Posts

Trump’s Imaginary Helicopter Friends and Bacon Emergency

Three quarters of the way through yesterday’s Trump presser, Meghan McCain RTed a clip Aaron Rupar posted and predicted “Vice President Harris is going to win.”

In Rupar’s clip, Trump was, for the second time in an hour, lying about how big his crowds were. Parts of answers taking up six minutes of the 1:04 press conference (marked in blue below) were dedicated to lying about his crowd sizes, and claiming the Vice President’s were smaller — by an order of magnitude — than they actually are.

Over six more minutes (marked in red) — as well as one claim in his opening statement — were lies about how well he’s doing in the polls.

Another six minutes (marked in green) were dedicated to lies about how unfair his own prosecutions are, except the one before the “brilliant” Aileen Cannon, through whose intervention, he “won” his stolen documents case.

For much of the rest, Trump couldn’t decide whether Kamala Harris and Joe Biden were stupid, or they were super smart for managing to steal the 2020 election.

And that’s before Trump confused Black former San Francisco Mayor Willie Brown with white former Governor Jerry Brown and then invented a dangerous helicopter trip he shared with one, on which whoever it was badmouthed Kamala, something both Willie and Jerry, along with Gavin Newsom, who was probably on the trip Trump lied about, disavowed. Newsom told the NYT that they had discussed “everyone else.”

The subject of Ms. Harris, with whom Mr. Newsom had enjoyed a friendly rivalry, did not come up on the helicopter, he added. “We talked about everyone else, but not Kamala,” he said with a laugh.

Given the close relationship Newsom’s former spouse, Kimberly Guilfoyle, currently has with Don Jr, that “everyone” may well suggest that Trump confused Kamala with his son’s long-term partner.

It was a shitshow.

And yet, aside from that story busting Trump for confusing Willie and Jerry Brown, outlets like the NYT have largely memory holed what a shit show it was. The press conference itself appeared on neither the dead tree front page nor the digital front page (the very good story on the Willie and Jerry confusion didn’t make it into the paper, nor does it currently appear on my digital front page).

In response to Joe Biden’s similarly awful performance at the debate, the NYT dedicated weeks to demanding he drop out.

Not Trump.

The horse race journalists have rabidly been demanding that Kamala — who has been rather busy of late — give an interview or press conference. They’ve no doubt been goaded into doing so by Trump, because both he and JD have been demanding it too.

But if yesterday is any indication, there is no imaginable value to reporting from most of these horserace journalists. They’re just props in Trump’s reality show in which he attracts the biggest crowds in history.


0:00 to 11:03: Lies about his preference to run against Kamala, lies about polls, lies about Kamala’s role as Border Czar, lies about migration. Lies that people can’t buy bacon. Misreads which debate is on September 10 (NBC rather than ABC). Attacks Kamala as “barely competent.” Lies about prisons being emptied out into the US. Accuses Kamala of being nasty to Biden. Claims “the presidency” was taken away from Biden. Lies that he’s leading. Lies about cherishing the Constitution. Falsely claims that Biden is a very angry man. Attacks Pelosi as crazy. Lies that Kamala was “appointed to head the border.” Cites Project 2025 source Tom Holman.

11:03 to 13:18: Explains that he hasn’t recalibrated strategy at all. Claims Kamala destroyed San Francisco and California. Claims Bob Tisch, who is dead, would hate what San Francisco has become. Claims Kamala is weak on crime but then claims “they” weaponized law enforcement against him. Lies that he “won” the documents case and complains that nobody wrote about it. Calls Aileen Cannon brilliant. Claims that Biden lost his documents case because he didn’t have Presidential immunity and Presidential Records Act, neither of which relate to why Cannon dismissed the case. States that Kamala could not pass her bar exam.

13:18 to 14:53: Claims he’s getting other voters (this appears to be a question about how Kamala’s entry in the race affects his support).

14:53 to 15:45: Claims Josh Shapiro is a terrible guy. Lies that Kamala was worse than any of her VP candidates.

15:45 to 16:13: Follows up on debates and states that CBS will do a VP debate. Claims JD Vance is doing a fantastic job.

16:13 to 20:18: Starts by scoffing, “give me a break.” Lies about crowd sizes. Claims Kamala had only 2,000 people on Wednesday. Lies about crowd size some more. Claims his crowds are 30 times bigger. Claims he’s happy the reporter asked the question. Claims Republicans, and he as the candidate, have the enthusiasm. Claims that if all cars were electric, you would have to rebuild every bridge in the US. Claims he has had the biggest crowds in history. Lies that he has hundreds of thousands at his rallies.

20:18 to 21:49: Claims he got Brian Kemp elected, but doesn’t know whether they can repair their differences. Lies that he’s leading in GA by a lot and PA by a lot. Complains that Kemp doesn’t like him even though he got him elected. Claims that given his margins in AL and SC, it’s impossible he lost GA. Lies that all he wants is honest elections.

21:49 to 22:38: Claims that Biden didn’t say Trump wouldn’t allow the peaceful transfer of power if he loses. Claims Biden doesn’t know what he said. Claims Biden should have brought this up at the debate.

22:38 to 24:26: Complains, “what a stupid question.” Makes excuses for why he’s not campaigning. Lies that he’s leading by a lot. Claims Kamala is not smart enough to do a press conference. Claims Russia, China, and North Korea don’t respect us anymore. Describes going to Montana (he first says it’s Wyoming) to help Tim Sheehy win the Senate race.

24:26 to 25:18: Trump applauds Elon Musk for endorsing him. Claims a lot of people are talking about the show.

25:18 to 26:06: [Possibly a follow-up on Xitter] Trump assures he’ll great along great with Xi Jinpeng. Describes there used to be a sofa where he has made journalists stand up. Claims China was taking advantage of the US.

26:06 to 28:17: [a question from Maggie Haberman] Claims people aren’t talking about January 6 and January 6 defendants were treated unfairly. Claims they weren’t there through him. Claims January 6 was the biggest crowd he’s ever spoken to. Claims it’s hard to find a picture of the crowd, and lies there were pictures of the “very small number of people” who went to the Capitol. Lies that he spoke in the same place that MLK Jr spoke and his crowd was bigger. 

28:17 to 30:11: Implies that Kamala’s pick as the nominee violates the Constitution. Repeats his claims about Biden being forced out of the race. Calls her “the first loser” again (referring to her dropping out of the 2020 race first). Asserts that Biden regrets picking Kamala and claims she turned on Biden.

30:11 to 30:46: Asserts that Hillary was far superior, in terms of intelligence, than anyone else he has run against. States that Hillary was her own worst enemy.

30:46 to 34:59: After instructing yet another journalist to speak up, points out how big the room is, then asserts Mar-a-Lago is worth $18 million (a misrepresentation of what Judge Engoron has ruled). Lies that the abortion issue is “tampered down.” Lies that “they” wanted to bring abortion back to the states, “and I did that.” Claims 82% of Republicans do believe in exceptions. Claims that abortion will be a very small issue in the election. Lies that Democrats do abortions after birth, claiming that Walz supports that. Then raises Glenn Youngkin (seemingly confusing VA and MN). Calls Walz and Kamala “progressive,” then claims no one knows what it means. Repeats that abortion is not a big factor anymore. Repeats again that “that issue” is very much subdued.

