Posts

Penetrated: Today’s Senate Intelligence Committee Hearing on Russian Interference in the 2016 U.S. Elections

If you didn’t catch the Senate Intelligence Committee hearing on Russian influence on 2016 U.S. election on live stream, you should try to catch a replay online. I missed the first panel but caught the second when University of Michigan Prof. J. Alex Halderman began his testimony with his opening statement.

The same Halderman who questioned the 2016 election could have been hacked based on his expertise.

The same Halderman who hacked a voting machine to play Pac Man.

When asked if it was possible Russia could change votes, Halderman told the SIC that he and a team of students demonstrated they were able to hack DC’s voting system, change votes, and do so undetected in under 48 hours. Conveniently, Fox News interviewed Halderman last September; Halderman explained the DC hack demonstration at that time (see embedded video); the interview fit well with Trump’s months-long narrative that the election was ‘rigged’.

If you aren’t at least mildly panicked after watching the second panel’s testimony and reading Halderman’s statement, you’re asleep or dead, or you just plain don’t care about the U.S.’ democratic system.

Contrast and compare this Senate hearing to the House Intelligence Committee’s hearing with former DHS Secretary Jeh Johnson as a witness. Johnson sent out numerous messages last year expressing his concerns about election integrity, but after listening to the second Senate panel, Johnson should have been hair-on-fire (it’s figure of speech, go with it). But the Obama administration erred out of some twisted sense of heightened sensibility about appropriateness (which would have been better suited to its policies on drone use and domestic surveillance). The excess of caution feels more like foot dragging when viewed through the lens of time and Johnson’s testimony.

Early in the hearing, Johnson as well as DHS witnesses Jeanette Manfra and Samuel Liles said there was no evidence votes were changed. It’s important to note, though, that Johnson later clarifies in a round about way there was no way to be certain of hacking at that time (about 1:36:00-1:41:00 in hearing). I find it incredibly annoying Johnson didn’t simply defer to information security experts about the possibility there may never be evidence even if there were hacks; it’s simply not within in his skill set or experience then or now to say with absolute certainty based on forensic audit there was no evidence of votes changed. Gathering that evidence never happened because federal and state laws do not provide adequately for standardized full forensic audits before, during, or after an election.

Halderman’s SIC testimony today, in contrast, makes it clear our election system was highly vulnerable in many different ways last November.

Based on the additional testimony of a representative of National Association of State Election Directors, the President-Elect of National Association of Secretaries of State (NASS) & Secretary of State, Executive Director of Illinois State Board of Elections Illinois — whose combined testimony revealed lapses in communication between federal, state, and local government combined with gaps in information security education — the election system remains as vulnerable today as it was last autumn.

Nothing in either of these two hearings changed the fact we’ve been penetrated somewhere between 21 and 39 times. Was it good for you?

The Sources for Some Russian Voting Hack Stories Will Not Be Prosecuted

Yesterday, former Homeland Security Secretary Jeh Johnson spent 90 minutes meeting with the Senate Intelligence Committee’s Russian investigators.

Today, Bloomberg reports that Russian probes of election-related targets was far more extensive than previously reported, reaching into 39 states. It relies on three unnamed sources for the story, either including, or in addition to, at least one former senior US official.

In Illinois, investigators found evidence that cyber intruders tried to delete or alter voter data. The hackers accessed software designed to be used by poll workers on Election Day, and in at least one state accessed a campaign finance database. Details of the wave of attacks, in the summer and fall of 2016, were provided by three people with direct knowledge of the U.S. investigation into the matter. In all, the Russian hackers hit systems in a total of 39 states, one of them said.

[snip]

Another former senior U.S. official, who asked for anonymity to discuss the classified U.S. probe into pre-election hacking, said a more likely explanation is that several months of hacking failed to give the attackers the access they needed to master America’s disparate voting systems spread across more than 7,000 local jurisdictions.

