Senate Intelligence Bill Aims to Label WikiLeaks — and Maybe the Journalists Who Look Like Them — Spooks

I’m reading the draft Senate Intelligence Authorization for 2018; in a follow-up, I will lay out why it is a remarkably useful bill, particularly in the way it addresses vulnerabilities identified in the wake of the Russian efforts to tamper with our election.

But there is a major point of concern, one which led Senator Ron Wyden to vote against the bill in committee. Attached to a must-pass bill, it holds that it is the sense of Congress that WikiLeaks resembles a non-state hostile intelligence service.

SEC. 623. SENSE OF CONGRESS ON WIKILEAKS.

It is the sense of Congress that WikiLeaks and the senior leadership of WikiLeaks resemble a non-state hostile intelligence service often abetted by state actors and should be treated as such a service by the United States.

In explaining his opposition to the provision, Wyden laid out all the unintended consequences that might come from labeling WikiLeaks a hostile intelligence service. “My concern is that the use of the novel phrase ‘non-state hostile intelligence service’ may have legal, constitutional, and policy implications, particularly should it be applied to journalists inquiring about secrets,” stated Senator Wyden. “The language in the bill suggesting that the U.S. government has some unstated course of action against ‘non-state hostile intelligence services’ is equally troubling. The damage done by WikiLeaks to the United States is clear. But with any new challenge to our country, Congress ought not react in a manner that could have negative consequences, unforeseen or not, for our constitutional principles. The introduction of vague, undefined new categories of enemies constitutes such an ill-considered reaction.”

Wyden has a point. If WikiLeaks is treated as an intelligence service, for example, then anyone having extensive conversations with them can be targeted for surveillance. Any assistance someone gives — like donations — can be deemed a potential criminal violation. And a lot of people who access and support Wikileaks because of the content it publishes may be deemed suspect.

Wyden did find other things in the bill to praise, including three things he sponsored, two of them explicitly tied to the Russian threat:

  1. A report on the threat to the United States from Russian money laundering. The amendment calls on intelligence agencies to work with elements of the Treasury Department’s Office of Terrorism and Financial Intelligence, such as the Financial Crimes Enforcement Network (FinCEN), to assess the scope and threat of Russian money laundering to the United States.
  2. Requires Congressional notification before the establishment of any U.S.-Russia cybersecurity unit, including a report on what intelligence will be shared with the Russians, any counterintelligence concerns, and how those concerns would be mitigated.
  3. A report from the Intelligence Community on whether cyber security vulnerabilities in the U.S. cell network, including known vulnerabilities to SS7, are resulting in foreign government surveillance of Americans. The report follows on a study by the Department of Homeland Security that found major, widespread weaknesses in U.S. mobile networks.

But he nevertheless voted against the bill to register his concerns about the new label for WikiLeaks.

The WikiLeaks language would sure make it harder for Trump to exchange information with Julian Assange in exchange for a pardon. But tacking this onto such an otherwise useful bill seems like a bad idea.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

Why Did WikiLeaks Publish the Turkish Emails?

Foreign Policy has a gotcha story revealing that WikiLeaks turned down some documents on Russia last year. It is absolutely a gotcha, showing that WikiLeaks refused some Russian-related documents at a time when it was saying it’d happily accept some — or some Republican focused ones.

But given the sourcing, I’m wondering whether it instead shows that WikiLeaks won’t accept submissions from certain kinds of sources.

The story is based on “partial chat logs,” showing only WikiLeaks’ side of the conversation.

WikiLeaks declined to publish a wide-ranging trove of documents — at least 68 gigabytes of data — that came from inside the Russian Interior Ministry, according to partial chat logs reviewed by Foreign Policy.

The logs, which were provided to FP, only included WikiLeaks’s side of the conversation.

The language of the gotcha paragraph makes it appear as if the chat logs came from a WikiLeaks person because it uses the first person plural discussing what got sent to WikiLeaks.

“We had several leaks sent to Wikileaks, including the Russian hack. It would have exposed Russian activities and shown WikiLeaks was not controlled by Russian security services,” the source who provided the messages wrote to FP. “Many Wikileaks staff and volunteers or their families suffered at the hands of Russian corruption and cruelty, we were sure Wikileaks would release it. Assange gave excuse after excuse.”

Except further down in the article, “the same source” (whose identity or need for anonymity is never explained) describes feeding something else to Assange.

Approached later that year by the same source about data from an American security company, WikiLeaks again turned down the leak. “Is there an election angle? We’re not doing anything until after the election unless its [sic] fast or election related,” WikiLeaks wrote. “We don’t have the resources.”

In other words, this gotcha appears to be coming from the source (who was unwilling to share its side of the conversation with FP, which is itself suspect), not WikiLeaks after all (note, the source of the files said today he tried to get WikiLeaks interested in publishing them going back to 2014). And FP’s source appears to have been testing WikiLeaks’ willingness to publish a range of things, including both Russian documents and “data from an American security company.” I would be pretty suspicious of a source who was feeding me unrelated dumps. Julian Assange has also suggested he would happily publish documents from intelligence services — and technically did, with the Syria leaks — but it would be different if WikiLeaks suspected the intelligence service was trying to target it.

So it’s a damning story, but the details of it suggest there may be far more to the story (especially when you remember there was a badly executed American-based attempt to smear Assange as a pedophile last year).

Moreover, the story doesn’t mention something else: that a long profile came out this week substantially validating the second excuse, “we don’t have the resources.” A huge part of Raffi Khatchadourian’s NYer profile of Assange focuses on how overwhelmed WikiLeaks was last summer trying to get out the DNC emails, and so had to be forced to publish in timely fashion by the Guccifer 2.0 persona.

Meanwhile, a WikiLeaks team was scrambling to prepare the D.N.C. material. (A WikiLeaks staffer told me that they worked so fast that they lost track of some of the e-mails, which they quietly released later in the year.) On several occasions, and in different contexts, Assange admitted to me that he was pressed for time. “We were quite concerned about meeting the deadline,” he told me once, referring to the Democratic National Convention.

Here’s what I don’t get though.

If WikiLeaks was so overwhelmed, why did it publish emails from Turkey’s ruling party, which the NYer notes was one of the things contributing to the pressure.

In addition to the D.N.C. archive, Assange had received e-mails from the leading political party in Turkey, which had recently experienced a coup, and he felt that he needed to rush them out.

As I have previously noted, there are some interesting details about the hack-and-leak of these files. All the more so, now, given that Emma (then Michael) Best had a role in publishing them.

The other most celebrated case where inaccurate accusations against Wikileaks may have been counterproductive was last summer when something akin to what happened with the Macron leak did. Wikileaks posted a link to [Emma] Best’s archived copy of the AKP Turkish emails that doxed a bunch of Turkish women. A number of people — principally Zeynep Tufekci — blamed Wikileaks, not Best, for making the emails available, and in so doing (and like the Macron dump) brought attention to precisely what she was rightly furious about — the exposure of people to privacy violations and worse. Best argues that had Tufekci spoken to [her] directly rather than writing a piece drawing attention to the problem, some of the harm might have been avoided.

But I also think the stink surrounding Wikileaks distracted focus from the story behind the curious provenance of that leak. Here’s how Motherboard described it.

Here’s what happened:

First, Phineas Fisher, the hacker notorious for breaching surveillance companies Hacking Team and FinFisher, penetrated a network of the AKP, Turkey’s ruling party, according to their own statement. The hacker was sharing data with others in Rojava and Bakur, Turkey; there was apparently a bit of miscommunication, and someone sent a large file containing around half of akparti.org.tr’s emails to WikiLeaks.

WikiLeaks then published these emails on July 19, and as some pointed out, the emails didn’t actually seem to contain much public interest material.

