Posts

Tucker Carlson and Glenn Greenwald Are Outraged that Bill Barr Set Up Antifa!!!! [Just Kidding]

You’ve no doubt seen the conspiracy theory championed by Tucker Carlson and Glenn Greenwald claiming that the unnamed Oath Keeper associates described in those indictments are actually FBI informants.


As happened with earlier propaganda campaigns (notably the one downplaying Brian Sicknick’s death), the conspiracy theory started with Revolver News, got magnified by Tucker Carlson, and got normalized by Glenn Greenwald (the latter of whose central role largely escaped attention because commentators don’t identify him, yet, as a right wing propagandist).In his first appearance, Carlson grotesquely accused Sharon Caldwell, who was described in later Oath Keeper documents as Person Two but was identified clearly in earlier documents by her first name and as Thomas Caldwell’s spouse, of being an informant who framed her husband.

Person Two and Person Three were organizers of the riot. The government knows who they are. But the government has not charged them. Why is that? You know why. They were almost certainly working for the FBI. So FBI operatives were organizing the attack on the Capitol on January 6, according to government documents. And those two are not alone! In all Revolver News reported there were, quote, “upwards of 20 unindicted co-conspirators in the Oath Keepers indictments, all playing various roles in the conspiracy, who have not been charged for virtually the exact same activities — and in some cases much, much more severe activities — as those named alongside them in indictments.”

Huh????

So it turns out that this white supremacist insurrection was, again, by the government’s own admission in these documents organized at least in part, by government agents.

This little campaign has led compromised members of Congress to embrace this excuse for the insurrection they previously have claimed was not an insurrection at all.


Thomas Caldwell’s wife, Sharon, is Person Two

To show that “Person Two,” whom Tucker Carlson alleges for framing Thomas Caldwell, is actually his wife, Sharon, you can compare this filing, where her name is not redacted, with this one, where “Person Two” has substituted for her name.

1. Sharon Caldwell is Thomas’ wife:

2. “Sharon and I are setting up shop there” (at the Comfort Inn Ballston) and then “Sharon and I are going our way.”

3. “Sharon was right with me!”

Later filings over release conditions confirm the selfies posted to Facebook were of Thomas’ wife, describe Thomas agreeing to be accompanied by his wife, Sharon, to Sunday Mass starting on Easter, expressing concern that his wife has to do all the chores on their 30-acre farm which has led to the loss of farm income, and describing that he rarely travels anywhere without his wife, Sharon Caldwell, and she’s willing to go with him every time he does leave their property.


Glenn and Tucker must be outraged that Billy Barr set up Antifa

Parts of this campaign are pathetic, even for the men involved, and may reflect a desperate attempt to repackage their own past claims.

For example, after parroting a bunch of obviously self-serving PR from Parler in the days after the attack (such as that the insurrectionists organized on Facebook, not Parler), Glenn now shows that Parler was actually sharing threats of violence with the FBI in advance, without noting that that undermines several things he said in the past, such as that the insurrectionists didn’t plan on Parler. This must be dizzying and embarrassing for Glenn.

And because Glenn has to package this — like he did his never-ending obsession with Hunter Biden’s laptop — as a failure of Democrats and liberal media, he remarkably claims that the left — which has so relentlessly asked why the FBI was caught unawares that Glenn even screen caps an example of Ryan Goodman linking to Carolyn Maloney doing so — is resistant to questioning the FBI’s role in the riot.

What accounts for this furious liberal #Resistance to questioning the FBI’s role in the January 6 riot and asking whether there are vital facts that are being concealed?

Maybe Glenn has a harder time getting CSPAN in Brazil than I do in Ireland, because when I’ve watched the multiple hearings Democratic Chairs of various committees (including Maloney) have had with FBI Director Chris Wray or now-National Security Branch EAD Jill Sanborn, they question the FBI about it over and over and over. Glenn literally made up this hash-tagged resistance out of thin air because he needs it to be true, when in fact the opposite is true.

But it’s important to look at what this propaganda campaign obscures.

Probably, this campaign got started because a number of people implicated in the investigation, now realizing that it won’t go away, are trying to absolve themselves of any responsibility. It has already happened with those charged for crimes committed on January 6. Dominic Pezzola suggested that a key witness against him was actually more involved in the riot than he was, only to learn he guessed wrong and that the government was going to invoke a terrorism enhancement with him. Similarly, top Proud Boys were hinting at challenges to the UCC-1 described in their indictment, before they grew conspicuously silent about it, as if they learned something that undercut such claims. [see update below]

The other reason people are talking about informants is that (FBI’s failure to respond notwithstanding) it’s not that far-fetched. Importantly, multiple Proud Boys have claimed to be informants, though Glenn only mentions Enrique Tarrio. Maybe that’s because the implication of the claims from the others leads to a place Glenn and Tucker don’t want to go. Of the four Proud Boys that Aram Rostom described as being FBI informants prior to January 6, three claimed to be sharing information about Antifa.

Reuters interviewed two Proud Boys members who spoke on the condition of anonymity about some members’ interactions with the FBI. Reuters also interviewed Proud Boys leader Enrique Tarrio, examined court records and interviewed sources close to the federal investigation.

The reporting showed:

– One Proud Boy left the group in December after telling other members he was cooperating with the FBI by providing information about Antifa, say Tarrio and two other Proud Boy sources. The former member, whom Reuters was unable to identify, insisted to group leaders that he had not revealed information about the Proud Boys, these people say.

– A second Proud Boy leader bragged in 2019 about sharing information with the FBI about Antifa, according to private chats leaked on social media. The chats’ authenticity was confirmed by a source familiar with the Proud Boys and the Jan. 6 case.

– A third Proud Boy leader, Joseph Biggs, who was indicted and charged with conspiracy in the January attack, has said in court papers he reported information to the FBI about Antifa for months. Reuters spoke to Biggs two days before the riot. In that interview, he said he had specific plans for Jan. 6, but declined to disclose them. But, he volunteered to Reuters in that call, he was willing to tell his FBI contact of his plans for the coming rally, if asked. Reuters wasn’t able to determine whether such a contact took place. [my emphasis]

What this suggests is not that the FBI set up the Proud Boys with paid informants, but the opposite: that under a President who “denounced” the Proud Boys by saying they should “Stand back and stand by,” and under an Attorney General who dismissed threats against a judge involving the Proud Boys as a technicality, the Proud Boys were viewed not as an equivalent (or greater) threat than Antifa, but instead were able to disguise their use of Antifa as a foil to sow violence by serving as informants against them.

If these three self-proclaimed informants are right (there’s good reason to doubt them), then it means under Bill Barr, the FBI was using informants not to set up the Proud Boys, but instead to set up Antifa.

If Tucker and Glenn were good faith actors and not paid propagandists, you would fully expect them to be outraged that the FBI set up Antifa.

Especially because of the possibility that the FBI didn’t take the Proud Boys threat seriously because (on top of being endorsed by the President and downplayed by the Attorney General), they prioritized investigating Antifa over investigating the Proud Boys. With that possibility in mind, read the framing of Glenn’s Substack post:

The original report, published by Revolver News and then amplified by Fox News’ Tucker Carlson, documented ample evidence of FBI infiltration of the three key groups at the center of the 1/6 investigation — the Oath Keepers, the Proud Boys, and the Three Percenters — and noted how many alleged riot leaders from these groups have not yet been indicted. While low-level protesters have been aggressively charged with major felonies and held without bail, many of the alleged plot leaders have thus far been shielded from charges.

The implications of these facts are obvious. It seems extremely likely that the FBI had numerous ways to know of any organized plots regarding the January 6 riot (just as the U.S. intelligence community, by its own admission, had ample advanced clues of the 9/11 attack but, according to their excuse, tragically failed to “connect the dots”).