[snip]

One former senior U.S. official expressed concern that the Russians now have three years to build on their knowledge of U.S. voting systems before the next presidential election, and there is every reason to believe they will use what they have learned in future attacks. [my emphasis]

The report also uses the document allegedly leaked by Reality Winner as corroboration and confirmation of one of the companies targeted, rather curiously included as a parenthetical comment.

(An NSA document reportedly leaked by Reality Winner, the 25-year-old government contract worker arrested last week, identifies the Florida contractor as VR Systems, which makes an electronic voter identification system used by poll workers.)

The Bloomberg story is critically important, as it should provide pressure on the Republicans for real protections for voting systems, even if they’ll probably ignore that pressure. It provides far more details than the Winner document did. That said, much of this information might come out formally in Jeh Johnson testimony before the House Intelligence Committee.

I raise all this to note that the treatment of Bloomberg’s sources will be dramatically different than that of Winner. I’d bet there won’t even be a referral for this story, especially if it relies on (as is likely) information shared by people protected by the speech and debate clause and/or people who might have been original classification authorities (OCAs — the people who get to decide whether something is classified or not) for this information in the past.

Perhaps that is as it should be. Perhaps our democracy has unofficially agreed that OCAs and congressional staffers should serve as kind of a relief valve, the place where classified information may be leaked without criminal penalty. Perhaps we believe those kinds of people have a better read on whether the interests of leaking outweigh the sensitivity of an issue. Though obviously, when OCAs like David Petraeus become impossible to punish (or former SSCI staff director Bill Duhnke, who was the FBI’s primary suspect for the Merlin leak, but who was protected by the Senate’s refusal to cooperate), that creates a profoundly unequal system of justice. Reality Winner can be prosecuted even while people leaking similar — perhaps even more sensitive — information within weeks might not even be investigated.

To be clear, I don’t want Bloomberg’s sources to be investigated. But we need to acknowledge the double standards for leakers in this country.

Obama Bypassed OLC on Bin Laden Killing

Obama_and_Biden_await_updates_on_bin_LadenThere’s a name missing from Charlie Savage’s latest — a description of the legal analysis behind Osama bin Laden’s killing: Caroline Krass, who served as Acting Head of DOJ’s Office of Legal Counsel from January to September 2011. She’s not mentioned, apparently, because she was not among the four lawyers who collaborated on five memos deeming the raid to be legal.

Weeks before President Obama ordered the raid on Osama bin Laden’s compound in May 2011, four administration lawyers hammered out rationales intended to overcome any legal obstacles — and made it all but inevitable that Navy SEALs would kill the fugitive Qaeda leader, not capture him.

[snip]

Just days before the raid, the lawyers drafted five secret memos so that if pressed later, they could prove they were not inventing after-the-fact reasons for having blessed it. “We should memorialize our rationales because we may be called upon to explain our legal conclusions, particularly if the operation goes terribly badly,” said Stephen W. Preston, the C.I.A.’s general counsel, according to officials familiar with the internal deliberations.

[snip]

This account of the role of the four lawyers — Mr. Preston; Mary B. DeRosa, the National Security Council’s legal adviser; Jeh C. Johnson, the Pentagon general counsel; and then-Rear Adm. James W. Crawford III, the Joint Chiefs of Staff legal adviser — is based on interviews with more than a half-dozen current and former administration officials who had direct knowledge of the planning for the raid.

The account makes it quite clear that Eric Holder was excluded from discussions.

On April 28, 2011, a week before the raid, Michael E. Leiter, the director of the National Counterterrorism Center, proposed at least telling Mr. Holder. “I think the A.G. should be here, just to make sure,” Mr. Leiter told Ms. DeRosa.

This means that on the OBL raid, Donilon excluded the Attorney General in the same way Dick Cheney excluded John Ashcroft from key information about torture and wiretapping. I find that interesting enough, given hints that Holder raised concerns about the legal authority to kill Anwar al-Awlaki in the weeks after we missed him on December 24, 2009, which led to OLC writing two crappy memos authorizing that killing in ways that have never been all that convincing.

