Richard Burr’s Tacit Warning to Christopher Steele

I’m just now catching up to Richard Burr and Mark Warner’s press conference on the Russia investigation yesterday. I saw some folks questioning why they did the presser, which surprises me. The answer seems obvious. They did the presser to release and apply pressure from specific areas of the investigation. For example, Burr exonerated those involved in the Mayflower Hotel meetings on April 2016 and further argued that the GOP platform was not changed to let Russia off the hook for Ukraine (I think the latter conclusion, in any case, is correct; I’m less persuaded about the first). Warner used the presser to push for Facebook to release the ads sold to Russia.

A particularly instance of this — one that I believe has been misunderstood by those who’ve reported it thus far — pertains to the Steele dossier. Here’s what Burr said about it, working off of prepared remarks (meaning issuing this tacit warning was one purpose of the presser; after 16:00):

As it relates to the Steele dossier: unfortunately the committee has hit a wall. We have on several occasions made attempts to contact Mr. Steele, to meet with Mr. Steele, to include, personally, the Vice Chairman and myself as two individuals, of making that connection. Those offers have gone unaccepted. The committee cannot really decide the credibility of the dossier without understanding things like who paid for it? who are your sources and sub-sources? We’re investigating a very expansive Russian network of interference in US elections. And though we have been incredibly enlightened at our ability to rebuild backwards, the Steele dossier up to a certain date, getting past that point has been somewhat impossible. And I say this because I don’t think we’re going to find any intelligence products that unlock that key to pre-June of ’16. My hope is that Mr. Steele will make a decision to meet with either Mark and I or the committee or both, so that we can hear his side of it, versus for us to depict in our findings what his intent or what his actions were. And I say that to you but I also say that to Chris Steele.

People seem to interpret this to mean SSCI hasn’t been able to corroborate the dossier — a point on which Burr is ambiguous. He references intelligence products that might unlock secrets of the dossier, which might suggest the committee has found intelligence products from later in the process that either confirms or doesn’t the events as the dossier as produced.

More important, however, is his reference to June 2016. While it seems like Burr might be suggesting the committee has found no evidence on collusion dating to before that date, that would seem to be inconsistent with the committee having received information on Michael Cohen’s discussions of financial dealings from before June (though given Burr’s exoneration of the Mayflower attendees, he may deem the earlier activities to be inconclusive).

So it seems more likely Burr raised the June 2016, along with his question about how paid for the report, to suggest he has real questions about whether its findings served as a partisan effort to taint Trump, paid for by a still undisclosed Hillary backer.

If Christopher Steele won’t talk about what intelligence he had on Trump before the time when, in June 2016, he reported on Russia providing kompromat (though not, at that point, hacked emails) on Hillary to Trump’s team, Burr seems to be saying, then it will be far easier to question his motivations and the conclusions of the report. And frankly, given some of the details on the Steele dossier — especially Steele’s briefings to journalists and his claim that the customers for the brief never read it — Burr is right to question that.

In other words, one point of the presser, it seems to me, was for Burr to warn Steele that his dossier will not be treated as a credible piece of work unless and until the committee gets more details about the background to it.

Update: Apparently, Steele responded to Burr’s comments by informing the committee he is willing to meet with Burr and Warner.

Mark Warner’s Inconsistent Social Media Law-Mongering

Remember when, three weeks ago, people were shooting off their baby cannons because two reports kind of sort of claimed that Robert Mueller used a criminal search warrant to obtain details on Facebook’s ad sales to the Internet Research Association? I noted at the time that the logic behind those stories — that Facebook would have needed a warrant (as opposed to a 2703(d) order or a 702 directive) to obtain that information — was faulty. I’ve since become more certain that a D order was used in this case.

But since the stories were so dodgy, I assumed then they weren’t actually reporting about the investigation, but rather pressure on the part of Mark Warner to force Facebook to share the same data with Congress, including leaving (rather than just showing) ads.

And it worked! Last week and this week, Facebook did share those ads, with all the more leaks about them.

Unsurprisingly, Mark Warner is back, now insisting that Facebook should release all those ads that he or someone close to him just weeks ago was suggesting could only be released with a criminal search warrant, but now wants released with neither legal process nor a congressional oversight claim to force it.

I get why he wants that to happen. Even on top of informing the public about what happened in last year’s election, Warner would like to embarrass Facebook into accepting more sweeping regulation of political ads, which is a totally respectable goal.

But I find it amusing that the same people who, weeks ago, were certain that such materials were so private they could only be released with a search warrant are now arguing they should be released with no process whatsoever.