[snip]

What would be shocking and strange is not if the FBI had embedded informants and other infiltrators in the groups planning the January 6 Capitol riot. What would be shocking and strange — bizarre and inexplicable — is if the FBI did not have those groups under tight control.

It is fucking insane that Glenn claims to be mystified by the possibility that a group endorsed in the President’s first Presidential debate and dismissed by the Attorney General would not get the proper scrutiny by the FBI. Trump very effectively punished people — especially at the FBI — for investigating entities close to him. And on September 29, 2020, Donald Trump made it quite clear the Proud Boys should get special treatment. That’s all the explanation you need. Though it is, indeed, reason for closer scrutiny, the kind of scrutiny that Democrats have been demanding, Glenn’s false claims to the contrary notwithstanding.

But if you want to raise the possibility that FBI had informants in the group, then the explanation may be equally as damning: That the FBI didn’t see January 6 coming because it was too busy treating Antifa as a terrorist threat.

Indeed, everything we know about the threat reporting on that day — which claimed the big risk of violence arose from the possibility of clashes between counter-protestors and right wing militias — suggests that may be what happened: that the FBI was looking the other way, possibly in conjunction with the militia that played a key role in planning the attack. That certainly accords with Acting Secretary of Defense Christopher Miller’s claim that Trump told him to use the National Guard to protect Trump supporters.

Since Glenn claims to be very familiar with the role of informants, surely he knows that multiple terrorists — definitely David Headley and allegedly Tamerlan Tsarnaev and Omar Mateen — have planned attacks under the cover of serving as informants (or in the case of Mateen, his father doing so). There were also at least two former FBI informants that played key parts in the Russian operation in 2016. The most logical answer to the questions that Glenn pretends to entertain is that the FBI didn’t look too closely at what Joe Biggs was planning (as part of a Kelly Meggs-brokered Florida alliance of militia groups with ties to Roger Stone), because they treated him as a credible source of reporting on Antifa.

The propaganda that goes unnoticed

The absurdity of accusing Sharon Caldwell of entrapping her spouse has, justifiably, gotten all the attention from this campaign.

But there’s a piece of propaganda that it incorporates — one parroted by Members of Congress — that deserves focus of its own: in framing his piece, Glenn not only claims that the plot leaders have been shielded from charges, he also states as fact that, “low-level protesters have been aggressively charged with major felonies and held without bail.”

While low-level protesters have been aggressively charged with major felonies and held without bail, many of the alleged plot leaders have thus far been shielded from charges.

In making this claim, Glenn is mindlessly parroting something that appears in the original Revolver piece.

The first category is the group of mostly harmless tourists who walked through already opened doors and already-removed barricades, and at most were guilty of minor trespassing charges and light property offenses. The second group consists of those who were violent with police officers, broke down barricades, smashed windows, belonged to a “militia” group engaged in military-style planning prior to the event, discussed transporting heavy weaponry, and so forth.

Up until now, the overwhelming (perhaps exclusive) share of counter-establishment reporting on 1/6 has focused on absolving the first group. And this is a valuable thing. The notion that these harmless “MAGA moms” wandering around the Capitol were domestic terrorists engaged in an insurrection is absurd. That many of these people are being held in prison, without bail, under harsh conditions, amounts to an unacceptable and outrageous abuse of basic human rights.

The only way to sustain a claim that “low-level protestors” have been charged with major felonies and held without bail is to claim that alleged plot leaders — people like Ethan Nordean, Joe Biggs, Billy Chrestman, and Kelly Meggs — were actually just protestors.

That’s because with perhaps two exceptions (people like Karl Dresch whose criminal records were cited as the reason for their detention), the only people who remain in jail are either those charged with planning the insurrection, or people who engaged in violence or came armed. And even many of those people were released. Just going in alphabetical order, Christopher Alberts brought a gun and a magazine to the insurrection but was released on bail. John Anderson is accused of assault but is out on bail. Richard Barnett, who entered Nancy Pelosi’s office with a high voltage stun gun, was initially jailed but has since been released. Bradley Bennett, whom the government argued went on the lam for weeks and destroyed his phone, got released on bail. Craig Bingert, involved in one of the conflicts with cops at a barricade, was released on bail. Gina Bisignano, accused of inciting violence and destruction with a bullhorn, was released on bail. Joshua Black, who was involved in confrontations with cops before heading to the Senate Chamber and said God ordered him to riot, was released on bail. James Breheny, an Oath Keeper who allegedly lied to the FBI and attended a key inter-militia planning event, is out on bail. Both men who brought zip ties to the Senate Chamber on the day of the riot, Eric Munchel and Larry Brock, are out on bail (and Brock isn’t even charged with a felony).

Even Brandon Fellows, charged with obstruction and present when Jeff Merkley’s office was trashed and laptop stolen, thus far remains out on bail, even after several bail violations.

Perhaps the only two people who remain in custody who weren’t either associated with a group being treated as a militia or involved in assault are Doug Jensen and Jacob Chansley. Both, though, played a kind of leadership role during the attack, both brought blades with them to the insurrection, both had direct confrontations with cops, and the government has argued (Jensen, Chansley) both exhibit the kind of fervor in their QAnon beliefs that pose a particular danger.

Given that QAnon had better success placing bodies where they were useful during the insurrection, I’m not sure it even makes sense to treat them differently than the more traditional militia.

Other than that, the men detained pre-trial are accused of leading the insurrection, precisely the people that this conspiracy theory falsely claims have been shielded from charges. Among the Proud Boys, Ethan Nordean, Joe Biggs, Charles Donohoe, Zack Rehl, and Kansas City cell leader Billy Chrestman remain jailed. Among the Oath Keepers, Kelly Meggs, Kenneth Harrelson, and Jessica Watkins remain jailed. All are accused of playing key leadership roles in the insurrection.

There were some questionable detention decisions early on. At this stage, however, there are no cases where people still detained are simply protestors on the wrong side of the law.

And yet even Glenn makes that false claim without any evidence.

Donald Trump’s FBI Director and Bill Barr’s hand-picked US Attorney called these defendants terrorists

There’s one more aspect of this conspiracy that is confounding.

Tucker Carlson and Glenn Greenwald suggest this is a Deep State plot to harm Trump and his supporters. Even Andrew McCarthy, who wrote a long and worthwhile piece debunking Tucker and Glenn’s conspiracies, nevertheless claims the prosecutorial decisions in this case reflect Democratic politicization.

Although Schaffer is plainly a member of the Oath Keepers conspiracy, the Biden Justice Department did not have him plead guilty to the conspiracy charge in the Oath Keepers indictment. That’s undoubtedly because, for the purposes of helping Democrats hype a white-supremacist terrorism narrative, the conspiracy charge is too minor. Although that charge has been portrayed by the media and the Justice Department as if it were a terrorism allegation, it actually involves a statute that criminalizes comparatively minor conspiracy offenses, fit for a maximum penalty of just five years’ imprisonment (with the possibility of no jail time at all).

So instead, DOJ had Schaffer plead guilty to a two-count criminal information, charging him with the substantive crimes of obstructing Congress and illegally carrying a dangerous weapon (bear spray) on restricted federal grounds. That allowed government officials to bray that Schaffer could be looking at 30 years in prison, which sure sounds a lot worse than five years. But it’s a feint. The 30-year level is just an aggregation of the maximum sentences prescribed by the two statutes in Schaffer’s guilty plea — i.e., the highest possible sentence that could potentially apply to anyone who violated these laws. The sentence a judge actually imposes within that 30-year range depends on the circumstances, with only the worst offenders getting the maximum sentence. Realistically, then, what matters in Schaffer’s case are the federal sentencing guidelines that apply specifically to him. In the plea agreement’s fine print, prosecutors concede that the guidelines call for a relatively paltry 41- to 51-month term, which may be reduced if his cooperation proves to be valuable.

