Thursday Morning: Number 49

/38 Comments/in , , /by

Name day of Saint Simon (Simeon), and Greek name day for Leon and Agapitos, it’s also the 49th day of the year, only 317 more to go. Make the best of it, especially if your name is Simon, Leon, or Agapitos.

Hollywood hospital paid ransom — $17K in bitcoin, not millions
See the official statement linked in this updated report. Speed and efficiency drove the payment. Given the difference between the original amount reported and the amount paid in ransom, one might wonder if there was a chaining of devices, or if many less important devices will be bricked.

Laser pointed at Pope Francis’ plane over Mexico
Someone pointed a laser at the Pope’s flight just before it landed in Mexico City yesterday, one of the highest profile incidences of “lasering” to date. The incident follows an international flight forced back to Heathrow on Monday after one of its pilots suffered eye injury from a laser. Thousands of laserings happen every year; it’s illegal in the U.S. and the U.K. both, but the U.S. issues much stiffer penalties including fines of $10,000 and prison time. If Mexico doesn’t already treat lasering firmly, it should after this embarrassing and threatening incident.

Air strike on Doctors Without Borders/Médecins Sans Frontières’ Syrian hospital spurs call for investigation
It’s absolutely ridiculous how many MSF medical facilities have been hit air strikes over the last year, the latest west of Aleppo in Syria. MSF has now called for an independent investigation into this latest attack which killed nine medical personnel and more than a dozen patients. This particular strike is blamed on the Syrian government-led coalition, but Russia and the U.S. have also been blamed for attacks on MSF facilities this year, including the hospital in Kunduz, Afghanistan last October. You’d think somebody had it out for MSF specifically.

Is China rousing over Korean peninsula escalation?
Tension spawned by North Korea’s recent nuclear test, missile and satellite launches, as well as South Korea’s pull back from Kaesong industrial complex and U.S. F-22 flyovers have increased rhetoric in media.

Just as it is in the U.S., it’s important to note the origin and politics of media outlets covering China. GBtimes, for example, covers Chinese stories, but from Finland. ~head scratching~

All Apple, all the time
A huge number of stories published over the last 24 hours about Judge Sym’s order to Apple regarding unlocking capability on San Bernardino shooter Syed Farook’s iPhone.

I wonder if this is really a Third Amendment case, given the lack of daylight between the FBI and the U.S. military by way of Joint Terrorism Task Force involvement, and the case at hand in which a non-U.S. citizen’s illegal activities (Farook’s wife Tashfeen Malik) may have triggered related military counterterrorism response. Has the U.S. government, by demanding Apple create code to permit unlocking the shooter’s iPhone, insisted on taking private resources for government use? But I’m not a lawyer. What do I know?

That’s it for now. Thursday, February 18th is also “Teen Missed the Bus Day”; ‘Agapitos’ he is not at the moment. Kid’s going to owe me some time helping with the next morning post.

Share this entry

Implementation Day Fallout: Neocons Have Nuclear Meltdown Over Prisoner Exchange

/34 Comments/in , /by

The main editorial in today’s New York Times puts into proper prospective the momentous events of this past weekend. The declaration of Implementation Day for the deal negotiated over the past two years between the P5+1 group of nations and Iran merits the title of the editorial: “A Safer World, Thanks to the Iran Deal“. Just consider the import of what has been accomplished through this incredible feat of diplomacy:

This is a moment many thought would never come: Iran has delivered on its commitment under a 2015 agreement with the United States and other major powers to curb or eliminate the most dangerous elements of its nuclear program. The world is now safer for this.

The International Atomic Energy Agency verified on Saturday that Iran has shipped over 8.5 tons of enriched uranium to Russia so Iran can’t use that in bomb-making, disabled more than 12,000 centrifuges and poured concrete into the core of a reactor at Arak designed to produce plutonium.

On Sunday, President Obama hailed these steps as having “cut off every single path Iran could have used to build a bomb” and noted that engagement with Iran has created a “window to try to resolve important issues.” Most important of all, he said, “We’ve achieved this historic progress through diplomacy, without resorting to another war in the Middle East.”

