Posts

The Evidence to Prove the Russian Hack

/39 Comments/in , , /by

In this post, I’m going to lay out the evidence needed to fully explain the Russian hack. I think it will help to explain some of the timing around the story that the CIA believes Russia hacked the DNC to help win Trump win the election, as well as what is new in Friday’s story. I will do rolling updates on this and eventually turn it into a set of pages on Russia’s hacking.

As I see it, intelligence on all the following are necessary to substantiate some of the claims about Russia tampering in this year’s election.

  1. FSB-related hackers hacked the DNC
  2. GRU-related hackers hacked the DNC
  3. Russian state actors hacked John Podesta’s emails
  4. Russian state actors hacked related targets, including Colin Powell and some Republican sites
  5. Russian state actors hacked the RNC
  6. Russian state actors released information from DNC and DCCC via Guccifer 2
  7. Russian state actors released information via DC Leaks
  8. Russian state actors or someone acting on its behest passed information to Wikileaks
  9. The motive explaining why Wikileaks released the DNC and Podesta emails
  10. Russian state actors probed voter registration databases
  11. Russian state actors used bots and fake stories to make information more damaging and magnify its effects
  12. The level at which all Russian state actors’ actions were directed and approved
  13. The motive behind the actions of Russian state actors
  14. The degree to which Russia’s efforts were successful and/or primary in leading to Hillary’s defeat

I explain all of these in more detail below. For what it’s worth, I think there was strong publicly available information to prove 3, 4, 7, 11. I think there is weaker though still substantial information to support 2. It has always been the case that the evidence is weakest at point 6 and 8.

At a minimum, to blame Russia for tampering with the election, you need high degree of confidence that GRU hacked the DNC (item 2), and shared those documents via some means with Wikileaks (item 8). What is new about Friday’s story is that, after months of not knowing how the hacked documents got from Russian hackers to Wikileaks, CIA now appears to know that people close to the Russian government transferred the documents (item 8). In addition, CIA now appears confident that all this happened to help Trump win the presidency (item 13).

1) FSB-related hackers hacked the DNC

The original report from Crowdstrike on the DNC hack actually said two separate Russian-linked entities hacked the DNC: one tied to the FSB, which it calls “Cozy Bear” or APT 29, and one tied to GRU, which it calls “Fancy Bear” or APT 28. Crowdstrike says Cozy Bear was also responsible for hacks of unclassified networks at the White House, State Department, and US Joint Chiefs of Staff.

I’m not going to assess the strength of the FSB evidence here. As I’ll lay out, the necessary hack to attribute to the Russians is the GRU one, because that’s the one believed to be the source of the DNC and Podesta emails. The FSB one is important to keep in mind, as it suggests part of the Russian government may have been hacking US sites solely for intelligence collection, something our own intelligence agencies believe is firmly within acceptable norms of spying. In the months leading up to the 2012 election, for example, CIA and NSA hacked the messaging accounts of a bunch of Enrique Peña Nieto associates, pretty nearly the equivalent of the Podesta hack, though we don’t know what they did with that intelligence. The other reason to keep the FSB hack in mind is because, to the extent FSB hacked other sites, they also may be deemed part of normal spying.

2) GRU-related hackers hacked the DNC

As noted, Crowdstrike reported that GRU also hacked the DNC. As it explains, GRU does this by sending someone something that looks like an email password update, but which instead is a fake site designed to get someone to hand over their password. The reason this claim is strong is because people at the DNC say this happened to them.

Note that there are people who raise questions of whether this method is legitimately tied to GRU and/or that the method couldn’t be stolen and replicated. I will deal with those questions at length elsewhere. But for the purposes of this post, I will accept that this method is a clear sign of GRU involvement. There are also reports that deal with GRU hacking that note high confidence GRU hacked other entities, but less direct evidence they hacked the DNC.

Finally, there is the real possibility that other people hacked the DNC, in addition to FSB and GRU. That possibility is heightened because a DNC staffer was hacked via what may have been another method, and because DNC emails show a lot of password changes off services for which DNC staffers had had their accounts exposed in other hacks.

All of which is a way of saying, there is some confidence that DNC got hacked at least twice, with those two revealed efforts being done by hackers with ties to the Russian state.

3) Russian state actors (GRU) hacked John Podesta’s emails

Again, assuming that the fake Gmail phish is GRU’s handiwork, there is probably the best evidence that GRU hacked John Podesta and therefore that Russia, via some means, supplied Wikileaks, because we have a copy of the actual email used to hack him. The Smoking Gun has an accessible story describing how all this works. So in the case of Podesta, we know he got a malicious phish email, we know that someone clicked the link in the email, and we know that emails from precisely that time period were among the documents shared with Wikileaks. We just have no idea how they got there.

4) Russian state actors hacked related targets, including some other Democratic staffers, Colin Powell and some Republican sites

That same Gmail phish was used with victims — including at a minimum William Rinehart and Colin Powell — that got exposed in a site called DC Leaks. We can have the same high degree of confidence that GRU conducted this hack as we do with Podesta. As I note below, that’s more interesting for what it tells us about motive than anything else.

5) Russian state actors hacked the RNC

The allegation that Russia also hacked the RNC, but didn’t leak those documents — which the CIA seems to rely on in part to argue that Russia must have wanted to elect Trump — has been floating around for some time. I’ll return to what we know of this. RNC spox Sean Spicer is denying it, though so did Hillary’s people at one point deny that they had been hacked.

There are several points about this. First, hackers presumed to be GRU did hack and release emails from Colin Powell and an Republican-related server. The Powell emails (including some that weren’t picked up in the press), in particular, were detrimental to both candidates. The Republican ones were, like a great deal of the Democratic ones, utterly meaningless from a news standpoint.

So I don’t find this argument persuasive in its current form. But the details on it are still sketchy precisely because we don’t know about that hack.

6) Russian state actors released information from DNC and DCCC via Guccifer 2

Some entity going by the name Guccifer 2 started a website in the wake of the announcement that the DNC got hacked. The site is a crucial part of this assessment, both because it released DNC and DCCC documents directly (though sometimes misattributing what it was releasing) and because Guccifer 2 stated clearly that he had shared the DNC documents with Wikileaks. The claim has always been that Guccifer 2 was just a front for Russia — a way for them to adopt plausible deniability about the DNC hack.

That may be the case (and obvious falsehoods in Guccifer’s statements make it clear deception was part of the point), but there was always less conclusive (and sometimes downright contradictory) evidence to support this argument (this post summarizes what it claims are good arguments that Guccifer 2 was a front for Russia; on the most part I disagree and hope to return to it in the future). Moreover, this step has been one that past reporting said the FBI couldn’t confirm. Then there are other oddities about Guccifer’s behavior, such as his “appearance” at a security conference in London, or the way his own production seemed to fizzle as Wikileaks started releasing the Podesta emails. Those details of Guccifer’s behavior are, in my opinion, worth probing for a sense of how all this was orchestrated.

Yesterday’s story seems to suggest that the spooks have finally figured out this step, though we don’t have any idea what it entails.

7) Russian state actors released information via DC Leaks

Well before many people realized that DC Leaks existed, I suspected that it was a Russian operation. That’s because two of its main targets — SACEUR Philip Breedlove and George Soros — are targets Russia would obviously hit to retaliate for what it treats as a US-backed coup in Ukraine.