I suspect that Schaffer is one of the unnamed, numbered “Persons” referred to in the Oath Keepers indictment.

[snip]

To be clear, Carlson is right that it is ridiculous for Attorney General Merrick Garland to portray the Capitol riot as if it were a terrorist attack and the people behind it as the most dangerous national-security threat we face. As noted above, the conspiracy allegation is not a terrorism charge: It carries a penalty of no more than five years. Carlson is right to point out that, despite the government’s and the media’s claims to the contrary, there is no indication that racism motivated the riot (the Oath Keepers, for example, are not a white-supremacist organization, and the indictment does not even hint that race had anything to do with January 6). Carlson is right that, even as congressional Democrats posture about the supposed need for a commission to fully expose the events of January 6, the government is withholding mounds of information — including the identity of the security official who killed rioter Ashli Babbitt, a concealment that would be unfathomable in a case where a police officer killed an African-American criminal suspect or a Black Lives Matter rioter. And Carlson was right to call out the ludicrous suggestion by Frank Figliuzzi, a former top FBI national-security official, that congressional Republicans who cynically supported Trump’s scheme to overturn the election result are the equivalent of a terrorist organization’s “command and control element.”

Christopher Wray — the FBI Director chosen by Donald Trump — has, from day one, called this a terrorist attack.

More importantly, the person leading this investigation for the first two months was the US Attorney Bill Barr installed with no input from Congress, Michael Sherwin. If Sherwin had his way, these people would be charged with seditious conspiracy. Under Sherwin, Proud Boy Dominic Pezzola’s crimes were labeled terrorism. Under Michael Sherwin, Jessica Watkins’ crimes were labeled terrorism. And while the Jon Schaffer cooperation agreement that McCarthy disdains was finalized after Sherwin left, signs of it were already evident before Sherwin left (note, McCarthy is probably wrong in his belief that Schaffer is one of the people identified thus far in the Oath Keepers conspiracy, and he misunderstands why prosecutors charged Schaffer like the did). A Sherwin-friendly article written after his departure quotes him stating these were not close cases (and also taking credit for making the bulk of the cases).

“These were not complicated cases,” Sherwin said of the Capitol breach probe. “What made these cases so unusual were the scope and scale of the crime,” reaching into almost every state in the country, including Florida.

Sherwin’s tour of duty as acting U.S. Attorney ended soon after the Biden administration took over the Justice Department. He was asked to stay on as the lead prosecutor in the Capitol breach probe, but Sherwin said it was time to move on after making the bulk of the cases in the investigation.

If you have a problem with the way this investigation unfolded, you have a problem not with Joe Biden’s DOJ, but instead with the guy Bill Barr installed into a politicized US Attorney role with no input from Congress.

Which may be why those who need to downplay the seriousness of the attack have instead resorted to baseless conspiracy theories.

Update: Because some dead-enders still don’t believe that Tucker Carlson has accused Sharon Caldwell of entrapping her husband Thomas, I’ve done an entire section showing how the same references to Person Two in a later filing show up as Thomas’ wife Sharon in an earlier one. I also describe all the efforts Sharon is making to keep her husband out of jail.

Update, July 25: Above, I noted that the Proud Boy leaders seem to have learned something that sated their curiosity about whether UCC-1 was an FBI informant. Indeed they did. At a recent hearing, one of the AUSAs on the case revealed that they had been provided this person’s identity and confirmation he was not an informant.

Several more relevant updates: First, Larry Brock has since been charged with obstruction, a felony, but remains out on bail. Doug Jensen, one of the last remaining people who wasn’t either a leader or charged with assault still being detained, was released on bail. Michael Curzio, one of just a few exceptions who got jailed because of past crimes, got released after serving a six month time served sentence for his misdemeanor trespass charge. Two non-violent defendants — Brandon Fellows and Thomas Robertson — have since had pretrial released revoked for violating their conditions.

Finally, the friend of former DEA officer Mark Ibrahim — who may himself serve as an FBI informant — not only debunked Ibrahim’s excuse for being at the insurrection, but made it clear that the FBI did not formally ask him to attend the event.

IBRAHIM said he went along with his friend, who had been asked by the FBI to document the event, and that he went along with his friend to assist with that effort.

Your affiant also interviewed IBRAHIM’s friend. According to the friend, IBRAHIM crafted this story about how his friend was at the Capitol to assist the FBI and that IBRAHIM was there helping him. IBRAHIM’s friend told your affiant that he was not there in any formal capacity for the FBI and that the FBI was not giving him directions or marching orders. He said that IBRAHIM crafted this story in an effort to “cover his ass.” According to IBRAHIM’s friend, IBRAHIM went to the rally in order to promote himself—IBRAHIM had been thinking about his next move after leaving the DEA and wanted the protests to be his stage for launching a “Liberty Tavern” political podcast and cigar brand.

Ibrahim, who brought another of the guns that Glenn claims no one brought to January 6 and displayed it publicly, is out on bail.

The Predictable Result of Asymmetry in Terrorism Policing: Andrew McCabe’s Demise

I recently finished Andrew McCabe’s book.

It is very effective at what I imagine its intended purposes are. It provides some fascinating new details about the genesis of the Russian investigation. It offers a great introduction in how the FBI (at its best) can work. It gives a self-congratulatory version of McCabe’s career, including key events like the Najibullah Zazi and Boston Marathon investigations; even if McCabe had wanted to tell fully honest stories about those investigations, I’m sure the less flattering details wouldn’t have passed FBI’s publication review.

The book also says satisfyingly mean things about Trump, Jeff Sessions, and (more obliquely) Rod Rosenstein. (I think McCabe’s book release significantly explains the rumors reported as fact that Mueller’s report was imminent some weeks ago; that claim served, in part, to once again eliminate any pressure to fire Rosenstein immediately).

The latter of two, of course, implemented McCabe’s firing. McCabe’s excuse for lying to the Inspector General, which led to his firing, is one of the least convincing parts of the book (he admits he can’t say more because of his continued legal jeopardy, but he does raise it). That’s true, in part, because McCabe only deals with one of the conversations in question; there were a number of them. But he also excuses his chief lie because he was frazzled about learning of the Strzok-Page texts in the same conversation. I can understand that, but elsewhere, one of his digs against Rosenstein is how overwhelmed the Deputy Attorney General was in the wake of the Jim Comey firing. McCabe suggests, in that context, that because he had dealt with big stressful issues (like the Boston Marathon attack), he wasn’t similarly rattled. Which is why I find it disingenuous to use being frazzled for not being fully truthful to the Inspector General. Plus, virtually all defendants prosecuted for lying to the FBI (including George Papadopoulos, but not Mike Flynn, who is a very accomplished liar) are frazzled when they tell those lies; it’s a tactic the FBI uses to catch people unguarded.

I was most frustrated, however, by something that has become increasingly important in recent days: McCabe’s utter lack of awareness (at least in the book) of the import of the asymmetric focus on Islamic terrorism across his career.

After moving to counterterrorism in the mid-00s from working organized crime, McCabe became an utterly central player in the war on Islamic terror, founding the High Value Interrogation Group, and then leading the CT and National Security Divisions of FBI. He was a key player in investigations — like Zazi — that the FBI is rightly proud of.

But McCabe normalizes the choices made after 9/11 to pursue Islamic terrorism as a distinct danger. He (of course) whitewashes Jim Comey’s decision to retain the Internet dragnet in 2004 under an indefensible use of the PATRIOT Act. He argues that it is politically impossible to survive a failure to prevent an attack even though he managed the Boston Marathon attack, where FBI and NSA had some warning of Tamerlan Tsarnaev’s danger, but nevertheless got very little criticism as a result. Most remarkably, McCabe talks about Kevin Harpham’s attempted attack on the Martin Luther King Day parade, mentions as an aside that this was (obviously) not an Islamic terror attack, but offers no reflection on how Harpham’s attack undermines much of what he presents, unquestioningly, as a greater risk from Islamic terrorism (here’s a story on how Barack Obama did not get briefed on Harpham, a decision that may well have involved McCabe).

