Before most of us were awake, NATO’s Secretary-General made what I consider an ill-considered statement reminding President-elect Trump that NATO is a treaty commitment.

“NATO’s security guarantee is a treaty commitment and all allies have made a solemn commitment to defend each other and this is something which is absolute and unconditioned,” NATO Secretary-General Jens Stoltenberg told a news conference.

[snip]

Stoltenberg, a former prime minister whose own country Norway borders Russia, sought to remind the new president-elect that the only time NATO had activated its so-called Article 5 commitment, was in the defense of the United States — following the Sept. 11 attacks on New York and Washington in 2001.

He also said NATO allies were a big part of the U.S.-led strategy to stabilize Afghanistan and rid it of militants hostile to the West, with a long-standing NATO presence in the country since the 2001 attacks.

NATO “is important both for collective defense in Europe and to provide help and play a role in the fight against international terrorism”, Stoltenberg said.

I say this was ill-considered because I think NATO needs to think seriously about Turkey’s role in the alliance, particularly given Erdogan’s crackdown and incursions into Iraq. Sure, NATO may find exceptions for Turkey that it wouldn’t for the US. But it is a complex time.

This may be unpopular. But I actually think President-elect Trump’s skepticism about NATO may have some upside.

I say that, first of all, because NATO has increasingly played a force multiplying effect on stupid American wars. That is actually the one area where Trump has been positive of NATO — asking them to do more in our stupid wars in the Middle East. But it’s one area where European countries have doubts. So maybe Trump will make it harder to use NATO to legitimize US invasions.

NATO also serves as the pole of the US-Europe relationship that gives the US the key leadership role, a way to bypass the EU itself to push dubious policy. Curiously, NATO is what Theresa May pointed to as the cement of the post-Brexit relationship. But what if Europe decides they need to develop their own capacities, and with them gain more independence from the US?

Sure, most of these discussions will be about perceived Russia aggression in Eastern Europe. It’s unclear how much Trump’s soft side for Putin will affect events in Eastern Europe (and whether Trump will be smart enough not to get completely rolled by Putin).

But NATO has increasingly become an offensive alliance, not a defensive one. Maybe it’s time to rein in that part of it?

Some Democrats are already blaming Jim Comey for Hillary’s loss last night. It will be some time before we know for sure whether that is true. Certainly polling (to the extent that it can be regarded as a fair read of the electorate, which I’m not sure it can) didn’t show Hillary losing a lot of support, net, over the course of Comey’s head fake. Instead, polls showed Gary Johnson voters coming home to the GOP, which closed Trump’s polling gap. I do think it likely that Comey’s head fake had an effect on Democratic turnout.

So we will see whether Comey is to blame or something else (that said, by the time we really know that, a narrative will be set).

But I also want to talk about Comey’s position going forward.

Had Hillary won, I think President Obama might have fired Comey in the lame duck. But I don’t see that happening now. Partly, because it would be seen as vindictive, and Obama has his legacy to cement. More importantly, there’s no chance Obama could get someone else confirmed.

So Comey will be FBI Director on January 20, with six plus years of a ten year term in front of him.

Trump has already floated Rudy Giuliani as Attorney General.

I have no idea what their relationship is like now, but recall that Comey worked for (presumably was hired by) Giuliani when the latter was US Attorney in the 1980s. Giuliani is the guy that launched Comey on his self-righteous career of federal prosecution.

For that reason — and because of Comey’s behavior in the last month — I expect Trump will keep him.

That means Comey’s self-righteous rule is one of the few things that will prevent Trump, in the near turn, from politicizing the FBI more than it already is. Today’s FBI is already bad, but Comey may limit how badly Trump’s FBI targets Muslims and others Trump targeted during the campaign.

Ultimately, Comey’s tenure may end where it has before, in standing up to some legalistic abuse (even while sanctioning the underlying behavior, as Comey did with both torture and mass surveillance), and resigning or getting fired.

But in the short term, at least, the Democrats who are blaming Comey today may welcome his self-righteousness tomorrow. Me, I think the reasons that self-righteousness is a problem now will remain a problem. But probably less problematic than having Joe Arpaio run the FBI.

In an overly dramatic (and in key areas, fluff) piece promising voting related hacks long into the future, David Sanger includes this passage.

The steady drumbeat of allegations of Russian troublemaking — leaks from stolen emails and probes of election-system defenses — has continued through the campaign’s last days. These intrusions, current and former administration officials agree, will embolden other American adversaries, which have been given a vivid demonstration that, when used with some subtlety, their growing digital arsenals can be particularly damaging in the frenzy of a democratic election.

