Multiple people,including Bart Gellman and Josh Marshall, are now arguing that the reason Ezra Cohen-Watnick and Michael Ellis found intercepts involving Trump’s people is that they were monitoring FBI’s investigation of the investigation.

I certainly think the Trump people would like to do that — and would be willing to stoop to that. I even believe that the response to the Russian hack last year had some counterintelligence problems, though probably not on the FBI side.

But there are some details that may limit how much the NSC can monitor the investigation.

First, Devin Nunes has always been very clear: the intercepts he was shown have nothing to do with Russia. That’s not, itself, determinative. After all, Cohen-Watnick and Ellis might have found a bunch of Russian intercepts, but only shared the non-Russian ones so Nunes could make a stink without being accused of endangering the investigation. Also, it’s possible that intercepts involving other countries — most notably Turkey, but there are other countries that might be even more interesting, including Ukraine or Syria — would impact any Russian investigation.

Also note that among the many things Nunes appears not to understand about surveillance is that there are two ways an American’s name can be visible outside the circle of analysts doing the initial review of them: their names can be put into finished intelligence reports that get circulated more broadly, with customers asking to have the name unmasked after the fact. Alternately, their names can be found off of subsequent searches of raw data. At the NSA and CIA, searches for US person content are somewhat controlled. At FBI they are not only not controlled, but they are routine even for criminal investigations. So if, say, General Flynn (or Paul Manafort) were under investigation for failing to register as a foreign agent, the FBI would routinely search their database of raw FISA material on his name. (These are the “back door searches” Ron Wyden has been screaming about for years, concerns which people like Devin Nunes have previously dismissed on national security grounds.) And we have every reason to believe that counterintelligence intercepts of Russians in the US are among the raw feeds that the FBI gets. So if Flynn had conversations with Russians (or Turks) in the US, we should assume that FBI saw them as a routine matter if Flynn became the subject of an investigation at all. We should also assume that the FBI did a search on every Sergey Kislyak intercept in their possession, so they will have read everything that got picked up, including all recorded calls with Trump aides.

On March 15, the House Intelligence Committee asked the NSA, CIA, and FBI for information on unmasking. I don’t believe that request asked about access to US person names on subsequent searches or raw material. Furthermore, at least as of last week, the FBI was not rushing to comply with that request. As I noted after the Jim Comey hearing before HPSCI, none of the Republicans concerned about these issues seemed to have any basic clue about FBI’s searches on raw data. If Nunes doesn’t know (and he appears not to), it’s unlikely Ellis knows, who was until this month Nunes’ aide.

But there’s one other thing that may prevent NSC from obtaining information about the investigation: FBI sometimes uses what are called “ad hoc databases” that include raw FISA data (and probably, post EO 12333 sharing rule changes, raw EO 12333 data) tied to particular investigations. It’s unclear what conditions might necessitate the use of an ad hoc database (see page 25ff for a discussion of them), but if security concerns would encourage their use, it would be likely to have one here, an investigation which Comey described as being so sensitive he delayed briefing the Gang of Four. Ad hoc databases are restricted to those working on investigations, and include specific records of those authorized to access the database. So if FBI were using an ad hoc database for this investigation, it would be even harder for the NSC to learn what they were looking at.

If the FBI’s investigation relies on raw intelligence — and it would be unfathomable that it does not, because it would probably receive the raw FISA data tied to such an investigation routinely, and EO 12333 sharing rules specifically envision the sharing of raw data associated with counterintelligence investigations — then the NSC’s access to finished intelligence reports would provide little insight into the investigation (Nunes was a bit unclear on whether that’s what he was looking at, but the entire premise of his complaints is that these were finished reports).

But while we’re worrying about whether and how Trump would monitor an investigation into his aides, remember that in 2002, Jay Bybee wrote a memo authorizing the sharing of grand jury information with the President and his close advisors including for counterintelligence investigations.

In addition, the Patriot Act recently amended 6(e) and Title III specifically to provide that matters involving foreign intelligence or counterintelligence or foreign intelligence information may be disclosed by any attorney for the government (and in the case of Title III, also by an investigative or law enforcement officer) to certain federal officials in order to assist those officials in carrying out their duties. Federal officials who are included within these provisions may include, for example, the President, attorneys within the White House Counsel’s Office, the President’s Chief of Staff, the National Security Advisor, and officials within the Central Intelligence Agency and the Department of Defense.

[snip]

Although the new provision in Rule 6(e) permitting disclosure also requires that any disclosures be reported to the district court responsible for supervising the grand jury, we conclude that disclosures made to the President fall outside the scope of the reporting requirement contained in that amendment, as do related subsequent disclosures made to other officials on the President’s behalf.

In other words, Trump could demand that he — or his National Security Advisor! — get information on any grand jury investigations, including those covering counterintelligence cases. And no judge would be given notice of that.

With Jeff Sessions’ recusal, that’s far less likely to happen than it might have been. But understand that the Executive Branch believes that the President can learn about the happenings in grand jury investigations of the sort that might target his aides.

Update: additional details have been added to this post after it was first posted.

I believe that Devin Nunes is a buffoon and a political hack. I believe he needs to be removed from his position as Chair of the House Intelligence Committee — not just because he has been running interference for Trump, betraying his Article I duties, but also because he doesn’t understand the programs he oversees.

