The Democrats Newfound Love for Russian Intelligence Product

As you know, Buzzfeed published a dossier laying out Donald Trump’s ties to Russia last night. The dossier is described as oppo research done by a former MI6 agent first for a GOP rival (which doesn’t make a ton of sense as the dossier starts in June 2016) and then picked up by Hillary. There are competing reports on whether this dossier was included in the briefing on the Russian hack intelligence provided to Trump the other day (and I and others falsely claimed that this dossier is what some Senate Dems have pointed to as evidence they’ve been briefed about Trump’s ties to Russia).

I wanted to make a few points about the dossier.

First, note that this is not the complete dossier. There are references to reports that are not included with this dump. That means, even assuming the provenance on all else is solid, this is a cherry picked version of what the former MI6 consultant reported to Hillary.

Second, ask yourself why Hillary didn’t leak this dossier during the election (besides sharing the contents of it with David Corn). I don’t know the answer to that, but I’d sure like to know it (and I’ve got some theories that don’t raise my confidence about the dossier generally).

Third, as a number of people have noted, there are errors in this report, down to the spelling of Alfa Bank. That’s not itself discrediting, but it should caution people not to take this as finished intelligence.

For what it’s worth, I find some of it very credible. Some of it accords with stuff I know. Others of it conflicts in material ways with well-sourced information I know. I find other claims transparently silly (such as the report that anyone believed Trump didn’t have serious business ties to Russia). That may simply speak to the credibility of the individual underlying sources, or it may speak to the dossier generally. I don’t yet have an opinion on that.

Which brings me to the sources. Trump’s team has claimed that these reports come from Russian intelligence, which ought to raise the very good question of why we’d take as Gospel something Russian intelligence said now when we’re supposed to disdain known accurate information (Hillary emails) leaked on behalf of Russian intelligence. Trump’s claim is — as regards the most sensational of the claims in the report, that Trump had prostitutes urinate on a bed that Barack and Michelle Obama had used while in Moscow, as well as a few more of the claims — true. It is not true for others of the claims.

Which is to say, I’m not entirely sure what to make of this dossier yet. It is more interesting to me as an artifact — as something that Hillary had but chose not to leak but that got leaked yesterday of all days — than as a source of information, but I do think some of the information in the dossier might, with far more vetting, turn out to be somewhat accurate. There are reports FBI is investigating this document that I’m not 100% sure I believe.

I’ll come back to this analysis when I can print out the document, but here’s a list of all of the sources used in the report. Remember, before you get to these embedded sources (most are described as a “compatriot” of the actual source), you’ve got to remember the former MI6 agent paid to do opposition research (and perhaps directing his agents to look for opposition research). So everything here is Hillary’s surrogates to former MI6 agent to (usually) a “compatriot” to the underlying source. Also, some of these sources are obviously repetitive (such as the source close to Ivanov), so the entire dossier likely relies on closer to 10 underlying sources than the 31 listed here.

  1. Source A: Senior Russian Foreign Ministry figure with knowledge of intelligence the Kremlin was feeding Trump [via trusted compatriot]
  2. Source B: Former top level Russian intelligence officer still active insider the Kremlin, who says the Russians have enough material to blackmail Trump [via trusted compatriot]
  3. Source C: Senior Russian financial official
  4. Source D: A close associate of Trump who knows that the Ritz Carlton is under control by FSB
  5. Source E: redacted, possibly a staffer at the Ritz Carlton, which is reportedly controlled by FSB
  6. Source F: A female staffer at the Ritz, which is reportedly controlled by FSB
  7. Source G: A senior Kremlin official
  8. Unlabeled senior government official claiming the Russians had had only limited success penetrating foreign governments we know they’ve penetrated (like the US) but explaining RU had had increasing problems with its own hackers
  9. A Russian IT specialist with direct knowledge of FSB’s coercion and blackmail used to recruit hackers
  10. An IT operator inside a leading Russian State Owned Entity familiar with FSB penetration of a foreign director
  11. An FSB cyber operative
  12. Source E2: An ethnic Russian close associate of Trump who claims Trump has a minimal investment profile in Russia
  13. A Russian source close to Rosneft President Igor Sechin
  14. A compatriot of an official close to Presidential Admin Head Sergei Ivanov
  15. A trusted associate of a Russian émigré figure
  16. A Kremlin source close to Sergei Ivanov
  17. A Kremlin source close to Dmitri   Medvedev
  18. A close colleague of Sergei Ivanov
  19. A Kremlin official involved in US relations
  20. An ethnic Russian associate of Trump, who had spoken to Carter Page
  21. A compatriot of a Kremlin insider discussing Duma Head of Foreign Relations Committee Konstantin Kosachev
  22. A well-placed Russian figure
  23. An American political figure associated with Trump
  24. A trusted compatriot of a senior member of Presidential Administration and of a senior Minister of Foreign Affairs official
  25. A former top level Russian intelligence officer
  26. A trusted compatriot of a top level Russian government official
  27. A trusted compatriot of a St. Petersburg member of the political/business elite and another involved in the services/tourist industry
  28. A trusted compatriot of a senior Russian leadership figure and a foreign ministry official
  29. A trusted compatriot of a close associate of Rosneft President Igor Sechin, a senior member of Sechin’s staff, and a Kremlin insider with direct access to the leadership
  30. A longstanding compatriot friend of a Kremlin insider
  31. [Redacted]

 

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

The Shadow Brokers: “A Nice Little NSA You’ve Got Here; It’d Be a Shame If…”

When President Obama discussed how to retaliate against Russia for hacking the DNC last Friday, he described the trick of finding “an appropriate response that increases costs for them for behavior like this in the future, but does not create problems for us.” Aside from questions of efficacy, Obama raised something that a number of people looking for a big explosive response seem to have forgotten: that any response may create problems for us.

Which is why I find it curious that — aside from this one piece by Krypt3ia — no one factored in another cyber-attack on the US in discussions about retaliation, one that is, at least in execution, on-going: the release of NSA tools by a group calling itself the Shadow Brokers.

I’ve put a rough timeline (!) below. But as it shows, several weeks after the initial release of the DNC emails led to Debbie Wasserman Schultz’s resignation, the Shadow Brokers posted the first of what have thus far been 6 messages. Especially recently, the timing of the Shadow Brokers releases correlates in interesting ways with developments in the DNC hack. At the very least, the coincidence suggests the threat of further exposure of NSA’s hacking may be a factor in discussions about a response.

Release One: Burning US firewall providers

The first Shadow Brokers post announced an auction of Equation Group (that is, NSA offensive hacking) files. It released enough files to make it clear that a number of firewall companies, including several American companies, had been targeted by the NSA. Accompanying the release was a rant that indirectly pointed to the Clintons — discussing blowjobs and running for President — but at that point, there was not much focus about whether these files were related to the Russian hacking and, more importantly, not a ton of focus on the files in discussions of the Russian hacking. That is, while many people assumed Russia might be the culprit, that it might fell out of the discussion.

Two weeks later, the FBI arrested Hal Martin, a(nother) Booz Allen contractor that — the NYT story that revealed his arrested — served as a ready scapegoat for the files.

The very next day, Shadow Brokers posted its second message, the first of several proving that it was not, personally, Hal Martin. It was basically a play on Team America’s Kim Jong Il character, asking why everyone was so stupid.