But Savage provides no explanation for why Krass was excluded, which is particularly interesting given that the month after OBL’s killing, Savage revealed that President Obama had blown off Krass’ advice on Libya (as I read it, the decision to blow off her advice would have happened after the OBL killing, though I am not certain on that point). The silence about Krass is also remarkable given that she was looped in on the initial Libya decision — and asked to write a really bizarre memo memorializing advice purportedly given after the fact.

On Libya, Krass was looped in on questions addressing precisely the same issues addressed in the OBL killing (indeed, we were assassinating Qaddafi’s family members in Libya, which should have presented many of the same legal questions) both before and (as I understand it) after the OBL killing, but she was apparently not read in at all on the OBL killing itself.

There’s one more reason I think the question of OBL’s killing was more uncertain than laid out here. Savage reveals that even though lawyers had authorized not telling Congress about the raid, Leon Panetta did so on his own anyway.

Mr. Preston wrote a memo addressing when the administration had to alert congressional leaders under a statute governing covert actions. Given the circumstances, the lawyers decided that the administration would be legally justified in delaying notification until after the raid. But then they learned that the C.I.A. director, Leon E. Panetta, had already briefed several top lawmakers about Abbottabad without White House permission.

This is the action of someone — rightly — covering his ass, doing what the law actually requires rather than what his lawyer says it permits.

By the way, any bets on whether SSCI got a copy of that Preston memo, stating that they didn’t need to be informed on covert operations, contrary to the clear language of the National Security Act, before they approved his promotion from CIA General Counsel to DOD General Counsel (where he remains)? I bet no.

Ultimately, Savage depicts an Administration going even further than Cheney had on inventing legal authorizations for secret actions. Obama (and Donilon) will never catch heat for it like Cheney did, because everyone likes dancing on OBL’s watery grave. But make no mistake, this exhibits some of the same behaviors as we criticize Cheney for.

Update: I find this, from Savage’s June 2011 story on Krass, of particular interest given Savage’s description of the decision process on OBL.

The administration followed an unusual process in developing its position. Traditionally, the Office of Legal Counsel solicits views from different agencies and then decides what the best interpretation of the law is. The attorney general or the president can overrule its views, but rarely do.

In this case, however, Ms. Krass was asked to submit the Office of Legal Counsel’s thoughts in a less formal way to the White House, along with the views of lawyers at other agencies. After several meetings and phone calls, the rival legal analyses were submitted to Mr. Obama, who is a constitutional lawyer, and he made the decision.

A senior administration official, who spoke on the condition of anonymity to talk about the internal deliberations, said the process was “legitimate” because “everyone knew at the end of the day this was a decision the president had to make” and the competing views were given a full airing before Mr. Obama.

The Pro-Scrub Language Added to CISA Is Designed to Eliminate DHS’ Scrub

I’ve been comparing the Manager’s Amendment (MA) Richard Burr and Dianne Feinstein introduced Wednesday with the old bill.

A key change — one Burr and Feinstein have highlighted in their comments on the floor — is the integration of DHS even more centrally in the process of the data intake process. Just as one example, the MA adds the Secretary of Homeland Security to the process of setting up the procedures about information sharing.

Not later than 60 days after the date of the enactment of this Act, the Attorney General and the Secretary of Homeland Security shall, in coordination with the heads of the appropriate Federal entities, develop and submit to Congress interim policies and procedures relating to the receipt of cyber threat indicators and defensive measures by the Federal Government. [my emphasis]

That change is applied throughout.

But there’s one area where adding more DHS involvement appears to be just a show: where it permits DHS conduct a scrub of the data on intake (as Feinstein described, this was an attempt to integrate Tom Carper’s and Chris Coons’ amendments doing just that).

This is also an issue DHS raised in response to Al Franken’s concerns about how CISA would affect their current intake procedure.