Then Phineas Fisher dumped more files themselves. Thomas White, a UK-based activist also known as The Cthulhu, also dumped a mirror of the data, including the contentious databases of personal info. This is where Best, who uploaded a copy to the Internet Archive, comes in.

Best said [she] didn’t check the contents of the data beforehand in part because the files had already been released.

“I was archiving public information,” [she] said. “Given the volume, the source, the language barrier and the fact that it was being publicly circulated already, I basically took it on faith and archived a copy of it.”

Without laying out all the details here, I think there are some interesting issues about this hack-and-leak that might have gotten more scrutiny if the focus weren’t Wikileaks.

One of the details in the Assange profile I didn’t know is that Guccifer 2.0 offered up Democratic emails — the suggestion is they were the Podesta ones, though that is not affirmatively claimed — to Best in August.

Someone close to WikiLeaks told me that before Assange published the Podesta e-mails he faced this precise scenario. In mid-August, Guccifer 2.0 expressed interest in offering a trove of Democratic e-mails to Emma Best, a journalist and a specialist in archival research, who is known for acquiring and publishing millions of declassified government documents. Assange, I was told, urged Best to decline, intimating that he was in contact with the persona’s handlers, and that the material would have greater impact if he released it first.

The Turkish emails were published (by WikiLeaks and Best) in July, so just as all this was going down. As Motherboard pointed out, the first batch wasn’t all that interesting, and the second one was interesting primarily because of the privacy violation in publishing them.

So if WikiLeaks was so frantic in July, at precisely the time it was scrambling to publish the DNC emails before the Convention, why did it bother publishing the Turkish emails at all? The answer to that may be even more damning than the gotcha that FP presented.

Update: Remember, too, that Assange said he’d publish the ShadowBrokers files last August, but did not.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

Rohrabacher Can’t Remember Talking Assange Pardon with Trump But Is Sure Trump Wants Mind-Boggling Info from Julian Assange

In this post, I noted that Dana Rohrabacher might try to broker a deal between Assange and President Trump trading information on WikiLeaks’ DNC email source for — it appears — a pardon. As I noted, the meeting was first reported — at 8:02 PM —- by the Daily Caller.

At 12:22 AM ET, Julian Assange tweeted that “I do not speak to the public through third parties. Only unmediated statements coming directly from me can be considered authoritative.”

This morning, Rohrabacher issued a statement (posted in my last post) that ends with a promise he will share information already in hand with the President.

The congressman plans to divulge more of what he found directly to President Trump.

The Daily Caller has written a new story, based on an interview with Rohrabacher. In it Rohrabacher first claimed that “he can’t remember” if he has spoken to anyone in the White House about a pardon for Assange.

A pardon of Assange would have to come directly from President Donald Trump, and Rohrabacher told TheDC, “I can’t remember if I have spoken to anybody in the White House about this.”

Apparently Rohrabacher has so many conversations with the White House that he can’t remember them all.

He goes on to suggest he hasn’t gotten the information he (in his statement) promised to divulge to Trump.

The congressman has yet to receive the information that has been promised to him by Assange, but he said he is confident he will receive it.

But — Rohrabacher is sure — the information his office thought he had this morning but which he doesn’t have any more is sure to  be mind-boggling.

“If I had to bet on it, I would bet that we are going to get the information that will be mind-boggling and of major historical significance,” Rohrabacher said. He said if it is significant enough, he will bring it directly to Trump.

After which Rohrabacher, who can’t remember whether he has talked to anyone at the White House about this — much less the President!!! — asserts that “there has already been some indication that the president will be very anxious to hear what I have to say.”

“And there has already been some indication that the president will be very anxious to hear what I have to say if that is the determination that I make,” Rohrabacher added.

Call me crazy, but I think Assange demanded the Daily Caller back off their prior reporting [see update], perhaps to get reassurances from Trump he’ll get a pardon before he (through his proxy Rohrabacher) actually hands over the information. I don’t blame Assange for that — as I noted earlier, he’s only got one shot to produce his case, and if it is easily debunked, both he and Trump will be screwed.

Assange sure seems pretty uncertain about this information that Rohrabacher — who may or may not have already received it — is sure will be mind-boggling.

Update: Here is Assange’s statement about the visit, which makes no mention of disclosing his source.

WikiLeaks’ publisher Julian Assange and his lawyer Jennifer Robinson met with U.S. Congressman Dana Rohrabacher yesterday at the Congressman’s request. Mr. Assange explained how the ongoing proceedings against WikiLeaks over its publications on war, diplomacy and rendition violate the First Amendment rights of WikiLeaks and its readers. The grand jury proceedings against Mr. Assange and his staff started in July 2010 and have been repeatedly condemned by press freedom groups, the ACLU, Human Rights Watch and the United Nations. The proceedings are the largest ever conducted against a publisher and are widely viewed by legal scholars to be unconstitutional. The alleged source of the publications was granted clemency by President Obama in January. However the grand jury proceedings against the publisher continue and have expanded under the Trump administration. Mr. Assange faces potential life imprisonment. Now at seven years, the grand jury is one of the longest and most expensive in US history.

Mr. Assange does not speak through third parties. Only statements issued directly by him or his lawyers can be considered authoritative.

It also claims that Rohrabacher requested the visit, not vice versa.

Update: Curiously, Don Jr, who we know is happy to take meetings with just about anyone if they can produce information that damages dad’s enemies, just followed Assange on Twitter.

Update: The Daily Caller insists that Assange didn’t get them to back off any reporting, and instead explains that the contradictions between their Wednesday story and their Thursday one (and in Rohrabacher’s statements) derive instead from the poor wording of the statement from Rohrbacher’s office. My apologies for the insinuations that their failure to point out these multiple contradictions doesn’t just stem from bad reporting.

Update: Washington Times has more, which not only underscores how newsworthy are Daily Caller’s contradictions, but also confirms that Rohrabacher is now talking a back and forth process.

“I will have discussions with President Trump before going public, and that should happen hopefully within two weeks of now, by the end of the month,” he said. “In the end, the American people are going to know more than what they know now, and it will be with more certainty.”

Rohrabacher declined to say if he was given a physical set of files by Assange to support a counter-narrative on how WikiLeaks acquired emails damaging to Hillary Clinton’s candidacy. U.S. spy agencies say Russia hacked those emails and gave them to WikiLeaks.

“I told you, I’m not going to go into details on that,” said the Orange County conservative about whether he was given physical files. At one point, however, Rohrabacher implied he had not been given documents.

“We did not go into detail [about how WikiLeaks acquired Democratic emails], but that will obviously be something that will be provided in greater detail shortly,” he said.

“This is not a one step process, it’s a two-step or three step-process. There are some things we just have to go to the president with and see what he says, and then see how we can actually work its way so the American people know the truth,” he said.

Update, 8/19: In an article revealing that Charles Johnson has refused to cooperate with the Senate Intelligence Committee’s request for information on how he helped now-deceased rat-fucker Peter Smith attempt to find hacked files from Hillary’s server, Michael Isikoff provides his own version of the Rohrabacher/Assange deal. His version lacks the contradictions of the right wing press. It explains that Assange would basically trade “irrefutable” evidence he didn’t get the DNC emails from Russia (which is different than proving they didn’t come from Russia) in exchange for a pre-emptive pardon.

Johnson said he and Rohrabacher came back from their meeting with a specific proposal that the congressman intends to present to President Trump soon: Grant a preemptive pardon to Assange (who has been under Justice Department investigation for years, although he has never been charged) and the WikiLeaks founder would, in exchange, turn over “irrefutable” evidence that he didn’t get the Democratic National Committee emails from Russia, but from another source.

“Assange wants to have a deal with the president,” Johnson said. “He believes he should be pardoned in the same way that Chelsea Manning was pardoned.” Once Assange turns his evidence over, showing the Russians were not the source of the DNC emails, then the “president could put the kibosh” on the whole Russia investigation being conducted by special counsel Robert Mueller.

