[Photo: National Security Agency, Ft. Meade, MD via Wikimedia]

Reality Winner Claims NSA’s Collection on Russians Had Already Been Compromised

I guess today is Reality Winner day.

As Trevor Timm describes, Winner is trying to get comments she made in an interview with the FBI thrown out, arguing she was for legal purposes in custody yet did not receive a Miranda warning. In support of that argument, she submitted a declaration describing what happened to her that day — basically how 10 male FBI agents showed up to search her house, with two taking her to a back room to interrogate her.

In addition to all the details about how many male FBI agents there were and how they had her stand in the fenced yard when they were done interrogating her, she describes how she answered when they asked whether she believed she had compromised sources and methods.

16. Law enforcement specifically asked me whether I believed the disclosure of the document compromised the “sources and methods” contained in the document, to which I advised that it was likely those “sources and methods” had already been compromised.

17. I specifically told law enforcement that, “whatever we were using had already been compromised, and that this report was just going to be like a one drop in the bucket.”

Critics will argue that this wasn’t Winner’s operational judgment to make, though it does reveal that even in this interview, she attested that she didn’t think her leak would damage intelligence.

But I’m interested in her claim that these collection points were already burned.

While many people complain that the IC has withheld too much information about the Russian hack, there are some details that have been released that are downright surprising. Sure, we don’t know who leaked the Steele dossier, but it may have led to the exposure (and possible execution) of his sources. We do know, however, that DOJ itself revealed (in the Yahoo indictment) that it collected email conversations of FSB officers among themselves. We’ve heard vague reporting, too, that Russians figured out they were tapped and went silent accordingly. One early report I got about Russia’s involvement in the DNC hack explained that the suspected hackers rolled up a good deal of their infrastructure after it was exposed.

But Winner (who’s an analyst, remember, not a technical person) claims, that “whatever we were using had already been compromised” with apparent confidence.

Which raises questions whether that’s based on actual knowledge of how Russians were responding to our spying.

Guccifer 2.0: What about those DCCC and “Clinton Foundation” documents

In this post, I addressed one recent and one not-recent research finding pertaining to Guccifer 2.0 (I had already raised both of them, but I addressed them at more length). I pointed out the conclusions of the research itself (that Guccifer 2.0 put Russian metadata in the first documents he released intentionally, just as he had put the name Felix Dzerzhinsky in one; and that some files released by proxy in September were copied locally) were not that controversial and certainly don’t refute the Intelligence Community conclusion that Russia was behind these hacks.

I also pointed out something that came out of that and related research — the understanding that the documents Guccifer 2.0 first released weren’t the DNC documents released to WikiLeaks at all, and so had absolutely no bearing on the question of whether Guccifer 2.0 provided the DNC documents to WikiLeaks. The NYer’s Raffi Khatchadourian used that same data as part of his argument that Russia was clearly working with WikiLeaks.

Cui bono from DCCC documents

Not only does all this analysis focus on the DNC when it really should focus on Hillary documents, but it almost entirely ignores the later documents Guccifer 2.0. For example, here’s how Adam Carter dismisses the import of the DCCC documents in considering attribution.

The documents he posted online were a mixture of some from the public domain (eg. already been published by OpenSecrets.org in 2009), were manipulated copies of research documents originally created by Lauren Dillon (see attachments) and others or were legitimate, unique documents that were of little significant damage to the DNC. (Such as the DCCC documents)

The DCCC documents didn’t reveal anything particularly damaging. It did include a list of fundraisers/bundlers but that wasn’t likely to cause controversy (the fundraising totals, etc. are likely to end up on sites like OpenSecrets, etc within a year anyway). – It did however trigger 4chan to investigate and a correlation was found between the DNC’s best performing bundlers and ambassadorships. – This revelation though, is to be credited to 4chan. – The leaked financial data wasn’t, in itself, damaging – and some of the key data will be disclosed publicly in future anyway.

Even ignoring that some of these documents provided the DCCC’s views of races and candidates, the notion that data will one day become public in no way minimizes the value of having that data in time for an electoral race, which is what Guccifer 2.0’s release of them did.

Even Khatchadourian simply nods at what, given the timing, are likely the DCCC documents. After laying out what are suggestions of pressure Assange’s source is exerting on WikiLeaks in the early summer, he reveals that in August, Guccifer 2.0 considered leaking documents through Emma Best (who, notably, had just linked the Turkish emails that WikiLeaks would get blamed for at the end of July).

In mid-August, Guccifer 2.0 expressed interest in offering a trove of Democratic e-mails to Emma Best, a journalist and a specialist in archival research, who is known for acquiring and publishing millions of declassified government documents. Assange, I was told, urged Best to decline, intimating that he was in contact with the persona’s handlers, and that the material would have greater impact if he released it first.

Given the mid-August date, those emails are likely the DCCC emails that Guccifer 2.0 first announced on August 12 by publishing the contact information of members and their key staffers (one of the several things over the course of the operation that got suppressed by providers). While Khatchadourian doesn’t dwell on what happened to them instead of release via Best, it is significant: Guccifer 2.0 reached out to local journalists to report on the state-level data. That is, for a limited set of what must have been available at DCCC, a set focused on swing states (which, contrary to what Carter suggests, cannot be bracketed off from the top of the ticket in a presidential year), Guccifer 2.0 worked to magnify these documents too, with mixed success.

It’s hard to imagine why anyone associated with the Democratic party or Crowdstrike  — who both have been accused of being the real insiders behind the Wikileaks documents — would release those documents, no matter how uninteresting people outside of politics find them. Likewise, even the most bitter Bernie supporter would have little reason to help Republicans get elected to Congress. Leaking boring but useful documents that benefit just Republicans doesn’t even fit with the hacktivist persona Guccifer 2.0 presented as. That leaves GOPers, as well as the Russians if they were siding with the GOP, with sufficient motive to hack and leak them.

Moreover, given questions about whether Republicans incorporated data made available by Russia in their own data analysis, the release of these documents may have provided a way to do that while maintaining plausible deniability. This stuff could get more interesting now, given that Ron DeSantis, who benefitted from these state level leaks, wants to cut the Mueller investigation short.

What about Guccifer 2.0’s Clinton Foundation headfake?

Which brings us to some other still unexplained events from last year: Roger Stone’s promises that WikiLeaks would release the Clinton Foundation emails in early October. A lot gets missed in the public narrative of that period. Stone turned out to repeatedly promise files, only to be wrong, which (on its face, anyway) undermines Democratic accusations he was in cahoots with WikiLeaks. And ultimately, WikiLeaks didn’t publish the Clinton Foundation files; instead, it released the Podesta document that included excerpts of Hillary’s speeches. Though — again, contrary to what the Democrats now complain — those were completely drowned out by the Access Hollywood release. No one mentions, either, that Stone sort of sulked away, uninterested in WikiLeaks emails anymore, moving on to Bill Clinton rape allegations. What happened?

Here’s what I laid out in April.

CNN has a timeline of many of Stone’s Wikileaks related comments, which actually shows that in August, at least, Stone believed Wikileaks would release Clinton Foundation emails (a claim that derived from other known sources, including Bill Binney’s claim that the NSA should have all the Clinton Foundation emails).

It notes, as many timelines of Stone’s claims do, that on Saturday October 1 (or early morning on October 2 in GMT; the Twitter times in this post have been calculated off the unix time in the source code), Stone said that on Wednesday (October 5), Hillary Clinton is done.