Granted, McCabe’s blind spots (at least in the book) are typical of people who have spent their lives reinforcing this asymmetry. You see it, too, in this utterly nonsensical paragraph in a largely ridiculous piece from Joshua Geltzer, Mary McCord, and Nick Rasmussen — all likewise accomplished players in the War on Just One Kind of Terrorism — at Lawfare.

The phrases “international terrorism” (think of the Islamic State and al-Qaeda) and “domestic terrorism” (think of the Oklahoma City bombing and the October 2018 shooting at a Pittsburgh synagogue) have often been a source of confusion to those not steeped in counterterrorism. The Islamic State has its roots internationally, but what makes it such a threat to Americans is, in part, its ability to influence domestic actors like Omar Mateen to kill Americans in domestic locations like Orlando, Florida. The group may be “international,” but its attackers and attacks can be, and have been, domestic—to tragic effect.

This paragraph, in a piece that admits the focus of their career has been wrong (and neglects to mention that Christchurch terrorist Brenton Tarrant named Donald Trump, along with Anders Behring Breivik, as an inspiration), suggests that the reason international terrorism is “such a threat” is because it can inspire domestic actors. The logic inherent to that paragraph is that terrorism carried out by “domestic terrorists,” inspired by a domestic white supremacist ideology is any less dangerous than terrorism carried out by people inspired by what is treated as an international ideology. International terrorism is worse than domestic terrorism, these experts argue, because it can lead to domestic terrorism.

Dead is dead. And given the significant number of white supremacists who have had experience in the military and greater tolerance for their training, white supremacists have the potential of being far more effective, as individuals, at killing than US-based Islamic terrorists.

One thing the Lawfare piece studiously avoids acknowledging is that what it calls “domestic” terrorism (the racist ideology of which they never describe) is an ideology significantly exported by the United States. Even in a piece that rightly calls for an equal focus on both white supremacist terrorism and Islamic terrorism, it ducks labeling the ideology in question. And while this WaPo piece does label the ideology in question, it bizarrely calls an attack in New Zealand carried out by an Australian a “domestic” attack.

The WaPo piece describes one problem with the asymmetric treatment of different kinds of terrorism: that governments don’t share intelligence about international violent racist ideology. In fact, in the US, such intelligence gets treated differently, if the FBI’s failure to track the networks around Frazier Glenn Miller and Eric Rudolph is any indication.

Ironically, that’s one reason that McCabe’s failure to track white supremacist terrorism in the same way he tracked Islamic terrorism led to his demise. While the network behind the election year operation that helped elect Trump involves a lot of Russians, it also clearly involves a lot of white supremacists like Nigel Farage (and David Duke), a network Russia exploited. Additionally, as I have argued (and at least one study backs) white supremacist networks provided the real fire behind the attacks on Clinton; Russia’s information operations had the effect of throwing more fuel on a blazing bonfire.

The other problem with the US government’s asymmetric treatment of terrorism is legitimacy. Labeling Islamic terrorism “foreign” and pursuing material support cases based partly on speech has had the effect of criminalizing some speech that criticizes US foreign policy, even well-deserved criticism about the effect of US killing of Muslims. By contrast, white supremacist speech, even that which  more aggressively advocates violence is treated as speech. Yes, deplatforming has begun to change that.

But we’re still not at a place where those who incite white supremacist violence are held accountable for it.

That’s how it was possible for a man to kick off a campaign by inventing lies about Mexican immigrants and how the entire Republican party, up to and including the new supposedly sane Attorney General, are permitted to pursue counterproductive policies solely so they can appear to demonize brown people.

Irrespective of the merit or not in the finding that Andrew McCabe lacked candor with the IG, he got treated the way he did because a man whose entire political career is based off feeding white resentment needed to appear to be a victim of Andrew McCabe. That act, by itself, was not about Trump’s white supremacist ideology. But it is a structure of power that is white supremacist (exacerbated by Trump’s narcissism).

We have a President Trump in significant part because this country has tolerated and even rewarded white supremacist ideology, institutionally ignoring that it poses as much of a risk as violent Islamic ideology. It would be really useful if people like Andrew McCabe spend some time publicly accounting for that fact.

The white supremacy that brought us the Trump presidency would not be possible if we had treated violent white supremacist terror as terror for the last twenty years.

NSA Propagandist John Schindler Suggests Boston Marathon Terrorist Attack Not “Major Jihadist Attack”

NSA propagandist John Schindler has used the San Bernardino attack as an opportunity to blame Edward Snowden for the spy world’s diminished effectiveness, again.

Perhaps the most interesting detail in his column is his claim that 80% of thwarted attacks come from an NSA SIGINT hit.

Something like eighty percent of disrupted terrorism cases in the United States begin with a SIGINT “hit” by NSA.

That’s mighty curious, given that defendants in these cases aren’t getting notice of such SIGINT hits, as required by law, as ACLU’s Patrick Toomey reminded just last week. Indeed, the claim is wholly inconsistent with the claims FBI made when it tried to claim the dragnet was effective after the Snowden leaks, and inconsistent with PCLOB’s findings that the FBI generally finds such intelligence on its own. Whatever. I’m sure the discrepancy is one Schindler will be able to explain to defense attorneys when they subpoena him to explain the claim.

Then there’s Schindler’s entirely illogical claim that the shut-down of the phone dragnet just days before the attack might have helped to prevent it.

The recent Congressionally-mandated halt on NSA holding phone call information, so-called metadata, has harmed counterterrorism, though to what extent remains unclear. FBI Director James Comey has stated, “We don’t know yet” whether the curtailing of NSA’s metadata program, which went into effect just days before the San Bernardino attack, would have made a difference. Anti-intelligence activists have predictably said it’s irrelevant, while some on the Right have made opposite claims. The latter have overstated their case but are closer to the truth.

As Mike Lee patiently got Jim Comey to admit last week, if the Section 215 phone dragnet (as opposed to the EO 12333 phone dragnet, which remains in place) was going to prevent this attack, it would have.

Schindler then made an error that obscures one of the many ways the new phone dragnet will be better suited to counterterrorism. Echoing a right wing complaint that the government doesn’t currently review social media accounts as part of the visa process, he claimed “Tashfeen Malik’s social media writings [supporting jihad] could have been easily found.” Yet at least according to ABC, it would not have been so easy. “Officials said that because Malik used a pseudonym in her online messages, it is not clear that her support for terror groups would have become known even if the U.S. conducted a full review of her online traffic.” [See update.] Indeed, authorities found the Facebook post where Malik claimed allegiance to ISIS by correlating her known email with her then unknown alias on Facebook. NSA’s new phone program, because it asks providers for “connections” as well as “contacts,” is far more likely to identify multiple identities that get linked by providers than the old program (though it is less likely to correlate burner identities via bulk analysis).

Really, though, whether or not the dragnet could have prevented San Bernardino which, as far as is evident, was carried out with no international coordination, is sort of a meaningless measure of NSA’s spying. To suggest you’re going to get useful SIGINT about a couple who, after all lived together and therefore didn’t need to use electronic communications devices to plot, is silliness. A number of recent terrorist attacks have been planned by family members, including one cell of the Paris attack and the Charlie Hebdo attack, and you’re far less likely to get SIGINT from people who live together.

Which brings me to the most amazing part of Schindler’s piece. He argues that Americans have developed a sense of security in recent years (he of course ignores right wing terrorism and other gun violence) because “the NSA-FBI combination had a near-perfect track record of cutting short major jihadist attacks on Americans at home since late 2001.” Here’s how he makes that claim.

