On Wikileaks and Chelsea Manning’s Commutation

Today, President Obama commuted Chelsea Manning’s sentence, effective May 17. May she have the fortitude to withstand five more months of prison.

Among the many responses to the commutation, many people are pointing to a tweet Julian Assange wrote in September, promising to agree to US prison if Manning got clemency.

Assange made a very similar comment more recently, on January 12.

To Assange’s credit, he has long called for clemency for Manning; and whatever you think of Assange, his anger against Hillary was in significant part motivated by Clinton’s response to the Manning leaks. Manning might have been able to cooperate against Assange for a lesser sentence, but there was nothing Assange did that was not, also, what the NYT has done.

Indeed, the oddity of Assange’s original tweet is that, as far as has been made public, he has never been charged, not even for aiding Edward Snowden as a fugitive.

Nevertheless, since the comments, Assange’s European lawyer said he stands by his earlier comment (though she points out the US has not asked for extradition).

But I’d like to point to a third tweet, which might explain why Assange would be so willing to be extradited now.

The day after Assange repeated his promise to undergo extradition, just as the uproar over the Trump dossier led Christopher Steele to go into hiding has been roiling, Assange also tweeted a comment at least pretending he thought he might be murdered.

Sure, Assange is paranoid. But while Assange has been hiding behind purportedly American IDed cutouts, claiming plausible deniability that he got the DNC emails from the Russians, he surely knows, now, those people were cut-outs. The Russians, Trump, and any American cutouts that Assange could ID would badly like him to sustain that plausible deniability.

And the Russians have a way of silencing people like that, even in fairly protected places in London.

So while Assange could just be blowing smoke, Assange may well be considering his options, coming to the US on a plea deal versus dealing with Putin’s goons.

All of which might make such deals more attractive.

Update: Here’s Assange’s latest on this.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

Brennan Makes Even Crazier Plausible Deniability Claims about Trump Dossier

As I have laid out, the intelligence community has been making some odd claims about the Trump dossier. First, James Clapper claimed that the IC was the last to learn of the dossier, in spite of the fact that IC member FBI was getting the reports at least by August and probably earlier. Then, Sunday, John Brennan claimed the IC couldn’t be held responsible for leaking the dossier (though without denying that the IC had leaked it), because the dossier had already been out there; except the dossier — released with a report that post-dates all known public versions of the dossier — therefore post-dates what “was already out there.”

Brennan’s back with yet another claim, this in response to Trump’s insinuation that Brennan might have leaked it: Brennan claimed he has never read the dossier.

“Was I a leaker of this? No,” Mr. Brennan said Monday in an interview at CIA headquarters, days before he ends a career that has spanned more than three decades and that took him from entry-level recruit to head of the nation’s most storied spy service.

“First of all, this is not intelligence community information,” Mr. Brennan said. He noted that the dossier had been circulating “many months” and that he first heard about it from inquiring reporters last fall. To date, he hasn’t read the document and gave it no particular credence, he said.

“I would have no interest in trying to give that dossier any additional airtime,” Mr. Brennan said.

I mean, sure, you’re conducting one of the most sensitive briefings of recent history. The briefers here are all principals — along with Brennan and Clapper, Admiral Mike Rogers and Jim Comey. And you don’t even read the stuff that goes into it? You don’t review the underlying dossier that, you claim, you’re briefing just so Trump knows what the Russians have on him?

That may well be true. But if it is, it suggests a very deliberately cultivated plausible deniability, one that the decision to have Comey brief the dossier to Trump by himself only adds to. Most charitably, Brennan cultivated such deniability only to ensure he can claim that the CIA is not engaging in domestic politics (and that may well be enough).

But along with the pointedly false claims about what the IC knew when, the claim raises questions about why CIA would go so far out of its way to be able to claim they didn’t know.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

The Significance of the December 13 Trump Dossier Report

John Brennan and Donald Trump are in a fight.

In his press conference last week, Trump called out the intelligence community for “allowing … information that turned out to be so false and fake” out, likening the leak to something that would happen in Nazi Germany.

I think it was disgraceful, disgraceful that the intelligence agencies allowed any information that turned out to be so false and fake out. I think it’s a disgrace. And I say that and I say that.

And that’s something that Nazi Germany would have done and did do. It’s a disgrace. That information that was false and fake and never happened got released to the public, as far as BuzzFeed, which is a failing pile of garbage, writing it, I think they’re going to suffer the consequences.

Over the weekend, Brennan went on Fox News to scold Trump for the Nazi analogy. At that appearance, he said this about the release of the dossier.

