The article cites a pseudonymous blogger named Forensicator
I wonder if the article deliberately avoids providing a link to the analysis itself, neither a link to the original post, just cherry picks some statements.
I’ve read the analysis itself. The blogger makes various assumptions — data size, commands used etc, in particular, that Guccifer 2.0 was a lone wolf hacker physically in Eastern Europe downloading files over VPN.
The biggest fallacy I see in the analysis is not that there are easy alternative explanations for the fast speed, but the assumption that the operation was atomic — either copying locally or transferring over the internet, but not both. I’m not a security specialist, but there is common sense, it’s very impractical to copy 19 Gb of raw data over the internet, nobody does that. You compress it first to reduce the size (the published .7z file is 542.7 Mb, much nicer), then transfer. Transferring it and subsequently compressing is like moving to a new place with all junk and then having a garage sale. I reckon, the data was first collected into a directory on the hacked machine itself or another machine in the network (it’s where the “local copying speed” comes from) then zipped and sent over the internet to the hacker. The hacker, most likely, didn’t even do it manually, but used some script. The DNC machines had EDT timestamps, duh.