And whatever the beneficial goal here, there’s also the precedent of protection for private data. Do we really want it to be possible for (say) Russia to force Facebook to release all the information on the NGOs that target Russian users? Do we want Jeff Sessions’ DOJ to be able to force Facebook to release the details of those who oppose Trump without legal process?

I don’t expect Warner to be bound by those considerations — he’s trying to win a political battle (and doing a remarkably effective job). But I’d expect those reporting on this story to show some awareness of the claims they made about the sensitivity of this data just weeks ago.

It’s Not the Economy, Stupid

Despite Bill Clinton’s famous catchphrase that he rode to two terms in the White House, and despite its echo in the 2016 campaign when Trump voters were described as acting out of “economic anxiety”, politics in the United States in my lifetime comes down, first and foremost, to racism. Yes, in Trump’s case and for most Republicans in office, there is a hefty dose of misogyny mixed in, but the animus against those who are not old, rich, white males unites their hatred.

Russia affected the 2016 contest. Clearly. But one of their primary tools was to stoke racial animus. Another huge impact on the actual outcome of the election was the outright suppression of minority votes by Republicans. It now appears that they may well have tipped the Wisconsin vote through suppression. And all those millions of votes for Trump, in the end, amount to nothing more than a huge endorsement of his outright racism. In the end, they came out on top with a little help from Republican policies expressly developed to prevent minorities from voting.

Trump is America’s racism unmasked and he would not be President if there weren’t a huge racist component to American culture today. The primary home for that racism is the Republican party.

The last few days have shown Trump revealing both his deep-seated racism and his cynical understanding that virtually his only support now is rooted in America’s racism. He tried his best to make his response to NFL protests be about the flag and patriotism. But that is most definitely NOT what Colin Kaepernick was protesting when he started this movement in August of 2016:

San Francisco 49ers quarterback Colin Kaepernick has willingly immersed himself into controversy by refusing to stand for the playing of the national anthem in protest of what he deems are wrongdoings against African Americans and minorities in the United States.

His latest refusal to stand for the anthem — he has done this in at least one other preseason game — came before the 49ers’ preseason loss to Green Bay at Levi’s Stadium on Friday night.

“I am not going to stand up to show pride in a flag for a country that oppresses black people and people of color,” Kaepernick told NFL Media in an exclusive interview after the game. “To me, this is bigger than football and it would be selfish on my part to look the other way. There are bodies in the street and people getting paid leave and getting away with murder.”

Making matters even worse, NFL teams and even billionaire NFL owners–the very parties responsible for Kaepernick still not being on a roster despite abysmal quarterback play on several teams–came out with what some folks saw as admirable statements and actions in response to Trump calling for owners to “fire the sons of bitches” who kneel during the national anthem. The best response to that development came from Shannon Sharpe. If you haven’t seen it yet, watch the entire statement, it is a thing of beauty and something that every American needs to hear:

So what are we to do?

First, those of us who carry the advantage of being old, white males who are at least comfortable if not rich must speak up every time there is an instance of racial injustice. Especially at the local level, when the police treat minorities without respect, make it known that this will not stand. Support larger groups that are working to promote racial justice.

But perhaps it is also worth taking look at our own lives. What aspects of our own lives help to perpetuate racial injustice? Even simple actions can accumulate. The next time you reconcile a credit card statement, take a look at your choices. Do you only eat at faceless chain restaurants? When was the last time you had a meal at a locally owned restaurant with a minority owner? Those are likely some of the best eating establishments in your town if you take the time to look around and try some new cuisines.

How about schools? Do you send your kids to private schools, most of which have been established to get around integration? Worse yet, do you send them to charter schools, which are set up expressly to take money away from public schools?

How about your place of worship? Is it integrated? Does it have any activities or programs aimed at racial justice?

One small action that I’ve decided to take is that I won’t watch another down of NFL football until Colin Kaepernick has been signed by a team.

Trump is the poster child for American racism, but we could all benefit from spending a little time thinking about our own roles both in how he came to be President and what we can do to make sure his sort never gets there again.

Did President Trump Violate Federal Law With His Alabama Rant?

I wrote yesterday about the racial, social and football implications of Trump’s rant in the history and home of George Wallace.

But a new, and by all appearances excellent, commenter on that post noted this:

“It occurs to me that his tweets are at least arguably in violation of 18 U.S. Code § 227. That section prohibits the POTUS (among others), from “attempting to influence or interfere” in a private company’s labor matter, to urge a “political” firing. This is especially true where the basis for the POTUS’s urging of the firing of such a private company employee (union covered, collective bargaining agreement governed) — is (as here) centered on protected political first amendment expression.”