I think as the Director of National Intelligence said in his statement, this is information that’s been out there, circulating, for many months. So it’s not a question of the intelligence community leaking or releasing this information. It was already out there.

[snip]

There is no basis for Mr. Trump to point fingers at the intelligence community for leaking information that was already available publicly.

In response to Brennan’s appearance (and his suggestion Trump didn’t know what the fuck he was doing in Syria and Russia), Trump insinuated that Brennan may have leaked the dossier.

Let’s unpack this. Because while I have no idea who leaked the document (though I highly doubt Brennan would have done so personally), the intelligence community’s claims are really suspect.

As I noted last week, the James Clapper statement rather bizarrely claimed the IC was the last to know about the document. The dossier, according to Clapper, was “widely circulated in recent months among the media, members of Congress and Congressional staff even before the IC became aware of it.”

That (as some people have pointed out) cannot be true.

The stories about what Christopher Steele did when have been evolving. But David Corn’s description, based off a conversation that occurred before the IC started making public claims, strongly suggests that Steele started sharing documents with the FBI “soon” after “the end of June.”

By the end of June, he was sending reports of what he was finding to the American firm.

The former spy said he soon decided the information he was receiving was “sufficiently serious” for him to forward it to contacts he had at the FBI. He did this, he said, without permission from the American firm that had hired him. “This was an extraordinary situation,” he remarked.

Some other reports, based off claims made after the Clapper statement, put this date later — maybe August — even while the implication has always been that the FBI request for a FISA warrant in June stems from these reports.

Even if that information sharing dates to August, however, it would mean the FBI — a member of the IC — had regular updates from the dossier at least by then, if not by June. Sure, you might claim that FBI investigative teams are not part of the IC, but given that this would be a counterintelligence investigation, that’d be a laughable claim.

In other words, even assuming the claims about where the dossier came from and who paid for it are true, the IC was not the last to know, but one of the first.

There are two other dates of note that go into the claim the dossier was widely circulated before it got briefed to Trump this month. We know that the IC briefed the Gang of Eight on this dossier in October. Shortly thereafter, Corn received a copy of the dossier and wrote about it (though he has not revealed who gave it to him). Then in December, John McCain got a copy from Sir Andrew Wood. According to a Guardian article published around 9AM on the same day as the Clapper statement, McCain had not only received the dossier, but handed it over — yet another copy — to the FBI on December 9.

Senator John McCain, who was informed about the existence of the documents separately by an intermediary from a western allied state, dispatched an emissary overseas to meet the source and then decided to present the material to Comey in a one-on-one meeting on 9 December, according to a source aware of the meeting. The documents, which were first reported on last year by Mother Jones, are also in the hands of officials in the White House.

McCain, in a statement released midday on the day of the Clapper statement, is more vague about the hand-off date, describing it only as “late last year.”

I’m working on the specific times, but it is significant that the Guardian with the exact date came out in the morning on January 11, the vague McCain statement came out mid-day sometime, and Clapper’s statement came out that evening.

That’s significant because some people assume that McCain is the one who released the dossier — the dossier he received on December 9.

If that date is correct, the dossier couldn’t have come from McCain, because the last report in the dossier is dated four days later, December 13.

Very significantly, this last report, which talks about the Russian cover-up of the hack, alleges “the operatives involved had been paid by both TRUMP’s team and the Kremlin.” This is, in my opinion, one of the most incendiary claims in the entire dossier — that Trump not only encouraged Russia’s campaign, but paid operatives involved in it.

Just as significantly, the date completely undermines the substance of Brennan’s defense. When he says, “this is information that’s been out there, circulating, for many months. … It was already out there. … There is no basis for Mr. Trump to point fingers at the intelligence community for leaking information that was already available publicly,” he’s wrong. The full set of information released to BuzzFeed — including the allegation Trump paid for this operation — actually hasn’t been out there, because it post-dates all known circulation of the document.

Also remember that journalists have suggested they got copies of the dossier that redacted all the sources. This one didn’t. At least one likely source named in the report has died in curious circumstances since the release of the report.

I really have no idea where the dossier got leaked from — that is one reason I’m so interested in artifacts in the document that may raise questions about the provenance of the released dossier. I also wouldn’t, at this point, be surprised if Trump were getting his own stream of intelligence, possibly even from Russia, about where and how it got released.

But thus far, the IC’s claims about the dossier are even more dodgy than Trump’s, which is saying something.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

The Trump Dossier Alleges DNC Insiders Were Involved in Anti-Clinton Operation

I still have questions about the provenance of the Trump dossier, particularly with respect to how we’ve received it. While this article has been touted as answering a lot of questions, it actually creates new ones (plus, it would seem to violate the D Notice that formally prohibits talking about Christopher Steele and his role).

