The Outdated Math and Physics Behind Economics

/44 Comments/in , /by

In Who Cooked Adam Smith’s Dinner, Katrine Marçal traces the roots of mainstream economics and particularly neoliberalism. One of the strands she discusses is the the connection between economics and Newtonian physics. Newton believed that the universe was made up of fundamental particles. To understand complex physical things, you have to break them down into smaller and smaller pieces until you hit the unit of everything, the Lego blocks from which the universe is constructed: the atom and the photon (Newton thought the photon was a particle). From there you can work towards an understanding of the cosmos.

Particles are governed by forces. For Newton, the important force was gravity. The ultimate particle and the ultimate force can be used to explain a lot of the physical phenomena which we can observe with simple tools. Newton’s theory is deterministic: the future is predictable because particles only move in accordance with rigid laws.

In economics, the atom is the individual. The force that sets those atoms into motion is self-interest.

I’ve made passing reference to this before, but Marçal’s book brings it to the forefront. Most of the time when we hear about the history of economics after Smith, we hear about the math stuff, frequently starting with the idea of marginal utility generated by William Stanley Jevons around 1870. Jevons was a mathematician, who set out to create equations for the calculus of pleasure and pain as described by Jeremy Bentham. The subsequent history of economics can be read as a long math exercise using mostly calculus, and linear algebra (matrices) for modeling.

The thing is, math was just being formalized in the 1800s. Riemann completed the formalization of the calculus in 1854 (here’s an interesting history.) Other areas of math were being developed and formalized at that time, and development continues today, with, for example, fractal math. So maybe a good question is why economists stick with 19th Century math. Can’t they find something new that might work better than the obviously lousy models they use today that were incapable of predicting the Great Crash? I mean, how could anyone think it makes sense to model human beings as a large number of identical particles that only interact in monetary transactions and are otherwise unaffected by each other; and all of which are subject only the force of self-interest?

But just as math has advanced, so has physics. One of the changes is that physicists aren’t searching for ultimate particles any more; in fact as we currently understand things, we aren’t even sure the things studied are in some particular place. Physicists now study the relationships between various kinds of forces. They describe elementary particles by the forces through which they interact which in turn are defined in math terms, and terms that are a lot further from calculus than calculus is from addition. The relationships are mediated through the Schrödinger equation; It describes our observation small numbers of what we think today are elementary particles, but it is too hard to solve it for any large group of particles.

But in economics, nothing is complicated. It’s just individuals motivated by self-interest. And that’s a remarkably stupid thing. Has nothing changed in the last 150 years? Is linear algebra, which we learned in my junior year in high school, all these guys have learned from math and physics?

To put this another way, if economists were just cranking up their discipline today, with no theory of our current form of economy, they certainly would not use 19th C. math and physics as models. Would they use 18th C. markets in England and Scotland as their model? Of course not.

Fortunately I’m here to help. I’m happy to let economists continue the work of defining and collecting economic statistics, but it’s time to look for a more plausible theory. And as a starting place, I’ll put up a couple of posts with ideas for a new theory for the 21st C. No need to thank me. Which they won’t.

Share this entry

BBC’s FISA Reporter Argues CIA Should Lead Trump Investigation

/15 Comments/in , /by

Paul Wood is the BBC reporter who, in a January story focusing largely on MI6 officer Christopher Steele’s dossier, repeated the Louise Mensch report that the government had obtained a FISA order targeting two Russian banks.

On 15 October, the US secret intelligence court issued a warrant to investigate two Russian banks. This news was given to me by several sources and corroborated by someone I will identify only as a senior member of the US intelligence community. He would never volunteer anything – giving up classified information would be illegal – but he would confirm or deny what I had heard from other sources.

Last night he posted another story, confirming that one of the figures described in Steele’s dossier as having been withdrawn from DC because of his close ties to the election operation, Mikhail Kalugin, was indeed a Russian spy operating under diplomatic cover.

[S]ources I know and trust have told me the US government identified Kalugin as a spy while he was still at the embassy.

[snip]

A retired member of a US intelligence agency told me that Kalugin was being kept under surveillance before he left the US.

But I’m more interested in the vague details Wood offers about Steele’s past cooperation — and how he pitches a claim that the FBI is screwing up the investigation.

Remember: the public story is that only the FBI had any contact with Steele. But the first time this article describes him sharing information he collected for other sources with US intelligence agencies, it doesn’t specify that.

I understand – from former officials – that from 2013-16, Steele gave the US government extensive information on Russia and Ukraine.

This was work done for private clients, but which Steele wanted the US authorities to see.

One former senior official who saw these reports told me: “It was found to be of value by the people whose job it was to look at Russia every day.

Indeed, the article distinguishes between what those agencies believed about Steele from what the FBI did.

In light of his earlier work, the US intelligence community saw him as “credible” (their highest praise).

The FBI thought the same; they had worked with Steele going back to his days in MI6.

The article goes on to complain that Steele never briefed the CIA on the dossier, which it explains by saying his Russian related contacts had moved on.

But the CIA never interviewed him, and never sought to.

This comes from several people who are in a position to know.

[snip]

I understand that Steele himself did not ask to brief the CIA because he had a long-standing relationship with the FBI.

The Russia people at the CIA had moved on and he felt he did not have the personal contacts he would need.

As a reminder, the Intelligence Community offered completely ridiculous explanations for when it first obtained the dossier, which were implausible, even ignoring the way they pretended FBI wasn’t part of the IC.

In any case, having laid out these distinctions, the article then voices the complaints of those who believe the FBI is screwing the investigation up, and that only CIA has the contacts to conduct it.

This comes from several people who are in a position to know.

They are alarmed at how the investigation is going, and worry it is being fumbled.

One said: “The FBI doesn’t know about Russia, the CIA knows about Russia.

“Any sources Steele has in Russia, the FBI doesn’t know how to evaluate.

“The Agency does… Who’s running this thing from Moscow? The FBI just aren’t capable on that side, of even understanding what Chris has.”

The article cites one reason this complaint is bogus — the CIA, along with other agencies, are part of the task force investigating this case. It doesn’t explain why the theory voiced by its sources — that the Russians would need to steal voter roll data from states (or even cooperate with Trump) to micro-target messages. Voter rolls are readily available. And while cooperating with Trump’s campaign would make micro-targeting more effective, it would not be necessary for a knowledgable person.

In any case, these complaints sound like the excuses given for why Steele did not, ultimately, take payment from FBI (which I discussed here), with one difference. It wasn’t just that Steele thought the FBI was paying too much attention on Hillary’s email campaign, but he thought publicizing his dossier would make the difference in the election.

“He really thought that what he had would sway the election,” said one.

That claim, with questions introduced by this article about which agencies he has worked with, is rather interesting.

One final point. After the article got posted, the Beeb took out a critical line (highlighted below) claiming that Steele didn’t share his dossier with reporters himself, but instead did so through his employer.

That doesn’t make sense for a lot of reasons — and is belied by David Corn’s account of what happened. But I find it particularly interesting given the fact that — after Chuck Grassley first asked the FBI to provide information on the dossier — Grassley has since asked the consulting firm questions that would provide a way to double check the FBI’s claims. Fusion’s answers, which are due by April 7, might present problems for this claim, which has since disappeared. Poof!

Among the things Richard Burr suggested yesterday is that the committee may not succeed in getting Steele to testify (suggesting that being outside the country put him beyond subpoena). Given the airing of complaints from Steele and his friends here, I really look forward to seeing whether he cooperates with SSCI.

