Posts

About the Timing of the Binney Meeting

/36 Comments/in , /by

The Intercept is reporting that, on Trump’s orders, Mike Pompeo met with Bill Binney on October 24 to understand his theory arguing that the DNC hack was in fact a leak.

In an interview with The Intercept, Binney said Pompeo told him that President Donald Trump had urged the CIA director to meet with Binney to discuss his assessment that the DNC data theft was an inside job. During their hour-long meeting at CIA headquarters, Pompeo said Trump told him that if Pompeo “want[ed] to know the facts, he should talk to me,” Binney said.

[snip]

Binney said that Pompeo asked whether he would be willing to meet with NSA and FBI officials to further discuss his analysis of the DNC data theft. Binney agreed and said Pompeo said he would contact him when he had arranged the meetings.

I’ve got a few comments about this.

First, I’m particularly intrigued in the timing. on Twitter, Jim Sciutto said Trump had been pushing for Pompeo to meet with Binney for several weeks.

Pompeo took the meeting at the urging of President Trump over weeks. Pompeo told Binney: “The president told me I should talk to you”

I’ve been told the meeting was set up by October 14, which means Trump has been pushing for this meeting for over a month. That dates it to around the same time as reports that Chief of Staff John Kelly was preventing Dana Rohrabacher from meeting Trump to pass on Julian Assange’s claims explaining how the emails he received didn’t come from Russia, though that scheme went back further, to mid-August.

Effectively, though, that means Trump has been trying to find some way to magnify theories that argue culprits besides Russia did the hack. The guy who begged Russia to hack Hillary’s emails in the middle of last summer is looking for some alternative narrative to push, and it’s not clear whether he cares what that narrative is.

Though, as I noted in my post on these theories, now that we know the files Guccifer 2.0 leaked were from Podesta and as-yet unidentified sources, it makes all the arguments focusing on Guccifer beside the point (and disrupts Craig Murray’s claims).

On top of a lot of other implications of this, it shifts the entire debate about whether Guccifer 2.0 was WikiLeaks’ source, which has always focused on whether the documents leaked on July 22 came from Guccifer 2.0. Regardless of what you might conclude about that, it shifts the question to whether the Podesta emails WikiLeaks posted came from Guccifer 2.0, because those are the ones where there’s clear overlap. Russia’s role in hacking Podesta has always been easier to show than its role in hacking the DNC.

It also shifts the focus away from whether FBI obtained enough details from the DNC server via the forensic image it received from Crowdstrike to adequately assess the culprit. Both the DNC and Hillary (as well as the DCCC) servers are important. Though those that squawk about this always seem to miss that FBI, via FireEyedisagreed with Crowdstrike on a key point: the degree to which the two separate sets of hackers coordinated in targeted servers; I’ve been told by someone with independent knowledge that the FBI read is the correct one, so FBI certainly did their own assessment of the forensics and may have obtained more accurate results than Crowdstrike (I’ve noted elsewhere that public IC statements make it clear that not all public reports on the Russian hacks are correct).

In other words, given that the files that Guccifer 2.0 first leaked actually preempted WikiLeaks’ release of those files by four months, what you’d need to show about the DNC file leaks is something entirely different than what has been shown.

Binney and the other skeptics aren’t even arguing the right issue anymore.

Moreover, there’s a newly public detail that may moot two key strands of the argument. Last week the WSJ (here’s the Reuters version) reported that DOJ is thinking of charging 6 Russian officials in the hack of the DNC. I get it. People are skeptical that the FBI has any better data than the NSA (though I know others, outside of the FBI, believe they’ve pinpointed hackers by name). But as part of that story,  they described the four districts where the investigation into the hack (as distinct from Mueller’s investigation into the election tampering) live.

The U.S. Justice Department has gathered enough evidence to charge six members of the Russian government in the hacking of Democratic National Committee computers before the 2016 U.S. presidential election, the Wall Street Journal reported on Thursday, citing people familiar with the investigation.

Federal agents and prosecutors in Washington, Philadelphia, Pittsburgh and San Francisco have been cooperating on the DNC investigation and prosecutors could bring the case to court next year, it said.

[snip]

The hacking investigation, conducted by cybersecurity experts, predates the appointment in May of federal special counsel Robert Mueller to oversee the probe of alleged Russian meddling in the 2016 election and possible collusion with President Donald Trump’s campaign.

Mueller and the Justice Department agreed to allow the technical cyber investigation to continue under the original team of agents and prosecutors, the Journal said.

I’m not sure the report is 100% accurate; for example, I know of a non-political witness in the election-related hack being interviewed by Mueller’s people.

But it includes a little-noticed detail that I know to be accurate — and important to rebut the claim that the copying speed claimed by Forensicator requires a conclusion incompatible with Russia carrying out the hack. Part of the investigation is in Philadelphia.

When Reuters first reported a tripartite structure of the investigation in February, it included San Francisco (the Guccifer 2.0 investigation), Pittsburgh (the Russian side, probably focused on known APTs), and DC (the counterintelligence side — though that would significantly be Mueller’s investigation).

Philadelphia was not included. I only know a bit about the Philadelphia side of the investigation, but I do know that part of the investigation is located there because of a server in the district. So one way or another, we know that the FBI is conducting an investigation in an Eastern city as part of the hacking investigation based on the use of a server in the district. That doesn’t necessarily mean they’re investigating Russians. But it means even if you account for a server in the eastern time zone, you still have FBI preparing to charge Russians for the hack.

Which brings us to the last line of the Intercept article.

Binney said that since their meeting, he has not heard from Pompeo about scheduling follow-up meetings with the NSA and FBI.

Granted, it has only been two weeks. But in that time, not even Pompeo’s prodding has made the FBI (more likely) or the NSA (which still has bad blood with Binney) remotely curious about these theories.

