Posts

The DNC-Centric Focus of the HPSCI Investigation

Through the duration of the various Russia investigations, skeptics always harp on two questions pertaining to the Russian election year hacks — why the Democrats never turned over the DNC “server,” singular, to the FBI, allegedly leaving the FBI to rely on Crowdstrike’s work, and whether several sets of files released via Guccifer 2.0 showed signs of non-Russian origin. That is, skeptics look exclusively at the DNC, not the totality of the known Russian targeting.

Looking at the list of witnesses the House Intelligence Committee called (which the committee will release in the coming weeks) shows one reason why: that the most public and propagandist of all the Russia investigations focused on the DNC to the detriment of other known Democratic targets.

Here’s what the list of the HPSCI interviews looks like arranged by date (HPSCI will not be releasing the bolded interviews).

  1. [Comey, Jim (May 2 and 4, 2017): Intel]
  2. [Rogers, Mike (May 4, 2017): Intel]
  3. [Brennan, John (May 23, 2017): Intel]
  4. Coats, Dan (June 22, 2017): Intel
  5. Farkas, Evelyn (June 26, 2017): Ukraine/RU DOD
  6. Podesta, John (June 27, 2017): Clinton Chair
  7. Caputo, Michael (July 14, 2017): RU tied Trump
  8. Clapper, James (July 17, 2017): Intel
  9. Kushner, Jared (July 25, 2017): June 9 etc
  10. Carlin, John (July 27, 2017): Early investigation
  11. Gordon, JD (July 26, 2017): Trump NatSec
  12. Brown, Andrew (August 30, 2017): DNC CTO
  13. Tamene, Yared (August 30, 2017): DNC tech contractor
  14. Rice, Susan (September 6, 2017): Obama response to hack/unmasking
  15. Stone, Roger (September 26, 2017): Trump associate
  16. Epshteyn, Boris (September 28, 2017): RU-tied Trump
  17. Tait, Matthew (October 6, 2017): Solicit hack
  18. Safron, Jonathan (October 12, 2017): Peter Smith
  19. Power, Samantha (October 13, 2017): Obama response to hack/unmasking
  20. Catan, Thomas (October 18, 2017): Fusion
  21. Fritsch, Peter (October 18, 2017): Fusion
  22. Lynch, Loretta (October 20, 2017): Investigation
  23. Parscale, Brad (October 24, 2017): Trump’s data
  24. Cohen, Michael (October 24, 2017): Trump lawyer
  25. Rhodes, Benjamin (October 25, 2017): Obama response to hack/unmasking
  26. McCord, Mary (November 1, 2017): Early investigation
  27. Kaveladze, Ike (November 2, 2017): June 9 meeting
  28. Yates, Sally (November 3, 2017): Early investigation
  29. Schiller, Keith (November 7, 2017): Trump bodyguard
  30. Akhmetshin, Rinat (November 13, 2017): June 9
  31. Samachornov, Anatoli (November 28, 2017): June 9
  32. Sessions, Jeff (November 30, 2017): Trump transition
  33. Podesta, John (December 4, 2017): Dossier
  34. Denman, Diana (December 5, 2017): RNC platform
  35. Henry, Shawn (December 5, 2017): Crowdstrike
  36. Trump, Jr. Donald (December 6, 2017): June 9
  37. Phares, Walid (December 8, 2017): Trump NatSec
  38. Clovis, Sam (December 12, 2017): Trump NatSec
  39. Goldfarb, Michael (December 12, 2017): Dossier
  40. Elias, Marc (December 13, 2017): Dossier
  41. Nix, Alexander (December 14, 2017): Cambridge Analytica
  42. Goldstone, Rob (December 18, 2017): June 9
  43. Sussmann, Michael (December 18, 2017): Hack and dossier
  44. McCabe, Andrew (December 19, 2017): Early investigation
  45. Kramer, David (December 19, 2017): Dossier
  46. Sater, Felix (December 20, 2017): RU connected Trump
  47. Gaeta, Mike (December 20, 2017): Dossier go-between
  48. Sullivan, Jake (December 21, 2017): Dossier
  49. [Rohrabacher, Dana (December 21, 2017): Russian compromise]
  50. [Wasserman Schultz, Debbie (December 21, 2017): dossier]
  51. Graff, Rhona (December 22, 2017): June 9
  52. Kramer, David (January 10, 2018): Dossier
  53. Bannon, Stephen (January 16, 2018): Trump official
  54. Lewandowski, Corey (January 17, 2018): Trump official
  55. Dearborn, Rick (January 17, 2018): Trump official
  56. Bannon, Stephen (February 15, 2018): Trump official
  57. Hicks, Hope (February 27, 2018): Trump official
  58. Lewandowski, Corey (March 8, 2018): Trump official