DC Leaks is also where the publicly released (and boring) GOP emails got released.

Perhaps most importantly, that’s where the Colin Powell emails got released (this post covers some of those stories). That’s significant because Powell’s emails were derogatory towards both candidates (though he ultimately endorsed Hillary).

It’s interesting for its haphazard targeting (if someone wants to pay me $$ I would do an assessment of all that’s there, because some just don’t make any clear sense from a Russian perspective, and some of the people most actively discussing the Russian hacks have clearly not even read all of it), but also because a number of the victims have been affirmatively tied to the GRU phishing methods.

So DC Leaks is where you get obvious Russian targets and Russian methods all packaged together. But of the documents it released, the Powell emails were the most interesting for electoral purposes, and they didn’t target Hillary as asymmetrically as the Wikileaks released documents did.

8) Russian state actors or someone acting on its behest passed information to Wikileaks

The basis for arguing that all these hacks were meant to affect the election is that they were released via Wikileaks. That is what was supposed to be new, beyond just spying (though we have almost certainly hacked documents and leaked them, most probably in the Syria Leaks case, but I suspect also in some others).

And as noted, how Wikileaks got two separate sets of emails has always been the big question. With the DNC emails, Guccifer 2 clearly said he had given them to WL, but the Guccifer 2 ties to Russia was relatively weak. And with the Podesta emails, I’m not aware of any known interim step between the GRU hack and Wikileaks.

A late July report said the FBI was still trying to determine how Russia got the emails to Wikileaks or even if they were the same emails.

The FBI is still investigating the DNC hack. The bureau is trying to determine whether the emails obtained by the Russians are the same ones that appeared on the website of the anti-secrecy group WikiLeaks on Friday, setting off a firestorm that roiled the party in the lead-up to the convention.

The FBI is also examining whether APT 28 or an affiliated group passed those emails to WikiLeaks, law enforcement sources said.

An even earlier report suggested that the IC wasn’t certain the files had been passed electronically.

And the joint DHS/ODNI statement largely attributed its confidence that Russia was involved in the the leaking (lumping Guccifer 2, DC Leaks, and Wikileaks all together) not because it had high confidence in that per se (a term of art saying, effectively, “we have seen the evidence”), but instead because leaking such files is consistent with what Russia has done elsewhere.

The recent disclosures of alleged hacked e-mails on sites like DCLeaks.com and WikiLeaks and by the Guccifer 2.0 online persona are consistent with the methods and motivations of Russian-directed efforts.

Importantly, that statement came out on October 7, so well after the September briefing at which CIA claimed to have further proof of all this.

Now, Julian Assange has repeatedly denied that Russia was his source. Craig Murray asserted, after having meeting with Assange, that the source is not the Russian state or a proxy. Wikileaks’ tweet in the wake of yesterday’s announcement — concluding that an inquiry directed at Russia in this election cycle is targeted at Wikileaks — suggests some doubt. Also, immediately after the election, Sergei Markov, in a statement deemed to be consistent with Putin’s views, suggested that “maybe we helped a bit with WikiLeaks,” even while denying Russia carried out the hacks.

That’s what’s new in yesterday’s story. It stated that “individuals with connections to the Russian government” handed the documents to Wikileaks.

Intelligence agencies have identified individuals with connections to the Russian government who provided WikiLeaks with thousands of hacked emails from the Democratic National Committee and others, including Hillary Clinton’s campaign chairman, according to U.S. officials. Those officials described the individuals as actors known to the intelligence community and part of a wider Russian operation to boost Trump and hurt Clinton’s chances.

[snip]

[I]ntelligence agencies do not have specific intelligence showing officials in the Kremlin “directing” the identified individuals to pass the Democratic emails to WikiLeaks, a second senior U.S. official said. Those actors, according to the official, were “one step” removed from the Russian government, rather than government employees. Moscow has in the past used middlemen to participate in sensitive intelligence operations so it has plausible deniability.

I suspect we’ll hear more leaked about these individuals in the coming days; obviously, the IC says it doesn’t have evidence of the Russian government ordering these people to share the documents with Wikileaks.

Nevertheless, the IC now has what it didn’t have in July: a clear idea of who gave Wikileaks the emails.

9) The motive explaining why Wikileaks released the DNC and Podesta emails

There has been a lot of focus on why Wikileaks did what it did, which notably includes timing the DNC documents to hit for maximum impact before the Democratic Convention and timing the Podesta emails to be a steady release leading up to the election.

I don’t rule out Russian involvement with all of that, but it is entirely unnecessary in this case. Wikileaks has long proven an ability to hype its releases as much as possible. More importantly, Assange has reason to have a personal gripe against Hillary, going back to State’s response to the cable release in 2010 and the subsequent prosecution of Chelsea Manning.

In other words, absent really good evidence to the contrary, I assume that Russia’s interests and Wikileaks’ coincided perfectly for this operation.

10) Russian state actors probed voter registration databases

Back in October, a slew of stories reported that “Russians” had breached voter related databases in a number of states. The evidence actually showed that hackers using a IP tied to Russia had done these hacks. Even if the hackers were Russian (about which there was no evidence in the first reports), there was also no evidence the hackers were tied to the Russian state. Furthermore, as I understand it, these hacks used a variety of methods, some or all of which aren’t known to be GRU related. A September DHS bulletin suggested these hacks were committed by cybercriminals (in the past, identity thieves have gone after voter registration lists). And the October 7 DHS/ODNI statement affirmatively said the government was not attributing the probes to the Russians.

Some states have also recently seen scanning and probing of their election-related systems, which in most cases originated from servers operated by a Russian company. However, we are not now in a position to attribute this activity to the Russian Government.

In late November, an anonymous White House statement said there was no increased malicious hacking aimed at the electoral process, though remains agnostic about whether Russia ever planned on such a thing.

The Federal government did not observe any increased level of malicious cyber activity aimed at disrupting our electoral process on election day. As we have noted before, we remained confident in the overall integrity of electoral infrastructure, a confidence that was borne out on election day. As a result, we believe our elections were free and fair from a cybersecurity perspective.

That said, since we do not know if the Russians had planned any malicious cyber activity for election day, we don’t know if they were deterred from further activity by the various warnings the U.S. government conveyed.

Absent further evidence, this suggests that reports about Russian trying to tamper with the actual election infrastructure were at most suspicions and possibly just a result of shoddy reporting conflating Russian IP with Russian people with Russian state.

11) Russian state actors used bots and fake stories to make information more damaging and magnify its effects

Russia has used bots and fake stories in the past to distort or magnify compromising information. There is definitely evidence some pro-Trump bots were based out of Russia. RT and Sputnik ran with inflammatory stories. Samantha Bee famously did an interview with some Russians who were spreading fake news. But there were also people spreading fake news from elsewhere, including Macedonia and Surburban LA. A somewhat spooky guy even sent out fake news in an attempt to discredit Wikileaks.

As I have argued, the real culprit in this economy of clickbait driven outrage is closer to home, in the algorithms that Silicon Valley companies use that are exploited by a whole range of people. So while Russian directed efforts may have magnified inflammatory stories, that was not a necessary part of any intervention in the election, because it was happening elsewhere.

12) The level at which all Russian state actors’ actions were directed and approved

The DHS/ODNI statement said clearly that “We believe, based on the scope and sensitivity of these efforts, that only Russia’s senior-most officials could have authorized these activities.” But the WaPo story suggests they still don’t have proof of Russia directing even the go-between who gave WL the cables, much less the go-between directing how Wikileaks released these documents.