Dana Rohrabacher Brokering Deal for Man Publishing a CIA Exploit Every Week

/26 Comments/in , , /by

Yesterday, right wing hack Charles Johnson brokered a three hour meeting between Dana Rohrabacher and Julian Assange. At the meeting, Assange apparently explained his proof that Russia was not behind the hack of the DNC. In a statement, Rohrabacher promises to deliver what he learned directly to President Trump.

Wikileaks founder Julian Assange on Wednesday told Rep. Dana Rohrabacher that Russia was not behind leaks of emails during last year’s presidential election campaign that damaged Hillary Clinton’s candidacy and exposed the inner workings of the Democratic National Committee.

The California congressman spent some three hours with the Australian-born fugitive, now living under the protection of the Ecuadorian embassy in the British capital.

Assange’s claim contradicts the widely accepted assessment of the U.S. intelligence community that the thousands of leaked emails, which indicated the Democratic National Committee rigged the nomination process against Sen. Bernie Sanders in favor of Clinton, were the result of hacking by the Russian government or persons connected to the Kremlin.

Assange, said Rohrabacher, “emphatically stated that the Russians were not involved in the hacking or disclosure of those emails.” Rohrabacher, who chairs the House Foreign Affairs Subcommittee on Europe, Eurasia, and Emerging Threats, is the only U.S. congressman to have visited the controversial figure.

The conversation ranged over many topics, said Rohrabacher, including the status of Wikileaks, which Assange maintains is vital to keeping Americans informed on matters hidden by their traditional media. The congressman plans to divulge more of what he found directly to President Trump.

I’m utterly fascinated that Assange has taken this step, and by the timing of it.

It comes not long after Rod Wheeler’s lawsuit alleging that Fox News and the White House worked together to invent a story that murdered DNC staffer Seth Rich was in contact with WikiLeaks. Both that story and this one have been promoted aggressively by Sean Hannity.

It comes in the wake of the VIPS letter that — as I’ve begun to show — in no way proves what it claims to prove about the DNC hack.

It comes just after a very long profile by the New Yorker’s Raffi Khatchadourian, who has previously written more sympathetic pieces about Assange. I have a few quibbles with the logic behind a few of the arguments Khatchadourian makes, but he makes a case — doing analysis on what documents got released where that no one else has yet publicly done (and about which numerous people have made erroneous claims in the past) — that Assange’s claims he wasn’t working with Russia no longer hold up.

But his protestations that there were no connections between his publications and Russia were untenable.

[snip]

Whatever one thinks of Assange’s election disclosures, accepting his contention that they shared no ties with the two Russian fronts requires willful blindness. Guccifer 2.0’s handlers predicted the WikiLeaks D.N.C. release. They demonstrated inside knowledge that Assange was struggling to get it out on time. And they proved, incontrovertibly, that they had privileged access to D.N.C. documents that appeared nowhere else publicly, other than in WikiLeaks publications. The twenty thousand or so D.N.C. e-mails that WikiLeaks published were extracted from ten compromised e-mail accounts, and all but one of the people who used those accounts worked in just two departments: finance and strategic communications. (The single exception belonged to a researcher who worked extensively with communications.) All the D.N.C. documents that Guccifer 2.0 released appeared to come from those same two departments.

The Podesta e-mails only make the connections between WikiLeaks and Russia appear stronger. Nearly half of the first forty documents that Guccifer 2.0 published can be found as attachments among the Podesta e-mails that WikiLeaks later published.

The Assange-Rohrabacher meeting also follows a NYT story revealing that the author of a piece of malware named in the IC’s first Joint Analysis Report of the DNC hack, Profexor, has been cooperating with the FBI. The derivative reports on this have overstated the connection Profexor might have to the DNC hack (as opposed to APT 28, presumed to be associated with Russia’s military intelligence GRU).

A member of Ukraine’s Parliament with close ties to the security services, Anton Gerashchenko, said that the interaction was online or by phone and that the Ukrainian programmer had been paid to write customized malware without knowing its purpose, only later learning it was used in Russian hacking.

Mr. Gerashchenko described the author only in broad strokes, to protect his safety, as a young man from a provincial Ukrainian city. He confirmed that the author turned himself in to the police and was cooperating as a witness in the D.N.C. investigation. “He was a freelancer and now he is a valuable witness,” Mr. Gerashchenko said.

It is not clear whether the specific malware the programmer created was used to hack the D.N.C. servers, but it was identified in other Russian hacking efforts in the United States.

But Profexor presumably is describing to the FBI how he came to sell customized access to his tool to hackers working for Russia and who those hackers were.

In other words, this bid by Assange to send information to Trump via someone protected by the Constitution’s Speech and Debate Clause, but who is also suspected — even by his Republican colleagues! — of being on Russia’s payroll, comes at a very interesting time, as outlets present more evidence undermining Assange’s claims to have no tie to Russia.

Coming as it does as other evidence is coming to light, this effort is a bit of a Hail Mary by Assange: as soon as Trump publicizes his claims (which he’ll probably do during tomorrow’s shit-and-tweet) and they get publicly discredited, Assange (and Trump) will have little else to fall back on. They will have exposed their own claims, and provided the material others can use to attack Trump’s attempts to rebut the Russia hack claims. Perhaps Assange’s claims will be hard to rebut; but by making them public, finally, they will be revealed such that they can be rebutted.

I’m just as interested in the reporting on this, though, which was first pushed out through right wing outlets Daily Caller and John Solomon.

The story is presented exclusively in terms of Assange’s role in the DNC hack, which is admittedly the area where Assange’s interests and Trump’s coincide.

