First They Came for WikiLeaks … Then They Came for Pot Dispensaries … Then Online Sharing

/22 Comments/in , /by

Remember when Visa and PayPal cut off services to WikiLeaks as a result of what was clearly Administration pressure? The Administration never explicitly revealed it had pressured the financial services companies to cut off WikiLeaks. It never offered any due process. Just–poof! WikiLeaks was no longer welcome to use a public service other corporate-people were able to.

And almost no one blinked at that abuse of due process.

Then Visa and MasterCard cut off pot dispensaries in California.

Your credit is no longer any good at California medical marijuana dispensaries, whose accounts with credit card processors have been canceled, thanks to pressure from the federal government.
Merchant services providers — the intermediaries between retailers and credit card companies who process customers’ payments — began informing their medical marijuana dealing clients that cannabis credit card transactions would not be processed after July 1, according to Stephen DeAngelo, Executive Director of Oakland’s Harborside Health Center.
No government agency is taking credit for making marijuana a cash-only business. But the “factual pattern” is as follows, DeAngelo said: Officials from the Treasury Department flexed on credit card companies, who then informed merchant services providers that they’d be “dropped from Visa and MasterCard forever” unless they stopped processing medical marijuana payments.

And PayPal has imposed new terms of services on file-sharing sites that will allow it to monitor sites for content.

According to TorrentFreak, PayPal has recently changed its terms of service, making requirements for file-sharing and newsgroup services far tighter than before.

The payment service, owned by eBay, now requires that “merchants must prohibit users from uploading files involving illegal content and indicate that users involved in such file transfers will be permanently removed from their service,” and that “merchants must provide PayPal with free access to their service, so PayPal’s Acceptable Use Policy department can monitor the content.”

The pot dispensary move is really heartless: as the article points out, it means customers have to walk around with wads of cash. And since a lot of medical marijuana customers are on disability, it means poor people can’t afford themselves the flexibility offered by credit cards.

And in addition to the specific injustice of undermining otherwise legal businesses, there’s the general issue. As it does with international financial exchange, so the Government is now doing with corporate entities in the US, picking and choosing which ones will have access to modern financial services and which won’t.

It’s an arbitrary exercise of power against entities the government can’t or won’t make a legal, due process entailing case against.

Maybe you’ll arbitrarily lose your credit card privileges next!

Obama’s “Zoo Animal” Broke Free and “Crossed the Rubicon”

/24 Comments/in , , /by

At the bottom of it all has been the Bomb. For the first time in our history, the President was given sole and unconstrained authority over all possible uses of the Bomb.

[snip]

Every executive encroachment or abuse was liable to justification from this one supreme power.

If the President has the sole authority to launch nation-destroying weapons, he has license to use every other power at his disposal that might safeguard that supreme necessity. If he says he needs other and lesser powers, how can Congress or the courts discern whether he needs them when they have no supervisory role over the basis of the claim he is making? To challenge his authority anywhere is to threaten the one great authority.

–Garry Wills, Bomb Power

I suppose I’ll eventually get around to discussing how the series of condoned leaks portraying President Obama as the Deciderer all rest on the pathetic but true fact that he is only borrowing George Bush’s claim to that title.

But for now, I want to focus on the one part of David Sanger’s mixed-metahpor saturated installment in the Deciderer 2.0 series that rings most true:

Mr. Obama, according to participants in the many Situation Room meetings on Olympic Games, was acutely aware that with every attack he was pushing the United States into new territory, much as his predecessors had with the first use of atomic weapons in the 1940s, of intercontinental missiles in the 1950s and of drones in the past decade. He repeatedly expressed concerns that any American acknowledgment that it was using cyberweapons — even under the most careful and limited circumstances — could enable other countries, terrorists or hackers to justify their own attacks.

“We discussed the irony, more than once,” one of his aides said. Another said that the administration was resistant to developing a “grand theory for a weapon whose possibilities they were still discovering.” Yet Mr. Obama concluded that when it came to stopping Iran, the United States had no other choice.

With cyberwar, with drones, and (to a lesser extent) with the embrace of the terrorists’ transnational methods to fight terrorists, Obama has crossed into uncharted territory of the sort Wills explored in his book, Bomb Power. These changes are likely a step beyond the Bomb Power paradigm, whatever that entails.