Mind you, this would be among the most sensitive information, if the NSA did have proof, because it would be collection targeted at Putin and his top advisors.

13) The motive behind the actions of Russian state actors

The motive behind all of this has varied. The joint DHS/ODNI statement said it was “These thefts and disclosures are intended to interfere with the US election process.” It didn’t provide a model for what that meant though.

Interim reporting — including the White House’s anonymous post-election statement — had suggested that spooks believed Russia was doing it to discredit American democracy.

The Kremlin probably expected that publicity surrounding the disclosures that followed the Russian Government-directed compromises of e-mails from U.S. persons and institutions, including from U.S. political organizations, would raise questions about the integrity of the election process that could have undermined the legitimacy of the President-elect.

At one level, that made a lot of sense — the biggest reason to release the DNC and Podesta emails, it seems to me, was to confirm the beliefs a lot of people already had about how power works. I think one of the biggest mistakes of journalists who have political backgrounds was to avoid discussing how the sausage of politics gets made, because this material looks worse if you’ve never worked in a system where power is about winning support. All that said, there’s nothing in the emails (especially given the constant release of FOIAed emails) that uniquely exposed American democracy as corrupt.

All of which is to say that this explanation never made any sense to me; it was mostly advanced by people who live far away from people who already distrust US election systems, who ignored polls showing there was already a lot of distrust.

Which brings us to the other thing that is new in the WaPo story: the assertion that CIA now believes this was all intended to elect Trump, not just make us distrust elections.

The CIA has concluded in a secret assessment that Russia intervened in the 2016 election to help Donald Trump win the presidency, rather than just to undermine confidence in the U.S. electoral system, according to officials briefed on the matter.

[snip]

“It is the assessment of the intelligence community that Russia’s goal here was to favor one candidate over the other, to help Trump get elected,” said a senior U.S. official briefed on an intelligence presentation made to U.S. senators. “That’s the consensus view.”

For what it’s worth, there’s still some ambiguity in this. Did Putin really want Trump? Or did he want Hillary to be beat up and weak for an expected victory? Did he, like Assange, want to retaliate for specific things he perceived Hillary to have done, in both Libya, Syria, and Ukraine? That’s unclear.

14) The degree to which Russia’s efforts were successful and/or primary in leading to Hillary’s defeat

Finally, there’s the question that may explain Obama’s reticence about this issue, particularly in the anonymous post-election statement from the White House, which stated that the “election results … accurately reflect the will of the American people.” It’s not clear that Putin’s intervention, whatever it was, had anywhere near the effect as (for example) Jim Comey’s letters and Bret Baier’s false report that Hillary would be indicted shortly. There are a lot of other factors (including Hillary’s decision to ignore Jake Sullivan’s lonely advice to pay some attention to the Rust Belt).

And, as I’ve noted repeatedly, it is no way the case that Vladimir Putin had to teach Donald Trump about kompromat, the leaking of compromising information for political gain. Close Trump associates, including Roger Stone (who, by the way, may have had conversations with Julian Assange), have been rat-fucking US elections since the time Putin was in law school.

But because of the way this has rolled out (and particularly given the cabinet picks Trump has already made), it will remain a focus going forward, perhaps to the detriment of other issues that need attention.

Share this entry

DOJ Still Claiming Its Kid Glove Oversight of Prosecutors Is Adequate

/5 Comments/in /by

During the uproar over Jim Comey’s role in the Hillary email investigation, a lot of commentators figured it’d all come out in an Inspector General report. But as I noted, DOJ exempts its lawyers from normal kind of oversight, subjecting them instead to Office of Professional Responsibility investigations without statutory independence. The problem has been debated at least since 2007, but Congress squelched efforts to change it in 2008. That, helped by the interference of the now-deceased David Margolis, was how John Yoo got off after writing shoddy memos authorizing torture.

Last month, DOJ’s IG released its yearly review of top management challenges. And, as Michael Horowitz’s predecessor Glenn Fine had done before him, he made a bid for being able to review the conduct of DOJ’s lawyers. The report argues that the oversight for lawyers should be the same as it is for agents.

The OIG, however, does not have authority to investigate allegations of misconduct against Department attorneys when the allegations are related to their work as lawyers. Those allegations fall under the exclusive jurisdiction of the Department’s Office of Professional Responsibility. The OIG has long believed that there is no principled basis for this continued limitation on our jurisdiction, and no reason to treat the investigation of misconduct by prosecutors differently than misconduct by agents. Under the current system, misconduct allegations against agents are handled by a statutorily independent OIG, while misconduct allegations against prosecutors are handled by a Department component that lacks statutory independence and whose leadership is both appointed by and removable by the Department’s leadership.

As Horowitz has done with IG statutory independence with respect to accessing evidence, the report focuses on bills to address the problem.

Bipartisan bills pending in both the U.S. House of Representatives and the U.S. Senate would remove this limitation on the OIG’s jurisdiction. The legislation, as now proposed, would allow the OIG to investigate these important matters, where appropriate, with the independence and transparency that is the touchstone of all of the OIG’s work, thereby providing the public with confidence regarding the handling of these matters. The Department’s attorneys should be held to the same standards of oversight as other Department components, and the OIG should have oversight over all Department employees, just like every other OIG.

Most interesting, however, is the way that DOJ claimed this long-established problem doesn’t exist. Unbelievably, “the Department” claimed that OPR has the same independence as OIG.

In response to a draft of this report, the Department questioned our position that the OIG should have the same authority as every other federal Inspector General to review allegations of misconduct by Department attorneys in connection with their work as lawyers. Among other things, the Department took issue with our description of OPR’s relative lack of independence as compared to the OIG by asserting that (1) OPR’s Counsel “remains unchanged with successive Attorneys General and presidential administrations,” (2) the OIG has not “criticized OPR’s work, the thoroughness of its investigations, or the soundness of its findings,” and (3) the OIG has not “identified a single OPR investigation that failed to appropriately hold accountable . . . Department attorneys.”

The report calls bullshit on the claim that the department hasn’t replaced OPR officials, noting that Holder did replace OPR Counsel Marshall Jarret in 2009 in the midst of the Ted Stevens scandal (Jarret was also backing off promises he would make the results of the Yoo investigation with Congress).

On the first point, the same could be said of supervisory attorneys throughout the Department and, in fact, contrary to the Department’s claim with regard to OPR, in April 2009, less than 4 months after the last change in presidential administrations, the new Attorney General replaced the OPR Counsel without any public explanation.

Holder actually replaced the OPR Counsel one more time, in 2011.

The report goes on to note that we can’t assess OPR’s work because, unlike most IG Reports, it is not public.

On the second and third points, neither the OIG nor the public are in a position to fully assess the thoroughness and soundness of OPR’s work precisely because OPR does not disclose sufficient information to allow for such an assessment.

The report then lists off a bunch of people — including the judge in the Ted Stevens case, Emmet Sullivan — who have complained about OPR’s work.