Fewer of these timelines note that Wikileaks didn’t release anything that Wednesday. It did, however, call out Guccifer 2.0’s purported release of Clinton Foundation documents (though the documents were real, they were almost certainly mislabeled Democratic Party documents) on October 5. The fact that Guccifer 2.0 chose to mislabel those documents is worth further consideration, especially given public focus on the Foundation documents rather than other Democratic ones. I’ll come back to that.

Throughout the week — both before and after the Guccifer 2.0 release — Stone kept tweeting that he trusted the Wikileaks dump was still coming.

Monday, October 3:

Wednesday, October 5 (though this would have been middle of the night ET):

Thursday, October 6 (again, this would have been nighttime ET, after it was clear Wikileaks had not released on Wednesday):

On October 7, at 4:03PM, David Fahrenthold tweeted out the Access Hollywood video.

On October 7, at 4:32 PM, Wikileaks started releasing the Podesta emails.

Stone didn’t really comment on the substance of the Wikileaks release. In fact, even before the Access Hollywood release, he was accusing Bill Clinton of rape, and he continued in that vein after the release of the video, virtually ignoring the Podesta emails.

Two parts of this narrative now look very different, given what we know now. As noted, Kachadourian argues that Guccifer 2.0 served as a pressure point for WikiLeaks, pushing Assange to release things on the persona’s timeline. I’ve long been puzzled (for obvious reasons) by Guccifer 2.0’s response to my tweet, calling out his supposed October 4 release of Clinton Foundation documents as the bullshit it was.

There was no private conversation behind this — Guccifer 2.0 and I never spoke by DM. My guess is he chose to respond to my tweet because Glenn Greenwald immediately responded to me and took my debunking seriously, though Guccifer 2.0’s response was quick — within 45 minutes. And only after that tweet did he follow me. It was a rare unsolicited response to someone, and it was one of maybe three tweets he sent responding to a criticism. (Interesting side note: I realized when reviewing his tweets that a few of Guccifer 2.0’s tweets appear in Twitter’s count but are not visible.) In other words, Guccifer 2.0 apparently wanted to respond to my debunking, perhaps because Greenwald found them credible, thereby sustaining the claim he really had Clinton Foundation emails. But it happened at a time when Stone, too, was pushing WikiLeaks to release Clinton Foundation emails.

Now couple that information with the details of GOP rat-fucker Peter Smith’s attempt to hunt down Clinton Foundation emails. As Matt Tait describes, close to the July 22 release of the the DNC emails, Smith contacted him already having been contacted by someone who claimed to have copies of Hillary’s Clinton Foundation emails.

Over the course of a long phone call, he mentioned that he had been contacted by someone on the “Dark Web” who claimed to have a copy of emails from Secretary Clinton’s private server, and this was why he had contacted me; he wanted me to help validate whether or not the emails were genuine.

The WSJ explained that Smith could never authenticate any of the emails he got pitched, which is why they weren’t ever published, and recommended they be dealt to WikiLeaks.

So what if someone actually did deal those emails to WikiLeaks, authentic or not? What if Guccifer 2.0 somehow knew that? It would explain Stone’s certainty they’d come out, Guccifer 2.0’s attempt to claim he had them, and the back-and-forth in early October.

Incidentally, the latest stink in the right wing noise machine is that a guy trying to obtain more Hillary related emails via FOIA got denied because the public interest doesn’t outweigh Hillary’s privacy interests. [Deleted: this was one of the fake Assange accounts–thanks to  Arbed for heads up.] Assange claim he has duplicates.

To be clear, I don’t believe those are Clinton Foundation emails. But I find the possibility that Assange may still be getting and releasing materials damning to Hillary.

Guccifer 2.0’s other propaganda

Finally, it’s worth noting that these reassessments of Guccifer 2.0 largely look at the documents he released, out of context of the things he said.

I think that’s particularly problematic given this last two posts, which align with activities alleged to have ties to Russia. His second-to-last post was typically nonsensical (the FEC’s networks have nothing to do with vote counting). But it attributed any tampering with software to Democrats.


I’d like to warn you that the Democrats may rig the elections on November 8. This may be possible because of the software installed in the FEC networks by the large IT companies.

As I’ve already said, their software is of poor quality, with many holes and vulnerabilities.

I have registered in the FEC electronic system as an independent election observer; so I will monitor that the elections are held honestly.

I also call on other hackers to join me, monitor the elections from inside and inform the U.S. society about the facts of electoral fraud.

We’ve since learned (most recently in this NYT piece) that there was more risk of tampering with the vote count than initially revealed. And no matter whether or not you believe the Russians did it, there is no credible reason why Democrats would target turnout that they needed to win the election. This message, Guccifer 2.0’s last before the election, could only serve to give pre-emptive cover for any tampering that did get discovered.

Finally, there’s Guccifer 2.0’s last post, bizarrely posted months after he seemed to be done, capitalizing on legitimate complaints about the first Joint Analysis Report released on December 29 to suggest the evidence implicating him as Russian is fake.

The technical evidence contained in the reports doesn’t stand up to scrutiny. This is a crude fake.

Any IT professional can see that a malware sample mentioned in the Joint Analysis Report was taken from the web and was commonly available. A lot of hackers use it. I think it was inserted in the report to make it look a bit more plausible.

But several things are interesting about this post (in addition to the way it coincided with what Shadow Brokers claimed was going to be his last post). In spite of using the singular “this” to refer to the “reports,” Guccifer 2.0 claims that several reports tie him to Russia.

The U.S. intelligence agencies have published several reports of late claiming I have ties with Russia.

But the JAR actually doesn’t mention him at all. What does mention him is the Intelligence Community Assessment.

We assess with high confidence that the GRU used the Guccifer 2.0 persona, DCLeaks.com, and WikiLeaks to release US victim data obtained in cyber operations publicly and in exclusives to media outlets.

Guccifer 2.0, who claimed to be an independent Romanian hacker, made multiple contradictory statements and false claims about his likely Russian identity throughout the election. Press reporting suggests more than one person claiming to be Guccifer 2.0 interacted with journalists.

Guccifer 2.0’s silence about the ICA is all the more interesting given that the post — dated January 12 and so immediately after the leak of the Steele dossier — doesn’t mention that, but says the Obama Administration would release more fake information in the coming week.

Certainly, those who believe Guccifer 2.0 is not Russian even while noting his many false claims will take this post as gospel. But it’s worth noting that it doesn’t actually refute the substance of the claims made about Guccifer 2.0, rather than Russia.

Reassessing the Role of Guccifer 2.0 Should Not Terrify Analysts

I’m glad folks are still poking around the Guccifer 2.0 documents, and applaud the openness of the researchers to respond to criticism. Frankly, it’s a model those who made initial claims about Guccifer 2.0 — most egregiously, that Cyrillic metadata in a document adopting the name of Felix Dzerzhinsky would not be every bit as intentional as that graffiti — should adopt. There were errors in the early analysis of the Guccifer 2.0 persona (such as the assumption he was publishing DNC documents), that, with hindsight, are more clear. One particularly annoying one is the logic that because Guccifer 2.0 got caught pretending to be Romanian — a claim he backed off of in his FAQ a week later in any case — he had to be Russian. The unwillingness to revise early analysis only feeds the distrust of the Russian attribution.

That said, in my opinion nothing about the new analysis undermines the claim of Russian attribution, and the majority of the known evidence does support it (and has since been backed — for example — by Facebook, which has its own set of global data to draw from).