While John Podesta, one of the earliest spearphishing victims, was one of  the earliest witnesses (and, as HPSCI shifted focus to the dossier, one of the last as well), the other hack witnesses, DNC CTO Andrew Brown and DNC IT contractor Yared Tamene, represent the DNC. Perhaps that’s because of the NYT’s big story on the hack, which was obviously misleading in real time and eight months old by the time of those interviews. While Perkins Coie lawyer and former DOJ cyber prosecutor Michael Sussmann would surely have real insight into the scope of all the Democratic targets, he was interviewed during HPSCI’s dossier obsession, not alongside Brown and Tamene.

All of which is to say that the HPSCI investigation of the hack was an investigation of the hack of the DNC, not of the full election year attack.

To get a sense of some of what that missed, consider the victims described in the GRU indictment (which leaves out some of the earlier Republican targets, such as Colin Powell). I’ve included relevant paragraph numbers to ID these victims.

  1. Spearphish victim 3, March 21, 2016 (Podesta)
  2. Spearphish victim 1 Clinton aide, March 25, 2016 (released via dcleaks)
  3. Spearphish victim 4 (DCCC Employee 1), April 12, 2016 ¶24
  4. Spearphish victim 5 (DCCC Employee), April 15, 2016
  5. Spearphish victim 6 (possibly DCCC Employee 2), April 18, 2016 ¶26
  6. Spearphish victim 7 (DNC target), May 10, 2016
  7. Spearphish victim 2 Clinton aide, June 2, 2016 (released via dcleaks)
  8. Spearphish victim 8 (not described), July 6, 2016
  9. Ten DCCC computers ¶24
  10. 33 DNC computers ¶26
  11. DNC Microsoft Exchange Server ¶29
  12. Act Blue ¶33
  13. Third party email provider used by Clinton’s office ¶22 (in response to July 27 Trump request)
  14. 76 email addresses at Clinton campaign ¶22 (in response to July 27 Trump request)
  15. DNC’s Amazon server ¶34
  16. Republican party websites ¶71
  17. Illinois State Board of Elections ¶72
  18. VR Systems ¶73
  19. County websites in GA, IA, and FL ¶75
  20. VR Systems clients in FL ¶76

Effectively, HPSCI (and most hack skeptics) focused exclusively on item 11, the DNC Microsoft Exchange server from which the emails sent to WikiLeaks were stolen.

Yet, at least as laid out by Mueller’s team, the election year hack started elsewhere — with Podesta, then the DCCC, and only after that the DNC. It continued to target Hillary through the year (though with less success than they had with the DNC). And some key things happened after that — such as the seeming response to Trump’s call for Russia to find more Hillary emails, the Info-Ops led targeting of election infrastructure in the summer and fall, and voter registration software. Not to mention some really intriguing research on Republican party websites. And this barely scratches on the social media campaign, largely though not entirely carried out by a Putin-linked corporation.

HPSCI would get no insight on the overwhelming majority of the election year operation, then, by interviewing the witnesses they did. Of particular note, HPSCI would not review how the targeting and release of DCCC opposition research gave Republican congressmen a leg up over their Democratic opponents.

And while HPSCI did interview the available June 9 meeting witnesses, they refused to subpoena the information needed to really understand it. Nor did they interview all the witnesses or subpoena available information to understand the Stone operation and the Peter Smith outreach.