A few days later, on September 5, President Obama gave Vladimir Putin the first of several warnings about the hacking — understood to be the DNC hacking (reportedly, no one knew about the Podesta hack yet, even though the emails had been stolen in March).

Almost a month passed before Shadow Brokers posted again, on October 1, basically whining about no one playing in the auction. The following two weeks are critical in the DNC hack rollout.

On October 7, two leaks distract from the IC attribution announcement

On October 7, three things happen (well, more, but I’ll come back to that): First, ODNI and DHS released their statement blaming Russia for the hack. The WaPo published the Access Hollywood “Grab them by the pussy” video. And WikiLeaks started releasing the Podesta emails.

Side note: This weekend, Podesta complained about the latter two events, describing how they came out just an hour apart. People even disputed the claim. But in neither Podesta’s comment nor the fact-check are people mentioning that it’s not so much the Podesta emails distracted from the Trump video (which I don’t think to be the case anyway, because the GrabThemByThePussy really did distract us for a while), but both — and especially the video — distracting from the Russia implication.

A week later, the same NBC team that has been the recipient of other DNC hack related leaks published a dick-wagging story promising that the CIA was about to cyber-retaliate for the hacks.

The next day, Shadow Brokers released message number 4 calling off the auction. The Shadow Brokers post also crassly spoofs airplane Loretta Lynch’s meeting with Bill Clinton (there a cultural reference here I don’t get), bringing the message content of the SB series still closer to the context of the Hillary emails.

Release Two: ID alleged NSA targets and threaten the election

Thus far, mind you, Shadow Brokers had just released enough to seriously compromise America’s firewall companies and their relationship with the NSA — but had mostly just been making noise since the first release. That changed on October 30, less than two weeks before the election.

Most of the focus on this release has been on the data released: a set of IP addresses seemingly showing the addresses NSA had hacked or used as a proxy. The IP addresses were dated, so the release wasn’t exposing ongoing operations, probably. But it did reveal a significant number of academic targets. It also showed that, several years before we drummed up the Iraq War, we were targeting the Organization for the Prohibition of Chemical Weapons. Unlike the first release, then, this one didn’t so much help anyone hack. Instead, it identified who had been hacked, and the degree to which these were not obvious targets.

But the message from that release is, in retrospect, just as important. It includes a reference to the NBC dick-wagging story about CIA hacking Russia. It questions why the focus has been on the DNC hack and not the Shadow Brokers release, “hacking DNC is way way most important than EquationGroup losing capabilities. Amerikanskis is not knowing USSA cyber capabilities is being screwed.” It invited people to hack the election.

On November 8th, instead of not voting, maybe be stopping the vote all together? Maybe being grinch who stopped election from coming? Maybe hacking election is being the best idea? #hackelection2016.

And then it demanded payment or the bleeding would continue. “How bad do you want it to get? When you are ready to make the bleeding stop, payus,”

The next day, according to NBC, for the first time in his Administration, President Obama used the “Red Phone” communication system with Russia and discussed war, albeit in muddled terms.

Now, even aside from this timing, it makes more sense that Obama was reacting to the Shadow Brokers release than the DNC ones. Though Dems have suggested Russia kept hacking after the spring, that appears to have been more phishing attempts, not known theft of documents. As for the DNC and Podesta files, as Obama said on Friday, those files had already been stolen. Short of stopping WikiLeaks (and Ecuador had cut off Julian Assange’s wifi access by then, presumably in response to US pressure, though it had little impact on the release of the Podesta files), there was nothing that a call could do about the ongoing leaks pertaining to Hillary. There were, admittedly, the probes of state voter registration sites, but the IC has consistently stopped short of attributing those to Russia.

But a response to a threat to hack Russia?

Which would seem to suggest the IC believes that these Shadow Brokers files are coming from Russia.

Release Three: A broad array of alleged tools, including those that hacked Belgacom

Then things went quiet again for a while, until the leakapalooza starting on December 9, which was basically an effort by the Dems and some spooks to pressure Trump and/or delegitimize his election. Significantly, however, the December 9 WaPo story also reported, for the first time, that CIA knew who the cut-outs between Russia’s hackers and Wikileaks were, something James Clapper said the IC didn’t have as late as November 17. In addition, the NYT published its long piece describing the hack, told in a way to put the Dems in the best possible light (which is a polite way of saying it is not hard-hitting news).

So on December 14, a Motherboard post from a persona named Bocefus Cleetus points to a ZeroNet site with a set of files listed for individual sale (and aggregating all the past messages).

With regards to the files, here is HackerHouse’s analysis, here is the Grugq’s post on the technical aspect of the files, and a few of Shadow Brokers’ most recent tweets allegedly describe what some of the files are. The short version though is, like the original release, these are dated files, some of them triggering known interests of commentary on NSA’s hacking. There’s a good deal of variety in tools, some of which sound cool. One of them, at least according to Hacker House, is likely one of the tools used to hack Belgacom.

Interestingly, HackerHouse and the Grugq disagree as to what this array suggests about the source of the files. The Grugq argues that these files must come from inside the NSA, because there’d be no other explanation for all of them to be in the same place.

Why High Side?

The easiest way to tell this is high side [inside NSA’s classified networks] gear, not a back hack from an ops box is that there is simply too much here. Its hard for me to explain because it requires a level of information security knowledge combined with understanding how cyber operations are conducted (which is different from pen tests or red teaming.)

The TAO of Cyber

Cyber operations are basically designed with operational security in mind. The operators create a minimal package of tooling needed for conducting exactly, only and specifically the operation they are doing. This means, for example, if they are hitting a telco Call Data Records (CDR) box, they will plan for what they are going to do on that specific computer and prepare the tools for only that plan and that computer. If those tools are captured, or there is a back hack up to their staging point, the loss is compartmented.

But HackerHouse argues they must be from a staging site (that is, external to the NSA) because they are binary files.

The bulk of these projects are not provided in source code form and instead appear to be binary files, which further strengthens the hypothesis that these files were compromised from an operational staging post or actively obtained from a field operation. If they had been in source code format then this would suggest an insider leak is more likely, binary files are often used in operations over their source code counterpart.

For what it’s worth, in the first post, Shadow Brokers claims it tracked EG’s traffic. “We follow Equation Group traffic. We find Equation Group source range. We hack Equation Group.” But it is worth noting that, 4 months after the first leak, tech folks are still disputing whether these must have come from inside our outside the NSA.

Assuming no one buys these files, then, the release has done several things. First, it provided Belgacom and other potential targets of US hacking more evidence they might use to identify an NSA hack. As such, it seems consistent with the earlier releases: not so damaging for current operations as it is for the exposure of who and how the US targets civilian targets.

But it also tells the NSA more about what Shadow Brokers has — at least some of the tools it has (in the first post, SB claimed NSA didn’t know what it had), but also where they were obtained.

Cleetus’ close commentary on recent events

Which brings me to the message (post one, post two) of presumed Shadow Brokers persona, Bocefus Cleetus (as others have argued, a possible allusion to “ventriloquist dummy of FSB”), which the Grugq wrote about here. I suspect (this is a wildarseguess) Cleetus may serve as a temporally contingent way to alert the public to files that may have been out there for a while.