“Most of the biggest stories of this election cycle have had a cyber component to them — or the use of information warfare techniques that the Russians, in particular, honed over decades,” said David Rothkopf, the chief executive and editor of Foreign Policy, who has written two histories of the National Security Council. “From stolen emails, to WikiLeaks, to the hacking of the N.S.A.’s tools, and even the debate about how much of this the Russians are responsible for, it’s dominated in a way that we haven’t seen in any prior election.”

The magnitude of this shift has gone largely unrecognized in the cacophony of a campaign dominated by charges of groping and pay-for-play access.

On a day when results from North Carolina strongly suggest that efforts to suppress the African American vote have thus far worked, the NYT frames a story by arguing that cyber — not racism and voter suppression — accounts for “most of the biggest stories of the election cycle” (the story goes on to include Hillary’s email investigation in with the Russian hacks dealt with in the story).

It does so even while insintuating that the “probes of election-system defenses” are a Russian state-led effort, which the Intelligence Community pointedly did not say. Indeed, a DHS assessment dated September 20 — before that Intelligence Statement — (and publicly posted Saturday) attributes such probes to “cybercriminals and criminal hackers.”

(U//FOUO) We judge cybercriminals and criminal hackers are likely to continue to target personally identifiable information (PII), such as that available in voter registration databases. We have no indication, however, that criminals are planning theft of voter information to disrupt or alter US computer-enabled election infrastructure.

Sanger posted his piece, claiming that cyber is the most important part of this election, in the wake of NYT’s ombud, Liz Spayd, posting her own piece judging — partly based off Sanger’s assessment — that the NYT should put someone on the Russian hacking story full time.

[W]hile several reporters have periodically contributed to the coverage, no one was dedicated to it full time. That’s too bad. In my view, The Times should have assembled a strike force and given it a mandate to make this story its top priority.

[snip]

I asked Sanger, a highly knowledgeable and seasoned hand on matters of cyberwarfare, about the challenges in covering information hacks. “American drone strikes and Russians bombing a hospital in Syria are immediate, gripping, tragic human stories,” he said. “A cyberstrike, by nature, is subtle, its effects often hidden for months, its importance usually a mystery. The bigger story here is that a foreign power has inserted itself in the fundamental underpinnings of American democracy using cybertechniques. We’ve never seen that before.”

That sounds like a pretty powerful argument for all-hands-on-deck coverage. After all, Trump’s treatment of women, Clinton’s email servers, the foundations of each candidate — all of it will soon fade out. The cyberwar, on the other hand, is only getting started.

Spayd makes a number of unproven or even false claims in her piece. Not only does she (like Sanger) claim that those probing voter poll sites are Russian (implying they are state hackers), she also implies the Shadow Brokers hack was done by Russia (which may be true but is far from proven).

So was the National Security Agency. Now, hackers are meddling with the voting systems in several states, leaving local officials on high alert.

She asks a question — were the Russians running Trump — she answers in her own piece.

And most critically, what has it done to try to establish whether Donald Trump was colluding with Russian intelligence, as Clinton suggests?

[snip]

The Times finally weighed in on this question last week, concluding that there is no compelling evidence linking Trump to the hackers. The piece, which ran on A21 and down page on the website, appeared to have been in the works for some time. Yet it was published just seven days before the election, and was unsatisfying in exploring the back story that led to its conclusions.

In a piece that notes there is no evidence the Russians are behind the poll probes, she suggests a Sanger piece suggesting they might have been should have been somewhere more prominent than page A15.

A piece laying out evidence that the Russians may be trying to falsify voting results in state databases ran on A15 and got minimal play digitally.

And she applauds a highly problematic piece claiming Julian Assange and Wikileaks always side with the Russians.

Led by David Sanger, The Times was first to link the Russians to the hacks, to examine the baffling role of Julian Assange and WikiLeaks and to smartly explore the options that the Obama administration could use to retaliate. I have no substantive complaints about the stories The Times has done.

In short, she points to a lot of problematic, hasty fearmongering the NYT has done on this front (as well as the one debunking much of that fearmongering, though she complains that doesn’t offer enough detail). And then says NYT should do more of it.

From the sounds of things, what she really wants is more cloak and dagger on the front pages of the NYT. Even if NYT has to invent a Russian tie to get it there.

Update: Egads.

The NYT just decided to tweet out its crappy Assange only does things Putin likes piece again.

Amid increasing clarity that lots of line FBI Agents are rooting for Trump to win Tuesday’s election, Josh Gerstein provides one explanation for why: FBI, demographically, looks like Trump’s electorate.

Largely overlooked in the imbroglio is how the fact that the FBI doesn’t look much like America is complicating Comey’s effort to extricate himself and his agency from the political firestorm.

According to numbers from August, 67 percent of FBI agents are white men. Fewer than 20 percent are women. The number of African-American agents hovers around 4.5 percent, with Asian-Americans about the same and Latinos at about 6.5 percent.