So, is that right? Well, it is a LOT closer call than most would dismissively think. Let’s look at the language of the relevant statute, 18 USC §277:

18 U.S. Code § 227 – Wrongfully influencing a private entity’s employment decisions by a Member of Congress or an officer or employee of the legislative or executive branch:

(a) Whoever, being a covered government person, with the intent to influence, solely on the basis of partisan political affiliation, an employment decision or employment practice of any private entity—
(1) takes or withholds, or offers or threatens to take or withhold, an official act, or
(2) influences, or offers or threatens to influence, the official act of another,
shall be fined under this title or imprisoned for not more than 15 years, or both, and may be disqualified from holding any office of honor, trust, or profit under the United States.
(b) In this section, the term “covered government person” means—
(1) a Senator or Representative in, or a Delegate or Resident Commissioner to, the Congress;
(2) an employee of either House of Congress; or
(3) the President, Vice President, an employee of the United States Postal Service or the Postal Regulatory Commission, or any other executive branch employee (as such term is defined under section 2105 of title 5, United States Code).

Read the statute. It is a lot closer call than you think. Will Trump’s own Department of Justice pursue this? No, no chance, nor probably should it be. Is it a viable question, and one that ought be discussed in the public and media, yes, absolutely.

As sports law “experts” would say, let’s break it down. There are elements to a crime. Trump is unequivocally a “covered person” within the ambit of the statute. Also unequivocal is the fact that his words in Alabama were meant to influence “an employment decision or employment practice of any private entity”, in this case, the National Football League.

The problem lies in section (a)(1) of the relevant statute, which requires:

takes or withholds, or offers or threatens to take or withhold, an official act

It is easy to see and admit that Trump would do just that in a heartbeat. But Trump did not do that per se in his Alabama speech.

No. That element cannot be met by Donald J. Trump’s Alabama Song of hate. So, no, there is no exposure to 18 USC §227.

It is a great thought and question though.

And it is a perfect example of the precipice of racism, bigotry and ignorance on which the political discussion in the United States, and our Article II Executive Branch, courtesy of President Trump, nows perilously treads nearly every day.

The events and actions in and from the NFL today, tomorrow, and in the next few weeks pale in comparison. They are a symbol and a voice. But it is so much more and bigger than that.

How to Read the DHS Targeted States Information

Yesterday, DHS informed the states that had their registration databases targeted by Russian hackers last year. There has been an outright panic about the news since states started revealing they got notice, so I thought it worthwhile to describe what we should take away from the notice and subsequent reporting:

  • “Most” of the 21 targeted states were not successfully hacked
  • Some targeted states were successfully hacked
  • Not all swing states were targeted, not all targeted states are swing states
  • These hacks generally do not involve vote tallying
  • These hacks do not involve hacking voting machines
  • These hacks do not involve other voter suppression methods — whether by GOP or Russians
  • Notice needs to improve

The AP has done good work tracking down which states got notice they were targeted, identifying the 21 targeted states. Those targeted states were:

  1. Alabama
  2. Alaska
  3. Arizona
  4. California
  5. Colorado
  6. Connecticut
  7. Delaware
  8. Florida
  9. Illinois
  10. Iowa
  11. Maryland
  12. Minnesota
  13. North Dakota
  14. Ohio
  15. Oklahoma
  16. Oregon
  17. Pennsylvania
  18. Texas
  19. Virginia
  20. Washington
  21. Wisconsin

 

“Most” of the 21 targeted states were not successfully hacked

This list of 21 states does not mean that Russians successfully hacked 21 states. All it means is Russians probed 21 states. And the AP says “most” were not successful. WI, WA, and MN have said the attacks on them were not successful.

Thus, for “most” of these states, the impact is the same as the reports that Russians were attempting, unsuccessfully, to phish engineers in the energy industry: it is cause for concern, but unless new intelligence becomes available, it means that for those “most” states these probes could not affect the election.

Some targeted states were successfully probed

Of course, by saying that “most” attacks were not successful, you’re admitting that “some” were. We only know IL and AZ to have successfully been breached.

This means this story may not be done yet: reporters, especially state based ones, are going to have to get their voting officials to provide details about the attacks and it may take some FOIA work.

Mind you, a successful hack still doesn’t mean that the election was affected (as I believe to be the understanding with respect to AZ, though there is more dispute about IL). It might be that the hackers just succeeded in getting into the database. It may be that they succeeded only in downloading the voter registration database — which in many states, is readily available, and which is nowhere near the most interesting available data for targeting in any case.

In my opinion, the most effective way to affect the outcome of the election via voter registration databases is not to download and use it for targeting, but instead, to alter the database, selectively eliminating or voiding the registration of voters in targeted precincts (which of course means the hackers would need to come in with some notion of targets). Even changing addresses would have the effect of creating lines at the polls.