Making matters worse, most Americans felt reasonably safe from the threat of domestic jihadism in recent years, despite repeated warnings about the rise of the Islamic State and terrible attacks like the recent mass-casualty atrocity in Paris. Although the November 2009 Fort Hood massacre, perpetrated by Army Major Nidal Hasan, killed thirteen, it happened within the confines of a military base and did not involve the general public.

Two months before that, authorities rolled up a major jihadist cell in the New York City area that was plotting complex attacks that would have rivalled the 2005 London 7/7 atrocity in scope and lethality. That plot was backed by Al-Qa’ida Central in Pakistan and might have changed the debate on terrorism in the United States, but it was happily halted before execution – “left of boom” as counterterrorism professionals put it.

Jumping from the 2009 attacks (and skipping the 2009 Undiebomb and 2010 Faisal Shahzad attempts) to the Paris attack allows him to suggest any failure to find recent plots derives from Snowden’s leaks, which first started in June 2013.

However, the effectiveness of the NSA-FBI counterterrorism team has begun to erode in the last couple years, thanks in no small part to the work of such journalists-cum-activists. Since June 2013, when the former NSA IT contactor [sic] Edward Snowden defected to Moscow, leaking the biggest trove of classified material in all intelligence history, American SIGINT has been subjected to unprecedented criticism and scrutiny.

There is, of course, one enormous thing missing from Schindler’s narrative of NSA perfection: the Boston Marathon attack, committed months before the first Snowden disclosures became public. Indeed, even though the NSA was bizarrely not included in a post-Marathon Inspector General review of how the brothers got missed, it turns out NSA did have intelligence on them (Tamerlan Tsarnaev was in international contact with known extremists and also downloaded AQAP’s Inspire magazine repeatedly). Only, that intelligence got missed, even with the multiple warnings from FSB about Tamerlan.

Perhaps Schindler thinks that Snowden retroactively caused the NSA to overlook the intelligence on Tamerlan Tsarnaev? Perhaps Schindler doesn’t consider an attack that killed 3 and injured 260 people a “major jihadist attack”?

It’s very confusing, because I thought the Boston attack was a major terrorist attack, but I guess right wing propagandists trying to score points out of tragedy can ignore such things if it will spoil their tale of perfection.

Update: LAT reports that Malik’s Facebook posts were also private, on top of being written under a pseudonym. Oh, and also in Urdu, a language the NSA has too few translators in. The NSA (but definitely not the State Department) does have the ability to 1) correlate IDs to identify pseudonyms, 2) require providers to turn over private messages — they could use PRISM and 3) translate Urdu to English. But this would be very resources intensive and as soon as State made it a visa requirement, anyone trying to could probably thwart the correlation process.

The Other Possible Whys behind the Boston Marathon Attack

As the Dzhokhar Tsarnaev trial pauses for the Marathon and the attack anniversary (and, ostensibly, to give the defense time to line up their witnesses), some competing sides have aired their views about the story not being told at the trial.

An odd piece from BoGlo’s Kevin Cullen quotes a cop asking why the FBI Agents who interviewed Tamerlan Tsarnaev in 2011 did not recognize him from surveillance videos.

“Who were the FBI agents who interviewed Tamerlan Tsarnaev after the Russians raised questions about him two years before the bombings, and why didn’t they recognize Tamerlan from the photos the FBI released?” he asked.

That’s actually a great question. But then Cullen goes onto make some assertions that — if true — should themselves elicit questions, questions he doesn’t ask. He marvels at the video analysis after the event, but doesn’t mention that the FBI claims the facial recognition software it has spent decades developing didn’t work to identify the brothers. He lauds the FBI for finding Dzhokhar’s backpack in a dumpster, but far overstates the value of the evidence found inside (remember, among other things found on a thumb drive in it was a rental application for Tamerlan’s wife). Cullen also overstates the FBI’s evidence that the bombs were made in Tamerlan’s Cambridge apartment, and so sees that as a question about why Tamerlan’s wife, Katherine, wasn’t charged (forgetting, I guess, that she was routinely gone from the apartment 70 hours a week), rather than a question about all the holes in FBI’s pressure cooker story: Why did Tamerlan pay cash for pressure cookers — as FBI suggests he did — all while carrying a mobile GPS device that he brought with him when trying to make his escape? Where did the other two pressure cookers (the third pressure cooker used as a bomb, and the one found at the apartment) come from?

Masha Gessen — who just wrote a book about the case that I have not yet read — asks some of the same questions in a NYT op-ed in a piece that also highlights the government’s flawed claims about radicalization at the core of this case.

Even worse, two critical questions have not been answered. Where were the bombs built? Investigators have testified that they were not built at the older brother’s apartment or in the younger brother’s dorm room. Were they built in someone else’s apartment, house or garage? If so, who, and was he a knowing accomplice? Did he help in any other way?

The other big question is: Why did the F.B.I. fail to identify Tamerlan Tsarnaev, the older brother, who had been fingered as a potential terrorist risk two years before the bombing and interviewed by field agents? Within 24 hours of the bombing, on April 15, 2013, investigators focused on images of the brothers in surveillance tapes recovered from the scene. Yet they had no names — and more than two days later they released the photos to the public, asking for help with identifying the suspects. How is it possible that someone who had been interviewed by a member of the local Joint Terrorism Task Force could not be identified from the pictures?

Note, I think Gessen overstates how strongly the government has said the bombs weren’t made at the Cambridge apartment, but it is consistent with the evidence presented that they weren’t.

Compare these decent questions with Janet Napolitano’s take — not so much on the trial, but on Gessen’s book.

Before I get into the key graph of her review, consider Napolitano’s role here. Her agency — especially Customs and Border Patrol — came in for some criticism in the Joint IG Report on the attack, because they may not have alerted the FBI to Tamerlan Tsarnaev’s travel to and from Russia in 2012, because they treated Tamerlan as a low priority and therefore didn’t question him on his border crossings (the trial record may indicate Tamerlan had Inspire on his computer when he traveled to Russia), and because the CBP record on Tamerlan went into a less visible status while he was out of the country, meaning he evaded secondary inspection on the way back into the country as well. Yet she mentions none of those crucial details about DHS’s role in missing Tamerlan’s travel and increasing extremism in her review.

Rather, she describes her agency as a valiant part of the combined effort to hunt down the attackers.

As secretary of homeland security, I immediately mobilized the department to assist Boston emergency responders and to work with the F.B.I. to identify the perpetrators. Because the Boston Marathon is an iconic American event, we suspected terrorism, but no group stepped forward to claim credit. Massive law enforcement resources — local, state and federal — had to be organized and deployed so that, within just a few days, we had narrowed the inquiry from the thousands of spectators who had come to cheer on the runners to two, who had come to plant bombs.

Only much later in her review does Napolitano makes a defense of the government failure to prevent this attack, though once again she makes no mention of her own agency’s role in failing to stop the attack. As Napolitano tells it, this is about the FBI and it’s just “armchair quaterbacking.”

In the course of armchair quarterbacking that followed the bombing, it was revealed that the Russian Federal Security Service, known as the F.S.B., had notified the F.B.I. in 2011 about Tamerlan’s presence in the United States. Although criticized for inadequate follow-up, the F.B.I. actually interviewed Tamerlan and other household members at least three times in 2011. Further requests to the F.S.B. for details went unanswered. Other than putting Tamerlan under 24-hour surveillance, it is difficult to ascertain what more the F.B.I. could have done — according to Gessen, Russia routinely presumes all young urban Muslim men to be radical.