Yet, as long-time commenter lefty665 pointed out this morning, in response to Implementation Day and the exchange of prisoners between the US and Iran, most of the chatter in the press (and especially its dominant conservative voices) dealt with the prisoner exchange:

Can you believe that most of the chatter has been about prisoner exchange and not the actualization of the nuclear deal and dropping of sanctions on Iran? Suppose they just happened in conjunction during a weekend news vacuum? Or was it a conscious, “Here, watch this hand” to distract attention. Either way we sure got a boatload of plain old American bozos baying at the moon as usual.

Perhaps peak “American bozos baying at the moon” over the prisoner exchange came in this editorial from the Wall Street Journal:

Now we know that Washington Post correspondent Jason Rezaian and three other Americans were hostages held by Iran in return for U.S. concessions, in case there was any doubt. And on Saturday we learned the ransom price: $100 billion as part of the completed nuclear deal and a prisoner swap of Iranians who violated U.S. laws. Iran’s Revolutionary Guards Corps should call this Operation Clean Sweep.

The timing of Iran’s Saturday release of the Americans is no accident. This was also implementation day for the nuclear deal, when United Nations sanctions on Tehran were lifted, which means that more than $100 billion in frozen assets will soon flow to Iran and the regime will get a lift from new investment and oil sales. The mullahs were taking no chances and held the hostages until President Obama’s diplomatic checks cleared.

/break/

All of this shows that the nuclear accord is already playing out as critics predicted. The West will tread gingerly in challenging Iran’s nonnuclear military and regional ambitions lest it renege on its nuclear promises. Iran has again shown the world that taking American hostages while Barack Obama is President can yield a diplomatic and military windfall.

Ah, but the Wall Street Journal is far from alone. Consider this fine baying at the moon from Senator Tom Cotton:

But in our elation over their safe return we must be careful not to forget the dangerous circumstances of their release. President Obama has appeased Iran’s terror-sponsoring ayatollahs, this time with a ‘prisoner’ swap to secure the overdue release of four innocent American hostages in return for which Iran gets seven lawfully convicted terrorists and criminals, fourteen terrorism prosecutions halted, $100 billion in sanctions relief, and an industrial-scale nuclear program-and Iran gets to keep Americans Siamak Namazi and Robert Levinson to extract future concessions. While we exult in the return of American hostages, one must also wonder how many more Americans will be taken hostage in the future as a result of President Obama’s shameful decision to negotiate with these terrorists.

Clearly, nothing but all-out war and the deaths of hundreds of thousands will appease Cotton and his blood-lust for Iran.

The anti-Iran echo chamber also fired up against the deal and even moved beyond just the prisoner exchange. Consider this fine bit of echo, which I found when United Against Nuclear Iran retweeted David Albright’s “The Good ISIS” retweeting Josh Rogin promoting an article he wrote (by himself this time, rather than with his usual Partner in Keeping the Neocon Flame Alive Eli Lake) warning us that now Iran is going to arm Assad (somehow I can’t get the full level of retweeting echo to embed…):

Remarkably, though, there were a couple of usually reliable voices in the anti-Iran rhetoric who did not come through. AP’s George Jahn seemed fresh out of “diplomatic sources” to smear Iran, as he co-authored a piece of straight up reporting on Implementation Day. Similarly, fear-monger Joby Warrick briefly returned from his Washington Post exile to environmental reporting this morning to write about the deal, but gave as much of his analysis to a likelihood of reformers forging ahead in Iran as hardliners bringing more peril. As with Jahn, David Sanger also wound up only writing straight reporting of Implementation Day without finding much smear material to leak against Iran.