Johnson declined to say what Assange’s supposed evidence actually is (though he did say it did not include any documents). But he insisted he has spoken to unidentified figures in the White House who have told him the president wants to hear the proposal. “I know the president is interested in this,” he said. “There will be a meeting between Rep. Rohrabacher and President Trump.”

A spokesman for Rohrabacher confirmed that Johnson had arranged the meeting between the congressman and Assange. “My understanding is that there is not yet a concrete proposal, but that Dana does believe that if Assange does turn over the proof he’s promised, then he deserves a pardon,” the spokesman said.

There’s a lot that’s batshit about these claims, not least the suggestion that Chelsea Manning got a full pardon, rather than a commutation after 7 years of imprisonment and abusive treatment by the federal government.

But it’s also hard to imagine how, having laid out this deal in such stark terms, Robert Mueller won’t begin to show some interest in it.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

The Scope of the Special Counsel Appointment Is Totally Inadequate

Rod Rosenstein just appointed former FBI Director (and, before that, US Attorney) Robert Mueller as Special Counsel to take over the investigation into Trump and his associates.

I’m agnostic about the selection of Mueller. He has the benefit of credibility among FBI Agents, so will be able to make up for some of what was lost with Jim Comey’s firing. He will be regarded by those who care about such things as non-partisan. With Jim Comey, Mueller stood up to Dick Cheney on Stellar Wind in 2004 (though I think in reality his willingness to withstand Cheney’s demands has been overstated).

But Mueller has helped cover up certain things in the past, most notably with the Amerithrax investigation.

My bigger concern is with the scope, which I believe to be totally inadequate.

Here’s how the order describes the scope:

(b) The Special Counsel is authorized to conduct the investigation confirmed by then-FBI Director James 8. Comey in testimony before the House Permanent Select Committee on Intelligence on March 20, 2017, including:

(i) any links and/or coordination between the Russian government and individuals associated with the campaign of President Donald Trump; and

(ii) any matters that arose or may arise directly from the investigation; and

(iii) any other matters within the scope of 28 C.F.R. § 600.4(a).

As I read this, it covers just the investigation into ties between the Russian government and people associated with Trump’s campaign. Presumably, that includes Mike Flynn, Paul Manafort, and Carter Page, among others.

But there are other aspects of the great swamp that is the Trump and Russia orbit that might not be included here. For example, would Manafort’s corrupt deals with Ukrainian oligarchs be included? Would Flynn’s discussions with Turkish officials, or Rudy Giuliani’s attempt to excuse Turkey’s violation of Iran sanctions? Would the garden variety money laundering on behalf of non-governmental Russian mobbed up businessmen be included, something that might affect Manafort, Jared Kushner, or Trump himself?

And remember there are at least two other aspects of the Russian hacking investigation. Back in February, Reuters reported that San Francisco’s office was investigating Guccifer 2.0 and Pittsburgh was investigating the actual hackers.  Somewhere (San Francisco would be the most logical spot), they’re presumably investigating whoever it is that has been dumping NSA’s hacking tools everywhere. I’ve learned that that geography has either changed, or there are other aspects tied to those issues in other corners of the country.

Plus, there’s the Wikileaks investigation in EDVA, the same district where the Mueller-led investigation might reside, but a distinct investigation.

Any one of those investigations might present strings that can be pulled, any one of which might lead to the unraveling of the central question: did Trump’s associates coordinate with the Russian government to become President. Unless Mueller can serve to protect those other corners of the investigation from Trump’s tampering, it would be easy to shut down any of them as they become productive.

Yet, as far as I understand the scope of this, Mueller will only oversee the central question, leaving those disparate ends susceptible to Trump’s tampering.

Update: In its statement on the appointment, ACLU raises concerns about whether this would include the investigation into Trump’s attempt to obstruct this investigation.

Update: WaPo’s Philip Rucker reminds that Mueller is law firm partners with Jamie Gorelick, who has been representing both Ivanka and Kushner in this issue.

Update: Mueller is quitting WilmberHale to take this gig. He’s also taking two WilmerHale former FBI people with him. Still, that’s a close tie to the lawyer of someone representing key subjects of this investigation.

Update: One addition to the ACLU concern about investigating the Comey firing. In the most directly relevant precedent, the Plame investigation, when Pat Fitzgerald expanded his investigation from the leak of Plame’s identity to the obstruction of the investigation, he asked for approval to do so from the Acting Attorney General overseeing the investigation — in that case, Jim Comey.

The Acting Attorney General in this case is Rod Rosenstein. So if Mueller were as diligent as Fitzgerald was, he would have to ask the guy who provided the fig leaf for Comey’s firing to approve the expansion of the investigation to cover his own fig leaf.

Update: Petey noted to me that Jeff Sessions’ narrow recusal may limit how broadly Rosenstein’s order may be drawn. It’s a really interesting observation. Here’s what I said about Sessions’ recusal (which is very similar to what I tried to address in this post).

There are two areas of concern regarding Trump’s ties that would not definitively be included in this recusal: Trump’s long-term ties to mobbed up businessmen with ties to Russia (a matter not known to be under investigation but which could raise concerns about compromise of Trump going forward), and discussions about policy that may involve quid pro quos (such as the unproven allegation, made in the Trump dossier, that Carter Page might take 19% in Rosneft in exchange for ending sanctions against Russia), that didn’t involve a pay-off in terms of the hacking. There are further allegations of Trump involvement in the hacking (a weak one against Paul Manafort and a much stronger one against Michael Cohen, both in the dossier), but that’s in no way the only concern raised about Trump’s ties with Russians.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

The Last USA: Dana Boente Is the Best Short Term Solution

In the wake of the Comey firing, particularly given the way Deputy Attorney General Rod Rosenstein let himself serve as a pawn, many people have renewed their call for “a special prosecutor.” In the short term, however, I believe Dana Boente — that is, the status quo — is a better solution.

As a reminder, Dana Boente is the US Attorney of Eastern District of VA. With Rosenstein’s confirmation as DAG, Boente is the last remaining confirmed US Attorney in the United States. Boente’s office is overseeing at least two parts of the Russian investigation: the generalized investigation into Wikileaks, and the investigation into Trump’s campaign. The latter investigation recently issued subpoenas to Mike Flynn associates. There are reportedly parts of the investigation in three other places: some work being done in Main Justice, as well a a team investigating Guccifer 2.0/Shadow Brokers in San Francisco, and a team investigating the Russian hackers in Pittsburgh.

But the bulk of what people think of as “the Russian investigation” — the investigation into Trump’s cronies — is happening in EDVA, overseen by The Last USA.

In addition to reporting up to Rosenstein as DAG and Rosenstein as Acting AG for the Russian investigation, Boente just took over as Acting Assistant Attorney General for National Security Division — the office that reviews things like FISA orders. That means Boente — for better and worse — has more authority, on several levels, than a “Special Counsel” would have.

First, note I use the term “Special Counsel,” not “Special Prosecutor.” Ken Starr was a Special Prosecutor, but in the wake of his fiasco and given persistent questions about the constitutionality of having someone who was totally independent from the structure of DOJ prosecuting people, Congress got rid of the provision supporting Special Prosecutors.

So if Rod Rosenstein wanted to appoint someone “independent” to oversee the Russian investigation, he’d have to use the Special Counsel provision.