Share this entry

Face The Nation

/25 Comments/in , /by

The failure of the American Health Care Act provides an insight that might be useful in combating neoliberalism. Paul Ryan centered his defense of ACHA around the notion of individual freedom. But there is a better view of freedom that the Democrats could offer: freedom from fear.

Ryan explained his view of freedom, the neoliberal view that freedom exists only in monetary transactions, in an appearance on Face The Nation March 12, 2017:

DICKERSON: How many people are going to lose coverage under this new —

RYAN: I can’t answer that question. It’s up to people. Here — here’s the premise of your question. Are you going to stop mandating people buy health insurance? People are going to do what they want to do with their lives because we believe in individual freedom in this country. So the question is, are we providing a system where people have access to health insurance if they choose to do so. …

The most important talking point in this whole interview is freedom; Here’s another example:

…[W}e’re not going to make an American do what they don’t want to do. You get it if you want it. That’s freedom.

What if you want it but do not have the money to get it? You are free not to get it. One of the problems with the ACA is that even with subsidies, people can’t afford a decent policy. A lot of people have a policy that doesn’t cover them sufficiently to prevent bankruptcy, or they have a policy but can’t afford to use it because of high deductibles and co-pays.

Ryan’s solution was to get rid of the Essential Health Benefits mandated by the ACA. These set the minimum coverage for any policy offered on the exchange. They include lab tests, drugs, maternity care, treatment for substance abuse and mental illness, and others. If insurance companies can issue policies that don’t cover these mandated benefits, they can offer cheaper policies. That doesn’t help anyone. It increases the number of people with policies that don’t cover treatment they suddenly need, and raises prices for others to buy fuller coverage.

Ryan and the Republicans think we only care about a few bucks we don’t have to pay an insurance company. They only value the freedom to buy and sell in unrestrained markets, as if anyone actually wanted to spend any part of their precious lives studying insurance contracts.

So there we have Ryan’s definition of freedom. You have the freedom to give money to an insurance company to buy any policy you can afford, and you can shop around for a policy that may or may not provide the coverage you eventually need, or you can take the risk of bankruptcy or denial of health care.

That’s a peculiar kind of freedom.

The Democrats have the possibility of offering a different kind of freedom: the freedom from fear that you and your family and your friends and neighbors and fellow citizens won’t be able to get health care when they need it. This kind of Freedom is the foundation of Franklin Roosevelt’s Second Bill of Rights, so it’s well within the historic tradition of the Democrats, at least before their neoliberal turn. The outpouring of public hostility to the ACHA proves that this definition of freedom is much more popular than Ryan’s.

Another way to phrase this idea is that what people want is the freedoom to pursue their own projects, projects that they choose for themselves and that give them a sense of satisfaction. John Maynard Keynes thought that as the age of work came to an end, people would pursue artistic, intellectual and cultural pursuits. Maybe. Maybe it’s going fishing, learning how to weld, or following the Cubs. For maximum freedom, there are areas where people would rather have the government protect them from the “market”, rather than wasting time coping with yet another market, or living in fear of the consequences of not handling the market. I think his is an idea with a lot of general appeal.

If we raise taxes fairly, or reorder our budget priorities favoring defense contractors, we can all get good health care at a price we can all pay. That’s the kind of freedom I want: freedom from fear and freedom from the endless consumerism we have to endure because of the other version of freedom. Not to mention freedom from profit-maximizing insurance companies.

Share this entry

Ron Wyden’s History of Bogus Excuses for Not Counting 702 US Person Collection

/6 Comments/in , /by

The other day, Ron Wyden gave a long speech on FISA Section 702, purportedly explaining why he was voting against Dan Coats to be Director of National Intelligence. Wyden voted against Coats because his former colleague would not commit to providing a number of the number of Americans swept up under Section 702. Given that it’s always a good idea to read Wyden closely, I wanted to summarize what he said. I’ll look at his complaints in a separate post, but for now I wanted to focus on Wyden’s description of the bogus explanations James Clapper and others gave Wyden in his past efforts to get the number of Americans sucked up in 702. I summarized the known exchanges that occurred on this issue before Clapper’s famous “not wittingly” lie here.

In 2011, both Wyden and John Bates were asking for numbers at the same time — NSA refused both

The first request for a count is temporally significant(update: I think I just missed this one in the past). In April 2011, Wyden and Mark Udall asked for the number.

In April of 2011, our former colleague, Senator Mark Udall, and I then asked the Director of National Intelligence, James Clapper, for an estimate.

According to Clapper’s response, they sent a written letter with the request on July 14, 2011. The timing of this request is critically important because it means Wyden and Udall made the request during the period when NSA and FISA Judge John Bates were discussing the upstream violations (see this post for a timeline). As part of that long discussion Bates had NSA do analysis of how often it collected US person communications that were completely unrelated to a targeted one (MCTs). Once Bates understood the scope of the problem, he asked how many US person communications it collected that were a positive hit on the target that were the only communication collected (SCTs).

But the timing demands even closer scrutiny. On July 8, John Bates went to DOJ to express “serious concerns” — basically, warning them he might not be able to reauthorize upstream surveillance. On July 14 — the same day Wyden and Udall asked Clapper for this information — DOJ asked Bates for another extension to respond to his questions, promising more information. Clapper blew off Wyden and Udall’s request in what must be record time — on July 26. On August 16, DOJ provided their promised additional information to Bates. That ended up being a count of how many Americans were affected in MCTs.

That means Clapper claimed he couldn’t offer a number even as NSA was doing precisely the kind of count that Wyden and Udall wanted, albeit for just one kind of 702 collection. And, as Wyden suggested in his speech, Clapper’s answer was non-responsive, answering how many US persons had their communications reviewed, rather than how many had their communications collected.

In July of that year, the director wrote back and said, and I quote, it was not reasonably possible to identify the number of people located in the United States whose communications may have been reviewed under the authority of the Foreign Intelligence Surveillance Act. He suggested reviewing the classified number of disseminated intelligence reports containing a reference to a U.S. Person, but that is very different than the number of Americans whose communications have been collected in the first place. And that’s what this is all about.

Then, after the government presented the information on how many US persons were collected via MCTs to Bates in August, Bates asked them to go back and count SCTs.

NSA refused.

Both FISC and members of SSCI were asking for this information in the same time period, and NSA refused to provide the count.

Since NSA wouldn’t help him, Bates invented an estimate himself, calculating that some 46,000 entirely domestic communications were collected under upstream collection each year.

NSA’s manual review focused on examining the MCTs acquired through NSA’s upstream collection in order to assess whether any contained wholly domestic communications. Sept. 7, 2011 Hearing Tr. at 13-14. As a result, once NSA determined that a transaction contained a single discrete communication, no further analysis of that transaction was done. See Aug. 16 Submission at 3. After the Court expressed concern that this category of transactions might also contain wholly domestic communications, NSA conducted a further review. See Sept. 9 Submission at 4. NSA ultimately did not provide the Court with an estimate of the number of wholly domestic “about” SCTs that may be acquired through its upstream collection. Instead, NSA has concluded that “the probability of encountering wholly domestic communications in transactions that feature only a single, discrete communication should be smaller — and certainly no greater — than potentially encountering wholly domestic communications within MCTs.” Sept. 13 Submission at 2.