Update: I thought Stone was involved in the Smith effort. This article describes him as chatting to Guccifer 2.0 at the direction of Smith.

“The magnitude of what he was trying to do was kind of impressive,” Johnson said. “He had people running around Europe, had people talking to Guccifer.” (U.S. intelligence agencies have linked the materials provided by “Guccifer 2.0”—an alias that has taken credit for hacking the Democratic National Committee and communicated with Republican operatives, including Trump confidant Roger Stone—to Russian government hackers.)

On the New (and Not-So New) Claims about Guccifer 2.0

The initial files released by the persona Guccifer 2.0 on June 15, 2016 included — in addition to graffiti paying tribute to Felix Dzerzhinsky, the founder of Russia’s secret police — metadata deliberately set to Cyrillic (the metadata had previously been interpreted, implausibly even at the time, to be a mistake).

And a file later released on September 13, 2016 purportedly from Guccifer 2.0 but released via a magnet site and never linked on his WordPress site, was probably copied, locally, to a Linux drive somewhere in the Eastern time zone on July 5, 2016; the files were then copied to a Windows file on September 1, 2016.

Those are the fairly uncontroversial findings from two separate research efforts that have recently renewed debate over whether the conclusion of the intelligence community, that Russia hacked the DNC, is valid.

I’m going to do a two part post on this issue.

What to Read

As you might be able to figure out, nothing about those two conclusions at all dictates that the Intelligence Community conclusions that Russia is behind the hack of Democratic targets are wrong. The reason they’re so controversial is because they’ve been used, in tandem, to support claims that the IC conclusion is wrong, first in a (to me) unconvincing letter by the Veteran Intelligence Professionals for Sanity (chiefly Bill Binney, Kirk Wiebe, Ed Loomis, and Ray McGovern), and then in some even sloppier versions, most notably at the Nation. In between the original analysis and these reports are some other pieces making conclusions about the research itself that are in no way dictated by the research.

In other words, it’s all a big game of telephone, some research going in the front end and a significantly distorted message coming out the back end.

So before I get into what the two studies do show, let’s talk about what you should read. The first argument has been made by Adam Carter at his G2-space, which is laudable as a resource for documents on Guccifer 2.0, no matter what you think of his conclusions. There’s a ton in there, not all of which I find as persuasive as the argument pertaining to the Russian metadata. Happily, he made two free-standing posts demonstrating the RSID analysis (one, two). I first discussed this analysis here.

The RSID analysis showing that the cyrillic in Guccifer 2.0’s documents was actually intentional relies, in part, on the work of someone else, posting under the name /u/tvor_22. His post on this is worthwhile not just for the way it maps out how people came to be fooled by the analysis,  but for the five alternative explanations he offers. In in no way think those five possibilities are comprehensive, but I appreciate the effort to remain open about what conclusions might be drawn from the evidence.

Between those three posts, they show that the first five documents released by Guccifer 2.0 were all copied into one with certain settings set, deliberately, to the Russian language. That’s the first conclusion.

The forensics on copying was done by a guy posting under the name The Forensicator, whose main post is here. Note his site engages in good faith with the rebuttals he has gotten, so poke around and see how he responds.  He argues a bunch of things, most notably that the first copy of files released in September was copied locally back in July, perhaps from a computer networked to the host server. That analysis doesn’t rule out that the data was on some server outside of the DNC. I raised one concern about this analysis here.

Finally, for a more measured skeptical take — from someone also associated with VIPS who did not join in their letter — see Scott Ritter’s take. I don’t agree with all of that either, but I think a second skeptical view is worthwhile.

All of which is to say if you want to read the analysis — rather than conclusions that I think go well beyond the analysis — read the analysis. Assuming both are valid (again, I think the RSID case is stronger than the copying one), the sole conclusions I’d draw from them is that the Guccifer 2.0 figure wanted to be perceived as a Russian — something he succeeded in doing through far more than just metadata, though the predispositions of researchers and the press certainly made it easy for him. And, some entity that may associated with Guccifer 2.0 (but may also be a proxy)  is probably in the Eastern Time Zone, possibly (though not definitely) close to the DNC (or some other target server). That’s it. That’s what you need to explain if you believe both pieces of analysis.

Whatever explanation you use to explain the inclusion of Iron Felix in the documents (which is consistent with graffiti left in the hacked servers) would be the same one you use to explain why the metadata was set to Cyrillic; the IC and people close to the hack have explained that the hackers liked to boast. And the only explanation you need for the local copy is that someone associated with the Russians was close to DC, such as at the Maryland compound that got shut down.

Guccifer and the DNC … or DCCC … or Hillary

Since we’re examining these claims, there’s another part of the presentation on the RSID data (and Carter’s site generally), that deserves far more prominent mention than the current debate has given, because it undermines the framing of the debate. We’ve been arguing for a year about Russia’s tie to Guccifer 2.0 based on the persona’s claim to have provided DNC documents to WikiLeaks. But the documents originally released in the initial weeks by Guccifer 2.0 were, by and large, not DNC documents. As far as I know/u/tvor_22 was the first to note this. He describes that the Trump document first leaked only appears via other sources as an attachment to a Podesta email, though there are alterations in the metadata, as are three of the others, with the fifth coming from an unidentified source.

Let’s take the very first document posted by Guccifer2.0, which some security researchers have cited as ‘an altered document not properly sanitised.’ If we diff the raw copy — pasted into text documents — of both the original Trump document found in the Podesta emails and the Guccifer 2.0 version, ignoring white-spaces and tabs (diff -w original.txt altered.txt):

  • the table of contents has been re-factored.
  • many of the links are naked in the Guccifer2.0 version. (Naked as in not properly behind link titles, indicating Guccifer2.0’s version may have been an earlier draft.)
  • the error messages are in Russian.
  • None of the above quirks could be found in comparing 2,3, or 5.doc to their originals (100% textually equivalent). 4.doc could not be found on WikiLeaks for a comparison.

None of the textual content in any of these four ‘poorly sanitised’ documents has been altered, removed, or doctored. In other words all the differences you would expect from a copy and paste from one editor to another. So why bother copy and pasting into a new document at all? I wonder.

[1.doc’s original, 2.doc’s original, 3.doc’s original, 5.doc’original. 4.doc could not be found in Wikileaks. The bare texts of 2,3, and 5 are checksum equivalent.]

G2-space has posted an expansion of this analysis, by JimmysLlama. It provides a list for where the first 40 documents (covering Guccifer 2.0’s first two WordPress posts) can — or cannot — be found. The source for (roughly) half remains unidentified, the other half came from Podesta’s emails. At the very least, that reporting makes it clear that even for documents claimed (falsely) to be DNC documents, Guccifer had a broader range of documents than what WikiLeaks published.

That explains reporting from last summer that indicated the FBI wasn’t sure if WikiLeaks’ documents had come from Russia/Guccifer 2.0.

The bureau is trying to determine whether the emails obtained by the Russians are the same ones that appeared on the website of the anti-secrecy group WikiLeaks on Friday, setting off a firestorm that roiled the party in the lead-up to the convention.

The FBI is also examining whether APT 28 or an affiliated group passed those emails to WikiLeaks, law enforcement sources said.

Now we know why: because they weren’t the same set of files as had been taken from the DNC (though the FBI did already know some Hillary staffers had been hacked.) See this post from last summer, in which I explore that and related questions.