Essentially simultaneous with the lifting of sanctions against Iran due to its nuclear technology, the US imposed new sanctions because of Iran’s recent testing of ballistic missile technology. I confess to not having followed the ballistic missile controversy as closely as the nuclear technology issue, but it did strike me as unfortunate to implement new sanctions right away. This could be an attempt by Obama to provide a bit of comfort to Iran haters in our government. I also haven’t looked deeply, but these sanctions are likely to be much more limited in scope and shouldn’t produce the same widespread damage to Iran’s economy as the nuclear sanctions.

Finally, we also saw a demonstration that Hillary Clinton is indeed now a candidate running for office and no longer the diplomat she was as Secretary of State. Her statement this weekend, published after the announcement of the prisoner exchange but before the prisoners actually left Iran, was overly belligerent in its call for the new ballistic missile sanctions. She almost certainly had to have known that the ballistic missile sanctions had been held in abeyance to finish the prisoner exchange negotiations, so her statement could be seen as a late threat to the prisoners actually being allowed to leave Iran.

Share this entry

Implementation Day: Full Description From JCPOA Text

/22 Comments/in , /by

It is now just over six months to the day since the historic P5+1 agreement with Iran was reached, dramatically decreasing Iran’s pathways to a nuclear weapon in return for dropping economic sanctions. Although some small amounts of cash have been freed up for Iran in this intervening period, this period has consisted almost exclusively of actions by Iran while the P5+1 group of nations awaits IAEA certification that Iran has met its obligations under the agreement. Only once this certification is in place will the sanctions against Iran be dropped. Removal of many of the existing sanctions (some that don’t relate to nuclear technology will remain in place and hawks in Congress are doing their best to keep or replace the ones due to be dropped) will be a huge development for Iran, as the sanctions have devastated Iran’s economy. We are hearing that Implementation Day will arrive any moment now, perhaps later today or tomorrow (maybe even before I finish writing this overdue post).

We are now over two years into the P5+1 process, and so it should come as no surprise that an agreement this long in the making is very long and quite detailed. This post will be quite long and dry, as what it will do is to set out the language from the agreement that describes just what has taken place to get us to Implementation Day and what will take place as a result. Many steps have been taken to get us to this pivotal moment, and it is important that we see them laid out in orderly fashion.

Implementation Day

From the White House document (pdf) providing us excerpts of the Joint Comprehensive Plan of Action (JCPOA), we have this:

Implementation Day is the date on which, simultaneously with the IAEA report verifying implementation by Iran of the nuclear-related measures described in Sections 15.1 to 15.11 of Annex V, the EU and the United States takes the actions described in Sections 16 and 17 of Annex V.

Links to the various documents that make up the text of the agreement itself can be found here.

Iran’s Actions Under JCOPA

As mentioned above, sections 15.1 to 15.11 describe the actions by Iran that the IAEA will certify to have been completed. I have put the topic for each of these entries into bold text and then provide the referenced material from the other parts of the agreement:
Read more

Share this entry

Ukraine’s Power System Hacking: Coordinated in More than One Way?

/12 Comments/in , /by

[original graphic: outsidethebeltway.com]

[original graphic: outsidethebeltway.com]

Analysis by industrial control team SANS determined hacking of Ukrainian electrical power utilities reported on 23-DEC-2015 was a coordinated attack. It required multiple phases to achieve a sustained loss of electricity to roughly 80,000 customers. SANS reported they “are confident” the following events occurred:

  • The adversary initiated an intrusion into production SCADA systems
  • Infected workstations and servers
  • Acted to “blind” the dispatchers
  • Acted to damage the SCADA system hosts (servers and workstations)
  • Action would have delayed restoration and introduce risk, especially if the SCADA system was essential to coordinate actions
  • Action can also make forensics more difficult
  • Flooded the call centers to deny customers calling to report power out

An investigation is still underway, and the following are still subject to confirmation:

  • The adversaries infected workstations and moved through the environment
  • Acted to open breakers and cause the outage (assessed through technical analysis of the Ukrainian SCADA system in comparison to the impact)
  • Initiated a possible DDoS on the company websites

The part that piques my attention is the defeat of SCADA systems by way of a multiphased attack — not unlike Stuxnet. Hmm…

Another interesting feature of this cyber attack is its location. It’s not near sites of militarized hostilities along the border with Russia. where many are of Russian ethnicity, but in the western portion of Ukraine.