But I don’t believe he’s a criminal.

I say that in disagreement with Bart Gellman, who made just such an argument regarding the revelations in this NYT story here. Gellman argued, in part, that Nunes’ sources (about which I hope to say more later) violated nondisclosure laws by sharing reports outside of normal channels with Nunes.

Secrecy regulations, including SF312, the Classified Information Nondisclosure Agreement, do not permit [Michael] Ellis and [Ezra] Cohen-Watnick to distribute sensitive compartmented information through a back channel to Nunes. This is true, and their conduct no less an offense, even though Nunes holds clearances sufficient to receive the information through proper channels. The offense, which in some cases can be prosecuted as a felony, would apply even if the White House officials showed Nunes only “tearsheet” summaries of the surveillance reports. Based on what Nunes has said in public, they appear to have showed him the more sensitive verbatim transcripts. Those are always classified as TS/SI (special intelligence) or TS/COMINT (communications intelligence), which means that they could reveal sources and methods if disclosed. That is the first apparent breach of secrecy rules. The second, of course, is the impromptu Nunes news conference. There is no unclassified way to speak in public about the identity of a target or an “incidentally collected” communicant in a surveillance operation.

To be clear, I think Ellis and Cohen-Watnick may have violated access rules on searches. But I don’t think Nunes violated any laws in accessing that intelligence (I think he probably violated the intent of classification rules on intercepts, but by providing no details about who he saw referenced in these reports, he’ll get away with it.)

That’s because minimization procedures pertaining to FISA materials specifically envision access to information — sometimes even raw data — for oversight purposes. The 2015 702 Minimization Procedures for NSA, for example, state,

Nothing in these procedures shall restrict NSA’s performance of lawful oversight of its personnel or systems, or lawful oversight function of the Department of Justice’s National Security Division, Office of the Director of National Intelligence, or the applicable Offices of the Inspectors General. Similarly, nothing in these procedures shall prohibit the retention, processing, or dissemination of information reasonably necessary to comply with specific constitutional, judicial,or legislative mandates.

At times, minimization procedures have been even more explicit. Starting in 2014, for example, the Section 215 phone dragnet minimization procedures explicitly permitted the sharing of query results “to facilitate lawful oversight functions.”

Notwithstanding the above requirements, NSA may share results from intelligence analysis queries of the BR metadata, including U.S. person identifying information, with Executive Branch personnel (1) in order to enable them to determine whether the information contains exculpatory or impeachment information or is otherwise discoverable in legal proceedings or (2) to facilitate their lawful oversight functions. Notwithstanding the above requirements, NSA may share the results from intelligence analysis queries of the BR metadata, including United States person information, with Legislative Branch personnel to facilitate lawful oversight functions.

The FISC even excluded such sharing from reporting requirements, so Congress could be doing a lot of this and it would never show up in annual reporting.

In other words, at least for FISA-governed data, the court has permitted the sharing of information — and remember, these are supposed to be finished intelligence reports, not raw data or queries — for people in an oversight role. The 702 procedures leave a lot of room for interpretation, too, about what might be a “constitutional” mandate, the kind of language that White Houses of both parties have been prone to abuse.

If these reports were collected under 12333, the new sharing rules explicitly prohibit the sharing of intelligence for political purposes.

Any IC element that obtains access to raw SIGINT under these Procedures will:

[snip]

Political process in the United States. Not engage in any intelligence activity authorized by these Procedures, including disseminations to the White House, for the purpose of affecting the political process in the United States. The IC element will comply with the guidance applicable to NSA regarding the application of this prohibition. Questions about whether a particular activity falls within this prohibition will be resolved in consultation with the element’s legal counsel and the General Counsel of the Office of the Director of National Intelligence (ODNI) (and the DoD’s Office of the General Counsel in the case of a DoD IC element).

Even if this covered what happened, NSC lawyer John Eisenberg was in the loop on this caper, so they effectively did consult with the element’s legal counsel. Moreover, we know that Presidents can pixie dust executive orders at will.

Nunes, at least, pretends he was functioning in an oversight role in raising questions about whether SIGINT had been properly minimized. He appears to have no clue about the authorities he’s talking about, he appears to have misrepresented what the problem is, and he clearly was doing all this with an eye towards making political accusations against Obama.

But nevertheless, he claims to believe he was functioning in an oversight role.

Which is part of the problem! I’ve long pointed to how unrestricted this language is. It invites abuse. It should be tightened going forward (though neither the Trump Administration nor Congress has incentive to do that at this point).

If you’re bothered by Devin Nunes’ information operation — and I am — then you should be calling to tighten up the language governing how intelligence can be shared for oversight and other “constitutional” purposes. Because they appear to envision something like this happening.

Paul Wood is the BBC reporter who, in a January story focusing largely on MI6 officer Christopher Steele’s dossier, repeated the Louise Mensch report that the government had obtained a FISA order targeting two Russian banks.

On 15 October, the US secret intelligence court issued a warrant to investigate two Russian banks. This news was given to me by several sources and corroborated by someone I will identify only as a senior member of the US intelligence community. He would never volunteer anything – giving up classified information would be illegal – but he would confirm or deny what I had heard from other sources.