To require sharing in “real time” and “not subject to any delay [or] modification” raises concerns relating to operational analysis and privacy.

First, it is important for the NCCIC to be able to apply a privacy scrub to incoming data, to ensure that personally identifiable information unrelated to a cyber threat has not been included. If DHS distributes information that is not scrubbed for privacy concerns, DHS would fail to mitigate and in fact would contribute to the compromise of personally identifiable information by spreading it further. While DHS aims to conduct a privacy scrub quickly so that data can be shared in close to real time, the language as currently written would complicate efforts to do so. DHS needs to apply business rules, workflows and data labeling (potentially masking data depending on the receiver) to avoid this problem.

Second, customers may receive more information than they are capable of handling, and are likely to receive large amounts of unnecessary information. If there is no layer of screening for accuracy, DHS’ customers may receive large amounts of information with dubious value, and may not have the capability to meaningfully digest that information.

While the current Cybersecurity Information Sharing Act recognizes the need for policies and procedures governing automatic information sharing, those policies and procedures would not effectively mitigate these issues if the requirement to share “not subject to any delay [or] modification” remains.

To ensure automated information sharing works in practice, DHS recommends requiring cyber threat information received by DHS to be provided to other federal agencies in “as close to real time as practicable” and “in accordance with applicable policies and procedures.”

Effectively, DHS explained that if it was required to share data in real time, it would be unable to scrub out unnecessary and potentially burdensome data, and suggested that the “real time” requirement be changed to “as close to real time as practicable.”

But compare DHS’s concerns with the actual language added to the description of the information-sharing portal (the new language is in italics).

(3) REQUIREMENTS CONCERNING POLICIES AND PROCEDURES.—Consistent with the guidelines required by subsection (b), the policies and procedures developed and promulgated under this subsection shall—

(A) ensure that cyber threat indicators shared with the Federal Government by any entity pursuant to section 104(c) through the real-time process described in subsection (c) of this section—

(i) are shared in an automated manner with all of the appropriate Federal entities;

(ii) are only subject to a delay, modification, or other action due to controls established for such real-time process that could impede real-time receipt by all of the appropriate Federal entities when the delay, modification, or other action is due to controls—

(I) agreed upon unanimously by all of the heads of the appropriate Federal entities;

(II) carried out before any of the appropriate Federal entities retains or uses the cyber threat indicators or defensive measures; and

(III) uniformly applied such that each of the appropriate Federal entities is subject to the same delay, modification, or other action; and

This section permits one of the “appropriate Federal agencies” to veto such a scrub. Presumably, the language only exists in the bill because one of the “appropriate Federal agencies” has already vetoed the scrub. NSA (in the guise of “appropriate Federal agency” DOD) would be the one that would scare people, but such a veto would equally as likely to come from FBI (in the guise of “appropriate Federal agency” DOJ), and given Tom Cotton’s efforts to send this data even more quickly to FBI, that’s probably who vetoed it.

If you had any doubts the Intelligence Community is ordering up what it wants in this bill, the language permitting them a veto on privacy protections should alleviate you of those doubts.

On top of NSA and FBI’s veto authority, there’s an intentional logical problem here. DHS is one of the “appropriate Federal agencies,” but DHS is the entity that would presumably do the scrub. Yet if it can’t retain data before any other agency, it’s not clear how it could do a scrub.

In short, this seems designed to lead people to believe there might be a scrub (or rather, that under CISA, DHS would continue to do the privacy scrub they are currently doing, though they are just beginning to do it automatically) when, for several reasons, that also seems to be ruled out by the bill. And ruled out because one “appropriate Federal agency” (like I said, I suspect FBI) plans to veto such a plan.

So it has taken this Manager’s Amendment to explain why we need CISA: to make sure that DHS doesn’t do the privacy scrubs it is currently doing.

I’ll explain in a follow-up post why it would be so important to eliminate DHS’ current scrub on incoming data.