If Trump were running for president with an electorate that looked like that, he’d win in a landslide.

In the rest of his piece, Gerstein describes that his has actually gotten worse after Comey took over in 2013, though it is reversing somewhat this year.

While the FBI director has been mounting an aggressive drive to focus on the FBI’s shortcomings in diversity, it’s less clear if he anticipated how the make-up of his own work force would complicate the handling politically polarizing investigations.

However, he has described the demographic challenges in stark, urgent terms.

“We have a crisis in the FBI and it is this: slowly but steadily over the last decade or more, the percentage of special agents in the FBI who are white has been growing, … We are now 83 percent white in our special agent cadre,” the FBI director said in a July speech at historically black Bethune-Cookman University in Daytona Beach. “I’ve got nothing against white people — especially tall, awkward, male white people — but that is a crisis for reasons that you get and that I’ve worked very hard to make sure the entire FBI understands. That is a path to fall down a flight of stairs.”

For the embattled FBI chief and former prosecutor, there is some good news. There are early signs that his focus on diversity — which includes displaying a rainbow flag on the FBI’s recruiting website — may be paying off.

The number of African-American agents climbed to 603 in August, up from 581 in March. However, both numbers are lower than the 652 the bureau had four years ago.

The number of Latinos also ticked up slightly, to 888 from 882 in March, but still well below the 983 the FBI had in 2012.

I want to view these demographics in conjunction with something else Comey has said, repeatedly this year.

To have a cyber special agent, you need three buckets of attributes. You need integrity, which is non-negotiable. You need physicality. We’re going to give you a gun on behalf of the United States of America, you need to be able to run, fight, and shoot. So there’s a physicality required. And obviously there’s an intelligence we need for any special agent, but to be a cyber special agent, we need a highly sophisticated, specialized technical expertise.

Those three buckets are rare to find in the same human being in nature. We will find people of great integrity, who have technical talent, and can’t squeeze out more than two or three push-ups. We may find people of great technical talent who want to smoke weed on the way to the interview. So we’re staring at that, asking ourselves, “Are there other ways to find this talent, to equip this talent, to grow this talent?” One of the things we’re looking at is, if we find people of integrity and physicality and high intelligence, can we grow our own cyber expertise inside the organization? Or can we change the mix in cyber squads? A cyber squad today is normally eight special agents—gun-carrying people with integrity, physicality, high intelligence, and technical expertise. Ought the mix to be something else? A smaller group of this, and a group of high-integrity people with technical expertise who are called cyber investigators?

In conjunction with hiring agents to focus on cybersecurity, Comey has described what he imagines as the “integrity” necessary to be an FBI Agent.

He always uses pot smoking as the example of someone who doesn’t have integrity (in spite of the fact that pot is legal in several states and will be in more after Tuesday). Yeah, what he really means by “integrity” is “can get security clearance.” But he describes that, consistently, as “integrity.”

Perhaps there’s a problem there? Perhaps the Director is creating a culture in which he casually impugns a wide swath of America as lacking integrity that just happens to favor hiring white men?

This morning, CBS published a story attributed to senior producer Pat Milton, who has done a lot of FBI-based stories (and co-produced fawning 60 Minutes interviews with John Brennan and Jim Comey), reporting on a possible terrorist attack. The story described the threat with specific detail — scheduled for Monday, in maybe NY, TX, or VA — but even while explicitly stating that “its credibility hasn’t been confirmed.”

Sources told CBS News senior investigative producer Pat Milton that U.S. intelligence has alerted joint terrorism task forces that al Qaeda could be planning attacks in three states for Monday.

It is believed New York, Texas and Virginia are all possible targets, though no specific locations are mentioned.

U.S. authorities are taking the threat seriously, though the sources stress the intelligence is still being assessed and its credibility hasn’t been confirmed. Counterterrorism officials were alerted to the threat out of abundance of caution.

The version published at 7:43 AM (and screen captured to the right) clearly attributed the story to a senior FBI official. (I’ve bolded the differences.)

A senior FBI official told CBS News, “The counterterrorism and homeland security communities remain vigilant and well-postured to defend against attacks here in the United States.  The FBI, working with our federal, state and local counterparts, shares and assesses intelligence on a daily basis and will continue to work closely with law enforcement and intelligence community partners to identify and disrupt any potential threat to public safety.”

The version published at 12:52 rewrote that paragraph, obscuring that FBI was the source.

“While we do not comment on intelligence matters, we will say the counterterrorism and homeland security communities remain vigilant and well-postured to defend against attacks here in the United States,” a U.S. intelligence official told CBS News. “The FBI and DHS, working with our federal, state and local counterparts, share and assess intelligence on a daily basis and will continue to work closely with law enforcement and intelligence community partners to identify and disrupt any potential threat to public safety.

