The Guccifer 2.0 Chats — The Final Chapter?

The Loose Ends

*Recommended reading prior to this article — As new evidence has emerged, one article has morphed into a series documenting the strange conversations different people have supposedly held with an alleged hacker named Guccifer 2.0.

The Guccifer 2.0 Chat Hoax — Part 1

The Guccifer 2.0 Chat — The Rebuttal — Part 2

The Guccifer 2.0 Chats — The Aaron Nevins Chat — Part 3

Is this really the final chapter for the Guccifer 2.0 saga? Possibly. I’m hoping it is — at least as far as these chats are concerned.

If you have followed any of the comments from my last article, The Aaron Nevins Chat, you will have seen the comments from Lurker Numbers in particular.

He initially spotted this anomaly from the Nevins’ chat screenshots. I had spotted this cursor line in front of the G as well, and had been investigating further anomalies in both Aaron Nevins and Robbin Young’s chats.

Is that a cursor line in front of the G in GUCCIFER 2.0?

Putting aside this strange anomaly for a minute, there were additional finds which seem to validate K’s argument from Part 2 — The Rebuttal — the anomalies being a glitch in the software.

The two pictures below, both from different sources on the internet, show the identical anomalies I had discovered in the first article, The Guccifer 2.0 Chat Hoax.

A quick recap — the block symbol 🚫 appearing on the right hand side of the chat should be a mistake as there should never be a reason to block yourself.

As evidenced below, and with no reason to believe these two separate pictures would be manipulated, it appears there was a software glitch at some point in the past.

2 separate examples of misplaced icons.

Conclusion 1:

It is safe to say, problems in older versions of Twitter’s software could have contributed to the anomalies with the icons.

The next conclusion we can draw from this new evidence is, faking a Twitter Direct Message conversation is much, much, easier than anybody might have thought.

This first example is from a novelty web site called PrankMeNot where you can whip up a fake chat in a matter of minutes. Although it looks decent, there are blatant indicators which would be spotted easily by anyone looking for a fake — the Header and the square user avatars being the most obvious.

(*older versions of the Twitter software did have square avatars — currently, they are round)

Full screen shot of the input panel on PrankMeNot.
The result of inputting a fake chat on PrankMeNot. The Header is completely different than a real DM chat.

In addition to spoof sites for faking chats, there are methods available which are almost as easy, and look much more realistic.

The best example is shown in this Youtube video:

Conclusion 2:

Any Twitter Direct Message conversation can be easily faked.

There is no point in going into great detail once we are able to make this conclusion.

In fact, this discovery puts every Guccifer 2.0 chat into question.

In light of these conclusions, we have to shift how we look at this investigation — we cannot prove, without a doubt, which of the Guccifer 2.0 chats are legitimate, but we can prove manipulation by more classic methods in at least two of the chats.

For example, here is one screenshot from Roger Stone’s alleged conversation with Guccifer 2.0.

Upon close inspection, and evaluating this photo with an assortment of contrast and brightness settings, I can not say with any certainty whether this picture is from a legitimate chat.

But, I can say with a good degree of certainty, this picture hasn’t been manipulated.

From Roger Stone’s alleged conversation with Guccifer 2.0

Below, is one of Aaron Nevins’ screen captures from his alleged conversation with Guccifer 2.0 — the full shot on the left and a magnification of the same picture on the right.

The cursor line becomes quite obvious when magnified, along with other issues…

Can you spot the problems in the magnified picture?

In the magnified picture, the artefacts around the header are visible before applying any adjustments to the contrast. The artefacts I’m speaking of, are the little dots and specs which end in a faint box around the header (and icons, text, and so on, as you will see).

In researching for this article, I conducted several different tests with filter variations comparing Aaron Nevins’ screenshots to other Twitter Direct Messages. I’m going to show the most dramatic comparisons for the sake of brevity.

To fully demonstrate a point, I ask that you walk through each comparison, and reserve judgement until the end.

Below is one of Nevins’ pictures laid over one of Roger Stone’s pictures from his chat with Guccifer 2.0.

Using an image editor called *Gimp for Mac, I applied a filter called DoG (Difference of Gaussians) Edge Detect and adjusted the levels to bring out the best contrast between the words and images, and the white background of the chat window.

*Gimp is a free photo editor available for various operating systems — comparable to high end products like Adobe PhotoShop.

Notice the clean distinction between the background and the words in the picture on the left (Roger Stone’s).

Notice how clean the distinction between the background and the wording in the picture on the left (Stone’s picture), as opposed to the bleeding of the greys and blues in Nevins’ picture (right).

Both pictures below are from Roger Stone’s chat — The picture on the left has the darkness threshold adjusted as far as possible before the chat bubble itself turns black — exactly what happens in the picture on the right.

The purpose of this effect is to illustrate the clean distinction between black and white in the pictures. Everything remains well defined — the circle around the avatar, the lettering, even the chat bubble in the picture on the right. These results are consistent with an unaltered photo — you should be able to achieve a similar result without exposing extra speckling and artefacts.

Both sides are from Roger Stone’s alleged G2 chat.

Compare those pictures to the Nevins’ pictures below where I applied the threshold settings, and again, adjusted until the color from the chat bubble turned black.

With Nevins’ pictures, it is impossible to adjust the threshold to a point where the avatars, text, and so on, are distinct and clean against the white backdrop. The left picture shows the maximum adjustment of the threshold before the entire picture blacks out.