Altering the database would have the same effect as an existing GOP tactic does. In many states, GOP secretaries of state very aggressively purge infrequent voters. Particularly for transient voters (especially students, but poorer voters are also more likely to move from year to year), a voter may not get notice they’ve been purged. This has the effect of ensuring that the purged voter cannot vote, and also has the effect of slowing the voting process for voters who are registered.  In other words, that’s the big risk here — that hackers will do things to make it impossible for some voters to vote, and harder for others to do so.

Not all swing states were targeted, not all targeted states are swing states

The list of targeted states is very curious. Some targeted states are obvious swing states — WI, PA, FL, and VA were four of the five states where the election was decided. But MI is not on there, and NC, another close state, is not either.

In addition, a lot of these states are solidly red, like AL and OK. A lot of them are equally solidly blue, like CA and CT. So if the Russians had a grand scheme here, it was not (just) to flip swing states.

These hacks generally do not involve vote tallying

DHS has said that these hacks do not involve vote tallying. That means these disclosed probes, even assuming they were successful, are not going to explain what may seem to be abnormalities in particular states’ tallies.

These hacks do not involve hacking voting machines

Nor do these hacks involve hacking voting machines (which is covered, in any case, by the denial that it involves vote tallying).

Yes, voting machines are incredibly vulnerable. Yes, it would be child’s play for a hacker — Russian or American — to hack individual voting machines. With limited exceptions, there been no real assessment of whether individual machines got hacked (though it’d generally be easier to affect a local race that way than the presidential).

These hacks do not involve other voter suppression methods — whether by GOP or Russians

This list of 21 targeted states does not represent the known universe of Russian voting-related hacking.

It does not, for example, include the targeting of voting infrastructure contractors, such as VR Systems (which Reality Winner faces prison for disclosing). There’s good reason to at least suspect that the VR Systems hack may have affected NC’s outcome by causing the most Democratic counties to shift to paper voting books, resulting in confusion and delays in those counties that didn’t exist in more Republican ones.

And they don’t include any Russian social media-related support or suppression, which we’re getting closer to having proof of right now.

Importantly, don’t forget that we know Republicans were engaging in all these techniques as well, with far better funding. Russians didn’t need to hack WI and NC given how much organized suppression of voters of color took place. Republican secretaries of state had the power to purge voters on trumped up excuses without engaging in any hacking.

Do not let the focus on Russian tampering distract from the far more effective Republican suppression.

Notice needs to be improved

Finally, the other big story about this is that some states only got notice they were targeted yesterday, some even after having partnered with DHS to assess their voting infrastructure.

DHS has used classification, in part, to justify this silence, which is an issue the Intelligence Committees are trying to address in next year’s authorization. But that’s particularly hard to justify that many of these same states have run elections since.

Mind you, we’re likely to see this debate move to the next level — to demanding that state officials disclose full details about their state’s infrastructure to citizens.

In any case, if we’re to be able to use democratic pressure to ensure the infrastructure of democracy gets better protected, we’re going to need more notice.

Amid Promises to Share Ads with Congress, Some Other Interesting Promises

DC is atwitter with Facebook’s announcement that it can, after all, voluntarily share the same information it shared with Robert Mueller with Congress. As part of that announcement, it released a statement from their General Counsel, a Q&A addressing some of the questions that had been generating bad PR, and some promises of additional things Facebook will do to support democracy from Mark Zuckerberg.

I’m most interested in two details in Zuck’s statement. For example, this paragraph says Facebook will continue to look at what happened closely.

 We will continue our investigation into what happened on Facebook in this election. We may find more, and if we do, we will continue to work with the government. We are looking into foreign actors, including additional Russian groups and other former Soviet states, as well as organizations like the campaigns, to further our understanding of how they used our tools. These investigations will take some time, but we will continue our thorough review. [my emphasis]

While the frenzy responding to this announcement has focused on Russian ads, Zuck just revealed that Facebook is also looking at what the campaigns did.

That would permit Facebook to look for any apparently similar activity from campaigns and Russian actors, as we have reason to believe there was. It also might suggest Facebook is reviewing to see whether Republican dark marketing served to suppress turnout, and if so in coordination with what other actors.

I’d really love to have this information, but note that it is a substantially different thing for Facebook to review Russian actions and for Facebook to review Democratic or Republican actions.

Then there’s the promise to work even more closely with other tech companies.

We will increase sharing of threat information with other tech and security companies. We already share information on bad actors on the internet through programs like ThreatExchange, and now we’re exploring ways we can share more information about anyone attempting to interfere with elections. It is important that tech companies collaborate on this because it’s almost certain that any actor trying to misuse Facebook will also be trying to abuse other internet platforms too.

