About the Timing of the Binney Meeting

The Intercept is reporting that, on Trump’s orders, Mike Pompeo met with Bill Binney on October 24 to understand his theory arguing that the DNC hack was in fact a leak.

In an interview with The Intercept, Binney said Pompeo told him that President Donald Trump had urged the CIA director to meet with Binney to discuss his assessment that the DNC data theft was an inside job. During their hour-long meeting at CIA headquarters, Pompeo said Trump told him that if Pompeo “want[ed] to know the facts, he should talk to me,” Binney said.

[snip]

Binney said that Pompeo asked whether he would be willing to meet with NSA and FBI officials to further discuss his analysis of the DNC data theft. Binney agreed and said Pompeo said he would contact him when he had arranged the meetings.

I’ve got a few comments about this.

First, I’m particularly intrigued in the timing. on Twitter, Jim Sciutto said Trump had been pushing for Pompeo to meet with Binney for several weeks.

Pompeo took the meeting at the urging of President Trump over weeks. Pompeo told Binney: “The president told me I should talk to you”

I’ve been told the meeting was set up by October 14, which means Trump has been pushing for this meeting for over a month. That dates it to around the same time as reports that Chief of Staff John Kelly was preventing Dana Rohrabacher from meeting Trump to pass on Julian Assange’s claims explaining how the emails he received didn’t come from Russia, though that scheme went back further, to mid-August.

Effectively, though, that means Trump has been trying to find some way to magnify theories that argue culprits besides Russia did the hack. The guy who begged Russia to hack Hillary’s emails in the middle of last summer is looking for some alternative narrative to push, and it’s not clear whether he cares what that narrative is.

Though, as I noted in my post on these theories, now that we know the files Guccifer 2.0 leaked were from Podesta and as-yet unidentified sources, it makes all the arguments focusing on Guccifer beside the point (and disrupts Craig Murray’s claims).

On top of a lot of other implications of this, it shifts the entire debate about whether Guccifer 2.0 was WikiLeaks’ source, which has always focused on whether the documents leaked on July 22 came from Guccifer 2.0. Regardless of what you might conclude about that, it shifts the question to whether the Podesta emails WikiLeaks posted came from Guccifer 2.0, because those are the ones where there’s clear overlap. Russia’s role in hacking Podesta has always been easier to show than its role in hacking the DNC.

It also shifts the focus away from whether FBI obtained enough details from the DNC server via the forensic image it received from Crowdstrike to adequately assess the culprit. Both the DNC and Hillary (as well as the DCCC) servers are important. Though those that squawk about this always seem to miss that FBI, via FireEyedisagreed with Crowdstrike on a key point: the degree to which the two separate sets of hackers coordinated in targeted servers; I’ve been told by someone with independent knowledge that the FBI read is the correct one, so FBI certainly did their own assessment of the forensics and may have obtained more accurate results than Crowdstrike (I’ve noted elsewhere that public IC statements make it clear that not all public reports on the Russian hacks are correct).

In other words, given that the files that Guccifer 2.0 first leaked actually preempted WikiLeaks’ release of those files by four months, what you’d need to show about the DNC file leaks is something entirely different than what has been shown.

Binney and the other skeptics aren’t even arguing the right issue anymore.

Moreover, there’s a newly public detail that may moot two key strands of the argument. Last week the WSJ (here’s the Reuters version) reported that DOJ is thinking of charging 6 Russian officials in the hack of the DNC. I get it. People are skeptical that the FBI has any better data than the NSA (though I know others, outside of the FBI, believe they’ve pinpointed hackers by name). But as part of that story,  they described the four districts where the investigation into the hack (as distinct from Mueller’s investigation into the election tampering) live.

The U.S. Justice Department has gathered enough evidence to charge six members of the Russian government in the hacking of Democratic National Committee computers before the 2016 U.S. presidential election, the Wall Street Journal reported on Thursday, citing people familiar with the investigation.

Federal agents and prosecutors in Washington, Philadelphia, Pittsburgh and San Francisco have been cooperating on the DNC investigation and prosecutors could bring the case to court next year, it said.

[snip]

The hacking investigation, conducted by cybersecurity experts, predates the appointment in May of federal special counsel Robert Mueller to oversee the probe of alleged Russian meddling in the 2016 election and possible collusion with President Donald Trump’s campaign.

Mueller and the Justice Department agreed to allow the technical cyber investigation to continue under the original team of agents and prosecutors, the Journal said.

I’m not sure the report is 100% accurate; for example, I know of a non-political witness in the election-related hack being interviewed by Mueller’s people.

But it includes a little-noticed detail that I know to be accurate — and important to rebut the claim that the copying speed claimed by Forensicator requires a conclusion incompatible with Russia carrying out the hack. Part of the investigation is in Philadelphia.