While I think it is permissible to hire someone from outside of DOJ to do that job (so it is possible he could call up corporate lawyer Pat Fitzgerald for his third ride on the Special Counsel merry-go-round to, in dramatic fashion, save the investigation undercut by the firing of his good friend Jim Comey), in practice the recent Special Counsel appointments (the UndieBomb 2.0 leak investigation, the StuxNet leak investigation, the John Kiriakou prosecution, the Torture investigation, and the Plame investigation) have all been DOJ prosecutors, either US Attorneys (in all but one case) or an Assistant USA Attorney, in the case of John Durham’s whitewash of torture. Plus, while Fitz is still well-loved at DOJ and FBI as far as I know, if Rosenstein appointed him, I bet Trump would fire him within minutes because he’s sure as hell not going to be “loyal.” And because of Fitz’ past gunning hard for Cheney and Bush, many Republicans might not put up much of a stink there.

If Rosenstein were to adhere to the practice of naming existing DOJ prosecutors, though, it’d mean he’d be choosing between Boente, The Last USA, or an AUSA (perhaps one of the ones who recently reported to him in MD). In both cases, the Special Counsel would report to Rosenstein for AG approvals (as Pat Fitz reported to Jim Comey for the Plame case).

You can see quickly why Boente is the preferable option. First, there’s no reason to believe he isn’t pursuing the investigation (both investigations, into Wikileaks and Trump’s associates) with real vigor. He is a hard ass prosecutor and if that’s what you want that’s what you’d get. His grand jury pool is likely to be full of people with national security backgrounds or at least a predisposition to be hawks.

But — for better and worse — Boente actually has more power than a Special Counsel would have (and more power than Fitz had for the Plame investigation), because he is also in charge of NSD, doing things like approving FISA orders on suspected Russian agents. I think there are problems with that, particularly in the case of a possible Wikileaks prosecution. But if you want concentrated power, Boente is a better option than any AUSA. With the added benefit that he’s The Last USA, which commands some real respect.

Sure. If next week Trump calls Boente to dinner and demands his loyalty on threat of firing, this may change. But the same logic that people are using with a Special Counsel (that if Trump fired that person, maybe then Republicans in Congress would want something more independent) holds for Boente. Firing The Last USA ought to be as incendiary as firing an AUSA, assuming anything will be.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

Why Accuracy about Wikileaks Matters

Let me preface this post by saying that I’m perfectly willing to accept that Julian Assange is a narcissist, accused rapist, destructive hypocrite serving as a willful tool of Russia. I’m also happy to concede that his role in publishing the DNC and Podesta emails may have played a significant part in getting Donald Trump elected (though I think it’s down the list behind Comey and Hillary’s own (in)actions). Please loathe Julian Assange–that is your right.

But please, also, try to be accurate about him and Wikileaks.

There have been two funny claims about Wikileaks since the leak of hacked emails from Emmanuel Macron associates was announced on 4Chan on Friday. First, analysis of how the hashtag #MacronLeaks spread emphasized that Wikileaks got more pickup than right wing propagandist Jack Posobiec or the other right wing promoters of it.

The most important surge came when WikiLeaks began tweeting the hashtag. The tweet itself was cautious, pointing out that the leak “could be a 4chan practical joke,” but it was retweeted over 2,000 times, compared with over 600 times for Posobiec.

Yet people have taken that to suggest that everyone who shared Wikileaks’ links to the materials were themselves promoting the emails positively. That is, they ignored the extent to which people share Wikileaks tweets critically, which itself added to the buzz about the dump. The surge in attention, in other words, was in part critical attention to what Wikileaks was doing with respect to the leak.

More troubling, still, outlets including NPR claimed that Wikileaks posted the documents (it has since issued a correction).

Finally, there are absurd pieces like this which, after babbling that, “Macron, by contrast, is favored by those who want … a France looking to the future rather than clinging to the fearful and fictional nostalgia promulgated by Le Pen,” states,

Literally at the 11th hour, before the blackout would silence it, the Macron campaign issued a statement saying it had been hacked and many of the documents that were dumped on the American 4Chan site and re-posted by Wikileaks were fakes.

On top of being poorly edited — Macron’s statement said nothing at all about who dumped the documents — the claims as to both 4Chan and Wikileaks are not technically correct. The documents weren’t dumped on 4Chan, a post on 4Chan included a link to a Pastebin with them. More importantly, Wikileaks didn’t “re-post” them, though it did post magnet links to them.

The importance of the distinction becomes evident just two paragraphs later when the article notes that some of the tweets in which Wikileaks linked to the documents described the vetting process it was undertaking.

Meanwhile, Wikileaks jumped on the document dump, but didn’t seem to be familiar with the material in it. Responding to the Macron statement that some of the items were bogus, Wikileaks tweeted, “We have not yet discovered fakes in #MacronLeaks & we are very skeptical that the Macron campaign is faster than us.”

Curiously, the article doesn’t link to WL’s first tweet, posted less than an hour after the 4Chan post, which said it could be a 4Chan practical joke.

In any case, contrary to what some idiotic readings of this article claim — that Macron succeeded in fooling Wikileaks — in fact, Macron has not succeeded, at least not yet, because Wikileaks has not posted the documents on its own site (Wikileaks could yet claim it had determined the documents to be real only to have Macron present proof they weren’t). Indeed, while Wikileaks expressed skepticism from the start, one thing that really raised questions for Wikileaks was that Macron so quickly claimed to have determined some were fake.

Plus, it’s not actually clear that Macron did fool the hackers who passed them onto the 4Chan source. Here’s the full description from Mounir Mahjoubi, the head of Macron’s digital team, on what their counteroffensive looked like.

“We also do counteroffensive against them,” says Mahjoubi.

[snip]

“We believe that they didn’t break through. We are sure of it,” said Mahjoubi. “But the only way to be ready is to train the people. Because what happened during the Hillary Clinton campaign is that one man, the most powerful, [campaign chairman] John Podesta, logged on to his [fake] page.”

To keep the entire Macron campaign aware of such dangers, Mahjoubi said, “Every week we send to the team screen captures of all the phishing addresses we have found during the week.” But that’s just the first phase of the response. Then the Macron team starts filling in the forms on the fake sites: “You can flood these addresses with multiple passwords and log-ins, true ones, false ones, so the people behind them use up a lot of time trying to figure them out.”

If Mahjoubi was being honest about his certainty the hackers didn’t succeed, then the campaign would have no reason or means to feed disinformation. And the details offered here appear to be about disinformation in response to phishing probes — that is, disinformation about metadata — not disinformation about content.

But now, between the Daily Beast’s gloating and the sharing of it with even less factual gloating, coupled with Macron’s quick declaration that the dump included fake documents, raises real (but potentially unjustified!) questions about whether the campaign added the Cyrillic metadata that got so much attention. Not only has Wikileaks’ vetting process not (yet) been exposed as a fraud, but the reporting may create even more distrust and uncertainty than there was. [Note, I posted a tweet to that effect that I have deleted now that I’m convinced there’s no evidence Macron faked any documents.]

Moreover, even if it is the case that GRU hacked Macron and Wikileaks would have happily published the emails if they passed its vetting process (which are both likely true), Wikileaks didn’t get and post the documents, which itself is worth noting and understanding.

In other words, some inaccuracies — and the rush to gloat against Wikileaks — may actually have been counterproductive to the truth and even the ability to understand what happened.

And this is not the only time. The other most celebrated case where inaccurate accusations against Wikileaks may have been counterproductive was last summer when something akin to what happened with the Macron leak did. Wikileaks posted a link to Michael Best’s archived copy of the AKP Turkish emails that doxed a bunch of Turkish women. A number of people — principally Zeynep Tufekci — blamed Wikileaks, not Best, for making the emails available, and in so doing (and like the Macron dump) brought attention to precisely what she was rightly furious about — the exposure of people to privacy violations and worse. Best argues that had Tufekci spoken to him directly rather than writing a piece drawing attention to the problem, some of the harm might have been avoided.

But I also think the stink surrounding Wikileaks distracted focus from the story behind the curious provenance of that leak. Here’s how Motherboard described it.