As the Grugq notes, the first message is interesting for its invocation of Rage against the Machine’s “People of the Sun” juxtaposed against a background and fake discourse targeting caricatured Neo-Nazi Trump voters. He reads the former as a warning about invading brown people, but I think — given the stylistic fluidity across the six Shadow Brokers’ messages — it might better be understood as mixed metaphors. RATM where one has been led to expect Hank Williams Jr.

There’s also a reference to fake news. As with the October 30 release (assuming Cleetus is a persona of Shadow Brokers), this is also a piece responding to very current events.

But Cleetus’ second message that is a far more interesting comment on immediate events. For example, from the first, it invokes NYT’s blockbuster (which is remarkably favorable to the DNC) story on the hack, which has now been translated into Russia. Here’s Cleetus’ first line:

After my shadow brokers tweet I was contacted by an anonymous source claiming to be FBI. Yep I know prove it? I wasn’t able to get’em to verify their identity.

Here’s an early line from the NYT story:

“I had no way of differentiating the call I just received from a prank call,” Mr. Tamene wrote in an internal memo, obtained by The New York Times, that detailed his contact with the F.B.I.

This line from Cleetus:

The NSA has the global surveillance capabilities to intercept all the DNC and Podesta emails.

Seems to reflect Bill Binney’s theory, which is that the NSA would know if there were really a hack because it would have seen the traffic.

In other words, any data that is passed from the servers of the Democratic National Committee (DNC) or of Hillary Rodham Clinton (HRC) – or any other server in the U.S. – is collected by the NSA.  These data transfers carry destination addresses in what are called packets, which enable the transfer to be traced and followed through the network.

[snip]

The bottom line is that the NSA would know where and how any “hacked” emails from the DNC, HRC or any other servers were routed through the network. This process can sometimes require a closer look into the routing to sort out intermediate clients, but in the end sender and recipient can be traced across the network.

There’s the reference to the now-forgotten stink when Trump interviewed Mike Rogers.

Clapper and Carter tried to get Rogers fired. They also called for the breakup of NSA.

That was first reported by the same folks who set off this leakapalooza.

The heads of the Pentagon and the nation’s intelligence community have recommended to President Obama that the director of the National Security Agency, Adm. Michael S. Rogers, be removed.

The recommendation, delivered to the White House last month, was made by Defense Secretary Ashton B. Carter and Director of National Intelligence James R. Clapper Jr., according to several U.S. officials familiar with the matter.

Action has been delayed, some administration officials said, because relieving Rogers of his duties is tied to another controversial recommendation: to create separate chains of command at the NSA and the military’s cyberwarfare unit, a recommendation by Clapper and Carter that has been stalled because of other issues.

What ever happened to Trump’s imminent plan to replace James Clapper with Mike Rogers amidst a big rearrangement of the spook desk chairs, I wonder? Has he completely forgotten Clapper is out of here on January 20, at noon sharp, Clapper said?

In any case, those bits directly echo very current news. But the rest of the post posits a fight between DOD and CIA, some of it rooted in equally real, if more dated, pissing contests.

Look it up for yerself! DOD and CIA have had a turf war going back to the Afghanistan and Iraq Wars bout whose job it was to run paramilitary operations. A turf war over the next “domain of battle” with all the government cheese.

One reason Shadow Brokers’ positing of a NSA-CIA spat — which the Grugq argues could not be real — is so interesting is because most of the recent reporting has forgotten NSA’s centrality in all this and instead focused on an FBI-CIA split, which was artificially resolved by pre-empting the President’s press conference on Friday.

I don’t think there’s really an NSA-CIA pissing contest, though there may be an interesting detail here or there I’ll return to.

But it brings us full circle. President Obama, in urging calm, invoked the kind of retaliation that might, “create problems for us.” Those comments took place as if only the DNC and Podesta hacks were at issue (indeed, he made Martha Raddatz qualify what leaks the IC had blamed on Russia, and that’s what she said). But it appears likely that the IC connects Shadow Broker to the other two. And the whole time we’ve been talking about retaliating, the Shadow Brokers has not so much been undercutting the NSA’s bread and butter, but letting our allies and other neutral parties see precisely whom we conduct this dragnet on.

That sounds like something that might “create problems for us.”

On October 30, Shadow Brokers taunted, “When you are ready to make the bleeding stop, payus, so we can move onto the next game.” I think we’re still in that first game.


Shadow Brokers Timeline

August 13: Message 1 Equation Group Warez Auction Invitation

The name, in general, is a play on the villain from Mass Effect.

GitHub, Reddit, Tumblr (see note), with takedowns as stolen property

Message on Pastebin

Claims files obtained by following EG traffic, claims EG doesn’t know what it lost

We follow Equation Group traffic. We find Equation Group source range. We hack Equation Group.

[snip]

Equation Group not know what lost. We want Equation Group to bid so we keep secret. You bid against Equation Group, win and find out or bid pump price up, piss them off, everyone wins.

Rant about wealthy elites who don’t get blowjobs who run for President

We have final message for “Wealthy Elites”. We know what is wealthy but what is Elites? Elites is making laws protect self and friends, lie and fuck other peoples. Elites is breaking laws, regular peoples go to jail, life ruin, family ruin, but not Elites. Elites is breaking laws, many peoples know Elites guilty, Elites call top friends at law enforcement and government agencies, offer bribes, make promise future handjobs, (but no blowjobs). Elites top friends announce, no law broken, no crime commit. Reporters (not call journalist) make living say write only nice things about Elites, convince dumb cattle, is just politics, everything is awesome, check out our ads and our prostitutes. Then Elites runs for president. Why run for president when already control country like dictatorship? What this have do with fun Cyber Weapons Auction? We want make sure Wealthy Elite recognizes the danger cyber weapons, this message, our auction, poses to their wealth and control. Let us spell out for Elites. Your wealth and control depends on electronic data. You see what “Equation Group” can do. You see what cryptolockers and stuxnet can do. You see free files we give for free. You see attacks on banks and SWIFT in news. Maybe there is Equation Group version of cryptolocker+stuxnet for banks and financial systems? If Equation Group lose control of cyber weapons, who else lose or find cyber weapons? If electronic data go bye bye where leave Wealthy Elites? Maybe with dumb cattle? “Do you feel in charge?” Wealthy Elites, you send bitcoins, you bid in auction, maybe big advantage for you?

August 27: Hal Martin arrested

August 28: Message 2 “Why is everyone so fucking stupid”

A play on Team America’s “I’m so ronery

Additional details on auction, Pastebin

September 1: Message 6 files signed

September 5: Obama and Putin discuss DNC hacks at G-20

September 25: Sam Adams Award presentation; Craig Murray meets intermediary tied to Podeseta leak

October 1: Message 3 “Why you no like?”

More details on the auction. Medium

Q: Why saying “don’t trust us”?

A: TheShadowBrokers is making comment on trust-less exchanges. TheShadowBrokers is thinking is no thing now as trust-less. “Don’t Trust” is not equal to “Is Scam”. TheShadowBrokers is thinking no way to exchange secrets (auction files) without one party trusting other. If seller trust buyer and buyer no pay, then no more secrets. If buyer trust seller and seller no deliver, the no more sales. TheShadowBrokers is having more things to sell. Reputation is being another benefit of public auction.