When Reuters first reported a tripartite structure of the investigation in February, it included San Francisco (the Guccifer 2.0 investigation), Pittsburgh (the Russian side, probably focused on known APTs), and DC (the counterintelligence side — though that would significantly be Mueller’s investigation).

Philadelphia was not included. I only know a bit about the Philadelphia side of the investigation, but I do know that part of the investigation is located there because of a server in the district. So one way or another, we know that the FBI is conducting an investigation in an Eastern city as part of the hacking investigation based on the use of a server in the district. That doesn’t necessarily mean they’re investigating Russians. But it means even if you account for a server in the eastern time zone, you still have FBI preparing to charge Russians for the hack.

Which brings us to the last line of the Intercept article.

Binney said that since their meeting, he has not heard from Pompeo about scheduling follow-up meetings with the NSA and FBI.

Granted, it has only been two weeks. But in that time, not even Pompeo’s prodding has made the FBI (more likely) or the NSA (which still has bad blood with Binney) remotely curious about these theories.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

36 replies
  1. orionATL says:

    o. t.

    with regard to trump-russia cooperation to influence the 2016 presidential election,

    we see various trumpsters talking up approaches to the russians early in the campaign. we also have messaging confluence in trump’s comments about the russians dumping emails scrubbed from clinton’s personal server and the russian cutouts dumping dnc and clinton campaign emails.

    but there was a second point of confluence in messaging between trump and the kremlin toward the end of the campaign.

    trump began to complain about the illegitimacy of the election in october. i just read that the russians had decided by october that clinton would win and so changed their messaging to americans to emphasize the same thing trump was emphasizing – the illigitimacy of the election – “it’s a rigged system”.

    two points of confluence and a major messaging change may be a coincidence, but maybe not.

  2. Avattoir says:

    ‘Com’on, Mike: you if anyone know of, even know personally, lots of good old-fashioned red-blooded American People perfectly capable & more than willing to try to pull this off. Remember Watergate?’
    ‘I was ten. I was still reading Clair Bee.’

    ‘Okay, I’m older so I’ve got a vivid memory of how twisted Nixon, Halderman & Ehrlichman really were, & of Ratfounder Segretti. But you’ve grown up in the party of Ailes, Stone, North, Atwater, Rove, Rudy’s mob, Manafort forchrissake, wall-to-wall 24/7 ratfuckers the lot of them. You know all about the inside jobs.’
    ‘Ahem. Uh, how about you just leave your material with my staff & we’ll be in touch as necessary.’

  3. lefty665 says:

    I’d not be too quick to discount Binney, he has 30 years of communications intelligence experience and smarts. He did not get to the top of the com int heap at NSA by chance. Assange may not know the ultimate source of the emails he received, but he may. We have no evidence the Russians provided them to him, and he insists they did not.  What we can be pretty sure of is that the Russians, like us, pretty aggressively poke at one anothers political institutions and communications. What neither tends to do is to make those intercepts public, instead they go into secret assessments.  Letting the other guy know you’re reading his mail is frowned upon as it lets him know he’s been had. Once that happens he figures out the access and shuts it off. Then the spooks have to find another way to get back in. That’s hard work, and nobody likes that.

    There may well have been several hacks of the systems, and multiple potential sources for public release, including for example, the Pak IT family and friends hired by Wasserman-Schultz who had a penchant for turning everything they had access to into money. The FBI charging Russians may be much like the Russians charging spooks at NSA, factually true, but not having much to do with the public release of the emails.

    As Binney has observed, if there had been gigabytes of data exfiltrated from the DNC over the web NSA would know about it and we would have heard about it one way or another,  likely from Brennan it seems to me.

    Anyone have any idea where Podesta’s email was hosted? It would be interesting if it was in Philly.

    • bmaz says:

      I will quite easily discount Binney here on this. Anybody pushing the Seth Rich story is nutty and, frankly, an asshole for doing so. Leave his family to mourn in peace without this horse manure.

    • pseudonymous in nc says:

      Anyone have any idea where Podesta’s email was hosted?

      GMail, so on a distributed file system across Google’s DCs, not a single server. This is basic stuff. Do keep up.

      (Philly has DCs and colos, because any big city has them, but it’s not a typical location for commodity retail hosting.)

    • emptywheel says:

      Uh. We did hear about it. That’s why the FBI started calling the DNC starting in September 2015.

      • lefty665 says:

        True, but not because of gigs of exfiltrated data. Still seems bizarre that the DNC was not very responsive to the FBI warnings. What was that about? Would you be kind enough to point me towards what’s up in Philly?

