The Embarrass Mitch McConnell Provision of the Intel Authorization

/10 Comments/in , /by

I’ve got a piece coming out on all the Russian-related provisions in the Intelligence Authorization bill for next year, which are for the most part really laudable policy proposals. But I wanted to look more closely at this one.

SEC. 606. REPORT ON CYBER ATTACKS BY FOREIGN GOVERNMENTS AGAINST UNITED STATES ELECTION INFRASTRUCTURE.
(a) Report Required.—Not later than 60 days after the date of the enactment of this Act, the Under Secretary of Homeland Security for Intelligence and Analysis shall submit to congressional leadership and the congressional intelligence committees a report on cyber attacks and attempted cyber attacks by foreign governments on United States election infrastructure in States and localities in connection with the 2016 presidential election in the United States and such cyber attacks or attempted cyber attacks as the Under Secretary anticipates against such infrastructure. Such report shall identify the States and localities affected and shall include cyber attacks and attempted cyber attacks against voter registration databases, voting machines, voting-related computer networks, and the networks of secretaries of State and other election officials.

(b) Form.—The report submitted under subsection (a) shall be submitted in unclassified form, but may include a classified annex.

(c) Definitions.—In this section:

(1) CONGRESSIONAL LEADERSHIP.—The term “congressional leadership” includes the following:

(A) The majority leader of the Senate.

(B) The minority leader of the Senate.

(C) The Speaker of the House of Representatives.

(D) The minority leader of the House of Representatives.

(2) STATE.—The term “State” means any State of the United States, the District of Columbia, the Commonwealth of Puerto Rico, and any territory or possession of the United States.

It requires the Department of Homeland Security to submit an unclassified report on all the hacking attempts on election infrastructure last year. It will involve declassifying information that Reality Winner is facing prison time for liberating, which seems like a concession that such information has public value. 

But I’m particularly interested in the emphasis on the distribution of this report: both to the intelligence committees and to Congressional leadership, spelled out by job title. Mitch McConnell, Chuck Schumer, Paul Ryan, and Nancy Pelosi.

That’s interesting because — as part of their investigation into last year’s hack — the Senate Intelligence Committee has already been briefed on this information. Indeed, the day after that testimony, Bloomberg reported — relying on three sources briefed on the investigation — that the hacks were much more severe than publicly known.

Russia’s cyberattack on the U.S. electoral system before Donald Trump’s election was far more widespread than has been publicly revealed, including incursions into voter databases and software systems in almost twice as many states as previously reported.

In Illinois, investigators found evidence that cyber intruders tried to delete or alter voter data. The hackers accessed software designed to be used by poll workers on Election Day, and in at least one state accessed a campaign finance database. Details of the wave of attacks, in the summer and fall of 2016, were provided by three people with direct knowledge of the U.S. investigation into the matter. In all, the Russian hackers hit systems in a total of 39 states, one of them said.

So ultimately, if this bill becomes law, it will require an unclassified report on stuff SSCI has been getting briefing on to be submitted to both SSCI and Congressional leadership.

The move comes in the wake of complaints from Democrats that Mitch McConnell refused to back a stronger statement about such attempted attacks in fall 2016. Now, I think some of the complaints about McConnell’s inaction last year are overblown, a demand that McConnell get ahead of where the Intelligence Community was willing to go publicly. And I think they largely obscure the more pressing question of what Trump advisors Devin Nunes and Richard Burr did. 

But I am cognizant of the fact that in a matter of months, we may get a better sense of the kinds of threats to our voting system that McConnell fought against publicizing.

Rohrabacher Can’t Remember Talking Assange Pardon with Trump But Is Sure Trump Wants Mind-Boggling Info from Julian Assange

/11 Comments/in , , , /by

In this post, I noted that Dana Rohrabacher might try to broker a deal between Assange and President Trump trading information on WikiLeaks’ DNC email source for — it appears — a pardon. As I noted, the meeting was first reported — at 8:02 PM —- by the Daily Caller.

At 12:22 AM ET, Julian Assange tweeted that “I do not speak to the public through third parties. Only unmediated statements coming directly from me can be considered authoritative.”

This morning, Rohrabacher issued a statement (posted in my last post) that ends with a promise he will share information already in hand with the President.

The congressman plans to divulge more of what he found directly to President Trump.

The Daily Caller has written a new story, based on an interview with Rohrabacher. In it Rohrabacher first claimed that “he can’t remember” if he has spoken to anyone in the White House about a pardon for Assange.

A pardon of Assange would have to come directly from President Donald Trump, and Rohrabacher told TheDC, “I can’t remember if I have spoken to anybody in the White House about this.”

Apparently Rohrabacher has so many conversations with the White House that he can’t remember them all.

He goes on to suggest he hasn’t gotten the information he (in his statement) promised to divulge to Trump.

The congressman has yet to receive the information that has been promised to him by Assange, but he said he is confident he will receive it.

But — Rohrabacher is sure — the information his office thought he had this morning but which he doesn’t have any more is sure to  be mind-boggling.

“If I had to bet on it, I would bet that we are going to get the information that will be mind-boggling and of major historical significance,” Rohrabacher said. He said if it is significant enough, he will bring it directly to Trump.

After which Rohrabacher, who can’t remember whether he has talked to anyone at the White House about this — much less the President!!! — asserts that “there has already been some indication that the president will be very anxious to hear what I have to say.”

“And there has already been some indication that the president will be very anxious to hear what I have to say if that is the determination that I make,” Rohrabacher added.

Call me crazy, but I think Assange demanded the Daily Caller back off their prior reporting [see update], perhaps to get reassurances from Trump he’ll get a pardon before he (through his proxy Rohrabacher) actually hands over the information. I don’t blame Assange for that — as I noted earlier, he’s only got one shot to produce his case, and if it is easily debunked, both he and Trump will be screwed.

Assange sure seems pretty uncertain about this information that Rohrabacher — who may or may not have already received it — is sure will be mind-boggling.

Update: Here is Assange’s statement about the visit, which makes no mention of disclosing his source.