34:59 to 37:17: Claims you can’t take away guns, they need weapons for protection, entertainment, and hunting. Suggests that Chicago’s shooting rates are due to its tough gun laws. Claims Afghanistan doesn’t have shooting problems. Calls Afghanistan the worst embarrassment to the history of the country. Calls Milley incompetent. Claims DOD “took out the soldiers first.” Claims the Afghans who fell off a transport plane fell from a height three times higher than the World Trade Center.

37:17 to 38:56: Lies that Ka-Mala [which he pronounced correctly earlier in the press conference] is not in favor of giving Israel weapons. Lies that Kamala has been very very bad to both Israel and Jewish people. Mispronounces Ka-Mala again, and claims that Jews who vote for her should have their head examined. Claims he gave “them” Golan Heights and the Capitol of Israel, Jerusalem, built the embassy, gave them no Iran deal. Claims he would have had a deal one week after the 2020 election. Claims he hit Iran a couple times. Returns to what he gave Israel, the Abraham Accords. Repeats that any Jewish person who votes for Ka-Mala and her new friend ought to have your head examined.

38:51 to 39:09: States that the FBI has done a very good job with the investigation into Thomas Crooks and “this other lunatic they have in custody” (probably a reference to Asif Merchant).

39:09 to 40:02: Claims to know Willie Brown very well (he’s confusing Willie Brown with Jerry Brown, and even still inventing a close call). Invents a false story about almost dying in a helicopter with him. Lied that Willie Brown told him terrible things about Kamala. Claims Willie Brown had a big part in what happened with Ka-Mala. Lies that Willie Brown was not a fan of Kamala at that point.

40:02 to 40:40: [I missed one single answer question here.] Defers telling what his vote on the abortion referendum will be. Claims he’ll hold a press conference to announce how he’ll vote. Predicts it’ll go in a more “liberal” way than people expect.

40:40 to 42:38: Asserts his tax cuts were the biggest in history and included generous support for childcare. States the tax cuts “are coming due.” Lies that not renewing them creates a four times tax increase. Lies that Democrats would offer no security. Repeats “transgender” several times. Repeats his plan to eliminate taxes on Social Security and tips.

42:38 to 44:10: Agrees that Steve Bannon’s prosecution was politically motivated. Claims again “they” have weaponized government against him. Lies that Biden’s DOJ was behind the NY cases. Attacks mail-in ballots.

44:10 to 45:01: Makes excuses for Elon Musk.

45:01 to 47:20: Lies that there are polls that show he’ll win in a landslide. Exaggerates inflation. Claims people are paying $5 to $7 to pay for gas. Claims the Strategic Reserve has never been this low. Claims oil will soon be at $100 a barrel. Mispronounces Ka-Mala again and repeats his claim that she’s not as smart as Biden.

47:20 to 47:50: Dodges a question about mifepristone. Repeats that you have to give a vote on abortion.

47:50 to 48:09: Claims Kamala is not as smart as Biden again.

48:09 to 49:01: Observes that Kamala is a woman and “represents certain groups of people.” Lies that Kamala is going way down in the polls. Calls Gavin Newsom, “Gavin New-Scum.” Repeats her claim that Kamala destroyed California. Compares her to prosecutors who’ve prosecuted him.

49:01 to 49:50: After asking four different journalists to help him hear what a journalist asked, mocks the idea of doing a daily press briefing. Promises total access. Promises more access than you want.

49:50 to 52:33: Lies about his encouragement of “Lock her up” chants and his efforts to prosecute her. Attacks her for a claimed non-response to a subpoena. Claims he thought it was bad to consider putting Hillary in jail. Attacks Hillary for being “pretty evil.” Lies that the MAGA base is 75% of the country. Describes that China and Russia are natural allies but they have combined, along with Iran.

52:33 to 54:50: Claims he wants the election to be about policy. Accuses Kamala of being incompetent. Claims Kamala can’t do better than Biden. Jokes that Biden was never the brightest bulb in the ceiling. Claims Kamala wants to defund the police. Repeats his claim that guns are about self-protection.

54:50 to 56:21: Claims that if he loses there will be a Depression. Lies about his the debt incurred in his administration. Claims he had the perfect number on inflation. Notes they sell hats and claims that proves he’s been right about everything.

56:21 to 58:12: [A second Maggie question.] Claims there was a process behind his pardons. Describes that some of the people he pardoned were harshly treated. Repeats again that “for the most part” his pardons went through his pardon commission. Claims that he let out a lot of low income people who weren’t backed by insiders. Claims that, “for the most part,” he didn’t pardon people involved in killings.

58:12 to 59:15: States that the Federal Reserve gets things wrong a lot. Claims Jerome Powell works on gut feeling. Claims they get along fine. Asserts that the President should have a say in rates cuts. Asserts he has better instincts than Powell.

59:15 to 59:51: Addresses cannabis legalization.

59:21 to 60:42: Directs a reporter to ask Kamala something about her race. Notes that he once supported her. Claims Kamala is being disrespectful regarding her identity.

60:42 to 61:18:  States that he’s pretty much recovered from the wound to his ear. Asserts he’s a fast healer. Shows where the injury was, misdescribes it as the “lobe” of his ear. Points to his scar on the top of his ear.

61:18 to 62:31: Promises the largest mass deportation in the history of the country. Claims local police “know everything about the people.” After claiming that both Biden and Kamala are stupid repeatedly, Trump asserts they’re not stupid because anyone who (he claims) can cheat in elections like they do is not stupid. Lies that Democrats are trying to get immigrants to vote.

62:31 to 63:46: Disclaims any plans to dismantle Social Security. Promises to eliminate taxes on Social Security and tips again.

63:46 to 64:32: Attacks sanctuary cities. Boasts about property in California. Lies that the country has become a crime-ridden mess.

 

 

The Taiwan Snub

I believe I remain the only person who has reported that China was involved in a suspected $10 million payment to Trump in 2016. When Egypt National Bank was dodging compliance with a Robert Mueller subpoena in 2018-2019, they said complying with the request might violate Chinese law. That investigation was shut down in 2020 in a period when Bill Barr was otherwise shutting down all of Mueller’s then-ongoing investigations.

Among the new details of Trump’s financial ties to China revealed when his tax records were stolen and leaked is that Trump made $5.6 million from selling the penthouse Ivanka used to live in to a well-connected Chinese businessperson.

And not long after winning the 2016 election, Mr. Trump reported selling a penthouse in one of his Manhattan buildings for $15.8 million to a Chinese-American businesswoman named Xiao Yan Chen, who bought the unit, previously occupied by Ivanka Trump and her husband, Jared Kushner, in an off-market transaction. Ms. Chen runs an international consulting firm and reportedly has high-level connections to government and political elites in China.

Mr. Trump’s tax records show that he reported a capital gain of at least $5.6 million from the penthouse sale in 2017, his first year as president.