However, federal judges, the American Bar Association, and the Project on Government Oversight (POGO) have all questioned the level of independence, transparency, and accountability of OPR. See, e.g., Order by Hon. Emmet G. Sullivan Appointing Henry F. Schuelke Special Counsel in United States v. Stevens, No. 08-cr-231 (Apr. 7, 2009), p. 46. (“the events and allegations in this case are too serious and too numerous to be left to an internal investigation that has no outside accountability”) ; “Criminal Law 2.0,” by Hon. Alex Kozinski, 44 Geo. L.J. Ann. Rev. Crim. Proc. iii (2015); ABA Recommendation urging the Department of Justice to release “as much information regarding individual investigations as possible,” Aug. 9-10, 2010, available here; “Hundreds of Justice Department Attorneys Violated Professional Rules, Laws, or Ethical Standards: Administration Won’t Name Offending Prosecutors,” Report by POGO, March 13, 2014, available here.

The report ends with a reassertion that the Inspector General Act requires far more of inspectors general than OPR provides.

Moreover, whatever the soundness of OPR’s work, the Department’s efforts to equate OPR’s independence and transparency with that of the OIG flies directly in the face of the Inspector General Act, which fundamentally exists to create entities with an enhanced degree of independence and transparency so that they can credibly conduct investigations and reviews where there would be an expectation that more independent and transparent oversight is required. That is the very reason why Attorney General Ashcroft expanded the OIG’s jurisdiction in 2001 to include the FBI and the DEA, and there simply is no reason why Department attorneys continue to be protected from the possibility that their conduct may warrant independent review by the OIG in appropriate cases.

Frankly, there is evidence that OPR’s investigation has been inadequate, starting with both the Yoo and the Stevens investigations.

But there have also been a slew of cases of prosecutors withholding evidence from defendants, cases that ought to merit some real review (to say nothing of the Clinton email case). For example, just this week, Ross Ulbricht’s lawyers revealed they had discovered evidence of a third corrupt agent, the evidence of which had been withheld from the defense team.

There’s no hint of why Horowitz is making this point now. But there sure are a number of cases that might elicit actual independent review.

Share this entry

About that Russian Hacker Story

/9 Comments/in , , /by

This story is going viral on social media. The CNN article, dated October 12, describes a compromise of a FL contractor they don’t situate in time.

Federal investigators believe Russian hackers were behind cyberattacks on a contractor for Florida’s election system that may have exposed the personal data of Florida voters, according to US officials briefed on the probe.

The hack of the Florida contractor comes on the heels of hacks in Illinois, in which personal data of tens of thousands of voters may have been stolen, and one in Arizona, in which investigators now believe the data of voters was likely exposed.
Later in the article, CNN makes it clear this is the same hack as described in this earlier ABC reporting, which expands on a story from several days earlier. ABC’s reporting doesn’t date the compromise either. Rather, it explains that FL was one of four states in which hackers had succeeded in compromising data, whereas hackers had scanned voting related systems — tried to hack systems — in half the states.

As ABC News first reported Thursday, hackers have recently tried to infiltrate voter registration systems in nearly half of the states across the country –- a significantly larger cyber-assault than U.S. officials have been willing to concede.

And while officials have publicly admitted Illinois and Arizona had their systems compromised, officials have yet to acknowledge that information related to at least two other states’ voters has also been exposed.

Hackers working on behalf of the Russian government are suspected in the onslaught against election-related systems, according to sources with knowledge of the matter.

And ABC’s source at least claimed that all hackers did was copy voter data.

The voter information was exposed after cyber-operatives gained entry to at least one computer associated with a private company hired to administer voter information, the sources said.

A simple “phishing” scheme –- with a malicious link or attachment sent in an email –- is likely how it all started, one source said.

“The attack was successful only in the sense that they gained access to the database, but they didn’t manipulate any of the voter [information] in the database,” the source said.

So, in spite of what people might think given the fact that the CNN is going viral right now, it doesn’t refer to a hack in conjunction with the election. It refers to a hack that happened well over a month ago. It refers to a hack that — at least according to people who have an incentive to say so — resulted only in the theft of data, not its alteration.

Both CNN and ABC use language that suggests the Russian government was behind this hack. Here’s CNN:

FBI investigators believe the the hacks and attempted intrusions of state election sites were carried out by hackers working for Russian intelligence.

And here’s ABC:

Hackers working on behalf of the Russian government are suspected in the onslaught against election-related systems, according to sources with knowledge of the matter.

But (as CNN points out) the October 7 joint DNI/DHS statement on Russian hacking doesn’t attribute the voting rolls part to the Russian state.

Some states have also recently seen scanning and probing of their election-related systems, which in most cases originated from servers operated by a Russian company. However, we are not now in a position to attribute this activity to the Russian Government.

An earlier DHS one explicitly attributes them to cybercriminals.

(U//FOUO) DHS has no indication that adversaries or criminals are planning cyber operations against US election infrastructure that would change the outcome of the coming US election. Multiple checks and redundancies in US election infrastructure—including diversity of systems, non-Internet connected voting machines, pre-election testing, and processes for media, campaign, and election officials to check, audit, and validate results—make it likely that cyber manipulation of US election systems intended to change the outcome of a national election would be detected.

(U//FOUO) We judge cybercriminals and criminal hackers are likely to continue to target personally identifiable information (PII), such as that available in voter registration databases. We have no indication, however, that criminals are planning theft of voter information to disrupt or alter US computer-enabled election infrastructure.

There were known instances of identity thieves hacking voting rolls going back some time, so it is possible that’s all this was about.

We learned recently that FBI Director Comey pointedly did not want to be included on the joint DNI/DHS statement, because it was too close to the election. So it’s possible there was disagreement about that part of it (which might explain the FBI-sourced leak to CNN).

Also note, I believe the known hackers used different methods, including both SQL injection and phishing. If in response to the earlier ones, DHS did a review of voting systems and found a number of phishes using the same methods as GRU, that may explain why FBI would say it was Russian.

In any case, we don’t know what happened, and at least public claims say the hackers didn’t alter any data.

But the CNN story, at least, is not about something that just happened.

Update: Fixed some typos and clarity problems.

Share this entry

The Blame Comey Movement

/41 Comments/in /by

screen-shot-2016-11-11-at-4-49-34-pmThere is a big rush from commentators on all sides to blame Jim Comey for the election result. And while normally I’m happy to blame Comey for things, I’m not convinced we have data to support that claim here, at least not yet.

The claim comes from two places. First, this description of how Trump’s analysts responded after discovering rural whites were voting at higher rates than expected.

Trump’s analysts had detected this upsurge in the electorate even before FBI Director James Comey delivered his Oct. 28 letter to Congress announcing that he was reopening his investigation into Clinton’s e-mails. But the news of the investigation accelerated the shift of a largely hidden rural mass of voters toward Trump.

Inside his campaign, Trump’s analysts became convinced that even their own models didn’t sufficiently account for the strength of these voters. “In the last week before the election, we undertook a big exercise to reweight all of our polling, because we thought that who [pollsters] were sampling from was the wrong idea of who the electorate was going to turn out to be this cycle,” says Matt Oczkowski, the head of product at London firm Cambridge Analytica and team leader on Trump’s campaign. “If he was going to win this election, it was going to be because of a Brexit-style mentality and a different demographic trend than other people were seeing.”

Trump’s team chose to focus on this electorate, partly because it was the only possible path for them. But after Comey, that movement of older, whiter voters became newly evident. It’s what led Trump’s campaign to broaden the electoral map in the final two weeks and send the candidate into states such as Pennsylvania, Wisconsin, and Michigan that no one else believed he could win (with the exception of liberal filmmaker Michael Moore, who deemed them “Brexit states”). [my emphasis]

And from this letter from Hillary’s pollster Navin Nayak.