I think I’m okay with this (and they’re legally permitted to do this in any case). But given my newfound obsession with the fact that with any of these global tech companies, you’re dealing with intelligence resources that might rival nation-state intelligence, I’m interested in Facebook’s efforts to expand the sharing.

Facebook, by itself, may not rival the NSA. But when you put together Facebook, Microsoft, Google, Twitter, and others, then you’re beginning to talk really powerful intelligence capabilities.

It’s good, I suppose, that that much technical power is going to hunt down Russians. But it might be worth pausing to imagine what else they might cooperate to hunt down.

Facebook Troll Account Events Happen in Wake of Guccifer 2.0 Released Targeting Data

In this post, I noted that the Russian troll Facebook events identified to date — including an event that drew four people in Idaho — weren’t exactly a smoking gun showing the troll accounts had intervened meaningfully in the election.

The Daily Beast has found an account — which it assumes must be tied to Internet Research Agency because it was shut down the same time as the other IRA accounts were, which seems a fair assumption — that does appear to be more legitimately tied to the election.

The demonstrations—at least one of which was promoted online by local pro-Trump activists— brought dozens of supporters together in real life. They appear to be the first case of Russian provocateurs successfully mobilizing Americans over Facebook in direct support of Donald Trump.

The Aug. 20, 2016, events were collectively called “Florida Goes Trump!” and they were billed as a “patriotic state-wide flash mob,” unfolding simultaneously in 17 different cities and towns in the battleground state. It’s difficult to determine how many of those locations actually witnessed any turnout, in part because Facebook’s recent deletion of hundreds of Russian accounts hid much of the evidence. But videos and photos from two of the locations—Fort Lauderdale and Coral Springs—were reposted to a Facebook page run by the local Trump campaign chair, where they remain to this day.

“On August 20, we want to gather patriots on the streets of Floridian towns and cities and march to unite America and support Donald Trump!” read the Facebook event page for the demonstrations. “Our flash mob will occur in several places at the same time; more details about locations will be added later. Go Donald!”

The Florida flash mob was one of at least four pro-Trump or anti-Hillary Clinton demonstrations conceived and organized over a Facebook page called “Being Patriotic,” and a related Twitter account called “march_for_trump.”  (The Daily Beast identified the accounts in a software-assisted review of politically themed social-media profiles.)

Being Patriotic had 200,000 followers and the strongest activist bent of any of the suspected Russian Facebook election pages that have so far emerged.

Unlike the previously reported events, the Florida ones took place in a swing state. And the numbers represent more significant turnout than other reported events.

I’m also interested that these events happened in FL — and happened in late August — for another reason. Florida was the first of the swing states for which Guccifer 2.0 publicly released DCCC data, including targeting information. He released that information via his website on August 15, admittedly too close to the rallies to do much good, but early enough to know they were available before the rallies. But by that point, HelloFLA already had (and had released) documents.

As I have said, we don’t have to prove that Republicans helped the IRA target ads, because we already know that Russians obtained targeting information by stealing it from the Democrats. It just so happens that this first instance where Facebook events might affect the Presidential came in the wake of targeting information for key congressional districts became publicly available (and therefore deniable for entities more closely with with Russia).

Why Did Guccifer 2.0 Keep Harping on VAN?

One problem with the skeptics’ claims that Guccifer 2.0 is not Russian, but instead a Democrat or Crowdstrike blaming Russia, is they misread how his original post responded to the WaPo article announcing the hack. The assumption at the time was that Guccifer 2.0 was disinformation to disclaim the attack. But it more immediately discredited the claims the Democrats and Crowdstrike made to WaPo.

There’s Shawn Henry’s claim the hackers took just two documents.

The other, which the firm had named Fancy Bear, broke into the network in late April and targeted the opposition research files. It was this breach that set off the alarm. The hackers stole two files, Henry said. And they had access to the computers of the entire research staff — an average of about several dozen on any given day.

In response Guccifer 2.0 posted eleven documents and taunted Crowdstrike.

Shame on CrowdStrike: Do you think I’ve been in the DNC’s networks for almost a year and saved only 2 documents? Do you really believe it?

[snip]

I guess CrowdStrike customers should think twice about company’s competence.

Fuck the Illuminati and their conspiracies!!!!!!!!! Fuck CrowdStrike!!!!!!!!!

There’s the bizarre pitch suggesting that only documents affecting Trump had been stolen, describing it as typical foreign espionage (which APT 29 might have been doing).

the entire database of opposition research on GOP presidential candidate Donald Trump

[snip]

The DNC said that no financial, donor or personal information appears to have been accessed or taken, suggesting that the breach was traditional espionage, not the work of criminal hackers.