Yet not even the neutral LAT’s coverage of the meeting, which even quotes CIA Director and former Wikileaks fan Mike Pompeo,mentions the more immediate reason why Assange might need a deal from the United States. Virtually every week since March, Wikileaks has released a CIA exploit. While some of those exploits were interesting and the individual exploits are surely useful for security firms, at this point the Vault 7 project looks less like transparency and more like an organized effort to burn the CIA. Which makes it utterly remarkable a sitting member of Congress is going to go to the president to lobby him to make a deal with Assange, to say nothing of Assange’s argument that Wikileaks should get a White House press pass as part of the deal.

Dana Rohrabacher is perhaps even as we speak lobbying to help a guy who has published a CIA hack of the week. And that part of the meeting is barely getting notice.

In Defense of [Gulp] Mike Pompeo

/5 Comments/in /by

Let me say at the outset that I think Mike Pompeo is a totally inappropriate choice for CIA. I believe he is inclined to torture and engage in illegal surveillance. I believe he is among a long line of overly politicized Republicans appointed to this position. I believe he plans to criminalize journalism, if not my own journalism, specifically. And I believe it likely he’s hiding requests from Trump to downplay the Russian investigation.

But I’m uncomfortable with critiques of him about this interview with Hugh Hewitt.

To be clear: I’m appalled that a CIA Director would choose someone so nakedly partisan for his first exclusive interview. I don’t approve of the interview, generally.

But people are suggesting that this passage shows Pompeo denying known facts about the Russian investigation.

HUGH HEWITT, MSNBC HOST: Today, I bring to you my conversation with the Director of the Central Intelligence Agency, Mike Pompeo. This is his first interview with a news network since taking the job. I sat down with the former congressman, West Point and Harvard Law graduate at CIA headquarters in Langley. I started by asking him about Russia’s meddling in last year’s election, and what the administration is doing to stop it from happening again.

(BEGIN VIDEO CLIP)

MIKE POMPEO, DIRECTOR, CIA: I can’t talk about the details of the intelligence, but we have, the intelligence community has said, that this election was meddled with by the Russians in a way that is frankly not particularly original. They’ve been doing this for an awfully long time. And we are decades into the Russians trying to undermine American democracy. So in some ways, there’s no news, but it certainly puts a heightened emphasis on our ability to figure out how to stop them.

HEWITT: The news was actually that Putin personally directed. Do you think the Russian President did that?

POMPEO: I can’t confirm the intelligence related to that.

Perhaps this is semantics, but Hewitt used a different word than the Intelligence Community Assessment that everyone complaining is pointing to. Hewitt used “directed,” suggesting (to me, anyway) a hands on involvement. The ICA described Putin’s involvement as “ordering” the operation, suggesting (again, to me) a delegation of direction.

We assess with high confidence that Russian President Vladimir Putin ordered an influence campaign in 2016 aimed at the US presidential election, the consistent goals of which were to undermine public faith in the US democratic process, denigrate Secretary Clinton, and harm her electability and potential presidency. We further assess Putin and the Russian Government developed a clear preference for President-elect Trump. When it appeared to Moscow that Secretary Clinton was likely to win the election, the Russian influence campaign then focused on undermining her expected presidency.

We also assess Putin and the Russian Government aspired to help President-elect Trump’s election chances when possible by discrediting Secretary Clinton and publicly contrasting her unfavorably to him. All three agencies agree with this judgment. CIA and FBI have high confidence in this judgment; NSA has moderate confidence.

Add in a tolerance — by virtually all those complaining — for intelligence officials to defer public comments by refusing to stray from existing public comments. Indeed, even where Pompeo all but confirms something Hewitt raises — that the US and Russia continue to cooperate on counterterrorism issues — he engages in the tired charade of pretending not to confirm the confirmation.

POMPEO:  I don’t talk about the liaison partners that I speak with.  But it is important that we continue to work in places where we can on intelligence matters to keep Americans safe.  Counterterrorism is a perfect example.  Americans fly on Russian planes, Russians fly on American planes, to the extent we can keep planes in the sky.  All of those counter terrorism issues and places they overlap, where there are terrorists in Kazakhstan or Russia or other places where the Russians might have information, I certainly expect they’ll share that with us.  And by the same token, if we can help keep Russians or American interests in Russia alive by providing them with information, it’s the right thing to do.

So I took, and take, Pompeo’s refusal to confirm the intelligence related “to that” as a refusal to go beyond the ICA. Sure, perhaps Hewitt’s question was orchestrated. Perhaps this is Pompeo’s way of acceding to Trump’s request to downplay the Putin role in the election operation.

But you can’t pick and choose among public deferrals of answers. If John Brennan could get away with this kind of obfuscation (and he did, including with these journalists in particular) then similar obfuscation should not suddenly become an object of suspicion.

The point is no CIA director should get away with this kind of parsing. But what Pompeo has done here is more of the same kind of parsing that all CIA Directors, forever and ever, have engaged in, with the indulgence of their favored press outlets.

That’s not acceptable. But those who’ve permitted such indulgences in the past are in no position to demand more transparency from other CIA Directors.

By all means let’s criticize Pompeo for helping Trump to downplay the Russian investigation. But let’s apply the same standards we have to past CIA Directors, especially if we’re those who’ve gotten privileged access in the past.

Did Pompeo Also Get an Obstruction Call from Trump?

/14 Comments/in , /by

The WaPo reports that Trump called both Admiral Mike Rogers and Dan Coats to ask if they could issue statements denying any collusion between Trump’s campaign and Russia.

Trump made separate appeals to the director of national intelligence, Daniel Coats, and to Adm. Michael S. Rogers, the director of the National Security Agency, urging them to publicly deny the existence of any evidence of collusion during the 2016 election.

Coats and Rogers refused to comply with the requests, which they both deemed to be inappropriate, according to two current and two former officials, who spoke on the condition of anonymity to discuss private communications with the president.