October 7: IC Attribution of DNC hack to Russia, Podesta email release starts, Access Hollywood video

October 14: NBC story, CIA Prepping for Possible Cyber Strike Against Russia

Vice President Joe Biden told “Meet the Press” moderator Chuck Todd on Friday that “we’re sending a message” to Putin and that “it will be at the time of our choosing, and under the circumstances that will have the greatest impact.”

October 15: Message 4 “Yo Swag Me Out”

Calls off auction and provides spoof (I’m missing what this is a reference to) of Loretta Lynch/Bill Clinton plane conversation

October 17: Ecuador cuts off Assange’s Internet access

October 30: Message 5 Trick or Treat for Amerikanskis

Medium announcement

A reference to October 14 NBC story and Biden’s threat to Putin, mocking relative focus on DNC hacks over Equation Group hacks

Why is DirtyGrandpa threating CIA cyberwar with Russia? Why not threating with NSA or CyberCommand? CIA is cyber B-Team, yes? Where is cyber A-Team? Maybe threating is not being for external propaganda? Maybe is being for internal propaganda? Oldest control trick in book, yes? Waving flag, blaming problems on external sources, not taking responsibility for failures.

A challenge about whether the DNC hack is more important that the EG hack

But neverminding, hacking DNC is way way most important than EquationGroup losing capabilities. Amerikanskis is not knowing USSA cyber capabilities is being screwed?

[snip]

Maybe political hacks is being more important?

A call for people to hack the elections

TheShadowBrokers is having suggestion. On November 8th, instead of not voting, maybe be stopping the vote all together? Maybe being grinch who stopped election from coming? Maybe hacking election is being the best idea? #hackelection2016. If peoples is not being hackers, then #disruptelection2016, #disruptcorruption2016. Maybe peoples not be going to work, be finding local polling places and protesting, blocking , disrupting , smashing equipment, tearing up ballots? The wealthy elites is being weakest during elections and transition of power.

A threat that it will get worse

How bad do you want it to get? When you are ready to make the bleeding stop, payus, so we can move onto the next game. The game where you try to catch us cashing out!

October 31: Obama contacts Putin on Red Phone for first time in presidency, reportedly warns he’ll treat an attack on the election as an act of war.

November 26: Anonymous White House statement on election integrity

December 9: Obama calls for a review of hacking; WaPo releases releases story claiming CIA believes Russia did the hack to elect Trump

December 13: NYT story on DNC hack that leads with detail that FBI called DNC but staffer didn’t believe he was FBI.

December 14 (?): Message 6 “Black Friday/Cyber Monday Sale” (file signed September 1; Mustafa al-Bassam seemed to know they were coming if not already out there)

December 14: Message 6B Bocefus Cleetus 1 “Are the Shadow Brokers selling NSA tools on ZeroNet?”

Reference to Rage Against the Machine People of the Sun

Possible reference to Hank Williams Jr, Dukes of Hazard (perhaps ventriloquist doll for FSB)

Reference to fake news

December 15: Shadow Brokers interview with Motherboard

December 16, 5:21 AM(?): Message 6A Bocefus Cleetus 2, ““New Theory: Shadow Brokers Incident is a Deep State Civil War between CIA vs NSA”

Reference to NYT story on how DNC got hacked

Reference to Bill Binney theory on hack

Seeming rewriting of perceived FBI-CIA feud

Reference to (now forgotten) Trump interview with Mike Rogers

Reference to larger discussions of bureaucratic organization

DOD and CIA have had a turf war going back to the Afghanistan and Iraq Wars bout whose job it was to run paramilitary operations. A turf war over the next “domain of battle” with all the government cheese.

December 16, 2:40PM: Obama press conference

January 1, 2017 [Update} Shadow Brokers complains it did not get included in Obama’s sanctions list

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

“Jim Comey thinks he was handed a shit sandwich”

Upon this rock Comey’s reputation stands—or it did until this past July.

That sentence appears deep inside a long Tim Weiner article suggesting, as I did on November 9, that Democrats might be better off if Jim Comey stayed on as FBI Director under Donald Trump.

Before Weiner gets there, he lays out the tradition of FBI Directors standing up to Presidential power (!), leading up to a truly epic rendition of the Comey hospital stairs myth, in which Comey ran up some hospital steps in March 2004, with seconds to spare, to save the Constitution.

The number of people who knew about Stellar Wind was vanishingly small at the start, but by early 2004 it was growing. Comey was read into the program’s secret protocols. He became convinced that Stellar Wind was unworkable—and, worse, unconstitutional. (As the Supreme Court would later rule in a pivotal case, a state of war does not make a president king.) In turn, Comey converted Mueller. They agreed that the FBI could not continue to go along with the program. The scope of the searches had to be constrained to protect Americans’ rights.

Bush disagreed, of course. So did his White House lawyers. The NSA was a military agency, and therefore, they said, Congress’s authorization of military force gave the president the right to electronically eavesdrop on anyone, anywhere in America—free from the constraints of the Fourth Amendment’s protections against warrantless searches and seizures.

Comey and Mueller were caught between the president’s command and the law of the land. Neither man had seen evidence that the surveillance program had saved a life, stopped an imminent attack, or unveiled an Al Qaeda member in the United States. They also thought it foolhardy that Bush was flouting the Foreign Intelligence Surveillance Court, which had been created after Watergate to oversee national-security wiretapping.

[snip]

The FBI agents who were guarding Ashcroft’s room alerted Comey and Mueller that a showdown was imminent. The two men raced to the intensive-care unit in their black cars, sirens blaring. Comey, who is six foot eight, leaped up the stairs two steps at a time and got there first. Ashcroft was fading in and fading out. “I immediately began speaking to him,” Comey later testified, “to see if he could focus on what was happening. And it wasn’t clear to me that he could. He seemed pretty bad off.”

Having presented how Acting Attorney General Comey saved the Constitution by refusing to reauthorize Stellar Wind, Weiner skips some details, most notably about how Comey then turned around and strong-armed FISA into authorizing most parts of the program, including the metadata dragnet that Comey had refused to approve on his own, arguing that DOJ couldn’t go to Congress as the Constitution required.

Weiner’s myth has no room in a long form article to explain that Comey needed to shred the Constitution’s separation of powers to save the Constitution, it seems. After all, if he presented those details, the claim that Comey’s reputation still stood unblemished on a noble rock back in July would look silly.

Having, nevertheless, argued that Comey has consistently stood up to presidential powers on a scale never before seen, Weiner then tries to spin Comey’s July decision to violate the norms of DOJ just a case of standing up to power gone bad. Weiner provides almost no explanation of what a big deal it was to make derogatory comments about Hillary even while he cleared her, to be followed by several sworn hearings before Congress in which he provided even more details.

Indeed, in a key paragraph, Weiner’s hagiography gets muddled, with statements Comey made in July conflated with actions he then felt obliged to take in October, without much discussion of how one led to the other.

Clearly Comey’s remark about Clinton being “extremely careless” was a blunder—carelessness is a sin of omission, not a federal crime—but the awful truth is that he thought he had no choice, or at least no good choice. When he sent the October 28 letter, Comey broke a long-standing Justice Department rule against meddling in presidential politics on the eve of an election. But if, as seems likely, Comey believed with everyone else that Clinton was on track to become the next commander in chief, he may have felt compelled by a custom of equally potent provenance. For decades the FBI has checked and confronted the power of the president. This tradition runs from our own time of political torment back through Bill Clinton’s presidency all the way to the days of J. Edgar Hoover.

