shares personal data, which includes address and phone number, without the person specifically releasing it. SS# is also protected. (There are far less risky ways to get all that information that wouldn’t be a HIPAA violation, but I think this is probably a case of billionaires saving money by using data they already have, confident it’ll never get out.) I had a health insurer client who got massive fines and the data that was lost: names, addresses, phone numbers, SS#.

        Liked by 1 person

  11. I work for a technology company and am very familiar with replication. You explained it perfectly and pointed out the ease at which replication is completed. This would appear to be the smoking gun. What’s next???

    Liked by 4 people

  12. TEA PAIN: I passed your article and information on to my Senator Claire McCaskill (D-MO), hoping it would be forwarded to the Mueller and the Senate investigations. Of particular concern, in my opinion, is the SPECTRUM HEALTH involvement due to the fact that the right-wing DEVOS family owns it, and Betsy DeVos is sister to ERIK PRINCE, who created the BLACKWATER mercenaries for hire (now part of Prince Group) used as no-bid civilian contractors by the lawless Bush/Cheney administration in Iraq (where they murdered civilians) and Afghanistan. Was the Trump appointment of an unqualified (anti-public education) DeVos the QUID PRO QUO from Trump for helping with the DATABASE REPLICATION? This should all be passed on to the “Suspicious Activity” division of Homeland Security, but should also be made public on “The Rachel Maddow Show” of MSNBC so that the Russia-colluding Trump people cannot cover it up. FELIX SATER, a long-time Trump business partner, is the Russian-born son of the Russian MAFIA crime boss with offices in Trump Tower two floors below Trump’s, so it would be good to know if the Russian MAFIA had a hand in this three-server activity.


    1. I was pleased when the question as to FBI knowlege of the data exchange and parties involved received the response FBI had the information and more.


  13. Fake news. The server was not a Trump server and was set up by McMullin with the name “Trump Orgainzation”. Anyone can see this if they actually did research on the server. Instead, people want to lie.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s