But I did want to point to a passage in the dossier that seems critically important, if it can be deemed true. (Note, Cannonfire has an OCRed version of the dossier here.) According to a July report from Steele, there were DNC insiders involved in the operation.

Agreed exchange of information established in both directions. team using moles within DNC and hackers in the US as well as outside in Russia. PUTIN motivated by fear and hatred of Hillary CLINTON. Russians receiving intel from team on Russian oligarchs and their families in US

[snip]

2. Inter alia, Source E, acknowledged that the Russian regime had been behind the recent leak of embarrassing e-mail messages, emanating from the Democratic National Committee (DNC), to the WikiLeaks platform. The reason for using WikiLeaks was “plausible deniability” and the operation had been conducted with the full knowledge and support of TRUMP and senior members of his campaign team. In return the TRUMP team had agreed to sideline Russian intervention in Ukraine as a campaign issue and to raise defence commitments in the Baltics and Eastern Europe to deflect attention away from Ukraine, a priority for PUTIN who needed to cauterise the subject.

3. In the wider context campaign/Kremlin co-operation, Source E claimed that the intelligence network being used against CLINTON comprised three elements. Firstly there were agents/facilitators within the Democratic Party structure itself; secondly Russian emigre and associated offensive cyber operators based in the US [note: corrected OCE error] and thirdly, state-sponsored cyber operatives working in Russia. All three elements had played an important role to date. On the mechanism for rewarding relevant assets based in the US, and effecting a two-way flow of intelligence and other useful information, Source E claimed that Russian diplomatic staff in key cities such as New York, Washington DC and Miami were using the emigre ‘pension’ distribution system as cover. The operation therefore depended on key people in the US Russian emigre community for its success. Tens of thousands of dollars were involved. [my emphasis]

The claim there were “moles” within the DNC would be perfectly consistent with something Julian Assange has long claimed: that he got the documents from a disgruntled DNC insider.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

The Released Trump Dossier Is Not the Complete Dossier

Update: Also note that these reports are not done in the same typeface, with variations between sans serif and serif fonts, changes to margins, and at least one report changing font size mid-report. I’ve marked those below as well, and will continue to work on margin size. I’ve been informed that this is a way the Brits track leakers, which means this copy should be identifiable to a particular leaker. 

I want to return to a point I made here about the dossier — billed as an oppo research project — on Donald Trump’s ties to Russia.

This is not the complete dossier. It was selectively released.

The gaps are immediately identifiable from the report numbering, which (as released) goes like this:

  • 080: June 20, 2016, serif
  • 086: July 26, 2015 (citing events in 2016), serif
  • 095: not dated, serif
  • 94: July 19, 2016, serif
  • 097: July 30, 2016, sans, justified
  • 100: August 5, 2016, serif, note typeface size change
  • 101: August 10, 2016, sans
  • 102: August 10, 2016, sans
  • 136: October 20, 2016, serif, wider margins
  • 105: August 22, 2016, serif
  • 111: September 14, 2016, serif
  • 112: September 14, 2016, serif
  • 113: September 14, 2016, serif
  • 130: October 12, 2016, larger sans
  • 134: October 18, 2016, smaller serif
  • 135: October 19, 2016, serif
  • 166: December 13, 2016, serif

You might think some of this is just about pages being out of order but someone — perhaps Buzzfeed? — wrote in page numbers by hand on the lower right.

So the reporting was frequent, sometimes more than daily. It must have started sometime in April, if not before (which explains how a project started by a Republican challenger to Trump ends up with a June 2016 report; we just don’t have the first 79 reports); it’s even possible the earlier reporting included more details on Hillary. Over that time, the reporting protocol changed (no longer identifying each source with a letter). And the reports continue into December, well past the election, and well past the time a Hillary supporter — ostensibly the funder for this project — might want to influence the election.

Reports 94 and 095 are especially weird, as it appears that the temporal sequences is broken. 095 reports on the general scope of the campaign against Hillary. 94 reports on meetings between Carter Page and Igor Sechin.

None of this explains why those gaps exist or what the oddness in reports 94 and 095 stem from. But it is a real reason to question the provenance of the copy BuzzFeed got.

Update: I’ve been informed that these kinds of typeface changes are a way the Brits use to track leakers.

So they may know who the leaker is here.

Here are two screen shots showing the justification and typeface change that happens at report 097.