Having thus obscured how unprecedented the first decision was, Weiner then goes on to — I kid you not! — permit a Comey associate to claim that he (!!!!) and not Hillary Clinton got dealt a shit sandwich.

In November, I put a question to Comey through the FBI’s chain of command: Why did he feel obliged to tell Congress about the cache of unopened emails at the end of October, before his agents had a warrant to look at them? Comey declined to respond directly, but an FBI official familiar with his thinking explained the gist of the dilemma: The director stood at the fork of two bad roads. Route one: Comey sends the letter to Capitol Hill. A congressman hell-bent on harming Hillary Clinton leaks it. The evidence reveals no crime. Clinton is defeated. Route two: Comey doesn’t send the letter. The existence of the emails leaks. Comey is doomed. Another official who works closely with the director put the conundrum in a pithy phrase: “Jim Comey thinks he was handed a shit sandwich.”

Even the most Comey-friendly narrative of his actions this year has, up to this point, argued that Comey’s choices in October were limited because of stupid, even unforgivable things, he did in July. But not here. Here, some entity that shall not be named handed poor Jim Comey a shit sandwich.

Weiner’s piece ends with the promise that, this unfortunate incident behind him, Jim Comey will still get up for the next six plus years to protect our country and our Constitution.

For the next seven years, if he serves through the end of his statutory term, Comey will rise before dawn, read through overnight reports about threats to the United States, ride a black car to the White House, and brief the president, if the president will listen. He will report to congressional committees on life-and-death issues of national security. The FBI is fighting battles across the nation and the world, surrounded by real and imagined enemies everywhere you look, and in places you can’t see. There are terrorists and cyberwarriors. There are crooks and thieves. There are two houses of Congress. And then there’s the White House. Our new president has a history of bending the law nearly to the breaking point. Trump might not like the cut of Jim Comey’s jib. But the FBI director must stand up and say no to a president when the Constitution requires it. It’s the law, and it’s a tradition. We could do worse than having Comey in charge.

Look. As I noted at the beginning, I have made a version of this argument. I have argued that whoever Donald Trump would appoint to be FBI Director would be far worse than Comey, and Comey — not because he has great respect for the Constitution but because he’s self-righteous and knows how to work the press — might stand up to the first or second Trump abuse of power. I don’t expect many Democrats (the ones who rushed through Comey’s appointment with very little scrutiny) to agree, but I have made that argument.

But spare me the misleading hagiography in making that case, please? If we would be better off if Comey stayed on, it would be as much because of Comey’s flaws (and more importantly Trump’s knack for finding the worst nominee for any given position) than any great deeds of the past.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

Why Is CIA Avoiding the Conclusion that Putin Hacked Hillary to Retaliate for Its Covert Actions?

The most logical explanation for the parade of leaks since Friday about why Russia hacked the Democrats is that the CIA has been avoiding admitting — perhaps even considering — the conclusion that Russia hacked Hillary in retaliation for the covert actions the CIA itself has taken against Russian interests.

Based on WaPo’s big story Friday, I guessed that there was more disagreement about Russia’s hack than its sources — who seemed to be close to Senate Democrats — let on. I was right. Whereas on Friday WaPo reported that it was the consensus view that Russia hacked Hillary to get Trump elected, on Saturday the same journalists reported that CIA and FBI were giving dramatically different briefings to Intelligence Committees.

The question the Republicans and Democrats in attendance wanted answered was whether the bureau concurred with the conclusions the CIA had just shared with senators that Russia “quite” clearly intended to help Republican Donald Trump defeat Democrat Hillary Clinton and clinch the White House.

For the Democrats in the room, the FBI’s response was frustrating — even shocking.

During a similar Senate Intelligence Committee briefing held the previous week, the CIA’s statements, as reflected in the letter the lawmakers now held in their hands, were “direct and bald and unqualified” about Russia’s intentions to help Trump, according to one of the officials who attended the House briefing.

[snip]

“The FBI briefers think in terms of criminal standards — can we prove this in court,” one of the officials said. “The CIA briefers weigh the preponderance of intelligence and then make judgment calls to help policymakers make informed decisions. High confidence for them means ‘we’re pretty damn sure.’ It doesn’t mean they can prove it in court.”

The FBI is not sold on the idea that Russia had a particular aim in its meddling. “There’s no question that [the Russians’] efforts went one way, but it’s not clear that they have a specific goal or mix of related goals,” said one U.S. official.

Subsequent leaks have continued to make it clear there’s a dispute both about what motive Russia had to target Hillary (to destabilize the US? to get Trump elected?) and how much evidence there is (the FBI thinks it is circumstantial, the CIA thinks it a  smoking gun). In addition, there have been unanswered questions about why CIA only briefed that Russia affirmatively supported Hillary this week, when reportedly they have had the evidence that conclusion is based on for months.

Remarkably, only secondary commenters (including me, in point 13 here) have suggested the most obvious explanation: The likelihood that Russia targeted the former Secretary of State for a series of covert actions, all impacting key Russian interests, that at least started while she was Secretary of State. Those are:

  • Misleadingly getting the UN to sanction the Libya intervention based off the claim that it was about protecting civilians as opposed to regime change
  • Generating protests targeting Putin in response to 2011 parliamentary elections
  • Sponsoring “moderate rebels” to defeat Bashar al-Assad
  • Removing Viktor Yanukovych to install a pro-NATO government

Importantly, the first three of these happened on Hillary’s watch, with her active involvement. And Putin blamed Hillary, personally, for the protests in 2011.

Never mind the relative merit of these covert operations. Never mind that Putin has not, yet, released any evidence to support his claim that Hillary (or CIA) supported the 2011 protests targeting him personally; there is no doubt he believes it. During the primary Hillary as much as confirmed that when her diplomats negotiated the UN voted in 2011, they had regime change in mind the whole time. The US has acknowledged its covert operations against Assad in Congressional testimony. And hackers released a call from Victoria Nuland acting like she was in charge of deciding what post-Yanukovych Ukraine would look like.

In other words, whatever the merits and evidence behind these four events, there is no doubt Putin sees them as a threat to Russian interests and blames the US for all of them, with merit in at least some of the cases.

And yet, this most obvious motive has not been leaked to the press, creating the impression that it has never been considered by the people who carried out these covert actions.

To admit this possible motive publicly, of course, would require admitting that the US still tampers in other governments, including some that are elected (even if in elections of dubious fairness). It would also require admitting that our own government got targeted as a response to these covert interventions, which would make concerns about how novel this intervention was a lot less convincing.

Finally, if this motive were the real reason Putin tampered in our election, it might explain why Obama has been reluctant to respond. Perhaps the US believes that Putin has evidence that might prove — or at least create a convincing case that — that the US did intervene to try to weaken him in 2011. And again, the US has already stated on the record they’ve got a covert operation to topple Assad.

Update: I’ll add that DC Leaks, which has always been conflated with Guccifer 2 (which released only Democratic files) and the DNC and Podesta leaks to Wikileaks, started by releasing documents with very clear ties to Ukraine, including a great many targeted at George Soros. If DC Leaks is considered part of the same operation, it is all the more unbelievable that CIA has not considered this explanation.