Yet Obama has only barely begun to think through the ramifications of these tools. He has, instead, focused on the near and overblown threats of Iran and AQAP, not seeing both the strategic implications of even those choices, much less the implications of the sort Wills describes arose in the wake of our use of a nuclear bomb.

The President has embraced waging extralegal war using drones from the Oval Office. The President has embraced using easily manipulable code to wage physical war. What are the implications of these decisions?

Oh sure, Obama started paying attention after the fact. A year ago, he rolled out a “National Strategy for Cyberspace,” calling for international cooperation to enforce responsible behavior of the sort we have already violated.  Even more recently, DOD has been tinkering with our rules of engagement.

But there are signs it is already too late, the battle lines have been drawn. Read more

The Government Can’t Make Up Its Mind Whether WikiLeaks Amounts to Aiding Al Qaeda or Not

/35 Comments/in , , /by

The government’s arguments in Hedges v. Obama are getting more and more inconsistent.

This is the case, recall, where Chris Hedges, Birgitta Jonsdottir, and several other people challenged the section of the NDAA that affirmed the President’s authority to militarily detain or deport (among other things) “covered persons.” Because the government repeatedly refused to say that the plaintiffs were not covered by the section, Judge Katherine Forrest not only found they had standing to sue, but she enjoined enforcement of the law.

Now the government is trying to unfuck the fuckup they made at oral arguments by offering caveated assurances that none of the plaintiffs would be covered by the law. (h/t Ben Wittes) But look carefully at what they say:

The government argued in its briefs that the plaintiffs cannot reasonably believe that section 1021 would extend to their conduct, in light of law of war principles, First Amendment limitations, and the absence of a single example of the government detaining an individual for engaging in conduct even remotely similar to what is alleged here. See Gov’t Initial Mem. 12-13. But at argument the government did not agree to provide specific assurance as to each plaintiff, a request that the government considers problematic. As a result, this Court deemed the government’s position to be unclear regarding whether section 1021 could apply to the conduct alleged by plaintiffs in this case. To eliminate any doubt, the government wants to be as clear as possible on that matter. As a matter of law, individuals who engage in the independent journalistic activities or independent public advocacy described in plaintiffs’ affidavits and testimony, without more, are not subject to law of war detention as affirmed by section 1021(a)-(c), solely on the basis of such independent journalistic activities or independent public advocacy.5 Put simply, plaintiffs’ descriptions in this litigation of their activities, if accurate, do not implicate the military detention authority affirmed in section 1021.

5 This case does not involve the kind of independent expressive activity that could support detention in light of law of war principles and the First Amendment. In contrast, for example, a person’s advocacy, in a theater of active military operations, of military attacks on the United States or the intentional disclosure of troop movements or military plans to the enemy, or similar conduct that presents an imperative security threat in the context of an armed conflict or occupation, could be relevant in appropriate circumstances. See Geneva Convention (IV) Relative to the Protection of Civilian Persons in Time of War, arts. 5, 41-43, 78. As discussed further below, it is not appropriate to expect the government to make categorical statements about the scope of its detention authority in hypothetical scenarios that could arise in an armed conflict, in part, because that authority is so context-dependent.

The government is not being at all clear here! It is reaffirming it stance that it would be problematic to offer assurances about the plaintiffs. It is saying it “wants to be as clear as possible” on this issue, but then says only if plaintiffs’ descriptions of their activities are accurate, then they don’t implicate military detention authority.

Let me spoil the surprise. The government doesn’t believe all the plaintiffs’ descriptions are accurate.

For a hint of why, look at the footnote. First, you’ve gotta love their caveat that “in a theater of active military operations.” The government has repeatedly said the entire world, including the US, is the battlefield in this war on terror. So they really mean “anywhere.”

But note they include “intentional disclosure of troop movements or military plans” to the enemy. That passage gets at their problem here.

That’s because, in spite of the fact that they say, “Section 1021 has no application to unarmed groups like WikiLeaks,” and remind they’ve offered assurances that Jonsdottir “could [not] possibly be deemed to fall within the scope of section 1021,” the government’s actions against WikiLeaks belie those claims.