WikiLeaks’ publisher Julian Assange and his lawyer Jennifer Robinson met with U.S. Congressman Dana Rohrabacher yesterday at the Congressman’s request. Mr. Assange explained how the ongoing proceedings against WikiLeaks over its publications on war, diplomacy and rendition violate the First Amendment rights of WikiLeaks and its readers. The grand jury proceedings against Mr. Assange and his staff started in July 2010 and have been repeatedly condemned by press freedom groups, the ACLU, Human Rights Watch and the United Nations. The proceedings are the largest ever conducted against a publisher and are widely viewed by legal scholars to be unconstitutional. The alleged source of the publications was granted clemency by President Obama in January. However the grand jury proceedings against the publisher continue and have expanded under the Trump administration. Mr. Assange faces potential life imprisonment. Now at seven years, the grand jury is one of the longest and most expensive in US history.

Mr. Assange does not speak through third parties. Only statements issued directly by him or his lawyers can be considered authoritative.

It also claims that Rohrabacher requested the visit, not vice versa.

Update: Curiously, Don Jr, who we know is happy to take meetings with just about anyone if they can produce information that damages dad’s enemies, just followed Assange on Twitter.

Update: The Daily Caller insists that Assange didn’t get them to back off any reporting, and instead explains that the contradictions between their Wednesday story and their Thursday one (and in Rohrabacher’s statements) derive instead from the poor wording of the statement from Rohrbacher’s office. My apologies for the insinuations that their failure to point out these multiple contradictions doesn’t just stem from bad reporting.

Update: Washington Times has more, which not only underscores how newsworthy are Daily Caller’s contradictions, but also confirms that Rohrabacher is now talking a back and forth process.

“I will have discussions with President Trump before going public, and that should happen hopefully within two weeks of now, by the end of the month,” he said. “In the end, the American people are going to know more than what they know now, and it will be with more certainty.”

Rohrabacher declined to say if he was given a physical set of files by Assange to support a counter-narrative on how WikiLeaks acquired emails damaging to Hillary Clinton’s candidacy. U.S. spy agencies say Russia hacked those emails and gave them to WikiLeaks.

“I told you, I’m not going to go into details on that,” said the Orange County conservative about whether he was given physical files. At one point, however, Rohrabacher implied he had not been given documents.

“We did not go into detail [about how WikiLeaks acquired Democratic emails], but that will obviously be something that will be provided in greater detail shortly,” he said.

“This is not a one step process, it’s a two-step or three step-process. There are some things we just have to go to the president with and see what he says, and then see how we can actually work its way so the American people know the truth,” he said.

Update, 8/19: In an article revealing that Charles Johnson has refused to cooperate with the Senate Intelligence Committee’s request for information on how he helped now-deceased rat-fucker Peter Smith attempt to find hacked files from Hillary’s server, Michael Isikoff provides his own version of the Rohrabacher/Assange deal. His version lacks the contradictions of the right wing press. It explains that Assange would basically trade “irrefutable” evidence he didn’t get the DNC emails from Russia (which is different than proving they didn’t come from Russia) in exchange for a pre-emptive pardon.

Johnson said he and Rohrabacher came back from their meeting with a specific proposal that the congressman intends to present to President Trump soon: Grant a preemptive pardon to Assange (who has been under Justice Department investigation for years, although he has never been charged) and the WikiLeaks founder would, in exchange, turn over “irrefutable” evidence that he didn’t get the Democratic National Committee emails from Russia, but from another source.

“Assange wants to have a deal with the president,” Johnson said. “He believes he should be pardoned in the same way that Chelsea Manning was pardoned.” Once Assange turns his evidence over, showing the Russians were not the source of the DNC emails, then the “president could put the kibosh” on the whole Russia investigation being conducted by special counsel Robert Mueller.

Johnson declined to say what Assange’s supposed evidence actually is (though he did say it did not include any documents). But he insisted he has spoken to unidentified figures in the White House who have told him the president wants to hear the proposal. “I know the president is interested in this,” he said. “There will be a meeting between Rep. Rohrabacher and President Trump.”

A spokesman for Rohrabacher confirmed that Johnson had arranged the meeting between the congressman and Assange. “My understanding is that there is not yet a concrete proposal, but that Dana does believe that if Assange does turn over the proof he’s promised, then he deserves a pardon,” the spokesman said.

There’s a lot that’s batshit about these claims, not least the suggestion that Chelsea Manning got a full pardon, rather than a commutation after 7 years of imprisonment and abusive treatment by the federal government.

But it’s also hard to imagine how, having laid out this deal in such stark terms, Robert Mueller won’t begin to show some interest in it.

Dana Rohrabacher Brokering Deal for Man Publishing a CIA Exploit Every Week

/26 Comments/in , , /by

Yesterday, right wing hack Charles Johnson brokered a three hour meeting between Dana Rohrabacher and Julian Assange. At the meeting, Assange apparently explained his proof that Russia was not behind the hack of the DNC. In a statement, Rohrabacher promises to deliver what he learned directly to President Trump.

Wikileaks founder Julian Assange on Wednesday told Rep. Dana Rohrabacher that Russia was not behind leaks of emails during last year’s presidential election campaign that damaged Hillary Clinton’s candidacy and exposed the inner workings of the Democratic National Committee.

The California congressman spent some three hours with the Australian-born fugitive, now living under the protection of the Ecuadorian embassy in the British capital.

Assange’s claim contradicts the widely accepted assessment of the U.S. intelligence community that the thousands of leaked emails, which indicated the Democratic National Committee rigged the nomination process against Sen. Bernie Sanders in favor of Clinton, were the result of hacking by the Russian government or persons connected to the Kremlin.

Assange, said Rohrabacher, “emphatically stated that the Russians were not involved in the hacking or disclosure of those emails.” Rohrabacher, who chairs the House Foreign Affairs Subcommittee on Europe, Eurasia, and Emerging Threats, is the only U.S. congressman to have visited the controversial figure.