This story, leaked by a senior FBI official who “doesn’t comment on intelligence matters” but nevertheless did just that, comes at the end of the crappiest week for the FBI in decades.

At this point, it is fair to argue that the intelligence community — including people leading it today — have capitalized on a terrorist threat, even a dodgy one. As I tweet stormed this morning (and wrote in more detail here), in 2004 the government played up two dodgy election year threats.

In March 2004 (just as torture, spying cut back) fabricator went to CIA in Pakistan and said, “Janat Gul wants to attack US elections.”

Someone in CIA immediately said, “Nah!” Nevertheless, US got PK to detain, turn Gul to US to be tortured.

USG (including Jim Comey) reauthorized torture, to be used with Gul. Including waterboarding & techniques CIA had already used w/o approval.

USG (including Comey & John Brennan) also used election year plot based off fabrication as one reason FISC had to approve Internet dragnet.

There were, of course, leaks to the press about this election year plot.

CIA kept torturing and torturing Janat Gul, because they needed details of an election year plot based off a fabrication.

It wasn’t until October that someone said, “Hey, let’s go check if that guy claiming Gul wanted to attack US election was lying!” He was.

But Gul had served purpose: election year scare, reauthorizing torture, getting FISC approval for dragnet. Not bad for one torture victim!

Comey didn’t know CIA immediately raised concerns abt fabricator’s claims. It’s one thing Cheney/Gonzales prevented him fr learning in 2005

Comey signed off on torture again, including waterboarding w/o knowing that that case was all based off a fabrication.

But Comey has also refused to read torture report, which lays all this out. He’s avoiding learning what he did in 2004, 2005. Brennan too!

I lay all this out bc, w/history like this, IC (still led by Brennan & Comey) should be VERY careful abt leaking election year plots.

Succinctly: They cried wolf in 2004. And have yet to face accountability for that.

Then, in 2006 (at a time when both Comey and Brennan were on hiatus from directly government work, though they were both working with key government contractors), it happened again. Dick Cheney triggered the revelation of a very real terrorist plot in 2006 — fucking over the British officials trying to collect enough information to prosecute the perpetrators — to help Joe Lieberman stay in the Senate.

The point is, these people, including the people in charge of the IC now, have selectively exploited real or imagined terrorist plots before. The leak of this one, which FBI clearly hasn’t even vetted, sure seems exploitative given how badly FBI needs to distract from its own fuck-ups.

The other day, the WSJ had a story that included this detail about the gap between the time FBI realized there were Huma Abedin emails on a computer seized in the Anthony Weiner investigation and when they got a warrant to read them.

The FBI had searched the computer while looking for child pornography, people familiar with the matter said, but the warrant they used didn’t give them authority to search for matters related to Mrs. Clinton’s email arrangement at the State Department. Mr. Weiner has denied sending explicit or indecent messages to the minor.

In their initial review of the laptop, the metadata showed many messages, apparently in the thousands, that were either sent to or from the private email server at Mrs. Clinton’s home that had been the focus of so much investigative effort for the FBI. Senior FBI officials decided to let the Weiner investigators proceed with a closer examination of the metadata on the computer, and report back to them.

At a meeting early last week of senior Justice Department and FBI officials, a member of the department’s senior national-security staff asked for an update on the Weiner laptop, the people familiar with the matter said. At that point, officials realized that no one had acted to obtain a warrant, these people said. [my emphasis]

While I and actual experts on Fourth Amendment law had already started asking about the legality of finding emails implicating Huma while searching a computer seized for an investigation into underage sexting, the revelation that FBI somehow forgot to get a warrant for two to three weeks raised even bigger questions.

In the last day, both the NYT and the WaPo have provided different explanations about it (though they use it to explain the time lapse between discovering the emails and informing Congress, not getting a warrant). The NYT reported that the FBI had to write custom software to be able to read Weiner’s emails without at the same time reading Huma’s.

The F.B.I. has not explained why three weeks passed between the time the bureau obtained the laptop and when Mr. Comey told Congress about it. After an F.B.I. computer analysis response team in New York copied the laptop’s hard drive, bureau employees began examining the information on the computer.

That is when agents realized that Ms. Abedin’s emails were on the laptop, but they did not have the authority to view them without a warrant.

The F.B.I. needed custom software to allow them to read Mr. Weiner’s emails without viewing hers. But building that program took two weeks, causing the delay. The program ultimately showed that there were thousands of Ms. Abedin’s emails on the laptop.

Mr. Comey was not briefed in full on a plan to read the emails until last Thursday, Oct. 27. He informed Congress the next day. F.B.I. lawyers then had to obtain a second warrant to look at Ms. Abedin’s emails, which happened last weekend. [my emphasis]

WaPo reported that “glitches” delayed the FBI in separating Weiner’s emails from Huma’s.