Much of the rest of Napolitano’s review focuses on the government’s theory of radicalization and the Tsarnaev family’s collective failure to achieve the American Dream (which, I guess, is what Gessen was debunking in her op-ed the next day), returning the story insistently to one about radicalization. Except then, having emphasized how many times the FBI had contact with Tamerlan in 2011, she scoffs at the questions that might raise and Gessen’s reliance on evidence the government itself has introduced into the public record.

In the final chapters, however, the book becomes curiouser and curiouser; Gessen seems to become a conspiracy theorist. She postulates that the F.B.I. recruited Tamerlan as an informant during their visits to the Tsarnaev home in 2011. She then surmises that Tamerlan went rogue and participated in the killing of three friends with whom he dealt marijuana. She goes further, and suggests that after the bombings, the F.B.I. delayed telling Boston law enforcement about Tamerlan’s identity because they wanted to reach him first, kill him and hide his presence as an informant. Gessen likens this alleged behavior to the F.B.I.’s use of sting operations, and she implies that the bureau has been entrapping defendants as opposed to finding real terrorists. And, finally, relying on the words of “several” unnamed explosives experts, she asserts that the Tsarnaevs must have had help constructing the bombs, despite the presence of explicit instructions on the Internet and in Inspire, a jihadist magazine.

How is Gessen a conspiracy theorist because she “surmises that Tamerlan … participated” in the 2011 Waltham killings? That claim came from the FBI itself! The FBI says Ibragim Todashev was confessing to that fact when they killed him. And how is suggesting the bombs used at the Marathon (as distinct from those thrown in Watertown) could not have come directly from Inspire be a conspiracy theory when that is the testimony the defense elicited from FBI’s own bomb expert on cross examination?

Effectively, Janet Napolitano, whose agency rightly or wrongly received some of the criticism for failing to prevent this attack, completely ignores the questions about prevention and then dismisses questions that arise out of the government’s failure to prevent the attack as a conspiracy theory.

Napolitano’s choice to write (and NYT’s choice to publish) a critical review of a book pointing out problems with the narrative of the attack she herself has been pitching actually got me thinking: Imagine Robert Mueller writing such a review? Had he done so, the inappropriateness of it, the absurdity of deeming claims made by the FBI a conspiracy theory, and his own agency’s role in failing to prevent the attack would have been heightened. Not to mention, he likely would have had a hard time dismissing the real questions about the provenance of the bombs, given that his former agency claims not to know the answers to them. And that made me realize that having Napolitano write this review worked similarly to the way the prosecution’s parade of witnesses who hadn’t done the primary analysis on the evidence in the case did. It gave official voice to the chosen narrative, without ever exposing those who might be able to answer the still outstanding questions to question.

For what it’s worth, I have a few more questions about the attack that — like Cullen and Gessen — I regret will likely go unanswered. Or rather, perhaps another theory about the government’s implausible claim not to have IDed the brothers until they got DNA from Tamerlan on April 19th.

As I mentioned, no one wants to talk about why facial recognition didn’t work which — if true — ought to have led to congressional hearings and the defunding of the technology. The FBI wants you to believe that they couldn’t ID a guy they had had in a terrorist watchlist and extended immigration records on and Congress wants you to believe that would be acceptable performance for an expensive surveillance system.

I’ve also tracked the government’s odd use of GPS data in the trial. They used cell tower information based off the brothers’ known handsets (which they only got in smashed condition days later) to track their movement at the race. They used a series of GPS devices to track the purchases of the materials used in the attack and to track the brothers in the stolen Mercedes (though their claims about how they tracked the Mercedes still don’t add up). There’s something missing from this story, and I increasingly wonder whether it’s the use of a Stingray or similar device, which we know even local authorities use in the case of public events like protests or sporting events, which might have been able to pinpoint calls made between phones using the same “cell” at the race, and with it, pinpoint the phones we know were registered under the brothers’ real names.

So here’s my conspiracy theory, Janet Napolitano: Not only do I think claims Tamerlan was an informant ought to be at least assessed seriously (though I also think the Russians clearly are not telling us what they believed him to be, either), which might be one explanation for FBI’s dubious claims not to have IDed the brothers for over 3 days. But I also think the government pursued this case with an eye towards what intelligence they were willing to admit at trial — and we know they refuse to admit how sophisticated their use of Stingrays is, and we should assume they refuse to admit how well facial recognition technology works, either.

That is, in addition to the other real questions and possible explanations for the delay, I think it possible that the FBI had to create a manhunt so as to hide the tools that IDed the brothers far earlier than they let on.

Update: I meant to add that I think the timing of the recent Stingray releases to be curious. Basically, the dam holding back disclosures of the FBI’s secrecy on Stingrays burst on Wednesday, April 8, as the ACLU, Baltimore, and two other jurisdictions got Non-Disclosure Agreements on the same day, after the Tsarnaev case had gone to the jury. That’s as conveniently timed, it seems, as the April 3 release of the After Action report, which Massachusetts had held since December. Also remember that the government doesn’t have to disclose PRTT data to defendants unless it uses that evidence at trial (and has suggested it has PRTT data on other terrorist defendants that it doesn’t have to turn over). So if they did use a Stingray to ID the brothers at all, they would claim they didn’t have to disclose it, but wouldn’t want to make the capability too obvious until after the defense lost any opportunity to make a constitutional claim.

Tamerlan Tsarnaev Moved Inspire onto Dzhokhar’s Computer the Day He Left for Russia

Yesterday, the defense in the Dzhokhar Tsarnaev trial rested; closing arguments will be Monday. Dzhokhar’s defense consisted of just four witnesses, undermining the suggestions by the prosecution that he was just as steeped in jihadist propaganda as Tamerlan (see this post for part of a description).

As part of their efforts to do that, the defense showed, in far more detail, what the brothers had been doing online, and how the complete copies of Inspire magazine had gotten onto all their computers and when. (The defense exhibits are here, though this site is apparently being flagged as itself suspicious, at least by Twitter.) This document, for example, shows that Dzhokhar spent more time on Pornhub than he did on anything explicitly jihadist (though who knows what we was doing on Facebook and VKontakte, his most commonly accessed sites, by a very large margin). Several of the others show that the searches for explosives related materials took place on Tamerlan’s computer (though oddly, he already had some of those materials by that point).

And while I don’t think the defense laid this case out yesterday, it appears that Tamerlan loaded Inspire onto a thumb drive and then onto Dzhokhar’s computer the morning of January 21, 2012, just before he left for Russia.

This document shows that the Sony Vaio, which ultimately became Dzhokhar’s computer, was loaded with Windows in early 2011. Then came the HP that was in a room in Cambridge that fall. And finally came the Samsung loaded with Windows December 21, 2011, not long before Tamerlan would go to Russia. This document shows CompleteInspire being created on the Samsung that day, December 21, 2011. This document appears to show someone inserting a thumb drive into the Samsung at 6:22 AM on January 21, 2012, moving a copy of Inspire onto it, and then moving copies of those onto the Sony.

This CBP record shows his departure that day on Aeroflot flight 316, which at least currently departs at 8:05PM.

It’s not clear what to make of this — though it does make clear that Dzhokhar, at least, would have avoided any upstream searches on Inspire because it got placed on his computer view thumb drive, not download. It also doesn’t prove that Dzhokhar wasn’t reading Inspire by that point — as far as I understand it, the Sony was his computer by that point. But I find the timing — that the first thing Tamerlan did the morning he left for Russia was to make sure all the laptops had a copy of Inspire on them — rather curious.

One more note: something else introduced in the last days also showed a Russian version of Inspire.

Also, from the exhibits, it’s not really clear whether these files were found on the computer or deleted in unallocated space. There was a second copy of CompleteInspire loaded onto the Samsung in August 2012, after Tamerlan returned from Russia. So it’s possible that what we’re seeing is Tamerlan moving Inspire onto his brother’s computer, deleting it on his own for border crossings, and then reloading it on his own after his return.

