Paul Manafort Has Conducted His Oleg Deripaska Dalliance on PRISM Provider Google’s Servers

The government just docketed this declaration pertaining to its accusation that Paul Manafort contributed to an op-ed defending his actions in violation of the judge’s prohibition on trying his case in public.

The substance of the declaration (and another copy of the op-ed showing track changes) is interesting enough. But I’m most interested in this:

While Manafort is using a company email (DMP International, LLC), his interlocutor, Konstantin Kilimnik, the guy through whom Manafort was offering to provide private briefings on the Trump campaign to Russian oligarch (and former Manafort client to whom he still owed millions) Oleg Deripaska, is using GMail.

Particularly once the government developed counterintelligence concerns about Paul Manafort (but probably his ties to powerful Russians are sufficient in any case), Kilimnik is easily targetable under Section 702. While I’m sure they’ve got Deripaska wired up in a slew of other ways, NSA can collect this email just by asking Google nicely. And once it opened a full investigation into Manafort, the FBI has been able to get whatever NSA gets in raw form.

That means, among other things, that Kilimnik (and, I assume, Deripaska) want this to be discovered. Perhaps that’s arrogance, a belief that somehow Manafort will remain untouchable by Mueller for the more substantive coordination between him and Russia. Or perhaps Deripaska is just happy to let Manafort be exposed for what he is.

Whatever it is, when obvious Russian targets use PRISM providers, they’re just inviting easy scrutiny.

24 replies
  1. Willis Warren says:

    The Russians never believed Trump would win. They just wanted him to contest the elections, and they hacked the voter rolls to make it look like something was fishy.

    Then he won.

    This is consistent with the idea that they were giving the finger to everyone.

    • Desider says:

      Or maybe *some* of the Russians knew the fix was in, and everyone else thought it was just a beauty contest to place or show. Please tell me what good it would have done Putin for Trump to finish a close second?
      Now consider the wide reach & heavy effort the Russians put in on multiple fronts.
      What would they have needed to assure Vlad that his boy was going to win?
      Doubtful another round of tweets and Facebook posts.
      While the quote oft attributed to Uncle Joe is probably apocryphal, the sentiment is right:

      “It’s not the people who vote that count, it’s the people who count the votes.”

      Along with those who prevent people from voting, stuff the ballots, etc.
      Which part is easier, hacking a voting machine or paying off enough regional officials with keys? (as one obvious approach). Anyway, a lot of effort to assure us it’s 100% fool proof, considering the amount of foolishness that’s gone on.

  2. earlofhuntingdon says:

    No one conscious about their privacy, let alone having security concerns, would use gmail.  That is, unless open networking or broadcasting what one is doing is a personal or business priority.

    • pseudonymous in nc says:

      As with all infosec questions, it depends on one’s exposure and risk profile. Email is a fundamentally insecure protocol; everything that has been glued on to that protocol to provide some degree of privacy or security either doesn’t mitigate it enough or has never gained enough traction to be implemented at sufficient volume.

      If given a choice between GMail with hardware 2FA (that is, a Yubikey or something similar) and some other hosted email platform whose admin and data privacy policies are no less opaque, then where do you go? (Assuming, of course, you’re not a foreign surveillance target.) Life is too short, and the email ecosystem too much of a mess, to become your own private mailserver admin.

      In a lot of situations — though certainly not all — GMail is the worst email provider aside from all the other ones.

      • earlofhuntingdon says:

        Refer to for alternative suggestions.  But go with what you’re comfortable with.

        • pseudonymous in nc says:

          Well, that “NSA-proof your self-hosted email server in 2 hours” guide was good for a chuckle.

        • earlofhuntingdon says:

          Self-hosted e-mail?  Isn’t that in the same aisle as self-roasting?

          I guess it’s too much to hope that anyone capable of doing that knows that it’s not a great idea.

  3. pseudonymous in nc says:

    For what it’s worth, the MX for points to, which is Rackspace’s hosted email service.

    • Silence Hand says:

      Then access to Manafort’s side of things depends on where the servers hosting his info are located (and thus who has jurisdiction to issue a warrant).  Presumably not in the US, though anyhow this particular exchange has been hoovered up from the gmail side.

      Hey! It just occurred to me that the term “hoovered up” is oddly fitting here.  Generally it’s British slang referring to the famed brand of vacuum cleaner, but I guess it could also be inspired by J. Edgar of the same name.

  4. earlofhuntingdon says:

    Somebody please tell CNN that the Don doesn’t mean it when he says that he expects Bob Mueller to be fair to him.

    First, that’s a threat, not a reasonable, informed expectation.  Second, in the Don’s mind, “being fair” to him means giving him whatever he wants.

    Third, it’s not others in the GOP that are being mean to Mueller, but not the Don; Don is using them as cut-outs to get what he wants without being seen to ask for it.  See generally, Pimp.  See also, the usual way the Don fires real people not on his old show – by getting the word from an intimidating bodyguard or any other handy third party.

  5. SpaceLifeForm says:

    OT: The ‘intel inside’ the intel inside your computer. Bad flaw due to ‘speculation’ of instruction execution. Buried in the silicon. Not fixable via microcode. Fixes in progress. Requires major rework to OS kernels.
    Expect your computer to run slower.

    AMD chips do NOT have the problem.

    Flaw allows non-privileged userland program to extract data from kernel. Probably can extract user credentials.

    Next Tuesday (2018-01-09) will be patch tuesday for windows with a fix. Linux will be behind unless you build your own kernel from source code. OSX, BSD, I have no news on yet. Even ARM may be affected.

    Azure and AWS are planning major work later this week.

    (did all of the AWS ‘leaks’ occur because of this?)

    Did Intel CEO dump stock because of this?

    Was this a secret backdoor that IC loved and cherished?

  6. SpaceLifeForm says:

    Here we go with the further insanity.

    Both Mueller and Rosenstein.

    President Trump’s former campaign chairman, Paul Manafort, sued the special counsel on Wednesday and asked a federal court to narrow his authority, escalating Republican efforts to discredit an investigation that has stretched longer than the White House expected.

    [But, think of the Metadata!]

    [Any wonder why Sessions recused?]

    [And why now? Did PM get a leak?]

    The lawsuit said Mr. Rosenstein had improperly given Mr. Mueller the authority to investigate “anything he stumbles across while investigating, no matter how remote.”

  7. earlofhuntingdon says:

    The Special Counsel, unlike the former Independent Counsel, is pretty much an extra pair of hands for the senior ranks of the DoJ.  She investigates within the scope of authority delegated by someone with full authority to investigate and prosecute any federal crimes.  Here, the authority delegated is extremely broad and properly so.

    Manafort is desperate, and his legal team will trot out everything, including the kitchen sink.  I would, too, if I were more afraid of the guys I owed money to than of the FBI and federal prison.  For the same reason, rolling over seems unlikely.  I suppose this suit could be seen as broadcasting that Manafort has kept his mouth shut. But his suit is a hail, mary, here, both a prayer and a long shot.  It wins games, but only once in a blue moon.  And we’ve already had ours for 2018.

Comments are closed.