        • emptywheel says:

          Uh, no. In part precisely because of gigs of exfiltrated data. I’m not sure what you think NSA tracks when it tracks hacks in progress.

          • lefty665 says:

            Evidence of that exfiltration does not seem to be part of the public record, perhaps in part because the DNC refused the FBI access to their servers and instead brought in rabidly anti Russian Cloudstrike.  NSA does have a pretty good awareness of what comes and goes, especially when it crosses a border or when they’re interested in the traffic. They are especially good when they know what they are looking for and root around in what they have collected. You’d think that if there was evidence we’d have had Brennan shouting it from the rooftops and that NSA would have had more than ‘moderate’ confidence in his cherry picked assessment.

            As I noted above, there’s little doubt the Russians poke at our political institutions, just as we do theirs. There is however, a lack of evidence that the publicly leaked emails came from Russian state agencies, but there is a huge leap to that conclusion. Seymour Hersh’s leaked phone conversations that several FBI sources had told him that Seth Rich leaked the emails and that his murder was unrelated D.C. street crime make a lot of sense. It is also consistent with Binney. We have not heard much recently about Debbie’s Pak IT crew. Wonder what’s going on with them? They certainly had access to the DNC system through her and her Ipad which would have made a dandy remote controlled “thumb drive” for local downloading off the DNC network.

            In short it is very possible that there were multiple breaches of the DNC systems, and that they could be both external and internal. There is little public hard evidence who provided the emails and data to the media after they were purloined, how many times they were leaked/hacked and from which sources, Podesta, DNC, other. Who knows, Assange could be telling the truth about where his copies came from, or not.

            I appreciate your continuing efforts to sort through this morass and to make sense of it.

    • greengiant says:

      Binney won’t say what he is not supposed to say,  nor that which he does not know.  Who expects the NSA or anyone else to reveal sources and methods just because some hackers/intelligence agencies got into multiple email accounts.

      Which curtain were we not to look behind?  The ones that Tait or Rid were pulling on? Reporting of “Russian” use of cloud drives for data exfiltration.  http://www.esquire.com/news-politics/a49791/russian-dnc-emails-hacked/

      The September 2015 clue drop on the DNC is followed by the more than dozen Democrat email accounts being hacked in 2016 together with DNC which the AP story claims account for all the Guccifer 2.0,  DCLeaks and Wikipedia emails. ( and ignores the Guccifer 2.0 mislabeled file dump? ) https://www.apnews.com/dea73efc01594839957c3c9a6c962b8a

       

  4. lefty665 says:

    I certainly agree with you that leaving Rich’s family to mourn in peace is the civilized thing to do. That does not discount Binney’s experience and skills in the com int business. There are lots of really bright assholes, and a lot of them are on the autism spectrum which often makes them especially socially insensitive and inappropriate. That does not excuse behavior, but does help us understand it.

  5. J-Mann says:

    Yep. Note how quickly folks jump on the Seth Rich sub-angle to discredit Binney/VIPS premise of an on-site download. Rachel Maddow and the DNC approve of this tactic, bmaz.

    • bmaz says:

      Are you fucking kidding me?

      Also, as your one, and only entry here, let the record reflect how you trolled.

  6. harpie says:

    Thomas Drake‏ @Thomas_Drake1  tweeted on. 6:11 AM – 12 Aug 2017

    I am a former NSA Exec & didn’t sign this VIPS memo due to significant analytic, sourcing, data, date & tech issues

    He links to the 7/24/17 Consortium News article “Intel
    Vets Challenge ‘Russia Hack’ Evidence
    ”. He also answers some questions in the
    thread. What Drake tweeted yesterday wrt the Intercept article:

    much disinfo “is floating around, feeding confirmation
    bias, mirroring & even producing conspiracy theories” –me

     Here’s an 8/12/17 article expanding on Drake’s take,
    that @webradius retweeted today:The Mounting Problems With the DNC ‘Leak’ Story; Lee Ferran; Code and Dagger 

    […] But in addition to Drake’s dissent, cybersecurity experts
    told Code and Dagger there are some issues with The Nation report and the July
    24 VIPS memo on which much of it is based. […] 

    • lefty665 says:

      I respect Drake very much too although he does not have quite the com int chops Binney does. A discussion between them on areas where they disagree would be fascinating and informative.

      • emptywheel says:

        Actually, you’re wrong (as someone who has talked with the two of them sitting at a table about cybersecurity). As far as I can tell, Drake was closer to that side of the function while at the AF.

        • lefty665 says:

          Both are highly qualified and experienced. SEC and INT are closely related topics, and have had a lot of interaction over the years. To be good in one you have to understand the other. I have great respect and admiration for both Drake and Binney, and am a little envious of your opportunities to spend time with them and other whistleblowers.