The conversation ranged over many topics, said Rohrabacher, including the status of Wikileaks, which Assange maintains is vital to keeping Americans informed on matters hidden by their traditional media. The congressman plans to divulge more of what he found directly to President Trump.

I’m utterly fascinated that Assange has taken this step, and by the timing of it.

It comes not long after Rod Wheeler’s lawsuit alleging that Fox News and the White House worked together to invent a story that murdered DNC staffer Seth Rich was in contact with WikiLeaks. Both that story and this one have been promoted aggressively by Sean Hannity.

It comes in the wake of the VIPS letter that — as I’ve begun to show — in no way proves what it claims to prove about the DNC hack.

It comes just after a very long profile by the New Yorker’s Raffi Khatchadourian, who has previously written more sympathetic pieces about Assange. I have a few quibbles with the logic behind a few of the arguments Khatchadourian makes, but he makes a case — doing analysis on what documents got released where that no one else has yet publicly done (and about which numerous people have made erroneous claims in the past) — that Assange’s claims he wasn’t working with Russia no longer hold up.

But his protestations that there were no connections between his publications and Russia were untenable.

[snip]

Whatever one thinks of Assange’s election disclosures, accepting his contention that they shared no ties with the two Russian fronts requires willful blindness. Guccifer 2.0’s handlers predicted the WikiLeaks D.N.C. release. They demonstrated inside knowledge that Assange was struggling to get it out on time. And they proved, incontrovertibly, that they had privileged access to D.N.C. documents that appeared nowhere else publicly, other than in WikiLeaks publications. The twenty thousand or so D.N.C. e-mails that WikiLeaks published were extracted from ten compromised e-mail accounts, and all but one of the people who used those accounts worked in just two departments: finance and strategic communications. (The single exception belonged to a researcher who worked extensively with communications.) All the D.N.C. documents that Guccifer 2.0 released appeared to come from those same two departments.

The Podesta e-mails only make the connections between WikiLeaks and Russia appear stronger. Nearly half of the first forty documents that Guccifer 2.0 published can be found as attachments among the Podesta e-mails that WikiLeaks later published.

The Assange-Rohrabacher meeting also follows a NYT story revealing that the author of a piece of malware named in the IC’s first Joint Analysis Report of the DNC hack, Profexor, has been cooperating with the FBI. The derivative reports on this have overstated the connection Profexor might have to the DNC hack (as opposed to APT 28, presumed to be associated with Russia’s military intelligence GRU).

A member of Ukraine’s Parliament with close ties to the security services, Anton Gerashchenko, said that the interaction was online or by phone and that the Ukrainian programmer had been paid to write customized malware without knowing its purpose, only later learning it was used in Russian hacking.

Mr. Gerashchenko described the author only in broad strokes, to protect his safety, as a young man from a provincial Ukrainian city. He confirmed that the author turned himself in to the police and was cooperating as a witness in the D.N.C. investigation. “He was a freelancer and now he is a valuable witness,” Mr. Gerashchenko said.

It is not clear whether the specific malware the programmer created was used to hack the D.N.C. servers, but it was identified in other Russian hacking efforts in the United States.

But Profexor presumably is describing to the FBI how he came to sell customized access to his tool to hackers working for Russia and who those hackers were.

In other words, this bid by Assange to send information to Trump via someone protected by the Constitution’s Speech and Debate Clause, but who is also suspected — even by his Republican colleagues! — of being on Russia’s payroll, comes at a very interesting time, as outlets present more evidence undermining Assange’s claims to have no tie to Russia.

Coming as it does as other evidence is coming to light, this effort is a bit of a Hail Mary by Assange: as soon as Trump publicizes his claims (which he’ll probably do during tomorrow’s shit-and-tweet) and they get publicly discredited, Assange (and Trump) will have little else to fall back on. They will have exposed their own claims, and provided the material others can use to attack Trump’s attempts to rebut the Russia hack claims. Perhaps Assange’s claims will be hard to rebut; but by making them public, finally, they will be revealed such that they can be rebutted.

I’m just as interested in the reporting on this, though, which was first pushed out through right wing outlets Daily Caller and John Solomon.

The story is presented exclusively in terms of Assange’s role in the DNC hack, which is admittedly the area where Assange’s interests and Trump’s coincide.

Yet not even the neutral LAT’s coverage of the meeting, which even quotes CIA Director and former Wikileaks fan Mike Pompeo,mentions the more immediate reason why Assange might need a deal from the United States. Virtually every week since March, Wikileaks has released a CIA exploit. While some of those exploits were interesting and the individual exploits are surely useful for security firms, at this point the Vault 7 project looks less like transparency and more like an organized effort to burn the CIA. Which makes it utterly remarkable a sitting member of Congress is going to go to the president to lobby him to make a deal with Assange, to say nothing of Assange’s argument that Wikileaks should get a White House press pass as part of the deal.

Dana Rohrabacher is perhaps even as we speak lobbying to help a guy who has published a CIA hack of the week. And that part of the meeting is barely getting notice.

The Proxy Step Ignored in the NGP/VAN Analysis

/27 Comments/in /by

I’m working on a longer post on the two reports that went into this VIPS letter and in turn this even more breathless Nation article.

One of two underlying reports those pieces rely on to raise doubts about the Intelligence Community’s conclusion that Russia hacked the DNC was written by a pseudonymous person under the name The Forensicator. It argues that data “published by a persona named Guccifer 2” on September 13, 2016 was first copied, probably in Linux, locally on July 5, 2016. On September 1, 2016, the data was then transferred on a Windows system. Both those events probably took place in the Eastern Timezone. The derivative reporting on this analysis claims, unjustifiably, that because the first event happened locally and both happened in the Eastern Timezone, they couldn’t have been done by people associated with Russia.

The analysis of the data is worth reviewing, though some people quibble with the analysis that claims the first event had to have happened “locally” (that is, over a LAN or similar direct access rather than over the Internet). Even there, there’s no reason to believe that that event happened involving a DNC (or other Democratic) computer; the files could (and according to the IC’s narrative about the hack, would) have been moved to a second server before July. Nor is there any reason to assume events that took place in the Eastern Timezone could not involve people tied to Russia.