We believe we lost this election in the last week. Comey’s letter in the last 11 days of the election both helped depress our turnout and also drove away some of our critical support among college-educated white voters — particularly in the suburbs. We also think Comey’s 2nd letter, which was intended to absolve Sec. Clinton, actually helped to bolster Trump’s turnout.

Navak is presumably the same person who missed the surge in rural areas that Trump was seeing, and therefore partly responsible for Clinton’s belated attention to MI and WI. No matter what caused surges in Trump’s support, not responding to it was a key reason for Hillary’s loss. So Navak has a big incentive to blame others.

After saying everything was going swimmingly in early turnout (without noting low African American turnout in that early vote), Navak tells this story about the last week.

But then everything changed in the last week.

Voters who decided in the last week broke for Trump by a larger margin (42-47). These numbers were even more exaggerated in the key battleground states.

There are two major events that happened in the last week:

Director Comey released his first letter 11 days out from the election, which likely helped to depress turnout among Hillary’s supporters. It made Sec. Clinton’s e-mail the focus of the campaign for half the remaining 10 days.

After seeing record early vote numbers, there was a significant drop in Election Day turnout, particularly among Hillary supporters, and this was noticeable in both larger cities such as Philadelphia, Raleigh-Durham, Milwaukee, Detroit and the suburbs surrounding these and other cities.

The two days before Election Day, Director Comey released a 2nd letter, which energized Trump supporters. [emphasis original]

What these two pieces — from Trump’s data analyst and Hillary’s pollster — suggest is a correlation between the Comey letter and Trump’s improved chances. But there’s no proof of causation — certainly not that Comey is the primary explanation.

Iscreen-shot-2016-11-11-at-5-21-22-pmn fact, temporally, the correlation is not perfect. Trump’s analysts say the trend started before the Comey letter. This was a weird election, but it is still highly unlikely that a letter released on October 28 can entirely explain a trend that started before October 28.

Navak is a lot squishier on timing. He says the trend happened in the last week. But of course, the letter (and the blizzard of press coverage) came out earlier than that. Precisely when did he see things start going south? He doesn’t say in his email but if it was really just the last week, then that timing doesn’t make sense either.

Then there’s the other detail that Navak does tell us: the move away from Hillary happened more in the “key battleground states.” That got me wondering why voters in key battleground states would be more responsive to Comey’s letter than voters in red or blue states.

screen-shot-2016-11-11-at-5-32-21-pmWhen I raised this on Twitter, a lot of people said swing state residents would be more bombarded with discussions about emails in the last two weeks. But aside from people who went to a Trump rally (which is admittedly thousands of people, though presumably hard core Trump supporters more than late deciders), they wouldn’t necessarily have. Trump’s final ad, which was very good and pretty reminiscent of Obama’s election ads, only referred to the emails once (albeit right at the beginning, just 5 seconds in), and even then only visually, appearing as Trump said “corrupt.” The emails were just one part of Trump’s larger narrative about a corrupt establishment. The rest of Trump’s ad played to economic anxieties, with dog whistles to anti-Semitism and xenophobia, but not the aggressive ones you’d see in his rallies.

Hillary’s final ad meanwhile (at the same link), was far weaker, basically just saying Trump is a dick but without naming him. So for those who decided based  on the content of these ads (I personally didn’t see many super PAC ads, though they may be a factor), the emails probably weren’t the deciding factor, the quasi-empowering message probably was more likely to have been.

And look at the data, above, from Nate Silver’s analysis. It is absolutely true that late-deciding voters in WI, MI, IA, PA, and FL went disproportionately for Trump. They did too in UT, which is unsurprising, but which is also a useful example because it suggests one of the other things people were doing in the last week: Deciding whether to vote a third party candidate, Evan McMullin, or not. Indeed, polling averages show that Trump’s late surge nationally came in conjunction with what was a longer, slower slide in Gary Johnson’s support. I think it’s possible that the emails affected people’s decision to vote third party or even among Republicans who might have voted for Hillary. But one thing that appears to partly explain Trump’s rise at the end is just a very typical decision among people who consider voting third party to in the end support the major candidate. Remember, too, that Trump’s aides had finally gotten him onto a script for these last days, so he was saying and doing fewer offensive things just as these late deciders decided.

Finally, look at those other swing states. In OH, the difference was much smaller. In NV, later breakers actually broke for Hillary. In GA that was even more pronounced.

Perhaps most interesting of all, however, is VA. VA — especially its northern suburbs where Hillary got most of her support — is packed with security clearance holders, precisely the kind of people who’ve expressed the most exasperation about a perceived double standard in the treatment of Hillary. Perhaps that sentiment, which I’ve seen expressed by individuals in a number of places — is overstated. Maybe some clearance holders who also understand overclassification aren’t as bugged by the email scandal as others. In any case, in VA, the state that probably has a higher chunk of clearance holders than any other, broke slightly for Hillary after the Comey letters. Why would Virginians treat the Comey letter so much differently than Wisconsonites and Michiganders?

One final thing. In the days after the first Comey letter, polls actually asked how much it would influence voters’ decision. One poll showed as many undecided voters saying it made no difference as those who said it did.

Thirty-nine percent of voters said the additional review of emails in the Clinton case had no bearing on their vote in November, while 33 percent it made them much less likely to vote for Clinton.

But most of those voters are already aligned against Clinton. Nearly two-thirds of Trump voters, 66 percent, said it makes them much less likely to vote against Clinton.

Among the small pocket of undecided voters remaining, 42 percent said it made them less likely to vote for Clinton, including 30 percent who said it made them much less likely to vote for her. But just as many, 41 percent, said it makes no difference either way.

In others, there was a bigger difference, even affecting Clinton supporters.

An ABC/Washington Post tracking survey released Sunday, conducted both before and after Comey’s letter was made public on Friday, found that about one-third of likely voters, including 7 percent of Clinton supporters, said the new e-mail revelations made them less likely to support the former secretary of state.

The poll found that Clinton received support from 46 percent of likely voters to Trump’s 45 percent, suggesting the race is a toss-up. That contrasts with the 12-point advantage that Clinton held in the same poll a week ago. Trump’s numbers have crept up, in part, as more Republicans have gotten behind their candidate.

A CBS tracking poll of likely voters in battleground states — the 13 states that could swing the Nov. 8 election — released on Sunday found that among voters overall, 71 percent say it either won’t change their thinking, or in some cases, they had already voted.

I’m not aware of any polls that asked about this after Comey’s second letter (and I’m somewhat baffled about how it could energize Trump voters in the way Navak claims), so it’s unclear how these numbers moved after she was re-exonerated.

The election was incredibly close. So if those 7% of Hillary voters who, the weekend after the first Comey letter, considered his announcement significant enough that it might decide their vote instead decided to stay home, it may well have been decisive. But we don’t have that data yet.

Let me close by emphasizing what I am not saying. I am not saying the email scandal didn’t affect the election at all. I am not saying that the press’ disproportionate coverage of it as opposed to Trump’s own corruption didn’t affect the election. Nor am I saying that the Comey letter definitively did not affect the election.