Without examining the other multiple threads via which Russia recruited Republicans, most notably via the NRA, HPSCI wouldn’t even get a sense of all the ways Russia was trying to make Republicans and their party infrastructure into the tools of a hostile foreign country. And there are other parts of the 2016 attack that not only don’t appear in these interviews, but which at least one key member on the committee was utterly clueless about well past the time the investigation finished.

The exception to the rule that HPSCI didn’t seek out information that might damn Republicans, of course, is the interview of Dana Rohrabacher, who (along with President Trump) proved reliably willing to entertain Russian outreach via all known channnels. But that’s one of the interviews Republicans intend to keep buried because — according to an anonymous Daily Beast source — they don’t want Rohrabacher’s constituents to know how badly Russia has pwned him before November 6.

“The Republicans are trying to conceal from the voters their colleague Dana Rohrabacher’s Russia investigation testimony,” said a committee source familiar with the issue. “There were highly concerning contacts between Rohrabacher and Russians during the campaign that the public should hear about.”

By burying the Comey, Rogers, and Brennan transcripts, Republicans suppress further evidence of the degree to which Russia specifically targeted Hillary, and did so to help not just Trump, but the Republican party.

I’m sure there will be some fascinating material in these transcripts when they’re released. But even before the selective release, designed to hide any evidence gathered of how lopsided the targeting was, the scope of these interviews makes clear that the HPSCI investigation was designed to minimize, as much as possible, evidence showing how aggressively Russia worked to help Republicans.

As I laid out in July, I provided information to the FBI on issues related to the Mueller investigation, so I’m going to include disclosure statements on Mueller investigation posts from here on out. I will include the disclosure whether or not the stuff I shared with the FBI pertains to the subject of the post. 

The Evidence to Prove the Russian Hack

In this post, I’m going to lay out the evidence needed to fully explain the Russian hack. I think it will help to explain some of the timing around the story that the CIA believes Russia hacked the DNC to help win Trump win the election, as well as what is new in Friday’s story. I will do rolling updates on this and eventually turn it into a set of pages on Russia’s hacking.

As I see it, intelligence on all the following are necessary to substantiate some of the claims about Russia tampering in this year’s election.

  1. FSB-related hackers hacked the DNC
  2. GRU-related hackers hacked the DNC
  3. Russian state actors hacked John Podesta’s emails
  4. Russian state actors hacked related targets, including Colin Powell and some Republican sites
  5. Russian state actors hacked the RNC
  6. Russian state actors released information from DNC and DCCC via Guccifer 2
  7. Russian state actors released information via DC Leaks
  8. Russian state actors or someone acting on its behest passed information to Wikileaks
  9. The motive explaining why Wikileaks released the DNC and Podesta emails
  10. Russian state actors probed voter registration databases
  11. Russian state actors used bots and fake stories to make information more damaging and magnify its effects
  12. The level at which all Russian state actors’ actions were directed and approved
  13. The motive behind the actions of Russian state actors
  14. The degree to which Russia’s efforts were successful and/or primary in leading to Hillary’s defeat

I explain all of these in more detail below. For what it’s worth, I think there was strong publicly available information to prove 3, 4, 7, 11. I think there is weaker though still substantial information to support 2. It has always been the case that the evidence is weakest at point 6 and 8.

At a minimum, to blame Russia for tampering with the election, you need high degree of confidence that GRU hacked the DNC (item 2), and shared those documents via some means with Wikileaks (item 8). What is new about Friday’s story is that, after months of not knowing how the hacked documents got from Russian hackers to Wikileaks, CIA now appears to know that people close to the Russian government transferred the documents (item 8). In addition, CIA now appears confident that all this happened to help Trump win the presidency (item 13).

1) FSB-related hackers hacked the DNC

The original report from Crowdstrike on the DNC hack actually said two separate Russian-linked entities hacked the DNC: one tied to the FSB, which it calls “Cozy Bear” or APT 29, and one tied to GRU, which it calls “Fancy Bear” or APT 28. Crowdstrike says Cozy Bear was also responsible for hacks of unclassified networks at the White House, State Department, and US Joint Chiefs of Staff.