If Trump was calling spooks, he presumably would have called all spooks, including CIA Director Mike Pompeo (with whom he is probably closer than the other two). So why aren’t we hearing about that call? Is Pompeo just better at keeping secrets than his counterparts? Or is he hiding it because he didn’t object as strongly as his counterparts?

Dana Boente Still Has a Job and Why That’s of Interest for WikiLeaks

/in , /by

WaPo has a weird story reporting, erroneously, that Donald Trump has no US Attorneys.

Attorney General Jeff Sessions is making aggressive law enforcement a top priority, directing his federal prosecutors across the country to crack down on illegal immigrants and “use every tool” they have to go after violent criminals and drug traffickers.

But the attorney general does not have a single U.S. attorney in place to lead his tough-on-crime efforts across the country. Last month, Sessions abruptly told the dozens of remaining Obama administration U.S. attorneys to submit their resignations immediately — and none of them, or the 47 who had already left, have been replaced.

“We really need to work hard at that,” Sessions said when asked Tuesday about the vacancies as he opened a meeting with federal law enforcement officials. The 93 unfilled U.S. attorney positions are among the hundreds of critical Trump administration jobs that remain open.

While it is true that Trump had Sessions ask for the remaining 93 US Attorneys’ resignations, he subsequently announced he was keeping Rod Rosenstein (who contrary to WaPo’s claim that he “served as U.S. attorney for Maryland” is still there, and who will become Deputy Attorney General as soon as he’s confirmed in the next few weeks) and Dana Boente (who is US Attorney for EDVA but also acting AG for the Russia investigation).

Both Boente and Rosenstein made press announcements today; the guys whose custody they announced probably would prefer if they weren’t on the job.

I guess the WaPo wanted to suck up to Jeff Sessions and so didn’t consider the possibility that we’re better off with 91 US Attorney vacancies than 91 racist hacks like Sessions, pushing through his regressive policies.

Anyway, since we’ve established that Boente still has a job and in fact oversees the Russia investigation, I thought I’d point out something I was considering during last week’s threats from CIA Director Mike Pompeo against WikiLeaks.

During Pompeo’s comments at CSIS last week, he said,

Julian Assange and his kind are not the slightest bit interested in improving civil liberties or enhancing personal freedom. They have pretended that America’s First Amendment freedoms shield them from justice. They may have believed that, but they are wrong.

[snip]

[W]e have to recognize that we can no longer allow Assange and his colleagues the latitude to use free speech values against us. To give them the space to crush us with misappropriated secrets is a perversion of what our great Constitution stands for. It ends now.

As some people observed, Pompeo’s comments are inconsistent with the practice of Obama’s DOJ, particularly under Holder. While Holder would have happily prosecuted Julian Assange for his role in release of files leaked by Chelsea Manning, he realized that if he did, he’d be criminalizing stuff that the press does.

Pompeo, at least, seems to disagree.

And the reason why Boente’s continued tenure as Eastern District US Attorney — and his role overseeing the Russian investigation — is that he has also been overseeing the ongoing investigation into Wikileaks since 2013.

Consider the fact that Assange’s actions of late may be more incriminating than those involving Manning (even assuming Assange can credibly claim he has no way of knowing whether Russia is responsible for the DNC hack, Assange’s comments about both the DNC and the Vault 7 leak suggest more coordination than in the past). Then add in the fact that Boente, for the next few weeks anyway, might be able to claim to be both US Attorney and Acting AG on any role by WikiLeaks in the publication of the DNC emails. And it raises the possibility that Boente would use this window to indict Assange.

I think that’s unlikely. Moreover, while an indictment would give the US reason to pressure Ecuador even more to boot Assange, it’s not clear they would. But it’s possible.

Pompeo Likens Wikileaks’ Release of CIA’s Hacking Tools to Philip Agee

/9 Comments/in , , /by

In a speech designed to generate headlines, CIA Director Mike Pompeo just attacked WikiLeaks as a “a non-state hostile intelligence service often abetted by state actors like Russia.” The speech was explicitly a response to an op-ed Julian Assange had in the WaPo a few days ago.

Now, for those of you who read the editorial page of the Washington Post—and I have a feeling that many of you in this room do—yesterday you would have seen a piece of sophistry penned by Mr. Assange. You would have read a convoluted mass of words wherein Assange compared himself to Thomas Jefferson, Dwight Eisenhower, and the Pulitzer Prize-winning work of legitimate news organizations such as the New York Times and the Washington Post. One can only imagine the absurd comparisons that the original draft contained.

But the speech deserves closer analysis for several reasons.

CIA Directors hoping to build trust should fact and hypocrisy check better

First, it had the predictable CIA Director errors. As an example, it pretends to be rebutting “false narratives” purportedly spread by WikiLeaks, but uses as an example “the fanciful nation that they spy on their fellow citizens via microwave ovens,” a suggestion first spread by KellyAnne Conway, not WikiLeaks (though WikiLeaks responded by pointing to ways to spy with microwaves, though not ovens). It suggests Assange “directed Chelsea Manning in her theft of specific secret information;” had Assange’s direction been that clear cut, he would have been indicted. Perhaps most hilariously, a guy who — nine months ago — was applauding a WikiLeaks release today had this to say:

First, it is high time we called out those who grant a platform to these leakers and so-called transparency activists. We know the danger that Assange and his not-so-merry band of brothers pose to democracies around the world. Ignorance or misplaced idealism is no longer an acceptable excuse for lionizing these demons.

Yes. By all means, we should call out those who grant a platform to WikiLeaks. Like Mike Pompeo.

The never-ending defense of all spying overseas

The speech is also worth reviewing because of something that has become tiresome in recent years.