The Court understands this to mean that the percentage of wholly domestic communications within the universe of SCTs acquired through NSA’s upstream collection should not exceed the percentage of MCTs within its statistical sample. Since NSA found 10 MCTs with wholly domestic communications within the 5,081 MCTs reviewed, the relevant percentage is .197% (10/5,081). Aug. 16 Submission at 5.

NSA’s manual review found that approximately 90% of the 50,440 transactions in the same were SCTs. Id. at 3. Ninety percent of the approximately 13, 25 million total Internet transactions acquired by NSA through its upstream collection during the six-month period, works out to be approximately 11,925,000 transactions. Those 11,925,000 transactions would constitute the universe of SCTs acquired during the six-month period, and .197% of that universe would be approximately 23,000 wholly domestic SCTs. Thus, NSA may be acquiring as many as 46,000 wholly domestic “about” SCTs each year, in addition to the 2,000-10,000 MCTs referenced above.

Presumably, Wyden learned that NSA had been doing such a count in October, well after Clapper had given his first non-responsive answer.

The 2012 privacy violation claim

Wyden skips the next request he made, when on May 4, 2012, he and Udall asked the Intelligence Community Inspector General Charles McCullough for a number (I laid out the timing of the request in this post). When they also tried to include language in the FAA reauthorization requiring the IGs to come up with a number, SSCI refused, citing their outstanding request to McCullough. Of course, McCullough did not get back to the Senators with his refusal to do such a count until after the bill had passed out of committee. He responded by saying NSA IG George Ellard didn’t have the capacity for such a review, and besides, it would violate the privacy of Americans to find out how much NSA was violating their privacy.

I defer to his conclusion that obtaining such an estimate was beyond the capacity of his office and dedicating sufficient additional resources would likely impede the NSA’s mission. He further stated that his office and NSA leadership agreed that an IG review of the sort suggested would itself violate the privacy of U.S. persons.

Clapper blows off 12 Senators

In response, Wyden rounded up some privacy minded Senators to sign onto a letter asking for an estimate of the number. In this week’s speech, Wyden noted that he said he’d be willing to take an estimate. He didn’t remind his listeners that he and his friends also asked whether such an estimate had been done.

  • Have any entities made any estimates — even imprecise estimates — about how many US communications have been collected under section 702 authorities?

The answer to that question — at least with regards to upstream collection — was yes. NSA had estimated the MCTs and Bates, using their estimate, had made an even rougher estimate of the SCTs. But as I noted here, members of Congress relying on the purported disclosure to Congress about the upstream violations wouldn’t know that — or that the upstream violations involved entirely US person collection. As Wyden noted in his speech, Congress didn’t get this information before the reauthorized FAA.

We still got no answer. And section 702 was reauthorized without this necessary information.

Clapper’s least untruthful answer

Wyden also doesn’t address Clapper’s famous March 2013 lie. Since the exposure of the phone dragnet, most discussions have assumed Wyden was probing only about that program. But the question, as asked, absolutely applied to incidental collection.

Wyden: Does the NSA collect any type of data, at all, on millions, or hundreds of millions of Americans?

Clapper: No sir.

Wyden: It does not?

Clapper: There are cases where they could inadvertently, perhaps, uh, collect, but not wittingly.

Indeed, several of Clapper’s many excuses claim he was thinking of content when he responded. Even if he were, his first answer would still be yes: the NSA collects on so many millions of Americans incidentally that it refuses to count it. But Clapper’s “not wittingly” response is almost certainly not a goof, since he gave it after Wyden had provided a day’s warning the question would be asked and after two different John Bates’ opinions that made it clear that he would forgive the collection of content so long as NSA didn’t know about it, but once they knew about it, then it would become illegal. The not wittingly response reinforces my firm belief that the reason the government refuses to count this is because then a great deal of their Section 702 collection would be deemed illegal under those two FISC precedents.

Clapper’s blow-off becomes Dan Coats’ blow-off

Which is where Wyden brings us up to date, with both house of Congress asking for such a number and — after promises it would be forthcoming — not getting it.

So last year looking at the prospect of the law coming up, there was a renewed effort to find out how many law-abiding Americans are getting swept up in these searches of foreigners. In April 2016 a bipartisan letter from members of the House Judiciary Committee asked the Director of National Intelligence for a public estimate of the number of communications or transactions involving United States persons are collected under section 702 on an annual basis. This letter coming from the House Democrats and Republicans, again asked for a rough estimate. This bipartisan group suggested working with director clapper to determine the methodology to get this estimate.

In December there were hints in the news media that something might be forthcoming, but now we’re here with a new administration considering the nomination of the next head of the intelligence community who has said that reauthorizing section 702 is his top legislative priority and that there is no answer in sight to the question Democrats and Republicans have been asking for over six years. How many innocent law-abiding Americans are getting swept up in these searches under a law that targets foreigners overseas?

There’s one tiny tidbit he doesn’t mention here. Coats never answered that he wouldn’t provide an answer. Rather, he said he didn’t understand the technical difficulties behind providing one (not even after participating in the 2012 vote where this was discussed). In his confirmation hearing, Coats explained one reason why he couldn’t learn what the technical difficulties were before he was confirmed. When he resigned the Senate, his clearance had lapsed, and during his confirmation process, his new clearance was being processed. That meant that for this — and any other classified question that Coats might want to consider anew — he was unable to get information.

The Senate doesn’t seem to care about this serial obstruction, however. Coats was confirmed with an 85-12 vote, with the following Senators voting against confirmation.

Baldwin (D-WI)
Booker (D-NJ)
Duckworth (D-IL)
Gillibrand (D-NY)
Harris (D-CA)
Markey (D-MA)
Merkley (D-OR)
Paul (R-KY)
Sanders (I-VT)
Udall (D-NM)
Warren (D-MA)
Wyden (D-OR)

Given how hard the IC is trying to hide this, the actual exposure of US persons must be fairly significant. We’ll see whether Congress finds another way to force this information out of the IC.

Updated with more granular timing on the 2011 exchange.

Share this entry

Or Maybe America Post-9/11 Inspires More Disillusionment?

/27 Comments/in /by

Michael Hayden thinks he has an explanation for all the whistleblowers. It’s those damn millennials.

How do you make sure every one of [the people who have clearance] was and remains a loyal American or a loyal member of British security services and so on. Beyond that, Catty, there’s another dynamic at work here. In order to do this kind of stuff, we have to recruit from a certain demographic, and I don’t mean to judge them at all, but this group of millennials and related groups simply have different understandings of the words loyalty and secrecy and transparency than certainly my generation did. And so we bring these folks into the agency, good Americans all, I can only assume, but again, culturally they have different instincts than the people who made the decision to hire them.

The reason Chelsea Manning and Edward Snowden leaked vast troves of documents, according to Hayden, is because they’re young and not as loyal as people like him.

That may be true, to a point. Both Manning and Snowden seem to have a cosmopolitanism that a lot of Americans — those Americans raised during the Cold War — don’t have. We live in a globe now, just just America, and it’s possible Manning and Snowden felt some loyalty to humankind, rather than just America.

But there’s another problem with Hayden’s claim. There have been a number of whistleblowers who are of his generation. Consider all the intelligence people who’ve joined VIPS in response to idiotic foreign policy, after all.

Or consider an even more interesting example: Bill Binney. Binney was, during the Cold War, one of the most aggressive spies out there. He has said to me, repeatedly, that he’s the guy who invented Collect it all (though he, of course, wanted privacy protections for Americans). But when his approach came to be rolled out against Americans as part of the War on Terror that Hayden pursued with little self-reflection, Binney balked, quit the NSA, and started complaining that his program had been repurposed to target everyone.