Last night he posted another story, confirming that one of the figures described in Steele’s dossier as having been withdrawn from DC because of his close ties to the election operation, Mikhail Kalugin, was indeed a Russian spy operating under diplomatic cover.

[S]ources I know and trust have told me the US government identified Kalugin as a spy while he was still at the embassy.

[snip]

A retired member of a US intelligence agency told me that Kalugin was being kept under surveillance before he left the US.

But I’m more interested in the vague details Wood offers about Steele’s past cooperation — and how he pitches a claim that the FBI is screwing up the investigation.

Remember: the public story is that only the FBI had any contact with Steele. But the first time this article describes him sharing information he collected for other sources with US intelligence agencies, it doesn’t specify that.

I understand – from former officials – that from 2013-16, Steele gave the US government extensive information on Russia and Ukraine.

This was work done for private clients, but which Steele wanted the US authorities to see.

One former senior official who saw these reports told me: “It was found to be of value by the people whose job it was to look at Russia every day.

Indeed, the article distinguishes between what those agencies believed about Steele from what the FBI did.

In light of his earlier work, the US intelligence community saw him as “credible” (their highest praise).

The FBI thought the same; they had worked with Steele going back to his days in MI6.

The article goes on to complain that Steele never briefed the CIA on the dossier, which it explains by saying his Russian related contacts had moved on.

But the CIA never interviewed him, and never sought to.

This comes from several people who are in a position to know.

[snip]

I understand that Steele himself did not ask to brief the CIA because he had a long-standing relationship with the FBI.

The Russia people at the CIA had moved on and he felt he did not have the personal contacts he would need.

As a reminder, the Intelligence Community offered completely ridiculous explanations for when it first obtained the dossier, which were implausible, even ignoring the way they pretended FBI wasn’t part of the IC.

In any case, having laid out these distinctions, the article then voices the complaints of those who believe the FBI is screwing the investigation up, and that only CIA has the contacts to conduct it.

This comes from several people who are in a position to know.

They are alarmed at how the investigation is going, and worry it is being fumbled.

One said: “The FBI doesn’t know about Russia, the CIA knows about Russia.

“Any sources Steele has in Russia, the FBI doesn’t know how to evaluate.

“The Agency does… Who’s running this thing from Moscow? The FBI just aren’t capable on that side, of even understanding what Chris has.”

The article cites one reason this complaint is bogus — the CIA, along with other agencies, are part of the task force investigating this case. It doesn’t explain why the theory voiced by its sources — that the Russians would need to steal voter roll data from states (or even cooperate with Trump) to micro-target messages. Voter rolls are readily available. And while cooperating with Trump’s campaign would make micro-targeting more effective, it would not be necessary for a knowledgable person.

In any case, these complaints sound like the excuses given for why Steele did not, ultimately, take payment from FBI (which I discussed here), with one difference. It wasn’t just that Steele thought the FBI was paying too much attention on Hillary’s email campaign, but he thought publicizing his dossier would make the difference in the election.

“He really thought that what he had would sway the election,” said one.

That claim, with questions introduced by this article about which agencies he has worked with, is rather interesting.

One final point. After the article got posted, the Beeb took out a critical line (highlighted below) claiming that Steele didn’t share his dossier with reporters himself, but instead did so through his employer.

That doesn’t make sense for a lot of reasons — and is belied by David Corn’s account of what happened. But I find it particularly interesting given the fact that — after Chuck Grassley first asked the FBI to provide information on the dossier — Grassley has since asked the consulting firm questions that would provide a way to double check the FBI’s claims. Fusion’s answers, which are due by April 7, might present problems for this claim, which has since disappeared. Poof!

Among the things Richard Burr suggested yesterday is that the committee may not succeed in getting Steele to testify (suggesting that being outside the country put him beyond subpoena). Given the airing of complaints from Steele and his friends here, I really look forward to seeing whether he cooperates with SSCI.

Richard Burr and Mark Warner had a press conference today to — basically — reassure people that at least one intelligence committee is made up of grown-ups who will be able to conduct an investigation of Russia’s attempts to interfere with the election. Among other things, Burr said the committee has a list of about 20 people with whom they’re in the process of setting up interviews, about five of which have been scheduled, to start Monday.

Amid repeated discussions about leaks, Burr confirmed — as the NYT already has — that the Committee wants to meet with Jared Kushner. The NYT story about Kushner was clearly first informed by Senate Intelligence Committee personnel that SSCI wanted to talk to him, and then got Hope Hicks to confirm it publicly. Of particularly interest (because Burr is very strict that committee business remain secret), the NYT SSCI source asked for anonymity to remain candid about Kushner, not because he or she was not permitted to talk with the press.

The Senate panel’s decision to question Mr. Kushner would make him the closest person to the president to be called upon in any of the investigations, and the only one currently serving in the White House. The officials who initially described that Senate inquiry to The New York Times did so on the condition of anonymity in order to speak candidly about Mr. Trump’s son-in-law.

Later the NYT story cotes a statement from Burr and Mark Warner, confirming (as Burr did in the hearing) that they will speak with Kushner.

In today’s hearing, having confirmed again the detail about Kushner, however, Burr took a different approach in response to a question about Mike Flynn.

Q: Have you guys been in contact with Michael Flynn or representatives of Michael Flynn? Also, can you go into a little bit of the thought process between why you would have an interview behind closed doors or do it publicly, like why you would talk to Jared Kushner behind closed doors, why you would do it publicly?

