DOJ Is Back On The Baseball Beat; Is Their Past Prologue?

Clems-Investigation-MapWhile it is not quite as exciting as Trump!-mania, the other news this morning is that DOJ is getting back into the baseball game. Having brought responsibility to the financial sector, sent the Wall Street scourges all to prison, and accountability to out of control warrior cops, DOJ is now focused like a laser on computer hacking by the St. Louis Cardinals. From the New York Times:

The F.B.I. and Justice Department prosecutors are investigating whether front-office officials for the St. Louis Cardinals, one of the most successful teams in baseball over the past two decades, hacked into internal networks of a rival team to steal closely guarded information about player personnel.

Investigators have uncovered evidence that Cardinals officials broke into a network of the Houston Astros that housed special databases the team had built, according to law enforcement officials. Internal discussions about trades, proprietary statistics and scouting reports were compromised, the officials said.

The officials did not say which employees were the focus of the investigation or whether the team’s highest-ranking officials were aware of the hacking or authorized it. The investigation is being led by the F.B.I.’s Houston field office and has progressed to the point that subpoenas have been served on the Cardinals and Major League Baseball for electronic correspondence.

The attack would represent the first known case of corporate espionage in which a professional sports team hacked the network of another team. Illegal intrusions into companies’ networks have become commonplace, but it is generally conducted by hackers operating in foreign countries, like Russia and China, who steal large tranches of data or trade secrets for military equipment and electronics.

Ay caramba, so the, arguably consistently best organization in MLB, the Cardinals, was hacking the consistently worst, or close thereto, team the Astros, in an effort to get ahead? Who is running the Cardinals these days, Bill Belichick? This is almost too stupid to be true, but there it is, in glaring black and white. Hard not to smell a full blown Congressional hearing inquest coming too, because that is just how they roll on The Hill. Maybe after their summer vacation.

But, all kidding aside, while the US government does not have a reputation for securing their own networks, it is scary to think what resources may be spent on what is effectively a civil matter between two baseball teams. It is always instructive to remember the ridiculous amount of time and money DOJ expended fruitlessly pursuing Roger Clemens. If you had forgotten my report on the DOJ Clemens absurdity, in its full graphical clarity, from almost exactly three years ago, click on and embiggen the graphic above, which is an official DOJ creation by the way, and recall all its sickening glory.

This is without even getting into the idiotic, and humiliatingly losing, pursuit DOJ made of Barry Bonds. It is hard to tell where DOJ is going, or how far it will go, with this excursion into a pissing match between two professional sports franchises, but if past is prologue, count on DOJ wasting an absolute ton of your and my tax money.

So, when the Department of Justice and Executive Branch come hat in hand screaming for more “cyber” resources and funding, remember just what it is they are doing with that money and those resources to date. And remember just how terminally stupid this case, and DOJ investigation into it, really is.

NYT Buries the Ineffective CyberSecurity Lede

The NYT has a story today headlined,

Senate Rejects Measure to Strengthen Cybersecurity

Big Data: An Alternate Reason for Hacks Past and Future?

[Fracking sites, location unknown (Simon Fraser University via Flickr)]

[Fracking sites, location unknown (Simon Fraser University via Flickr)]

On Monday, MIT’s Technology Review published an interesting read: Big Data Will Keep the Shale Boom Rolling.

Big Data. Industry players are relying on large sets of data collected across the field to make decisions. They’re not looking at daily price points alone in the market place, or at monthly and quarterly business performance. They’re evaluating comprehensive amounts of data over time, and some in real time as it is collected and distributed.

Which leads to an Aha! moment. The fastest entrant to market with the most complete and reliable data has a competitive advantage. But what if the fastest to market snatches others’ production data, faster than the data’s producer can use it when marketing their product?

One might ask who would hack fossil fuel companies’ data. The most obvious, logical answers are:

— anti-fossil fuel hackers cutting into production;
— retaliatory nation-state agents conducting cyber warfare;
— criminals looking for cash; and
— more benign scrip kiddies defacing property for fun.

But what if the hackers are none of the above? What if the hackers are other competitors (who by coincidence may be state-owned businesses) seeking information about the market ahead?

What would that look like? We’re talking really big money, impacting entire nation-state economies by breach-culled data. The kind of money that can buy governments’ silence and cooperation. Would it look as obvious as Nation A breaking the digital lock on Company B’s oil production? Or would it look far more subtle, far more deniable? Read more

Cyber-spawn Duqu 2.0: Was Malware Infection ‘Patient Zero’ Mapped?