[snip]

“It’s the job of every foreign intelligence service to collect intelligence against their adversaries,” said Shawn Henry, president of CrowdStrike, the cyber firm called in to handle the DNC breach and a former head of the FBI’s cyber division.

Guccifer 2.0 did post a Trump document. But the DNC, Hillary, and Crowdstrike should have known that (even if there had been one stolen) it wasn’t the one they had in mind. That was a document stolen from Podesta, not the DNC.

Which would have been a response — one her aides might understand, but the rest of us would not — to this claim by Hillary.

Clinton called the intrusion “troubling” in an interview with Telemundo. She also said, “So far as we know, my campaign has not been hacked into,” and added that cybersecurity is an issue that she “will be absolutely focused on” if she becomes president.

Because it would have been a sign that, indeed, her campaign had been hacked.

Similarly, by posting documents that dated from months earlier, Guccifer 2.0 would have made it clear to DWS that her lie — that the DNC responded quickly — could be exposed.

“The security of our system is critical to our operation and to the confidence of the campaigns and state parties we work with,” said Rep. Debbie Wasserman Schultz (Fla.), the DNC chairwoman. “When we discovered the intrusion, we treated this like the serious incident it is and reached out to CrowdStrike immediately. Our team moved as quickly as possible to kick out the intruders and secure our network.”

Finally, there’s Michael Sussman’s claim that no donor or voter information was stolen.

CrowdStrike is continuing the forensic investigation, said Sussmann, the DNC lawyer. “But at this time, it appears that no financial information or sensitive employee, donor or voter information was accessed by the Russian attackers,” he said.

Guccifer 2.0 proved that wrong by posting a number of financial documents.

In other words, the initial post was designed to discredit anything Crowdstrike and Democrats said. More importantly, it included a number of threats that Hillary and her aides should have recognized: Guccifer 2.0 had more, had more of the stuff closer to Hillary.

This was dick-waving, not obfuscation (which is consistent with what we see in the documents, and consistent with what I understand was left in some of the servers). It’s just that most of the public wouldn’t have seen that dick-waving; just the Democrats and Crowdstrike would.

Which is why I want to return to something that commentators have long been hung up on: Guccifer 2.0’s claim to have gotten in through VAN.

The DNC had NGP VAN software installed on their system so I used the 0-day exploit and then deployed my backdoor.

I suspect his reference to zero-days was actually a further taunt to Dmitri Alperovitch, who had fluffed up the Russians in the original WaPo.

The two crews have “superb operational tradecraft,” he said. They often use previously unknown software bugs — known as “zero-day” vulnerabilities — to compromise applications.

But why did dick-wagging Guccifer 2.0 focus on VAN? One obvious reason is that it invoked the events of December, when a Bernie staffer got fired for having saved Hillary files when the wall between the two campaigns in VAN came down, literally at the moment the Sanders campaign finished their best fundraiser to date. That is, it might be that VAN just invoked a really sore subject between the two sides.

Guccifer 2.0 may have raised it because Crowdstrike was brought in and did a cursory review to endorse the official view. Had Crowdstrike done more at the time, it they might have discovered the Russians.

The reason I ask, though, is that Guccifer 2.0 kept harping on VAN. A big file that has been the focus of recent attention — in the last few days credibly shown to come from the same file set as the documents later released falsely labeled as Clinton Foundation documents — was called NGP VAN, even though the file has nothing to do with VAN.

Notably, too, some of the last files stolen and shared with WikiLeaks included a series providing VAN access to the finance team. That is, one of the last things that happened before Russia got dumped from the system is a new set of VAN passwords got set up.

Amid the discussion of how the Russians got targeting data, I think it worth noting that having VAN access would have provided a lot of the information the Russians would have wanted.

Why Was Manafort FISA Tapped Rather than Criminal Tapped?

Congratulations to Donald Trump, who may have finally figured out how to prove his March 4 claim that there was a “tapp” on Trump Tower — by continuing to speak to Paul Manafort after FBI got a second FISA wiretap on him, at least according to the CNN’s report on the tap.

US investigators wiretapped former Trump campaign chairman Paul Manafort under secret court orders before and after the election, sources tell CNN, an extraordinary step involving a high-ranking campaign official now at the center of the Russia meddling probe.

The government snooping continued into early this year, including a period when Manafort was known to talk to President Donald Trump.

[snip]

The conversations between Manafort and Trump continued after the President took office, long after the FBI investigation into Manafort was publicly known, the sources told CNN. They went on until lawyers for the President and Manafort insisted that they stop, according to the sources.