Burr: Well, I think it’s safe to say that we have had conversations with a lot of people. And you would think less of us if General Flynn wasn’t in that list. From a standpoint of the interview process if you feel like you’re being cheated, because they’re not in public, if there’s relevance to em they’ll eventually be part of a public hearing.

[Burr goes on to discuss the committee doing private interviews first.]

Q: Have you already spoken with Flynn? Have you already spoken with Flynn?

Burr: I’m not gonna tell you one way or another.

Effectively, he confirms that Flynn will be asked to talk to the committee. But when asked (I think my transcription of this is correct but welcome corrections on this point) if he — or the committee — had already spoken with Flynn, he refused to provide the same kind of confirmation he did with Kushner, and particularly to say whether he or the committee had already spoken with him.

I raise this for several reasons. Obviously, the double standard — and Burr’s willingness to deviate from his strict committee business secrecy pledge with regards to Kushner — is notable. The possibility that he or the committee may have already spoken with Flynn is particularly interesting.

In my post on the Kushner story, I noted that the Kushner story for the first time got into the quid pro quo the Russians were really interested in — not a change in policy towards Ukraine, but rather, an end to the sanctions targeting Russia for its annexation of Ukraine. I actually missed one of the most important parts of that story, however. On December 29, the FSB-trained head of a sanctioned who met with Kushner at the request of Sergey Kislyak, Sergey Gorkov, stated that he thought Ukrainian-related sanctions might “change for the better.”

And in an interview on the state-owned Rossiya 24 TV channel on Dec. 29, the same month that he met with Mr. Kushner, Mr. Gorkov said he hoped that the situation caused by Ukraine sanctions imposed by the Americans against Russian banks like his “would change for the better.”

As I noted in my post, the possibility that Gorkov had discussed Ukraine sanctions directly with Kushner would change the connotation of the discussions between Flynn and Kislyak.

And those conversations were on December 29.

In other words, on the very same day that Kislyak and Flynn were having multiple phone calls — and discussed sanctions in vague terms — Gorkov was publicly discussing the Ukraine, not the hacking related, sanctions.

Again, Burr is happy to confirm the committee will call Kushner. He’s not going to say whether the committee has already spoken with Flynn, who would know better about the connotation of sanctions as discussed on December 29.

And SSCI likely has already read the conversations between Kislyak and Gorkov surrounding his meetings with the President’s son-in-law.

The WaPo has another big story, this one reporting that the Trump Administration attempted to prevent Sally Yates from testifying about her warnings to the Trump Administration that Mike Flynn had had conversations about sanctions with Russian Ambassador Sergey Kislyak.

Scott Schools, another Justice Department official, replied in a letter the following day, saying the conversations with the White House “are likely covered by the presidential communications privilege and possibly the deliberative process privilege. The president owns those privileges. Therefore, to the extent Ms. Yates needs consent to disclose the details of those communications to [the intelligence panel], she needs to consult with the White House. She need not obtain separate consent from the department.’’

Yates’s attorney then sent a letter Friday to McGahn, the White House lawyer, saying that any claim of privilege “has been waived as a result of the multiple public comments of current senior White House officials describing the January 2017 communications. Nevertheless, I am advising the White House of Ms. Yates’ intention to provide information.’’

That same day, Nunes, the panel’s chairman, said he would not go forward with the public hearing that was to feature Yates’s testimony.

In response to the story, Adam Schiff suggested Yates might have testified about why Trump waited before firing Flynn.

[W]e would urge that the open hearing be rescheduled without further delay and that Ms. Yates be permitted to testify freely and openly so that the public may understand, among other matters, when the President was informed that his national security advisor had misled the Vice President and through him, the country, and why the President waited as long as he did to fire Mr. Flynn.

According to the WaPo, Yates informed Don McGahn that Flynn was lying about his calls, making him susceptible to blackmail, on January 26. She was fired on January 31. Flynn tried to lie about the conversation again on February 8. Then, as the WaPo was reporting this story, he altered his story. Nevertheless, it wasn’t until the WaPo reported on Yates’ warning, on February 13, that Trump forced Flynn to resign.

Two days after Yates’ warning, January 28, Trump spent an hour on the phone with Vladimir Putin, with Flynn (and Pence) in attendance.

So one of the things that Trump enabled by stalling on his response to Sally Yates was that phone call.

In any case, the claim that Yates’ conversations with McGahn should be covered by Executive Privilege is a stretch. Just by way of precedent, in 2007, Jim Comey testified about his conversations with White House Counsel Alberto Gonzales while serving as Acting Attorney General.

That is, Yates’ conversation should not be covered by Executive Privilege unless Trump is claiming he was involved in hiding this information from Mike Pence.

I want to return to last week’s House Intelligence Hearing on Russia (because that fecker Devin Nunes canceled my birthday hearing with James Clapper and John Brennan today), to revisit a question I’ve asked a number of times (in most detail here): what was the relationship between Russia’s FSB and GRU intelligence services in the DNC hack?