Here’s what happened:

First, Phineas Fisher, the hacker notorious for breaching surveillance companies Hacking Team and FinFisher, penetrated a network of the AKP, Turkey’s ruling party, according to their own statement. The hacker was sharing data with others in Rojava and Bakur, Turkey; there was apparently a bit of miscommunication, and someone sent a large file containing around half of akparti.org.tr’s emails to WikiLeaks.

WikiLeaks then published these emails on July 19, and as some pointed out, the emails didn’t actually seem to contain much public interest material.

Then Phineas Fisher dumped more files themselves. Thomas White, a UK-based activist also known as The Cthulhu, also dumped a mirror of the data, including the contentious databases of personal info. This is where Best, who uploaded a copy to the Internet Archive, comes in.

Best said he didn’t check the contents of the data beforehand in part because the files had already been released.

“I was archiving public information,” he said. “Given the volume, the source, the language barrier and the fact that it was being publicly circulated already, I basically took it on faith and archived a copy of it.”

Without laying out all the details here, I think there are some interesting issues about this hack-and-leak that might have gotten more scrutiny if the focus weren’t Wikileaks. But instead, the focus was entirely on what Wikileaks did (or actually, on blaming Wikileaks for what Best did), rather than how the hack-and-leak really happened.

I get that people have the need, emotionally, to attack Assange, and I have no problem with that. But when emotion disrupts any effort to understand what is really going on, it may make it more difficult to combat the larger problem (or, as lefties embrace coverage of the Bradley Foundation based on hacked documents and more mass hack-and-leak reporting gets journalism awards, to set norms for what might be legitimate and illegitimate hack-and-leaks).

If you hate Assange, your best approach may be to ignore him. But barring that, there really is a case for aspiring to factual accuracy even for Wikileaks.

Update: Fixed description of what WL actually linked to — h/t ErrataRob.

Update: This article provides more detail on the hack and Macron’s attempts to counter the hackers.

“Il y a des dossiers qui ont été ajoutés à ces archives. Des dossiers dont on ne sait pas à quoi ils correspondent. Qui ne sont pas des dossiers d’emails, par exemple. Ensuite, il y a des faux emails qui ont été ajoutés, qui ont été complétés. Il y a aussi des informations que nous-même on avait envoyées en contre-représailles des tentatives de phishing !”, a expliqué Mounir Mahjoubi.

So some of the added documents (which, incidentally, are the ones that show Cyrillic metadata) are from someplace unknown, not the five hacked email boxes. There are fake emails, described has “having been completed,” which may mean (this is a guess) the hackers sent emails that were sitting in draft; if so there might be fake emails that nevertheless come with authenticating DKIM codes. The description of what the campaign did — counter-attacks to phishing attempts — is still not clear as to whether it is metadata (faked emails) or content, but still seems most likely to be metadata.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

The WikiLeaks Deterrent Theory, AKA the Arbitrary Official Secrets Act

Three outlets yesterday — first the WaPo, then CNN, then NYT — reported that DOJ is considering charges against Julian Assange and WikiLeaks. The discussion of what charges, and for what leaks, differs between the reports.

While mentioning the Vault 7 leaks, WaPo also focuses on Chelsea Manning’s leaks and Assange’s discussions about how to gain access.

In March, WikiLeaks published thousands of files revealing secret cyber-tools used by the CIA to convert cellphones, televisions and other ordinary devices into implements of espionage. The FBI has made significant progress in the investigation of the leak, narrowing the list of possible suspects, officials said. The officials did not describe WikiLeaks’ exact role in the case beyond publishing the tools.

Prosecutors are also reexamining the leaks from Chelsea Manning, the Army soldier who was convicted in 2013 of revealing sensitive diplomatic cables. Manning chatted with Assange about a technique to crack a password so Manning could log on to a computer anonymously, and that conversation, which came up during Manning’s court-martial, could be used as evidence that WikiLeaks went beyond the role of publisher or journalist.

Alexa O’Brien tweeted out some thoughts and links to what any further prosecution of the Manning leak might entail.

CNN, which is the most certain charges have already been drawn up, explains that DOJ believes WikiLeaks’ actions changed in nature with Edward Snowden.

The US view of WikiLeaks and Assange began to change after investigators found what they believe was proof that WikiLeaks played an active role in helping Edward Snowden, a former NSA analyst, disclose a massive cache of classified documents.

I think that may be demonstrably true of Sarah Harrison, who helped a fugitive escape. But I’m not sure the US has equally compelling evidence against Assange.

Perhaps the most interesting discussion comes from NYT, which discusses the ongoing debate — with “senior Justice Department officials … pressuring prosecutors” over what is realistic and what authorities actually want, which is an Espionage conviction.

The official, speaking on the condition of anonymity because the details of the discussions remain secret, said senior Justice Department officials had been pressuring prosecutors in the Eastern District of Virginia to outline an array of possible charges against Mr. Assange.

But the official said prosecutors remained skeptical that they could pursue the most serious charges, of espionage, with regard to the documents Mr. Assange disclosed years ago with the help of an Army intelligence analyst, Chelsea Manning. Ms. Manning was convicted and sent to prison, but President Barack Obama commuted her sentence in January.

Given how few people Trump has confirmed into positions in government, these outlets should be a bit more descriptive. In that passage, for example, and the following from WaPo, what does “senior justice department official” mean when US Attorney Dana Boente is (as I’ve noted but none of these stories do) also acting DAG and acting AG for any Russia-related charges.

Prosecutors in recent weeks have been drafting a memo that contemplates charges against members of the WikiLeaks organization, possibly including conspiracy, theft of government property or violating the Espionage Act, officials said. The memo, though, is not complete, and any charges against members of WikiLeaks, including founder Julian Assange, would need approval from the highest levels of the Justice Department.

Would Boente be approving charges filed under Boente’s name?

Though that may not matter. Rod Rosenstein, who will become DAG shortly, has himself pursued excessive charges in leak cases, both against Thomas Drake and Hal Martin.

Perhaps the most interesting claim is that the FBI thought indicting Assange — who likely won’t be prosecuted in any case unless Ecuador suddenly changes their mind about their house guest — would provide some kind of deterrent effect.

Officials have said that the F.B.I. supports prosecuting Mr. Assange. Several years ago, the agency sent a series of documents to the Justice Department outlining charges that investigators claimed to have evidence to support. At the time, F.B.I. counterintelligence agents believed that charging Mr. Assange would deter him from posting new troves of American documents.

I think you’d have to be daft to think prosecuting Assange would deter him from posting more, assuming this happened while he was in the Ecuadoran Embassy. Prosecuting him would only mean he’d have less to lose — and, frankly, more reason to post things that might please America’s adversaries, like Russia.

But it might serve as deterrence for other publishing outlets that aren’t holing up in an Embassy. Short of some really distinguishing actions (and Harrison’s might amount to that in the Snowden case), indicting Assange would put everyone else with a SecureDrop on notice that they, too, might be prosecuted. Surely, DOJ would pick and choose who gets prosecuted. They might choose other easily easily targeted people — people who are gay, people who no longer live in this country, people who have too many dogs — to similarly make examples of (though pity the fool that challenges Glenn Greenwald’s First Amendment rights.

DOJ wants to start cutting away at the First Amendment. All the better for them, if in the name of prosecutorial discretion, Jeff Sessions’ DOJ could pick and choose which publishers’ speech gets curtailed.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

Dana Boente Still Has a Job and Why That’s of Interest for WikiLeaks

WaPo has a weird story reporting, erroneously, that Donald Trump has no US Attorneys.

Attorney General Jeff Sessions is making aggressive law enforcement a top priority, directing his federal prosecutors across the country to crack down on illegal immigrants and “use every tool” they have to go after violent criminals and drug traffickers.