I’m not going to assess the strength of the FSB evidence here. As I’ll lay out, the necessary hack to attribute to the Russians is the GRU one, because that’s the one believed to be the source of the DNC and Podesta emails. The FSB one is important to keep in mind, as it suggests part of the Russian government may have been hacking US sites solely for intelligence collection, something our own intelligence agencies believe is firmly within acceptable norms of spying. In the months leading up to the 2012 election, for example, CIA and NSA hacked the messaging accounts of a bunch of Enrique Peña Nieto associates, pretty nearly the equivalent of the Podesta hack, though we don’t know what they did with that intelligence. The other reason to keep the FSB hack in mind is because, to the extent FSB hacked other sites, they also may be deemed part of normal spying.

2) GRU-related hackers hacked the DNC

As noted, Crowdstrike reported that GRU also hacked the DNC. As it explains, GRU does this by sending someone something that looks like an email password update, but which instead is a fake site designed to get someone to hand over their password. The reason this claim is strong is because people at the DNC say this happened to them.

Note that there are people who raise questions of whether this method is legitimately tied to GRU and/or that the method couldn’t be stolen and replicated. I will deal with those questions at length elsewhere. But for the purposes of this post, I will accept that this method is a clear sign of GRU involvement. There are also reports that deal with GRU hacking that note high confidence GRU hacked other entities, but less direct evidence they hacked the DNC.

Finally, there is the real possibility that other people hacked the DNC, in addition to FSB and GRU. That possibility is heightened because a DNC staffer was hacked via what may have been another method, and because DNC emails show a lot of password changes off services for which DNC staffers had had their accounts exposed in other hacks.

All of which is a way of saying, there is some confidence that DNC got hacked at least twice, with those two revealed efforts being done by hackers with ties to the Russian state.

3) Russian state actors (GRU) hacked John Podesta’s emails

Again, assuming that the fake Gmail phish is GRU’s handiwork, there is probably the best evidence that GRU hacked John Podesta and therefore that Russia, via some means, supplied Wikileaks, because we have a copy of the actual email used to hack him. The Smoking Gun has an accessible story describing how all this works. So in the case of Podesta, we know he got a malicious phish email, we know that someone clicked the link in the email, and we know that emails from precisely that time period were among the documents shared with Wikileaks. We just have no idea how they got there.

4) Russian state actors hacked related targets, including some other Democratic staffers, Colin Powell and some Republican sites

That same Gmail phish was used with victims — including at a minimum William Rinehart and Colin Powell — that got exposed in a site called DC Leaks. We can have the same high degree of confidence that GRU conducted this hack as we do with Podesta. As I note below, that’s more interesting for what it tells us about motive than anything else.

5) Russian state actors hacked the RNC

The allegation that Russia also hacked the RNC, but didn’t leak those documents — which the CIA seems to rely on in part to argue that Russia must have wanted to elect Trump — has been floating around for some time. I’ll return to what we know of this. RNC spox Sean Spicer is denying it, though so did Hillary’s people at one point deny that they had been hacked.

There are several points about this. First, hackers presumed to be GRU did hack and release emails from Colin Powell and an Republican-related server. The Powell emails (including some that weren’t picked up in the press), in particular, were detrimental to both candidates. The Republican ones were, like a great deal of the Democratic ones, utterly meaningless from a news standpoint.

So I don’t find this argument persuasive in its current form. But the details on it are still sketchy precisely because we don’t know about that hack.

6) Russian state actors released information from DNC and DCCC via Guccifer 2

Some entity going by the name Guccifer 2 started a website in the wake of the announcement that the DNC got hacked. The site is a crucial part of this assessment, both because it released DNC and DCCC documents directly (though sometimes misattributing what it was releasing) and because Guccifer 2 stated clearly that he had shared the DNC documents with Wikileaks. The claim has always been that Guccifer 2 was just a front for Russia — a way for them to adopt plausible deniability about the DNC hack.