That’s true, first of all, because DOJ specifically excludes entities like WikiLeaks from their definition of protected journalistic activities. (Indeed, I’ve deemed this passage from the DIOG the “WikiLeaks exception.”)

As the term is used in the DIOG, “news media” is not intended to include persons and entities that simply make information available. Instead, it is intended to apply to a person or entity that gathers information of potential interest to a segment of the general public, uses editorial skills to turn raw materials into a distinct work, and distributes that work to an audience, as a journalism professional.

Reassurances from DOJ that “journalistic activities” would not make Jonsdottir a covered person for her WikiLeaks work are worthless since DOJ doesn’t consider WikiLeaks’ activities journalistic activities.

More importantly, the government has already made it clear that they believe WikiLeaks amounts to aiding al Qaeda in DOD’s case against Bradley Manning. In fact, they base their Aiding the Enemy charge against Manning on the claim that by leaking materials to WikiLeaks, he knowingly made it available to al Qaeda.

In deliberations over a defense motion to dismiss the “aiding the enemy” charge, the government argued that the “enemy” had gone regularly to a “specific website and Pfc. Bradley Manning knew the “enemy” would do this when he allegedly provided information to the website.

The deliberations occurred in the second day of a pre-trial motion hearing at Fort Meade in Maryland. Manning, who is accused of releasing classified information to WikiLeaks, is charged with “aiding the enemy,” an Article 104 offense under the uniform code of military justice (UCMJ). It is a federal offense that could carry the death penalty (although the government has indicated it will not press for that in sentencing).

Judge Col. Denise Lind asked military prosecutor Capt. Joe Morrow if “the government intends to show that there is a particular website that this information was sent to and the accused was aware the enemy used that website.” Morrow said yes.

What this means is that the government is essentially arguing that “the enemy”—which the government has said is al Qaeda or any terror groups related—frequently accessed WikiLeaks and any “intelligence” provided. Manning knew that by handing over information to website he would provide assistance to “the enemy.”

And Judge Lind bought off on this argument, at least in theory.

So long as the government sustains this bogus Aiding the Enemy charge against Bradley Manning, then they implicitly are also arguing that Jonsdottir, by actually publishing the information allegedly provided by Manning, also intentionally provided intelligence to al Qaeda.

It seems, after being embarrassed by their past obstinance, the government is willing to say anything to avoid individuals from getting standing to challenge their counterterrorism abuses. Are they worried enough to drop that Aiding the Enemy charge yet?

Judge Enjoins NDAA Section 1021 because Government Implies Speech May Equal Terrorism

/16 Comments/in , , , , , /by

The Court then asked: Give me an example. Tell me what it means to substantially support associated forces.

Government: I’m not in a position to give specific examples.

Court: Give me one.

Government: I’m not in a position to give one specific example.

When Judge Katherine Forrest asked the government, repeatedly, for both generalized clarification and descriptions specific to plaintiffs like Chris Hedges and Brigitta Jonsdottir explaining the scope of Section 1021 of the NDAA, the government refused to give it. Not only was the government unwilling to reassure that even a Pulitzer Prize winning journalist like Hedges would not be indefinitely detained as “a person who was part of or substantially supported al-Qaeda, the Taliban, or associated forces” if he reported on any number of terrorist groups, but it also refused to explain the meaning of the section generally.

Which is the core reason why Forrest not only ruled that the plaintiffs have standing and the case should go forward, but also enjoined any enforcement of Section 1021. In explaining this, she noted that she was forced by the government’s refusal to give clarification to assume that the government believes First Amendment speech is included in the orbit of “substantially supported” that might be indefinitely held under 1021.

It must be said that it would have been a rather simple matter for the Government to have stated that as to these plaintiffs and the conduct as to which they would testify, that § 1021 did not and would not apply, if indeed it did or would not. That could have eliminated the standing of these plaintiffs and their claims of irreparable harm. Failure to be able to make such a representation given the prior notice of the activities at issue requires this Court to assume that, in fact, the Government takes the position that a wide swath of expressive and associational conduct is in fact encompassed by § 1021.

