>>5958088

Looking at the notable claiming that the Chinese hacked the server to automatically copy any email means SR didn't necessarily have to leak anything. It also means the theory that the leak had to have been an on site job because of data transfer rates is not necessarily applicable because the leaked info wasn't necessarily downloaded all at once.

It could mean that what (if at all) was downloaded on site onto a USB drive was for evidence that that copied emails originated came from that server, IOW, USB downloader was a good guy plant.

Easiest way to copy all emails is to set up an automatic forward, which adds the possibility that it was set up by the server tech on purpose. That raises questions of tech motives and who ordered it done.

Don't know if servers were Linux builds, but, if so, an rsync chon job is a quick and dirty way to get info off the machine in small bursts. All a hacker would need is access to the admin back end, if present. Wouldn't necessarily need a root on the box.

>>5958334

> an rsync chon job

rsync cron job. Fat fingers. rsync is a linux copy/mirror command and a cron job is Linux task scheduler.

>>5958356

Yeah. Thinking of something like webmin and have multiple techs with access. Anyone who gets that access can set cron jobs to get whatever they want virtually unnoticed. That type of login credentials would mean big bucks in offers from an entity wanting to comp a tech, or, in reverse, a tech looking to sell access.