That may be the case (and obvious falsehoods in Guccifer’s statements make it clear deception was part of the point), but there was always less conclusive (and sometimes downright contradictory) evidence to support this argument (this post summarizes what it claims are good arguments that Guccifer 2 was a front for Russia; on the most part I disagree and hope to return to it in the future). Moreover, this step has been one that past reporting said the FBI couldn’t confirm. Then there are other oddities about Guccifer’s behavior, such as his “appearance” at a security conference in London, or the way his own production seemed to fizzle as Wikileaks started releasing the Podesta emails. Those details of Guccifer’s behavior are, in my opinion, worth probing for a sense of how all this was orchestrated.

Yesterday’s story seems to suggest that the spooks have finally figured out this step, though we don’t have any idea what it entails.

7) Russian state actors released information via DC Leaks

Well before many people realized that DC Leaks existed, I suspected that it was a Russian operation. That’s because two of its main targets — SACEUR Philip Breedlove and George Soros — are targets Russia would obviously hit to retaliate for what it treats as a US-backed coup in Ukraine.

DC Leaks is also where the publicly released (and boring) GOP emails got released.

Perhaps most importantly, that’s where the Colin Powell emails got released (this post covers some of those stories). That’s significant because Powell’s emails were derogatory towards both candidates (though he ultimately endorsed Hillary).

It’s interesting for its haphazard targeting (if someone wants to pay me $$ I would do an assessment of all that’s there, because some just don’t make any clear sense from a Russian perspective, and some of the people most actively discussing the Russian hacks have clearly not even read all of it), but also because a number of the victims have been affirmatively tied to the GRU phishing methods.

So DC Leaks is where you get obvious Russian targets and Russian methods all packaged together. But of the documents it released, the Powell emails were the most interesting for electoral purposes, and they didn’t target Hillary as asymmetrically as the Wikileaks released documents did.

8) Russian state actors or someone acting on its behest passed information to Wikileaks

The basis for arguing that all these hacks were meant to affect the election is that they were released via Wikileaks. That is what was supposed to be new, beyond just spying (though we have almost certainly hacked documents and leaked them, most probably in the Syria Leaks case, but I suspect also in some others).

And as noted, how Wikileaks got two separate sets of emails has always been the big question. With the DNC emails, Guccifer 2 clearly said he had given them to WL, but the Guccifer 2 ties to Russia was relatively weak. And with the Podesta emails, I’m not aware of any known interim step between the GRU hack and Wikileaks.

A late July report said the FBI was still trying to determine how Russia got the emails to Wikileaks or even if they were the same emails.

The FBI is still investigating the DNC hack. The bureau is trying to determine whether the emails obtained by the Russians are the same ones that appeared on the website of the anti-secrecy group WikiLeaks on Friday, setting off a firestorm that roiled the party in the lead-up to the convention.

The FBI is also examining whether APT 28 or an affiliated group passed those emails to WikiLeaks, law enforcement sources said.

An even earlier report suggested that the IC wasn’t certain the files had been passed electronically.

And the joint DHS/ODNI statement largely attributed its confidence that Russia was involved in the the leaking (lumping Guccifer 2, DC Leaks, and Wikileaks all together) not because it had high confidence in that per se (a term of art saying, effectively, “we have seen the evidence”), but instead because leaking such files is consistent with what Russia has done elsewhere.

The recent disclosures of alleged hacked e-mails on sites like DCLeaks.com and WikiLeaks and by the Guccifer 2.0 online persona are consistent with the methods and motivations of Russian-directed efforts.

Importantly, that statement came out on October 7, so well after the September briefing at which CIA claimed to have further proof of all this.

Now, Julian Assange has repeatedly denied that Russia was his source. Craig Murray asserted, after having meeting with Assange, that the source is not the Russian state or a proxy. Wikileaks’ tweet in the wake of yesterday’s announcement — concluding that an inquiry directed at Russia in this election cycle is targeted at Wikileaks — suggests some doubt. Also, immediately after the election, Sergei Markov, in a statement deemed to be consistent with Putin’s views, suggested that “maybe we helped a bit with WikiLeaks,” even while denying Russia carried out the hacks.

That’s what’s new in yesterday’s story. It stated that “individuals with connections to the Russian government” handed the documents to Wikileaks.