[snip]

This Court is left then, with the following conundrum: plaintiffs have put forward evidence that § 1021 has in fact chilled their expressive and associational activities; the Government will not represent that such activities are not covered by § 1021; plaintiffs’ activities are constitutionally protected. Given that record and the protections afforded by the First Amendment, this Court finds that plaintiffs have shown a likelihood of succeeding on the merits of a facial challenge to § 1021.

I spent much of the day explaining to people why Obama’s Yemen EO is so troubling. I’ve had to describe all the things that have transpired that have criminalized speech since Obama issued a similar EO in 2010–the decision in Holder v. Humanitarian Law Project, the conviction of Tarek Mehanna, and the charging of Bradley Manning with aiding the enemy.

Now I can point to Forrest’s opinion to show that the proposition that journalists might be prosecuted for material support of terrorism for their First Amendment speech–to the extent it’s an extreme proposition–it is the government’s extreme proposition.

Forrest used the government’s stubbornness against it in one other way, too–to get past the rather high bar on whether to issue a preliminary injunction or not. The decision on whether to issue an injunction or not depends on a lot of things. But ultimately, it requires a balancing test between the hardships imposed on the plaintiff and the defense. And since–Forrest explained–the government repeatedly insisted that Section 1021 does no more or less than what the AUMF already does, then enjoining the enforcement of 1021 would not harm the government at all.

In considering whether to issue a preliminary injunction, the Court must consider, as noted above, “the balance of the hardships between the plaintiff and defendant and issue the injunction only if the balance of the hardships tips in the plaintiff’s favor.” Salinger, 607 F.3d at 80.

The Government’s primary argument in opposition to this motion is that § 1021 is simply an affirmation of the AUMF; that it goes no further, it does nothing more. As is clear from this Opinion, this Court disagrees that that is the effect of § 1021 as currently drafted. However, if the Government’s argument is to be credited in terms of its belief as to the impact of the legislation–which is nil–then the issuance of an injunction should have absolutely no impact on any Governmental activities at all. The AUMF does not have a “sunset” provision: it is still in force and effect. Thus, to the extent the Government believes that the two provisions are co-extensive, enjoining any action under § 1021 should not have any impact on the Government.

While most of Forrest’s ruling involved hoisting the government on its own obstinate petard, she also left a goodie in her ruling for the higher courts that will surely review her decision after the government surely appeals (unless Congress passes a fix to the NDAA tomorrow, as they might). Forrest established the importance of speech by pointing to … Anthony Kennedy’s opinion in Citizens United.

In Citizens United v. Federal Election Commission, 130 S. Ct. 876 (2010), Justice Kennedy wrote that “[s]peech is an essential mechanism of democracy, for it is the means that hold officials accountable to the people . . . . The right of citizens to inquire, to hear, to speak, and to use information to reach consensus is a pre-condition to enlightened self-government.” Id. at 899. Laws that burden political speech are therefore subject to strict scrutiny. Id. at 898. “The First Amendment protects speech and speaker, and the ideas that flow from each.” Id. at 899.

If corporations can avail themselves of unlimited campaign speech, then mere journalists and activists ought to be able to engage in political speech without being indefinitely detained.

And yet, it took a judge to make that argument to the government.

Defying the Rules of Gravity, Obama Directs Sanctions Solely against Israel’s Enemies

/25 Comments/in , , , , /by

In conjunction with his speech at the Holocaust Museum yesterday and announcement of the Atrocities Prevention Board, President Obama also rolled out sanctions against those who use IT to repress human rights. The Treasury Department named the sanctions GRAHVITY (I think they get it from “GRAve Human rights abuses Via Information TechnologY” or some such Orwellian acronym).

There’s a problem with that. We are all subject to gravity.

But only Israel’s enemies–Iran and Syria–are subject to GRAHVITY.

This exclusive application was set up in yesterday’s speech when Elie Wiesel suggested the point of remembering the Holocaust was to guarantee the strength of Israel and ensure its enemies–in this case, Syria and Iran–are removed from office (and deprived of the same weapons Israel stockpiles against them).

Have you learned anything from it? If so, how is it that Assad is still in power? How is it that the Holocaust Number 1 denier, Ahmadinejad, is still a President, he who threatens to use nuclear weapons–to use nuclear weapons–to destroy the Jewish state?