To rebut that false narrative Pompeo rebuts a claim that’s beside the point to WikiLeaks’ presentation of the CIA Vault 7 files (though it is one WikiLeaks has suggested on Twitter): that CIA spies on Americans.

[W]e are an intelligence organization that engages in foreign espionage. We steal secrets from foreign adversaries, hostile entities, and terrorist organizations. We analyze this intelligence so that our government can better understand the adversaries we face in a challenging and dangerous world.

[snip]

So I’d now like to make clear what CIA doesn’t do. We are a foreign intelligence agency. We focus on collecting information about foreign governments, foreign terrorist organizations, and the like—not Americans. A number of specific rules keep us centered on that mission and protect the privacy of our fellow Americans. To take just one important example, CIA is legally prohibited from spying on people through electronic surveillance in the United States. We’re not tapping anyone’s phone in Wichita.

Assange has focused primarily not on domestic spying, but on how incompetent CIA was for losing its hacking tools and for the proliferation risk it poses. Here’s what Assange said in his op-ed.

Our most recent disclosures describe the CIA’s multibillion-dollar cyberwarfare program, in which the agency created dangerous cyberweapons, targeted private companies’ consumer products and then lost control of its cyber-arsenal. Our source(s) said they hoped to initiate a principled public debate about the “security, creation, use, proliferation and democratic control of cyberweapons.”

Pompeo admits aggressive use of tools, and promises better security

That’s not a point that Pompeo really debates, though he does say,

CIA is aggressive in our pursuit of the information we need to help safeguard our country. We utilize the whole toolkit at our disposal, fully employing the authorities and capabilities that Congress,

As for losing the cyber toolkit (Pompeo does not, of course, confirm that that is what WikiLeaks has been releasing), Pompeo does promise these changes to improve CIA’s own security.

Second, there are steps that we have to take at home—in fact, this is a process we’ve already started. We’ve got to strengthen our own systems; we’ve got to improve internal mechanisms that help us in our counterintelligence mission. All of us in the Intelligence Community had a wake-up call after Snowden’s treachery. Unfortunately, the threat has not abated.

I can’t go into great detail, but the steps we take can’t be static. Our approach to security has to be constantly evolving. We need to be as clever and innovative as the enemies we face. They won’t relent, and neither will we.

We can never truly eliminate the threat but we can mitigate and manage it. This relies on agility and on dynamic “defense in depth.” It depends on a fundamental change in how we address digital problems, understanding that best practices have to evolve in real time. It is a long-term project but the strides we have taken—particularly the rapid and tireless response of our Directorate of Digital Innovation—give us grounds for optimism.

If these changes go beyond finally ensuring all devices require multi-factor authentication (something a Mike Pompeo overseen CIA did not have this time last year), then it will be a good thing.

The Philip Agee comparison

But I’m perhaps most interested in the implicit comparison Pompeo makes to start his speech. He suggests a comparison between Philip Agee (and the murder of Chief of Station Richard Welch after being outed by Agee) and WikiLeaks (or perhaps Assange personally).

That man was Philip Agee, one of the founding members of the magazine Counterspy, which in its first issue in 1973 called for the exposure of CIA undercover operatives overseas. In its September 1974 issue, Counterspy publicly identified Richard Welch as the CIA Chief of Station in Athens. Later, Richard’s home address and phone number were outed in the press in Greece.

In December 1975, Richard and his wife were returning home from a Christmas party in Athens. When he got out of his car to open the gate in front of his house, Richard Welch was assassinated by a Greek terrorist cell. At the time of his death, Richard was the highest-ranking CIA officer killed in the line of duty.

That’s a pretty remarkable way to introduce this speech. Perhaps to defend it, in the section of the speech dedicated to painting WikiLeaks as a hostile actor, Pompeo notes AQAP thanked WikiLeaks for tipping it off to a way to fight the US it hadn’t thought of.

Following a recent WikiLeaks disclosure, an al Qa’ida in the Arabian Peninsula member posted a comment online thanking WikiLeaks for providing a means to fight America in a way that AQAP had not previously envisioned.

That’s still a long way from posting CIA officers’ identities.

Security firms begin to expose CIA’s roles

All that said, I can’t help but wonder whether this spat between former WikiLeaks booster Mike Pompeo and WikiLeaks stems from a development that I’ve been anticipating: when security firms start treating US intelligence hackers like they do Russian or Chinese ones.

In the wake of WikiLeaks’ Vault 7 documents, both Symantec and Kaspersky wrote reports on Vault 7 hacks they had seen working with clients. Symantec provided a very convincing table correlating the compilation time of what they’ve seen with the evidence WikiLeaks presented.

Symantec also described the victims generally (including describing what sounds like CIA detasking as soon as they realized they had accidentally attacked a US target).

Longhorn has infiltrated governments and internationally operating organizations, in addition to targets in the financial, telecoms, energy, aerospace, information technology, education, and natural resources sectors. All of the organizations targeted would be of interest to a nation-state attacker.

Longhorn has infected 40 targets in at least 16 countries across the Middle East, Europe, Asia, and Africa. On one occasion a computer in the United States was compromised but, following infection, an uninstaller was launched within hours, which may indicate this victim was infected unintentionally.

Kaspersky offered no such public detail.

Nevertheless, these reports are just one of several developments of late (which I hope to return to) that exhibit the US’ hackers being treated like Russian or Chinese hackers are — as general adversaries outside of their country. If, as seems likely given Symantec’s description of European victims, some of the victims are nominal US allies, that’ll grow worse.

If I’m right, it’s a significant development. It may not equate to a CIA officer being outed. But it may case far more problems.

Update: As a number of people have made clear, Agee was not responsible for Welch’s death. So I’ve deleted those words.