More specifically, the affected power company served the Ivano-Frankivsk region, through which a large amount of natural gas is piped toward the EU. Note the map included above, showing the location and direction of pipelines as well as their output volume. Were the pipelines one of the targets of the cyber attack, along with the electricity generation capacity in the region through which the pipes run? Was this hack planned and coordinated not only to take out power and slow response to the outage but to reduce the pipeline output through Ukraine to the EU?

Share this entry

Thursday Morning: Chinese Fortune Not Looking Good

/9 Comments/in , , /by

If I was still a practicing Catholic, I’d be tempted to pray to St. Angela of Foligno today, her saint’s day. She was known for walking away from wealth and practicing charity. Given the Chinese stock market’s plummet overnight, St. Angela might be the right guide for this leg of the journey.

China halts stock trading after market sinks more than 7%
Second time this week trading has been suspended in China, with free fall blamed on Chinese currency, lower oil prices, economic slowdown. Some also blame North Korea’s nuclear test, but anecdotes from Pacific Rim region suggest news about the test did not receive the same level of attention across Asia as in U.S. Not much feedback at the time this post was written in news media about response to market by China’s leadership.

Richard Perle’s long tail seen in North Korea
Worth revisiting an analysis on North Korea’s nuclear program written last January by Siegfried Hecker of Stanford University’s Center for International Security and Cooperation (CISAC). I agree with Hecker’s assessment, only surprised he didn’t name Richard Perle specifically for the cascade of diplomatic fail on North Korea that began under the Bush administration.

Self-driving cars, now self-driving passenger drones?
At CES 2016, China’s Ehang Inc. showed off a single-passenger drone, launched by commands entered on a tablet. The drone has no backup controls, which sounds scary as hell for a passenger flying 1000-1600 feet above the ground at +60 miles per hour. I can hear George Jetson screaming, “Jane! Stop this crazy thing!” even now. FAA would be insane to permit these devices in the U.S.

Unnamed sources say VW may buy back polluting cars sold in U.S.
This report could be a trial balloon floated by Volkswagen to see if a buy-back or a hefty discount on a new car will appease U.S. owners of so-called “clean diesel” vehicles. Is this really a satisfactory remedy to fraud?

Rethinking Saudi Arabia’s future in a time of cheap oil
Another worthwhile read, if a bit shallow. It’s time to model not only Saudi Arabia’s future, but a global economy no longer dependent on oil; what risks are there for OPEC countries if they cannot depend on increasing oil revenues? Could political instability spread across Central and South America as it has in the Middle East and Africa? How will climate change figure into the equation, as it has in Syria? And then back to economic unease in China, where the market has reacted negatively to lower oil prices.

I’m out of pocket this morning, will check in much later. Talk amongst yourselves as usual.

Share this entry

Wednesday Morning: Otherwise Known as Mike-Mike-Mike Day

/17 Comments/in , , , /by

My condolences to the poor Mikes among us who have suffered every Hump Day since Geico’s TV commercial became so popular.

North Korean nuclear test detected by ‘earthquake’
About 10:00 a.m. North Korean local time Wednesday, an event measured at 5.1 on Richter scale occurred near the site of recent underground nuclear testing. South Korea described the “earthquake” as “man-made” shortly after. Interestingly, China called it a “suspected explosion” — blunt language for China so early after the event.

NK’s Kim Jong Un later confirmed a “miniaturized hydrogen nuclear device” had been successfully tested. Governments and NGOs are now studying the event to validate this announcement. The explosion’s size calls the type of bomb into question — was this a hydrogen or an atomic weapon?

I’m amused at the way the news dispersed. While validating the story, I searched for “North Korea earthquake”; the earliest site in the search was BNO News (a.k.a. @BreakingNews) approximately 45 minutes after the event, followed 17 minutes later by Thompson Reuters Foundation. Not Reuters News, but the Foundation, and only the briefest regurgitation of an early South Korean statement. Interesting.