Those are interesting details, given China’s ties to Russia as Trump runs for President on a platform of capitulating to Vladimir Putin’s whims.

After all, at the NATO summit that the press largely ignored in favor of complaining that Joe Biden is old, the parties approved a declaration that called out China’s role in facilitating Russia’s attack on Ukraine.

The People’s Republic of China’s (PRC) stated ambitions and coercive policies continue to challenge our interests, security and values. The deepening strategic partnership between Russia and the PRC and their mutually reinforcing attempts to undercut and reshape the rules-based international order, are a cause for profound concern.

[snip]

26. The PRC has become a decisive enabler of Russia’s war against Ukraine through its so-called “no limits” partnership and its large-scale support for Russia’s defence industrial base. This increases the threat Russia poses to its neighbours and to Euro-Atlantic security. We call on the PRC, as a permanent member of the United Nations Security Council with a particular responsibility to uphold the purposes and principles of the UN Charter, to cease all material and political support to Russia’s war effort. This includes the transfer of dual-use materials, such as weapons components, equipment, and raw materials that serve as inputs for Russia’s defence sector. The PRC cannot enable the largest war in Europe in recent history without this negatively impacting its interests and reputation.

27. The PRC continues to pose systemic challenges to Euro-Atlantic security. We have seen sustained malicious cyber and hybrid activities, including disinformation, stemming from the PRC. We call on the PRC to uphold its commitment to act responsibly in cyberspace. We are concerned by developments in the PRC’s space capabilities and activities. We call on the PRC to support international efforts to promote responsible space behaviour. The PRC continues to rapidly expand and diversify its nuclear arsenal with more warheads and a larger number of sophisticated delivery systems. We urge the PRC to engage in strategic risk reduction discussions and promote stability through transparency. We remain open to constructive engagement with the PRC, including to build reciprocal transparency with the view of safeguarding the Alliance’s security interests. At the same time, we are boosting our shared awareness, enhancing our resilience and preparedness, and protecting against the PRC’s coercive tactics and efforts to divide the Alliance.

China scoffed that the charge.

“On the Ukraine crisis, NATO hyped up China’s responsibility. It makes no sense and comes with malicious intent,” Chinese foreign ministry spokesperson Lin Jin told a regular media briefing.

“We urge NATO to reflect on the root cause of the crisis and what it has done, and take concrete action to de-escalate rather than shift blame.”

Then it kicked off war games with the Russian navy.

China and Russia’s naval forces on Sunday kicked off a joint exercise at a military port in southern China on Sunday, official news agency Xinhua reported, days after NATO allies called Beijing a “decisive enabler” of the war in Ukraine.

The Chinese defense ministry said in a brief statement forces from both sides recently patrolled the western and northern Pacific Ocean and that the operation had nothing to do with international and regional situations and didn’t target any third party.

The exercise, which began in Guangdong province on Sunday and is expected to last until mid-July, aimed to demonstrate the capabilities of the navies in addressing security threats and preserving peace and stability globally and regionally, state broadcaster CCTV reported Saturday, adding it would include anti-missile exercises, sea strikes and air defense.

All of which makes this detail — part of the RNC platform that wasn’t the subject of a disinformation campaign in which credulous reporters claimed that endorsing fetal personhood was not a wholesale attack on choice — of more interest. In addition to (predictably) removing even the watered down Ukrainian position that was so controversial in the 2016 platform, the RNC also removed all mention of Taiwan.

— TAIWAN TICKED OFF OVER RNC SNUB: For the first time since 1980, Taiwan didn’t rate a mention in the Republican National Committee’s party platform released this week. Compare that with the platform in 2016 [link replaced] (the GOP didn’t produce one in 2020) that described the island as a “loyal friend” and pledged to “help Taiwan defend itself.” The RNC’s exclusion of Taiwan in the platform came despite intensive outreach by Taiwan’s diplomatic outpost in Washington, the Taipei Economic and Cultural Representative Office, to persuade GOP allies to get Taiwan into the platform, two people familiar with that effort told China Watcher. China Watcher granted the two anonymity because they were not allowed to discuss U.S.-Tawan issues on-record.

Messages shared with China Watcher between a former U.S. government official perceived as friendly toward Taiwan and a senior TECRO official included that official’s (unsuccessful) pleas that the platform reference Taiwan’s importance to Indo-Pacific security.

The platform supports a trade war with China — but makes no commitment to combat Chinese expansion to Taiwan, as Republicans committed in 2016.

We salute the people of Taiwan, with whom we share the values of democracy, human rights, a free market economy, and the rule of law. Our relations will continue to be based upon the provisions of the Taiwan Relations Act, and we affirm the Six Assurances given to Taiwan in 1982 by President Reagan. We oppose any unilateral steps by either side to alter the status quo in the Taiwan Straits on the principle that all issues regarding the island’s future must be resolved peacefully, through dialogue, and be agreeable to the people of Taiwan. If China were to violate those principles, the United States, in accord with the Taiwan Relations Act, will help Taiwan defend itself. We praise efforts by the new government in Taipei to continue constructive relations across the Taiwan Strait and call on China to reciprocate. As a loyal friend of America, Taiwan has merited our strong support, including free trade agreement status, the timely sale of defensive arms including technology to build diesel submarines, and full participation in the World Health Organization, International Civil Aviation Organization, and other multilateral institutions.

Trump is solicitous not just of Putin. He is also impressed by Xi Jinping and Kim Jong-Un, too.

And Kim Jong-Un, and President Xi of China – Kim Jong-Un of North Korea, all of these – Putin – they don’t respect him. They don’t fear him. They have nothing going with this gentleman and he’s going to drive us into World War Three.

Which could make Trump really susceptible to an offer most other people would refuse.

NYT Should Explain How It Selects Which Articles Get Translated into Mandarin

Screen Shot 2015-11-27 at 10.26.59 AMThe front page of the NYT today features the story of Anastasia Lin, Chinese-born and Canadian-raised Miss Canada, who was denied entry to China for the Miss World contest.

Clasping hands with youngsters in red Communist Youth League scarves, contestants from more than 110 nations descended on the southern Chinese island of Hainan this week for the 65th annual Miss World contest.

But one contestant was absent from the opening ceremony: Miss Canada, otherwise known as Anastasia Lin, a 25-year-old actress and classically trained pianist who has been denied a Chinese visa to attend the monthlong pageant, apparently because of her outspoken advocacy for human rights and religious freedom in China.

After waiting in vain for weeks, Ms. Lin packed up her Canadian-designed eveningwear on Wednesday and quietly boarded a Hong Kong-bound flight with the hope she might obtain an on-demand visa at the border and perhaps slip unnoticed into mainland China.

It was not to be.

The Chinese authorities, tipped off to her arrival, barred her from flying onward to Hainan.

You can read the story in English or–on the web–in Mandarin.

You can also read this story, on opposition to a new cloning technology center opening in China, in Mandarin.