The detail that Guccifer 2.0 was actual posting Hillary, not DNC, documents is somewhat consistent with what John Podesta has said. He revealed that he recognized an early “DNC” document probably came from his email.

And other campaign officials also had their emails divulge earlier than October 7th. But in one of those D.N.C. dumps, there was a document that appeared to me was– that appeared came– might have come from my account.

Podesta he has always been squirrelly about thus stuff and probably has reason to hide that the Democrats’ claims that Guccifer 2.0 was releasing DNC documents were wrong (indeed, that’s something that would be far more supportive of skeptics’ alternative theories than this Guccifer 2.0 data, but it’s also easily explained by Democrats’ understandable choices to minimize their exposure last summer). Importantly, Podesta also suggests that “other campaign officials also had their emails divulged earlier than October 7th,” without any suggestion that that is just via DC Leaks.

On top of a lot of other implications of this, it shifts the entire debate about whether Guccifer 2.0 was WikiLeaks’ source, which has always focused on whether the documents leaked on July 22 came from Guccifer 2.0. Regardless of what you might conclude about that, it shifts the question to whether the Podesta emails WikiLeaks posted came from Guccifer 2.0, because those are the ones where there’s clear overlap. Russia’s role in hacking Podesta has always been easier to show than its role in hacking the DNC.

It also shifts the focus away from whether FBI obtained enough details from the DNC server via the forensic image it received from Crowdstrike to adequately assess the culprit. Both the DNC and Hillary (as well as the DCCC) servers are important. Though those that squawk about this always seem to miss that FBI, via FireEye, disagreed with Crowdstrike on a key point: the degree to which the two separate sets of hackers coordinated in targeted servers; I’ve been told by someone with independent knowledge that the FBI read is the correct one, so FBI certainly did their own assessment of the forensics and may have obtained more accurate results than Crowdstrike (I’ve noted elsewhere that public IC statements make it clear that not all public reports on the Russian hacks are correct).

In other words, given that the files that Guccifer 2.0 first leaked actually preempted WikiLeaks’ release of those files by four months, what you’d need to show about the DNC file leaks is something entirely different than what has been shown.

New Yorker’s analysis on coordination

That’s a task Raffi Khatchadourian took on, using an analysis of what got published when, to argue that Russia is WikiLeaks’ source in his recent profile of Assange (I don’t agree with all his logical steps, particularly his treatment of the relationship between Guccifer 2.0 and DC Leaks, but in general my disagreements don’t affect his analysis about Russia).

Throughout June, as WikiLeaks staff worked on the e-mails, the persona had made frequent efforts to keep the D.N.C. leaks in the news, but also appeared to leave space for Assange by refraining from publishing anything that he had. On June 17th, the editor of the Smoking Gun asked Guccifer 2.0 if Assange would publish the same material it was then doling out. “I gave WikiLeaks the greater part of the files, but saved some for myself,” it replied. “Don’t worry everything you receive is exclusive.” The claim at that time was true. None of the first forty documents posted on WordPress can be found in the WikiLeaks trove; in fact, at least half of them do not even appear to be from the D.N.C., despite the way they were advertised.

But then, on July 6th, just before Guccifer 2.0 complained that WikiLeaks was “playing for time,” this pattern of behavior abruptly reversed itself. “I have a new bunch of docs from the DNC server for you,” the persona wrote on WordPress. The files were utterly lacking in news value, and had no connection to one another—except that every item was an attachment in the D.N.C. e-mails that WikiLeaks had. The shift had the appearance of a threat. If Russian intelligence officers were inclined to indicate impatience, this was a way to do it.

On July 18th, the day Assange originally planned to publish, Guccifer 2.0 released another batch of so-called D.N.C. documents, this time to Joe Uchill, of The Hill. Four days later, after WikiLeaks began to release its D.N.C. archive, Uchill reached out to Guccifer 2.0 for comment. The reply was “At last!”


Whatever one thinks of Assange’s election disclosures, accepting his contention that they shared no ties with the two Russian fronts requires willful blindness. Guccifer 2.0’s handlers predicted the WikiLeaks D.N.C. release. They demonstrated inside knowledge that Assange was struggling to get it out on time. And they proved, incontrovertibly, that they had privileged access to D.N.C. documents that appeared nowhere else publicly, other than in WikiLeaks publications. The twenty thousand or so D.N.C. e-mails that WikiLeaks published were extracted from ten compromised e-mail accounts, and all but one of the people who used those accounts worked in just two departments: finance and strategic communications. (The single exception belonged to a researcher who worked extensively with communications.) All the D.N.C. documents that Guccifer 2.0 released appeared to come from those same two departments.

The Podesta e-mails only make the connections between WikiLeaks and Russia appear stronger. Nearly half of the first forty documents that Guccifer 2.0 published can be found as attachments among the Podesta e-mails that WikiLeaks later published. Moreover, all of the hacked election e-mails on DCLeaks appeared to come from Clinton staffers who used Gmail, and of course Podesta was a Clinton staffer who used Gmail. The phishing attacks that targeted all of the staffers in the spring, and that targeted Podesta, are forensically linked; they originated from a single identifiable cybermechanism, like form letters from the same typewriter. SecureWorks, a cybersecurity firm with no ties to the Democratic Party, made this assessment, and it is uncontested.

Now, I’d like to see the analysis behind this publicly. It should be expanded to include all the documents leaked by Guccifer 2.0. It should include more careful analysis of the forensics behind the phishes (security companies have done this, but have not shown all their work). Moreover, it doesn’t rule out a piggyback hack, though given that Guccifer 2.0 was leaking Hillary emails from the start, it’s unclear how that piggyback would work. All that said, it provides a circumstantial case that these were the same two sets of documents.

Khatchadourian doesn’t dwell on something he alluded to here, which is that all the DNC documents were email focused, collected from just 10 mailboxes. That’s the nugget that, I suspect, Assange will point to (and may have shared with Dana Rohrabacher) in an effort to rebut the claims his source was Russia (one thing Khatchadourian gets wrong is what Craig Murray said about two different sources for WikiLeaks, but then he points to a WikiLeaks claim they got the emails in late summer and September 19 date on all of them — not long before Murray picked something up in DC — so that’s another area worth greater focus). For now, I’ll bracket that, but while I suspect it points to really interesting conclusions, I don’t think it necessarily undermines the claim that Russia was Assange’s source. More importantly, none of the things people are pointing to in this new analysis — the metadata in files released by Guccifer 2.0, the metadata in files released on a magnet site but never directly by Guccifer 2.0 — affects the analysis of how completely unrelated emails got to WikiLeaks at all.

All of which is to say that the these two pieces of analysis actually miss the far more interesting analysis that got done with it.

Update: Turns out the Nation issued a correction today, which reads in part,

Subsequently, Nation editors themselves raised questions about the editorial process that preceded the publication of the article. The article was indeed fact-checked to ensure that Patrick Lawrence, a regular Nation contributor, accurately reported the VIPS analysis and conclusions, which he did. As part of the editing process, however, we should have made certain that several of the article’s conclusions were presented as possibilities, not as certainties. And given the technical complexity of the material, we would have benefited from bringing on an independent expert to conduct a rigorous review of the VIPS technical claims.

It added an outside analysis by Nathanial Freitas of the two reports, a rebuttal from VIPS members who did not join the letter, and a response from those who did. Freitas provides a number of other possibilities to get the throughput observed by Forensicator. The VIPS dissenters raise some of the same points I do, including that this server may be somewhere outside of DNC.