Although investigators had discovered the emails in early October, software glitches prevented them from separating Abedin-related emails from the hundreds of thousands of messages recovered until Oct. 19 or 20, according to people familiar with the case.

While Comey had been quickly alerted by his deputy to the original find, he took no further action, allowing agents in the field to get a better idea of the scope of the material. Agents could use digital clues to decipher where emails had originated and been sent but were legally barred from reading the emails without a search warrant because they had been obtained in a separate investigation.

When agents formally recommended on Oct. 27 that the warrant be sought, Comey agreed and then felt obligated to inform Congress — which he did with his letter the following day. Comey’s only reference in the letter to the timing of his involvement was that he had been briefed the previous day. [my emphasis]

Note NYT says Comey was not briefing on the plan to read the emails until October 27. WaPo says that he was in the loop before then, then consulted again on obtaining a warrant on October 27. Those aren’t necessarily conflicting stories — I guess it depends on what “a plan to read the emails” means — but I find the distinction curious.

The real batshit thing, though, is the claim that the nation’s premiere law enforcement agency didn’t have a way to sift out Weiner’s emails from Huma’s, something even garden variety cops have to do every day. Equally batshit is the claim they created a new piece of software to do so. Glitches? That’s a word national security people use as a cover story.

There is no good explanation for why the FBI didn’t have the technical means to do this. There is even less of an explanation for why, in a case involving such high profile people, the FBI would be struggling with “glitches.”

Which leaves us where we were with WSJ’s story: The FBI was fiddling with these emails for 3 weeks before “officials realized that no one had acted to obtain a warrant.” And yet somehow, the FBI was able to show probable cause that these emails had some tie to a crime.

I do hope this is something Patrick Leahy insists on getting answers on, because the story stinks.

As I’ve noted, James Clapper’s office has been irresponsibly silent about what kind of scan FBI asked Yahoo to subject all of its email users to in 2015. And those in Congress who haven’t been briefed on it are demanding information.

But they’re not the only ones. Europe is too (as Yahoo seemed all too aware when it wrote Clapper asking him to clarify the scan).

And they’ve got a bit more leverage over the Intelligence Community than non-intelligence committee members of Congress do, because the EU prohibits data collected in Europe from being used for mass surveillance.

Dutch MEP Sophia In t’Veld asked the European Commission questions but has thus far gotten no answer.

Yahoo has allegedly scanned customer emails for US intelligence purposes at the request of US intelligence agencies. According to reports, in 2015 Yahoo secretly built a custom software program allowing it to search all of its customers’ incoming emails for specific information requested by US intelligence officials. In the Schrems judgment, the Safe Harbour programme allowing EU personal data to be transferred to the US was declared invalid, among other reasons because of the mass surveillance protocols used by US intelligence services.

Will the Commission investigate these reports and ask clarification from the US administration?

Was the Commission aware of these alleged activities by Yahoo at the time it adopted the Privacy Shield decision? If not, do these revelations prompt the Commission to reconsider its decision on Privacy Shield?

Does the Commission consider Yahoo to have violated the terms of Safe Harbour, does the Commission consider that these practices would be allowed under Privacy Shield, and how will the Commission verify that violations in this regard do not take place?

And the Article 29 Working Party — the data protection authorities — last week asked Yahoo directly.

In addition, the WP29 was also informed that Yahoo has scanned customer emails for US
intelligence purposes at the request of US intelligence agencies. According to reports, in
2015 Yahoo searched all of its customers’ incoming emails for specific information
requested by US intelligence officials.

The reports are concerning to WP29 and it will be important to understand the legal
basis and justification for any such surveillance activity, including an explanation of how
this is compatible with EU law and protection for EU citizens.

Judd Legum reports that the FBI’s Inspection Division is launching an investigation into why its FBI Records Vault Twitter bot launched into action the other day, resulting in the re-release of FOIAed files on Bill Clinton’s pardon of Marc Rich.

Candice Will, Assistant Director for the FBI’s Office of Professional Responsibility, said she was referring the matter to the FBI’s Inspection Division for an “investigation.” Upon completion of the investigation, the Office of Professional Responsibility will be referred back to the Office of Professional Responsibility for “adjudication.”

Federal law and FBI policy prohibit employees from using the power of the department to attempt to influence elections.

Will was responding to a complaint from Jonathan Hutson, a former investigative reporter who now works in communication in Washington, DC. She did not respond to requests, via phone and email, for further comment.

I’m happy the FBI is conducting this investigation, but this story is the inevitable result of the FBI responding appropriately to a complaint submitted by a media consultant, not any indication anyone at the FBI takes its own misconduct seriously.