The public narrative (laid out in this post) goes like this: Sometime in summer 2015, APT (Advanced Persistent Threat) 29 (associated with FSB, Russia’s top intelligence agency) hacked the DNC along with 1,000 other targets and because DNC ignored FBI’s repeated warnings, remained in their network unnoticed. Then, in March 2016, APT 28 (generally though not universally associated with GRU, Russia’s military intelligence) hacked DNC and John Podesta. According to the public story, GRU oversaw the release (via DC Leaks and Guccifer 2.0) and leaking (to Wikileaks via as-yet unidentified cut-outs) of the stolen documents.

Under the public story, then, FSB did the same kind of thing the US does (for example, with Enrique Peña Nieto in 2012), collecting intelligence on a political campaign, whereas GRU did something new (though under FBI-directed Sabu, we did something similar to Bashar al-Assad in 2012), leaking documents to Wikileaks.

Obama’s sanctions to retaliate for the hack primarily focused on GRU, but did target FSB as well, though without sanctioning any FSB officers by name. And in its initial report on the Russian hack, the government conflated the two separate groups, renaming attack tools previously dubbed Cozy and Fancy Bear the “Grizzly Steppe,” making any detailed discussion of how they worked together more confusing. As I noted, however, the report may have offered more detail about what APT 29 did than what APT 28 did.

Last week’s hearing might have been an opportunity to clarify this relationship had both sides not been interested in partisan posturing. Will Hurd even asked questions that might have elicited more details on how this worked, but Admiral Mike Rogers refused to discuss even the most basic details  of the hacks.

HURD: Thank you, Chairman.

And gentlemen, thank you all for being here. And thank you for your continued service to your country. I’ve learned recently the value of sitting in one place for a long period of time and listening and today I’m has added to that understanding and I’m going to try to ask questions that y’all can answer in this format and are within your areas of expertise. And Director Rogers, my first question to you — the exploit that was used by the Russian’s to penetrate the DNC, was it sophisticated? Was it a zero day exploit? A zero day being some type of — for those that are watching, an exploit that has never been used before?

ROGERS: In an open unclassified forum, I am not going to talk about Russian tactics, techniques or procedures about how they executed their hacks.

HURD: If members of the DNC had not — let me rephrase this, can we talk about spear fishing?

ROGERS: Sure, in general terms, yes sir.

HURD: Spear fishing is when somebody sends an email and they — somebody clicks on something in that email…

ROGERS: Right, the user of things (inaudible) they’re receiving an email either of interest or from a legitimate user, they open it up and they’ll often click if you will on a link — an attachment.

HURD: Was that type of tactic used in the…

ROGERS: Again, I’m not in an unclassified forum just not going to be…

The refusal to discuss the most basic details of this hack — even after the government listed 31 reports describing APT 28 and 29 (and distinguishing between the two) in its updated report on the hacks — is weird, particularly given the level of detail DOJ released on the FSB-related hack of Yahoo. Given that the tactics themselves are not secret (and have been confirmed by FBI, regardless of what information NSA provided), it seems possible that the government is being so skittish about these details because they don’t actually match what we publicly know. Indeed, at least one detail I’ve learned about the documents Guccifer 2.0 leaked undermines the neat GRU-FSB narrative.

Comey did confirm something I’ve been told about the GRU side of the hack: they wanted to be found (whereas the FSB side of the hack had remained undiscovered for months, even in spite of FBI’s repeated efforts to warn DNC).

COMEY: The only thing I’d add is they were unusually loud in their intervention. It’s almost as if they didn’t care that we knew what they were doing or that they wanted us to see what they were doing. It was very noisy, their intrusions in different institutions.

There is mounting evidence that Guccifer 2.0 went to great lengths to implicate Russia in the hack. Confirmation GRU also went out of its way to make noise during the DNC hack may suggest both within and outside of the DNC the second hack wanted to be discovered.

I have previously pointed to a conflict between what Crowdstrike claimed in its report on the DNC hack and what the FBI told FireEye. Crowdstrike basically said the two hacking groups didn’t coordinate at all (which Crowdstrike took as proof of sophistication). Whereas FireEye said they did coordinate (which it took as proof of sophistication and uniqueness of this hack). I understand the truth is closer to the latter. APT 28 largely operated on its own, but at times, when it hit a wall of sorts, it got help from APT 29 (though there may have been some back and forth before APT 29 did share).

All of which brings me to two questions Elise Stefanik asked. First, she asked — casually raising it because it had “been in the news recently” — whether the FSB was collecting intelligence in its hack of Yahoo.

STEFANIK: Thank you. Taking a further step back of what’s been in the news recently, and I’m referring to the Yahoo! hack, the Yahoo! data breech, last week the Department of Justice announced that it was charging hackers with ties to the FSB in the 2014 Yahoo! data breech. Was this hack done to your knowledge for intelligence purposes?

COMEY: I can’t say in this forum.

STEFANIK: Press reporting indicates that Yahoo! hacked targeted journalists, dissidence and government officials. Do you know what the FSB did with the information they obtained?

COMEY: Same answer.

Again, in spite of the great deal of detail in the indictment, Comey refused to answer these obvious questions.