Spies’ ugly deaths
Examining the deaths of spies from 250 AD to present, Lapham’s Quarterly shows us how very cruel humans remain toward each other over the last millennia. Clearly, vicious deaths have not foiled the use of spies.

Zika virus outbreak moves Brazil to caution women against pregnancy now
An outbreak of the mosquito-borne Zika virus in Brazil may be linked to a sizeable uptick in microcephalic births — 2782 this past year, compared to 150 the previous year. The Brazilian government is now cautioning women to defer pregnancy until the end of the rainy season when the virus’ spread has been slowed.

Compared to number of Ebola virus cases in 2014-2015, Zika poses a much greater risk in terms of spread and future affected population. The virus has not received much attention, in spite of more than a million cases in Brazil, as symptoms among children and adults are relatively mild.

BCP now available in Oregon over the counter
Thanks to recent state legislation, women in Oregon now have greater access to birth control pills over the counter. California will soon implement the same legislation.

That’s one way of reducing the future number of white male libertarian terrorists demanding unfettered use of public space and offerings of snacks.

Microsoft’s tracking users’ minutes in Windows 10
No longer content with tracking the number of devices using Windows operating system, Microsoft now measures how long each user spends in Windows 10. Why such granular measures? The company won’t say.

Worth remembering two things: 1) Users don’t *own* operating system software — they’re licensees; 2) Software and system holes open to licensors may be holes open to others.

New cross-platform ransomware relies on JavaScript*
Won’t matter whether users run Windows, Linux, Apple’s Mac OS: if a device runs JavaScript, it’s at risk for a new ransomware infection. Do read the article; this malware is particularly insidious because it hides in legitimate code, making it difficult to detect for elimination. And do make sure you keep backup copies of critical files off your devices in case you’re hit by this ransomware.

Buckle up tight in your bobsled. It’s all downhill after lunch, kids.

[* this word edited to JavaScript from Java./Rayne]

Share this entry

Big Game Trash Talk

/70 Comments/in , , /by

The world is now one week post Paris attacks. War drums are being pounded, and the worst tendencies of American chicken hawks is in its full pageant grandeur. For being such an “exceptional” people, we sure have our head up our ass an awful lot. No, ISIS is not here to steal your baby or turn the south into a caliphate. Just stop and take a breath politicians. Even the “Reasonable Republican™”, John Kasich, wants to return the US Government to the Judeo-Christian crusades mentality. Get a grip.

Last weekend, it almost felt bad to focus on sporting games; this weekend it seems necessary to take the mind off the stupidity at hand. Locally, that comes in a rare afternoon game at Sun Devil Stadium between Arizona State and Arizona for the treasured Territorial Cup. Both teams are huge disappointments this year, especially the Sun Devils. Preseason, several experts thought ASU had a real shot at the College Football Playoff. That is down the tubes, as the Devils are at 5-5 and have fallen off the face of the map by poor play and atrocious coaching. But, hey, the winner today will be eligible for the Dung Fertilizer Bowl or whatever. Yay.

Iowa should roll to 11-0 easily over Purdue. But I think Michigan may have a tougher time against Penn State in Happy Valley; possible upset there. Ohio State is a 14.5 point favorite in the Big House against the visiting Spartans. Man, that is a lot of points, not sure about that. Northwestern at Wisconsin should be a nail biter even though the Badgers are highly favored, but go Fighting Journalists! The usual garbage ball will be on display in the Big-12 between TCU/Oklahoma and Baylor/Oklahoma State. Hard to be too in love with any of these teams, but both Oklahoma schools look to be the more solid.