The Problems with Pompeo: A Willingness to Use Information on Americans Russia Hacked and Shared with Trump

/20 Comments/in , , , /by

On Friday, the Senate confirmed the first two of President Trump’s nominees: Generals Mattis and Kelly to run DOD and DHS, respectfully. But it did not confirm the third nominee slotted for that day, Mike Pompeo. In part because the nomination was not dealt with in regular fashion in the Senate Intelligence Committee (which did not vote out his nomination), Ron Wyden managed to force Mitch McConnell to hold 6 hours of debate tomorrow on his nomination.

Wyden has suggested we need to have more debate because Pompeo hasn’t answered all the questions posed to him. And it is true that Wyden has concerns about the following issues. But perhaps most of all, Wyden’s questions suggest he is concerned that the Trump administration will use information the Russians hacked against Americans.

In follow-up questions posed to Pompeo, Wyden expressed concern about Pompeo’s:

  • Enthusiasm for using bulk collections of “lifestyle” information on Americans
  • Willingness to have the CIA engage in activities the Ambassador or other Chief of Mission disagrees with
  • Squirminess about when the CIA can kill a US person
  • Dodginess on classifying torture information that reveals illegal, embarrassing, competitive, or otherwise unclassified information

But as I said, Wyden’s chief concern appears that Pompeo will use information the Russians have or will give the Trump administration against Americans.

Enthusiasm for using bulk collections of “lifestyle” information on Americans

A big point of concern for Wyden and Martin Heinrich throughout Pompeo’s confirmation process is this op-ed he wrote at the beginning of last year. Based in part on the fact that the intelligence community didn’t find the Tashfeen Malik’s anti-American statements on non-public social media, and in part on the demonstrably false claim that the IC didn’t find the Garland attackers beforehand (in reality, the FBI was cheering them on), Pompeo argued we need to collect still more data. “Congress should pass a law re-establishing collection of all metadata, and combining it with publicly available financial and lifestyle information into a comprehensive, searchable database,” he wrote.

Pompeo has dodged questions about precisely what “lifestyle” information he wants to collect — though it surely includes Twitter’s firehose of data from Dataminr. Sadly, he repeatedly pointed to executive orders in his answers, and the new EO 12333 sharing rules permit the access of “public” information, which can include information from data brokers (though Pompeo claims ignorance of what he might want to use). So while Wyden is concerned that Pompeo will start dragnetting Americans, sadly he has been enabled to do so by one of the last things Obama did.

Willingness to have the CIA engage in activities the Ambassador or other Chief of Mission disagrees with

Another concern Wyden raised pertains to disagreements between the Chief of Mission (the top diplomat in a country) and the CIA Station Chief. This has been an issue in the past at least as it pertains to drone strikes in Pakistan and the torture program, where the Ambassador was either not informed or not properly consulted on CIA activities within a country.

When asked a yes or no question whether he would permit CIA to conduct activities even while an outstanding disagreement remained, Pompeo refused to answer, stating instead that he would seek an expeditious decision from the President. Effectively, he suggested if he were losing a disagreement with State, he’d get Trump to override State.

Squirminess about when the CIA can kill a US person

Wyden, who has long sought guidelines on when the US can kill an American citizen, returned to pre-hearing questions on this topic. After citing the Drone Rule Book requirement that DOJ be involved before taking action against a US person, he asked whether Pompeo agreed with the requirement. Pompeo basically said the US “must consider an American citizen’s constitutional rights prior to targeting him” and “CIA attorneys frequently consult with” DOJ (though left open the possibility of relying on less formal analysis). Ultimately, Pompeo dodged laying out any additional checks he’d following before killing an American.

Dodginess on classifying torture information that reveals illegal, embarrassing, competitive, or otherwise unclassified information

Wyden asked Pompeo if he disagreed with the prohibitions on classifying information to “(1) conceal violations of law, inefficiency, or administrative error; (2) prevent embarrassment to a person, organization, or agency; (3) restrain  competition; or ( 4) prevent or delay the release of information that does not require protection in the interest of national security,” prohibitions that existed in Clinton’s, George W. Bush’s, and Obama’s EOs on classified information. Pompeo said he did not. However, immediately in that context, Wyden asked about the Torture Report, and Pompeo dodged all questions about declassifying the torture report.

Willingness to use information obtained by Russians hacking Americans

But as I said, Wyden’s persistent concerns in his post-hearing questions pertained to whether and how Pompeo would be willing to cooperate with the Russians. Raising a Pompeo hearing comment that if a foreign partner gave the CIA information on US persons “independently,” “it may be appropriate of CIA to collect [that] information in bulk,” Wyden raised Trump’s encouragement of Russian hacking and asked what circumstances would make foreign collection so improper that CIA should not receive such information. Pompeo responded, “information obtained through such egregious conduct may be appropriate for the CIA to use or disseminate.”

Wyden then listed out a bunch of conditions, such as information coming from an adversary, to disrupt US democracy, information implicating First Amendment protected political activity, or information affecting thousands or millions of Americans. “The listed conditions could all be relevant,” Pompeo responded, remaining non-committal.

Wyden raised a Pompeo comment suggesting rules for accessing US person communications under EO 12333 and asked if that was true of information known to include significant US person information. Pompeo said he would consult experts and AGG guidelines (which, arguably, are this flexible).

Wyden raised Pompeo’s promise to expand intelligence cooperation with state and non-state partners, and asked specifically whether this included Russia, and if so how Pompeo planned on dealing with the counterintelligence risks of doing so. Pompeo said he as not referring to “any specific partners,” said, “CIA already has a strong counterintelligence program,” and said anything he did would comply with law and standard practices and be noticed to Congress.

Wyden then asked if “it is legal or appropriate for the White House to obtain from a foreign partner…information that includes the communications of U.S. persons” and if he learned that they were doing so, whether he would inform Congress of it. Pompeo responded “I am not aware of a DCIA role in supervising White House activities or providing legal counsel to the White House on its activities,” apparently committing only to informing Congress of CIA’s own activities.