[snip]

Now, I hope you understand, in this place [the Museum], why Israel is so important, not only to the Jew that I am and the Jewish people, but to the world. Israel cannot not remember. And because it remembers, it must be strong, just to defend its own survival and its own destiny.

Obama’s focus was broader. In his speech, he listed Cambodia, Rwanda, Bosnia, Darfur, Côte d’Ivoire, Libya (with no mention of the civilian casualties NATO caused), the Lords Resistance Army.

But Obama, too, focuses primarily on Syria.

In this speech, the sole reason to ensure internet freedom, according to Obama, is to bring about regime change in Syria.

And when innocents suffer, it tears at our conscience. Elie alluded to what we feel as we see the Syrian people subjected to unspeakable violence, simply for demanding their universal rights. And we have to do everything we can. And as we do, we have to remember that despite all the tanks and all the snipers, all the torture and brutality unleashed against them, the Syrian people still brave the streets. They still demand to be heard. They still seek their dignity. The Syrian people have not given up, which is why we cannot give up.

Read more

Remember When Russia’s Enemy Helped the Mujahadeen Neutralize Russia’s Most Effective Weapon?

/10 Comments/in , , /by

“Bluster”! “Exaggeration”!

Those are some of the words Joe Lieberman and some more credible people are using to dismiss Iran’s claim that it has accessed the data from the Sentinel drone it brought down last year.

Aside from “independent experts” pointing out the obvious fact that Iran could have gotten details about the Sentinel’s use to surveil Osama bin Laden’s compound from public reports (though how would it have gotten the specific dates?), the US security establishment has offered no detailed explanation of how Iran got the data it claims to have taken from the drone.

General Hajizadeh cited as evidence data that he said was extracted from the drone’s computer hard drives revealing its operations in the months before it went down in Iran — either because it was shot down, as Iranian officials have claimed, or because it experienced a technical failure, as the Americans have said.

The drone, he said, had undergone repairs in California in October 2010 and returned to Afghanistan in November 2010, where American officials have acknowledged it operated, though without specifying where its missions took it. He added that the drone’s computer memory revealed that it had flown over the compound in Pakistan where Osama bin Laden was killed in an American raid in May 2011.

“Had we not accessed the plane’s softwares and hard disks, we wouldn’t have been able to achieve these facts,” General Hajizadeh said, according to the news agency Fars.

The White House and American intelligence officials declined Sunday to comment on the new claims, though independent experts expressed skepticism. They noted that the information about the drone’s activities — including its use in the Bin Laden raid — could have been drawn from public reports about the sophisticated aircraft.

That may not entirely confirm that the data cited by Iran is accurate, but it sure doesn’t refute it.

That said, all these experts bewailing “bluster” have not mentioned the more obvious explanation behind Iran’s claim–even though just three days ago the news was filled with reports of Russia and China asking for information on the drone and much of the coverage of this latest fact acknowledges that in their stories.

Consider: while the OBL surveillance (though not the timing) was publicly reported, the maintenance records cited by the Iranians probably aren’t. But those details are more likely to be available not in the drone itself, but on Lockheed’s networks, which were hacked (though Lockheed claims no data was compromised) last year; everyone blames China for that hack. And if China has been able to access drone data off our networks like they’ve been able to access all our other weapons development data, then it would presumably make it a lot easier to break the encryption on the Sentinel drone itself.

Our fear-mongering about Iran, as well as our overthrow of Qaddafi and efforts to overthrow Assad, has far more to do with efforts to shore up Saudi–and therefore US–hegemony in the key oil-producing region of the world than nukes. And while China has been cozying up to the Saudis in ways that ought to make us rethink our unquestioning pursuit of Saudi goals, our efforts to eliminate any counter-weight to Saudi power in the region is a real threat to China (not to mention our ability to wage war in the African countries China has spent a decade cultivating by pressing a few buttons in Nevada). Precisely the same kind of threat we judged Russian expansion into Afghanistan to be in 1979 when we started funneling money–and ultimately, some years later, Stinger missiles–to the mujahadeen. The Stinger missiles took away Russia’s air superiority and with it their ambitions to keep Afghanistan and ultimately, their commitment to empire more generally.