Now, Binney didn’t bring a trove of documents with him. But he’s definitely animated by some of the same things that animated Manning and Snowden.

And Binney is two years older than Hayden.

There are a lot of things that motivate whistleblowers, and Daniel Ellsberg (who is 14 years older than Hayden) has said repeatedly that Snowden is just like he was.

But I do think one thing that has happened is that during the Cold War, for good or ill, Americans believed that they were the force of good. That belief is a lot harder to sustain in this day and age, for a range of reasons (not least the warrantless wiretapping and torture that Hayden facilitated). So just maybe the values remain the same, but America has changed?

Share this entry

The Feedback Loop in Christopher Steele’s Dossier

/22 Comments/in , , /by

Last week, at least three media outlets have provided new details about the relationship between former MI6 officer Christopher Steele — the author of the Trump dossier — and the FBI. First WaPo reported that Steele had reached a verbal agreement that the FBI would pay him to continue his investigation of Russia’s involvement with Trump after still unnamed Democrats stopped paying him after the election. CNN then reported that FBI actually had paid Steele for his expenses. Finally, NBC reported Steele backed out of the deal before it was finalized. Chuck Grassley just sent a letter to Jim Comey asking for more information about the proposed arrangement with Steele.

I’m with Grassley on this. According to WaPo and NBC, FBI would only have paid Steele after the election, presumably regardless of the outcome; by that point Steele’s research couldn’t affect the outcome of the investigation. Nevertheless, the possibility that FBI may have used information from a Democratically paid oppo researcher does raise questions of propriety. Add in the discrepancies in these three reports about whether FBI did pay for Steele’s work, and Grassley is right to raise questions.

I’m also interested in what the relationship says about the way in which political necessities may have impacted the content of Steele’s dossier. All three reports attribute the termination of any FBI-Steele relationship, at least in part, to Steele’s frustration with the FBI. WaPo goes on at some length, explaining that Steele got pissed when Jim Comey reopened the Hillary investigation on October 28, and then grew angrier after the NYT reported the FBI had not confirmed any link to Russia.

Ultimately, the FBI did not pay Steele. Communications between the bureau and the former spy were interrupted as Steele’s now-famous dossier became the subject of news stories, congressional inquiries and presidential denials, according to the people familiar with the arrangement, who spoke on the condition of anonymity because they were not authorized to discuss the matter.

[snip]

In October, anticipating that funding supplied through the original client would dry up, Steele and the FBI reached a spoken understanding: He would continue his work looking at the Kremlin’s ties to Trump and receive compensation for his efforts.

But Steele’s frustration deepened when FBI Director James B. Comey, who had been silent on the Russia inquiry, announced publicly 11 days before the election that the bureau was investigating a newly discovered cache of emails Clinton had exchanged using her private server, according to people familiar with Steele’s thinking.

Those people say Steele’s frustration with the FBI peaked after an Oct. 31 New York Times story that cited law enforcement sources drawing conclusions that he considered premature. The article said that the FBI had not yet found any “conclusive or direct link” between Trump and the Russian government and that the Russian hacking was not intended to help Trump.

WaPo doesn’t lay this out in detail, however. Here’s what happened on those days in October:

October 28: Comey informs eight committee chairs he will reopen the investigation, which promptly (and predictably) leaks.

October 30: Having been officially briefed on the dossier, Harry Reid writes Comey accusing him of a Hatch Act violation for releasing the information on Clinton while withholding what we know to be information in the dossier.

October 31, 6:52PM: David Corn publishes story based on dossier.

October 31, 9:27PM: NYT publishes article describing multiple investigations into Russian interference, stating “no evidence has emerged that would link him or anyone else in his business or political circle directly to Russia’s election operations.”

October 31, 10:52PM: NYT edits article, adding “conclusive or direct” as a caveat in the sentence “Law enforcement officials say that none of the investigations so far have found any conclusive or direct link between Mr. Trump and the Russian government.”

Notably, assuming the times in Newsdiffs (from which I got the NYT timing) are correct, Steele had already gone public before the NYT published its article. That suggests he (like Harry Reid) believed his research should be part of a competing public story. And by going public in what was obviously a Democratically-seeded article, Steele likely made it far more difficult for FBI to continue the relationship.

Already, these new timeline details raise questions about the degree to which Steele’s concerns that the Trump Russian investigation should have more prominence than the email investigation may have influenced his work. Even if Jim Comey did do something colossally stupid by announcing the reopening of the investigation, that shouldn’t affect Steele’s interest in providing the best intelligence to the US, regardless of the public impact, unless he was always motivated primarily by his role as campaign oppo researcher.

The pointless Alfa Bank report that nevertheless seems to reinforce the dodgy Alfa server story

But I also wonder whether it relates to the content. Consider report 112, dated September 14. It pertains to “Kremlin-Alpha Group Cooperation.” It doesn’t have much point in a dossier aiming to hurt Trump. None of his associates nor the Russian DNC hack are mentioned. It does suggest that that Alfa Group had a “bag carrier … to deliver large amounts of illicit cash to” Putin when he was Deputy Mayor of St. Petersburg, though describes the current relationship as “both carrot and stick,” relying in part on kompromat pertaining to Putin’s activities while Deputy Mayor. It makes no allegations of current bribery, though says mutual leverage helps Putin “do his political bidding.”

As I said, there’s no point to have that Alfa Bank passage in a dossier on Trump. But it does serve, in its disclosure, to add a data point (albeit not a very interesting one) to the Alfa Server story that (we now know) FBI was already reviewing but which hadn’t been pitched to the press yet. In Corn’s piece, he mentions the Alfa Bank story but not the report on Putin’s ties to it. It may be in there because someone — perhaps already in possession of the Alfa Bank allegations — asked Steele to lay out more about Alfa’s ties with Putin.

Here’s one reason that’s interesting, though. Even aside from all the other reasons the Alfa story is dodgy, it was deliberately packaged for press consumption. Rather than the at least 19 servers that Trump’s spam email was pinging, it revealed just two: Alfa Bank and Spectrum Health (the latter of which got spun, anachronistically, as a DeVos organization that thus had to be tight with Trump). Which is to say, the Alfa story was dodgy and packaged by yet unknown people.

The discovery of direct collusion during the intelligence review of the Russian hack

More interesting still is what happens in the period that — according to public reporting, anyway — Steele was working for free.

Contrary to what Steele’s anger suggests, there was no real evidence of direct Russian ties to Trump outside of the famous PeeGate incident (and even if that happened, he was not a knowing participant). In the first report, there’s a claim that “the Kremlin has been feeding TRUMP and his team valuable intelligence … including Democratic presidential candidate Hillary Clinton,” but the part of the report that purportedly describes that sharing states that the Kremlin file on Hillary “had not yet been made available abroad, including to TRUMP or his campaign team,” seemingly contradicting the claim. A subsequent report describes a Presidential Administration official discussed the “possible release [of the dossier] to the Republican’s campaign team,” but without any confirmation that occurred (or even that Trump knew about it).

A subsequent report includes a claim of a “well-developed conspiracy of co-operation between [Trump’s team] and the Russian leadership managed through Paul Manafort and Carter Page. It continued to suggest a quid pro quo between the Russian hack and a shift on Ukraine and NATO policies. But in subsequent discussions of Manafort and Page’s corruption, it drops this claim entirely. Even when Michael Cohen enters the narrative, its about managing fallout over Manafort’s Ukrainian corruption.