It is important to note that it’s equally plausible that the cited July 5, 2016, event was carried out on a server separate from the DNC or elsewhere, and with data previously copied, transferred, or even exfiltrated from the DNC.

However, independent of transfer/copy speeds, if the data was not on the DNC server on July 5, 2016, then none of this VIPS analysis matters (including the categorically stated fact that the local copy was acquired by an insider) and simply undermines the credibility of any and all analysis in the VIPS memo when joined with this flawed predicate.

Trump’s Lawyer: I Did Not Go to Prague I Did Not Go to Prague I Did Not Go to Prague I Did Not Go to Prague

Four days ago, Michael Cohen (or the Trump Organization) pre-empted revelations that would leak as soon as he turned over a third tranche of documents to the House Intelligence Committee by revealing a seemingly damning detail from it: along with Trump’s associate Felix Sater, Cohen was pursuing a Trump Tower deal in Moscow well after Trump’s campaign was in full swing. Sure enough, more damning information was still to come: Sater somehow imagined the deal — whatever it was — would get Trump elected. Then still more damning information: in January 2016, Cohen reached out to trusted Putin aide Dmitry Peskov to push for help on the deal. That’s when Cohen began to not recall precisely what happened, and also ignore questions about why he hadn’t told Trump about this call, unlike the other actions he took on this deal.

Again, these events were connected to Cohen’s delivery of a tranche of documents on August 28 to HPSCI.

Today, the letter Cohen sent to HPSCI on August 14 after reviewing and delivering two previous tranches of documents got liberated (this copy by the Daily Beast, but multiple outlets got copies). So the letter, which includes four pages plus backup rebutting the allegations made about Cohen in the Steele dossier, reflects the understanding Cohen’s lawyers had two weeks before they delivered emails showing Cohen was contacting Putin’s trusted aide in support of a deal that Sater believed would get Trump election.

Before I look at the letter, let me reiterate what I have suggested elsewhere (I plan to return to these shortly). There are real, unanswered questions about the provenance of the document as leaked by BuzzFeed. Some of the circumstances surrounding its production — most notably its funders and their claimed goals, and Steele’s production of a final report, based off voluntarily provided information, for free — raise real questions about parts of the dossier. I think it quite likely some parts of the dossier, especially the last, most inflammatory report (which accuses Cohen of attending a meeting where payments from Trump to the hackers that targeted the Democrats were discussed), were disinformation fed by the Russians. I believe the Intelligence Community is almost certainly lying about what they knew about the dossier. I believe the Russians know precisely how the dossier got constructed (remember, a suspected source for it died in mysterious circumstances in December), and they expect the exposure of those details will discredit it.

So while I think there are truths in the dossier, I do think its current form includes rumor and even affirmative disinformation meant to discredit it.

With that said — and remembering all the time that shortly after this letter got written, documents were disclosed showing Cohen was involved in brokering a deal that Sater thought might get Trump elected — here’s my analysis of the document.

The entire letter is pitched around the claim that HPSCI “included Mr. Cohen in its inquiry based solely upon certain sensational allegations contained” in the Steele dossier. “Absent those allegations,” the letter continues, “Mr. Cohen would not be involved in your investigation.” The idea — presented two weeks before disclosure of emails showing Cohen brokering a deal with Russians in early 2016 — is if Cohen can discredit the dossier, then he will have shown that there is no reason to investigate him or his role brokering deals with the Russians. Even the denial of any documents of interest is limited to the dossier: “We have not uncovered a single document that would in any way corroborate the Dossier’s allegations regarding Mr. Cohen, nor do we believe that any such document exists.”

With that, Cohen’s lawyers address the allegations in the dossier, one by one. As a result, the rebuttal reads kind of like this:

I Did Not Go to Prague I Did Not Go to Prague I Did Not Go to Prague I Did Not Go to Prague

Cohen literally denies that he ever traveled to Prague six times, as well as denying carefully worded, often quoted, versions of meeting with Russians in a European capital in 2016. Of course that formulation — He did not participate in meetings of any kind with Kremlin officials in Prague in August 2016 — stops well short of other potential ties to Russians. And two of his denials look very different given the emails disclosed two weeks later showing an attempt to broker a deal that Felix Sater thought might get Trump elected, including an email from him to one of the most trusted agents of the Kremlin.

Mr. Cohen is not aware of any “secret TRUMP campaign/Kremlin relationship.”

Mr. Cohen is not aware of any indirect communications between the “TRUMP team” and “trusted agents” of the Kremlin.

As I said above, I think it highly likely the dossier includes at least some disinformation seeded by the Russians. So the most charitable scenario of what went down is that the Russians, knowing Cohen had made half-hearted attempts to broker the Trump Tower deal Trump had wanted for years, planted his name hoping some kind of awkwardness like this would result.

If so, Mission accomplished!

All that said, the way in which Cohen has orchestrated this disclosure — up to and including his failures to recall and answer obvious questions — is either great lawyering and/or sign that this earlier deal making is a real problem.

It may be that HPSCI only investigated Cohen because he was badly implicated in the Steele dossier. But if so, it led to the disclosure of earlier deal-making, including an attempt to reach out to one of Putin’s most trusted associates, that will likely give HPSCI a whole new reason to investigate.

Dmitry Peskov: Building Skyscrapers Is Not Our Work [But Is Stealing Elections?]

Dmitry Peskov, Putin’s spox, has now responded to the reports that Michael Cohen wrote him, at Felix Sater’s instructions, to do something that might get Trump elected. Effectively, he said his job was not building skyscrapers.

Peskov confirmed that his office had located a copy of the email, which said the development deal wasn’t moving forward and requested support.

He said the email was sent to the public “Press Office of the Kremlin” address — which receives thousands of queries, relevant or otherwise — and denied knowing Cohen personally.

“This email said that a certain Russian company together with certain individuals is pursuing the goal of building a skyscraper in the ‘Moscow City’ district, but things aren’t going well and they asked for help with some advice on moving this project forward,” Peskov said. “But, since, I repeat again, we do not react to such business topics — this is not our work — we left it unanswered.”

Bloomberg’s Russian correspondent (not sure if she’s there or here) described Peskov’s comments as addressing two of the details not covered by CNN: Peskov denied knowing both Cohen and Sater. And Peskov said the issue was not discussed with Putin.

No further emails were sent and Peskov said the subject wasn’t discussed with President Vladimir Putin.


Peskov said he didn’t know Cohen or Felix Sater, an associate of Trump’s that Cohen said recommended he email the Kremlin.

Also, Ivanka didn’t sit on Putin’s chair or lap.

Peskov said Ivanka Trump didn’t visit Putin’s office or sit in the president’s chair.

Still, none of the competing sides of this story explain the underlying question, which I laid out here, nor do they deny communications about topics other than these “business topics.” In November, Sater had a deal that, he thought, might lead to his buddy becoming President. Purportedly, that deal was about building a Trump Tower in Moscow, and required only that Vladimir Putin say nice things (which, as it turns out, he did start saying).
Peskov dismisses the possibility that the reported deal went anywhere because — he explains — he’s not in the business of skyscrapers.
But if Sater’s intended deal was something else, would Peskov be in that business?