So while it may comfort the public to be told Iran could never manage to reverse engineer our drone, the possibility that China and Iran may be making real progress in neutralizing our favorite new weapon would presumably worry the national security establishment. Just in time for Iran to enter negotiations and in such a way that the implicit threat from China is understood.

These blustery experts should have listened to me when I warned that China’s ability to access our defense networks with ease was far more dangerous than Bradley Manning and his Lady Gaga CD.

Does NCTC Have the Minimal Data Security to Guard Its New Not-Terrorist-Terrorist Database?

/4 Comments/in , , , /by

As I noted here and here, yesterday the Director of National Intelligence and DOJ rolled out new Guidelines allowing the National Counterterrrorism Center to acquire non-terrorist datasets from federal agencies–including US person data–so they can do pattern analysis on those datasets and pass off the resulting data to other agencies.

When intelligence officials wanted to explain to Charlie Savage how this would work, they pointed to a State Department dataset–visa applications–as one dataset NCTC might now access directly.

A person from Yemen applies for a visa and lists an American as a point of contact. There is no sign that either person is a terrorist. Two years later, another person from Yemen applies for a visa and lists the same American, and this second person is a suspected terrorist.

Under the existing system, they said, to discover that the first visa applicant now had a known tie to a suspected terrorist, an analyst would have to ask the State Department to check its database to see if the American’s name had come up on anyone else’s visa application — a step that could be overlooked or cause a delay. Under the new rules, a computer could instantly alert analysts of the connection.

The State Department is, of course, still reportedly recovering from the fact that because of DOD’s lax network security, 250,000 diplomatic cables got liberated for the world to see.

Not surprisingly, then, the new Guidelines appear determined to reassure original dataset owners that their data won’t be compromised by sharing it with NCTC (which can then share it with other elements of the Intelligence Community and even foreign allies). You can tell they’re serious about this, because it’s one of the places they occasionally use “shall” (in other sensitive areas, they use the squishier “will”).

For access to or acquisition of specific datasets, the DNI, or the DNI’s designee, shall collaborate with the data provider to identify any legal constraints, operational considerations, privacy or civil rights or civil liberties concerns and protections, or other issues, and to develop appropriate Terms and Conditions that will govern NCTC’s access to or acquisition of datasets under these guidelines.

[snip]

In addition to the [general requirements laid out for sharing this data], at the time when NCTC acquires a new dataset or a new portion of a dataset, the Director of NCTC shall determine, in writing, whether enhanced safeguards, procedures, and oversight mechanisms are needed.

Though this bold approach almost immediately breaks down, as the Guidelines not only revert to “will,” but–worse–dig out the passive voice when describing the data transfer.

Measures will be put into place to ensure that the dataset is received and stored in a manner to prevent unauthorized access and use prior to the completion of replication.

And when the Guidelines get into specifics, they use that passive “will” again.

Access to these datasets will be monitored, recorded, and audited. This includes tracking of logons and logoffs, file and object manipulation, and changes, and queries executed, in according with audit and monitoring standards applicable to the Intelligence Community.

Who will (“shall”) implement these data security measures? What if he or she fails to do so adequately?

It’s a really, really important question because–as this year’s intelligence authorizations make clear, the Intelligence Community does not yet have insider threat detection–the kind of security that would permit these audits–and they’re not going to get it until 18 months from now. Hell, they’re not even going to start getting it until 6 months from now!

(a) Initial Operating Capability.–Not later than October 1, 2012, the Director of National Intelligence shall establish an initial operating capability for an effective automated insider threat detection program for the information resources in each element of the intelligence community in order to detect unauthorized access to, or use or transmission of, classified intelligence.

Read more

Chain of Command: Some Violations of Military Discipline Are More Equal Than Others

/28 Comments/in , /by

The other day, Teddy Partridge noted a second instance of someone in the military–the previous one being the Commander-in-Chief–weighing in on Bradley Manning’s guilt.

Echoing his commander in chief in issuing statements that provide improper command influence in the trial of Bradley Manning, the Chairman of the Joint Chiefs of Staff, Gen. Martin Dempsey, stated unequivocally that Manning broke the law.

To review, here’s what Barack Obama said when asked about Bradley Manning in April 2011:

And if you’re in the military… And I have to abide by certain rules of classified information. If I were to release material I weren’t allowed to, I’d be breaking the law.