Plus, the Inspection Division and the Office of Professional Responsibility don’t have statutory independence from the rest of the FBI, which means their investigation (and particularly OPR’s adjudication) can be influenced by FBI executives.

The entity that should be conducting an investigation into the FBI’s misconduct relating to this election is the Inspector General, which does have the independence to really assess who, if anyone screwed up.

There’s just one problem with that. As I’ve long covered, in 2010, the FBI started balking at the Inspector General’s proper investigative demands. Among other things, the FBI refused to provide information on grand jury investigations unless some top official in FBI said that it would help the FBI if the IG obtained it. In addition, the FBI (and DEA) have responded to requests very selectively, pulling investigations they don’t want to be reviewed. In 2014, the IG asked OLC for a memo on whether it should be able to get the information it needs to do its job. Last year, OLC basically responded, Nope, can’t have the stuff you need to exercise proper oversight of the FBI.

DOJ’s Inspector General, Michael Horowitz, has been trying for some time to get Congress to affirmatively authorize his office (and IGs generally, because the problem exists at other agencies) to receive the information he needs to do his job. But thus far — probably because Jim Comey used to be known as the world’s biggest Boy Scout — Congress has failed to do so.

I care about how FBI’s misconduct affects the election (thus far, polling suggests it hasn’t done so, though polls are getting closer as Republican Gary Johnson supporters move back to supporting the GOP nominee, as almost always happens with third party candidates). But I care even more about how fucked up the FBI is. Even if Comey is ousted, I can’t think of a likely candidate that could actually fix the problems at FBI. One of the few entities that I think might be able to do something about the stench at FBI is the IG.

Except the FBI has spent 6 years making sure the IG can’t fully review its conduct.

It’s time to fix that.

Yesterday, Josh Earnest repeated a view — ascribed to the President — he had used the day before.

Q And does the President still stand by Director Comey? Would he advise Secretary Clinton, if she were to be President, that — or Donald Trump, if he were to succeed President Obama — that he could have confidence in that FBI Director?

MR. EARNEST: Well, as I noted yesterday, the President believes that Director Comey is a man of integrity, that he’s a man of principle. There’s a reason that he serves — that he was nominated by President Obama to serve as the Director of the FBI. There’s also a reason that he was appointed to serve in a high-ranking position at the Department of Justice when President Bush was in office. There’s also a reason that a majority of Democrats and a majority of Republicans in the United States Senate both voted to confirm him to the position of the Director of the FBI. And the President, as I noted yesterday, continues to have confidence in his ability to do that job.

Today, however, President Obama took a decidedly different stance, when asked directly by NowThis.

“There is a norm that when there are investigations, we don’t operate on innuendo and we don’t operate on incomplete information and we don’t operate on leaks,” he said in an interview with NowThis. “We operate based on concrete decisions that are made.”

That’s far more critical of Comey’s actions than Earnest’s statements of the last two days.

An even more remarkable stance came from Chuck Schumer, who may soon be Majority Leader and who has been incredibly influential to Comey’s career, in an interview with Bloomberg.

Senate Democratic leader-in-waiting Chuck Schumer said Wednesday he’s lost confidence in FBI Director James Comey over his handling of the most recent disclosure in the Hillary Clinton e-mail investigation — a tough rebuke to a man Schumer has long admired.
“I do not have confidence in him any longer,” said the New York Democrat, who has criticized as “appalling” Comey’s decision to send a letter to lawmakers 11 days before the election disclosing the bureau’s new review of e-mails potentially pertinent to the investigation of Clinton’s private server.

“To restore my faith, I am going to have to sit down and talk to him and get an explanation for why he did this,” Schumer said in an interview.

Schumer not only made Comey’s career with support for each of his DOJ appointments, but of course set up the 2007 testimony that made Comey’s run up some hospital steps so famous.

Mind you, Schumer seems to leave open the possibility he might change his mind, if Comey explains “why he did this.” So it may just be an effort to start putting as much weight on the scale as the GOP long has.

Still, Schumer’s comments are the first inkling that Comey may not survive this.

By now you’ve likely read or at least heard about this Slate story, which uses a bunch of innuendo arising from some metadata to suggest that Trump has a secret exclusive communication method with Russia’s biggest bank.

A number of people have debunked the technical claims in the article.

Former GCHQ employee Matt Tait did so in a series of tweets here. Consultant Naadir Jaawa laid out how it’s a marketing server here. Consultant Robert Graham not only lays out the same spam email explanation that both Spectrum Health and Mandiant describe in the story, but notes that other malware researchers question the data in the story.