But Mr. Xu must contend with skeptical consumers in China, where food safety is a near obsession after scandals like melamine-tainted baby formula and recycled industrial “gutter oil.” Online reaction to the project has been overwhelmingly negative.

“Crazily evil!!!” commented the user No-Music-No-Life on Weibo.

You can’t read this story, on Xi Jinping’s efforts to revamp the military, in Mandarin (though as the article notes, it was available in and almost entirely derived from China’s official news service, Xinhua).

President Xi Jinping of China has announced a major reorganization of the nation’s military, state-backed news media reported on Thursday, laying out plans to create new command systems intended to integrate and rebalance land, air and sea forces into a more nimble People’s Liberation Army.

You also can’t read this story, on the sentencing of human rights activist Guo Feixiong, at which he was sentenced with an extra charge on top of those he was tried on.

Yang Maodong [Guo Feixiong], a hardened veteran of political protest in southern China, knew he had virtually no hope of winning his freedom on Friday when he was brought into a courtroom to face a judge’s verdict on charges that he had disturbed public order.

Chinese judges, after all, convict and imprison indicted dissidents with metronomic consistency, reflecting the ruling Communist Party’s control of the courts. Mr. Yang — a human rights campaigner better known by his pen name, Guo Feixiong — had already prepared a statement denouncing his imprisonment.

But the Tianhe District People’s Court in Guangzhou, the capital of Guangdong Province, erupted in denunciations from Mr. Yang and his lawyers when the presiding judge revealed that he had added a new charge against the defendant — one that his lawyers had been given no chance to defend him against.
The new charge, “picking quarrels and provoking trouble,” meant that Mr. Yang would spend an additional two years in prison, according to his lawyers. Mr. Yang, who stood trial almost exactly a year ago, was convicted Friday on that charge and the original one and was sentenced to a total of six years.

[snip]

Chinese law allows judges to add new charges to convictions at their own discretion. But the lawyers said that the power was rarely used, and they denounced the judge’s refusal to grant them time to prepare a considered response.

Asked by telephone Friday about the addition of the new charge, an official at the court in Guangzhou who deals with news media inquiries said, “I don’t know, and even if I did, I couldn’t tell you.” She would not give her name.

This is not the first time I’ve been struck by NYT’s selection of articles to translate into Mandarin; it did so as well with a curiously incomplete story about US expelling its Operation Fox Hound agents. I’ve noticed a few others in passing without recording what they are (but will now do so).

It really is time for NYT to explain the process by which it selects stories for translation into Mandarin. In general, it seems as if the stories that would have good propaganda value get translated — though that doesn’t explain why the Guo Feixiong story did not get translated.

But if it is basing these decisions off of propaganda value, it should also explain how it selects them. Does the State Department get a vote?

It is great for NYT to translate articles. But if it’s only doing so for those that serve US interests (and pointedly not doing so for articles that serve Chinese interests) it is really serving as a propaganda organ, not a news site.

CloudStrike’s Own Announcement Makes It Clear It Doesn’t Have Proof of Ongoing Chinese Economic Cyberattacks

Many many many outlets are reporting that China has continued conducting economic espionage even after Xi Jinping agreed to stop doing it. They base that claim on this post from CloudStrike, a big cybersecurity contractor that spends a lot of time feeding the press scary stories about hacking.

Here’s the proof they offer:

Over the last three weeks, CrowdStrike Falcon platform has detected and prevented a number of intrusions into our customers’ systems from actors we have affiliated with the Chinese government. Seven of the companies are firms in the Technology or Pharmaceuticals sectors, where the primary benefit of the intrusions seems clearly aligned to facilitate theft of intellectual property and trade secrets, rather than to conduct traditional national-security related intelligence collection which the Cyber agreement does not prohibit.

[snip]

In addition to preventing these intrusions, the CrowdStrike Falcon platform also provided full visibility into every tool, command and technique used by the adversary. This allowed us to determine that the hackers saw no need to change their usual tradecraft or previously used infrastructure in an attempt to throw off their scent.

The include a timeline showing 9 attempted intrusions into Tech Sector companies, and 2 into Pharma companies since Xi and President Obama signed the hacking agreement.

Now, even assuming that CrowdStrike has accurately labeled these Chinese government hackers (CrowdStrike’s CTO was less confident in an interview with Motherboard) this still is not proof that China has violated the agreement.

After all, the key part of the agreement is on how stolen information gets used — whether it gets used to benefit individual companies or even entire sectors (the latter of which we do in our own spying, but never mind). If CrowdStrike prevented any data from being stolen, then it is impossible to assert that it was being stolen to benefit market actors without more evidence that the hackers were tasked by a market actor. Even the indictment everyone points to as proof that China engages in economic espionage did not allege that the People Liberation’s Army had shared the data involved in the single economic espionage charge with private sector companies, and given that the data in question pertained to nuclear technology ,it’s not something that is proven just because it was stolen in the context of an ongoing relationship with the victim (even if that is a logical presumption to make).

The same is true here. When China hacked Google to spy on dissidents, that was clearly national security spying. When the US hacked Huawei to figure out how to backdoor its equipment, that was clearly national security spying.When the US used Microsoft and Siemens products to carry out StuxNet, the tech companies were merely enabling targets. There are too many reasons to hack tech sector companies for solidly national security purposes to claim, just based on the sector itself, that it was done for economic espionage.

You can’t even point to the 2 Pharma intrusions to make the claim. A list of sites the State Department identified as critical infrastructure from a leaked 2009 cable includes over 25 pharmaceutical sites (including animal Pharma), many of them related to vaccines. If we’re treating pharmaceutical supply and research facilities as critical infrastructure, with the presumed consequent defensive surveillance of those sites, it is tough to argue the Chinese can’t consider our pharmaceutical companies making key drugs to be critical targets. Both can be argued to stem from the same public health concerns.

I’m not saying it’s impossible or even unlikely that these intrusions were attempted economic espionage. I’m saying that this isn’t evidence of it, and that the reporting repeating this claim has been far too credulous.

But that also points to one of the inherent problems with this deal (one pointed to by many people at the time). When last he testified on the subject, Jim Clapper didn’t even claim to have fully attributed the OPM hack. The same attribution and use problems exist here. China may steal data on an important new drug, but that’s not going to be enough to prove they stole it for commercial gain until they release their own copycat of the drug in several years and use it to undercut the US company’s product, and even then that may require a lot more data — collected by spying! — from inside the market companies themselves (in part because China engages in many other means of stealing data which aren’t the subject of a special agreement, which will make even the copycat instance hard to prove came from an intrusion).

China knew that, too, when it signed the agreement. It will take more than evidence of 11 attempted intrusions to prove that China is violating the agreement.

Obama and Xi Set Up a Red CyberPhone

Here are the terms of the cyber agreement announced today.