We’re a nation of laws! We don’t let individuals make their own decisions about how the laws operate. He broke the law.

It appears that President Obama’s highest military officer agrees with him:

The Joint Chiefs chairman also was asked about Manning, the alleged WikiLeaks contributor, and whether Dempsey thought Manning should be viewed as a political prisoner, whistle-blower or traitor.

“We’re a nation of laws. He did violate the law,” Dempsey said.

Meanwhile, Staff Sergeant Robert Bales has not even been charged yet–his lawyer, John Henry Browne, says the military has neither forensics nor a confession incriminating him!–but Generals are sending Browne messages wishing him the best in his defense of Bales.

Browne added that he has received hundreds of emails, including from some generals and other military figures, who wished him luck in the case.

Don’t get me wrong. I hope Browne does his best to give Bales a robust defense. And as I’ve noted repeatedly, I’m not at all convinced that the killings occurred as the military currently claims they did; if so I hope Browne proves that, too.

But I would be shocked if any generals wrote David Coombs, Bradley Manning’s lawyer, to wish him luck in defending a tough, unpopular client. Yet both men–Manning and Bales–are alleged to have violated military discipline in ways that hurt our efforts.

Update: Fixed my misspelling of Bales’ name.

The Rationale for NSA’s Bottomless Pit of Data: Hackers

/26 Comments/in , /by

In his must-read report on the bottomless data pit containing the NSA is building in Utah, James Bamford described the public explanations NSA Deputy Director Chris Inglis made when he broke ground on the facility.

[NSA deputy director Chris Inglis] arrived in Bluffdale at the site of the future data center, a flat, unpaved runway on a little-used part of Camp Williams, a National Guard training site. There, in a white tent set up for the occasion, Inglis joined Harvey Davis, the agency’s associate director for installations and logistics, and Utah senator Orrin Hatch, along with a few generals and politicians in a surreal ceremony. Standing in an odd wooden sandbox and holding gold-painted shovels, they made awkward jabs at the sand and thus officially broke ground on what the local media had simply dubbed “the spy center.” Hoping for some details on what was about to be built, reporters turned to one of the invited guests, Lane Beattie of the Salt Lake Chamber of Commerce. Did he have any idea of the purpose behind the new facility in his backyard? “Absolutely not,” he said with a self-conscious half laugh. “Nor do I want them spying on me.”

For his part, Inglis simply engaged in a bit of double-talk, emphasizing the least threatening aspect of the center: “It’s a state-of-the-art facility designed to support the intelligence community in its mission to, in turn, enable and protect the nation’s cybersecurity.” While cybersecurity will certainly be among the areas focused on in Bluffdale, what is collected, how it’s collected, and what is done with the material are far more important issues. Battling hackers makes for a nice cover—it’s easy to explain, and who could be against it? [my emphasis]

Inglis used hackers as cover for a spying facility that would collect and decrypt “all forms of communication, including the complete contents of private emails, cell phone calls, and Google searches, as well as all sorts of personal data trails—parking receipts, travel itineraries, bookstore purchases, and other digital ‘pocket litter’.” That is, Inglis used the threat of hackers to cover up for the fact that the government was spying on everyone.

Mind you, this was back in January 2011–before Anonymous threatened to take the Toobz down at a time when a key Anonymous hacker was being run by the FBI. Indeed, Inglis used hackers as his excuse for collecting massive amounts of data on everyone in the thick of the WikiLeaks excitement.

Nevertheless, Bamford describes Inglis publicly misleading about the centrality of hackers in the purpose of the bottomless pit when in fact the purpose is far broader. Particularly given the FBI’s recently exposed role running hackers, Inglis’ “double-talk” raises real questions about all the fear-mongering about hackers.

Spooky AssadLeaks: The Provenance of the Emails

/20 Comments/in , , /by

As I wrote in this post, I got interested in the provenance of a set of leaked Bashar al-Assad emails largely because of the way in which two of them were used to suggest, dubiously, Nir Rosen was an Assad agent.

The Guardian and Al Arabiya have both offered posts describing, in part, how they came by the emails, with the Guardian’s offering more details. The short version is:

March 15, 2011: Uprising escalates in Daraa.