For the second week in a row, the Cardinals are on NBC’s Sunday Night Football. Despite a couple of hiccups, the Cards took care of business, and the Squawks, last week in Seattle. This time they are home in the Big Toaster facing the Bengals. The Bengals are really good, although not invincible, as the Texans proved. Should be a great game, but too close to call. This is a little shocking, but I am pretty interested to see how Kirk Cousins and the Skins do in Carolina. Washington really seems to be jelling a little bit, but this is a stiff test. The other really big time matchup is the wounded Packers at the resurgent, and now NFC Norske leading Vikings. The Pack cannot lose four in a row can they?? The Eagles need to hold serve at home against an improving Tampa Bay squad, if they want any real shot at the playoffs. But they are down to Mark Sanchize at QB, is that enough?

It is a little early to talk NBA, but hollee shit, the Golden State Warriors are fun to watch and are kicking ass. Some war music for your Sabbath.

Share this entry

The Curious Case of Stuxnet and North Korea: Why the News-Dumped Confession?

/2 Comments/in , /by
Map, NK's proliferation trading partners (see PBS' Frontline: Kim's Nuclear Gamble)

Map, NK’s proliferation trading partners (see PBS’ Frontline: Kim’s Nuclear Gamble)

In news dump territory — 2:59 p.m. on a Friday afternoon following this last Memorial Day, to be exact — Reuters published an EXCLUSIVE story in which anonymous sources claimed the U.S. launched a cyber attack on North Korea using a modified version of Stuxnet.

This is hardly news. It’s rather a confirmation by an anonymous source, likely a government official, of the Stuxnet program’s wider aims. This was discussed here at emptywheel in 2013.

Far too much of North Korea’s nuclear energy development program looked like Iran’s for Stuxnet not to be a viable counter-proliferation tool if North Korea had succeeded with uranium enrichment.

And far too much information had been shared in tandem between North Korea, Iran, and Syria on nuclear energy and missile development (see image), for Stuxnet not to have a broader range of targets than Iran’s Natanz facility.

Let’s assume folks are savvy enough to know the Stuxnet program had more than Iran in its sights.

Why, dear “people familiar with the covert campaign,” was the confirmation to Reuters now — meaning, years after the likely attempt, and years after Stuxnet was discovered in the wild?

And how convenient this confession, five days before Kaspersky Lab revealed the existence of Duqu 2.0? Did someone “familiar with the covert campaign” believe the admission would be lost in Duqu-related news?

With the confession, though, begins a volley of exchanges:

  • North Korea has now shut down uncensored 3G wireless service to foreigners, likely in response to this confession. While most Americans were still basking in the slow pace of the national holiday week to the exclusion of foreign policy news, North Korea was certainly paying attention.
  • But NK also has a second reason for shutting down wireless. They may be anticipating increased numbers of foreign aid workers delivering foodstuffs, given their remarkable admission that their country is suffering from the worst drought in 100 years.
  • While not absolute proof that NK has halted their nuclear development, recent satellite imagery shows signs of construction but a reactor not in full operation. The publication of such observation hints broadly to NK’s leadership that the U.S. hasn’t given up on counter-proliferation.

It’s anybody’s guess what the next lob will look like, especially after NK’s foreign minister met with China for reasons believed connected to drought aid.

You can bet there will be some effort to exchange nuclear inspection access for trade and aid, as previously negotiated during Bill Clinton’s administration.

 

Share this entry

Vaporous Voids: Questions Remain About Duqu 2.0 Malware

/6 Comments/in , /by

Cybersecurity_MerrillCollegeofJournalismThe use of stolen Foxconn digital certificates in Duqu 2.0 gnaws at me, but I can’t put my finger on what exactly disturbs me. As detailed as reporting has been, there’s not enough information about this malware’s creation. Nor is there enough detail about its targeting of Kaspersky Lab and the P5+1 talks with Iran.

Kaspersky Lab carefully managed release of Duqu 2.0 news — from information security firm’s initial post and an op-ed, through the first wave of media reports. There’s surely information withheld from the public, about which no other entities know besides Kaspersky Lab and the hackers.

Is it withheld information that nags, leaving vaporous voids in the story’s context? Possibly.

But there are other puzzle pieces floating around without a home, parts that fit into a multi-dimensional image. They may fit into this story if enough information emerges.