  • The United States and China agree that timely responses should be provided to requests for information and assistance concerning malicious cyber activities. Further, both sides agree to cooperate, in a manner consistent with their respective national laws and relevant international obligations, with requests to investigate cybercrimes, collect electronic evidence, and mitigate malicious cyber activity emanating from their territory. Both sides also agree to provide updates on the status and results of those investigation to the other side, as appropriate.
  • The United States and China agree that neither country’s government will conduct or knowingly support cyber-enabled theft of intellectual property, including trade secrets or other confidential business information, with the intent of providing competitive advantages to companies or commercial sectors.
  • Both sides are committed to making common effort to further identify and promote appropriate norms of state behavior in cyberspace within the international community. The United States and China welcome the July 2015 report of the UN Group of Governmental Experts in the Field of Information and Telecommunications in the Context of International security, which addresses norms of behavior and other crucial issues for international security in cyberspace. The two sides also agree to create a senior experts group for further discussions on this topic.
  • The United States and China agree to establish a high-level joint dialogue mechanism on fighting cybercrime and related issues. China will designate an official at the ministerial level to be the lead and the Ministry of Public Security, Ministry of State Security, Ministry of Justice, and the State Internet and Information Office will participate in the dialogue. The U.S. Secretary of Homeland Security and the U.S. Attorney General will co-chair the dialogue, with participation from representatives from the Federal Bureau of Investigation, the U.S. Intelligence Community and other agencies, for the United States. This mechanism will be used to review the timeliness and quality of responses to requests for information and assistance with respect to malicious cyber activity of concern identified by either side. As part of this mechanism, both sides agree to establish a hotline for the escalation of issues that may arise in the course of responding to such requests. Finally, both sides agree that the first meeting of this dialogue will be held by the end of 2015, and will occur twice per year thereafter.

The structure of these bullets, which comes from the White House, is rather interesting. The first and last simply announce an effort to agree to cooperate on cyber issues, with the first bullet announcing the principle and the last describing the nitty gritty of it. Basically, this is a call to implement a red phone — like the one Russia and the US had for nukes — for cybersecurity.

The third bullet, “welcoming” the UN Group of Government Experts report, is also about confidence building.

Which leaves the second bullet, which (unless I’m mistaken) goes far beyond what Obama noted in his press conference with Xi Jinping, but Xi did note in his speech: an agreement “that neither country’s government will conduct or knowingly support cyber-enabled theft of intellectual property, including trade secrets or other confidential business information, with the intent of providing competitive advantages to companies or commercial sectors,” that is, that China stop using hacks to steal from US companies. While the US does steal confidential business information, they don’t do so for competitive advantage of commercial sectors, though I can imagine some scenarios that China might claim did so. I imagine they’ll complain some about our spying on trade negotiations, for example, which probably would fall under this agreement.

I don’t think anyone thinks China will do this (though note the wiggle room in the “conduct or knowingly support” language). Instead, I suspect all the other language about confidence building intends to provide the US a means to more directly complain about this (and perhaps trade off corruption targets for hacker targets?).

Finally, note what was not included: Any promise to end spying for intelligence, like the OPM hack and/or US use of XKeyscore to accomplish the same kind of bulk collection. As I’ve said, I think that hacking might, for the short term, actually help confidence building measures, as it might provide some kind of transparency, though not verification.

We shall see whether a Red Phone for cyber will do any good.

Update: Herb Lin notes that the Red Phone idea is good in theory but hasn’t always worked as it should with China.

Clearly a good thing in principle.  But implementation is an issue, and experience with other hotlines between the United States and China has not always been positive.  A case in point is the military hotline between the United States and China, intended to enable direct communications between senior military leaders on both sides during crisis, has not always been operational even during routine tests of the system.  On several occasions in which the line was tested for operational capability and also in the wake of the 2001 EP-3 incident over Hainan, the Chinese military failed to respond at all.  In addition, the purview seems to be limited to cybercrime (whatever that might mean) and not to cyber issues related to national security.

The Real Story Behind 2014 Indictment of Chinese Hackers: Ben Rhodes Moves the IP Theft Goal Posts

As I’ve noted repeatedly, there has been some abysmal reporting on the indictment, in May 2014, of 5 Chinese People’s Liberation Army hackers. Over and over reporters claim, without any caveat, that the indictment was for the theft of intellectual property, the kind of economic espionage we claim to forswear but complain about China conducting. Here are two recent examples.

David Sanger:

And when Unit 61398 of the People’s Liberation Army in China was exposed as the force behind the theft of intellectual property from American companies, the Justice Department announced the indictment of five of the army’s officers. Justice officials hailed that as a breakthrough. Inside the intelligence community and the White House, however, it was regarded as purely symbolic, and the strike on the Office of Personnel Management continued after the indictments were announced.

Elias Groll:

But nearly a year and a half after that indictment was unveiled, the five PLA soldiers named in the indictment are no closer to seeing the inside of a federal courtroom, and China’s campaign of economic espionage against U.S. firms continues.

Given that China’s hacking of US targets is so central to this week’s visit by Chinese President Xi Jinping, I wanted to return to that indictment to tease out what it actually showed. Because it — and Deputy National Security Advisor Ben Rhodes’ description of it in the lead-up to Xi’s visit — makes it clear the US is really talking about far more than IP theft.

The May 2014 indictment was mostly about monitoring negotiations and trade disputes

The indictment includes 31 charges. Just one of those charges — involving the theft of nuclear plant information from Westinghouse — is for economic espionage. Just one of those charges — involving the same theft from Westinghouse — is for theft of a trade secret. I’ll return to the Westinghouse charges in a second.

The additional charges include 9 Computer Fraud and Abuse Act violations (1-9) for breaking into various computers and stealing information, much of it to enable further hacking, 14 charges (10-23) of damaging a computer by planting malware in various computers, and 6 charges ( 24-29) of identity theft for stealing identity information associated with the targets of the attacks.

Yes, all those other 29 charges did involve hacking to obtain information. But that’s the point of what I wrote in my previous post on this: the theft isn’t the core of what we — at least explicitly — complain about China taking, the technology IP of private companies.

Here’s what PLA allegedly took from the five victims other victims, aside from Westinghouse, described in the indictment:

  • SolarWind (a German company with a location in Oregon): PLA allegedly stole detailed information on SolarWind’s financial position at a time when SolarWind was litigating a dumping complaint against Chinese solar manufacturers
  • US Steel: During a period when it was litigating cases against the Chinese steel industry, including against Baosteel, PLA allegedly stole data from (apparently) a sysadmin mapping USS’ computers and mobile devices
  • Allegheny Technologies Incorporated: During a period when it had already started a joint venture with China’s Baosteel but also when it was in anti-dumping litigation against the company, PLA monitored ATI’s computers
  • Alcoa: Immediately after Alcoa and Aluminum Corporation of China bought a 14% stake of Rio Tinto together, PLA monitored Alcoa’s computers
  • US Steel Workers: During a period when it, and the steel industry, was pushing for anti-dumping action against China, PLA stole emails including strategic information

Note the last one: the Steelworkers. A bunch of business reporters are pointing to this indictment — for stealing strategic discussions from a union! — as proof that China is stealing intellectual property from US corporations and sharing it with Chinese companies.