But even with those ready explanations that could align this forensic analysis with the IC’s analysis, there’s a step of the analysis that is entirely missing.

The Forensicator explains that the files were “published by a persona named Guccifer 2” and “disclosed by Guccifer 2.0 on 9/13/2016.” But that’s not true. Instead, the files were posted during a speech given in London by another hacker as a proxy for G2.0 on that day. The Forensicator relies on a copy posted by NatSecGeek. And while on Twitter G2.0 pointed to the speech the day before it was given, he never actually pointed back to the data on his WordPress site.

It’s true that the “speech” that was read for G2.0 relied on and posted a link to these files at the conference.

This scheme shows how NGP VAN is incorporated in the DNC infrastructure. It’s for detailed examination, if you are interested. And here are a couple of NGP VAN’s documents from their network. If you r interested in their internal documents, you can have them via the link on the screen. The password is usual. It’s also on the screen. You may also ask the conference producers for them later.

But at the very least, it seems any analysis of these forensics needs to account for the hand-off and proxy involved.

One person I spoke to about these forensics described that they looked like a skilled Linux user followed by an unskilled Windows user (because the latter copied the files via drag and drop). Perhaps. But given that we know there was a proxy step involved in the release, it seems any analysis of why this several step process took place would have to account for the fact that other people were involved in the release of the files.

Lawfare Disappears Democratic Support for Centrist Failures to Claim a “Sea-Change” because of Russia

/14 Comments/in , , , , /by

In a piece that calls Max Blumenthal — author of three books of original journalism — an “activist,” Lawfare’s Quinta Jurecic attempts to lay out how the left has split on its response to Russia’s interference in last year’s election. She does a fine job avoiding generalizations about the current stance of the various parts of the left she portrays. But she creates a fantasy past, in which even the center-left has been distrustful of the intelligence community, to suggest the center-left’s embrace of the Russia investigation represents a “sea-change” in its comfort with the spooks.

The story of the American left under Trump, as in the larger story, is one of bifurcation and polarization. It’s a story of a profound emerging divide over the role of patriotism and the intelligence community in the left’s political life. To put the matter simply, some on the left are actively revisiting their long-held distrust of the security organs of the American state; and some are rebelling against that rapprochement.

[snip]

But these arguments have taken place against the backdrop of a much greater and more visible embrace of the investigation on the part of the center-left—and a concurrent embrace by many center-left commentators of actively patriotic vocabulary that is traditionally the province of the right, along with a skepticism about Russia that has not been in fashion in Democratic circles since the Scoop Jackson wing of the party bolted. As Trump has attacked and belittled the intelligence community’s assessment of Russian election interference, the center-left has embraced not only the report but also the intelligence community itself.

[snip]

Political leaders of the center-left always had a quiet peace with the national security apparatus. But the peace was a quiet one, generally speaking, one without overly demonstrative displays of affection or support.

[snip]

[B]roadly speaking, the center-left these days sounds a lot like the mainstream right of the last few decades before Trump came along: hawkish towards Russia and enthusiastic about the U.S.  intelligence apparatus as one of the country’s key lines of defense. And the mainstream right sounds a lot like the center-left on the subject—which is to say very quiet.

This new posture for the center-left, to some degree anyway, has politicians speaking the language of the intelligence world: the language of active patriotism.

Perhaps Jurecic has been asleep since 9/11, and has overlooked how aggressively supportive centrist Democrats have been of the National Security establishment? There’s no sea-change on the center left — none. What she actually presents evidence for is a sea-change on the right, with increased skepticism from some of those (like Devin Nunes) who have been the intelligence community’s biggest cheerleaders in the past.

To create this fantasy past, the foreign policy history Jurecic focuses on is that of the Cold War (a history that stops short of NATO expansion), not more recent history in which members of the center-left voted for a disastrous Iraq War (which Russia opposed), misrepresented (to both Russia and the left) the regime change goals of the Libya intervention, and applauded the CIA effort to back (al Qaeda allied) rebels to carry out regime change in Syria. To say nothing of the center-left’s failure to hold banks accountable for crashing the world economy. The only place those policies show up is in Jurecic’s explanation why “younger” people are more isolationist than their elders.

There’s another stream of thought too, from voices who tend to be younger and more focused on left-wing domestic policy, rather than Cold War-inflected foreign policy—people whose formative political experience dates to the Iraq War, rather than anything to do with the Soviet Union. This stream tends toward isolationism.

It’s not just that the Iraq War and the Wall Street crash, not the Cold War, provided the formative moment for these young people (though many of Jurecic’s claims about the young are immediately supported by descriptions of Glenn Greenwald or other old farts). It’s that these were disastrous policies. And through all of them, the center-left that Jurecic portrays as distrusting the IC were instead enabling and often — certainly for the entire Obama Administration — directing them.

Jurecic’s fantasy of past skepticism about the IC relies on the Democrats’ changing views towards Jim Comey, particularly the treatment of him (and to a lesser degree Robert Mueller) as messiahs.

As Americans gathered to watch James Comey testify before the Senate Intelligence Committee, a meme emerged on certain corners of the left-leaning internet: people had a crush on the former FBI director. It was his patriotism, his scrupulousness, his integrity that did it. “Get you a man who loves you like [C]omey loves the FBI,” wrote one commenter. “Is COMEY … attractive?” asked another. Declared one: “Comey should be the next Bachelor.”

The trend may have started with Comey, but it hasn’t ended with him. Earlier this month, Vogue reported that special counsel Robert Mueller, too, has been transformed into an unlikely object of adoration.

The point of these outbursts of affection—whatever level of queasiness or amusement they might inspire—is not actually that anyone finds the former FBI director or the special counsel attractive. In the odd parlance of the internet, this kind of language is a way to express intense emotional involvement with an issue. Half-jokingly and with some degree of self-awareness, the many people who profess their admiration are projecting their swirling anxiety and anticipation over the Russia investigation and the fate of the Trump presidency onto Mueller and Comey.