In short, there are a lot of reasons to be worried about Pompeo as Director of CIA. But Wyden seems most worried that CIA (and the White House) will use information Russia gives them against American citizens.

McCain Has One Way to Prevent Torture under Trump — Oppose Pompeo and Sessions

/6 Comments/in , /by

The Saturday before Thanksgiving, John McCain made some strong statements about whether President Trump will be able to resume torture.

Republican Sen. John McCain issued a fiery warning to President-elect Donald Trump on the subject of torture Saturday.

“I don’t give a damn what the president of the United States wants to do. We will not waterboard,” McCain told an audience at the annual Halifax International Security Forum. “We will not torture people … It doesn’t work.”

McCain’s comments have gotten quite a lot of approving press since.

But that approving press is misplaced.

After all, tough words will not prevent Trump from resuming torture — no matter what NYT’s rather bizarre story claiming there are obstacles to doing so claims. As I laid out weeks ago, the bureaucratic work-arounds are already in place.

No. The single most effective way for Senator McCain to prevent Trump from resuming torture is to ensure the people he appoints are actually opposed to it.

Already, Trump has named two pro-torture Republicans to top positions: Trump’s Attorney General pick, Jeff Sessions, voted against the anti-torture amendment McCain wrote to try to codify the law. In response to the release of the Torture Report, Trump’s CIA Director pick, Mike Pompeo, declared the torturers “are not torturers, they are patriots.”

McCain — whose comment on torture came the day after Trump named these appointees — has not committed to opposing their nomination. Instead, he just wants to make strong statements that will do little to prevent Trump from ordering Pompeo to resuming the torture.

Maybe that’s why McCain is getting so touchy about the President-elect.

Today, he told two different reporters he didn’t want to answer questions about Trump. Here’s what he said to HuffPo’s Laura Barron-Lopez:

I will not discuss President-elect Donald Trump, ok? And that is my right as a Senator. I do not have an obligation ma’am to answer any question I don’t feel like answering. I’m responsible for the people of Arizona and they just [re-elected] me overwhelmingly.

He said something similar to CNN’s Manu Raju.

Cranky-as-fuck John McCain is ratcheting it up!

But he’s going to need to crank it up even more. McCain, with just two of his colleagues, has the power and moral authority to oppose pro-torture appointees. That would require confronting the leader of his party. But it is also one of the only real ways to prevent the US from resuming torture.

Military Intelligence Industrial Complex Providing 30% Bonuses to Potential HASC and HPSCI Chairs

/5 Comments/in /by

Because of Buck McKeon and Mike Rogers’ retirement this year, the Chairmanships of both the House Armed Services Committee and the House Intelligence Committee will be up for grabs early next year.

Roll Call decided to see how this was affecting funding for the contenders to replace McKeon and Rogers.Their results were pretty striking. HASC contenders Mac Thronberry and Randy Forbes and HPSCI contenders Devin Nunes and Mike Pompeo are experiencing significantly bigger hauls from defense contractors than in the past.

Four of the top five candidates for the chairmanships of the House Armed Services and Intelligence panels have raised considerably more money this election cycle than they did at a similar point in 2012. The same four have also raised much more money from the defense industry than before – in some cases, more than doubling their takes.

Most of them, too, have raised more money in the first full quarter since the departures of the incumbent chairmen became official, and donated more to other candidates and GOP party committees than in the last cycle.

[snip]

Thornberry, Forbes, Nunes and Pompeo each have raised at least 30 percent more through the first six quarters of the 2014 election cycle than they did over same period of 2012. Only King — who was Homeland Security chairman through 2012 — has raised less. Nunes has raised the most overall: $2 million.

Thornberry, Nunes and Pompeo have more than doubled in the current election cycle the amount they got from the defense sector over the same period in the 2012 election cycle, and Forbes has reaped 40 percent more, while King’s dipped. Thornberry has received the most overall — $344,350.

Thornberry, too, saw the biggest leap from the most recent fundraising quarter than ended in June compared with the same quarter in the 2012 cycle, 84 percent. Forbes and Pompeo also saw increases over that period.

Click through to see how McKeon and Rogers’ retirement announcements set off this boondoggle and how the take has allowed the contenders to fund their colleagues as well.

Ah, democracy as our forefathers intended! Where campaign bribery plays a key role in determining who will oversee the National Security State.

The RNC and the Dead-Enders

/10 Comments/in /by

If you’ve spent much time in political party conventions, you likely know that the resolution process largely serves as an opportunity for active members to vent. While party resolutions might represent where the ideological base of the party is, nothing prevents the elected leaders of the party to blow off resolutions (though at times resolutions are deemed toxic enough for leaders to undermine by parliamentary stunts).

Which is why I find the response to the RNC’s resolution renouncing the NSA’s “Surveillance Prorgam” (it mentions PRISM and, implicitly, the phone dragnet) so interesting.

There are responses like this, from Kevin Drum, who spins it as pure politics.

I get that politics is politics, and the grass always looks browner when the other party occupies the Oval Office. And there are plenty of liberals who are less outraged by this program today than they were back when George Bush and Dick Cheney were in charge of it.

But holy cow! The RNC! Officially condemning a national security program that was designedby Republicans to fight terrorism!

Benjy Sarlin, in the account Drum linked, got the politics more clear, reading this, in part, as the influence of libertarians who largely gained ascendance as part of a backlash against Bush policies or at least failures.

But the resolution also is a sign of the increasing influence of the libertarian wing of the party, especially supporters of Ron Paul and his son, Rand Paul, who have made government overreach in pursuit of terrorists a top issue. Both Orrock and fellow Nevada Committeeman James Smack, who presented the resolution on her behalf, supported the elder Paul’s presidential campaign.