The Financial Services Roundtable Wants to Terrify You into Giving Them More Immunity

The policy discussion about the many ways that the Cyber Information Sharing Act not only doesn’t do much to prevent the hacking of public and private networks, but in key ways will make it worse, must be making its mark. Because the Financial Services Roundtable, one of the key corporatist groups backing the bill, released this YouTube full of scary warnings but absolutely zero explanation about what CISA might do to increase cybersecurity.

Indeed, the YouTube is so context free, it doesn’t note that Susan Collins, the first person who appears in the video, has called for mandatory reporting from some sectors (notably, aviation), which is not covered in the bill and might be thwarted by the bill. Nor does it mention that the agency of the second person that appears in the video, Department of Homeland Security Secretary Jeh Johnson, has raised concerns about the complexity of the scheme set up in CISA, not to mention privacy concerns. It doesn’t note that the third person shown, House Homeland Security Chair Michael McCaul, favored an approach that more narrowly targeted the information being shared and reinforced the existing DHS structure with his committee’s bill.

Instead of that discussion … “Death, destruction, and devastation!” “Another organization being hacked!” “Costing jobs!” “One half of America affected!” “What is it going to take to do something?!?!?!”

All that fearmongering and only one mention of the phrase “information sharing,” much less a discussion of what the bill in question really does.

In August, the head of the FSR, Tim Pawlenty, was more honest about what this bill does and why his banks like it so much: because it would help to hide corporate negligence.

“If I think you’ve attacked me and I turn that information over to the government, is that going to be subject to the Freedom of Information Act?” he said, highlighting a major issue for senators concerned about privacy.

“If so, are the trial lawyers going to get it and sue my company for negligent maintenance of data or cyber defenses?” Pawlenty continued. “Are my regulators going to get it and come back and throw me in jail, or fine me or sanction me? Is the public going to have access to it? Are my competitors going to have access to it? Are they going to be able to see my proprietary cyber systems in a way that will give up competitive advantage?”

That is, the banks want to share information with the government so it can help those private corporations protect themselves (without paying for it, really, since banks do so well at dodging taxes), without any responsibility or consequences in return. “Are my regulators going to get [information about how banks got attacked] and come back and throw me in jail, or fine me, or sanction me?” the banks’ paid lobbyist worries. As the author of this bill confirmed last week, this bill will undercut regulators’ authority in case of corporate neglect.

The example of banks dodging responsibility in the past — possibly aided by a similar (albeit more rigorous) information sharing regime under the Bank Secrecy Act — provides all the evidence for how stupid this bill would be. We need corporations to start bearing liability for outright negligence. And this bill provides several ways for them to avoid such liability.

Don’t succumb to bankster inciting fear. America will be less safe if you do.

Cyber-Unicorn Journalists Shocked the Unicorn Didn’t Appear, Again

When last we checked in on claims the US was going to cyber-deter China, I suggested people should understand the underlying dynamics at work.

Before people start investing belief in unicorn cyber deterrence, they’d do well to understand why it presents us such a tough problem.

That was 11 days ago. Since then, James Clapper has claimed (I’m not necessarily endorsing this claim as true, especially given the timing) the US isn’t even 100% sure China is behind the OPM hack — in part because we’ve lost some monitoring capabilities in recent years — all while making it clear we don’t consider it an attack because we do precisely the same thing to China. At the same time, top level US and Chinese officials met in anticipation of Xi Jinping’s visit. Here’s the White House readout of that meeting.

From September 9-12, senior Administration officials held a series of meetings with Secretary of the Central Political and Legal Affairs Commission of the Communist Party of China Meng Jianzhu in Washington, D.C.  Mr. Meng traveled to Washington as President Xi Jinping’s Special Envoy to discuss cybersecurity and other issues in advance of President Xi’s State Visit. Secretary of Homeland Security Jeh Johnson hosted Mr. Meng during his visit. In this capacity, Secretary Johnson convened a meeting between members of the Chinese delegation and representatives from the Departments of State, Treasury, Justice, Federal Bureau of Investigation, and the Intelligence Community.  In addition, FBI Director Comey also met with Mr. Meng at FBI headquarters for discussions. National Security Advisor Susan E. Rice received Mr. Meng for a meeting at the White House, where she had a frank and open exchange about cyber issues.