There are claims that Trump was trying to set up business in Russia, followed by repeated descriptions of Russians not succeeding in getting him to do so.

In other words, in spite of the fact that there were some really damning allegations in the reports, the subsequent reporting didn’t necessarily back the most inflammatory aspects of them.

After the election, there’s just one report, dated December 13. That dates it to after the CIA’s leak fest reporting that Putin hacked the DNC not just to hurt Hillary and the US, but also to elect Trump. It dates to after Obama ordered an IC report on the hack. It dates to after John McCain delivered yet another copy of the dossier to FBI. It slightly precedes a Crowdstrike report (also done for free) bumping its formerly non-public “medium” confidence Russia’s GRU hacked the DNC to “high.”

And after previous reports describing Michael Cohen’s meetings as serving to cover up Manafort’s corruption and Page’s non-consummated Rosneft deal, this one alleges “the operatives involved [in the DNC hack] had been paid by both TRUMP’s team and the Kremlin,” the first such allegation. That is, over a month after the election but less than a month before its leak, the kind of detail backing direct collusion reappeared in this report.

Chuck Grassley’s questions

Which brings me back to Grassley’s letter. In addition to asking about payments, whether the agreement ever went into force, and whether and how Steele’s material served as a basis for FBI reports or even warrants, Grassley asks a question I’ve long wanted to know: Why we got this version of the memo, which is obviously just a partial selection of the complete dossier (rather like the Alfa story).

  1. How did the FBI first obtain Mr. Steele’s Trump investigation memos?  Has the FBI obtained additional memos from this same source that were not published by Buzzfeed?  If so, please provide copies.

We will actually learn a lot about the validity of the dossier if we see what other parts got dealt to the FBI, and if so whether the copy released to the public was cherry picked for the most damning information.

Share this entry

The Conspiratorial Game of Telephone in Bannon’s Rag that Made Left, Right, and POTUS Go Crazy

/73 Comments/in , /by

A story published in Steve Bannon’s rag, Breitbart, got circulated around the White House this morning like some President’s Daily Conspiracy, sending President Trump off on a rant attacking the counterintelligence investigation into his aides’ (and possibly his own) ties with Russia.

Let me unpack it.

The story basically captures a narrative Mark Levin rolled out Thursday night (that is, right after Jeff Sessions recused himself from the Russian hack investigation), which basically lards out the story of counterintelligence intercepts mostly targeting Russians, to suggest Jeff Sessions was brought down in an invented coup.

The Louise Mensch story

The story starts with this Louise Mensch story. For those who don’t know, Mensch is a former Tory Member of Parliament turned American rock promoter wife. Since quitting Parliament to spend more time with her family, she has become a pundit known for taking reasonable observations, injecting just a bit of whack, and turning them into fairly unhinged theories. Perhaps her best known foray into investigative work is when she unknowingly used her own racist search history to impugn a Jeremy Corbyn supporter. In spite of her still apparent tolerance for racism, she offered up her support to Hillary on Valentines Day in 2016. Of late, she has been writing unified theories of Russian spying that start from real nuggets and important observations, then spin loose from the actual supporting evidence.

Back to Mensch’s original article. At a time when Hillary’s team was furious that the FBI had been publicly discussing her emails rather than Trump’s Russian ties, Mensch reported that the FBI got a FISA order in October, after having been denied a more broadly drawn order earlier in the year.

The timing of the October FISA order has been backed in subsequent reporting. It is Mensch’s explanation for the basis of the order that is the problem, as it relied on the dodgy Alfa Bank story.

Contrary to earlier reporting in the New York Times, which cited FBI sources as saying that the agency did not believe that the private server in Donald Trump’s Trump Tower which was connected to a Russian bank had any nefarious purpose, the FBI’s counter-intelligence arm, sources say, re-drew an earlier FISA court request around possible financial and banking offenses related to the server. The first request, which, sources say, named Trump, was denied back in June, but the second was drawn more narrowly and was granted in October after evidence was presented of a server, possibly related to the Trump campaign, and its alleged links to two banks; SVB Bank and Russia’s Alfa Bank. While the Times story speaks of metadata, sources suggest that a FISA warrant was granted to look at the full content of emails and other related documents that may concern US persons.

[snip]

The FISA warrant was granted in connection with the investigation of suspected activity between the server and two banks, SVB Bank and Alfa Bank. However, it is thought in the intelligence community that the warrant covers any ‘US person’ connected to this investigation, and thus covers Donald Trump and at least three further men who have either formed part of his campaign or acted as his media surrogates. The warrant was sought, they say, because actionable intelligence on the matter provided by friendly foreign agencies could not properly be examined without a warrant by US intelligence as it involves ‘US Persons’ who come under the remit of the FBI and not the CIA. Should a counter-intelligence investigation lead to criminal prosecutions, sources say, the Justice Department is concerned that the chain of evidence have a basis in a clear  warrant

I will return to some other aspects of the Alfa Bank story shortly. But for now, consider that the evidence never said a private server “in Donald Trump’s Trump Tower … was connected to a Russian bank.” Rather, it showed that a marketing server in Philadelphia was pinging Alfa Bank and Grand Rapid’s Spectrum Health. As it turns out, it was pinging at least 16 other servers, but that detail was suppressed when the story got packaged up for the press by yet unidentified people. So even if the FBI would have needed a FISA warrant to read traffic involving a Russian (that is, non-US person located overseas) bank — which it wouldn’t — it’s highly unlikely they would have gotten that far, because the story didn’t hold up (and was easily explained by the spam that the servers in question were getting). Moreover, there is no way the FBI would have imagined “financial and banking offenses” from a spam marketing server sending regular pings to a bank. So even if the FBI continued to investigation suspected ties between Alfa Bank and Trump (again, more on that in a follow-up), the specific reference Mensch used to hang the FISA order on should never have involved allegations of a wiretap in Trump Tower.

This is not to say FISC didn’t issue an order pertaining to financial questions involving Russians. Mensch also points to David Corn’s piece on the Trump dossier, which we now know alleges a bunch of other, far more substantive financial issues. Later reporting described a tip from a Baltic country. But all of those pertain to suspected Russian bribes of people close to Trump or Paul Manafort’s corruption, not a spam marketing server sending spam to past clients of Trump hotels.

Which is to say that Mensch took a great tip — that there had been a FISC order — and slapped it onto dodgy allegations floating around in ways that didn’t even make sense for FISA, much less the allegations themselves.

Only Mensch says Trump was personally targeted in the FISA order

All that’s important because this is where the allegation that the order “covers Donald Trump” comes from.

The BBC, the next outlet to report it, claimed “Neither Mr Trump nor his associates are named in the Fisa order, which would only cover foreign citizens or foreign entities – in this case the Russian banks.” That didn’t make sense either, because — again — if the targets were two Russian banks, then FBI wouldn’t need a FISA order. And while it went on to to say three of Trump’s associates were the “subject” of the investigation (but not the target of the FISA order), it did cite someone outside of DOJ claiming that “it’s clear this is about Trump.” That’s still different than wiretapping Trump Tower.

The Guardian, reporting a week later, says that four of Trump’s associates were the targets of the broadly written FISA requested during the summer.

The Guardian has learned that the FBI applied for a warrant from the foreign intelligence surveillance (Fisa) court over the summer in order to monitor four members of the Trump team suspected of irregular contacts with Russian officials. The Fisa court turned down the application asking FBI counter-intelligence investigators to narrow its focus. According to one report, the FBI was finally granted a warrant in October, but that has not been confirmed, and it is not clear whether any warrant led to a full investigation.