Here’s page one of report 100. The last line seems to extend beyond the right margin.

The next page of report 100 has noticeably smaller typeface and an apparently different left margin.

Report 101 is back to right justified sans typeface, but much smaller than the one used in report 097. These screen caps are both 100X100 pixels.

 

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

How Did the IC Allegedly Remain Unaware of a Dossier Widely Shopped in DC?

Donald Trump spent yesterday and today going nuts because of the leak of the oppo research dossier. In response last night, James Clapper (who must be counting the seconds until he’s out of here at this point) spoke to Trump personally, then released a statement revealing what he had said. The statement reads:

This evening, I had the opportunity to speak with President-elect Donald Trump to discuss recent media reports about our briefing last Friday. I expressed my profound dismay at the leaks that have been appearing in the press, and we both agreed that they are extremely corrosive and damaging to our national security.

We also discussed the private security company document, which was widely circulated in recent months among the media, members of Congress and Congressional staff even before the IC became aware of it. I emphasized that this document is not a U.S. Intelligence Community product and that I do not believe the leaks came from within the IC. The IC has not made any judgment that the information in this document is reliable, and we did not rely upon it in any way for our conclusions. However, part of our obligation is to ensure that policymakers are provided with the fullest possible picture of any matters that might affect national security.

President-elect Trump again affirmed his appreciation for all the men and women serving in the Intelligence Community, and I assured him that the IC stands ready to serve his Administration and the American people.

While most have focused on the seeming confirmation that a summary of the dossier was included in Trump’s briefing on Friday, I’m most interested in the claim (one I don’t entirely believe) that the IC did not learn about this dossier until after the dossier “was widely circulated in recent months among the media, members of Congress and Congressional staff.”

According to one public claim, the IC learned of the dossier sometime before a late October briefing to the Gang of Eight, one that led Harry Reid to complain publicly that the FBI Was sitting on explosive information.

During that period, the leader of the Democrats in the Senate, Harry Reid, wrote to the director of the FBI, accusing him of holding back “explosive information” about Mr Trump.

Mr Reid sent his letter after getting an intelligence briefing, along with other senior figures in Congress. Only eight people were present: the chairs and ranking minority members of the House and Senate intelligence committees, and the leaders of the Democratic and Republican parties in Congress, the “gang of eight” as they are sometimes called. Normally, senior staff attend “gang of eight” intelligence briefings, but not this time. The Congressional leaders were not even allowed to take notes.

According to another claim — one backed by an on-the-record statement — McCain formally told Comey about the dossier on December 9 (which is the day leakapalooza started).

But I find it really hard to believe that Christopher Steele (the former MI6 officer who created the dossier) was shopping its contents for months without the IC asking some questions. And if it’s true, it means the dossier is entirely separate from the FISA warrant first sought in June.

Not to mention the fact, ODNI seems to be disclaiming IC involvement in things that antagonize Trump right now in ways I find really unconvincing, particularly with respect to CIA.

Ah well. The Intelligence Community. Always the last to know.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

The Democrats Newfound Love for Russian Intelligence Product

As you know, Buzzfeed published a dossier laying out Donald Trump’s ties to Russia last night. The dossier is described as oppo research done by a former MI6 agent first for a GOP rival (which doesn’t make a ton of sense as the dossier starts in June 2016) and then picked up by Hillary. There are competing reports on whether this dossier was included in the briefing on the Russian hack intelligence provided to Trump the other day (and I and others falsely claimed that this dossier is what some Senate Dems have pointed to as evidence they’ve been briefed about Trump’s ties to Russia).

I wanted to make a few points about the dossier.

First, note that this is not the complete dossier. There are references to reports that are not included with this dump. That means, even assuming the provenance on all else is solid, this is a cherry picked version of what the former MI6 consultant reported to Hillary.

Second, ask yourself why Hillary didn’t leak this dossier during the election (besides sharing the contents of it with David Corn). I don’t know the answer to that, but I’d sure like to know it (and I’ve got some theories that don’t raise my confidence about the dossier generally).

Third, as a number of people have noted, there are errors in this report, down to the spelling of Alfa Bank. That’s not itself discrediting, but it should caution people not to take this as finished intelligence.

For what it’s worth, I find some of it very credible. Some of it accords with stuff I know. Others of it conflicts in material ways with well-sourced information I know. I find other claims transparently silly (such as the report that anyone believed Trump didn’t have serious business ties to Russia). That may simply speak to the credibility of the individual underlying sources, or it may speak to the dossier generally. I don’t yet have an opinion on that.