Remember: China is believed to have all of Jim Comey and Jeh Johnson’s security clearance files (probably Susan Rice’s as well). Comey in particular keeps raising that point. That surely adds something to such negotiations, knowing that your interlocutor has read a ready-made intelligence portfolio that your own government compiled on you.

Now the journalists who keep reporting that the US is about to, honest to god, this time they mean it, sanction China for its hacking report that sanctions are off the table for now, in part because those negotiations resulted in some kind of cyber agreement.

The United States will not impose economic sanctions on Chinese businesses and individuals before the visit of China President Xi Jinping next week, a senior administration official said Monday.

The decision followed an all-night meeting on Friday in which senior U.S. and Chinese officials reached “substantial agreement” on several cybersecurity issues, said the administration official, who spoke on the condition of anonymity because of the topic’s sensitivity.

The potential for sanctions in response to Chinese economic cyberespionage is not off the table and China’s behavior in cyberspace is still an issue, the official said. “But there is an agreement, and there are not going to be any sanctions” before Xi arrives on Sept. 24, the official said.

The breakthrough averted what would have raised a new point of tension with the Chinese that could have overshadowed the meeting — and Xi’s first state visit.

“They came up with enough of a framework that the visit will proceed and this issue should not disrupt the visit,” the official said. “That was clearly [the Chinese] goal.”

The reporting on this appears to be problematic, in part, because sources for these stories themselves misunderstand the issue.

Yet what that agreement is remains unclear. Two U.S. officials told The Daily Beast that substantial disagreement remains between the U.S. and China. China insists that it’s the victim of cyber spying, not a perpetrator. But the U.S. has filed criminal charges against Chinese officials for their role in stealing trade secrets and intellectual property from American companies.

[snip]

[CSIS Deputy Director Scott] Kennedy noted that given the length of time Meng was in Washington, his visit almost certainly covered other issues, including China’s efforts to hunt down Chinese nationals accused of crimes who are living abroad. U.S. law enforcement officials have complained that Chinese state security operatives are working in this country illegally and trying to intimidate Chinese people living here legally.

Remember, “US official” is journalistic code often used for members of Congress or contractors. And if these (possible) members of Congress don’t understand that the US sensors embedded in China’s networks are incredibly invasive cyber spying, if whoever claimed that our indictment for stealing information on trade disputes (something we spy on too) believes that we indicted for stealing IP, if those sources can’t imagine we might respond to the OPM hack by cracking down on extraordinary Chinese agents in the US, then those sources aren’t appreciating the real power dynamics at stake. And we’re going to continue to have journalism on this topic that serves more to provide a convenient narrative than to inform.

Thank you for playing, thank you for providing the appearance of a threat to placate Congress and drive a narrative of a tough negotiation, all while not laying out how the OPM hack changes things.

Several things seem to have been missed in this recent round of cyber-deterrence unicorn reporting. While China’s crashing stock market (renewed again today) provides a bit more leverage for the US against China — among other things, it raises the value Chinese elites would place on their US property and holdings, though China itself wants to pressure some of the same elites — it is still not in our best interest to antagonize this relationship. Moreover, whatever additional leverage we’ve got economically is more than offset by the OPM and related hacks, which China could use in any number of ways to really damage the US, especially given so many of our other critical systems — public and private, and I suspect that’s part of what some of the related hacks have been designed to demonstrate — remain insecure.

Most importantly, even before the Snowden leaks, the US had a real interest in finding some kind of norms that would make the cyber realm less volatile. That’s probably even more true now, because (as Clapper said, and this part I believe) our adversaries have been hardening their own defenses while stealing information that turns out to be more valuable to the US, meaning we don’t have such asymmetric advantage in the cyber realm anymore.