But it doesn’t even confirm that the FISC order took place. Here’s a piece I did in January pushing back against claims that anything should be interpreted by the original “rejection” of the FISA order.

Andy McCarthy relies on Mensch to suggest the FISA order is improper

Mensch’s reliance on the Alfa server story also led Andy McCarthy to suggest impropriety in January, which is the next thing cited in Levin/Breitbart. McCarthy ignores the underlying premise — however discredited — of the Alfa story (that it was being used to bribe Trump) and uses Mensch’s inexact language to suggest FBI agents were instead using FISA to investigate bank crimes.

From the three reports, from the Guardian, Heat Street, and the New York Times, it appears the FBI had concerns about a private server in Trump Tower that was connected to one or two Russian banks. Heat Street describes these concerns as centering on “possible financial and banking offenses.” I italicize the word “offenses” because it denotes crimes. Ordinarily, when crimes are suspected, there is a criminal investigation, not a national-security investigation.

According to the New York Times (based on FBI sources), the FBI initially determined that the Trump Tower server did not have “any nefarious purpose.” But then, Heat Street says, “the FBI’s counter-intelligence arm, sources say, re-drew an earlier FISA court request around possible financial and banking offenses related to the server.”

Again, agents do not ordinarily draw FISA requests around possible crimes. Possible crimes prompt applications for regular criminal wiretaps because the objective is to prosecute any such crimes in court. (It is rare and controversial to use FISA wiretaps in criminal prosecutions.) FISA applications, to the contrary, are drawn around people suspected of being operatives of a (usually hostile) foreign power.

Probably the only thing in the larger range of allegations against Trump people that might be treated as a crime rather than a counterintelligence investigation is Paul Manafort’s acceptance of payments from Ukrainian oligarchs he may not have properly disclosed. Yet later reporting actually confirmed that that started as a criminal investigation, for which (as McCarthy points out) is a lot easier to get warrants. The rest involves bribery by a foreign power, so spying. So an appropriate use of FISA.

The expansion of 12333 sharing and the preservation of evidence

Amid a treatment of the Mike Flynn resignation, the release of the dossier (Breitbart sort of tweaks the timeline of these two, though I get that capturing the timeline is tough), and the Sessions’ disclosures, Breitbart discusses the expansion of information sharing and preservation of evidence.

6. January: Obama expands NSA sharing. As Michael Walsh later notes, and as the New York Times reports, the outgoing Obama administration “expanded the power of the National Security Agency to share globally intercepted personal communications with the government’s 16 other intelligence agencies before applying privacy protections.” The new powers, and reduced protections, could make it easier for intelligence on private citizens to be circulated improperly or leaked.

[snip]

10. March: the Washington Post targets Jeff Sessions. The Washington Postreports that Attorney General Jeff Sessions had contact twice with the Russian ambassador during the campaign — once at a Heritage Foundation event and once at a meeting in Sessions’s Senate office. The Post suggests that the two meetings contradict Sessions’s testimony at his confirmation hearings that he had no contacts with the Russians, though in context (not presented by the Post) it was clear he meant in his capacity as a campaign surrogate, and that he was responding to claims in the “dossier” of ongoing contacts. The New York Times, in covering the story, adds that the Obama White House “rushed to preserve” intelligence related to alleged Russian links with the Trump campaign. By “preserve” it really means “disseminate”: officials spread evidence throughout other government agencies “to leave a clear trail of intelligence for government investigators” and perhaps the media as well.

I think I was the one who first identified the irony of expanding 12333 sharing rules — a move that had been in the works since 2004, when CIA started pushing to resume sharing it had had under Stellar Wind — right as CIA and FBI were investigating Trump allies as potential Russian spies.

Understand: On January 3, 2017, amid heated discussions of the Russian hack of the DNC and public reporting that at least four of Trump’s close associates may have had inappropriate conversations with Russia, conversations that may be inaccessible under FISA’s probable cause standard, Loretta Lynch signed an order permitting the bulk sharing of data to (in part) find counterintelligence threats in the US.

This makes at least five years of information collected on Russian targets available, with few limits, to both the CIA and FBI. So long as the CIA or FBI were to tell DIRNSA or NSA’s OGC they were doing so, they could even keep conversations between Americans identified “incidentally” in this data.

I still don’t think giving the CIA and FBI (and 14 other agencies) access to NSA’s bulk SIGINT data with so little oversight is prudent.

But one of the only beneficial aspects of such sharing might be if, before Trump inevitably uses bulk SIGINT data to persecute his political enemies, CIA and FBI use such bulk data to chase down any Russian spies that may have had a role in defeating Hillary Clinton.

And while the expansion had been in the works for years, it is definitely true that both James Clapper and Loretta Lynch signed off on the sharing after the time Obama ordered a more detailed review of Russia’s role in the election. Indeed, Lynch signed off on it the day after FBI found Mike Flynn’s conversations with Sergey Kislyak showing Flynn telling the Ambassador not to worry about Obama’s new Russian sanctions. It is even possible that the sharing made available intercepts involving some of the Trump aides the FISC hadn’t approved for surveillance.

But Breitbart relies on a PJ Media piece instead, which falsely claims Flynn was targeted in the wiretaps of Kislyak and describes it as an expansion of NSA powers rather than an expansion of FBI and CIA access. Breitbart then concludes that “new powers, and reduced protections, could make it easier for intelligence on private citizens to be circulated improperly or leaked.” The guidelines do aspire to prevent that kind of abuse, but the protections against such abuse are far too weak.

For what it’s worth, I think that 12333 sharing is part of what the NYT reported on, the distribution of information around government. Whereas on January 2, only NSA might have had raw intercepts targeting Russians that might involve Trump aides, on January 3, CIA and FBI (and Treasury, which is also part of this inquiry) might have gotten their own copies, with FBI’s likely stored in an ad hoc database connected with the investigation (and therefore harder to find outside of the CI team investigating it). Nevertheless, the NYT story certainly suggests that Obama’s Administration worked to ensure that Trump couldn’t easily dismantle the investigation into his associates, while hiding the names of Russian spies and other informants. The question is whether it is appropriate to protect an ongoing investigation like that.

Breitbart gets an important detail wrong, however.

It treats the preservation of evidence — something more closely tied to the 12333 sharing and the investigation into people like Manafort and Carter Page — as part of the Jeff Sessions story. It is true that NYT ultimately added the Sessions story to its evidence preservation story, but that was added almost two hours after the story was first posted, to match the WaPo story.

Nevertheless, Breitbart, in a piece written by Trump’s campaign biographer in the rag until recent run by Trump’s consigliere Steve Bannon, links the two, tying this preservation of the ongoing investigation to the events that led to Sessions’ recusal.

Trump goes batshit in response Sessions’ recusal and then reads a misleading story placed in Bannon’s rag

All this is noteworthy because Trump was apparently already lashing out because Sessions recused himself.

Mr. Trump’s mood was said to be explosive before he departed for his weekend in Florida, with an episode in which he vented at his staff. The president’s ire was trained in particular on Donald F. McGahn, his White House counsel, according to two people briefed on the matter.

Mr. Trump was said to be frustrated about the decision by Jeff Sessions, his attorney general, to recuse himself from participating in any investigations of connections between the Trump campaign and Russia. Mr. Trump has said there were no such connections.