Rather, I’m just saying we don’t have proof that a somewhat inexact correlation between Trump’s late surge and the Comey letter was the cause of his late surge. I’m happy to be convinced otherwise. But right now I’m not seeing it.

Update: This David Plouffe analysis is worth reading in the context of this post for two reasons. First, he notes that Gary Johnson lost support primarily among his older supporters, but his younger supporters stayed with him. This means that his decline likely was tied to a Trump increase, and what remained did hurt Hillary disproportionately.

And here’s what he says about Comey.

JAMES COMEY From the last debate until Election Day, the dominant news was the F.B.I. and Mrs. Clinton’s emails along with a drumbeat of daily WikiLeaks dumps. Postelection research will help shed light here, but the small number of undecided voters at the end should have broken at least equally based on their demographic and voting history. If exit polls are accurate, they moved to Mr. Trump much more than to Mrs. Clinton in certain battleground states, and it’s quite possible the shadow created by the F.B.I. director was the major culprit. Oct. 19, the day of the final debate, was a long 20 days to Nov. 8, and the atmosphere was far from ideal for the Democratic candidate.

Update: On Twitter, Jamison Foser explained why the second letter would invigorate Trump’s supporters: because it fed the narrative that Hillary is corrupt and always gets away with it. That makes sense.

Another person pointed out that the differential impact in VA may be due to Tim Kaine’s influence, which is also a good explanation.

Share this entry

Is FBI Still Fluffing Its Encryption Numbers?

/1 Comment/in /by

Note: All the big civil liberties groups are fundraising “bigly” off of the election of Trump. If you are donating to them and are able, please consider supporting this work as well.  

Update: I went back to the FBI spox who originally told me that the 13% number cited in August included damaged phones, to clarify that this more recent one did. It does not. Here’s what he said:

It is true that damaged devices are provided to CART and RCFL for FBI assistance, but the 886 devices in FY16 that the FBI was not able to access (which is the number that GC Baker provided last week), does not include those damaged devices. It includes only those devices for which we encountered a password we were not able to bypass.

“[T]he data on the vast majority of the devices seized in the United States may no longer be accessible to law enforcement even with a court order or search warrant,” FBI Director Jim Comey wrote in a response to a question from Senate Judiciary Committee Chair Chuck Grassley in January. Grassley had asked whether Comey agreed with New York District Attorney’s Cy Vance’s estimate — made in Senate testimony the previous July — that “when smartphone encryption is fully deployed by Apple and Google, 71% of all mobile devices examined…may be outside the reach of a warrant.”

In Comey’s very next answer, however, he admitted the FBI was still trying to quantify the problem. “FBI is currently working on improving enterprise-wide quantitative data collection to better understand and explain the ‘data at rest’ problem.” Comey and Deputy Attorney General Sally Yates had promised to come up with real data at the July 2015 hearing.

Since that time, FBI has publicly created the impression they had real numbers on encryption.

In a speech at the end of August, Jim Comey claimed that the FBI had been unable to open 650 of the 5,000 devices it got in its forensics centers (remember, the fiscal year starts on October 1).

We believe in the FBI that we need a conversation. If at the end of the day the American people say, “You know what, we’re okay with that portion of the room being dark. We’re okay with”—to use one example—“the FBI, in the first 10 months of this year, getting 5,000 devices from state and local law enforcement and asked for assistance in opening them, and in 650 of those devices being unable to open those devices.” That’s criminals not caught, that’s evidence not found, that’s sentences that are far, far shorter for pedophiles and others because judges can’t see the true scope of their activity.

That left the impression that encryption thwarted the FBI in 13% of all cases.

According to Kevin Bankston, FBI General Counsel just provided an equivalent number at a National Academy of the Sciences working group on encryption (Baker only said these were inaccessible — he did not claim that was because of encryption, though that was the context of the number).

Interesting data point: Baker says over FY 2016, of 6814 mobile devices submitted by fed/state/local to FBI’s [Computer Analysis Response Teams and Regional Computer Forensic Laboratories for analysis 2095 of them req’d passcodes, defeated passcodes in 1210 cases, unable to (presumably due to crypto?) in 886 (885?) cases.

That reflects the same 13% failure rate.

I asked the FBI in September where they got this number. And at least at that point, the 13% was not a measure of how often encryption thwarted the FBI. A spokesperson told me,

It is a reflection of data on the number of times over the course of each quarter this year that the FBI or one of our law enforcement partners (federal, state, local, or tribal) has sought assistance from FBI digital forensic examiners with respect to accessing data on various mobile devices where the device is locked, data was deleted or encrypted, the hardware was damaged, or there were other challenges with accessing the data. I am not able to break that down by crime type.

In the San Bernardino case, for example, the FBI may not have been able to access 66% of the phones it seized from the culprits (there are actually varying reports on this). But in the end, encryption accounted for none of those phones being inaccessible: physical destruction accounted for all of it.

So unless the FBI, after I asked in early September, went back and recalculated their quarterly numbers (I’ve got a question in to clarify this point), then the FBI is presenting a false claim about encryption.

Share this entry

Why Democrats May Embrace Jim Comey’s Self-Righteousness in 12 Months

/12 Comments/in , /by

Some Democrats are already blaming Jim Comey for Hillary’s loss last night. It will be some time before we know for sure whether that is true. Certainly polling (to the extent that it can be regarded as a fair read of the electorate, which I’m not sure it can) didn’t show Hillary losing a lot of support, net, over the course of Comey’s head fake. Instead, polls showed Gary Johnson voters coming home to the GOP, which closed Trump’s polling gap. I do think it likely that Comey’s head fake had an effect on Democratic turnout.

So we will see whether Comey is to blame or something else (that said, by the time we really know that, a narrative will be set).

But I also want to talk about Comey’s position going forward.

Had Hillary won, I think President Obama might have fired Comey in the lame duck. But I don’t see that happening now. Partly, because it would be seen as vindictive, and Obama has his legacy to cement. More importantly, there’s no chance Obama could get someone else confirmed.

So Comey will be FBI Director on January 20, with six plus years of a ten year term in front of him.

Trump has already floated Rudy Giuliani as Attorney General.

I have no idea what their relationship is like now, but recall that Comey worked for (presumably was hired by) Giuliani when the latter was US Attorney in the 1980s. Giuliani is the guy that launched Comey on his self-righteous career of federal prosecution.

For that reason — and because of Comey’s behavior in the last month — I expect Trump will keep him.

That means Comey’s self-righteous rule is one of the few things that will prevent Trump, in the near turn, from politicizing the FBI more than it already is. Today’s FBI is already bad, but Comey may limit how badly Trump’s FBI targets Muslims and others Trump targeted during the campaign.

Ultimately, Comey’s tenure may end where it has before, in standing up to some legalistic abuse (even while sanctioning the underlying behavior, as Comey did with both torture and mass surveillance), and resigning or getting fired.

But in the short term, at least, the Democrats who are blaming Comey today may welcome his self-righteousness tomorrow. Me, I think the reasons that self-righteousness is a problem now will remain a problem. But probably less problematic than having Joe Arpaio run the FBI.

Share this entry

FBI’s Demographics: No Pot Smokers, but Lots of Middle Aged White Men

/26 Comments/in /by

Amid increasing clarity that lots of line FBI Agents are rooting for Trump to win Tuesday’s election, Josh Gerstein provides one explanation for why: FBI, demographically, looks like Trump’s electorate.