Cybersecurity_MerrillCollegeofJournalismKaspersky Lab reported this morning a next-generation version of Duqu malware infected the information security company’s network.

Duqu is a known reconnaissance malware. Its complexity suggests it was written by a nation-state. The malware appears closely affiliated with the cyber weapon malware Stuxnet.

WSJ reported this particular version may have been used to spy on the P5+1 talks with Iran on nuclear development. Dubbed ‘Duqu 2.0,’ the malware may have gathered audio, video, documents and communications from computers used by talk participants.

Ars Technica reported in depth on Kaspersky’s discovery of the malware and its attributes. What’s really remarkable in this iteration is its residence in memory. It only exists as a copy on a drive at the first point of infection in a network, and can be wiped remotely to destroy evidence of its occupation.

The infosec firm killed the malware in their networked devices by mimicking a power outage. They detached from their network suspect devices believed to contain an infecting copy.

Kaspersky’s Patient Zero was a non-technical employee in Asia. Duqu 2.0 wiped traces of its own insertion from the PC’s drive.

Neither WSJ or Ars Technica noted Kaspersky’s network must have been subject to a program like TREASUREMAP.

…Because the rest of the data remained intact on the PC and its security patches were fully up to date, researchers suspect the employee received a highly targeted spear phishing e-mail that led to a website containing a zero-day exploit. … (bold mine – source: Ars Technica)

How was a single non-technical point of contact in Asia identified as a target for an infected email? Read more

Because Government Employees Have Been Spied On, Richard Burr Wants All of Us To Be

Predictably, Richard Burr has used the news of the Office of Personnel Management hack to renew his efforts to pass CISA. Burr added it as an amendment to the National Defense Authorization Act yesterday, stating,

The recent cyber breach at the Office of Personnel Management was a serious attack on our government and we cannot continue to have citizens’ personal information needlessly exposed to foreign adversaries and criminals.  In passing the Cybersecurity Information Sharing Act with an overwhelmingly bipartisan vote of 14-1, the Committee recognized the extreme threat posed by our adversaries who, in addition to the OPM breach, have stolen hundreds of millions of Americans’ personal information in the last year alone, swiped intellectual property, and conducted attacks on our agencies.  Not only does CISA propose a solution to help address these threats, it does so in a way that works to ensure the personal privacy of all Americans. We can no longer simply watch Americans’ personal information continue to be compromised. This bill is long needed and will help us combat threats to our country and our economy.

Remember, OPM was warned in a series of IG Reports that it didn’t have adequate protection for the Federal government workers’ data it stored. Congressional overseers, like Burr, did nothing to force OPM to improve security, just as the Intelligence Committees have tried for years to get National Security agencies to provide better checks on insider threats and other security problems, but never succeeded in actually getting them to do so.

So Burr’s response to neglect is to do something else that wouldn’t prevent the OPM hack. But it would effectively gut ECPA and FOIA, all in the name of information sharing which is about the 20th most effective way to combat hacking.

This is sheer incompetence from a legislative standpoint — pushing through an ineffective solution when faced with mounting evidence it wouldn’t work, all so as to increase spying on Americans.

But then, that seems to be Burr’s aspiration: to increase spying regardless of the efficacy of it.


Both Patrick Leahy and Ron Wyden released statements in response to Burr’s move. I’m intrigued by the way they note no one has been able to see the amendments Wyden tried to push through in the committee.
Leahy:

The Intelligence Committee’s information sharing bill will affect the privacy rights of all Americans, yet it has been cloaked in secrecy. It was considered behind closed doors, without a public hearing or public debate. We cannot even read the text of amendments considered at the mark up of this legislation. Senator Burr’s information sharing bill also erodes Americans’ right to know what their government is doing by weakening the Freedom of Information Act. I am deeply concerned that the Republican Leader now wants the Senate to pass this information sharing bill without any opportunity for the kind of public debate it needs. This is not the transparent and meaningful committee process the Republican Leader promised just months ago. I agree that we must do more to protect our cybersecurity, but this information sharing bill should not be considered as a last-minute amendment to yet another bill that was negotiated and considered behind closed doors. The privacy of millions of Americans is at stake. The American people deserve an open debate about legislation that would dramatically expand the amount of information about them that companies can share with agencies throughout the federal government.

Wyden:

“Senate Republican leaders are trying to make a bad defense bill worse by adding a flawed cybersecurity bill,” Wyden said.