Update: At an October 18 event, Michael Hayden said (after 20:30) Putin did this because he believes that we do this to him all the time, citing the Rose Revolution, 2011 protests, and Maidan, but not mentioning Libya and Syria. Hayden did claim that the US doesn’t actually do those things (again, not mentioning Libya and Syria), but earlier he said he had done similar things to the actual hack while Director of NSA.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

Week 14 Trash Talk

Going to be a fairly quick Trash today, have some other things requiring attention. No college football this weekend, save for the Army Navy game. Have to say, it was as good of a Army/Navy game as I remember seeing, certainly anytime recently. Army broke their 14 year losing streak with some incredibly tenacious play down the stretch in the 4th quarter. Good for them.

In the Pros, the game of the week is arguably Ravens at Pats on Monday night. The Pats are at home, but are without Gronk the rest of the way. And Marty Bennett is banged up too. Still, Brady at home in the limelight, not going to pick against that and Bill Bel. Maybe tied for game of the week is tonights SNF match between the Gents and Boys in Metlife Stadium. Weather is intermittent snow today and cold tonight. Dallas has been so clutch all year, but I’ll take the home dog Gents in an upset.

Also of serious interest is the Squawks at the Packers in Lambeau. Green Bay is not out of the playoff hunt, but they will be if they lose tonight. Seattle can afford the loss, but not the Pack. Rodgers is clicking better now, and the Cheese is coming to some life finally. But Russell Wilson, healthy again, can play in bad conditions too and the Packers are just beat up everywhere with injuries. Rodgers may be their best ground option, and he still has a bit of a hammy. That’s not good, I’ll, reluctantly, take Seattle. The Cardinals are playing for their lives in Miami in another do or die game. Like the Pack, the Cards seem to have finally found some urgency and team play. Enough to top Miami? I dunno, the Fish are doing way better than expected, but not necessarily against the best teams. That’s a pick em. Last game is for Lefty. Skins at Philly to visit the Iggles. No clue how to lean on that, but will go out on a limb and say the Skins get the road win.

That’s it for this week. Music by Janis.

Bmaz is a rather large saguaro cactus in the Southwestern Sonoran desert. A lover of the Constitution, law, family, sports, food and spirits. As you might imagine, a bit prickly occasionally. Bmaz has attended all three state universities in Arizona, with both undergraduate and graduate degrees from Arizona State University, and with significant post-graduate work (in physics and organic chemistry, go figure) at both the University of Colorado in Boulder and the University of Arizona. Married, with both a lovely child and a giant Sasquatch dog. Bmaz has been a participant on the internet since the early 2000’s, including active participation in the precursor to Emptywheel, The Next Hurrah. Formally joined the Emptywheel blog as an original contributing member at its founding in 2007. Bmaz grew up around politics, education, sports and, most significantly, cars; notably around Formula One racing and Concours de Elegance automobile restoration and showing. Currently lives in the Cactus Patch with his lovely wife and beast of a dog, and practices both criminal and civil trial law.

McCain Has One Way to Prevent Torture under Trump — Oppose Pompeo and Sessions

The Saturday before Thanksgiving, John McCain made some strong statements about whether President Trump will be able to resume torture.

Republican Sen. John McCain issued a fiery warning to President-elect Donald Trump on the subject of torture Saturday.

“I don’t give a damn what the president of the United States wants to do. We will not waterboard,” McCain told an audience at the annual Halifax International Security Forum. “We will not torture people … It doesn’t work.”

McCain’s comments have gotten quite a lot of approving press since.

But that approving press is misplaced.

After all, tough words will not prevent Trump from resuming torture — no matter what NYT’s rather bizarre story claiming there are obstacles to doing so claims. As I laid out weeks ago, the bureaucratic work-arounds are already in place.

No. The single most effective way for Senator McCain to prevent Trump from resuming torture is to ensure the people he appoints are actually opposed to it.

Already, Trump has named two pro-torture Republicans to top positions: Trump’s Attorney General pick, Jeff Sessions, voted against the anti-torture amendment McCain wrote to try to codify the law. In response to the release of the Torture Report, Trump’s CIA Director pick, Mike Pompeo, declared the torturers “are not torturers, they are patriots.”

McCain — whose comment on torture came the day after Trump named these appointees — has not committed to opposing their nomination. Instead, he just wants to make strong statements that will do little to prevent Trump from ordering Pompeo to resuming the torture.

Maybe that’s why McCain is getting so touchy about the President-elect.

Today, he told two different reporters he didn’t want to answer questions about Trump. Here’s what he said to HuffPo’s Laura Barron-Lopez:

I will not discuss President-elect Donald Trump, ok? And that is my right as a Senator. I do not have an obligation ma’am to answer any question I don’t feel like answering. I’m responsible for the people of Arizona and they just [re-elected] me overwhelmingly.

He said something similar to CNN’s Manu Raju.

Cranky-as-fuck John McCain is ratcheting it up!

But he’s going to need to crank it up even more. McCain, with just two of his colleagues, has the power and moral authority to oppose pro-torture appointees. That would require confronting the leader of his party. But it is also one of the only real ways to prevent the US from resuming torture.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

About that Russian Hacker Story

This story is going viral on social media. The CNN article, dated October 12, describes a compromise of a FL contractor they don’t situate in time.

Federal investigators believe Russian hackers were behind cyberattacks on a contractor for Florida’s election system that may have exposed the personal data of Florida voters, according to US officials briefed on the probe.

The hack of the Florida contractor comes on the heels of hacks in Illinois, in which personal data of tens of thousands of voters may have been stolen, and one in Arizona, in which investigators now believe the data of voters was likely exposed.
Later in the article, CNN makes it clear this is the same hack as described in this earlier ABC reporting, which expands on a story from several days earlier. ABC’s reporting doesn’t date the compromise either. Rather, it explains that FL was one of four states in which hackers had succeeded in compromising data, whereas hackers had scanned voting related systems — tried to hack systems — in half the states.

As ABC News first reported Thursday, hackers have recently tried to infiltrate voter registration systems in nearly half of the states across the country –- a significantly larger cyber-assault than U.S. officials have been willing to concede.

And while officials have publicly admitted Illinois and Arizona had their systems compromised, officials have yet to acknowledge that information related to at least two other states’ voters has also been exposed.

Hackers working on behalf of the Russian government are suspected in the onslaught against election-related systems, according to sources with knowledge of the matter.

And ABC’s source at least claimed that all hackers did was copy voter data.

The voter information was exposed after cyber-operatives gained entry to at least one computer associated with a private company hired to administer voter information, the sources said.

A simple “phishing” scheme –- with a malicious link or attachment sent in an email –- is likely how it all started, one source said.

“The attack was successful only in the sense that they gained access to the database, but they didn’t manipulate any of the voter [information] in the database,” the source said.

So, in spite of what people might think given the fact that the CNN is going viral right now, it doesn’t refer to a hack in conjunction with the election. It refers to a hack that happened well over a month ago. It refers to a hack that — at least according to people who have an incentive to say so — resulted only in the theft of data, not its alteration.

Both CNN and ABC use language that suggests the Russian government was behind this hack. Here’s CNN:

FBI investigators believe the the hacks and attempted intrusions of state election sites were carried out by hackers working for Russian intelligence.