But the attorney general does not have a single U.S. attorney in place to lead his tough-on-crime efforts across the country. Last month, Sessions abruptly told the dozens of remaining Obama administration U.S. attorneys to submit their resignations immediately — and none of them, or the 47 who had already left, have been replaced.

“We really need to work hard at that,” Sessions said when asked Tuesday about the vacancies as he opened a meeting with federal law enforcement officials. The 93 unfilled U.S. attorney positions are among the hundreds of critical Trump administration jobs that remain open.

While it is true that Trump had Sessions ask for the remaining 93 US Attorneys’ resignations, he subsequently announced he was keeping Rod Rosenstein (who contrary to WaPo’s claim that he “served as U.S. attorney for Maryland” is still there, and who will become Deputy Attorney General as soon as he’s confirmed in the next few weeks) and Dana Boente (who is US Attorney for EDVA but also acting AG for the Russia investigation).

Both Boente and Rosenstein made press announcements today; the guys whose custody they announced probably would prefer if they weren’t on the job.

I guess the WaPo wanted to suck up to Jeff Sessions and so didn’t consider the possibility that we’re better off with 91 US Attorney vacancies than 91 racist hacks like Sessions, pushing through his regressive policies.

Anyway, since we’ve established that Boente still has a job and in fact oversees the Russia investigation, I thought I’d point out something I was considering during last week’s threats from CIA Director Mike Pompeo against WikiLeaks.

During Pompeo’s comments at CSIS last week, he said,

Julian Assange and his kind are not the slightest bit interested in improving civil liberties or enhancing personal freedom. They have pretended that America’s First Amendment freedoms shield them from justice. They may have believed that, but they are wrong.

[snip]

[W]e have to recognize that we can no longer allow Assange and his colleagues the latitude to use free speech values against us. To give them the space to crush us with misappropriated secrets is a perversion of what our great Constitution stands for. It ends now.

As some people observed, Pompeo’s comments are inconsistent with the practice of Obama’s DOJ, particularly under Holder. While Holder would have happily prosecuted Julian Assange for his role in release of files leaked by Chelsea Manning, he realized that if he did, he’d be criminalizing stuff that the press does.

Pompeo, at least, seems to disagree.

And the reason why Boente’s continued tenure as Eastern District US Attorney — and his role overseeing the Russian investigation — is that he has also been overseeing the ongoing investigation into Wikileaks since 2013.

Consider the fact that Assange’s actions of late may be more incriminating than those involving Manning (even assuming Assange can credibly claim he has no way of knowing whether Russia is responsible for the DNC hack, Assange’s comments about both the DNC and the Vault 7 leak suggest more coordination than in the past). Then add in the fact that Boente, for the next few weeks anyway, might be able to claim to be both US Attorney and Acting AG on any role by WikiLeaks in the publication of the DNC emails. And it raises the possibility that Boente would use this window to indict Assange.

I think that’s unlikely. Moreover, while an indictment would give the US reason to pressure Ecuador even more to boot Assange, it’s not clear they would. But it’s possible.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

Pompeo Likens Wikileaks’ Release of CIA’s Hacking Tools to Philip Agee

In a speech designed to generate headlines, CIA Director Mike Pompeo just attacked WikiLeaks as a “a non-state hostile intelligence service often abetted by state actors like Russia.” The speech was explicitly a response to an op-ed Julian Assange had in the WaPo a few days ago.

Now, for those of you who read the editorial page of the Washington Post—and I have a feeling that many of you in this room do—yesterday you would have seen a piece of sophistry penned by Mr. Assange. You would have read a convoluted mass of words wherein Assange compared himself to Thomas Jefferson, Dwight Eisenhower, and the Pulitzer Prize-winning work of legitimate news organizations such as the New York Times and the Washington Post. One can only imagine the absurd comparisons that the original draft contained.

But the speech deserves closer analysis for several reasons.

CIA Directors hoping to build trust should fact and hypocrisy check better

First, it had the predictable CIA Director errors. As an example, it pretends to be rebutting “false narratives” purportedly spread by WikiLeaks, but uses as an example “the fanciful nation that they spy on their fellow citizens via microwave ovens,” a suggestion first spread by KellyAnne Conway, not WikiLeaks (though WikiLeaks responded by pointing to ways to spy with microwaves, though not ovens). It suggests Assange “directed Chelsea Manning in her theft of specific secret information;” had Assange’s direction been that clear cut, he would have been indicted. Perhaps most hilariously, a guy who — nine months ago — was applauding a WikiLeaks release today had this to say:

First, it is high time we called out those who grant a platform to these leakers and so-called transparency activists. We know the danger that Assange and his not-so-merry band of brothers pose to democracies around the world. Ignorance or misplaced idealism is no longer an acceptable excuse for lionizing these demons.

Yes. By all means, we should call out those who grant a platform to WikiLeaks. Like Mike Pompeo.

The never-ending defense of all spying overseas

The speech is also worth reviewing because of something that has become tiresome in recent years.

To rebut that false narrative Pompeo rebuts a claim that’s beside the point to WikiLeaks’ presentation of the CIA Vault 7 files (though it is one WikiLeaks has suggested on Twitter): that CIA spies on Americans.

[W]e are an intelligence organization that engages in foreign espionage. We steal secrets from foreign adversaries, hostile entities, and terrorist organizations. We analyze this intelligence so that our government can better understand the adversaries we face in a challenging and dangerous world.

[snip]

So I’d now like to make clear what CIA doesn’t do. We are a foreign intelligence agency. We focus on collecting information about foreign governments, foreign terrorist organizations, and the like—not Americans. A number of specific rules keep us centered on that mission and protect the privacy of our fellow Americans. To take just one important example, CIA is legally prohibited from spying on people through electronic surveillance in the United States. We’re not tapping anyone’s phone in Wichita.

Assange has focused primarily not on domestic spying, but on how incompetent CIA was for losing its hacking tools and for the proliferation risk it poses. Here’s what Assange said in his op-ed.

Our most recent disclosures describe the CIA’s multibillion-dollar cyberwarfare program, in which the agency created dangerous cyberweapons, targeted private companies’ consumer products and then lost control of its cyber-arsenal. Our source(s) said they hoped to initiate a principled public debate about the “security, creation, use, proliferation and democratic control of cyberweapons.”

Pompeo admits aggressive use of tools, and promises better security

That’s not a point that Pompeo really debates, though he does say,

CIA is aggressive in our pursuit of the information we need to help safeguard our country. We utilize the whole toolkit at our disposal, fully employing the authorities and capabilities that Congress,

As for losing the cyber toolkit (Pompeo does not, of course, confirm that that is what WikiLeaks has been releasing), Pompeo does promise these changes to improve CIA’s own security.

Second, there are steps that we have to take at home—in fact, this is a process we’ve already started. We’ve got to strengthen our own systems; we’ve got to improve internal mechanisms that help us in our counterintelligence mission. All of us in the Intelligence Community had a wake-up call after Snowden’s treachery. Unfortunately, the threat has not abated.

I can’t go into great detail, but the steps we take can’t be static. Our approach to security has to be constantly evolving. We need to be as clever and innovative as the enemies we face. They won’t relent, and neither will we.

We can never truly eliminate the threat but we can mitigate and manage it. This relies on agility and on dynamic “defense in depth.” It depends on a fundamental change in how we address digital problems, understanding that best practices have to evolve in real time. It is a long-term project but the strides we have taken—particularly the rapid and tireless response of our Directorate of Digital Innovation—give us grounds for optimism.

If these changes go beyond finally ensuring all devices require multi-factor authentication (something a Mike Pompeo overseen CIA did not have this time last year), then it will be a good thing.