Largely overlooked in the imbroglio is how the fact that the FBI doesn’t look much like America is complicating Comey’s effort to extricate himself and his agency from the political firestorm.

According to numbers from August, 67 percent of FBI agents are white men. Fewer than 20 percent are women. The number of African-American agents hovers around 4.5 percent, with Asian-Americans about the same and Latinos at about 6.5 percent.

If Trump were running for president with an electorate that looked like that, he’d win in a landslide.

In the rest of his piece, Gerstein describes that his has actually gotten worse after Comey took over in 2013, though it is reversing somewhat this year.

While the FBI director has been mounting an aggressive drive to focus on the FBI’s shortcomings in diversity, it’s less clear if he anticipated how the make-up of his own work force would complicate the handling politically polarizing investigations.

However, he has described the demographic challenges in stark, urgent terms.

“We have a crisis in the FBI and it is this: slowly but steadily over the last decade or more, the percentage of special agents in the FBI who are white has been growing, … We are now 83 percent white in our special agent cadre,” the FBI director said in a July speech at historically black Bethune-Cookman University in Daytona Beach. “I’ve got nothing against white people — especially tall, awkward, male white people — but that is a crisis for reasons that you get and that I’ve worked very hard to make sure the entire FBI understands. That is a path to fall down a flight of stairs.”

For the embattled FBI chief and former prosecutor, there is some good news. There are early signs that his focus on diversity — which includes displaying a rainbow flag on the FBI’s recruiting website — may be paying off.

The number of African-American agents climbed to 603 in August, up from 581 in March. However, both numbers are lower than the 652 the bureau had four years ago.

The number of Latinos also ticked up slightly, to 888 from 882 in March, but still well below the 983 the FBI had in 2012.

I want to view these demographics in conjunction with something else Comey has said, repeatedly this year.

To have a cyber special agent, you need three buckets of attributes. You need integrity, which is non-negotiable. You need physicality. We’re going to give you a gun on behalf of the United States of America, you need to be able to run, fight, and shoot. So there’s a physicality required. And obviously there’s an intelligence we need for any special agent, but to be a cyber special agent, we need a highly sophisticated, specialized technical expertise.

Those three buckets are rare to find in the same human being in nature. We will find people of great integrity, who have technical talent, and can’t squeeze out more than two or three push-ups. We may find people of great technical talent who want to smoke weed on the way to the interview. So we’re staring at that, asking ourselves, “Are there other ways to find this talent, to equip this talent, to grow this talent?” One of the things we’re looking at is, if we find people of integrity and physicality and high intelligence, can we grow our own cyber expertise inside the organization? Or can we change the mix in cyber squads? A cyber squad today is normally eight special agents—gun-carrying people with integrity, physicality, high intelligence, and technical expertise. Ought the mix to be something else? A smaller group of this, and a group of high-integrity people with technical expertise who are called cyber investigators?

In conjunction with hiring agents to focus on cybersecurity, Comey has described what he imagines as the “integrity” necessary to be an FBI Agent.

He always uses pot smoking as the example of someone who doesn’t have integrity (in spite of the fact that pot is legal in several states and will be in more after Tuesday). Yeah, what he really means by “integrity” is “can get security clearance.” But he describes that, consistently, as “integrity.”

Perhaps there’s a problem there? Perhaps the Director is creating a culture in which he casually impugns a wide swath of America as lacking integrity that just happens to favor hiring white men?

Share this entry

Threat Level Orange! Election Week Plot!

/14 Comments/in , , , /by

screen-shot-2016-11-04-at-5-01-51-pmThis morning, CBS published a story attributed to senior producer Pat Milton, who has done a lot of FBI-based stories (and co-produced fawning 60 Minutes interviews with John Brennan and Jim Comey), reporting on a possible terrorist attack. The story described the threat with specific detail — scheduled for Monday, in maybe NY, TX, or VA — but even while explicitly stating that “its credibility hasn’t been confirmed.”

Sources told CBS News senior investigative producer Pat Milton that U.S. intelligence has alerted joint terrorism task forces that al Qaeda could be planning attacks in three states for Monday.

It is believed New York, Texas and Virginia are all possible targets, though no specific locations are mentioned.

U.S. authorities are taking the threat seriously, though the sources stress the intelligence is still being assessed and its credibility hasn’t been confirmed. Counterterrorism officials were alerted to the threat out of abundance of caution.

The version published at 7:43 AM (and screen captured to the right) clearly attributed the story to a senior FBI official. (I’ve bolded the differences.)

A senior FBI official told CBS News, “The counterterrorism and homeland security communities remain vigilant and well-postured to defend against attacks here in the United States.  The FBI, working with our federal, state and local counterparts, shares and assesses intelligence on a daily basis and will continue to work closely with law enforcement and intelligence community partners to identify and disrupt any potential threat to public safety.”

The version published at 12:52 rewrote that paragraph, obscuring that FBI was the source.

While we do not comment on intelligence matters, we will say the counterterrorism and homeland security communities remain vigilant and well-postured to defend against attacks here in the United States,” a U.S. intelligence official told CBS News. “The FBI and DHS, working with our federal, state and local counterparts, share and assess intelligence on a daily basis and will continue to work closely with law enforcement and intelligence community partners to identify and disrupt any potential threat to public safety.

This story, leaked by a senior FBI official who “doesn’t comment on intelligence matters” but nevertheless did just that, comes at the end of the crappiest week for the FBI in decades.

At this point, it is fair to argue that the intelligence community — including people leading it today — have capitalized on a terrorist threat, even a dodgy one. As I tweet stormed this morning (and wrote in more detail here), in 2004 the government played up two dodgy election year threats.

In March 2004 (just as torture, spying cut back) fabricator went to CIA in Pakistan and said, “Janat Gul wants to attack US elections.”

Someone in CIA immediately said, “Nah!” Nevertheless, US got PK to detain, turn Gul to US to be tortured.

USG (including Jim Comey) reauthorized torture, to be used with Gul. Including waterboarding & techniques CIA had already used w/o approval.

USG (including Comey & John Brennan) also used election year plot based off fabrication as one reason FISC had to approve Internet dragnet.

There were, of course, leaks to the press about this election year plot.

CIA kept torturing and torturing Janat Gul, because they needed details of an election year plot based off a fabrication.

It wasn’t until October that someone said, “Hey, let’s go check if that guy claiming Gul wanted to attack US election was lying!” He was.

But Gul had served purpose: election year scare, reauthorizing torture, getting FISC approval for dragnet. Not bad for one torture victim!

Comey didn’t know CIA immediately raised concerns abt fabricator’s claims. It’s one thing Cheney/Gonzales prevented him fr learning in 2005

Comey signed off on torture again, including waterboarding w/o knowing that that case was all based off a fabrication.

But Comey has also refused to read torture report, which lays all this out. He’s avoiding learning what he did in 2004, 2005. Brennan too!

I lay all this out bc, w/history like this, IC (still led by Brennan & Comey) should be VERY careful abt leaking election year plots.

Succinctly: They cried wolf in 2004. And have yet to face accountability for that.

Then, in 2006 (at a time when both Comey and Brennan were on hiatus from directly government work, though they were both working with key government contractors), it happened again. Dick Cheney triggered the revelation of a very real terrorist plot in 2006 — fucking over the British officials trying to collect enough information to prosecute the perpetrators — to help Joe Lieberman stay in the Senate.