Intelligence agencies have identified individuals with connections to the Russian government who provided WikiLeaks with thousands of hacked emails from the Democratic National Committee and others, including Hillary Clinton’s campaign chairman, according to U.S. officials. Those officials described the individuals as actors known to the intelligence community and part of a wider Russian operation to boost Trump and hurt Clinton’s chances.

[snip]

[I]ntelligence agencies do not have specific intelligence showing officials in the Kremlin “directing” the identified individuals to pass the Democratic emails to WikiLeaks, a second senior U.S. official said. Those actors, according to the official, were “one step” removed from the Russian government, rather than government employees. Moscow has in the past used middlemen to participate in sensitive intelligence operations so it has plausible deniability.

I suspect we’ll hear more leaked about these individuals in the coming days; obviously, the IC says it doesn’t have evidence of the Russian government ordering these people to share the documents with Wikileaks.

Nevertheless, the IC now has what it didn’t have in July: a clear idea of who gave Wikileaks the emails.

9) The motive explaining why Wikileaks released the DNC and Podesta emails

There has been a lot of focus on why Wikileaks did what it did, which notably includes timing the DNC documents to hit for maximum impact before the Democratic Convention and timing the Podesta emails to be a steady release leading up to the election.

I don’t rule out Russian involvement with all of that, but it is entirely unnecessary in this case. Wikileaks has long proven an ability to hype its releases as much as possible. More importantly, Assange has reason to have a personal gripe against Hillary, going back to State’s response to the cable release in 2010 and the subsequent prosecution of Chelsea Manning.

In other words, absent really good evidence to the contrary, I assume that Russia’s interests and Wikileaks’ coincided perfectly for this operation.

10) Russian state actors probed voter registration databases

Back in October, a slew of stories reported that “Russians” had breached voter related databases in a number of states. The evidence actually showed that hackers using a IP tied to Russia had done these hacks. Even if the hackers were Russian (about which there was no evidence in the first reports), there was also no evidence the hackers were tied to the Russian state. Furthermore, as I understand it, these hacks used a variety of methods, some or all of which aren’t known to be GRU related. A September DHS bulletin suggested these hacks were committed by cybercriminals (in the past, identity thieves have gone after voter registration lists). And the October 7 DHS/ODNI statement affirmatively said the government was not attributing the probes to the Russians.

Some states have also recently seen scanning and probing of their election-related systems, which in most cases originated from servers operated by a Russian company. However, we are not now in a position to attribute this activity to the Russian Government.

In late November, an anonymous White House statement said there was no increased malicious hacking aimed at the electoral process, though remains agnostic about whether Russia ever planned on such a thing.

The Federal government did not observe any increased level of malicious cyber activity aimed at disrupting our electoral process on election day. As we have noted before, we remained confident in the overall integrity of electoral infrastructure, a confidence that was borne out on election day. As a result, we believe our elections were free and fair from a cybersecurity perspective.

That said, since we do not know if the Russians had planned any malicious cyber activity for election day, we don’t know if they were deterred from further activity by the various warnings the U.S. government conveyed.

Absent further evidence, this suggests that reports about Russian trying to tamper with the actual election infrastructure were at most suspicions and possibly just a result of shoddy reporting conflating Russian IP with Russian people with Russian state.

11) Russian state actors used bots and fake stories to make information more damaging and magnify its effects

Russia has used bots and fake stories in the past to distort or magnify compromising information. There is definitely evidence some pro-Trump bots were based out of Russia. RT and Sputnik ran with inflammatory stories. Samantha Bee famously did an interview with some Russians who were spreading fake news. But there were also people spreading fake news from elsewhere, including Macedonia and Surburban LA. A somewhat spooky guy even sent out fake news in an attempt to discredit Wikileaks.

As I have argued, the real culprit in this economy of clickbait driven outrage is closer to home, in the algorithms that Silicon Valley companies use that are exploited by a whole range of people. So while Russian directed efforts may have magnified inflammatory stories, that was not a necessary part of any intervention in the election, because it was happening elsewhere.