The Philip Agee comparison

But I’m perhaps most interested in the implicit comparison Pompeo makes to start his speech. He suggests a comparison between Philip Agee (and the murder of Chief of Station Richard Welch after being outed by Agee) and WikiLeaks (or perhaps Assange personally).

That man was Philip Agee, one of the founding members of the magazine Counterspy, which in its first issue in 1973 called for the exposure of CIA undercover operatives overseas. In its September 1974 issue, Counterspy publicly identified Richard Welch as the CIA Chief of Station in Athens. Later, Richard’s home address and phone number were outed in the press in Greece.

In December 1975, Richard and his wife were returning home from a Christmas party in Athens. When he got out of his car to open the gate in front of his house, Richard Welch was assassinated by a Greek terrorist cell. At the time of his death, Richard was the highest-ranking CIA officer killed in the line of duty.

That’s a pretty remarkable way to introduce this speech. Perhaps to defend it, in the section of the speech dedicated to painting WikiLeaks as a hostile actor, Pompeo notes AQAP thanked WikiLeaks for tipping it off to a way to fight the US it hadn’t thought of.

Following a recent WikiLeaks disclosure, an al Qa’ida in the Arabian Peninsula member posted a comment online thanking WikiLeaks for providing a means to fight America in a way that AQAP had not previously envisioned.

That’s still a long way from posting CIA officers’ identities.

Security firms begin to expose CIA’s roles

All that said, I can’t help but wonder whether this spat between former WikiLeaks booster Mike Pompeo and WikiLeaks stems from a development that I’ve been anticipating: when security firms start treating US intelligence hackers like they do Russian or Chinese ones.

In the wake of WikiLeaks’ Vault 7 documents, both Symantec and Kaspersky wrote reports on Vault 7 hacks they had seen working with clients. Symantec provided a very convincing table correlating the compilation time of what they’ve seen with the evidence WikiLeaks presented.

Symantec also described the victims generally (including describing what sounds like CIA detasking as soon as they realized they had accidentally attacked a US target).

Longhorn has infiltrated governments and internationally operating organizations, in addition to targets in the financial, telecoms, energy, aerospace, information technology, education, and natural resources sectors. All of the organizations targeted would be of interest to a nation-state attacker.

Longhorn has infected 40 targets in at least 16 countries across the Middle East, Europe, Asia, and Africa. On one occasion a computer in the United States was compromised but, following infection, an uninstaller was launched within hours, which may indicate this victim was infected unintentionally.

Kaspersky offered no such public detail.

Nevertheless, these reports are just one of several developments of late (which I hope to return to) that exhibit the US’ hackers being treated like Russian or Chinese hackers are — as general adversaries outside of their country. If, as seems likely given Symantec’s description of European victims, some of the victims are nominal US allies, that’ll grow worse.

If I’m right, it’s a significant development. It may not equate to a CIA officer being outed. But it may case far more problems.

Update: As a number of people have made clear, Agee was not responsible for Welch’s death. So I’ve deleted those words.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

The October Non-Surprise

Both the Wikileaks Podesta release and the Access Hollywood tape drowned out the Intelligence Community report on Russia

Earlier this week, in an interview with Politico (the story and the interview transcript seem to be memory holed for now), Obama’s Homeland Security Czar Lisa Monaco insisted that the Obama response to the Russian hack of the DNC was actually quite forceful, but that it got lost in the release of the Access Hollywood video showing Trump threatening to grab women by the pussy.

But strong supporters of Clinton’s campaign argued—some at the time, many more in the wake of the former secretary of state’s shocking November election defeat—that the Obama team should have done more to publicize the hacking for what it was: a heavy-handed Kremlin intervention on behalf of one side in America’s presidential election. Monaco pushed back against that, recalling that the heads of U.S. intelligence agencies issued a joint statement publicly blaming the Russians for the pre-election hack on Oct. 7. “That was an unprecedented statement,” she says, “a fact that sometimes gets lost in this discussion” given that it came on the same day as the revelation of the “Access Hollywood” tape showing Trump joking about sexually assaulting a woman.

I point to Monaco’s argument because it’s a mirror image to claims Hillary supporters make about the same week. They argue that the release of the John Podesta emails drowned out the Access Hollywood video. Here’s John Podesta in a December appearance on Meet the Press.

So October 7th, Wiki– October 7th, let’s go through the chronology. On October 7th, the Access Hollywood tape comes out. One hour later, WikiLeaks starts dropping my emails into the public. One could say that there might, those things might not have been a coincidence.

Monaco is in the right here. The Google Trends graph above maps “Wikileaks emails” in blue, “Access Hollywood” in red, and “Russian hack” in yellow (“Grab them by the pussy” shows a more extreme but shorter spike, “John Podesta” doesn’t show as high). In fact, the Grab them by the pussy video drowned out the first releases of the Podesta emails — which suggests it would have been stupid strategy to intentionally release them at the same time, as doing so would mean fewer people would read the excerpts from Hillary’s speeches that got released on the first day. By the following Tuesday, Wikileaks had taken over. By comparison, the Russian hack was a mere blip compared to those two stories, though.

The Roger Stone and Wikileaks narrative misses a few data points

I return to this chronology for another reason. The events of the week of October 3 have been in the news for another reason: their role in the claim that Roger Stone was coordinating with Wikileaks during that week (which is presumably a big part of the reason Podesta insinuated there was coordination on that timing).

CNN has a timeline of many of Stone’s Wikileaks related comments, which actually shows that in August, at least, Stone believed Wikileaks would release Clinton Foundation emails (a claim that derived from other known sources, including Bill Binney’s claim that the NSA should have all the Clinton Foundation emails).

It notes, as many timelines of Stone’s claims do, that on Saturday October 1 (or early morning on October 2 in GMT; the Twitter times in this post have been calculated off the unix time in the source code), Stone said that on Wednesday (October 5), Hillary Clinton is done.

Fewer of these timelines note that Wikileaks didn’t release anything that Wednesday. It did, however, call out Guccifer 2.0’s purported release of Clinton Foundation documents (though the documents were real, they were almost certainly mislabeled Democratic Party documents) on October 5. The fact that Guccifer 2.0 chose to mislabel those documents is worth further consideration, especially given public focus on the Foundation documents rather than other Democratic ones. I’ll come back to that.

Throughout the week — both before and after the Guccifer 2.0 release — Stone kept tweeting that he trusted the Wikileaks dump was still coming.

Monday, October 3:

Wednesday, October 5 (though this would have been middle of the night ET):

Thursday, October 6 (again, this would have been nighttime ET, after it was clear Wikileaks had not released on Wednesday):

On October 7, at 4:03PM, David Fahrenthold tweeted out the Access Hollywood video.

On October 7, at 4:32 PM, Wikileaks started releasing the Podesta emails.

Stone didn’t really comment on the substance of the Wikileaks release. In fact, even before the Access Hollywood release, he was accusing Bill Clinton of rape, and he continued in that vein after the release of the video, virtually ignoring the Podesta emails.

For its part, Wikileaks was denying it had any knowing contact with Stone within a week, as it had before. CNN finally reported those denials in the wake of reporting on Stone’s August 2016 contacts with Guccifer 2.0. It’s worth noting that in precisely that time period, Wikileaks managed to discredit a still unexplained US-based hoax launched against Julian Assange, accusing him of soliciting a minor via the online dating site Todd and Claire. In addition, this was the period when the odd Alfa Bank story was being pitched to journalists.

Thus far, anyway, the full chronology suggests that either Stone’s information was only vaguely accurate or Wikileaks delayed its release for a few days. That does weird things to Podesta’s narrative, since either Wikileaks delayed their release so the actually newsworthy part of it — Hillary’s speech excerpts — would be overshadowed (as it was) by the Access Hollywood video, or the Access Hollywood video was timed to coincide with the Wikileaks release — which after all had been announced publicly in a way the Access Hollywood video had not been.