Not only does Jurecic ignore the wild swing Democrats exhibited about Comey, whom many blamed for Hillary’s loss (something both I and, later, Lawfare predicted). But she makes no mention of what happened in 2013 with Jim Comey’s confirmation process, in which a man who signed off on torture and legitimized an illegal dragnet by strong-arming the FISA Court was pushed through by Democrats with one after another fawning statement of admiration, where the only procedural or voting opposition came from Republicans.

You don’t approve Comey with no probing questions about his hawkish past if you’re at all embarrassed about your support for the IC. Yet that’s what the allegedly skeptical Democratic party did.

There’s a reason all this matters, especially given the way Jurecic wields the concept of patriotism in her invention of a sea-change in center-left support for spooks.

I’m on the more progressive (“hard”) left that Jurecic generally portrays as opposing the Russia investigation. Yet I may have written more, myself, than all of Lawfare about it. I think it is real and important. I support the investigations into Russian interference and Trump’s tolerance for it.

But I also think that as part of that review, the center-left — and institutions of centrist policy, starting with Brookings — need to reflect on how their own epic policy failures have discredited centrist ideology and created an opportunity that both Donald Trump and Vladimir Putin found all too easy to exploit.

Trump succeeded, in part, because he deceitfully promised to reinvest in the crumbling US interior, rather than overseas. Putin has attracted support in a Europe still paying for the German banks’ follies, a Europe struggling to accommodate refugees escaping a destabilized Middle East. That doesn’t make either of them positive forces. Rather, it makes them opportunists capitalizing on the failures of centrist hegemony. But until the center is either replaced or offers policies that haven’t already failed, Trump and Putin will continue to exploit those failures.

I consider myself a patriot. But true patriotism — as opposed to the messianism she celebrates as patriotism on the center-left — requires honest criticism of America’s disastrous economic and foreign policy failures. Messianism, by contrast, is a position of impotence, where necessary work is supplanted by hope that a strong man will rescue us all.

Ben Wittes and Lawfare generally are right that caricatures of them as handmaidens of the Deep State are too simple. But Jurecic’s analysis is associated with a think tank paid for by funders that include entities that have backed disastrous destabilizing policies in the Middle East — like Qatar, UAE, Haim Saban — as well as those who profit from them — like Northrop Grumman  It was paid for by the banks that centrists didn’t hold accountable for the crash, including JP Morgan and Citi. It was paid for by big oil, including Exxon. It was even paid for by Dianne Feinstein, the Democrat who presided over the solicitous Comey confirmation process Jurecic completely disappeared from her narrative of Democrats embracing Comey.

That a Brookings-affiliated analyst has just invented a fantasy past skepticism for spooks on the center-left — the center-left that has championed failed policies — even as she deems the tribalism she portrays as “patriotism” is itself part of the problem. It dodges the work of true patriotism: ensuring America is strong enough to offer the rest of the world something positive to support, rather than something that demagogues like Trump and Putin can effectively consolidate power over.

Report from North Carolina Makes Reality Winner Leak Far More Important

/43 Comments/in , , /by

According to NPR, the poll books in six precincts in Durham County, NC, went haywire on election day, which led the entire county to shift to paper poll books.

When people showed up in several North Carolina precincts to vote last November, weird things started to happen with the electronic systems used to check them in.

“Voters were going in and being told that they had already voted — and they hadn’t,” recalls Allison Riggs, an attorney with the Southern Coalition for Social Justice.

The electronic systems — known as pollbooks — also indicated that some voters had to show identification, even though they did not.

[snip]

At first, the county decided to switch to paper pollbooks in just those precincts to be safe. But Bowens says the State Board of Elections & Ethics Enforcement got involved “and determined that it would be better to have uniformity across all of our 57 precincts and we went paper pollbooks across the county.”

That move caused a whole new set of problems: Voting was delayed — up to an hour and a half — in a number of precincts as pollworkers waited for new supplies. With paper pollbooks, they had to cut voters’ names out and attach them to a form before people could get their ballots.

The company that provided the software for the poll books is VR Systems — the company that the document Reality Winner leaked showed had been probed by Russian hackers.

But Susan Greenhalgh, who’s part of an election security group called Verified Voting, worried that authorities underreacted. She was monitoring developments in Durham County when she saw a news report that the problem pollbooks were supplied by a Florida company named VR Systems.

“My stomach just dropped,” says Greenhalgh.

She knew that in September, the FBI had warned Florida election officials that Russians had tried to hack one of their vendor’s computers. VR Systems was rumored to be that company.

Because of the publicity surrounding the VR targeting — thanks to the document leaked by Winner — NC has now launched an investigation.

Lawson says the state first learned of the hack attempt when The Intercept, an online news site, published its story detailing Russian attempts to hack VR Systems. The leaked report said hackers then sent emails to local election offices that appeared to come from VR — but which actually contained malicious software.

[snip]

So now, months after the election, the state has launched an investigation into what happened in Durham County. It has secured the pollbooks that displayed the inaccurate information so forensic teams can examine them.

So this may be the first concrete proof that Russian hackers affected the election. But we’ll only find out of that’s true thanks to Winner’s leak.

Except she can’t raise that at trial.

Last week, Magistrate Judge Brian Epps imposed a protection order in her case that prohibits her or her team from raising any information from a document the government deems to be classified, even if that document has been in the public record. That includes the document she leaked.

The protective order is typical for leak cases. Except in this case, it covers information akin to information that appeared in other outlets without eliciting a criminal prosecution. And more importantly, Winner could now point to an important benefit of her leak, if only she could point to the tie between her leak and this investigation in North Carolina.

With the protection order, she can’t.

Note one more implication of this story.

In addition to the Presidential election last year, North Carolina had a surprisingly close Senate election, in which Senate Intelligence Committee Chair Richard Burr beat Deborah Ross by 6%. Admittedly, the margin was large — over 200,000 votes. But Durham County is the most Democratic county in the state.