That said, if he didn’t delete that copy of Inspire the morning he left for Russia, if CBP done a perfectly legal device search on Tamerlan’s computer at JFK that evening, they might have seen that he was flying with a full copy of Inspire on his device (though remember, this computer, unlike the Sony, was encrypted). Which, if it were the case, would make CBP’s failure to do so all the more damning.

Tamerlan’s Search on Remote Control Car Info

I want to do a quick post about details defense attorney Timothy Watkins snuck into today’s testimony at the Dzhokhar Tsarnaev trial. FBI Supervisory Special Agent Edward Knapp testified at length about how he investigated the bombs used in the attacks. At the end of direct, the government had him show how closely the bombs — both the elbow pipe bombs used at Watertown and the pressure cooker bombs — resembled bomb instructions included in Inspire Magazine.

The effort was, as so much of this trial has been, a carefully scripted effort to tell a narrative that probably doesn’t reflect the full truth of how the brothers got or made the bombs using what propaganda. Judge George O’Toole had, earlier in the trial, prevented the defense from entering evidence about the Russian bomb making materials on Tamerlan’s hard drive. Knapp focused on the bombs that most closely resembled Inspire bombs (focusing on the elbow pipe bomb, for example, and not the straight one also used in Watertown). He didn’t get into really big detail about the trigger used for the bombs used at the race. Knapp even focused on a green Christmas light in one of the bombs to show it was just like the green Christmas light in the Inspire recipe.

Ultimately, it was about how the bombs could have been made from the recipes in Inspire magazine.

In addition to trying, unsuccessfully, to get Knapp to reveal what fingerprint evidence had shown about the bomb materials (they almost certainly show that Tamerlan handled the bombs, not Dzhokhar), Watkins asked,

Watkins: Inspire Magazine doesn’t mention RC cars as a bomb component, does it? Knapp: I don’t think so.

In the midst of an objection, Watkins sneaks in question…did u know Tamerlan searched internet for RC car info? Objection, sustained.

The question, if permitted as evidence, would have shown several things: that Tamerlan didn’t follow Inspire exactly for the bombs used at the race, that Tamerlan was the one putting them together, and — possibly — that Tamerlan was at least partly using a Russian model for the bomb, not Inspire’s model. (One detail defense revealed yesterday is that there was nitroglycerine at the Cambridge apartment which was stronger than the firecrackers used in the pressure cookers.)

That, by itself is notable: once again, the government’s pat narrative is almost certainly not a description of what actually happened.

But the detail also raised questions about why Tamerlan’s searches for what ultimately were bomb parts were not found by the FBI or NSA.

There are several answers.

1) These were searches for toy parts, not bomb parts. While FBI might now trigger on remote controllers, they probably didn’t then, even if they had a dragnet. FBI appears to keep expanding its dragnets as terrorists use certain tools.

2) While FBI should have done a back door search on Tamerlan when they did the assessment of him in 2011, nothing we know of would have triggered a new assessment in the interim, even if they did dragnet on remote controllers which I doubt.

3) I do strongly suspect that NSA had picked up the brothers’ downloads of Inspire, which I suspect is triggered to the encryption codes included in the magazine and not to any key word content of the magazines or even the URL. If I’m right (and that’s just a guess), then the NSA would have had data on the brothers. In fact, we know the NSA did have data on one or both of the brothers that didn’t get read until after the attack. If it was Inspire, I think they probably didn’t attract attention because they weren’t 2-degrees of someone interesting or hadn’t been found in one of the more targeted chat rooms. It would also mean that FBI didn’t then share Tamerlan’s identifiers they identified during their 2011 assessment of him with NSA for future mapping (I don’t necessarily think they should, but if they had, then NSA might have paid more attention to whatever data they did have on the brothers, potentially eliciting a second look once they collected it). Also remember, the brother may not even have been downloading Inspire until after the FBI stopped investigating Tamerlan.

4) While XKeyscore certainly has the ability to do searches on “remote car controllers” it’s not clear that would pull off content collected in the US, so it would only show up if the server Tamerlan went to was overseas; they were probably local and Amazon. Who knows? Maybe now FBI has also started an Amazon dragnet on remote controllers. But again, you’d need something else to trigger interest in Tamerlan’s identifier doing the search.

5) I suspect that what Watkins was referring to came from a subpoena to Tamerlan’s ISP for all his web searches. So that they had the searches are themselves unsurprising.

Update: Here’s the shipping bill for some of the remote control supplies he bought, from a site called NitroRCX which appears to be in the metro Los Angeles area. I believe the other one was from Amazon.

Details on the Pressure Cooker Dragnet

Screen Shot 2015-03-25 at 4.14.58 PM

Tamerlan walking out of Target after having purchased the backpacks used in attack.

In this morning’s Tsarnaev trial testimony, FBI’s Christian Fierabend testified to the evidence about purchases leading up to the attack (h/t to CBS’s Jim Armstrong among others for the live-tweeting). As much as possible, he tried to show both GPS coordinates from one of the Tsarnaevs’ cars and some kind of purchase record for the the attack equipment (things like BBs, backpacks, and the remote car detonator).

Some of this was easy because a number of the receipts (such as for the backpacks used to carry the bombs) were sitting in Tamerlan’s wallet, which the government retrieved from Dzhokhar’s Civic at the Watertown scene. Some, such as remote controlled cars, were online purchases involving credit cards.

But in spite of the fact that Tamerlan Tsarnaev purchased some of his supplies using a credit card, according to Fierabend, the pressure cookers, Fagor Elites sold exclusively at Macys, which currently sell for $50 to $60 apiece, were purchased with cash. According to Fieraband, the government obtained records of all the Fagor Elites purchased in the US between August 2012 and April 2013. Of the 74 pressure cookers sold in the Northwest in that period, just 5 pressure cookers were purchased in cash, just 3 in MA.

According to rather remarkable testimony, Macys has no  surveillance video of those purchases.

The government did, however, cross-reference the purchases to the Tsarnaevs through use of a portable GPS that was ultimately apparently retrieved from the Mercedes the brothers hijacked.

In other words, the implication is one of the Tsarnaevs or someone else used cash to purchase pressure cookers, which you would thing would be an attempt to hide the identity of the purchaser, but not only do it while running a portable GPS that tracked back to their Cambridge home, but then bring that portable GPS into the getaway car they hijacked.

That’s all the more crazy given that the last pressure cooker wasn’t purchased until March, and Tamerlan appeared to be prepping to die, given that he sent his mother $900 the day before the attack (unless she had funded the attack specifically). If you’re going to ID yourself with a GPS, then pay with a credit card and get it for free.

All that said, I’m cognizant Tamerlan left his wallet, with receipts, in the Civic, along with some other identifying documents, and also by carrying that GPS at least made himself appear to be the purchaser of the pressure cooker, whether or not he was. Tamerlan wasn’t hiding his identity.

And yet someone paid cash for the pressure cookers.

The one other nifty detail in all this is that if you also bought a Fagor Elite pressure cooker in this period, you’re likely to be in an FBI database until 2043.

Update: One more thing about the pressure cookers. There was part of a lid and a gasket from a pressure cooker at the apartment, which means there must be one more pressure cooker. That one, then, might be unaccounted by the purchase records evidence.

Update: Here are the exhibits from today’s testimony. Unless I’m mistaken, the government only entered purchase records from one of the pressure cooker purchases, the purchase of two from the Boston store on January 31, 2013 (this is the one they tied to the portable GPS device). So there should be two more pressure cookers — the second 6 quart one used in the race attack, and the one from which the lid and the gasket were taken in the Cambridge apartment.