The one case of IP theft in the indictment is reverse engineering, not independent IP theft

In addition to those four corporations and one union, there’s Westinghouse, the one victim against which DOJ actually alleged economic espionage. In 2007, Westinghouse entered into a joint venture, which included significant but carefully negotiated tech transfer. The indictment doesn’t describe which entity involved in the deal it had in mind (several companies were involved, including ones that are more independent from the state), though it is almost certainly China’s State Nuclear Power Technology Corporation, which has no illusions of independence from the state.  The deal was signed with ExIm Bank support and export licensing approval. Since that time, the deal has been renegotiated over what technology would get transferred to China, and Westinghouse is still building new reactors under the deal, with the latest one opening in May 2015. A subsequent contract sold even more advanced nuke plants, with Westinghouse expecting 100% localization through the contract.

In the middle of this 8 year relationship that has and will lead to Westinghouse transferring the technology to build these plants, on May 6, 2010, the indicted hackers allegedly stole information pertaining to design specs for pipes within nuclear power plants; the indictment does not say whether those pipes were included in the technology transfer. In the economic espionage section, the indictment alleges this information got transferred for the benefit of a foreign government, China, not naming even Chinese nuclear authority SNPTC, much less any of the individual joint ventures involved in the deal. That is, even in the charge pertaining to economic espionage, the indictment does not claim this was about benefitting a specific company, but instead was about benefitting the country as a whole. And it’s not like the US can claim it doesn’t spy on specific nuclear companies in the interest of the country as a whole.

And even the Westinghouse hack included the theft of information pertaining to negotiations. The indictment notes that in the advance of Hu Jintao’s state visit to the US in 2011, as Westinghouse and SNPTC were negotiating further construction, one of the hackers targeted deliberative emails regarding these negotiations.

Some stolen e-mails described the status of the four AP1000 plants’ construction. Many other stolen e-mails, however, concerned Westinghouse’s confidential business strategies relating to [SNPTC], including Westinghouse’s (a) strategies for reaching an agreement with [SNPTC] on future nuclear power plant construction in China; and (b) discussions regarding cooperation and potential future competition with [SNPTC] in the development of nuclear power plants elsewhere around the world.

Altogether, the indictment alleges, PLA hackers took 1.4G of data, which in the grand scale of nuclear plans and negotiations is not all that much data.

All of which is to say that the economic espionage charge was a fairly minor theft in the scope of the larger indictment, constituting nowhere near the kinds of data China steals from Defense contractors, and not alleging a transfer to a specific company. It’s also, both in the scale of data stolen from US companies doing business in China (where reverse engineering is often considered the cost of doing business) and the scale of Chinese IP theft here, miniscule.

The US spies on trade disputes too

The rest of the indictment — by far the bulk of the charges — involves spying during a range of negotiations, several of them international trade disputes (though there’s also an aspect of intimidation anytime takes a trade dispute against China). We know that NSA spies on other countries involved in trade disputes, including spying on the American attorneys representing foreign governments in trade disputes. It spies rampantly in advance of larger trade negotiations. And I would be shocked if the US didn’t spy on countries considering huge arms deals with ostensibly private US companies, especially when those deals are central to the petrodollar laundering that serves as the foundation to our Middle East strategy. That is, much of what we charged China’s PLA hackers for in this indictment, the US does. And we certainly spy on individual foreign companies for US national advantage, as when we mapped out Huawei very similarly to the way China mapped out USS.

None of that’s to excuse it. But it is to say no one should expect an indictment that involved — in the grand scheme of things — miniscule amounts of IP theft and lots more amounts of trade negotiation theft to teach China a lesson about IP theft. If we want to teach China a lesson about IP theft, then maybe we should indict it for IP theft, especially the kind of IP theft outside the realm of ongoing business relations which we claim to be the real concern.

That has never happened, and reporters should stop claiming it has.

Ben Rhodes now says this is about IP theft and confidential information

All that said, in the run-up to Xi Jinping’s visit, the Administration has actually gotten slippery on what it means when it invokes this kind of theft.

In an on the record conference call Tuesday, Ben Rhodes claimed (according to the transcript), “the United States government has already engaged in law enforcement actions, for instance, that targeted Chinese entities who we believed were behind that type of activity,” referring to this 2014 indictment. He had just described the activity as, “cyber-enabled theft of confidential business information and proprietary technology from U.S. companies” and described the goals as, “the protection of intellectual property and the ability of businesses to operate without concern of cyber theft.” In addition to “proprietary technology,” Rhodes is now including the cyber-enabled theft of “confidential business information” to China’s sins.

That is, in the days before a big public discussion about cyber theft, Ben Rhodes is moving the goal posts, describing the action of concern to include both “proprietary technology” — what they’ve been talking about for years — and “confidential business information” — which definitely describes what the PLA hackers took but doesn’t describe what they usually talk about when discussing IP theft.

Interestingly, Rhodes went on to suggest China would change its ways because otherwise US corporations won’t want to do business with them. “[T]he chief reason I think the Chinese have an interest in changing some of their behavior in the cyber realm is because if they’re operating outside of established international rules and norms, they’re ultimately going to alienate businesses, including U.S. businesses who have been critical to Chinese economic growth.” This is not the model of stealing data on the F-35 from Lockheed and subcontractors, the quintessential example of IP theft people like to point to. Rather, it’s the use of hacking to reverse engineer products China is buying from US companies, something Chinese companies usually do by stealing tools used in plants in China. Maybe Rhodes is correct that companies aren’t going to rush headlong into the fastest growing market anymore knowing China will reverse engineer, including by cyber-theft, of the things they’re buying, though I think that’s only likely if China’s growth continues to skid to a halt.

Ultimately, Rhodes accused China of cheating capitalism at a more fundamental level. “[T]hat’s something that gets at the integrity of the global economy, and that’s why we’ve been so focused on this.” Which is where it gets rather farcical, because it’s not like the US as a country doesn’t do what it can to bend the rules for its companies. Plus, if the Administration wants to take on China’s cheating, there are far easier ways to do it, such as on currency.

The roll-out of some kind of mutual understanding on cyber issues this week will be interesting regardless of Rhodes’ moving of the goal posts. But that he has done so — and broadened our age-old complaint about IP theft to now include the theft of confidential business information (some, but not all of which, we also do), is itself notable.

Did the OPM Hack Fix Jack Goldsmith’s Anonymity Problem?

In a piece claiming “the most pressing problem the United States sees in its cyber relations with China [is] the widespread espionage and theft by China in U.S. public and private digital networks,” Jack Goldsmith argues any cyber agreement with China won’t be all that useful because we would never be able to verify it.

I still adhere what I once wrote in response to this: “in the absence of decent verification, we cannot be confident that transparency measures are in fact transparent, or that revealed doctrine is actual doctrine.  Nor can norms get much purchase in a world without serious attribution and verification; anonymity is a norm destroyer.”

Goldsmith says this in a piece that claims to adopt Sanger’s expressed concerns about the proposed deal and what it won’t cover. Here’s Sanger:

But it seems unlikely that any deal coming out of the talks would directly address the most urgent problems with cyberattacks of Chinese origin, according to officials who spoke on the condition of anonymity to describe continuing negotiations.