Putting aside how much Duqu 2.0 hurts trust in certificates, how did hackers steal any from Foxconn? Did the hackers break into Foxconn’s network? Did they intercept communications to/from Foxconn? Did they hack another certificate authority?

If they broke into Foxconn, did they use the same approach the NSA used to hack Syria — with success this time? You may recall the NSA try to hack Syria’s communications in 2012, by inserting an exploit into a router. But in doing so, the NSA bricked the router. Because the device was DOA, the NSA could not undo its work and left evidence of hacking behind. The router’s crash took out Syria’s internet. Rapid recovery of service preoccupied the Syrians so much that they didn’t investigate the cause of the crash.

The NSA was ready to deny the operation, though, should the Syrians discover the hack:

…Back at TAO’s operations center, the tension was broken with a joke that contained more than a little truth: “If we get caught, we can always point the finger at Israel.”

Did the NSA’s attempted hack of Syria in 2012 provide direction along with added incentive for Duqu 2.0? The failed Syria hack demonstrated evidence must disappear with loss of power should an attempt crash a device — but the malware must have adequate persistence in targeted network. NSA’s readiness to blame Israel for the failed Syria hack may also have encouraged a fuck-you approach to hacking the P5+1 Iran talks. Read more

Share this entry

US Extended Its Special Relations with the Saudis another Decade

/3 Comments/in /by

Back in 2013, then Saudi Interior Minister and current Crown Prince Mohammed bin Nayef came to the US for a great coming out party (and, seemingly, to herald Obama’s second term foreign policy team). While here, he signed an extension to the Technical Cooperation Agreement first signed back in 2008.

The TCA is basically a cooperation agreement to get direct help from us–including training and toys–to protect Saudi infrastructure and borders, particularly its oil infrastructure. As part of it, the Saudis are developing a 35,000 person force, including a paramilitary force, with US training. But unlike our other defense agreements with the Saudis (and like theJoint Commission for Economic Cooperation it was explicitly modeled on, which had been in place from the 1970s until 1999), this one includes a special bank account to fund it all.

The Kingdom of Saudi Arabia will establish a dollar disbursement account in the United States Treasury. Any funds required by the United States for agreed-upon projects will be deposited by the Kingdom of Saudi Arabia in the account in such amounts and at such times as are mutually agreed, and the United States may draw on this account in the amount so agreed. If upon termination of this agreement there are funds remaining in the special account after all expenses have been paid, such funds will be refunded to the Kingdom of Saudi Arabia.

That account could fund contractors and toys. But at least at first, it could not fund US government employees.

The United States will pay for all costs of U.S. Government direct-hire employees assigned to the Kingdom of Saudi Arabia to perform services under this Agreement.

Less than a year into the agreement, that changed, with MbN agreeing the Saudis would also pay for US personnel salaries.

MbN was grateful for USG efforts and assured us full funding would soon follow the signing of these documents, and reconfirmed the SAG’s commitment to pay all OPM-MOI costs. He also agreed to fund all USG employee costs, concurring with any necessary TCA changes to allow such payments, commenting that “hopefully the lawyers will not cause us any problems.”

And already by the time MbN made that agreement, the US was installing military and State employees to oversee this effort (see more on these personnel here).

After unsuccessfully trying to ask for the TCA, I FOIAed it, which I only finally got yesterday. For the most part, it wasn’t worth the wait, as it was only a formal extension of the deal.

That said, I find it interesting that rather than extend the deal 5 years (the original term of the TCA), they instead extended it over a decade, until May 15, 2023.

Given all the events in the Middle East, January 2013 was an interesting time for MbN to come to the US to preemptively sign this TCA. And it’s interesting they’ve extended it a full decade. I’m also curious about the timing of this release, as MbN just returned to the US (this time as part of the Gulf summit), for the first time as the US-backed heir to the Saudi throne (though maybe it just takes State 2 years to release a totally unclassified document as a matter of course?).

Share this entry