Burr, of course, is presiding over one of the four investigations into the Russian hacks. And while I don’t think this story, yet, says that Burr won because of the hack, if the investigations shows VR was hacked in the state and it affected throughput in the most Democratic county, then it means Burr benefitted as clearly from the Russian hacks as Trump did.

The SSCI investigation has been going better than I had imagined. But this seems like a conflict of interest.

Update: I originally said the entire state switched to paper pollbooks. That’s incorrect: just Durham County did, which makes the issue even more important.

[Photo: National Security Agency, Ft. Meade, MD via Wikimedia]

Rick Ledgett’s Straw Malware

/5 Comments/in , , /by

For some reason, over a month after NotPetya and almost two months after WannaCry, former Deputy DIRNSA Rick Ledgett has decided now’s the time to respond to them by inventing a straw man argument denying the need for vulnerabilities disclosure. In the same (opening) paragraph where he claims the malware attacks have revived calls for the government to release all vulnerabilities, he accuses his opponents of oversimplification.

The WannaCry and Petya malware, both of which are partially based on hacking tools allegedly developed by the National Security Agency, have revived calls for the U.S. government to release all vulnerabilities that it holds.  Proponents argue this will allow for the development of patches, which will in turn ensure networks are secure.  On the face of it, this argument might seem to make sense, but it is actually a gross oversimplification of the problem, would not have the desired effect, and would in fact be dangerous.

Yet it’s Ledgett who is oversimplifying. What most people engaging in the VEP debate — even before two worms based, in part, on tools stolen from NSA — have asked for is for some kind of sense and transparency on the process by which NSA reviews vulnerabilities for disclosure. Ledgett instead poses his opponents as absolutists, asking for everything to be disclosed.

Ledgett then spends part of his column claiming that WannaCry targeted XP.

Users agree to buy the software “as is” and most software companies will attempt to patch vulnerabilities as they are discovered, unless the software has been made obsolete by the company, as was the case with Windows XP that WannaCry exploited.

[snip]

Customers who buy software should expect to have to patch it and update it to new versions periodically.

Except multiple reports said that XP wasn’t the problem, Windows 7 was. Ledgett’s mistake is all the more curious given reports that EternalBlue was blue screening at NSA when — while he was still at the agency — it was primarily focused on XP. That is, Ledgett is one of the people who might have expected WannaCry to crash XP; that he doesn’t even when I do doesn’t say a lot for NSA’s oversight of its exploits.

Ledgett then goes on to claim that WannaCry was a failed ransomware attack, even though that’s not entirely clear.

At least he understands NotPetya better, noting that the NSA component of that worm was largely a shiny object.

In fact, the primary damage caused by Petya resulted from credential theft, not an exploit.

The most disturbing part of Ledgett’s column, however, is that it takes him a good eight (of nine total) paragraphs to get around to addressing what really has been the specific response to WannaCry and NotPetya, a response shared by people on both sides of the VEP debate: NSA needs to secure its shit.

Some have made the analogy that the alleged U.S. government loss of control of their software tools is tantamount to losing control of Tomahawk missile systems, with the systems in the hands of criminal groups threatening to use them.  While the analogy is vivid, it incorrectly places all the fault on the government.  A more accurate rendering would be a missile in which the software industry built the warhead (vulnerabilities in their products), their customers built the rocket motor (failing to upgrade and patch), and the ransomware is the guidance system.

We are almost a full year past the day ShadowBrokers first came on the scene, threatening to leak NSA’s tools. A recent CyberScoop article suggests that, while government investigators now have a profile they believe ShadowBrokers matches, they’re not even entirely sure whether they’re looking for a disgruntled former IC insider, a current employee, or a contractor.

The U.S. government’s counterintelligence investigation into the so-called Shadow Brokers group is currently focused on identifying a disgruntled, former U.S. intelligence community insider, multiple people familiar with the matter told CyberScoop.

[snip]

While investigators believe that a former insider is involved, the expansive probe also spans other possibilities, including the threat of a current intelligence community employee being connected to the mysterious group.

[snip]

It’s not clear if the former insider was once a contractor or in-house employee of the secretive agency. Two people familiar with the matter said the investigation “goes beyond” Harold Martin, the former Booz Allen Hamilton contractor who is currently facing charges for taking troves of classified material outside a secure environment.

At least some of Shadow Brokers’ tools were stolen after Edward Snowden walked out of NSA Hawaii with the crown jewels, at a time when Rick Ledgett, personally, was leading a leak investigation into NSA’s vulnerabilities. And yet, over three years after Snowden stole his documents, the Rick Ledgett-led NSA still had servers sitting unlocked in their racks, still hadn’t addressed its privileged user issues.

Rick Ledgett, the guy inventing straw man arguments about absolutist VEP demands is a guy who’d do the country far more good if he talked about what NSA can do to lock down its shit — and explained why that shit didn’t get locked down when Ledgett was working on those issues specifically.

But he barely mentions that part of the response to WannaCry and NotPetya.

Robert Mueller’s Grand Jury and the Significance of Felix Sater

/25 Comments/in , , , /by

In response to Monday’s server hiccups and in anticipation that Mueller is nowhere near done, we expanded our server capacity overnight. If you think you’ll rely on emptywheel reporting on the Mueller probe, please consider a donation to support the site

The world is abuzz with the news that Robert Mueller has impaneled a DC-based grand jury that he used to subpoena information on the June 9, 2016 meeting between Don Jr., Paul Manafort, Jared Kushner, and some Russians promising dirt on Hillary Clinton. In reality, the Special Counsel had already been using a grand jury to get information on Mike Flynn and Paul Manafort and we should always have expected a dedicated grand jury.

Nevertheless, the move has convinced the chattering classes that this investigation is for real.