“If Senator McConnell insists on attaching the flawed CISA bill to unrelated legislation, I will be fighting to ensure the Senate has a full debate and a chance to offer amendments to add vital protections for American privacy and address the threats to our cybersecurity.

Cybersecurity threats demand thoughtful solutions, not half-baked efforts that don’t address the real problems. CISA would create a way for the government to obtain Americans’ information without a warrant, and without adequate protections to protect their privacy. Most security experts agree that encouraging private companies to share more information with the government would have done little if anything to prevent recent data breaches.

In Advance of FISA Amendments Act Reauthorization, DOJ Did Not Tell Congress about Cyber Signature Collection

As I noted here, I’m working on a post that puts last week’s report on NSA’s use of upstream Section 702 collection in context.

But first, there’s one more detail that deserves its own post.

By March 23, 2012, NSA had drafted a certificate exclusively for cyber, with the intent of getting the FISC to approve it that year (which probably would have been in October). Yet “the current Certifications already allow[ed] for the tasking of [] cyber signatures such as IP addresses, strings of computer code, and similar non-email or phone number-based selectors.”

And whether or not NSA was already collecting cyber signatures in March 2012, by May, DOJ approved their collection on the Foreign Government certificate.

On May 4, 2012, DOJ sent the Intelligence Committee Chairs a white paper on Section 702 to be shared with the rest of Congress. Here’s the passage that describes how NSA uses upstream collection:

Screen Shot 2015-06-08 at 8.13.37 AM

Given that the only redaction here addresses terrorists and the unredacted remainder describes only the collection of email and phone identifiers, it seems virtually certain that the passage — and therefore the white paper — made no mention of the cyber signature collection the NSA and DOJ were actively preparing to collect, and would collect before the reauthorization of FAA that December.

It’s certainly possible DOJ gave Congress notice that the use of Section 702 had changed significantly by the time Congress voted in December, but there’s no public record of it. In the interim period, the Senate defeated a cybersecurity bill that would even have restricted NSA from obtaining domestically collected cyber data, reflecting real skepticism about spying for cybersecurity purposes in the US.

If, as the record strongly suggests, the government expanded NSA upstream 702 to include cyber signatures without telling Congress before they reauthorized the underlying authority, it would not be the first time: DOJ did not tell even the House Judiciary Committee — much less Congress as a whole — that it was using Section 215 to collect location data until after both the 2010 and 2011 Patriot Act reauthorizations.

Whatever the merit to using 702 upstream collection to hunt hackers — even ignoring the real privacy problems with it — the public record raises real questions about whether the practice was authorized and would have been authorized by Congress. Given that such collection involves an expansion of the intentional collection of domestic data, the apparent absence of Congressional sanction raises real problems about the practice (though, as I’ve suggested, Congress just retroactively authorized the use of whatever illegally-collected 702 data NSA can get FISC to approve the use of).

The NSA’s defenders like to claim Congress always gets notice. But the record shows that, over and over, NSA only asks for for forgiveness after the fact rather than asking for permission before the collection.

Why Is the Aramco Hack Considered a Significant NSA Milestone?

Screen Shot 2015-06-06 at 10.04.57 AMI’ve been puzzling over the list of “key SSO cyber milestone dates” released with the upstream 702 story the other day.

For the most part, it lists technical and legal milestones leading to expanded collection targeting cyber targets (which makes sense, given that’s what Special Source Operations does — collect data off switches). There’s the one redacted bullet (which, if it referred to an attack thwarted, might refer to this thwarted attack on a US defense contractor in December 2012).

But what is the August 2012 DDOS attack on Saudi Aramco doing on the list? And, for that matter, why is it referred to as a DDOS attack?

The attack was publicly described as a two-step hack targeted against both Aramco and Qatar’s gas industry which copy-catted an attack associated with the Flame attack on Iran. It is generally now described as Iranian retaliation for StuxNet. Though at the time, potential attribution ranged from hacktivists, a single hacker, or Aramco insiders. The Sony hack used tools related to the Shamoon attack.

Not long after the Aramco hack, the NSA expanded their Third Party SIGINT relationship to include the Saudi Interior Ministry (then led by close US ally Mohammed bin Nayef). The next month the Saudis (again, with MbN in the leader) prematurely renewed their Technical Cooperation Agreement with the US, adding a new cybersecurity component.