Late March: “a young government worker in Damascus” handed off a slip of paper to a friend. The paper had four codes (plus or including the two email addresses, the Guardian is not clear) that would provide access to personal email accounts of Bashar al-Assad and his wife Asma. The friend was apparently supposed to pass them onto “a small group of exiled Syrians who would know what to do with them.”

June: “Two Syrian professionals in a Gulf state” obtain the emails. The Guardian doesn’t explain whether they were the original intended recipients, nor does it explain the delay. Though it does include a blurb describing their sudden awakening to politics that makes it clear the Guardian has spoken to at least one of the activists and replicated their self-narrative uncritically.

The uprising in the southern Syrian city of Deraa on 15 March had empowered them, as it had hundreds of thousands of others in the totalitarian state. They were now determined to do what they could to bring an end to more than four decades of rule by the Assad clan.

“It was clear who we were dealing with,” said one of the activists. “This was the president and his wife. There was no doubt.”

August 6: Sabu solicits Syrian MOD hacker to “disrupt govt communication systems.”

June to December: The emails are used with increasing frequency over time; Assad appears to build a PR strategy using them.

January: Anonymous (which had been infiltrated by the FBI since at least June, the same month the Syrian activists purportedly got the email codes) hacks Bashar al-Assad’s servers, accessing 78 different email accounts.

February 7: Anonymous releases the Assad emails which were published by Ha-aretz, claims the password was 12345. These are, at least in part, the very same emails being released today. Assad’s brother-in-law Firas al-Akhras emails him to tell him the inbox of the Ministry of Presidential Affairs had been leaked. All the emails are shut down.

March 15, 2012: The emails published.

In their narratives, neither the Guardian nor al Arabiya note that the FBI had been running Sabu since last June, precisely the same month the “activists” reportedly got the “secret codes” (12345?) that would allow them to access the Assad emails.

Now there are plenty of questions I have about this: Who was the mole, how did he or she get this information, who was the friend, what caused the 3-month delay. All of those questions, of course, are particularly interesting giving the coincidence of timing with the Sabu recruitment.

And why release these emails now? Just because of the one-year anniversary of Daraa, and the other events planned for the day?

Suffice it to say it feels a lot like outside entities–aside from whatever professionals-turned-activists purportedly monitored these accounts–were involved.

With that feeling in mind, two more details worth noting. First, al Arabiya’s story on how they got the emails focuses instead on what they didn’t publish: a bunch of “scandalous emails.”

Hundreds of “scandalous” emails were accordingly deleted by Al Arabiya.

By comparison, the Guardian said only it didn’t publish personal emails. Both sources, however, want people–perhaps including Assad?–to know that there were more emails that may be out there.

The other thing I find interesting is the detail the Guardian pays to Assad’s email habits.

[The Syrian activists in the Gulf state] soon noticed differences in the way the couple used their email accounts. “We had to be quick with Bashar’s emails,” one of the activists said. “He would delete most as soon as they arrived in his inbox, whereas his wife wouldn’t. So as soon as they went from unread to read we had to get them fast.”

Deleting emails as soon as they arrive shows a degree of awareness of web security. So too did the fact that Assad never attached his name or initials to any of the emails he sent. However, many of the emails that arrived in his inbox are addressed to him as president and contain intimate details of events and discussions that were not known outside of the inner sanctum and would have been very difficult to manipulate.

Even before I remembered that the same guy the Guardian claims was showing some web security used “12345” as his password, this entire passage sounded bogus, more like a way to provide cover for some other means to collect these emails that don’t involve more sophisticated wiretapping of packets, as opposed to email in-boxes.

But once you remember this is a guy who reportedly used “12345” as his password, then the entire claim Assad was practicing good security becomes laughable. Which makes this entire passage suspect.

There are two stories of how Bashar al-Assad got his emails hacked in the last year. In one version, Syrian activists managed to spy on their dictator in real time and are presumably releasing emails that lack a smoking gun (but did include “scandalous” emails) as a sort of anniversary present for Assad. The other story involves the FBI flipping at least one hacker and having him continue to hack at their command.

Or maybe there’s just one, far more intriguing story.