12) The level at which all Russian state actors’ actions were directed and approved

The DHS/ODNI statement said clearly that “We believe, based on the scope and sensitivity of these efforts, that only Russia’s senior-most officials could have authorized these activities.” But the WaPo story suggests they still don’t have proof of Russia directing even the go-between who gave WL the cables, much less the go-between directing how Wikileaks released these documents.

Mind you, this would be among the most sensitive information, if the NSA did have proof, because it would be collection targeted at Putin and his top advisors.

13) The motive behind the actions of Russian state actors

The motive behind all of this has varied. The joint DHS/ODNI statement said it was “These thefts and disclosures are intended to interfere with the US election process.” It didn’t provide a model for what that meant though.

Interim reporting — including the White House’s anonymous post-election statement — had suggested that spooks believed Russia was doing it to discredit American democracy.

The Kremlin probably expected that publicity surrounding the disclosures that followed the Russian Government-directed compromises of e-mails from U.S. persons and institutions, including from U.S. political organizations, would raise questions about the integrity of the election process that could have undermined the legitimacy of the President-elect.

At one level, that made a lot of sense — the biggest reason to release the DNC and Podesta emails, it seems to me, was to confirm the beliefs a lot of people already had about how power works. I think one of the biggest mistakes of journalists who have political backgrounds was to avoid discussing how the sausage of politics gets made, because this material looks worse if you’ve never worked in a system where power is about winning support. All that said, there’s nothing in the emails (especially given the constant release of FOIAed emails) that uniquely exposed American democracy as corrupt.

All of which is to say that this explanation never made any sense to me; it was mostly advanced by people who live far away from people who already distrust US election systems, who ignored polls showing there was already a lot of distrust.

Which brings us to the other thing that is new in the WaPo story: the assertion that CIA now believes this was all intended to elect Trump, not just make us distrust elections.

The CIA has concluded in a secret assessment that Russia intervened in the 2016 election to help Donald Trump win the presidency, rather than just to undermine confidence in the U.S. electoral system, according to officials briefed on the matter.

[snip]

“It is the assessment of the intelligence community that Russia’s goal here was to favor one candidate over the other, to help Trump get elected,” said a senior U.S. official briefed on an intelligence presentation made to U.S. senators. “That’s the consensus view.”

For what it’s worth, there’s still some ambiguity in this. Did Putin really want Trump? Or did he want Hillary to be beat up and weak for an expected victory? Did he, like Assange, want to retaliate for specific things he perceived Hillary to have done, in both Libya, Syria, and Ukraine? That’s unclear.

14) The degree to which Russia’s efforts were successful and/or primary in leading to Hillary’s defeat

Finally, there’s the question that may explain Obama’s reticence about this issue, particularly in the anonymous post-election statement from the White House, which stated that the “election results … accurately reflect the will of the American people.” It’s not clear that Putin’s intervention, whatever it was, had anywhere near the effect as (for example) Jim Comey’s letters and Bret Baier’s false report that Hillary would be indicted shortly. There are a lot of other factors (including Hillary’s decision to ignore Jake Sullivan’s lonely advice to pay some attention to the Rust Belt).

And, as I’ve noted repeatedly, it is no way the case that Vladimir Putin had to teach Donald Trump about kompromat, the leaking of compromising information for political gain. Close Trump associates, including Roger Stone (who, by the way, may have had conversations with Julian Assange), have been rat-fucking US elections since the time Putin was in law school.

But because of the way this has rolled out (and particularly given the cabinet picks Trump has already made), it will remain a focus going forward, perhaps to the detriment of other issues that need attention.

A Busy Day for the Bears

Yesterday, there were three arguably big events associated with stolen records alleged to have ties to Russia’s GRU.

Simon Biles treats her ADHD

The first is the leak, by a group explicitly calling itself Fancy Bear (though the hack was once tied to Polish Anonymous), of anti-doping agency records showing the Williams sisters and Simone Biles all got approval for and took drugs on a list of otherwise banned substances. While there are no allegations of impropriety — indeed, Biles explained that in her case the exception involved treating ADHD — the story got covered by the major international press, including the Beeb, NBC, and NYT.