Most of those attacks have focused on espionage and theft of intellectual property. The rules under discussion would have done nothing to stop the theft of 22 million personal security files from the Office of Personnel Management, which the director of national intelligence, James R. Clapper Jr., recently told Congress did not constitute an “attack” because it was intelligence collection — something the United States does, too.

The agreement being negotiated would also not appear to cover the use of tools to steal intellectual property, as the Chinese military does often to bolster state-owned industries, according to an indictment of five officers of the People’s Liberation Army last year. And it is not clear that the rules would prohibit the kind of attack carried out last year against Sony Pictures Entertainment, for which the United States blamed North Korea. That attack melted down about 70 percent of Sony’s computer systems.

So Sanger quotes James Clapper saying he doesn’t consider OPM an attack (for good reason), but says that’s one of the most urgent concerns about Chinese hacking. Clapper’s response doesn’t seem to substantiate Sanger’s claim about the centrality of that as a concern, though I think it is a huge concern. I’ll come back to this.

Then Sanger — in a piece that once again repeats the shitty reporting that last year’s indictment showed the theft of IP to bolster state-owned industries (see this post, but I’m working on a follow-up) — says the agreement won’t cover IP theft. Finally, Sanger says that the agreement might not cover a Sony pictures hack, which the Chinese haven’t been accused of doing, so why would that be important in an agreement with the Chinese?

That last bit is where Goldsmith actually doesn’t adopt what Sanger has laid out. Indeed, he seems to say the agreement is about Sony type hacks.

[T]he ostensible “agreement” won’t have anything to do with the most pressing problem the United States sees in its cyber relations with China – the widespread espionage and theft by China in U.S. public and private digital networks.  The negotiation is mainly about cyberattacks (cyber operations that disrupt, destroy, degrade, or manipulate information on adversary networks) and not about cyberexpoitation (cyber operations involving theft, intelligence-gathering, and the like on digital networks).

The Sony hack certainly disrupted and destroyed the film studio’s networks, even while exposing a bunch of embarrassing intelligence. But thus far, we’re proceeding as if China hasn’t done that to “us” (to the extent a Japanese owned film studio counts as the US), North Korea has. We don’t even ever talk about whether China, in addition to robbing the F-35 program blind, also sabotaged it;  I remain agnostic about whether the US defense industry needed China’s help to sabotage the program, but China definitely had the persistence in networks to sabotage key parts that have since proven faulty. Plus, we’re taking it on faith that claims that the NYSE/United outages that happened on the same day are really unrelated, and curiously we’re not talking about the serial air travel outages we’ve experienced of late (after United, the FAA and then American went down because of “software problems”). I would suggest that the IC may have reason to have urgent concern about China’s ability and willingness to sabotage us, above and beyond its IP theft and intelligence theft, but if it does it’s not telling us.

But let’s take a step back. Since when did we conflate IP theft and the OPM hack? Those are different problems, and I’d really love to have a discussion — which surely wouldn’t happen with any government officials in any unclassified forum — whether the OPM hack is now considered a more urgent threat than serial Chinese IP theft, or whether Clapper is being honest in consistently dismissing it as similar behavior to what we do. Sure, IP theft used to be the most urgent issue, but did that change when China absconded with a database of much of our clearance data? The relative urgency of the two seems an utterly critical thing to understand, given that China pwned us in the OPM hack, and now 3 months after discovering that, we’re signing a cyber agreement.

All the more so given that the OPM hack goes right to the issue of anonymity though not, perhaps, verifiability.

In his piece, Goldsmith is a bit more trusting of the Clapper claim — which I laid out here — that we lost technical accesses in the wake of the Snowden leaks. I think that may well be the case, but it’s just as likely that’s disinformation, either for Congress in advance of the Xi Jinping visit, or for the Chinese. Goldsmith presents that as one more reason why we can’t verify any agreement, and therefore it will be largely worthless.

But does it matter that the OPM hack created symmetry in transparency of personnel (which is different from technical accesses) between China and the US? Does it matter that, with the OPM hack, the Chinese largely replicated our ability to create fingerprints using XKS, and through that figure out who in China was doing what?

That is, we may not have full attribution ability right now — in Clapper’s description it sounded like we could consistently ID tools and persona, but not necessarily tie that persona back to the Chinese state, though, again, that my have been disinformation. But both the US (through XKS) and China (through OPM) have achieved a kind of transparency in personnel.

Which brings me to my central question, in response to Goldsmith’s claim this agreement is pretty meaningless because of the attribution and verification problems. He may well be right it will be a mostly symbolic agreement (though if we move towards norms that may be a positive step).

But until we tease out the real interaction of the old problem — the IP theft — with the new one — that China has our intelligence community by the balls, and until we develop more certainty that some other acts of sabotage aren’t, in fact, cyberattacks, I’m not sure we’re really understanding the dynamics behind the agreement.

Just as importantly, it seems, we need to understand what a new kind of personnel transparency affects our expectations about verification or trust in cyberspace. I don’t know the answer to whether this kind of symmetry chances the considerations on verification or not, but it does seem a relevant question.

Cyber-Unicorn Journalists Shocked the Unicorn Didn’t Appear, Again

When last we checked in on claims the US was going to cyber-deter China, I suggested people should understand the underlying dynamics at work.

Before people start investing belief in unicorn cyber deterrence, they’d do well to understand why it presents us such a tough problem.

That was 11 days ago. Since then, James Clapper has claimed (I’m not necessarily endorsing this claim as true, especially given the timing) the US isn’t even 100% sure China is behind the OPM hack — in part because we’ve lost some monitoring capabilities in recent years — all while making it clear we don’t consider it an attack because we do precisely the same thing to China. At the same time, top level US and Chinese officials met in anticipation of Xi Jinping’s visit. Here’s the White House readout of that meeting.

From September 9-12, senior Administration officials held a series of meetings with Secretary of the Central Political and Legal Affairs Commission of the Communist Party of China Meng Jianzhu in Washington, D.C.  Mr. Meng traveled to Washington as President Xi Jinping’s Special Envoy to discuss cybersecurity and other issues in advance of President Xi’s State Visit. Secretary of Homeland Security Jeh Johnson hosted Mr. Meng during his visit. In this capacity, Secretary Johnson convened a meeting between members of the Chinese delegation and representatives from the Departments of State, Treasury, Justice, Federal Bureau of Investigation, and the Intelligence Community.  In addition, FBI Director Comey also met with Mr. Meng at FBI headquarters for discussions. National Security Advisor Susan E. Rice received Mr. Meng for a meeting at the White House, where she had a frank and open exchange about cyber issues.

Remember: China is believed to have all of Jim Comey and Jeh Johnson’s security clearance files (probably Susan Rice’s as well). Comey in particular keeps raising that point. That surely adds something to such negotiations, knowing that your interlocutor has read a ready-made intelligence portfolio that your own government compiled on you.

Now the journalists who keep reporting that the US is about to, honest to god, this time they mean it, sanction China for its hacking report that sanctions are off the table for now, in part because those negotiations resulted in some kind of cyber agreement.