The Nameless Non-Agents Arranging Rohrabacher’s Trump Meeting

Sean Hannnity, who himself met with Julian Assange early this year, then went on to champion the Seth Rich hoax, had Dana Rohrabacher on to push Rohrabacher’s efforts to broker a pardon for Assange in exchange for an alternative source for Wikileaks. When asked if he had a specific message for the president, Rohrabacher dodged, saying only, “We discussed what I would tell the president.”

But the funniest dodge came when Hannity asked Rohrabacher about meeting with the president. The congressman answered,

It is my understanding from other parties who are trying to arrange the rendezvous that a rendezvous with myself and the President is being arranged for me to give him the firsthand information from [Assange]

Not only do these other parties not have names, but ultimately, this meeting “is being arranged” like a loveless marriage.

You’d almost think Rohrabacher recognizes the legal problems here.

One wonders whether those nameless non-agents do?

How Does Inking a Luxury Residential Real Estate Deal in Moscow Get You Elected President? In the US, I Mean?

There’s an implicit premise of my posts covering yesterday’s big scoops on the emails between Felix Sater and Michael Cohen turned over to the House Intelligence Committee yesterday:

The NYT republished fragments of two of the emails. Here’s the key one:

Michael I arranged for Ivanka to sit in Putins [sic] private chair at his desk and office in the Kremlin. I will get Putin on this program and we will get Donald elected. We both know no one else knows how to pull this off without stupidity or greed getting in the way. I know how to play it and we will get this done. Buddy our boy can become President of the USA and we can engineer it. I will get Putins [sic] team to buy in on this, I will manage this process.

On November 3, 2015, two months before the GOP primary started in earnest and barely over a year before the presidential election, mobbed up real estate broker and sometime FBI informant Felix Sater emailed Trump Organization Executive Vice President and Special Counsel to Trump, Michael Cohen. According to the fragment we read, Sater boasts of his access to Putin going back to 2006 (when the Ivanka incident reportedly happened), and said “we can engineer” “our boy” becoming “President of the USA.”

Before HPSCI got the emails, the Trump Organization did a preemptive leak to the WaPo, which successfully cemented the interpretation of the “news” associated with these emails as proof of another contact between Trump associates and Russians. Cohen’s statement to HPSCI, which WaPo’s later reporting quoted, reaffirmed that view, even though key details about it — why, of all the things he couldn’t recall, was whether Putin associate Dmitry Peskov responded to an email in which Cohen asked for his personal response, or why Cohen would email a press contact like Peskov, who readily gives out his personal email, to a general email line that is less likely to be bugged by western intelligence — remain unexplained.

The NYT only released one paragraph of the emails it published; it’s unclear whether that’s all they got, or whether they’ve just chosen to redact all the context.

Nevertheless, this paragraph, presented as it is, ought to have elicited very different “news” reporting: a year before the election, Sater was boasting he could get Trump elected because of his ties to Putin. In an update (the NewsDiffs on NYT’s version of this story are worth reviewing in detail, particularly for the way they shift emphasis away from Sater’s claims in the email), the NYT reprinted Sater’s lawyer’s explanation, which doesn’t address the underlying question at all, even while it replicates the spin that this would be nothing more than a “political win.”

Through his lawyer, Mr. Sater declined on Monday to address why he thought the deal would be a political win for Mr. Trump. He said he brought the project to Mr. Cohen in late 2015, but that he was not working for the Trump Organization and “would not have been compensated” by them.

“During the course of our communications over several months, I routinely expressed my enthusiasm regarding what a tremendous opportunity this was for the Trump Organization,” Mr. Sater said.

Again, perhaps the full emails justify this approach. But absent a better explanation, the question that should be answered by this scoop — well before the excitement of proof of yet one more tie between a Trump associate and increasingly senior Russians — is why Sater believed whatever he was emailing Cohen about would lead to Trump’s election?

Even assuming Cohen’s personal intervention via Peskov got Putin to rubber stamp the missing permits in early January 2016, which was the most optimistic scenario short of the personal trip to Moscow Sater was pushing Cohen to take, how would that have had any influence on the Presidential election at that point 11 months away? Obviously, the actual building, its clients, the possibility it might be used to launder money, perhaps even back into Putin’s pockets — none of that would be in place in time for the election. Yet another luxury residence in a city most American voters will never visit isn’t going to flip many votes, if any. More realistically, the deal would be regarded just as reporters are now spinning it, as an inappropriate potential conflict of interest, even ignoring the Russophobia that would ratchet up later in the year.

The second email NYT published in part might be a quasi explanation.

Michael we can own this story. Donald doesn’t stare down, he negotiates and understand the economic issues and Putin only want to deal with a pragmatic leader, and a successful business man is a good candidate for someone who knows how to negotiate. “Business, politics, whatever it all is the same for someone who knows how to deal.”

That is, perhaps Sater believed that if Trump could negotiate with Putin successfully, voters would value his negotiating ability more highly than former Secretary of State Hillary’s. That’s probably what Trump voters actually did, but it required no fresh deals. But even here, Sater is again positioning his pitch in terms of what will impress Putin, not what will impress American voters.

Sater is a lot of things, but he’s nowhere near the dumbest Trump associate. Why is it that he sent an email to Cohen promising a deal would help Trump get elected?

One more detail. This is not the first exchange Cohen had with the committees. Congress first got interested in Cohen at the end of May; Cohen refused the first requests, declaring them overly broad. And, as the NYT notes, Cohen’s lawyer already started communicating with the committee, issuing a point-by-point refutation of the parts of the Steele dossier that pertain to Cohen.

Earlier this month, Mr. Cohen’s lawyer, Stephen M. Ryan, wrote a letter to congressional investigators that contained what he said was a point-by-point refutation of a dossier suggesting that Mr. Cohen colluded with Russian operatives. That dossier, compiled by a retired British spy and briefed to Mr. Trump during the transition, was published online early this year.

“We do not believe that the committee should give credence to or perpetuate any of the allegations relating to Mr. Cohen unless the committee can obtain independent and reliable corroboration,” Mr. Ryan wrote.

So was this found amid all his other emails, or is it something he only belatedly included?

Update: As Digby noted, there were rumors flying some weeks ago that Sater may be prepping to flip again, as he has for Robert Mueller’s investigators in the past.

And according to Wood’s sources, Sater may have already flipped and given prosecutors the evidence they need to make a case against Trump.

For several weeks there have been rumours that Sater is ready to rat again, agreeing to help Mueller. ‘He has told family and friends he knows he and POTUS are going to prison,’ someone talking to Mueller’s investigators informed me.

Sater hinted in an interview earlier this month that he may be cooperating with both Mueller’s investigation and congressional probes of Trump.

“In about the next 30 to 35 days, I will be the most colourful character you have ever talked about,” Sater told New York Magazine. “Unfortunately, I can’t talk about it now, before it happens. And believe me, it ain’t anything as small as whether or not they’re gonna call me to the Senate committee.”

I doubt Sater is cooperating, given the way his lawyer has adopted the spin Cohen first planted. If Sater is cooperating with some real dirt, it might explain why Cohen would roll out sharing these emails with a pre-emptive leak that succeeded, splendidly, in distracting the coverage from the more fundamental question raised here.

Ron DeSantis Attempting to Stop Criminal Investigation into Theft that Benefitted Him

Florida Congressman Ron DeSantis has presented a bill that would defund the Robert Mueller investigation six months after the bill passed.

DeSantis has put forward a provision that would halt funding for Mueller’s probe six months after the amendment’s passage. It also would prohibit Mueller from investigating matters that occurred before June 2015, when Trump launched his presidential campaign.