Which brings me to the sources. Trump’s team has claimed that these reports come from Russian intelligence, which ought to raise the very good question of why we’d take as Gospel something Russian intelligence said now when we’re supposed to disdain known accurate information (Hillary emails) leaked on behalf of Russian intelligence. Trump’s claim is — as regards the most sensational of the claims in the report, that Trump had prostitutes urinate on a bed that Barack and Michelle Obama had used while in Moscow, as well as a few more of the claims — true. It is not true for others of the claims.

Which is to say, I’m not entirely sure what to make of this dossier yet. It is more interesting to me as an artifact — as something that Hillary had but chose not to leak but that got leaked yesterday of all days — than as a source of information, but I do think some of the information in the dossier might, with far more vetting, turn out to be somewhat accurate. There are reports FBI is investigating this document that I’m not 100% sure I believe.

I’ll come back to this analysis when I can print out the document, but here’s a list of all of the sources used in the report. Remember, before you get to these embedded sources (most are described as a “compatriot” of the actual source), you’ve got to remember the former MI6 agent paid to do opposition research (and perhaps directing his agents to look for opposition research). So everything here is Hillary’s surrogates to former MI6 agent to (usually) a “compatriot” to the underlying source. Also, some of these sources are obviously repetitive (such as the source close to Ivanov), so the entire dossier likely relies on closer to 10 underlying sources than the 31 listed here.

  1. Source A: Senior Russian Foreign Ministry figure with knowledge of intelligence the Kremlin was feeding Trump [via trusted compatriot]
  2. Source B: Former top level Russian intelligence officer still active insider the Kremlin, who says the Russians have enough material to blackmail Trump [via trusted compatriot]
  3. Source C: Senior Russian financial official
  4. Source D: A close associate of Trump who knows that the Ritz Carlton is under control by FSB
  5. Source E: redacted, possibly a staffer at the Ritz Carlton, which is reportedly controlled by FSB
  6. Source F: A female staffer at the Ritz, which is reportedly controlled by FSB
  7. Source G: A senior Kremlin official
  8. Unlabeled senior government official claiming the Russians had had only limited success penetrating foreign governments we know they’ve penetrated (like the US) but explaining RU had had increasing problems with its own hackers
  9. A Russian IT specialist with direct knowledge of FSB’s coercion and blackmail used to recruit hackers
  10. An IT operator inside a leading Russian State Owned Entity familiar with FSB penetration of a foreign director
  11. An FSB cyber operative
  12. Source E2: An ethnic Russian close associate of Trump who claims Trump has a minimal investment profile in Russia
  13. A Russian source close to Rosneft President Igor Sechin
  14. A compatriot of an official close to Presidential Admin Head Sergei Ivanov
  15. A trusted associate of a Russian émigré figure
  16. A Kremlin source close to Sergei Ivanov
  17. A Kremlin source close to Dmitri   Medvedev
  18. A close colleague of Sergei Ivanov
  19. A Kremlin official involved in US relations
  20. An ethnic Russian associate of Trump, who had spoken to Carter Page
  21. A compatriot of a Kremlin insider discussing Duma Head of Foreign Relations Committee Konstantin Kosachev
  22. A well-placed Russian figure
  23. An American political figure associated with Trump
  24. A trusted compatriot of a senior member of Presidential Administration and of a senior Minister of Foreign Affairs official
  25. A former top level Russian intelligence officer
  26. A trusted compatriot of a top level Russian government official
  27. A trusted compatriot of a St. Petersburg member of the political/business elite and another involved in the services/tourist industry
  28. A trusted compatriot of a senior Russian leadership figure and a foreign ministry official
  29. A trusted compatriot of a close associate of Rosneft President Igor Sechin, a senior member of Sechin’s staff, and a Kremlin insider with direct access to the leadership
  30. A longstanding compatriot friend of a Kremlin insider
  31. [Redacted]

 

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

Two Cautions on the Russian Hack of RNC Servers

I followed the Senate Intelligence Committee Hearing on the Russian hacking via Twitter on the train.

From what I can tell, there was a big stink about the fact that Russia hacked, but did not release, information from Republicans (aside from Colin Powell, but he appears to have been kicked out of the Republican party as far as hacking victims go). In addition, there was some befuddlement about the fact that the Russians hacked an old RNC server. Here’s WSJ’s coverage of it.

There are two details in the public domain that may go some way to explain the discrepancy.

First, as I pointed out here, you should distinguish between FSB and GRU when discussing these things (something the head spooks have been really sloppy about doing, helped in part by combining two different hacking groups into one Grizzly Steppe). As far as we know, FSB hacked the DNC for months, but never released anything. Whereas GRU was only in the DNC server for a few months, but then passed on the documents they stole to be leaked.