It’s unclear whether Trump himself was picked up on the surveillance.

I mean, if you’re dumb enough to talk to a guy under active investigation, you should expect to be tapped. Trump should know this from his NY mobster buddies.

The CNN report — by the same team that last month revealed Carter Page had actually been wiretapped going back to 2014, too — is maddeningly vague about the dates of all this. Manafort was first targeted under FISA for his (and associated consulting companies, probably including Tony Podesta) Ukrainian influence peddling in 2014. Then the order lapsed, only to have a new one, possibly last fall, approved in association with the Trump investigation.

A secret order authorized by the court that handles the Foreign Intelligence Surveillance Act (FISA) began after Manafort became the subject of an FBI investigation that began in 2014. It centered on work done by a group of Washington consulting firms for Ukraine’s former ruling party, the sources told CNN.

The surveillance was discontinued at some point last year for lack of evidence, according to one of the sources.

The FBI then restarted the surveillance after obtaining a new FISA warrant that extended at least into early this year.

[snip]

The FBI interest deepened last fall because of intercepted communications between Manafort and suspected Russian operatives, and among the Russians themselves, that reignited their interest in Manafort, the sources told CNN. As part of the FISA warrant, CNN has learned that earlier this year, the FBI conducted a search of a storage facility belonging to Manafort. It’s not known what they found.

The gap would presumably have excluded June, given that Mueller reportedly didn’t learn about the June 9 meeting until the usual suspects started turning over records on it (though I may come back to that).

The report of a fall wiretap, based in part on intercepts of Russians, would put it well beyond the time Manafort got booted from the campaign (and might be consistent with the reporting of an earlier application followed by ultimate approval in the fall). The mention of a search of a storage facility suggests that Manafort would have been targeted under both 1805 (data in motion) and 1824 (data at rest, plus physical search like that used with the storage facility).

Here’s some relevant information from last year’s FISC and I Con the Record transparency numbers.

For the same authorities (1805, 1824, 1805/1824, and 1881c), the FISA Court, which uses different and in most cases more informative counting metrics, reports 1,220 orders granted, 313 orders modified, and 26 orders denied in part (which add up to I Con the Record’s 1,559), plus 8 orders denied, which I Con the Record doesn’t mention.

As an improvement this year, I Con the Record has broken down how many of these targets are US persons or not, showing it to be 19.9%. That means the vast majority of targeted FISA orders are targeted at people like Sergey Kislyak, the Russian Ambassador all of Trump’s people talked to.

This is the target number for the original report, not the order number, and it is an estimate (which is curious). This means at least 28 orders target multiple people. Neither ICTR nor FISC reveals how many US persons were approved for 705b, meaning they were spied on when they went overseas.

I include this, especially the FISC numbers (the top ones), to show that for the category that Manafort would have been targeted under, the court outright rejected 8 applications, denied in part — perhaps by approving only some of the facilities in the application — 18, and modified — which can often be minimization procedures — 260. Note, too, that among all the individual orders approved last year, roughly 336 were targeted at Americans like Manafort and Page. I assume there would be more minimization procedures on those targeting Americans, especially those who hang out with political candidates or the President.

All of which is my way of saying that for Manafort, in particular, the FBI may have had to use some kind of clean team to separate the political items from the foreign intelligence ones. The members of Congress that are the most likely sources for this story probably would have known that too, but it wouldn’t serve the point of the leak as well if that detail were included.

One more point.

The CNN piece is clear: FBI had a FISA order targeting Manafort (and probably others, probably the same ones who’ve been asked to testify, including Tony Podesta’s group), then let it lapse. They then got an order focused on election-related issues.

By the point they got the election-related FISA, the FBI was very deep into their investigation of Manafort for money laundering (and in NY, where FBI agents are notoriously gabby).

But at least given all the public reporting thus far, there have been no reported criminal warrants against Manafort, at least not before the no-knock search in VA this summer.

Which is odd, because they sure seem to have probable cause against him for crimes, as well. If Manafort were targeted by a criminal warrant, it’s nowhere near as clear that any minimization would be overseen by a court. That is, it might be more likely that Trump would get picked up in his rash conversations with someone known to be under investigation if that person were targeted with a criminal warrant than if he were targeted under FISA.

One, final, point. Craig Murray, who ferried something (though not emails) to Julian Assange in September 2016 claimed the emails had been picked obtained by American National Security types wiretapping [John] Podesta because of the Podesta Group’s lobbying for Saudi Arabia. As I noted at the time, that didn’t make any sense, partly because Tony would have been the target, not John, but also the FBI wouldn’t be all that interested in lobbying for Saudi Arabia.