The amendment is one of hundreds filed to a government spending package the House is expected to consider when it returns next week from the August recess. The provision is not guaranteed a vote on the House floor; the House Rules Committee has wide leeway to discard amendments it considers out of order.

It’s interesting that DeSantis, of all people, would push this bill.

After all, he’s one of a small list of members of Congress who directly benefitted from Guccifer 2.0’s leaking. Florida political journalist Aaron Nevins obtained a huge chunk of documents from Guccifer 2.0.

Last year, a Republican political operative and part-time blogger from Florida asked for and received an extensive list of stolen data from Guccifer 2.0, the infamous hacker known for leaking documents from the DNC computer network.

The Wall Street Journal reported that Aaron Nevins, a former aide to Republican state Sen. Ellyn Bogdanoff, had reached out to Guccifer through Twitter, asking to “feel free to send any Florida-based information.”

About 10 days later, Nevins received about 2.5 gigabytes of polling information, election strategy and other data, which he then posted on his political gossip blog HelloFLA.com.

“I just threw an arrow in the dark,” Nevins told the Journal.

After setting up a Dropbox account for Guccifer 2.0 to share the data, Nevins was able to sift through the data as someone who “actually knows what some of these documents mean.”

Among the documents stolen from the DCCC that Nevins published are five documents on the DCCC’s recruitment of DeSantis’ opponent, George Pappas. So effectively, DeSantis is trying to cut short the investigation into a crime from which he directly benefitted.

Call me crazy, but this seems like an ethical violation, and possibly a good reason to submit a bar complaint against DeSantis. And his constituents might want to ask why he’s trying to help Russia and its domestic enablers undermine democracy.

Michael Cohen Starts Not Recalling His Negotiations with Dmitry Peskov, “Main Protagonist” of Campaign Versus Hillary

In this post, I suggested the WaPo scoop about Felix Sater discussing a Trump Tower deal was Michael Cohen’s attempt to pre-empt the real story, which would begin to come out after those particular emails got delivered to HPSCI.

Once they got delivered, we learned that Sater connected the Trump Tower plan (if there ever was one) with getting Trump elected.

Michael I arranged for Ivanka to sit in Putins [sic] private chair at his desk and office in the Kremlin. I will get Putin on this program and we will get Donald elected. We both know no one else knows how to pull this off without stupidity or greed getting in the way. I know how to play it and we will get this done. Buddy our boy can become President of the USA and we can engineer it. I will get Putins [sic] team to buy in on this, I will manage this process.

The immediate question at that point should have been why Sater would tie this alleged real estate deal to getting Trump elected, but instead the follow-up reporting has been about the alleged deal.

In response to the first release of that language, Cohen “rebutted” that focus on Sater by denying two things that don’t address what the main focus should be.

Mr. Cohen suggested that Mr. Sater’s comments were puffery. “He has sometimes used colorful language and has been prone to “salesmanship,” Mr. Cohen said in a statement. “I ultimately determined that the proposal was not feasible and never agreed to make a trip to Russia.”

Sater was just engaged in salesmanship. But for what? A tower or a presidency?

Cohen never went to Russia. But did he make the deal without leaving NYC?

Now, a second story based on the emails actually turned over reveals a far more interesting detail: Cohen may not have gone to Russia, but he did reach out to Dmitry Peskov.

Peskov, you may recall, was (per the Steele dossier) the “main protagonist” of the kompromat campaign against Hillary, which initially reportedly — but perhaps not credibly — started as sharing old dirt on Hillary with Trump’s campaign, but by the end, consisted of deciding to leak the second batch of emails.

Russians do have further ‘kompromat’ on CLINTON (e-mails) and considering disseminating it after Duma (legislative elections) in late September. Presidential spokesman PESKOV continues to lead on this.

For his part, Cohen played the key role in brokering relations between Russia and the Trump team after Paul Manafort stepped down during the summer.

Speaking separately to the same compatriot in mid-October 2016, a Kremlin insider with direct access to the leadership confirmed that a key role in the secret TRUMP campaign/Kremlin was being played by the Republican candidates personal lawyer Michael COHEN

So any ongoing discussions between Cohen and Peskov would go to the heart of any coordination between Trump and Russia.

Which is why it is so interesting that Cohen has started to not recall whether there were ongoing conversations after that January email (note, NYT’s Haberman says Cohen sent this to the mail press email for Peskov, not a private one).

“Over the past few months I have been working with a company based in Russia regarding the development of a Trump Tower – Moscow project in Moscow City,” Cohen wrote Peskov, according to a person familiar with the email. “Without getting into lengthy specifics. the communication between our two sides has stalled.”

“As this project is too important, I am hereby requesting your assistance. I respectfully request someone, preferably you, contact me so that I might discuss the specifics as well as arranging meetings with the appropriate individuals. I thank you in advance for your assistance and look forward to hearing from you soon,” Cohen wrote.


In the statement, obtained by the Washington Post, Cohen said Sater suggested the outreach because a massive Trump development in Moscow would require Russian government approval. He said he did not recall receiving a response from Peskov and the project was abandoned two weeks later. [my emphasis]

I wonder if Cohen can recall any more recent conversations with Peskov, such as in advance of the time, in February of this year, when he and Sater delivered a Ukrainian peace plan to Mike Flynn in the days before Trump’s National Security Advisor was forced to quit?

Ah well. I’m sure a good lawyer like Cohen simply forgot these details, rather than giving the classic DC not recall answer that will provide him with another opportunity to tell a cover story the next time inconvenient emails get found.

Update: The WSJ gets into the act, with this report on how Cohen, when asked why he didn’t tell Trump he was going to call Putin’s top advisor for favors while Trump was running for President, did not respond.

In 2015, Mr. Cohen said, he informed the then-candidate that he was working on a licensing deal for a Trump Tower in Moscow. He subsequently asked for and received Mr. Trump’s signature on a nonbinding letter of intent for the project in October 2015. And in January 2016, he said, he informed the then-candidate that he had killed the proposal. Mr. Cohen said each conversation was brief.

Mr. Cohen’s communication with the president about the Moscow project may come under scrutiny because of a January 2016 email Mr. Cohen sent to Russian President Vladimir Putin’s top press official to ask for “assistance” in arranging the deal. Mr. Cohen said he didn’t inform Mr. Trump that he had sent the email to the press official, Dmitry Peskov. He didn’t respond when asked why he hadn’t done so.

So Cohen would have you believe he informed Trump at each stage of this process — except the one where he solicited help from a top official from a hostile nation-state.

The Steele Dossier and WaPo’s Trump Tower Scoop

For some reason, many people who’re convinced the Trump Russia investigation will hit paydirt but who haven’t been particularly attentive believe the Steele dossier must all be true. This, in spite of the fact that some parts of it clearly are not true. The best example of that is report 086, labeled as July 25, 2015 (but which must actually date to July 2016), which quotes a former senior Russian intelligence official claiming FSB was having difficulty compromising western and G7 government targets. In the previous year, the Russians had been enjoying quite a lot of success against just those kinds of targets, including the Joint Chiefs of Staff (Russia’s APT 29 is also believed to have compromised the DNC in July 2015), making it surprising anyone following Russian matters even marginally closely could present that report as credible.

The Steele dossier is not a document that is either credible or not as a whole; it is a series of raw intelligence reports based off a series of sources, some of which conflict with each other, some of which may be credible, others of which are less so. Moreover, there are a number of details about the dossier as we received it or as we’ve since learned about its production that raise legitimate questions about its quality.