The point is, these people, including the people in charge of the IC now, have selectively exploited real or imagined terrorist plots before. The leak of this one, which FBI clearly hasn’t even vetted, sure seems exploitative given how badly FBI needs to distract from its own fuck-ups.

Share this entry

“Glitch!” FBI’s Three Leaked Claims about the Delay in Obtaining a Warrant for Huma’s Email

/21 Comments/in /by

The other day, the WSJ had a story that included this detail about the gap between the time FBI realized there were Huma Abedin emails on a computer seized in the Anthony Weiner investigation and when they got a warrant to read them.

The FBI had searched the computer while looking for child pornography, people familiar with the matter said, but the warrant they used didn’t give them authority to search for matters related to Mrs. Clinton’s email arrangement at the State Department. Mr. Weiner has denied sending explicit or indecent messages to the minor.

In their initial review of the laptop, the metadata showed many messages, apparently in the thousands, that were either sent to or from the private email server at Mrs. Clinton’s home that had been the focus of so much investigative effort for the FBI. Senior FBI officials decided to let the Weiner investigators proceed with a closer examination of the metadata on the computer, and report back to them.

At a meeting early last week of senior Justice Department and FBI officials, a member of the department’s senior national-security staff asked for an update on the Weiner laptop, the people familiar with the matter said. At that point, officials realized that no one had acted to obtain a warrant, these people said. [my emphasis]

While I and actual experts on Fourth Amendment law had already started asking about the legality of finding emails implicating Huma while searching a computer seized for an investigation into underage sexting, the revelation that FBI somehow forgot to get a warrant for two to three weeks raised even bigger questions.

In the last day, both the NYT and the WaPo have provided different explanations about it (though they use it to explain the time lapse between discovering the emails and informing Congress, not getting a warrant). The NYT reported that the FBI had to write custom software to be able to read Weiner’s emails without at the same time reading Huma’s.

The F.B.I. has not explained why three weeks passed between the time the bureau obtained the laptop and when Mr. Comey told Congress about it. After an F.B.I. computer analysis response team in New York copied the laptop’s hard drive, bureau employees began examining the information on the computer.

That is when agents realized that Ms. Abedin’s emails were on the laptop, but they did not have the authority to view them without a warrant.

The F.B.I. needed custom software to allow them to read Mr. Weiner’s emails without viewing hers. But building that program took two weeks, causing the delay. The program ultimately showed that there were thousands of Ms. Abedin’s emails on the laptop.

Mr. Comey was not briefed in full on a plan to read the emails until last Thursday, Oct. 27. He informed Congress the next day. F.B.I. lawyers then had to obtain a second warrant to look at Ms. Abedin’s emails, which happened last weekend. [my emphasis]

WaPo reported that “glitches” delayed the FBI in separating Weiner’s emails from Huma’s.

Although investigators had discovered the emails in early October, software glitches prevented them from separating Abedin-related emails from the hundreds of thousands of messages recovered until Oct. 19 or 20, according to people familiar with the case.

While Comey had been quickly alerted by his deputy to the original find, he took no further action, allowing agents in the field to get a better idea of the scope of the material. Agents could use digital clues to decipher where emails had originated and been sent but were legally barred from reading the emails without a search warrant because they had been obtained in a separate investigation.

When agents formally recommended on Oct. 27 that the warrant be sought, Comey agreed and then felt obligated to inform Congress — which he did with his letter the following day. Comey’s only reference in the letter to the timing of his involvement was that he had been briefed the previous day. [my emphasis]

Note NYT says Comey was not briefing on the plan to read the emails until October 27. WaPo says that he was in the loop before then, then consulted again on obtaining a warrant on October 27. Those aren’t necessarily conflicting stories — I guess it depends on what “a plan to read the emails” means — but I find the distinction curious.

The real batshit thing, though, is the claim that the nation’s premiere law enforcement agency didn’t have a way to sift out Weiner’s emails from Huma’s, something even garden variety cops have to do every day. Equally batshit is the claim they created a new piece of software to do so. Glitches? That’s a word national security people use as a cover story.

There is no good explanation for why the FBI didn’t have the technical means to do this. There is even less of an explanation for why, in a case involving such high profile people, the FBI would be struggling with “glitches.”

Which leaves us where we were with WSJ’s story: The FBI was fiddling with these emails for 3 weeks before “officials realized that no one had acted to obtain a warrant.” And yet somehow, the FBI was able to show probable cause that these emails had some tie to a crime.

I do hope this is something Patrick Leahy insists on getting answers on, because the story stinks.

Share this entry

Now Would Be a Good Time to Restore Statutory Authority of DOJ’s Inspector General

/9 Comments/in /by

Judd Legum reports that the FBI’s Inspection Division is launching an investigation into why its FBI Records Vault Twitter bot launched into action the other day, resulting in the re-release of FOIAed files on Bill Clinton’s pardon of Marc Rich.

Candice Will, Assistant Director for the FBI’s Office of Professional Responsibility, said she was referring the matter to the FBI’s Inspection Division for an “investigation.” Upon completion of the investigation, the Office of Professional Responsibility will be referred back to the Office of Professional Responsibility for “adjudication.”

Federal law and FBI policy prohibit employees from using the power of the department to attempt to influence elections.

Will was responding to a complaint from Jonathan Hutson, a former investigative reporter who now works in communication in Washington, DC. She did not respond to requests, via phone and email, for further comment.

I’m happy the FBI is conducting this investigation, but this story is the inevitable result of the FBI responding appropriately to a complaint submitted by a media consultant, not any indication anyone at the FBI takes its own misconduct seriously.

Plus, the Inspection Division and the Office of Professional Responsibility don’t have statutory independence from the rest of the FBI, which means their investigation (and particularly OPR’s adjudication) can be influenced by FBI executives.

The entity that should be conducting an investigation into the FBI’s misconduct relating to this election is the Inspector General, which does have the independence to really assess who, if anyone screwed up.

There’s just one problem with that. As I’ve long covered, in 2010, the FBI started balking at the Inspector General’s proper investigative demands. Among other things, the FBI refused to provide information on grand jury investigations unless some top official in FBI said that it would help the FBI if the IG obtained it. In addition, the FBI (and DEA) have responded to requests very selectively, pulling investigations they don’t want to be reviewed. In 2014, the IG asked OLC for a memo on whether it should be able to get the information it needs to do its job. Last year, OLC basically responded, Nope, can’t have the stuff you need to exercise proper oversight of the FBI.

DOJ’s Inspector General, Michael Horowitz, has been trying for some time to get Congress to affirmatively authorize his office (and IGs generally, because the problem exists at other agencies) to receive the information he needs to do his job. But thus far — probably because Jim Comey used to be known as the world’s biggest Boy Scout — Congress has failed to do so.

I care about how FBI’s misconduct affects the election (thus far, polling suggests it hasn’t done so, though polls are getting closer as Republican Gary Johnson supporters move back to supporting the GOP nominee, as almost always happens with third party candidates). But I care even more about how fucked up the FBI is. Even if Comey is ousted, I can’t think of a likely candidate that could actually fix the problems at FBI. One of the few entities that I think might be able to do something about the stench at FBI is the IG.

Except the FBI has spent 6 years making sure the IG can’t fully review its conduct.

It’s time to fix that.

Share this entry