This comes at a time when Congress has become adamantly opposed to anything that resembles negotiations, because to them it looks like weakness. And most seem not to understand the stakes behind the reasons why the OPM hack cannot be considered an attack.

So if some credulous reporting created the space for such an agreement, great!

A Tale of Celebrity Bon Vivant Civil Servants and Access Journalism

Screen Shot 2015-07-02 at 12.27.12 PMThere is a distinct problem in this country with excessive inbreeding of politicians, lobbyists and journalists. In a country where so many are now ruled by so few in power, it is becoming, if not already become, the biggest threat to American democracy. I would add in corporations, but, heck, who do you think the politicians, lobbyists and journalists represent at this point?

Now, corporations and their money through their mouthpiece lobbyists have long had a stranglehold on politics, whether through the corps themselves or their wealthy owners. But the one saving mechanism has historically been claimed to be the “Fourth Estate” of the American press who were there on behalf of the people as a check on power. But what if the Fourth Estate becomes, in fact, part of the power? What then?

What if the crucial check on federal and state power is by journalists who are little more than stenographers clamoring for access and/or co-opted social friends and elites with the powers that be? What if the sacrosanct civil servants of this country are nothing but Kardashian like shills out for a free gilded ride before they leave office to cash in with private sector riches befitting their holiness?

Golly, if only there was an example of this incestuous degradation. Oh, wait, get a load of this just put up by Kate Bennett’s KGB File at Politico:

In a generally stay-at-home administration, one member of the Obama Cabinet is proving to be the toast of the town. Jeh Johnson, the oh-so-serious-on-the-outside secretary of Homeland Security, is fast becoming Washington’s No. 1 social butterfly, dining out at posh restaurants like CityCenter’s DBGB, as he did last week with a small group that included Amy Klobuchar, Steny Hoyer, CNN’s Jim Sciutto, the New York Times’ Ashley Parker, author Aaron Cooley, and lobbyist Jack Quinn and his wife Susanna.

For a guy who’s been running a 24/7 war against terror since 2013, Johnson seems to have a lot of time to trip the light fantastic. He can often be seen enjoying regular catch-up sessions with BFF Wolf Blitzer at Café Milano (back table, naturally); and mingling at black-tie soirées, such as the Kennedy Center Spring Gala, the Opera Ball, or a champagne-fueled VIP garden party at Mount Vernon to toast French-American relations, all of which Johnson attended—and stayed at beyond the requisite cocktail-hour schmooze.
Story Continued Below

“There’s rarely an invitation he’ll turn down,” says an aide to Johnson, who prefers to remain anonymous, of his boss’s penchant for spending three-to-four evenings a week at social functions — and actually enjoying them.

I am not going to bother to dissect that, it speaks all too clearly for itself. And it is hard to figure which is more pukeworthy, the bon vivant civil servant or the elitism displayed by the supposed watcher last bastion journalists. It is all of the same cloth.

What’s wrong in Washington DC? Here you go. When the pathology on the boneyard of American democracy is run, this vignette will appear.

Maybe this is why Tom Vilsack could find a spare couple of hours out of one of his days to explain in a deposition why he and the Obama Administration knee jerkily demanded Shirley Sherrod’s resignation based upon a crank fraudulent video by a schlock like Andrew Breitbart.

Because “Executive Privilege” now means “Privileged Executives” who can party all night with their elitist journalistic pals and screw the rest of the government, and people it serves, during the day. Just like the Founders envisioned obviously.

Obama Should Only Nominate Jeh Johnson If He Plans on Breaking Up DHS

There are multiple reports that President Obama is considering nominating Jeh Johnson to head DOD.

I get the attraction. Obama and Johnson get along well. Johnson only recently left DOD, so he knows it — and the legal loopholes it exploits — well. And in Johnson, Obama would have someone who would gloss his warmaking as something noble.