And here’s ABC:

Hackers working on behalf of the Russian government are suspected in the onslaught against election-related systems, according to sources with knowledge of the matter.

But (as CNN points out) the October 7 joint DNI/DHS statement on Russian hacking doesn’t attribute the voting rolls part to the Russian state.

Some states have also recently seen scanning and probing of their election-related systems, which in most cases originated from servers operated by a Russian company. However, we are not now in a position to attribute this activity to the Russian Government.

An earlier DHS one explicitly attributes them to cybercriminals.

(U//FOUO) DHS has no indication that adversaries or criminals are planning cyber operations against US election infrastructure that would change the outcome of the coming US election. Multiple checks and redundancies in US election infrastructure—including diversity of systems, non-Internet connected voting machines, pre-election testing, and processes for media, campaign, and election officials to check, audit, and validate results—make it likely that cyber manipulation of US election systems intended to change the outcome of a national election would be detected.

(U//FOUO) We judge cybercriminals and criminal hackers are likely to continue to target personally identifiable information (PII), such as that available in voter registration databases. We have no indication, however, that criminals are planning theft of voter information to disrupt or alter US computer-enabled election infrastructure.

There were known instances of identity thieves hacking voting rolls going back some time, so it is possible that’s all this was about.

We learned recently that FBI Director Comey pointedly did not want to be included on the joint DNI/DHS statement, because it was too close to the election. So it’s possible there was disagreement about that part of it (which might explain the FBI-sourced leak to CNN).

Also note, I believe the known hackers used different methods, including both SQL injection and phishing. If in response to the earlier ones, DHS did a review of voting systems and found a number of phishes using the same methods as GRU, that may explain why FBI would say it was Russian.

In any case, we don’t know what happened, and at least public claims say the hackers didn’t alter any data.

But the CNN story, at least, is not about something that just happened.

Update: Fixed some typos and clarity problems.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

False Reassurances: On Pixie Dusted Executive Orders, Appendix M, and Proxy Detention and Torture

In the wake of Trump’s victory, a number of people have offered some thoughts intended to reassure. In a piece titled, “The United States is not about to spiral into tyranny,” Kevin Drum claimed — among other things — that Trump will have a hard time reversing Obama’s Executive Orders.

Trump will learn that repealing executive orders is harder than he thinks, and it’s unlikely he has the attention span to really keep at it.

And a number of pieces — such as this one from Reuters — point to last year’s language in the NDAA limiting interrogation to techniques that appear in the Army Field Manual.

Trump’s support for water-boarding, an interrogation technique that simulates drowning, also would meet opposition. Congress last year passed legislation barring the use of waterboarding and other “extreme interrogation techniques” widely considered torture. Obama signed the measure into law last November.

Both of those reassurances are overly optimistic.

Pixie Dusting EOs

Even on its face, the idea that Trump can’t reverse Obama’s EOs doesn’t make sense. A president has uncontested authority to pass EOs as he pleases. The only limit on that power is Congress. If sufficient numbers in Congress, backed by sufficiently powerful leaders in Congress, want to contest a president’s public EOs, they can try to legislate or defund an activity.

There is no likelihood of that happening with Trump anytime soon. None. Especially not with the EO that Trump is probably most anxious to reverse, Obama’s order deferring deportation of 5 million people who’ve long been valuable members of American society.

More importantly — and this is something everyone needs to start accounting for — according to two different OLC memos, one used to authorize Iran-Contra, the other used to authorize Stellar Wind, the president doesn’t even have to make the actual implementation of his EOs public.

An executive order is only the expression of the President’s exercise of his inherent constitutional powers. Thus, an executive order cannot limit a President, just as one President cannot legally bind future Presidents in areas of the executive’s Article II authority. Further, there is no constitutional requirement that a President issue a new executive order whenever he wishes to depart from the terms of previous executive order. In exercising his constitutional or delegated statutory powers, the President often must issue instructions to his subordinates in the executive branch, which takes the form of an executive order. An executive order does not commit the President himself to a certain course of action. Rather than “violate” an executive order, the President in authorizing a departure from an executive order has instead modified or waived it. Memorandum for the Attorney General, From: Charles J. Cooper, Assistant Attorney General, Re: Legal Authority for Recent Covert Arms Transfers to Iran (Dec. 17, 1986). In doing so, he need not issue a new executive order, rescind the previous order, or even make his waiver or suspension of the order publicly known. Thus, here, the October 4, 2001 Authorization, even if in tension with Executive Order 12,333, only represents a one-time modification or waiver of the executive order, rather than a “violation” that is in some way illegal.

While Jack Goldsmith’s May 6, 2004 Stellar Wind memo supplanted the Yoo memo in which he made this argument, there has been no public repudiation of this logic or the underlying Iran-Contra memo, not by Constitutional scholar Barack Obama, not by Congress.

In other words, no one has invented any kind of requirement that the president let the public or even Congress know what rules he believes he is bound by.  Indeed, it’s absurd to think Obama would have institutionalized something like that, given that (according to CIA General Counsel Caroline Krass) his administration has started hiding its self-authorizations in places besides OLC so we won’t know where to look for them.

Which means a man who used disinformation to get elected has no obligation to tell us what rules he considers himself bound by.

Three shell games that already exist under which to conduct torture

Similarly, the NDAA prohibition on torture is less ironclad than often claimed. That amendment didn’t prohibit torture. Rather, it restricted national security interrogators to the techniques in the Army Field Manual.

The amendment explicitly excluded law enforcement personnel from this restriction. As John Brennan said when he was asked about this way back in 2013, the FBI has its own processes and procedures, many of which remain obscure, others of which include clear loopholes. Importantly, the FBI increasingly operates — as the DEA has long done — overseas, where any problematic processes and procedures can easily be hidden.

In addition, as Jeff Kaye pointed out at the time, the AFM includes a section called Appendix M, which permits the use of a technique called Separation. The UN Committee Against Torture found Appendix M problematic, because it induced psychosis, during the UN review of US practices back in 2014.

But there’s another problem with the AFM. In 2006, Steven Bradbury wrote an OLC memo that basically authorized Appendix M largely divorced from the actual details of it. As I read it, that memo may be used for authorization of techniques used in Appendix M even if they’re not enumerated in the memo, meaning Trump can put anything in Appendix M and claim to have OLC buy-off. In fact, Bradbury incorporated within that memo yearly updates to the Appendix. It basically created a drawer, which might or might not be classified, into which DOD could throw whatever it wants to do.

When Congress passed the NDAA, they required the Appendix M to be reviewed to make sure it is humane and legal — but not until 2017. So while the intent of this amendment was explicitly to prohibit inhumane treatment, it relies on a structure of interpretations left up to the future President. The future President, as it turns out, got elected insisting that waterboarding is not torture.

Finally, the Drone Rule Book (which Trump can throw out on January 20 in any case) explicitly envisions letting our friends detain people, so long as they give us reassurances the person will be treated humanely. The Bush Administration started waterboarding people by watching while Egyptians did the waterboarding for us. It asked Bashar al-Assad (and a number of other countries we still are friends with) do far worse to people on our behalf. There has never been any appetite to eliminate the shell game of proxy detention. Indeed, Obama has used such shell games in Somalia and Kuwait, with tortured alleged in the latter case.