Indeed, one journalist did call one of the public resolvers, and found other people queried this domain than the two listed in the Slate story — debunking it. I’ve heard from other DNS malware researchers (names remain anonymous) who confirm they’ve seen lookups for “mail1.trump-email.com” from all over the world, especially from tools like FireEye that process lots of spam email. One person claimed that lookups started failing for them back in late June — and thus the claim of successful responses until September are false.

Krypt3ia, in a post written in steps weeks ago, couldn’t get answers from the “Tea Leaves” behind the story and judged that the incriminating files — which were just text files — could be recreated.

These are the key files in the new dump but the problem I have is that they are just text files. Anyone with the know how could re-create these to look legit enough but yet still be questioned. I see no actual login to the shell and queries being run here so really coulda just done a find/replace on another query on any server you have access to.

In short, contrary to what Slate suggests, there are innocent explanations for this, and there’s good reason to distrust the provenance of the data behind it.

Update: The Intercept has now explained why they passed on the story; they include spam sent to both Alfa and Spectrum from Trump, which corroborates the theory everyone else technical is settling on.

Boob Clinics usually stay out of international spy plots

Most of these debunkings have focused on the technical aspects. I want to start with this passage from Slate.

A small portion of the logs showed communication with a server belonging to Michigan-based Spectrum Health. (The company said in a statement: “Spectrum Health does not have a relationship with Alfa Bank or any of the Trump organizations. We have concluded a rigorous investigation with both our internal IT security specialists and expert cyber security firms. Our experts have conducted a detailed analysis of the alleged internet traffic and did not find any evidence that it included any actual communications (no emails, chat, text, etc.) between Spectrum Health and Alfa Bank or any of the Trump organizations. While we did find a small number of incoming spam marketing emails, they originated from a digital marketing company, Cendyn, advertising Trump Hotels.”)

Spectrum accounted for a relatively trivial portion of the traffic. Eighty-seven percent of the DNS lookups involved the two Alfa Bank servers.

The story, remember, is that Trump has a super spooky exclusive hotline directly to a corrupt Russian bank. But most people covering this completely ignore that it’s not completely exclusive: over 10% of the traffic reported by the anonymous researchers involves Spectrum Health.

Spectrum Health is the largest employer in Grand Rapids and West Michigan generally. It includes the Helen DeVos Children’s Hospital and a Betty Ford Breast Care clinic. Spectrum Health is where I go to the doctor and Betty Ford is where I got my still cancer-free boobs squished this year. So for this story to make sense, you’ve got to explain why a children’s hospital and a boob clinic are in cahoots with Trump and a big Russian bank.

The original version of the story tried to make much of the tie to Spectrum, finding in the children’s hospital named after Richard DeVos’s wife a tie to Erik Prince (Helen’s daughter-in-law Betsy’s brother) and the DeVos family’s multinational pyramid scheme, the wealth from which has always — not just this year — been funneled into conservative causes.

The other frequent connection to Trump’s hidden server with the same distinctive human pattern is Spectrum Health, a Michigan hospital with close ties to the DeVos family (http://www.spectrumhealth.org/locations/helen-devos-childrens-hospital). The Devos family founded Amway / Alticor which operates in Russia including transactions with Alfa Bank such as buying insurance for 800 Alticor employees from Alfa Bank’s insurance subsidiary. The Devos family has given millions of dollars in the past few months to conservative super PACs (www.fec.gov). One member of the Devos family was a founder of Blackwater.

None of that makes sense, though, especially since — while some of the DeVoses do seem to be funding Trump now and Prince has bizarrely backed the Donald (though that may stem from being shut out of State business while Hillary was in charge) — the biggest commonality between the DeVoses (who are hard core Republicans) and Trump is their multinational scheming and fondness for sports teams.

They may both be awful conservatives, but they are different kinds of awful conservatives, and there’s little reason to believe they’d be in cahoots outside of belated efforts, post-dating these files, to fund Republican turnout in the state (and even there, Prince’s sister Betsy is withholding direct funding).

More importantly, the DeVoses no more run this hospital than Betty Ford does.

But without the conspiracy theories implicating the DeVoses, then innocent explanations sure look a lot more plausible.

Tellingly, however, most other treatments of this story (this is an exception) have simply ignored this detail. Because once you have to calculate how a children’s hospital and a boob clinic — even one, or perhaps especially one, named after Gerald Ford’s wife — has a tie to this international spy plot, things start falling apart.

The reason why the boob clinic part of the story is important is it’s a detail that should have led even non-technical people to at least think twice before running with the story. Slate, however, simply included Spectrum’s explanation for the files, the one that matched Mandiant’s working hypothesis, and careened ahead.

The FBI has its own doubts

After Slate published, the NYT posted a story that generally reveals the FBI hasn’t been able to substantiate any tie between Trump himself and Russia and has backed off its claims that Russia was trying to decide the election (a judgment I hope to return to).