          From Drake’s wiki bio, his Air Force time seemed to be on the INT side of the business doing ELINT out of Germany, and that was close to 30 years ago.  His later experience was likely more material to the current issues. From Binney’s wiki bio he had a 30 year career with NSA that started as a Russian specialist and culminated as technical leader for intelligence. He was the top of the heap, and that does not happen by accident. Nor did worker bees ever receive the Meritorious Civilian Service Award. Citing Drake’s disagreement with him on this issue does not discredit Binney’s opinion. While it does not guarantee he is right, Binney clearly has the experience and achievement chops. A discussion between the two of them where they disagree, as they do here, would be fascinating.

    • SpaceLifeForm says:

      All three of you are actually spot on.

      Stand back, stop talking over each other.

      Drake and Binney are on top of things. They may disagree on the analysis methods and therefore the conclusions. It is fine to disagree. The TI article is a spin/misdirection job. Suspect trying to hide some sources and methods. And diss Binney.

      I read the entire thing. There are more informative comments (by good sources BTW), than the article had.

      Suspect TI is trolling. Not for webviews, BTW.

  7. orionATL says:

    general question:

    i’m going to specify that there was one source of leaked democratic party docs in 2016 – the russian government including fsb and military intelligence.

    i’m going to specify that there were only three “original” sites that leaked some numbers of those dem docs stolen by the russians – dcleaks, wikileaks, and guccifer 2.

    now my question, which has probably been asked and answered already:

    has anyone compared specific leaked documents from any two (or three) of these leaking sources to confirm with confidence that that particular leaked document was the same in both (or all three) leaked versions?

    in other words, a test to see if in fact the russian hoarde was quite likely the only source of all leaked docs – except guccifers doctored docs?

    • orionATL says:

      timed out.

      or were the docs the russians made available on dcleaks a different set from the docs the russians gave to wikileaks (understanding that some folks dont like saying wikileaks got docs from intermediary who got them from the russians).

    • orionATL says:

      timed out.

      or were the docs the russians made available on dcleaks a different set from the docs the russians gave to 3 (understanding that some folks dont like saying wikileaks got docs from intermediary who got them from the russians).

    • lefty665 says:

      You lead with “i’m going to specify that there was one source of leaked democratic party docs in 2016” then at the end “except guccifers doctored docs”. Which do you want, one source or more than one source? You can argue either proposition, but not both.

      How do you believe docs that were downloaded locally differ from those that were hacked, or how docs hacked separately would differ? Seems the possibility exists that the docs would be the same and that identical docs tell us very little about who purloined them.

      • orionATL says:

        i’m trying to find a way to stabilize a factually chaotic problem – there’s a universe of “dem docs” collected + there’s 3 major sites releasing those dem docs (wikileaks, dcleaks, gucciferleaks) .

        “i’m going to specify…” just means i’d like to test the proposition that all released dem docs (campaign, dnc, dccc) were from one source (russia) – maybe so, maybe not.

        i don’t assume some were downloaded locally and some hacked; i don’t know that. i want to find out if docs released from one site are matches with docs released from another – very simple stuff (maybe).

        as for the gucciferleaks, it is clearly a sport, a perverse exercise in deception rather than an excercise in straightforward opinion manipulation like dcleaks and wikileaks.

        as an aside, the goal of dcleaks seems to be the classic russian tactic of driving wedges in a society, just like drilling and driving steel wedges into a piece of granite to split it. the goal of wikileaks is purely to damage the clinton’s chances of winning thru the media.

  8. Mark says:

    This type of article works on low information voters. Luckily not on Republicans.  Hillary Clinton publicly denied Guccifer had hacked her  personal server.  Guccifer  was arrested  PRIOR to the  DNC hack on March 4 morons. Guccifer admitted publicly that he had hacked Clinton’s personal server. He was convicted in a court of law for his crime.  This means Clinton is a liar. Guccifer is Romanian not Russian dolts.

    • bmaz says:

      Hi there. I freed your comment from our spam file. You are welcome.

      I will not do that a second time if this is the type of dumb ass horseshit you bring. Troll elsewhere.

  9. Bay State Librul says:

    Opinion:

    Lefty seems to be a decent person but his input is wacky
    As I said before he is the Bannon of the left.
    He doesn’t understand Trump who is a fucking dictator. At what point, will you ban him from his bullshit

    • lefty665 says:

      “Bannon of the left”, humm, I’d have to have a lot more hair and money, but the “left” part is surely right. My idols are Patrick Henry, Sam Adams and Thomas Paine. I suppose they’d qualify as ‘Bannons of the left’ to libruls too.

Comments are closed.