Two seemingly contradictory claims provide one example that is especially noteworthy given WaPo’s report that the Trump organization inked a branding deal in Russia in late 2015. The very first report released as the Steele dossier, dated June 20, claims that the FSB has, for years, been trying to cultivate Trump by offering him “lucrative real estate development deals in Russia” but “for reasons unknown, TRUMP had not taken up any of these.”

The sourcing on this claim definitely includes “a close associate of TRUMP who had organized and managed his recent trips to Moscow” (though how would they know FSB was dangling real estate to compromise Trump unless they were themselves tied to FSB?) and may include the trusted compatriot of a “senior Foreign Ministry figure.”

Compare that with the undated report (it probably dates to between July 19 and July 30, 2016) crediting “a separate source with direct knowledge” claiming that Trump’s “claimed minimal investment profile in Russia … had not been for want of trying.”

Which is it? Has Trump been pushing for real estate deals but failing, or have figures close to Putin been trying to entice him with such deals only to have him respond with remarkable coyness?

A September 14 report, reported second-hand from two people in Petersburg, goes so far as to claim Trump had even paid bribes to get business deals in the city, but offered little more. Significantly, the sources said Aras Agalarov — who was involved in the June 9, 2016 meeting offering dirt on Clinton in New York’s Trump Tower — would have any details on real estate deals and sex parties and the clean-up thereof.

All of which is to say that in three different reports, Steele’s sources offered conflicting details about whether Trump was trying to get business in Russia but had failed, or Russia was trying to suck Trump into business deals as part of a program to compromise him, only to have him inexplicably resist.

Which brings us to the WaPo’s latest scoop, which reveals that between November 2015 and January 2016, the Trump organization signed a licensing deal for a big real estate project in Moscow, which ended up flopping because there was actually no deal behind it.

As part of the discussions, a Russian-born real estate developer urged Trump to come to Moscow to tout the proposal and suggested he could get President Vladimir Putin to say “great things” about Trump, according to several people who have been briefed on his correspondence.

The developer, Felix Sater, predicted in a November 2015 email that he and Trump Organization leaders would soon be celebrating — both one of the biggest residential projects in real estate history and Donald Trump’s election as president, according to two of the people with knowledge of the exchange.

Sater wrote to Trump Organization Executive Vice President Michael Cohen, “something to the effect of, ‘Can you believe two guys from Brooklyn are going to elect a president?’ ” said one person briefed on the email exchange. Sater emigrated to the United States from what was then the Soviet Union when he was 8 and grew up in Brooklyn.

Trump never went to Moscow as Sater proposed. And although investors and Trump’s company signed a letter of intent, they lacked the land and permits to proceed and the project was abandoned at the end of January 2016, just before the presidential primaries began, several people familiar with the proposal said.


Discussions about the Moscow project began in earnest in September 2015, according to people briefed on the deal. An unidentified investor planned to build the project and, under a licensing agreement, put Trump’s name on it. Cohen acted as a lead negotiator for the Trump Organization. It is unclear how involved or aware Trump was of the negotiations.

For six months, Christopher Steele pushed his sources for information on any deals Trump had planned in Russia. And only one of them — the one suggesting his go-between consult with Agalarov — offered any hint that a deal might have actually been done. Yet just months earlier, a deal had purportedly been signed, a deal personally involving Michael Cohen, who figures prominently throughout the dossier.

At least on their face, those are contradictory claims, ones that (because the WaPo story is backed by documents Congress will shortly vet) either emphasize how limited Steele’s collection was, even on one of his key targets like Cohen, or may even hint he was getting disinformation.

Or perhaps reading them in tandem can elucidate both?

First, some comments on the WaPo story.

It seems the real story here is as much the details as the fact that the deal was proposed. For example, I’m as interested that Felix Sater, from whom (as the story notes) Trump has been trying to distance himself publicly for years, was still brokering deals for the Trump organization as late as November 2015 as any other part of the story. See this post for some reasons why that’s so interesting.

It’s also quite significant that whoever leaked this to the WaPo did not explain who the investors were. Schedule another scoop in a week or so for when some outlet reveals that detail, because I suspect that’s as big a part of the story as the fact that the deal got signed. What entity came to Cohen months after Trump had kicked off his presidential campaign, and offered up the kind of branding deal that Trump loves (and which at least some of Steele’s sources say Trump had been seeking for over a decade), yet without the permits that would be a cinch if Putin and the FSB were really pushing the deal as part of a plan to compromise the candidate?

The sourcing, too, is of particular interest. WaPo describes its story as coming from, “several people familiar with the proposal and new records reviewed by Trump Organization lawyers;” in another place it describes its sources as, “several people who have been briefed on his correspondence.”  It explains that the emails are going to be turned over to Congress soon.

The new details from the emails, which are scheduled to be turned over to congressional investigators soon, also point to the likelihood of additional contacts between Russia-connected individuals and Trump associates during his presidential bid.

This all feels like an attempt, on the part of Trump lawyer Michael Cohen, to reveal to Trump via non-obstructive channels what he has found in a review of documents he’s about to turn over, with an emphasis on some of the most damning parts (Sater and the timing), but without yet revealing the public detail of the investors. By releasing it in this form, Cohen’s associates give Trump warning of what’s about to come, while blunting the damage the revelation will have in more fleshed out form.

Finally, the WaPo emphasizes Sater’s push for Trump to get Putin to say nice things. Particularly given the lack of permits here, that suggests Sater recognized the deal was not actually done, it needed powerful push from Putin. A push that, given the January collapse, apparently didn’t come in timely fashion. That may be the more interesting take-away here. The deal was, when Sater bragged about it to the guy who (according to Steele’s dossier) would shortly go on to clean up Paul Manafort’s earlier corrupt discussions with Russia, illusory. But it makes it clear that Cohen, if and when he had those discussions, was aware of the Trump organization’s earlier, failed effort to finally brand a building in Moscow. It would mean that if those dodgy meetings in Prague actually happened, they came against the backdrop of Putin deciding not offer the help needed to make the Trump deal happen in the months before the election started.

All that may suggest the Steele dossier may instead be rich disinformation on a key point, disinformation that hid how active such discussions really were.

In any case, the WaPo story is not definitive one way or another. It may be utterly damning, the kind of hard evidence Cohen is about to turn over that he is aware could really blow the investigation into Trump wide open, or it could be yet more proof that Trump continued to resist the allure of real estate deals in Russia, as some of Steele’s sources claimed. But it does raise some important questions that reflect back on the Steele dossier.

Update: NYT got the actual language of two of the Sater emails, which have now been delivered to HPSCI.

Michael I arranged for Ivanka to sit in Putins [sic] private chair at his desk and office in the Kremlin. I will get Putin on this program and we will get Donald elected. We both know no one else knows how to pull this off without stupidity or greed getting in the way. I know how to play it and we will get this done. Buddy our boy can become President of the USA and we can engineer it. I will get Putins [sic] team to buy in on this, I will manage this process.


Michael we can own this story. Donald doesn’t stare down, he negotiates and understand the economic issues and Putin only want to deal with a pragmatic leader, and a successful business man is a good candidate for someone who knows how to negotiate. “Business, politics, whatever it allis the same for someone who knows how to deal.”

Why does Sater tie the Trump Tower deal so closely with getting Trump elected?