The United States will not impose economic sanctions on Chinese businesses and individuals before the visit of China President Xi Jinping next week, a senior administration official said Monday.

The decision followed an all-night meeting on Friday in which senior U.S. and Chinese officials reached “substantial agreement” on several cybersecurity issues, said the administration official, who spoke on the condition of anonymity because of the topic’s sensitivity.

The potential for sanctions in response to Chinese economic cyberespionage is not off the table and China’s behavior in cyberspace is still an issue, the official said. “But there is an agreement, and there are not going to be any sanctions” before Xi arrives on Sept. 24, the official said.

The breakthrough averted what would have raised a new point of tension with the Chinese that could have overshadowed the meeting — and Xi’s first state visit.

“They came up with enough of a framework that the visit will proceed and this issue should not disrupt the visit,” the official said. “That was clearly [the Chinese] goal.”

The reporting on this appears to be problematic, in part, because sources for these stories themselves misunderstand the issue.

Yet what that agreement is remains unclear. Two U.S. officials told The Daily Beast that substantial disagreement remains between the U.S. and China. China insists that it’s the victim of cyber spying, not a perpetrator. But the U.S. has filed criminal charges against Chinese officials for their role in stealing trade secrets and intellectual property from American companies.

[snip]

[CSIS Deputy Director Scott] Kennedy noted that given the length of time Meng was in Washington, his visit almost certainly covered other issues, including China’s efforts to hunt down Chinese nationals accused of crimes who are living abroad. U.S. law enforcement officials have complained that Chinese state security operatives are working in this country illegally and trying to intimidate Chinese people living here legally.

Remember, “US official” is journalistic code often used for members of Congress or contractors. And if these (possible) members of Congress don’t understand that the US sensors embedded in China’s networks are incredibly invasive cyber spying, if whoever claimed that our indictment for stealing information on trade disputes (something we spy on too) believes that we indicted for stealing IP, if those sources can’t imagine we might respond to the OPM hack by cracking down on extraordinary Chinese agents in the US, then those sources aren’t appreciating the real power dynamics at stake. And we’re going to continue to have journalism on this topic that serves more to provide a convenient narrative than to inform.

Thank you for playing, thank you for providing the appearance of a threat to placate Congress and drive a narrative of a tough negotiation, all while not laying out how the OPM hack changes things.

Several things seem to have been missed in this recent round of cyber-deterrence unicorn reporting. While China’s crashing stock market (renewed again today) provides a bit more leverage for the US against China — among other things, it raises the value Chinese elites would place on their US property and holdings, though China itself wants to pressure some of the same elites — it is still not in our best interest to antagonize this relationship. Moreover, whatever additional leverage we’ve got economically is more than offset by the OPM and related hacks, which China could use in any number of ways to really damage the US, especially given so many of our other critical systems — public and private, and I suspect that’s part of what some of the related hacks have been designed to demonstrate — remain insecure.

Most importantly, even before the Snowden leaks, the US had a real interest in finding some kind of norms that would make the cyber realm less volatile. That’s probably even more true now, because (as Clapper said, and this part I believe) our adversaries have been hardening their own defenses while stealing information that turns out to be more valuable to the US, meaning we don’t have such asymmetric advantage in the cyber realm anymore.

This comes at a time when Congress has become adamantly opposed to anything that resembles negotiations, because to them it looks like weakness. And most seem not to understand the stakes behind the reasons why the OPM hack cannot be considered an attack.

So if some credulous reporting created the space for such an agreement, great!

NSA Apologists Now Blaming Snowden for NSA’s Own Cyberdefense Failures

Read this claim about NSA spying, but don’t laugh.

“None of what the U.S. is doing is benefiting American business.”

Did you manage not laughing at the notion that the US is spending $70 billion a year on spying and none of it — not one little bit of it! — benefits American businesses?

Didn’t think so.

That quote, from Mandiant Chief Security Officer Richard Bejtlich, is just one of the utter absurdities built into this Kurt Eichenwald piece attempting to blame Edward Snowden for our failure to stop Chinese hacking of us.

Here’s the logic.

In May, [Tom] Donilon flew to Beijing to meet senior government officials there and set the framework for a summit between Obama and Chinese President Xi Jinping; Donilon and other American officials made it clear they would demand that hacking be a prime topic of conversation. By finally taking the step of putting public – and, most likely, international – pressure on the Chinese to rein in their cyber tactics, the administration believed it was about to take a critical step in taming one of the biggest threats to America’s economic security.

But it didn’t happen. The administration’s attempt to curb China’s assault on American business and government was crippled – perhaps forever, experts say – by a then-unknown National Security Agency contractor named Edward Snowden.

Snowden’s clandestine efforts to disclose thousands of classified documents about NSA surveillance emerged as the push against Chinese hacking intensified. He reached out to reporters after the public revelations about China’s surveillance of the Times‘s computers and the years of hacking by Unit 61398 into networks used by American businesses and government agencies. On May 24, in an email from Hong Kong, Snowden informed a Washington Post reporter to whom he had given documents that the paper had 72 hours to publish them or he would take them elsewhere; had the Post complied, its story about American computer spying would have run on the day Donilon landed in Beijing to push for Chinese hacking to be on the agenda for the presidential summit.

The first report based on Snowden’s documents finally appeared in The Guardian on June 5, two days before the Obama-Xi meeting, revealing the existence of a top-secret NSA program that swept up untold amounts of data on phone calls and Internet activity. When Obama raised the topic of hacking, administration officials say, Xi again denied that China engaged in such actions, then cited The Guardian report as proof that America should not be lecturing Beijing about abusive surveillance. [my emphasis]

Let’s review what Eichenwald has done here.

First, he has taken the Administration at its word that publicly shaming China, and then negotiating with them, would have slowed their cybertheft.

Next, he has insinuated — though not provided evidence — that both Snowden’s initial leaks and the timing of their release (which, after all, took place at different times) were all intentionally rather than coincidentally linked to the US effort to rein in Chinese hacking, and done at the direction of Snowden (that may be the case, but he hasn’t presented it, and if that were Snowden’s real intent, you would think he would have leaked specifics about our attacks on China weeks before he did).

He has highlighted an email (did he somehow get the content of an Edward Snowden email to Barton Gellman? Because I can’t imagine Gellman sharing this.) threatening to take his documents somewhere else, without thinking through what it means that he already had gone somewhere else or considering other reasons (he was holed in a hotel room, for example) why Snowden might have had some urgency for publishing. [Update: Here’s where that claim came from.]

And then he has Xi’s comments on America’s own hacking, which Eichenwald suggests was a response to the Section 215 and PRISM disclosures–“top-secret NSA program that swept up untold amounts of data on phone calls and Internet activity”

With me so far?

Curiously, Eichenwald makes no mention of the document that might actually bolster his case and which almost certainly was the reference Xi intended: the Presidential Policy Directive on cyberwar, which was released just hours before Obama’s meetings with Xi started in CA.

But that would require painting a very different picture of what the US does in cyberspace than this one. Read more