I even think Obama might welcome the way such a nomination would heighten the confrontation with the GOP on immigration.

Still, Johnson has served as head of DHS for less than a year. His tenure is only now marking a transition from a period during which DHS had such a wildly spinning revolving door that it could begin to serve its alleged mission.

An exodus of top-level officials from the Department of Homeland Security is undercutting the agency’s ability to stay ahead of a range of emerging threats, including potential terrorist strikes and cyberattacks, according to interviews with current and former officials.

Over the past four years, employees have left DHS at a rate nearly twice as fast as in the federal government overall, and the trend is accelerating, according to a review of a federal database.

The departures are a result of what employees widely describe as a dysfunctional work environment, abysmal morale, and the lure of private security companies paying top dollar that have proliferated in Washington since the Sept. 11, 2001, attacks.

And all that’s on top of DHS’s almost impossible mandate, both because it is either too big or poorly defined.

Look, I’m sure Johnson’s a nice guy and maybe a great manager (he hasn’t been in place long enough for us to know).

But if DHS is a necessary agency, if its domestic spying and immigration and cybersecurity and disaster recovery missions are vital to this nation, if it is going to survive as a many-headed monster, then it should have the person Obama thinks is his best Agency head leading it. If that person is Johnson — as Obama’s consideration of him to lead DOD suggests — then moving him would seem to be a concession that DHS, and its obvious failures, really isn’t all that important after all.

If Obama moves Johnson from DHS to DOD, he should, at the same time, break DHS back up into more manageable agencies, declare the whole experiment an expensive failure, eliminate the word “Homeland” from our vocabularies. Because it is not working, and if there’s no urgency to make it work, then we should break it up into parts that can function competently again.

 

Trent Franks and the EMP Threat to the Electrical Grid

At a House Judiciary Committee oversight hearing for Department of Homeland Security today, Trent Franks implored DHS Secretary Jeh Johnson to consider the threat of electromagnetic pulse or geomagnetic disturbance to the electrical grid because “we have additional information that seems to indicate the threat is more significant than we have been aware of.”

Franks also submitted an amendment to the Intelligence Authorization requiring the Director of National Intelligence to report on the threat EMPs pose to the US through 2025.

I have no idea whether this is credible or not. Franks is not one of the Members of Congress I consider to be the most reliable (and our resident desert rat has even less complimentary things to say).

But golly. Franks sure seems worried about the EMP threat of late.

 

Why Would Jeh Johnson Suggest the Drone and/or Targeted Killing Court Would Be Bipartisan?

I’ll have more to say about Jeh Johnson’s skeptical speech on a drone and/or targeted killing court later.

But I wanted to point to this detail:

Our government finds itself in a lose-lose proposition: it fails to officially confirm many of its counterterrorism successes, and fails to officially confirm, deny or clarify unsubstantiated reports of civilian casualties.

Our government’s good efforts for the safety of the people risks an erosion of support by the people.

It is in this atmosphere that the idea of a national security court as a solution to the problem — an idea that for a long time existed only on the margins of the debate about U.S. counterterrorism policy but is now entertained by more mainstream thinkers such as Senator Diane Feinstein and a man I respect greatly, my former client Robert Gates – has gained momentum.

To be sure, a national security court composed of a bipartisan group of federal judges with life tenure, to approve targeted lethal force, would bring some added levels of credibility, independence and rigor to the process, and those are worthy goals.

In the eyes of the American public, judges are for the most part respected for their independence.

In the eyes of the international community, a practice that is becoming increasingly controversial would be placed on a more credible footing. [my emphasis]

As I understand it, the model under discussion is simply to give the existing FISA Court the additional task of reviewing kill decisions, not creating a new court.Yet the FISA Court — whose judges are appointed by the Chief Justice of the Supreme Court (and therefore, for the entire life of the FISA Court, by a Republican appointee) — is in no way bipartisan.

Read more