So regardless of how serious an attack it was (on that, too, accounts varied) it did have a significant effect on our role in cybersecurity in the Middle East, potentially with implications for SSO.

But unless SSO thwarted the attack — or at least alerted the Saudis in time to pull their computers offline — why would that be a significant milestone for SSO?

 

Bulk Collection Is All Fun and Games Until Office of Personnel Management Gets Hacked

Reuters reports that, contrary to initial reports, the Office of Personnel Management hack revealed earlier this week did compromise the security clearance and background check information in the data, meaning the hack will be far more valuable as intelligence to set up phishing and other further spying efforts. The hack is believed to have been perpetrated by Chinese hackers, though it is unclear thus far whether or not they are part of the government.

Data stolen from U.S. government computers by suspected Chinese hackers included security clearance information and background checks dating back three decades, U.S. officials said on Friday, underlining the scope of one of the largest known cyber attacks on federal networks.

[snip]

A total of 2.1 million current U.S. government workers were affected, according to a source familiar with the FBI-led investigation into the incident.

Accusations by U.S. government sources of a Chinese role in the cyber attack, including possible state sponsorship, could further strain ties between Washington and Beijing. Tensions are already heightened over Chinese assertiveness in pursuit of territorial claims in the South China Sea.

The same report notes that the hack may be linked to the hack of similar scope of Anthem earlier this year.

This is, as a lot of the current and former government employees I follow on Twitter are realizing this morning, a devastating hack, one which will have repercussions both in the private lives of those whose data has been hacked as well as generally for America’s national security, because the data in the OPM servers offers a road map for further espionage targeting.

It is also something the US does all the time — and not just against official government employees of adversary nations, but also against civilian or quasi civilian telecom targets, as well as employees of corporations of interest.

This WaPo piece quotes a number of cybersecurity people suggesting several recent major hacks are being used to pull together large data repositories — similar to in purpose but at this point just a mere shadow of what we do using bulk collection and XKeyscore. But it tries to suggest the Chinese collection of bulk data is worse because, “in China, the authorities do not tolerate public debate over the proper limits of large-scale spying in the digital age.”

The US Intelligence Community let us have a debate over a mere fraction of the bulk data being collected by the NSA — that collected domestically to target Americans. But for the stuff targeting foreigners on a far greater scale, President Obama proclaimed we would continue collecting in bulk but limit its use to all the major purposes we were already using it for before we ever got around to debating the Section 215 dragnet.

(1) espionage and other threats and activities directed by foreign powers or their intelligence services against the United States and its interests;

(2) threats to the United States and its interests from terrorism;

(3) threats to the United States and its interests from the development, possession, proliferation, or use of weapons of mass destruction;

(4) cybersecurity threats;

(5) threats to U.S. or allied Armed Forces or other U.S or allied personnel;

(6) transnational criminal threats, including illicit finance and sanctions evasion related to the other purposes named in this section.

That scope goes well beyond the scope of those affected in this OPM hack.

Once the government does whatever it can to protect the millions compromised by this hack, I hope it will provide an opportunity to do two things: focus on actual cyber-defense, rather than an offensive approach that itself entails and therefore legitimates precisely this kind of bulk collection, and reflect on whether the world we’ve built, in which millions of innocent people get swept up in spying because it’s easy to do so, is really one we want to pursue. Ideally, such reflection might lead to some norm-setting that sharply limits the kinds of targets who can be bulk collected (though OPM would solidly fit in any imaginable such limits).

China has, unsurprisingly, now adopted our approach, even if it would take a decade for it to catch up in ability to bulk collect from most nodes. And that’s going to suck for a lot of government and private sector employees who will be made targets as a result.

But that’s the world and the rules we chose to create.

Update: See this NYT piece for just how shoddy the security on OPM’s servers was. We’ve been arguing for years about ways to better respond to criminal hackers and neglecting really really basic steps needed to prevent our adversaries from adopting the same approach we use.

In October 2013, Patrick Leahy and Jim Sensenbrenner Rolled Out a Bill That Would Have Ended Upstream Cyber Collection

Back in October 2013, Jim Sensenbrenner and Patrick Leahy released the original, far better, version of the USA Freedom Act. As I noted in November 2013, it included a provision that would limit upstream collection to international terrorism and international proliferation of WMD uses.

It basically adds a paragraph to section d of Section 702 that limits upstream collection to two uses: international terrorism or WMD proliferation.