From what I’ve read online (I’ll check later) it’s possible FSB hacked the RNC, but — as they are thus far believed to have done with the DNC too — simply sat on the documents.

In addition, this report from SecureWorks (which is one of the more measured security contractor reports on the hack), which tracked which entities and people were targeted by fake GMail links, reveals that key Republican entities don’t use GMail and therefore would have had to have been hacked via other means.

Republican party or the other U.S. presidential candidates whose campaigns were active between mid-March and mid-May: Donald Trump, Bernie Sanders, Ted Cruz, Marco Rubio, and John Kasich. However, the following email domains do not use Google mail servers and may have been targeted by other means:

  • gop.com — used by the Republican National Committee
  • donaldjtrump.com — used by the Donald Trump campaign
  • johnkasich.com — used by the John Kasich campaign

Access to targets’ Google accounts allows TG-4127 to review internal emails and potentially access other Google Apps services used by these organizations, such as Google Drive.

Of course, phishing is phishing, and if you can make an expert fake of a Gmail login, you can do the same for some other login. But one major source of information on the hack of Democrats (though not necessarily on the DNC, given that it was not using Gmail when the report was done) has a gap for the campaigns that didn’t use Gmail.

Presumably, the IC has more than just a bunch of clicked fake Gmail links to go on, though, including awareness of other, non-Gmail phishing campaigns.

That said, details like this are one of the reasons top spooks would raise confidence in their Trust Us claims by being rigorous about what they’re actually referring to.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

Switzerland, Swaziland? IC Gets IP Geography Wrong in Russia Report

I’ve been busy taking my mom to cancelled doctors’ appointments, so my coverage of the various hearings today will be delayed, at best.

But I wanted to point to this study on the IC Joint Analysis Report from Europe. (French language version here)

It double checked the IP address locations included in the report against the actual location of the IP address, and found that in 18 cases, the IC report gave the wrong location. Most remarkably, for three servers located in Switzerland, the IC report IDed the location as Swaziland. In addition, the report mixed up Denmark and Germany.

That’s probably no big deal: just a typo, on top of some lack of familiarity with nation-state extensions (though these particular servers may deserve more focus).

But it is a testament to how quickly this report was put together.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

The Declassified Russian Hack Report

The Intelligence Community’s report on Russia’s tampering in the election is here.

What we see of it is uneven. I think the report is strongest on Russia’s motive for tampering with the election, even if the report doesn’t provide evidence. I think there are many weaknesses in the report’s discussion of media. That raises concerns that the material on the actual hack — which we don’t get in any detail at all — is as weak as the media section.

This will be a working thread.

The first 5 pages are front-matter and fluff, which means this is less than a 10 page report, plus a media annex which is problematic.

Scope

Here’s how the report describes the scope of the assessment.

It covers the motivation and scope of Moscow’s intentions regarding US elections and Moscow’s use of cyber tools and media campaigns to influence US public opinion. The assessment focuses on activities aimed at the 2016 US presidential election and draws on our understanding of previous Russian influence operations. When we use the term “we” it refers to an assessment by all three agencies.

I checked with ODNI, and the classified report has the exact same conclusions as this one, suggesting the scope is the same. That seems to be a significant problem to me. At a minimum, it should address whether Shadow Brokers was part of the same campaign. But there are other, less obvious things that would need to be included that would not be under this scope, things that I believe should be considered in the process of drawing conclusions.

The scope also includes this, which Director Clapper had already noted in yesterday’s hearing.

We did not make an assessment of the impact that Russian activities had on the outcome of the 2016 election. The US Intelligence Community is charged with monitoring and assessing the intentions, capabilities, and actions of foreign actors; it does not analyze US political processes or US public opinion.

It’s a bit of a cop-out, but a fair one: our nation’s spooks should not be delving into electoral outcomes (aside from the way the FBI’s Jim Comey was the most important player in this election after Hillary).

Sourcing

I’m fascinated by the entirety of the sourcing section. First, it doesn’t even say that it is relying on private contractor reports, which it surely is.

Many of the key judgments in this assessment rely on a body of reporting from multiple sources that are consistent with our understanding of Russian behavior.

Then there’s this section that pretends the government doesn’t have Putin and his associates lit up like Christmas trees.

Insights into Russian efforts—including specific cyber operations—and Russian views of key US players derive from multiple corroborating sources. Some of our judgments about Kremlin preferences and intent are drawn from the behavior of Kremlin loyal
political figures, state media, and pro-Kremlin social media actors, all of whom the Kremlin either directly uses to convey messages or who are answerable to the Kremlin.