This comes as a surprise to people, apparently, after reports of Mueller’s 16th hire, illegal foreign bribery expert Greg Andres. It’s almost as if people haven’t been making sense of where Mueller is going from the scope of his hires, which include:

  1. Mob specialists: Andrew Weissman and Lisa Page are mob prosecutors.
  2. Fraud specialists: Weissman and Rush Atkinson are also fraud prosecutors.
  3. Corporate crime specialists: Weissman also led the Enron Task force. One of Dreeben’s key SCOTUS wins pertained to corporate crime. Jeannie Rhee has also worked on white collar defense.
  4. Public corruption specialists: Mueller hired someone with Watergate experience, James Quarles. And Andrew Goldstein got good press in SDNY for prosecuting corrupt politicians (even if Sheldon Silver’s prosecution has since been overturned).
  5. International experts: Zainab Ahmad, who worked terrorism cases in EDNY, which has some of the most expansive precedents for charging foreigners flown into JFK (including Russia’s darling Viktor Bout), knows how to bring foreigners to the US and successfully prosecute them in this country. Aaron Zelinsky has also worked in international law. Elizabeth Prelogar did a Fulbright in Russia and reportedly speaks it fluently. And, as noted, Andres has worked on foreign bribery.
  6. Cyber and spying lawyers: Brandon Van Grack is the guy who had been leading the investigation into Mike Flynn; he’s got a range of National Security experience. Aaron Zebley, Mueller’s former chief of staff at FBI, also has that kind of NSD experience.
  7. Appellate specialists: With Michael Dreeben, Mueller already has someone on the team who can win any appellate challenges; Adam Jed and Elizabeth Prelogar are also appellate specialists. Mueller’s hires also include former clerks for a number of SCOTUS justices, which always helps out if things get that far.

I lay this out there to suggest that in addition to hiring a bunch of super stars, Mueller also appears to have picked people for their expertise. Those picks reflect an already well-developed theory of the case, one formed long before he impaneled his own grand jury. And many of them boast expertise fairly distant from the question of foreign adversary’s hacking a political party’s server.

And I’d suggest there’s good reason for that.

Some of Mueller’s theory of the case undoubtedly comes from whatever evidence Jim Comey’s FBI and Van Grack’s grand jury had already collected, which at least publicly pertains to Mike Flynn’s disclosure problems, his comments to the Russians, and Paul Manafort’s money laundering. Some of it comes from stuff that was being investigated in NY.

But remember: Trump’s sordid ties to Russian mobsters (see categories 1, 2, 3, and 5) go back a long way. One of the best ways to understand what and how close some of those ties are is to look at the case of Felix Sater. Josh Marshall’s description here gets at a lot of the important bits.

Sater is a Russian emigrant who was jailed for assault in the mid-90s and then pulled together a major securities fraud scheme in which investors lost some $40 million. He clearly did something for the US government which the feds found highly valuable. It seems likely, though not certain, that it involved working with the CIA on something tied to the post-Soviet criminal underworld. Now Bayrock and Trump come into the mix.

According to Sater’s Linkedin profile, Sater joined up with Bayrock in 1999 – in other words, shortly after he became involved with the FBI and CIA. (The Times article says he started up with Bayrock in 2003.) In a deposition, Trump said he first came into contact with Sater and Bayrock in the early 2000s. The Trump SoHo project was announced in 2006 and broke ground in November of that year. In other words, Sater’s involvement with Bayrock started soon after he started working with the FBI and (allegedly) the CIA. Almost the entire period of his work with Trump took place during this period when he was working for the federal government as at least an informant and had his eventual sentencing hanging over his head.

What about Salvatore Lauria, Sater’s accomplice in the securities swindle?

He went to work with Bayrock too and was also closely involved with managing and securing financing for the Trump SoHo project. The Timesarticle I mentioned in my earlier post on Trump SoHo contains this …

Mr. Lauria brokered a $50 million investment in Trump SoHo and three other Bayrock projects by an Icelandic firm preferred by wealthy Russians “in favor with” President Vladimir V. Putin, according to a lawsuit against Bayrock by one of its former executives. The Icelandic company, FL Group, was identified in a Bayrock investor presentation as a “strategic partner,” along with Alexander Mashkevich, a billionaire once charged in a corruption case involving fees paid by a Belgian company seeking business in Kazakhstan; that case was settled with no admission of guilt.

All sounds totally legit, doesn’t it?

But there’s more!, as they say.

Sater’s stint as a “Senior Advisor” to Donald Trump at the Trump Organization began in January of January 2010 and lasted roughly a year. What significance that has in all of this I’m not sure. But here’s the final morsel of information that’s worth knowing for this installment of the story.

How exactly did all of Sater’s secret work and the federal government’s efforts to keep his crimes secret come to light?

During the time Sater was working for Bayrock and Trump he organized what was supposed to be Trump Tower Ft Lauderdale. The project was announced in 2004. People paid in lots of money but the whole thing went bust and Trump finally pulled out of the deal in 2009. Lots of people who’d bought units in the building lost everything. And they sued.

In other words, an FBI (and, possibly, CIA) informant had links with two of Trump’s business with ties to the Russian mob for — effectively — the entire extended Mueller tenure at FBI.

This is a point one of the few other people with reservations about Mueller as Special Counsel made to me not long ago. The FBI — Mueller’s FBI — has known about the ties between Trump’s businesses and the Russian mob for well over a decade. The FBI — Mueller’s FBI — never referred those ties, that money laundering, for prosecution in that entire time, perhaps because of the difficulties of going after foreign corruption interlaced with US businesses.

Now, in a remarkably short timeframe, former mob prosecutor Robert Mueller has put together a dream team of prosecutors who have precisely the kind of expertise you might use to go after such ties.

Because now it matters. It matters that the President has all these obligations to the Russian mob going back over a decade, because he can’t seem to separate his own entanglements from the good of the country.

Yes, Robert Mueller convened a grand jury and he has used it to go after the records of a meeting set up by one of Trump’s key Russian allies, Aras Agalarov, and his campaign, the guy who, at the very end of Mueller’s tenure at FBI, helped Trump stage the Miss Universe pageant in Russia, an event that may have marked significant new levels of Trump exposure to Russian compromise. But Mueller was on the trail of Trump and his Russian crime ties long before that. (The person with Mueller reservations actually wondered whether Trump himself wasn’t cooperating with the FBI in this period.)