(C) limit the acquisition of the contents of any communication to those communications—

(i) to which any party is a target of  the acquisition; or

(ii) that contain an account identifier of a target of an acquisition, only if such communications are acquired to protect against international terrorism or the international proliferation of weapons of mass destruction.;

And adds a definition for “account identifier” limiting it to identifiers of people.

(1) ACCOUNT IDENTIFIER.—The term ‘account identifier’ means a telephone or instrument number, other subscriber number, email address, or  username used to uniquely identify an account.

At the time, I noted that this would give the NSA 6 months to shut down the use of upstream collection to collect cyber signatures.

Jonathan Mayer’s comments on the NYT/PP story today reveals why that would be important to do (this is a point I’ve been making for years): because if you’re collecting signatures of cyber attacks, you’re collecting victim data, as well, a problem that would only get worse under the cyberinformation sharing bills before Congress.

This understanding of the NSA’s domestic cybersecurity authority leads to, in my view, a more persuasive set of privacy objections. Information sharing legislation would create a concerning surveillance dividend for the agency.

nsa_cyber_2

Because this flow of information is indirect, it prevents businesses from acting as privacy gatekeepers. Even if firms carefully screen personal information out of their threat reports, the NSA can nevertheless intercept that information on the Internet backbone.

Furthermore, this flow of information greatly magnifies the scale of privacy impact associated with information sharing. Here’s an entirely realistic scenario: imagine that a business detects a handful of bots on its network. The business reports a signature to DHS, who hands it off to the NSA. The NSA, in turn, scans backbone traffic using that signature; it collects exfiltrated data from tens of thousands of bots. The agency can then use and share that data.12 What began as a tiny report is magnified to Internet scale.

But, instead of giving NSA 6 months to close this loophole, we instead passed USA F-ReDux, which does nothing to rein domestic spying in the name of cybersecurity.

Leahy released a remarkable statement in response to today’s story that doesn’t reveal whether he knew of this practice (someone knew to forbid it in their original bill!), but insisting he’ll fight for more limits on surveillance and transparency.

Today’s report that the NSA has expanded its warrantless surveillance of Internet traffic underscores the critical importance of placing reasonable and commonsense limits on government surveillance in order to protect the privacy of Americans.  Congress took an important step in this direction this week by passing the USA FREEDOM Act, but I have always believed and said that more reforms are needed.  Congress should have an open, transparent and honest debate about how to protect both our national security and our privacy.  As Congress continues to work on surveillance and cybersecurity legislation, I will continue to fight for more reforms, more transparency, and more accountability – particularly on issues related to the privacy of Americans’ personal communications.

Remember: on Tuesday, Richard Burr vehemently denied we had secret law. And while this application of FISA wasn’t entirely secret — I figured it out pretty quickly, but a great great many people doubted me, as per usual — even Leahy is faced with a situation where he can’t admit he knew about a practice he already tried to shut down once.

Wyden et al: Spot the Lie in Brennan’s CFR Speech Contest!

As the Daily Dot reported, Senators Wyden, Heinrich, and Hirono wrote John Brennan a letter trying to get him to admit that he lied about hacking the Senate Intelligence Committee.

But, as often happens with Wyden-authored letters, they also included this oblique paragraph at the end:

Additionally, we are attaching a separate classified letter regarding inaccurate public statements that you made on another topic in March 2015. We ask that you correct the public record regarding these statements immediately.

A game!!! Find the lies Brennan told in March!!!

The most likely place to look for Brennan lies comes in this appearance at the Council on Foreign Relations, where Brennan took questions from the audience.

While you might think Brennan lied about outsourcing torture to our allies, his answer on CIA involvement with interrogations conducted by our partners was largely truthful, even if he left out the part of detainees being tortured in custody.

But on a related issue, Brennan surely lied. He claimed — in response to a questions from an HRW staffer — not to partner with those who commit atrocities.

QUESTION: I’m going to try to stand up. Sarah Leah Whitson, Human Rights Watch. Two days ago, ABC News ran some video and images of psychopathic murderers, thugs in the Iraqi security forces, carrying out beheadings, executions of children, executions of civilians. Human Rights Watch has documented Iraqi militias carrying out ISIS-like atrocities, executions of hundreds of captives and so forth.

And some of the allies in the anti-ISIS coalition are themselves carrying out ISIS-like atrocities, like beheadings in Saudi Arabia, violent attacks on journalists in Saudi Arabia—how do you think Iraqi Sunni civilians should distinguish between the good guys and the bad guys in this circumstance?