The CIA has been leaking wildly about its concerns about being asked to torture. But the CIA — and its enablers — didn’t do the things to make it impossible to ask them to torture when we had the chance.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

Will Trump’s Skepticism about NATO Bring EU Closer Together?

Before most of us were awake, NATO’s Secretary-General made what I consider an ill-considered statement reminding President-elect Trump that NATO is a treaty commitment.

“NATO’s security guarantee is a treaty commitment and all allies have made a solemn commitment to defend each other and this is something which is absolute and unconditioned,” NATO Secretary-General Jens Stoltenberg told a news conference.

[snip]

Stoltenberg, a former prime minister whose own country Norway borders Russia, sought to remind the new president-elect that the only time NATO had activated its so-called Article 5 commitment, was in the defense of the United States — following the Sept. 11 attacks on New York and Washington in 2001.

He also said NATO allies were a big part of the U.S.-led strategy to stabilize Afghanistan and rid it of militants hostile to the West, with a long-standing NATO presence in the country since the 2001 attacks.

NATO “is important both for collective defense in Europe and to provide help and play a role in the fight against international terrorism”, Stoltenberg said.

I say this was ill-considered because I think NATO needs to think seriously about Turkey’s role in the alliance, particularly given Erdogan’s crackdown and incursions into Iraq. Sure, NATO may find exceptions for Turkey that it wouldn’t for the US. But it is a complex time.

This may be unpopular. But I actually think President-elect Trump’s skepticism about NATO may have some upside.

I say that, first of all, because NATO has increasingly played a force multiplying effect on stupid American wars. That is actually the one area where Trump has been positive of NATO — asking them to do more in our stupid wars in the Middle East. But it’s one area where European countries have doubts. So maybe Trump will make it harder to use NATO to legitimize US invasions.

NATO also serves as the pole of the US-Europe relationship that gives the US the key leadership role, a way to bypass the EU itself to push dubious policy. Curiously, NATO is what Theresa May pointed to as the cement of the post-Brexit relationship. But what if Europe decides they need to develop their own capacities, and with them gain more independence from the US?

Sure, most of these discussions will be about perceived Russia aggression in Eastern Europe. It’s unclear how much Trump’s soft side for Putin will affect events in Eastern Europe (and whether Trump will be smart enough not to get completely rolled by Putin).

But NATO has increasingly become an offensive alliance, not a defensive one. Maybe it’s time to rein in that part of it?

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

NYT Ombud Calls for More Unproven Fearmongering

In an overly dramatic (and in key areas, fluff) piece promising voting related hacks long into the future, David Sanger includes this passage.

The steady drumbeat of allegations of Russian troublemaking — leaks from stolen emails and probes of election-system defenses — has continued through the campaign’s last days. These intrusions, current and former administration officials agree, will embolden other American adversaries, which have been given a vivid demonstration that, when used with some subtlety, their growing digital arsenals can be particularly damaging in the frenzy of a democratic election.

“Most of the biggest stories of this election cycle have had a cyber component to them — or the use of information warfare techniques that the Russians, in particular, honed over decades,” said David Rothkopf, the chief executive and editor of Foreign Policy, who has written two histories of the National Security Council. “From stolen emails, to WikiLeaks, to the hacking of the N.S.A.’s tools, and even the debate about how much of this the Russians are responsible for, it’s dominated in a way that we haven’t seen in any prior election.”

The magnitude of this shift has gone largely unrecognized in the cacophony of a campaign dominated by charges of groping and pay-for-play access.

On a day when results from North Carolina strongly suggest that efforts to suppress the African American vote have thus far worked, the NYT frames a story by arguing that cyber — not racism and voter suppression — accounts for “most of the biggest stories of the election cycle” (the story goes on to include Hillary’s email investigation in with the Russian hacks dealt with in the story).

It does so even while insintuating that the “probes of election-system defenses” are a Russian state-led effort, which the Intelligence Community pointedly did not say. Indeed, a DHS assessment dated September 20 — before that Intelligence Statement — (and publicly posted Saturday) attributes such probes to “cybercriminals and criminal hackers.”

(U//FOUO) We judge cybercriminals and criminal hackers are likely to continue to target personally identifiable information (PII), such as that available in voter registration databases. We have no indication, however, that criminals are planning theft of voter information to disrupt or alter US computer-enabled election infrastructure.

Sanger posted his piece, claiming that cyber is the most important part of this election, in the wake of NYT’s ombud, Liz Spayd, posting her own piece judging — partly based off Sanger’s assessment — that the NYT should put someone on the Russian hacking story full time.

[W]hile several reporters have periodically contributed to the coverage, no one was dedicated to it full time. That’s too bad. In my view, The Times should have assembled a strike force and given it a mandate to make this story its top priority.

[snip]

I asked Sanger, a highly knowledgeable and seasoned hand on matters of cyberwarfare, about the challenges in covering information hacks. “American drone strikes and Russians bombing a hospital in Syria are immediate, gripping, tragic human stories,” he said. “A cyberstrike, by nature, is subtle, its effects often hidden for months, its importance usually a mystery. The bigger story here is that a foreign power has inserted itself in the fundamental underpinnings of American democracy using cybertechniques. We’ve never seen that before.”

That sounds like a pretty powerful argument for all-hands-on-deck coverage. After all, Trump’s treatment of women, Clinton’s email servers, the foundations of each candidate — all of it will soon fade out. The cyberwar, on the other hand, is only getting started.

Spayd makes a number of unproven or even false claims in her piece. Not only does she (like Sanger) claim that those probing voter poll sites are Russian (implying they are state hackers), she also implies the Shadow Brokers hack was done by Russia (which may be true but is far from proven).

So was the National Security Agency. Now, hackers are meddling with the voting systems in several states, leaving local officials on high alert.

She asks a question — were the Russians running Trump — she answers in her own piece.

And most critically, what has it done to try to establish whether Donald Trump was colluding with Russian intelligence, as Clinton suggests?

[snip]

The Times finally weighed in on this question last week, concluding that there is no compelling evidence linking Trump to the hackers. The piece, which ran on A21 and down page on the website, appeared to have been in the works for some time. Yet it was published just seven days before the election, and was unsatisfying in exploring the back story that led to its conclusions.

In a piece that notes there is no evidence the Russians are behind the poll probes, she suggests a Sanger piece suggesting they might have been should have been somewhere more prominent than page A15.

A piece laying out evidence that the Russians may be trying to falsify voting results in state databases ran on A15 and got minimal play digitally.

And she applauds a highly problematic piece claiming Julian Assange and Wikileaks always side with the Russians.

Led by David Sanger, The Times was first to link the Russians to the hacks, to examine the baffling role of Julian Assange and WikiLeaks and to smartly explore the options that the Obama administration could use to retaliate. I have no substantive complaints about the stories The Times has done.

In short, she points to a lot of problematic, hasty fearmongering the NYT has done on this front (as well as the one debunking much of that fearmongering, though she complains that doesn’t offer enough detail). And then says NYT should do more of it.

From the sounds of things, what she really wants is more cloak and dagger on the front pages of the NYT. Even if NYT has to invent a Russian tie to get it there.

Update: Egads.

The NYT just decided to tweet out its crappy Assange only does things Putin likes piece again.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.