Folks have made much of this exchange in the NYT’s long interview with Trump.

SCHMIDT: Last thing, if Mueller was looking at your finances and your family finances, unrelated to Russia — is that a red line?

HABERMAN: Would that be a breach of what his actual charge is?

TRUMP: I would say yeah. I would say yes. By the way, I would say, I don’t — I don’t — I mean, it’s possible there’s a condo or something, so, you know, I sell a lot of condo units, and somebody from Russia buys a condo, who knows? I don’t make money from Russia. In fact, I put out a letter saying that I don’t make — from one of the most highly respected law firms, accounting firms. I don’t have buildings in Russia. They said I own buildings in Russia. I don’t. They said I made money from Russia. I don’t. It’s not my thing. I don’t, I don’t do that. Over the years, I’ve looked at maybe doing a deal in Russia, but I never did one. Other than I held the Miss Universe pageant there eight, nine years [crosstalk].

SCHMIDT: But if he was outside that lane, would that mean he’d have to go?

[crosstalk]

HABERMAN: Would you consider——

TRUMP: No, I think that’s a violation. Look, this is about Russia. So I think if he wants to go, my finances are extremely good, my company is an unbelievably successful company. And actually, when I do my filings, peoples say, “Man.” People have no idea how successful this is. It’s a great company. But I don’t even think about the company anymore. I think about this. ’Cause one thing, when you do this, companies seem very trivial. O.K.? I really mean that. They seem very trivial. But I have no income from Russia. I don’t do business with Russia. The gentleman that you mentioned, with his son, two nice people. But basically, they brought the Miss Universe pageant to Russia to open up, you know, one of their jobs. Perhaps the convention center where it was held. It was a nice evening, and I left. I left, you know, I left Moscow. It wasn’t Moscow, it was outside of Moscow.

Technically, Trump was only asked about whether he’d consider Mueller’s review of finances unrelated to Russia to be outside his lane. But Trump largely answered it about Russia, about business deals — the condos, the pageant — with Russia going back to the time Mueller’s FBI would have been working with Felix Sater to learn about the Russian mob.

Yeah. It’s no surprise Mueller has impaneled a grand jury.

Incendiary Lawsuit Alleging More Trump Obstruction Shows Benghazi Booster Admitting He Has No Credibility

/33 Comments/in , , /by

The African American former cop that Fox blamed for its retracted Seth Rich story, Rod Wheeler, has sued the network and a Fox associate and GOP rat-fucker, Ed Butowsky, for defamation and discrimination.

The suit is designed to be very inflammatory, using the claims Butowsky made about President Trump’s personal involvement pushing the story to attract attention (and increase the pain for Fox).

If this effort to shift blame for the DNC hack hadn’t already attracted Robert Mueller’s attention, I suspect it will now (and I suspect Wheeler will be very happy to testify).

In fact, though, Wheeler well documented his claim that Butowsky and Fox’ journalist, Malia Zimmerman, fabricated two quotes from him and then refused to retract attribution to him. So the lawsuit may well have legs.

But I’m amused by two other details Wheeler includes in the suit. First, he shows Butowsky, a Dallas-based financial advisor, claiming to have revealed most of what we know about Benghazi.

So the douchebag behind the Seth Rich – Wikileaks conspiracy is also the douchebag behind Benghazi.

Which is nifty, because Wheeler also includes quotes of Butowsky admitting he has no credibility.

Wheeler then goes on to allege that Butowsky threatened to extort Sy Hersh.

Butowsky deleted his Twitter account this morning (though not yet his Tumblr account), so perhaps he recognizes that he’s at some financial exposure.

But I’m grateful that, in the process, he has admitted that he — and his Benghazi pseudo-scandal — have no credibility.

 

 

 

The Leakers Get Craftier

/25 Comments/in , , /by

Hey, are you all still here?

Thanks to everyone — especially Rayne — for watching after the likker cabinet while I was in Oz. It appears the Donald Administration has only gotten crazier since I was gone.

Last night, the WaPo published yet another big scoop show more lies about Russia. It reveals that President Trump personally dictated the response to the news that Don Jr, Paul Manafort, and Jared Kushner met with Natalia Veselnitskaya.

Flying home from Germany on July 8 aboard Air Force One, Trump personally dictated a statement in which Trump Jr. said that he and the Russian lawyer had “primarily discussed a program about the adoption of Russian children” when they met in June 2016, according to multiple people with knowledge of the deliberations. The statement, issued to the New York Times as it prepared an article, emphasized that the subject of the meeting was “not a campaign issue at the time.”

Two important details about this scoop: first, as Laura Rozen noted, Trump’s focus on adoption came after he chatted up Vladimir Putin at the spouse’s dinner for up to an hour at the G20 (remember how Trump gesticulated wildly to get Putin’s attention). Given that Trump claims they spoke about adoptions, it makes it more likely (as batshit as this is to contemplate!) Trump looped Putin in on how to respond.

Remember, too, that Rob Goldstone specifically envisioned involving Trump in this matter.

What do you think is the best way to handle this information and would you be able to speak to Emin about it directly?

I can also send this info to your father via Rhona, but it is ultra sensitive so wanted to send to you first.

At this point it’s probably safest to assume all the other claims about this — such as that there was no follow-up — will prove to be lies, too.

I wanted to point one more thing out, though.

The WaPo story is notable for two reasons. First, it features an almost entirely new set of journalists from the three mainstays who’ve published the other big Russian scoops. Just as interesting — in the wake of the unceremonious firing of Reince Priebus and others — the story almost entirely hides the sources for the story. While the story quotes an anonymous Trump advisor and airs the complaint of Jared Kushner’s legal team, the story says nothing about who actually revealed this story. And the story is specifically framed in a way that tees it up for Robert Mueller to ask questions about Trump’s obstruction, personally.

Trump has serially fired his staffers because no one can get a handle on this Russian scandal. But with each firing, Trump also makes it likely new leaks with badly exacerbate the scandal.