BRENNAN: It’s tough sorting out good guys and bad guys in a lot of these areas, it is. And human rights abuses, whether they take place on the part of ISIL or of militias or individuals who are working as part of formal security services, needs to be exposed, needs to be stopped.

And in an area like Iraq and Syria, there has been some horrific, horrific human rights abuses. And this is something that I think we need to be able to address. And when we see it, we do bring it to the attention of authorities. And when we see it, we do bring it to the attention of authorities. And we will not work with entities that are engaged in such activities.

As I noted at the time, Brennan totally dodged the question about Saudi atrocities. But it is also the case that many of the “moderates” we’ve partnered with in both Syria and Iraq have themselves engaged in atrocities.

So I suspect his claim that “we will not work with entities that are engaged in such activities” is one of the statements Wyden et al were pointing to.

A potentially related alternative candidate (the letter did say Brennan had made false statements, plural) is this exchange. When Brennan claimed, at the time, he has no ties to Qasim Soleimani, I assumed he was lying, not just because we’re actually fighting a way in IRGC’s vicinity but also because Brennan seemed to exhibit some of the “tells” he does when he lies.

QUESTION: James Sitrick, Baker & McKenzie. You spent a considerable amount of your opening remarks talking about the importance of liaison relationships. Charlie alluded to this in one of his references to you, on the adage—the old adage has it that the enemy of your enemy is your friend. Are we in any way quietly, diplomatically, indirectly, liaisoning with Mr. Soleimani and his group and his people in Iraq?

BRENNAN: I am not engaging with Mr. Qasem Soleimani, who is the head of the Quds Force of Iran. So no, I am not.

I am engaged, though, with a lot of different partners, some of close, allied countries as well as some that would be considered adversaries, engaged with the Russians on issues related to terrorism.

We did a great job working with the Russians on Sochi. They were very supportive on Boston Marathon. We’re also looking at the threat that ISIL poses both to the United States as well as to Russia.

So I try to take advantage of all the different partners that are out there, because there is a strong alignment on some issues—on proliferation as well as on terrorism and others as well.

I happen to think it an exaggeration that the Russians “were very supportive on Boston Marathon,” but maybe that’s because FSB was rolling up CIA spies who were investigating potentially related groups in Russia.

Finally, while less likely, I think this might be a candidate.

QUESTION: Thank you. Paula DiPerna, NTR Foundation. This is probably an unpopular suggestion, but is it feasible or how feasible would it be to do a little selective Internet disruption in the areas concerned, a la a blockade, digital blockade, and then an international fund to indemnify business loss?

BRENNAN: OK. First of all, as we all know, the worldwide web, the Internet, is a very large enterprise. And trying to stop things from coming out, there are political issues, there are legal issues here in the United States as far as freedom of speech is concerned. But even given that consideration, doing it technically and preventing some things from surfacing is really quite challenging.

And we see that a number of these organizations have been able to immediately post what they’re doing in Twitter. And the ability to stop some things from getting out is really quite challenging.

As far as, you know, indemnification of various companies on some of these issues, there has been unfortunately a very, very long, multi-year effort on the part of the Congress to try to pass some cybersecurity legislation that addressed some of these issues. There has been passage in the Senate.

I think it’s overdue. We need to update our legal structures as well as our policy structures to deal with the cyber threats we face.

Remember, Ron Wyden has been pointing to an OLC opinion on Common Commercial Services (which, however, CIA’s now General Counsel Carolyn Krass said publicly she wouldn’t rely on) for years. I suspect indemnity is one of the things it might cover.

Plus, I do think it likely that we’ve disrupted the Internet in various circumstances.

Who knows? Maybe Brennan just told a lot of lies.

It wouldn’t be the first time.

Update: NatSec sources are already dismissing this Sy Hersh piece on the real story behind the bin Laden killing. But if there’s truth to this detail, then it would suggest I was overly optimistic when I suggested Brennan was truthful about outsourcing our interrogation to allies.

The retired official told me that the CIA leadership had become experts in derailing serious threats from Congress: ‘They create something that is horrible but not that bad. Give them something that sounds terrible. “Oh my God, we were shoving food up a prisoner’s ass!” Meanwhile, they’re not telling the committee about murders, other war crimes, and secret prisons like we still have in Diego Garcia. The goal also was to stall it as long as possible, which they did.’

If we do still have a secret prison in Diego Garcia, then the claim that we outsource everything to allies would be the key lie here.

image_print