It also reveals that the FBI largely agreed with what security experts concluded when they saw this claim.

In classified sessions in August and September, intelligence officials also briefed congressional leaders on the possibility of financial ties between Russians and people connected to Mr. Trump. They focused particular attention on what cyberexperts said appeared to be a mysterious computer back channel between the Trump Organization and the Alfa Bank, which is one of Russia’s biggest banks and whose owners have longstanding ties to Mr. Putin.

F.B.I. officials spent weeks examining computer data showing an odd stream of activity to a Trump Organization server and Alfa Bank. Computer logs obtained by The New York Times show that two servers at Alfa Bank sent more than 2,700 “look-up” messages — a first step for one system’s computers to talk to another — to a Trump-connected server beginning in the spring. But the F.B.I. ultimately concluded that there could be an innocuous explanation, like a marketing email or spam, for the computer contacts.

Note, this means that the FBI was already looking into this story when it got shopped to reporters in early October. So in addition to the four or so other entities that reviewed this story and found it wanting (including me), the FBI had already had a crack at it.

Hillary Clinton and her likely National Security Advisor jump on this story

Now, as with the Kurt Eichenwald story claiming to have found a smoking gun tying Trump to Putin, people on the left didn’t read the story very critically. Sure, this one is technically hard — up until you think about the boob clinic connection alleged in the middle of the spy plot.  But for all its breathlessness, the Slate story simply insinuated. It proved nothing.

Which is why I’m so troubled that Hillary Clinton tweeted it four times in three hours, including a statement her likely National Security Advisor Jake Sullivan put together.

I mean, I get that it’s election season and all. I get that Jim Comey gave Hillary a whopping October surprise on Friday. But one of the reasons we’re supposed to elect Hillary over Trump is that she is more measured and fact-based than Donald is.

Here, she jumped on a story that at least should have given pause and created two campaign messaging pieces around it, asserting as fact that “Donald Trump has a secret server … set up to communicate privately with a Putin-tied Russian bank.”

I’ll repeat again: Jake Sullivan — the guy who wrote the longer statement on this — is widely assumed to be set to take on the job from which Condi Rice started a war by warning about fictional mushroom clouds.

Who are these secret researchers, anyway

Which leads me to a final question a few of the security folks are asking about this story.

In addition to his technical debunking, Robert Graham made an equally important point: researchers shouldn’t be accessing this data for ad-lib investigations into presidential candidates, and it’s not even clear who would have access to it all except the NSA.

The big story isn’t the conspiracy theory about Trump, but that these malware researchers exploited their privileged access for some purpose other than malware research.

[snip]

In short, of all the sources of “DNS malware information” I’ve heard about, none of it would deliver the information these researchers claim to have (well, except the NSA with their transatlantic undersea taps, of course).

And in a second post this morning, Krypt3ia started wondering who’s behind this story.

This was a non story and this was someone’s troll or an IC operation of some kind. I left it at that… That is until last night when this fallacy laden report came out of Slate.

Anonymous Security Professionals

So here is what I believe happened with Slate and Foer. Tea, not happy with my ignoring their bullshit, went on to pimp at least five venues looking for a way to get this wide and Foer was the gullible one to do so. Now, with a live one on the line Tea spun their tale and added the new twist that they are in fact a group of “security professionals” with insider knowledge and that this story is really real. Of course once again they provided no real proof of Trumps servers being configured for this purpose, no evidence of actual emails, and no real forensically sound information that proves any of what they say can be proven in a court of law. This is a key thing and Slate may not care but others do. Even in the previous dumps on the i2p site that tea set up their diagram said “this is what it would look like” would is not proof, that there is speculation and not evidence.

[snip]

Meanwhile, the story spun by Tea and now Camp et al on Slate makes me wonder just who Tea is. Obviously Camp knows Tea and the others and this is a small world so let’s work out the connections shall we?

Camp –>Vixie –> ??? let’s just assume that Camp knows these persons well and if one starts to dig you could come up with a few names of people who “would” (there’s that would again) have the kind of access to DNS data that is needed.

Just sayin.

Of course, we have since learned that before Tea Leaves started pushing this story to the press, the FBI had been investigating it for two months.

Which, to my mind, raises even more questions about the anonymous researchers’ identities, because (small world and all) the FBI likely knows them, in which case they may have known that the FBI wasn’t jumping on the story by the time they started pitching it.

Or the FBI doesn’t know them, which raises still more questions about the provenance of these files.

Ah well, if President Hillary starts a war with Russia based off Iraq-War style dodgy documents, at least I’ll have the satisfaction of knowing my boob clinic is right there on the front lines.

Update: I’ve added language to clarify that the DeVoses don’t run Spectrum.