Democrats had more warning of impending emails than Podesta makes out

There’s another part of Podesta’s narrative that deserves review. He liked to suggest he had no idea when his emails were being released — in part, to criticize the FBI for not warning him.

It’s not just that Stone appears to have had a vaguer sense of when the next dump (which, as noted, he appeared to believe would be Clinton Foundation emails) was coming than often made out. Democrats also had more warning than often claimed.

In his December Meet the Press appearance, Podesta made a big deal out of the fact that the FBI had not informed him before the October 7 release.

CHUCK TODD:

This is your personal account that was hacked. I’ve got to think you’re getting updates on the investigation that others would not. What can you share?

JOHN PODESTA:

I will share this with you, Chuck. The first time I was contacted by the F.B.I. was two days after WikiLeaks started dropping my emails.

CHUCK TODD:

Let me pause here.

JOHN PODESTA:

The first, the first–

CHUCK TODD:

Two days after?

But as he went on to reveal, he had seen a document released earlier that he had reason to believe may have been from him (I think, but will have to return to this, that it may have been one of the original Guccifer 2.0 documents).

CHUCK TODD:

But when were you aware that you had been hacked? Before October 7th?

JOHN PODESTA:

I think it was confirmed on October 7th in some of the D.N.C. dumps that had occurred earlier.

CHUCK TODD:

Earlier, yeah.

JOHN PODESTA:

And other campaign officials also had their emails divulge earlier than October 7th. But in one of those D.N.C. dumps, there was a document that appeared to me was– that appeared came– might have come from my account. So I wasn’t sure, I didn’t know, I didn’t know what they had, what they didn’t have. It wasn’t until October 7th when Assange both really in his first statements said things that were incorrect, but started dumping them out and said they were going to all dump out. That’s when I knew that they had the contents of my email account.

Even putting aside Podesta’s suspicion one of the release documents had come from him and Stone’s warnings, Podesta would have had one more warning there would be a further release: from the Christopher Steele reports being done as opposition research for the Hillary campaign.

On September 14, Steele reported that the Russians were considering releasing more emails after the September 18 Duma elections, though the Russians thought they might not have to release any more emails to make Hillary look “weak and stupid.”

Russians do have further “kompromat” on CLINTON (e-mails) and considering disseminating it after Duma (legislative elections) in late September. Presidential spokesman PESKOV continues to lead on this.

[snip]

Continuing on this theme, the senior PA official said the situation was that the Kremlin had further “kompromat” on candidate CLINTON and had been considering releasing this via “plausibly deniable” channels after the Duma (legislative elections) were out of the way in mid-September. There was however a growing train of thought and associated lobby, arguing that the Russians could still make candidate CLINTON look “weak and stupid” by provoking her into railing against PUTIN and Russia without the need to release more of her e-mails.

Curiously, as with all other Wikileaks releases, the publicly-released Steele reports never prospectively confirm a release. Steele’s sources seemed to have little prospective insight to offer about non-public events tied to the release of emails. But on October 12, a report (based on undated early October reporting, which raises questions why the reporting on this wasn’t as quick as on some other reports) notes that the Russians have dumped more anti-Clinton material, which would continue until election day.

Russians have injected further anti-CLINTON material into the “plausibly deniable” leaks pipeline which will continue to surface, but best material already in public domain.

[snip]

Speaking separately in confidence to a trusted compatriot in early October 2016, a senior Russian leadership figure and a Foreign Ministry official reported on recent developments concerning the Kremlin’s operation to support Republican candidate Donald TRUMP in the US presidential election. The senior leadership figure said that a degree of buyer’s remorse was setting in among Russian leaders concerning TRUMP, PUTIN and his colleagues were surprised and disappointed that leaks of Democratic candidate, Hillary CLINTON’s hacked e-mails had not had greater impact on the campaign.

Continuing on this theme, the senior leadership figure commented that a stream of further hacked CLINTON material already had been injected by the Kremlin into compliant western media outlets like Wikileaks, which remained at least “plausibly deniable”, so the stream of these would continue through October and up to the election. However s/he understood that the best material the Russians had already was out and there were no real game-changers to come.

Suffice it to say, even without an FBI warning, Podesta had good reason to expect the emails would occur, though he may have had only a vague idea of the timing.

The other missing detail

Which brings me to one final event from that week that rarely makes the timelines, particularly not the Democratic ones (though Glenn Greenwald pointed out some of it in this post).

From at least the time of the DNC email release in July, Democrats insinuated that Russia and/or Wikileaks had doctored the emails, without ever offering proof, besides the original obvious doctoring of metadata in the Guccifer 2.0 documents (though some DNC people have since credibly claimed that not all of their emails got published). Chief among those people was Malcolm Nance, who was writing a book on the hack. He started warning of spoofed emails in late July. He started pitching his book, which predicted the leaks would include tampering, at the end of September.

And then, just over an hour after the Podesta emails dropped (5:44PM) documents including excerpts from Hillary’s speeches, a pro-Clinton Twitter account responded to Michael Tracey’s observations about the excerpts with a badly faked transcript of a Hillary Goldman Sachs speech.

At 7:25PM, one of the key Russian story commenters linked to it, accusing “Trumpists” of “dirtying docs.” Then at 7:43PM, Nance tweeted, “Official Warning: #PodestaEmails are already proving to be riddled with obvious forgeries & #blackpropaganda not even professionally done.”

Click through to Greenwald’s post to see how it went viral after that (MSNBC’s Joy Reid, who had repeatedly had Nance on, was key to both of Nance’s claims of forgeries go viral), including how it got picked up in the Democrats’ own fake news sites.

Here’s the thing: in multiple places, the guy who later claimed credit, under the name “Marco Chacon,” for the hoax stated he had done the transcript in advance of the release of the emails.

The biggest breakout I had came when a Vice reporter, Michael Tracey, was holding forth on Twitter in the wake of the Podesta Email leaks. He was speaking about the Goldman Sachs transcripts—and I had one.

I had written up a fake Goldman Sachs transcript days before, wherein Hillary Clinton is preparing a run for president and is speaking to the board of directors in 2014 about the coming threat to Wall Street and Washington power. That threat? Bronies, adult male fans of the cartoon My Little Pony: Friendship Is Magic. She has to explain this “Bronie Threat” to them and, in the process, describes a group of internet denizens she calls a “bucket of losers.”

When I tweeted the link and an image of some of the text at Tracey, I did it because I find him to be something of a self-important git and wanted to poke fun at him. I didn’t know at the time that there were Goldman Sachs transcript fragments in the WikiLeaks release.

Note, too, that his claim that when he tweeted the hoax transcript to Tracey, he didn’t know there were Goldman transcripts in the Wikileaks release is laughable: That’s what Tracey’s tweet was about!

Just days later, Kurt Eichenwald would make another claim that Russia had doctored emails that went even more wildly viral (and became among the most remembered fake news stories of the election cycle). In Eichenwald’s discussions with the Sputnik writer in question, Bill Moran, he insisted that spooks had alerted him to the (mis)use of his story.

There is definitely evidence that Roger Stone had at least enough feedback with those leaking stolen emails to know to expect them the first week of October — though he clearly didn’t know precisely when or what to expect. Moreover, he clearly didn’t have an open channel with Assange to find out when the delayed release would be — it appears, instead, he got a warning, but no update.

But there are at least as many reasons to ask whether the Democrats (or perhaps even a government agency) had advance warning of what was coming, and had planned in response.

And all that played out at the time when, per Lisa Monaco, the Intelligence Community made what they viewed as an unprecedented announcement blaming Russia for the hack of the Democrats.

There are definitely reasons to scrutinize Stone’s foreknowledge in all this. But that is by no means the only feedback loop that appears to have been in operation by this point.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.