On top of all the other problems with the media section, this use of media is tautological: a statement that because Russia has propaganda all its propaganda must be a clear representation of Russia’s views.

The Russian leadership invests significant resources in both foreign and domestic propaganda and places a premium on transmitting what it views as consistent, self-reinforcing narratives regarding its desires and redlines, whether on Ukraine, Syria, or relations with the United States.

Key Judgements

While it is nowhere near this bad elsewhere, check out how the IC conceives of Russia’s efforts in terms of US exceptionalism, the “US-led liberal democratic order.”

Russian efforts to influence the 2016 US presidential election represent the most recent expression of Moscow’s longstanding desire to undermine the US-led liberal democratic order, but these activities demonstrated a significant escalation in directness, level of activity, and scope of effort compared to previous operations. [my emphasis]

I mean, Putin also wants to disrupt US backing of Saudi/Qatari regime change in Syria, and US backing for Neo-Nazis in Ukraine. But the IC pitches US hegemony as exclusively ponies and daisies.

Contrary to what you might read at other outlets, the assessment of Russia’s motive describes Putin’s animosity towards Clinton before it addresses his fondness for Trump.

Russia’s goals were to undermine public faith in the US democratic process, denigrate Secretary Clinton, and harm her electability and potential presidency. We further assess Putin and the Russian Government developed a clear preference for President-elect Trump. We have high confidence in these judgments.

In fact, the judgment that Putin affirmatively wanted Trump is broken out largely because the NSA has less confidence in this than the CIA and FBI.

We also assess Putin and the Russian Government aspired to help President-elect Trump’s election chances when possible by discrediting Secretary Clinton and publicly contrasting her unfavorably to him. All three agencies agree with this judgment. CIA and FBI have high confidence in this judgment; NSA has moderate confidence.

That’s especially interesting given the reference to what we know to be, in part, intercepts showing Putin and his buddies celebrating.

Further information has come to light since Election Day that, when combined with Russian behavior since early November 2016, increases our confidence in our assessments of Russian motivations and goals.

That says that the folks who spend the most time reading SIGINT are the least convinced the SIGINT supports the case that Putin was hoping to get Trump elected.

Here’s the key finding on the hack: that GRU not only hacked the targets but used the cut-outs to get the information to the outlets to publish.

We assess with high confidence that Russian military intelligence (General Staff Main Intelligence Directorate or GRU) used the Guccifer 2.0 persona and DCLeaks.com to release US victim data obtained in cyber operations publicly and in exclusives to media outlets and relayed material to WikiLeaks.

We know the classified report describes the cut-outs that got the documents to Assange.

The one new disclosure in this document is that the IC now assesses the probes of state-related election outlets to be Russian, which they had never before done.

Russian intelligence obtained and maintained access to elements of multiple US state or local electoral boards. DHS assesses that the types of systems Russian actors targeted or compromised were not involved in vote tallying.

I’ll come back to this point.

I noted in my deep dive on the sanctions package that the sanctions apply to those who tamper in our allies’ elections. This finding — that Russia wants to do more of this — is why the EO was written that way.

We assess Moscow will apply lessons learned from its Putin-ordered campaign aimed at the US presidential election to future influence efforts worldwide, including against US allies and their election processes.

Russia’s influence campaign

In addition to restating the top-line motives, the section describing why Putin ordered this operation (and it does say that, explicitly) this section describes a few of the motives that the IC hasn’t been as ready to leak to the press. It describes Putin’s retaliation for Panama Papers and the Olympic doping scandal this way:

Putin publicly pointed to the Panama Papers disclosure and the Olympic doping scandal as US-directed efforts to defame Russia, suggesting he sought to use disclosures to discredit the image of the United States and cast it as hypocritical.

Note how the passage does not deny that the US was behind Panama Papers (for which there is no public evidence) and the doping scandal (which would fit more squarely in the way the US wields its power). I assume the most compartmented version of this report explains whether we did have a role in Panama Papers.

The report also admits that Putin did this to retaliate for what protests he believes Clinton incited in Russia.

Putin most likely wanted to discredit Secretary Clinton because he has publicly blamed her since 2011 for inciting mass protests against his regime in late 2011 and early 2012, and because he holds a grudge for comments he almost certainly saw as disparaging him.

Again, this passage is remarkably non-committal about whether the US did incite those protests.

The timing on the description of how Russia came to love the Donald is interesting — beginning in June.