Both sides are from Aaron Nevins’ alleged G2 chat.

The question I was most often asked when doing these comparisons was, “If the Nevins or Young pictures are poor quality screenshots, wouldn’t that explain all the artefacts?”

It is a logical question with a simple answer — if the screenshot is bad, it will be consistently bad throughout.

If your television screen has a fuzzy picture, the entire screen is fuzzy — you will not have a clear background and fuzzy looking people. Many times, it can be simpler to detect manipulation in a poor quality photo than a good quality one.

But, for the sake of being thorough, I wanted to eliminate the poor quality argument, so I created a poor quality screenshot to illustrate my point.

Below is my own picture — a photo of my computer screen taken with my cell phone. I wanted a clean picture for the subject so we can be sure any artefacts, scratches, whatnot, are from my own picture and not the subject picture. I used one of Roger Stone’s pictures which I have previously illustrated as clean and of good quality.

A cell phone picture of a picture on my computer’s monitor.

When magnified, you see the flaws in my picture are consistent throughout — the lines created from the poor quality carry through the text, avatars, chat bubbles, and the background.

Below is my poor quality example (left) laid under the only other verifiably manipulated conversation with Guccifer 2.0 I have come across in my investigation — Robbin Young’s alleged chat.

Ms. Young had routinely used poor quality as an excuse for the questions her pictures have raised. I decided to show why the poor quality excuse is not valid in her case (as well as Aaron Nevins).

Without adjustments to the contrast, one can see the distinct difference between the white background and where the demarcation starts in both the header and the chat bubble. If she truly had a poor quality screenshot, you would see those artefacts continue on the white background, just as the lines in my poor quality screenshot carry throughout.

Below are two more examples illustrating the same results with different pictures from Robbin Young’s alleged chat. No commentary needed.

Last, I wanted to contrast Robbin Young’s pictures with Roger Stone’s pictures to illustrate how easily detectable the artefacts and color bleeding are — the flaws are almost identical to Aaron Nevins’ pictures.

Below are Robbin Young’s pictures laid over top of Roger Stone’s pictures. They are both the same picture except I drew a faint green outline to emphasize the demarcation lines which would not be present in an unmanipulated photograph.

One last comparison of Robbin Young’s picture to Roger Stone’s picture using the DoG (Difference of Gaussians) Edge Detect filter I used earlier on Aaron Nevins’ picture. (Stone’s picture-left, Young’s picture-right)

Roger Stone’s picture on left, Robbin Young’s picture on the right.

There are more tests which I have conducted on these pictures, but I think you get the idea.

Essentially, this series of articles on the Guccifer 2.0 chats has come full circle — the same conversation I started with in Part 1, Robbin Young’s, is still, with a great degree of certainty, manipulated. There is no way to get around this finding without Robbin Young’s cooperation.

What has changed to a greater degree for Ms. Young is, with the new evidence of how Direct Message conversations can be faked, simply offering new screenshots is not enough to substantiate her claims.

Anybody who has, or had plans, to use her screen shots for any official, or citation purposes, will need some form of expert verification of her original files on her computer.

Aaron Nevins’ chat screenshots show even more signs of manipulation for whatever reasons. The cursor line in the header is very damning. Add the artefacts in the pictures, and the metadata to the header and again, I can say with a great deal of certainty, the screenshots he provided to the Wall Street Journal have been manipulated.

I was not able to get in contact with Mr. Nevins myself, but an independent investigator with the username of Issac (@decryptable) on Twitter, was able to get in touch with him for a brief conversation about his screenshots.

Read the Full Conversation Between Issac and Aaron Nevins HERE

Apparently, Mr. Nevins would only be interested in explaining or reproducing his screenshots for a price — a large price.

Mr. Nevins fee for clearing up any questions about the anomalies in his pictures is 10 BTC, (aka Bitcoins). (Current price per 1 Bitcoin at time of writing is approximately $2700.00USD) so Aaron Nevins fee would be roughly $27, 000.00USD.

Too rich for my blood, and quite frankly, it doesn’t make any difference to me whether any party chooses to refute my findings. They are what they are. I give the benefit of the doubt to the parties involved, along with every opportunity to explain or disprove my findings — the choice is their own.

As has been my disclaimer all along, I do not proclaim to know why any of these pictures would be modified, or who did the actual manipulation.

Final Conclusion:

Unless you personally were part of a Direct Message chat on Twitter, I would not treat any screenshots of a conversation as validation of anything.

With the information in the above Youtube video alone, anybody could create their own conversation with Guccifer 2.0, Beyonce, or Little Richard if they chose.

Both Aaron Nevins’ and Robbin Young’s chat pictures show evidence of old school cut and paste type manipulation for whatever reasons, and must be considered the least likely to be legitimate of all the Guccifer 2.0 chat logs released thus far.

So is this the final chapter on the Guccifer 2.0 chat logs? Possibly. Believe it or not, there is still more information which raises more questions about some of the players involved. So, we’ll see.

HM

  • Special thanks to @KKNoMates for his contributions in research and testing.
  • Thanks to @decryptable aka Issac for his investigative persistence.
  • Thanks to Lurker Numbers for his insights and recommendations in technical areas.
  • Thanks to Steve McGrath for his consistently well thought out and helpful responses on every topic.

For the most complete timeline and documentation on everything involving Guccifer 2.0, check out Adam Carter’s (@with_integrity on Twitter) site — Guccifer 2.0: Game Over