But I also think there’s more to it.

There is certainly a great deal of opportunism here (note, Democrats’ utter disdain for tech companies’ concerns about the dragnet make this a monetary, as well as political opportunity for the GOP, one already bearing fruit). And while the GOP establishment is still cautiously trying to regain control over the Tea Party forces that it once encouraged, there has also been a slow change in traditional conservatives’ stance, too, which I measure through Amash-Conyers opponent Bob Goodlatte’s changing position.

Goodlatte has issued three statements in recent weeks (January 9, January 17, and January 23) calling for reform (including more civil liberties protections and attention to tech companies’ concerns) and more transparency. In the most interesting of the statements, Goodlatte suggested that if Obama wanted to keep the dragnet he’d have to explain what purpose it was really serving and then argue that that purpose

Over the course of the past several months, I have urged President Obama to bring more transparency to the National Security Agency’s intelligence-gathering programs in order to regain the trust of the American people. In particular, if the President believes we need a bulk collection program of telephone data, then he needs to break his silence and clearly explain to the American people why it is needed for our national security. The President has unique information about the merits of these programs and the extent of their usefulness. This information is critical to informing Congress on how far to go in reforming the programs. Americans’ civil liberties are at stake in this debate. [my emphasis]

As I’ve been pointing out for some time, no dragnet defenders have yet to explain what purpose it really serves, and I’m struck that Goodlatte seems to suggest the same. Note, too, that Goodlatte was among the 6 Representatives who attended Bruce Schneier’s briefing on what NSA was really doing, along with leading GOP dragnet opponents Jim Sensenbrenner and Justin Amash and 3 Democrats.

I would suggest to Democrats who see this resolution exclusively as an overly cynical attack on Obama there may, in fact, be things that could explain why Republicans specifically or reasonable Americans more generally might have good reason to oppose the dragnet.

Now back to the resolution. As Sarlin notes, “Not a single member rose to object or call for further debate, as occurred for other resolutions.” (I like to think that had Michigan’s retrograde Dave Agema been able to participate rather than fending off calls for his resignation, he might have spoken up for authoritarianism.)

Instead of opposition from the Republican Party then, came first this quote to Sarlin,

“I think it probably does reflect the views of many of the people who really want to turn out the vote and who are viewing the world through the prism of the next election,” Stewart Baker, a former Bush-era Homeland Security official, told msnbc in an email. “It’s a widespread view among Republicans, but I think the ones that know this institution best and for whom national security is a high priority don’t share this view.”

Then what Eli Lake reports as a letter (Lake doesn’t say to whom) from just one elected official — KS Representative and House Intelligence Committee member Mike Pompeo — and 7 Bush officials (including Baker) blasting the resolution. Part of the letter, apparently, serves to waggle National Security seniority, as Baker already had.

Their letter says: “The Republican National Committee plays a vital role in political campaigns, but it has relatively little expertise in national security.”

And part of it serves to correct a technical inaccuracy that may not be one.

In particular the letter takes issue with the resolution’s claim that the NSA’s PRISM program “monitors searching habits of virtually every American on the internet.”

“In fact, there is no program that monitors the searches of all Americans,” the letter says. “And what has become known as the PRISM program is not aimed at collecting the communications of Americans. It is targeted at the international communications of foreign persons located outside the United States and is precisely the type of foreign-targeted surveillance that Congress approved in 2008 and 2012 when it enacted and reauthorized amendments to the Foreign Intelligence Surveillance Act.”

At issue is the language of the resolution, which starts by discussing PRISM, but then talks about what is clearly the phone (though it would encompass the Internet) dragnet, but then explicitly returns to both, by name of the authority that govern them.

WHEREAS, the secret surveillance program called PRISM targets, among other things, the surveillance of U.S. citizens on a vast scale and monitors searching habits of virtually every American on the internet;

WHEREAS, this dragnet program is, as far as we know, the largest surveillance effort ever launched by a democratic government against its own citizens, consisting of the mass acquisition of Americans’ call details encompassing all wireless and landline subscribers of the country’s three largest phone companies.

[snip]

RESOLVED, the Republican National Committee encourages Republican lawmakers to enact legislation to amend Section 215 of the USA Patriot Act, the state secrets privilege, and the FISA Amendments Act to make it clear that blanket surveillance of the Internet activity, phone records and correspondence — electronic, physical, and otherwise — of any person residing in the U.S. is prohibited by law and that violations can be reviewed in adversarial proceedings before a public court;

RESOLVED, the Republican National Committee encourages Republican lawmakers to call for a special committee to investigate, report, and reveal to the public the extent of this domestic spying and the committee should create specific recommendations for legal and regulatory reform ot end unconstitutional surveillance as well as hold accountable those public officials who are found to be responsible for this unconstitutional surveillance; [my emphasis]

7 Bush officials and 1 HPSCI member (but not, oddly enough, the always boisterous Mike Rogers) have weighed in to say that the NSA doesn’t monitor the searches of some Americans and then trots out the tired “targeted at foreign persons” line, without addressing the question of blanket surveillance of communications more generally.

Sarlin, in his piece, similarly retreats to “targeting” claptrap, claiming only that “lawmakers have accused the agency of overreaching.”

Somehow both the Bush dead-enders and Sarlin neglect to mention backdoor searches, which allow the NSA to use metadata collected under a range of dragnets to obtain US content without even Reasonable Articulable Suspicion.

And while it’s not all that surprising that Sarlin chose not to discuss how NSA can get domestic content, as I will show in a follow-up post the collection of dead-enders (Lake fleshed out the list here) who weighed in to deny that the NSA dragnet gets US person content is particularly instructive, as I’ll show in a follow-up post.