The question is all the more interesting given that the indictment alleges that Alexsey Belan (who was sanctioned along with GRU in December) had access to Yahoo’s network until December 2016, well after these hacks. More interestingly, Belan was “minting” Yahoo account credentials at least as late as May 20, 2016. That’s significant, because one of the first things that led DNC to be convinced Russia was hacking it was when Ali Chalupa, who was then collecting opposition research on Paul Manafort from anti-Russian entities in Ukraine, kept having her Yahoo account hacked in early May. With the ability to mint cookies, the FSB could have accessed her account without generating a Yahoo notice. Chalupa has recently gone public about some, though not all, of the other frightening things that happened to her last summer (she was sharing them privately at the time). So at a time when the FSB could have accomplished its goals unobtrusively, hackers within the DNC network, Guccifer 2.0 outside of it, and stalkers in the DC area were all alerting Chalupa, at least, to their presence.

While it seems increasingly likely the FSB officers indicted for the Yahoo hack (one of whom has been charged with treason in Russia) were operating at least partly on their own, it’s worth noting that overlapping Russian entities had three different ways to access DNC targets.

Note, Dianne Feinstein is the one other person I’m aware of who is fully briefed on the DNC hack and who has mentioned the Yahoo indictment. Like Comey, she was non-committal about whether the Yahoo hack related to the DNC hack.

Today’s charges against hackers and Russian spies for the theft of more than 500 million Yahoo user accounts is the latest evidence of a troubling trend: Russia’s sustained use of cyber warfare for both intelligence gathering and financial crimes. The indictment shows that Russia used these cyberattacks to target U.S. and Russian government officials, Russian journalists and employees of cybersecurity, financial services and commercial entities.

There seems to be a concerted effort to obscure whether the Yahoo hack had any role in the hack of the DNC or other political targets.

Finally, Stefanik asked Comey a question I had myself.

STEFANIK: OK, I understand that. How — how did the administration determine who to sanction as part of the election hacking? How — how familiar with that decision process and how is that determination made?

COMEY: I don’t know. I’m not familiar with the decision process. The FBI is a factual input but I don’t recall and I don’t have any personal knowledge of how the decisions are made about who to sanction.

One place you might go to understand the relationship between GRU and FSB would be to Obama’s sanctions, which described the intelligence targets this way.

• The Main Intelligence Directorate (a.k.a. Glavnoe Razvedyvatel’noe Upravlenie) (a.k.a. GRU) is involved in external collection using human intelligence officers and a variety of technical tools, and is designated for tampering, altering, or causing a misappropriation of information with the purpose or effect of interfering with the 2016 U.S. election processes.
• The Federal Security Service (a.k.a. Federalnaya Sluzhba Bezopasnosti) (a.k.a FSB) assisted the GRU in conducting the activities described above.

[snip]

• Sanctioned individuals include Igor Valentinovich Korobov, the current Chief of the GRU; Sergey Aleksandrovich Gizunov, Deputy Chief of the GRU; Igor Olegovich Kostyukov, a First Deputy Chief of the GRU; and Vladimir Stepanovich Alexseyev, also a First Deputy Chief of the GRU.

Remember, by the time Obama released these sanctions, several FSB officers, including Dmitry Dokuchaev (who was named in the Yahoo indictment) had been detained for treason for over three weeks. But the officers named in the sanctions, unlike the private companies and individual hackers, are unlikely to be directly affected by the sanctions.

The sanctions also obscured whether Belan was sanctioned for any role in the DNC hack.

• Aleksey Alekseyevich Belan engaged in the significant malicious cyber-enabled misappropriation of personal identifiers for private financial gain.  Belan compromised the computer networks of at least three major United States-based e-commerce companies.

Again, all of this suggests that the intelligence community has reason to want to obscure how these various parts fit together, even while publicizing the details of the Yahoo indictment.

Which suggests a big part of the story is about how the public story deviates from the real story the IC is so intent on hiding.

Multiple outlets this morning are covering Devin Nunes’ admission that he was on “White House grounds” last Tuesday, leading up to his Wednesday announcement that Trump officials’ identities may (or may not have) been unmasked in intelligence reports unrelated to Russia.

One source told CNN that Nunes, a California Republican, was seen on the White House grounds the day before his announcement. In a phone interview, Nunes confirmed to CNN that he was on the White House grounds that day — but he said he was not in the White House itself. (Other buildings, including the Eisenhower Executive Office Building, are on the same grounds.)

No one in the White House was aware that he was there, Nunes said.

The California Republican said he was there for additional meetings “to confirm what I already knew” but said he wouldn’t comment further so as to not “compromise sources and methods.”

He told CNN he wanted to “reiterate this has nothing to do with Russia.”

Nunes went to the building because he needed a secure area to view the information, he told CNN. A government official said Nunes was seen Tuesday night at the National Security Council offices of the Eisenhower building which, other than the White House Situation Room, is the main area on the complex to view classified information in a secure room.

Nunes explained to Eli Lake he couldn’t use HPSCI’s own SCIF, just two miles away, because it didn’t have networked access to the reports that he was being shown.

In an interview Monday, Nunes told me that he ended up meeting his source on the White House grounds because it was the most convenient secure location with a computer connected to the system that included the reports, which are only distributed within the executive branch. “We don’t have networked access to these kinds of reports in Congress,” Nunes said. He added that his source was not a White House staffer and was an intelligence official.

Laura Rozen notes that Nunes’ former aide, Michael Ellis, now works as NSC Deputy Legal Adviser.