It’s particularly interesting that Trump attacked McGahn, because after what may have been a significant delay this week, he told White House staffers to retain records that may be relevant to the investigation. In addition, Sessions had informed McGahn he was recusing even as Trump was publicly claiming there was no reason to do so.

That’s the backdrop for the moment when Trump read the Breitbart article (I wonder who put it in his hands? Robert Costa reported that Bannon “is working closely with Trump on combating what he calls the ‘deep state’ in intel comm, per multiple people at WH”) and went on a Twitter rant complaining. The rant starts with the same projection he engaged in last night, suggesting Democratic meetings with Sergey Kislyak (about which no one lied about under oath) were just as damning as Sessions’ failure to disclose his own meetings with the Russian Ambassador.

He then immediately transitioned back and forth between the confused allegations from the original Mensch piece to Sessions again.

Which Trump then expands to suggest something even Breitbart did not — that Obama himself ordered the wiretap on Trump.

Trump’s accusations have led a range of sources to deny that Obama ordered the wiretap in both the NYT,

One former senior law enforcement official who worked under Mr. Obama said that it was “100 percent untrue” that the government had wiretapped Mr. Trump, and that the current president should be pressed to offer any evidence for his assertion.

Ben Rhodes, a former top national security aide to Mr. Obama, said in a Twitter message directed at Mr. Trump on Saturday that “no president can order a wiretap” and added, “Those restrictions were put in place to protect citizens from people like you.”

And in WaPo,

Kevin Lewis, a spokesman for Obama, said in a statement early Saturday afternoon: “A cardinal rule of the Obama Administration was that no White House official ever interfered with any independent investigation led by the Department of Justice. As part of that practice, neither President Obama nor any White House official ever ordered surveillance on any U.S. citizen. Any suggestion otherwise is simply false.”

Why do people believe Trump on Twitter?

In spite of the fact that Trump’s information can be pretty clearly attributed to the Breitbart piece, and the allegations about Trump Tower in it can be pretty clearly shown to be unsubstantiated, both the right and the left took Trump’s tirade to be some kind of confirmation, as if he just got briefed by the spooks that they’ve been listening in on this calls.

Trump hasn’t been bugged. It’s quite likely a number of Trump’s close associates are, after incriminating information showed up about or involving them on other wiretaps. There’s zero reason to believe Obama ordered them, not least because everyone involved believed Obama was responding too nonchalantly to the Russian accusations.

Trump’s associates are bugged, to the extent one or more of them are directly targeted rather than being collected incidentally, because they’re suspected of being Russian assets. That’s one of the key points of FISA, to use it to investigate possible spies working for foreign governments.

But because of the frenzy caused by Trump’s response to the Breitbart story, people are taking as true Trump’s claim he has been bugged, with Democrats claiming this is proof that Trump himself is in the crosshairs and normally surveillance loving Republicans suggesting using FISA to do what FISA is supposed to do is an abuse.

Remember, at least according to Sessions, he had decided to recuse before the WaPo disclosures on his ties with Kislyak. Whether or not that’s true, Trump is furious that Sessions recused even after a clear conflict became known.

And in response he tried — with a great deal of success — to discredit the very notion of this investigation.

Update: NYT updated their piece to reveal that WHCO Don McGahn is chasing down the purported FISA order covering Trump and his associates.

But a senior White House official said that Donald F. McGahn II, the president’s chief counsel, was working on Saturday to secure access to what the official described as a document issued by the Foreign Intelligence Surveillance Court authorizing surveillance of Mr. Trump and his associates. The official offered no evidence to support the notion that such a document exists; any such move by a White House counsel would be viewed at the Justice Department as a stunning case of interference.

Based on the assumption there is a FISA order covering at least some of his close associates, but probably not one covering him, understand what has happened here:

  1. Trump’s Attorney General, who claims he had already decided to recuse, recused after his nomination lies were exposed, meaning he no longer controls the investigation into his boss
  2. A misleading article written in response to that recusal led Trump to claim he was being targeted
  3. Based on the claim, Trump sent out his WHCO to find a FISA order probably not targeting him but probably targeting his aides
  4. Having just been deprived of visibility and control over the investigation, Trump is forcibly obtaining another way to control it
Share this entry

Reuters Confirms Krebs’ Supposition on Russian Treason Charges

/5 Comments/in , /by

Earlier this month, I noted Brian Krebs’ supposition on the source of the Russian treason charges against some FSB officers. He suggested the charges arose from an old grudge that spam businessman Pavel Vrublevsky had against two of the guys who got charged. Vrublevsky has long wanted to prove that they leaked information on his operations.

[T]he accusations got me looking more deeply through my huge cache of leaked ChronoPay emails for any mention of Mikhaylov or Stoyanov — the cybercrime investigators arrested in Russia last week and charged with treason. I also looked because in phone interviews in 2011 Vrublevsky told me he suspected both men were responsible for leaking his company’s emails to me, to the FBI, and to Kimberly Zenz, a senior threat analyst who works for the security firm iDefense (now owned by Verisign).

In that conversation, Vrublevsky said he was convinced that Mikhaylov was taking information gathered by Russian government cybercrime investigators and feeding it to U.S. law enforcement and intelligence agencies and to Zenz. Vrublevsky told me then that if ever he could prove for certain Mikhaylov was involved in leaking incriminating data on ChronoPay, he would have someone “tear him a new asshole.”

As it happens, an email that Vrublevsky wrote to a ChronoPay employee in 2010 eerily presages the arrests of Mikhaylov and Stoyanov, voicing Vrublevsky’s suspicion that the two men were closely involved in leaking ChronoPay emails and documents that were seized by Mikhaylov’s own division — the Information Security Center (CDC) of the Russian Federal Security Service (FSB).

Today, Reuters confirms Vrublevsky’s role in the arrest (as well as identifies the fourth person, Georgy Fomchenkov, arrested in the case).

The source connected to the investigation said the arrests were a result of accusations first made in 2010 by Pavel Vrublevsky, a Russian businessman and founder of ChronoPay, an online payments company. Vrublevsky told Reuters he had also learned that the arrests were a response to his allegations: that Stoyanov and Mikhailov had passed secrets on to American firms.

This makes a lot of sense. Notably, it explains why Kaspersky attributes Ruslan Stoyanov’s charges to actions that precede his time at the firm.

Reuters does not, however, pursue the other connection Krebs made — the long-term association between the operator of King Servers, Vladimir Fomenko, who has been named in association with the hack — and Vrublevsky.

My suspicion is that the King Servers connection identified other associations that were far more sensitive for Russia than just an old spam business grudge. And that’s why Vrublevsky is finally getting his revenge.

Update: Just to add two bits to this, because people are reading the Reuters story to suggest there’s no tie to the DNC hack. Not even Reuters states that. On the contrary, a source “connected to the investigation” states sometimes Russia uses old charges to go after people on new ones (actually we do this too, especially where the old charges can be prosecuted without exposing classified information).

Neither Vrublevsky nor the source connected with the investigation offered an explanation as to why they believe the Russian authorities would resurrect such an old case seven years after the allegations were first made.

However, the source said he believed the case may not be the sole reason why Russian authorities had decided to arrest the men now: in his experience, he said, Russian authorities at times use old cases as a way of charging people suspected of later crimes.

And Krebs made the connection to Vrublevsky because his company translated the denial for King Servers.

Fomenko issued a statement in response to being implicated in the ThreatConnect and FBI reports. Fomenko’s statement — written in Russian — said he did not know the identity of the hackers who used his network to attack U.S. election-related targets, but that those same hackers still owed his company USD $290 in unpaid server bills.