Murray claimed the documents came from someone in the national security establishment, and implied they had come from legal monitoring of John Podesta because he (meaning John) is a lobbyist for Saudi Arabia.

Again, the key point to remember, in answering that question, is that the DNC leak and the Podesta leak are two different things and the answer is very probably not going to be the same in both cases. I also want you to consider that John Podesta was a paid lobbyist for the Saudi government — that’s open and declared, it’s not secret or a leak in a sense. John Podesta was paid a very substantial sum every month by the Saudi government to lobby for their interests in Washington. And if the American security services were not watching the communications of the Saudi government paid lobbyist then the American intelligence services would not be doing their job. Of course it’s also true that the Saudis’ man, the Saudis’ lobbyist in Washington, his communications are going to be of interest to a great many other intelligence services as well.

As a threshold matter, no national security agency is going to monitor an American registered to work as an agent for the Saudis. That’s all the more true if the agent has the last name Podesta.

But that brings us to another problem. John Podesta isn’t the lobbyist here. His brother Tony is. So even assuming the FBI was collecting all the emails of registered agent for the Saudis, Tony Podesta, even assuming someone in national security wanted to blow that collection by revealing it via Wikileaks, they would pick up just a tiny fraction of John Podesta’s emails. So this doesn’t explain the source of the emails at all.

They would — and apparently were — interested in tapping all the corrupt people working with corrupt Ukrainians, including Manafort and, maybe, Tony (but not John).

This in no way confirms Murray’s explanation — his story still makes no sense for the reasons I laid out when I first wrote the post. But I find it particularly interesting that Tony Podesta may well have been wiretapped along with Manafort, for his Ukrainian influence peddling, not his Saudi influence peddling, earlier in the year last year.

SSCI Plays Hardball with Michael Cohen’s Attempt to Distract from Trump Tower Deal

Just before it was supposed to start, SSCI canceled Michael Cohen’s private interview with the committee. They did so, per a statement from Richard Burr and Mark Warner, because Cohen broke an agreement not to talk to the press by releasing what has generally been described as “his statement” to the press beforehand.

We were disappointed that Mr. Cohen decided to pre-empt today’s interview by releasing a public statement prior to his engagement with Committee staff, in spite of the Committee’s requests that he refrain from public comment. As a result, we declined to move forward with today’s interview and will reschedule Mr. Cohen’s appearance before the Committee in open session at a date in the near future. The Committee expects witnesses in this investigation to work in good faith with the Senate.

But in point of fact, what got published as his “statement” was not the entirety of it. Close to the end of the “statement” is this paragraph, alluding to a further two page statement on the Trump Tower deal that somehow didn’t get leaked.

I assume we will discuss the rejected proposal to build a Trump property in Moscow that was terminated in January of 2016; which occurred before the Iowa caucus and months before the very first primary. This was solely a real estate deal and nothing more. I was doing my job. I would ask that the two-page statement about the Moscow proposal that I sent to the Committee in August be incorporated into and attached to this transcript.

Other than that paragraph, mind you, Cohen’s statement closely parallels the letter to HPSCI Cohen released last month after spending a week distracting from and pre-empting the Trump Tower story. Both deny the allegations in the Christopher Steele dossier, and try to suggest that if he is found innocent of those allegations, then HPSCI and/or SSCI must issue a statement exonerating him.

In other words, with both committees, Cohen has manipulated the press so as to set a narrative about his testimony, a narrative that treats the Steele dossier as the entirety of his expose, rather than the now far more interesting (and interestingly time) real estate deal.

Four days ago, Michael Cohen (or the Trump Organization) pre-empted revelations that would leak as soon as he turned over a third tranche of documents to the House Intelligence Committee by revealing a seemingly damning detail from it: along with Trump’s associate Felix Sater, Cohen was pursuing a Trump Tower deal in Moscow well after Trump’s campaign was in full swing. Sure enough, more damning information was still to come: Sater somehow imagined the deal — whatever it was — would get Trump elected. Then still more damning information: in January 2016, Cohen reached out to trusted Putin aide Dmitry Peskov to push for help on the deal. That’s when Cohen began to not recall precisely what happened, and also ignore questions about why he hadn’t told Trump about this call, unlike the other actions he took on this deal.

[snip]

All that said, the way in which Cohen has orchestrated this disclosure — up to and including his failures to recall and answer obvious questions — is either great lawyering and/or sign that this earlier deal making is a real problem.

Of course, Burr and Warner were having none of this narrative scene setting and so now will force Cohen to testify publicly.

Cohen is sure spending a lot of time orchestrating distractions from this property deal. A pity for him his second attempt didn’t work as well as the first one.

image_print