The 4-Year Old Pizza Conversations

Because I harp endlessly about the need to defeat pizza joints in the NSA’s contact chaining, which might affect the process’ utility for the Tsarnaev brothers, both of whom worked at pizza joints who had weird ties to another pizza joint, I wanted to point to this piece describing the deportation proceedings of Mustafa Ozseferoglu.

Ozseferoglu came to the US from Turkey illegally in 2000 when he was 16, across the Mexican border. He was married to an American and has a son born in this country, Osman, whose health concerns Ozseferoglu has cited in his bid to stay in the country.

Ozseferoglu was interviewed by the FBI in July 2013 and then arrested on immigration charges in September 2013 (at the same time the FBI was going after a bunch of other immigrants with ties to the Tsarnaevs).

Ozseferoglu met Tamerlan through his father, but then worked with him briefly in 2009, during which point they exchanged some number of phone calls — for work purposes, according to Ozseferoglu.

Ozseferoglu came to Anzor for repairs regularly. When Anzor asked him why his cars were so rundown, he told him that he delivers pizza for Boston Pizza Express. Pretty soon after that, Tamerlan applied for the job too.

Boston Pizza Express, has since gone out of business, but in 2009 it was located at 1026 Commonwealth Avenue, near Boston University. Ozseferoglu and Tamerlan worked together for between three weeks and three months, a rough estimate that was scrutinized heavily by the prosecution.

[snip]

In Ozseferoglu’s immigration hearing, the number of phone calls between him and Tamerlan during this period of time were called into question. Kelly says the two contacted each other about 100 times. Ozseferoglu says these calls weren’t illicit, or even personal. The two, he says, were just coordinating pizza deliveries.

“When we’re going on delivery, we take some of the deliveries and we call the other driver,” he explains.

Read more

Levitation: Inspire-Ing Work from CSE

Screen shot 2015-01-29 at 11.33.43 AMThe Intercept and CBC have a joint story on a Canadian Security Establishment project called Levitation that seems to confirm suspicions I’ve had since before the Snowden leaks. It targets people based on their web behavior (the story focuses on downloads from free file upload sites, but one page of the PPT makes it clear they’re also tracking web search terms and other behaviors), and once it finds behavior of suspicion (such as accessing bomb-making instructions; it calls these “events”) it uses SIGINT tools, including NSA’s MARINA, to work backwards off those accessing those materials to get IPs, cookies, facebook IDs, and the like to identify a suspect.

The PPT is the most detailed explanation that I’ve seen of how the SIGINT agencies do “correlations” — a function about which I believe ODNI continues to hide an August 20, 2008 FISC opinion. It appears to do so in two ways: first, by tracking known correlations. But also, by analyzing similar activities from around the same time from the same IP, then coming up with other identifiers that, with varying degrees of probability, are probably the same user. This serves, in part, to come up with new identifiers to track.

I’ve argued the NSA does similar analysis using known codes tied to Inspire (not the URL, necessarily, but possibly the encryption code included in each Inspire edition) on upstream collection, which would basically identify the people within the US who had downloaded AQAP’s propaganda magazine. One reason I’m so confident NSA does this is because of the high number of FBI sting operations that seem to arise from some 20-year old downloading Inspire, which them appears to get sent out to a local FBI office for further research into online activities and ultimately approaches by a paid informant or undercover officer.

Screen shot 2015-01-29 at 11.46.15 AMIn other words, this kind of analysis seems to lie at the heart of a lot of the stings FBI initiates.

But as the “Scoreboard” slide in this presentation makes clear, what this process gives you is not validated IDs, but rather probabilistic matches (which FISC appears to deal with using minimization procedures, suggesting they let NSA collect on these probabilistic matches with the understanding they have to treat the data in some certain way if it ends up being a false positive).

That’s important not just for the young men whom FBI decides might make worthwhile targets (even if they’re being targeted, largely, on their First Amendment activities).

It’s important, too, for the false negatives, by far the most important of which I believe to be the Tsarnaev brothers, both of whom reportedly had downloaded multiple episodes of Inspire, as well as other similar jihadist material, and on whom NSA had collected data it never accessed until after the attack, but neither of whom got targeted off this correlation process before they attacked the Boston Marathon.

That is, this really important possible false negative, just as much as the dubious positives that end up getting unbalanced young men targeted by the FBI, may say as much about the reliability of this process as anything else.

This CSE PPT is not yet proof that my suspicions are entirely accurate (though my claims here about correlations are based on officially released documents). But they strongly suggest my suspicions have been correct.

And — particularly given ODNI’s refusal to release what appears to be a key opinion describing the terms on which FISC permits the use of these correlations — this ought to elicit far more conversations about how NSA and its Five Eye partners “correlate” identities and how those correlations get used.

Deconfliction in Dragnet Databases

Hemisphere Deconfliction

I want to return to something that appears in both of the Hemisphere slide decks we’ve seen: Deconfliction.

In addition to helping law enforcement find burner phones and contact chains, using connections that include location, Hemisphere helps deconflict between multiple investigative teams.

When multiple teams are working the same targets — in war or criminal investigations — you need to be aware of what other teams are doing. In war, this helps to ensure you don’t shoot a friendly. In investigations, it helps to protect turf and combine efforts.

In investigations — especially drug or terrorism ones that rely on informants — it also helps to distinguish legally sanctioned crime — that of informants — from that which no law enforcement agency is directing. And, as the Declaration deck explains, Hemisphere checks new queries against previous ones, and emails requestors if someone has already chained on that contact.

  • Target numbers, as well as every number they call and that call them will be cross checked against other Hemisphere results
  • Notification will be by email if applicable
  • The email provides contact information for all requestors

In other words, in addition to the way it serves as a quick investigative tool, Hemisphere also helps drug investigators to avoid stepping on each others’ toes (or at least communicate better).

Then there’s this:

  • Sensitive case information is masked

This seems to suggest Hemisphere doesn’t, presumably, provide any hints about how the original investigator is conducting their investigation, whether suspected traffickers are bring run or not. That’s the kind of thing that would be “masked.” (Note, this suggests that whoever is running this database would have access to that masked information.)

I raise all this because it poses questions for other databases involving informants. As I have noted, FBI uses the phone dragnet (and therefore presumably the Internet dragnet in whatever form and geographic locale it still exists) to identify potential informants. And one thing FBI does with its back door searches during assessments assessments is review actual content collected under traditional FISA and FAA in its quest for informants.

These dragnet databases play a key role in the selection and recruitment of informants to use in terrorism investigations.

But then what happens?

The example of David Headley — who played a crucial role in one of the most lethal terrorist attacks since 9/11, the Mumbai attack, the early period of which while he served as an informant for the DEA — is instructive. The FBI likes to boast that Section 702 helped stop Headley’s plot against Danish cartoonists. But Headley’s case should, instead, raise real questions about how it is a terrorist can plan a complicated terrorist attack while his known terrorist colleagues, presumably, are being surveilled without detection by the people supposedly handling him.

We know that the metadata dragnets, at least, put some identifiers on a “defeat list.” There’s reason to suspect (in part from the syntax of redacted references to the defeat list) they do so not just for high volume numbers, but for sensitive numbers (perhaps Congress, for example). But I also think they may put informants on a defeat list too. That’s, in part, because if you didn’t do so their handlers would become two degrees from terrorist suspects, which might have all sorts of unintended consequences. That’s just an educated guess, mind you, but if I’m right it would have some interesting implications.

That doesn’t appear to have prevented DEA from tracking Manssor Arbabsiar, the Scary Iran Plotter (I assume he at least used to be an informant, because there’s little else that would explain why the cousin of a top Quds Force Member busted for drug possession would nevertheless get citizenship, and deconfliction discussions show up in what was probably his immigration file).

But it would raise really big questions in other cases.

One way or another they need to give informants special treatment in databases — as they apparently do in Hemisphere. How they do so, however, may have real consequences for the efficacy of the entire dragnet.