New special assistant to the president, NSC deputy legal adviser Michael Ellis served as Nunes’ aide, HPSCI gen. counsel til early March 3/

Whether or not Ellis is Nunes’ source, it seems clear that someone in the EEOB first told, then shared, intercepts with Nunes.

That raises questions about how said source obtained the intercepts. That’s true particularly given that by Nunes’ later admission that some of the names weren’t unmasked per se, but rather described in such a way that would make the US person (that is, the Trump associate) clear, so it’s not like the NSC could just search on all of Trump’s top aides to find out if their names had been unmasked.

Remember, too, that this takes place against the background of HPSCI’s requests to NSA, CIA, and FBI for details on all the US persons who had been unmasked between June 2016 and January 2017. NSA had provided a partial response (basically deferring an answer until they could do more research) before last week’s hearing and Nunes’ press conference. But it’s not clear whether FBI intended to reply — it would have several possible reasons for refusing to do so, both to protect an ongoing investigation but also because unmasking is not the question to ask FBI, database searches are (it’s not clear how many of HPSCI’s Republicans understand this, which is pathetic).

In any case, NSA and CIA (at least) are already in the process of responding to this request. But someone worked his or her own angles to respond to the same request for Nunes.

On March 10, Jonathan Tran jumped three White House fences and managed to rattle the door of the White House before he was arrested.

To enter the south lawn of the White House, the intruder jumped three separate fences: A 5-foot perimeter fence near the Treasury Building, an 8-foot vehicle gate and another 3 ½-foot fence near the East Wing.

A new Secret Service timeline of the incident revealed the fence jumper scaled the first barrier at about 11:21 p.m. on March 10 — and wasn’t arrested until 11:38 p.m.

The Washington Metropolitan Police Department identified the man as Jonathan Tran, 26, of Milpitas, Calif. He is charged with entering or remaining in restricted grounds while using or carrying a dangerous weapon.

Six days later, Department of Homeland Security’s Inspector General finalized a report titled, The Secret Service Has Taken Action to Address the Classified Recommendations of the Protective Mission Panel. It reads, in part,

Following the September 19, 2014 White House fence jumping incident, the Secretary of Homeland Security established the Protective Mission Panel (PMP) to undertake a broad independent review of the Secret Service’s protection for the White House Complex (WHC). In addition to recommendations made in an unclassified report, the PMP made a number of recommendations in its December 2014 classified report.

As directed by Congress in the Consolidated Appropriations Act, 2016, we reviewed the Secret Service’s actions to address the PMP’s classified recommendations. The PMP’s classified recommendations primarily relate to security gaps and vulnerabilities at the WHC. We reviewed changes made by the Secret Service to equipment, technology, and operations in response to these recommendations.

The Secret Service has taken action to address the PMP’s classified recommendations by using funding appropriated for PMP initiatives to begin enhancing security and refreshing technology at the WHC. As in our unclassified report, we concluded that fully implementing many of the recommendations will depend on staff increases, sustained funding, and a multi-year commitment by Secret Service and Department leadership to ensure actions continue even during times of increased protective mission demands and unexpected priorities.

Admittedly, USSS is facing increasing strain now with the challenges of protecting President Trump’s weekend golf jaunts and Melania’s NYC tower dwelling. But this is pretty embarrassing timing.

Last week, several members of Congress anonymously told the press they had, for the first time, seen evidence that might support charges of collusion between Trump’s associates and the Russians. The frenzied speculation mostly focused on the usual suspects: Paul Manafort, Mike Flynn, Roger Stone, or Carter Page (somehow, the frenzied speculation often forgets Trump lawyer Michael Cohen).

Today, the NYT has a story reporting that the Senate Intelligence Committee wants to talk to Jared Kushner about a previously undisclosed meeting arranged by Russian Ambassador to the US, Sergey Kislyak.

Until now, the White House had acknowledged only an early December meeting between Mr. Kislyak and Mr. Kushner, which occurred at Trump Tower and was also attended by Michael T. Flynn, who would briefly serve as the national security adviser.

Later that month, though, Mr. Kislyak requested a second meeting, which Mr. Kushner asked a deputy to attend in his stead, officials said. At Mr. Kislyak’s request, Mr. Kushner later met with Sergey N. Gorkov, the chief of Vnesheconombank, which drew sanctions from the Obama administration after President Vladimir V. Putin of Russia annexed Crimea and began meddling in Ukraine.

The NYT only notes this obliquely by stating the committee has access to routine intercepts involving the Ambassador, but remember that FBI went through Kislyak’s intercepted communications in hopes of explaining why Vladimir Putin didn’t respond more aggressively to sanctions Obama imposed in December. So SSCI likely discovered this undisclosed meeting that way.

Which is interesting, because Kushner did not reveal it to some senior Trump officials (likely including White House Counsel Don McGahn).

The extent of Mr. Kushner’s interactions with Mr. Kislyak caught some senior members of Mr. Trump’s White House team off guard, in part because he did not mention them last month during a debate then consuming the White House: how to handle the disclosures about Mr. Flynn’s interactions with the Russian ambassador.

Ms. Hicks said that Mr. Trump had authorized Mr. Kushner to have meetings with foreign officials that he felt made sense, and to report back to him if those meetings produced anything of note. She said that because in Mr. Kushner’s view the meetings were inconsequential, it did not occur to him to mention them to senior staff members earlier.