Beginning in June, Putin’s public comments about the US presidential race avoided directly praising President-elect Trump,

In its description of Putin’s desire to force an international ISIL coalition, the report doesn’t address a number of things, most notably the reasons why we don’t have an international coalition now. Again, this is a bullet point that I’m sure the most classified report has far more detail on.

Moscow also saw the election of Presidentelect Trump as a way to achieve an international counterterrorism coalition against the Islamic State in Iraq and the Levant (ISIL).

Likewise, I wonder whether there’s backup to this discussion of Putin’s comfort in working with people who have business ties to Russia.

Putin has had many positive experiences working with Western political leaders whose business interests made them more disposed to deal with Russia, such as former Italian Prime Minister Silvio Berlusconi and former German Chancellor Gerhard Schroeder.

How much did CIA lay out what Trump’s business interests in Russia are?

The section on the actual hack is interesting. It starts by saying “Russian intelligence” got into the DNC in July 2015, which would refer to the FSB hack. Here’s how it talks about the GRU hack(s).

The General Staff Main Intelligence Directorate (GRU) probably began cyber operations aimed at the US election by March 2016. We assess that the GRU operations resulted in the compromise of the personal e-mail accounts of Democratic Party officials and political figures. By May, the GRU had exfiltrated large volumes of data from the DNC.

So:

  • The report admits that they don’t know when GRU started this. This is interesting for a slew of reasons, not least that it shows some uncertainty in the forensics.
  • Note how it refers to “Democratic party officials and political figures,” but never Podesta by name. It also doesn’t name Colin Powell, though the follow-up language must include him too.
  • Here, unlike in the JAR, the report says GRU exfiltrated a lot of data.

I’m not terrifically impressed by their paragraph on Guccifer 2.0, which is a problem, because this is one of the weakest parts of their argument.

Guccifer 2.0, who claimed to be an independent Romanian hacker, made multiple contradictory statements and false claims about his likely Russian identity throughout the election. Press reporting suggests more than one person claiming to be Guccifer 2.0 interacted with journalists.

I’ll come back to this. I just think it’s weak in a number of places.

The DC Leaks passage is stronger.

Content that we assess was taken from e-mail accounts targeted by the GRU in March 2016 appeared on DCLeaks.com starting in June.

Here’s the passage on WikiLeaks.

We assess with high confidence that the GRU relayed material it acquired from the DNC and senior Democratic officials to WikiLeaks. Moscow most likely chose WikiLeaks because of its selfproclaimed reputation for authenticity. Disclosures through WikiLeaks did not contain any evident forgeries.

The passage doesn’t talk about cut-outs, but earlier leaks make it clear that’s how it happened. I think the sentence “Moscow most likely chose WL” is either bullshit or not very smart.

Others have complained that this passage confirms there were no “obvious forgeries.” The passage as a whole undermines some claims IC affiliates were saying in real time. So behind this paragraph, there’s a whole lot of real-time assessments that were revisited. Indeed, several paragraphs later, the report makes the claim that forgeries are the MO for GRU.

Such efforts have included releasing or altering personal data, defacing websites, or releasing emails.

I’m going to come back to the passage on WL and RT.

Note, the report includes the WADA hacking, even though the scope of this is supposed to be the election.

Again, I’m going to come back to the section on the info ops. I think it is weak, in part because it doesn’t seem to distinguish genuinely held belief from outright propaganda. But this passage really gets to the core of the problem with it.

RT’s coverage of Secretary Clinton throughout the US presidential campaign was consistently negative and focused on her leaked e-mails and accused her of corruption, poor physical and mental health, and ties to Islamic extremism. Some Russian officials echoed Russian lines for the influence campaign that Secretary Clinton’s election could lead to a war between the United States and Russia.

After all, you could say the same about most mainstream US outlets (some of which were ahead of RT on Hillary’s health). There is almost nothing in the RT section that couldn’t be said by a lot of  US based outlets, some of which got bigger play. So how do you prove something is propaganda if it is doing what everyone else is doing? Moreover, much of what the passage points to depends on social media, and therefore algorithms built in Silicon Valley. Are they not a part of this propaganda? Also note, there’s no discussion of Sputnik here, which was if anything more obvious in its opposition to Hillary. Why?

There’s a long section from 2012 that deals with RT. I’ll return to it when I return to the media section. It’s really bad, though.

The report says it’s not going to weigh in on whether Russia’s efforts affected the election. But it does, here.

We assess the Russian intelligence services would have seen their election influence campaign as at least a qualified success because of their perceived ability to impact public discussion.

 

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.