A English-language translation of that statement was simultaneously published on ChronoPay.com, Vrublevsky’s payment processing company.

“The analysis of the internal data allows King Servers to confidently refute any conclusions about the involvement of the Russian special services in this attack,” Fomenko said in his statement, which credits ChronoPay for the translation. “The company also reported that the attackers still owe the company $US290 for rental services and King Servers send an invoice for the payment to Donald Trump & Vladimir Putin, as well as the company reserves the right to send it to any other person who will be accused by mass media of this attack.” [italics mine]

Krebs suggested the complaint about unpaid bills sounded like Vrublevsky humor.

Share this entry

Four Details about Surveillance and the Flynn Ouster

/60 Comments/in , /by

It turns out Trump is on pace to fire a person every week, just like in his reality show. As you surely know, Mike Flynn has been ousted as National Security Advisor, along with his Deputy, KT McFarland.

There has been some confusion about what intelligence the spooks who just caused Flynn to be fired relied on. So let’s start with this detail from last night’s WaPo story:

After the sanctions were rolled out, the Obama administration braced itself for the Russian retaliation. To the surprise of many U.S. officials, Russian President Vladimir Putin announced on Dec. 30 that there would be no response. Trump praised the decision on Twitter.

Intelligence analysts began to search for clues that could help explain Putin’s move. The search turned up Kislyak’s communications, which the FBI routinely monitors, and the phone call in question with Flynn, a retired Army lieutenant general with years of intelligence experience.

From that call and subsequent intercepts, FBI agents wrote a secret report summarizing ­Flynn’s discussions with Kislyak.

That is, in response to questions elicited by Putin’s response, analysts actually read the intercepts of the Flynn-Kislyak call, which led to further monitoring of the conversations. And contrary to what HPSCI Chair Devin Nunes is whining, FBI would have access to Flynn’s side of the call right away, because they would own the tap (and in any case, they’d get unminimized copies of anything from NSA).

Some have pointed to this passage to suggest that the FBI was always listening in.

U.S. intelligence reports during the 2016 presidential campaign showed that Kislyak was in touch with Flynn, officials said. Communications between the two continued after Trump’s victory on Nov. 8, according to officials with access to intelligence reports on the matter.

It’s quite likely that’s not the case. After all, even Michael McFaul (who served as Ambassador to Russia at the beginning of the Obama Administration) said it was normal to have such calls before inauguration. Moreover, the FBI wouldn’t need to access the content of communications to learn that they were taking place. The metadata would be enough. And the actual content of the contacts would remain in some server in Utah.

Also, some have suggested that Flynn must be the Trump associate against whom a single FISA order was obtained in October. That’s unlikely, first of all, because if there were a FISA order on Flynn, then the FBI wouldn’t have needed the weird Putin response to lead them to read the actual content of calls (not to mention, the WaPo is clear that the contacts were collected as a result of normal monitoring of a foreign diplomat). Furthermore, most reports of that FISA order suggest the FBI first asked for four orders (in June and July) but only got one, in October. So it’s likely that FISA order covers another of Trump’s Russian buddies.

Finally, remember that for a great deal of SIGINT, FBI wouldn’t need a warrant. That’s because Obama changed the EO 12333 sharing rules just 4 days after the IC started getting really suspicious about Flynn’s contacts with Russia. That would make five years of intercepts available to FBI without a warrant in any counterintelligence cases, as this one is.

Update: Corrected KT McFarland instead of KC. Also, I’ve been informed she’ll stick around until Trump names a new NSA.

Share this entry

How Hal Martin Stole 75% of NSA’s Hacking Tools: NSA Failed to Implement Required Security Fixes for Three Years after Snowden

/4 Comments/in , , /by

The other day, Ellen Nakashima reported that Hal Martin, the Booz Allen contractor who has been in custody for months based on allegations he stole terabytes of NSA’s hacking tools, may be indicted this week. The story raises some interesting questions — such as how, absent some proof that Martin leaked this information to a third party, prosecutors intend to distinguish Martin’s hoarding from David Petraeus’ sharing of code word information with his girlfriend Paula Broadwell. One detail Nakashima included — that Martin had stolen “operational plans against ‘a known enemy’ of the United States” — may suggest prosecutors plan to insinuate Martin stole the information to alert that known enemy (especially if the known enemy is Russia).

All that said, the detail in Nakashima’s story that has attracted the most notice is the claim that Martin stole 75% of NSA’s hacking tools.

Some U.S. officials said that Martin allegedly made off with more than 75 percent of TAO’s library of hacking tools — an allegation which, if true, would be a stunning breach of security.

Frankly, this factoid feels a lot like the claim that Edward Snowden stole 1.5 million documents from NSA, a claim invented at least in part because Congress wanted an inflammatory detail they could leak and expand budgets with. That’s especially true given that the 75% number comes from “US officials,” which sometimes include members of Congress or their staffers.

Still, the stat is pretty impressive: even in the wake of the Snowden leak, a contractor was able to walk out the door, over time, with most of NSA’s most dangerous hacking tools.

Except it should in no way be a surprise. Consider what the House Intelligence Report on Snowden revealed, which I mentioned here. Buried way back at the end of the report, it describes how in the wake of Snowden’s leaks, NSA compiled a list of security improvements that would have stopped Snowden, which it dubbed, “Secure the Net.” This initiative included the following, among other things:

  • Imposing two person control for transferring data by removable media (making it harder for one individual to put terabytes of data on a thumb drive and walk out the door with it)
  • Reducing the number of privileged and authorized data transfer agents (making it easier to track those who could move terabytes of data around)
  • Moving towards continuous evaluation model for background investigations (which might reveal that someone had debt problems, as Martin did)

By July 2014, the report reveals, even some of the most simple changes included in the initiative had not been implemented. On August 22, 2016 — nine days after an entity calling itself Shadow Brokers first offered to auction off what have since been verified as NSA tools — NSA reported that four of the initiatives associated with the Secure the Net remained unfulfilled.

All the while, according to the prosecutors’ allegations, Martin continued to walk out of NSA with TAO’s hacking tools.

Parallel to NSA’s own Secure the Net initiative, in the intelligence authorization for 2016 the House directed the DOD Inspector General to assess NSA’s information security. I find it interesting that HPSCI had to order this review and that they asked DOD’s IG, not NSA’s IG, to do it.

DOD IG issued its report on August 29, 2016, two days after a search of Martin’s home had revealed he had taken terabytes of data and the very day he was arrested. The report revealed that NSA needed to do more than its proposed fixes under the Secure the Net initiative. Among the things it discovered, for example, is that NSA did not consistently secure server racks and other sensitive equipment in data centers, and did not extend two-stage authentication controls to all high risk users.

So more than three years after Snowden walked out of the NSA with thousands of documents on a thumb drive, DOD Inspector General discovered that NSA wasn’t even securing all its server racks.

“Recent security breaches at NSA underscore the necessity for the agency to improve its security posture,” The HPSCI report stated dryly, referring obliquely to Martin and (presumably) another case Nakashima has reported on.

Then the report went on to reveal that CIA didn’t even require a physical token for general or privileged users of its enterprise or mission systems.

So yes, it is shocking that a contractor managed to walk out the door with 75% of NSA’s hacking tools, whatever that means. But it is also shocking that even the Edward Snowden breach didn’t lead NSA to implement some really basic security procedures.

Share this entry