NYT raises the possibility that Kushner discussed his efforts to fund one of his family’s business in NYC, though Hope Hicks claimed it — and the sanctions — did not come up.

But consider how this meeting might interact with another known Kislyak conversation, the multiple calls with Flynn on December 29 after Obama imposed hacking related sanctions. In context, that conversation was about the hacking sanctions, not the more onerous Ukraine ones. But if Kushner had just met with a sanctioned bank and discussed those sanctions, that could change Kislyak’s understanding of what Flynn was saying.

One mistake of a lot of the frenzied speculation is a focus on changing US policy towards Ukraine, a focus not borne out by the public evidence. The result of that focus is to ignore what the Christopher Steele dossier makes clear was the real Russian goal, unsurprisingly: the lifting of the Ukraine-related sanctions.

There still is no evidence that’s what happened at this meeting that Kushner succeeded in hiding from people within the White House. But if it did, then it might amount to far more than all the smoke swirling around Manafort, Page, and Stone.

The claim that “Trump catches Russia’s White House spy” — clearly an attempt to smear Mike Flynn — actually got me to drop the $4.99 for a copy of the National Enquirer to read the hit job. And it’s actually more than a contrived effort to claim Flynn is a Russian spy: it’s a four-page spread, implicating Hillary and Mike Pence, too.

The story about Flynn is, instead, mostly a story about Jack Barsky, the former Russian spy who has gotten a lot of press of late tied to the release of his book. Just Thursday, CNN published an interview with him claiming, “What is clear is that email accounts of Democrat operatives were hacked and those hacks originated in Russia. Anything beyond that is pure speculation.” But amid a two-page story of Barsky’s life (as if the details of his life — and Barsky himself — were newly discovered), NE includes two quotes. A “national security intelligence source” warns of other Russian spies:

Jack Barsky is a Russian spy that was caught. But what is really frightening is that there are others out there like him embedded deep into Washington D.C. … Barsky being tracked down will greatly help the president smoke out other rats in his ranks.

And amid a four paragraph discussion of Mike Flynn, NE quotes an “administration source.”

The revelations [about Barsky] come as still-unfolding details continue to worm their way into the public eye about Trump’s own White House “turncoat” — now-ousted national security adviser and retired Lt. Gen. Michael T. Flynn.

Flynn was booted from Trump’s cabinet after intercepted phone calls exposed how he had colluded with Russian officials — and then had the chutzpah to lie about it when questioned by Vice President Mike Pence.

“He was, in essence, the Russian spy in Trump’s midst,” said an administration source who spoke to The ENQUIRER on the condition of anonymity. “Trump was lucky to root him out when he did.”

The unfolding Russian spy drama will overshadow the House of Representatives Intelligence Committee hearing investigating alleged ties between Trump’s campaign and Putin, source said.

Of course, Trump transition official Devin Nunes has already canceled the next hearing into ties between Trump’s campaign and Putin, but perhaps Trump plans on magnifying this hit job in upcoming days, replete with spooky language — “embedded,” “smoke out other rats,” “worm their way,” “turncoat,” “root him out,” — to shift the focus on disloyalty within the Trump Administration.

Which brings us to the other main story in this four-page spread.

It describes how “Trump crushe[d] Clinton coup” designed to install Mike Pence, purportedly revealed by Julian Assange in these two tweets (and some follow-up):

It treats Assange’s claims about his arch enemy as credible because, as a “Beltway insider sniffed … Assange is plugged in and has deep connections to Russian intelligence, along with similar networks around the world.”

The story cites a “White House insider” describing Trump giving Pence a loyalty oath.

President Trump called Pence into the Oval Office and forced him to take a lie detecter test to prove his loyalty. Pence swore he had nothing to do with Hillary and was being moved around like a chess piece in evil Hillary’s game!

After alleging Baywatch’s Pamela Anderson might be a cut-out and/or love interest for Assange, the story then turns on Paul Ryan, citing a quote first published in October, the audio of which was released by Breitbart the same day as the Assange tweets, March 14. The NE claimed that Hillary leaked the call to sow dissent before the health care vote.

The timing of the leak is not a coincidence. The call took place in October and leaked now — just as Ryan and Trump are working to muster support for the health care bill to replace Obamacare. Hillary’s people leaked it to drive a wedge between Trump and Ryan, undermine their efforts to reform health care and destroy the president!

In short, the second article is even more fevered than the one implicating Flynn.

Finally, in addition to a short piece attacking Chris Matthews, the spread includes a non-denial denial of Christopher Steele’s dossier, claiming it showed “Trump orgies” and “graphic sex involving hookers,” which is not precisely what pee gate claimed. It then dismisses the claims because “Trump neither drinks nor uses drugs,” as if that would rule out orgies.

Undoubtedly, all this was placed with the cooperation of the White House, if not direct quotes from Trump (which is something he has a history of doing). While the Flynn story has been viewed — particularly alongside unsubstantiated claims that Flynn is cooperating with the FBI — as an attempt to damage him for snitching, it almost certainly dates to earlier than more recent attacks on Flynn, and in conjunction with stories of loyalty oaths from Pence appears tame by comparison.

Trump wants to justify a witch hunt among the National Enquirer set. And at least thus far, Flynn and warnings of replacement by Pence are no more than the excuse for launching it.