Colin Powell rants

The second alleged-Bear event is the release of Colin Powell emails, obtained by DC Leaks, to The Intercept, BuzzFeed, and Politico. The emails include quite recent ones, including one from August 26. Powell now uses GMail, suggesting his emails should be harder to hack than (for example) his State emails on AOL or emails run on a private server. Whether you worry about Russian influence or not, this hack is quite newsworthy.

There are embarrassing emails with Powell asserting that “Everything HRC touches she kind of screws up with hubris,” as well as emails with Powell complaining about Trump’s racism and the press’ stoking of it.

The emails are not limited to election-related ones, either. They also include correspondence between Powell and Jack Straw and how the Chilcot report got buried in all the Brexit news.

Guccifer 2 goes mainstream

dncarchitecture_mc

Finally, there was the “appearance” at a security conference by Guccifer 2.0, the guy who has released the DNC emails that gave the Democrats an excuse to force Debbie Wasserman Schultz’s to resign, though they had been looking for an excuse for some time.

In point of fact, Guccifer 2.0 didn’t appear in person at the conference. Rather, he sent a speech which got read at the conference, with the transcript released to journalists. The speech focused on the negligence of software companies in security. Guccifer went on for several paragraphs about the power and sloppiness of tech companies, arguing they were to blame for hacks.

The next reason, and the crucial one, is software vulnerability. Tech companies hurry to finish the work and earn money. So they break development cycle very often omitting the stage of testing. As a result, clients have raw products installed on their systems and networks with a great number of bugs and holes.

Fourth. It’s well known that all large companies look forward to receiving governmental contracts. They develop governmental websites, communication systems, electronic voting systems, and so on and have their products installed to critical infrastructure objects on the national level.

They are aggressively lobbying their interests. You can see it at the diagram that they spent millions of dollars for lobbying. That doesn’t mean they will produce better software. That means they will get even more money in return.

Then he returned to a claim he has made on two earlier occasions: that he hacked DNC via a vulnerability in VAN.

So, what’s the right question we should ask about cyber crime?

Who hacked a system?

Wrong. The right question is: who made it possible that a system was hacked? In this regard, what question should you ask me?

How I hacked the DNC???

Now you know this is a wrong question. Who made it possible, that I hacked into the DNC? This is the question. And I suppose, you already know the answer. This is NGP VAN Company that operates the DNC network. And this is its CEO Stu Trevelyan who is really responsible for the breach.

Their software is full of holes. And you knew about it even before I came on stage.

You may remember Josh Uretsky, the national data director for Sander’s presidential campaign. He was fired in December, 2015 after improperly accessing proprietary data in the DNC system. As it was agreed, he was intentionally searching for voter information belonging to other campaigns.

However, he is not to blame. The real reason voter information became available for non-authorized users was NGP VAN’s raw software which had holes and errors in the code. And this is the same reason I managed to get access to the DNC network. Vulnerabilities in the NGP VAN software installed on its server which they have plenty of. Shit! Yeah?

This scheme shows how NGP VAN is incorporated in the DNC infrastructure.

One of two schemes released with the speech appears above.

Now, Guccifer’s allegation — tying vulnerabilities in the VAN software to his own hack — could be newsworthy. Recall, after all, that one excuse the Bernie staffer gave for nosing around Hillary’s side of VAN was that Sanders’ own data had been compromised earlier that year. Importantly, Guccifer’s persistent focus on VAN, which was a signature moment in Sanders’ voters disillusionment with the DNC conduct in the election, would provide an alternative motive for this hack rather than just a Putinesque plot to tamper with Hillary’s election.

Thing is, there’s nothing in the materials released on VAN that indicates any particular vulnerability (though the dump does include some dated information on DNC’s computer security): effectively Guccifer makes an allegation but — at least from what I’ve seen and heard from a few people who know security better — doesn’t deliver the goods.

Indeed, while there are documents acknowledging the kind of pay-to-play appointments for big donors that both parties practice, and some other financial data that I suspect may prove more interesting with further scrutiny, there’s nothing really newsworthy in this dump. It seems to be interesting primarily to Bernie diehards, not the press generally, which is rightly more interested by the Powell emails.

Which, again, emphasizes how much Guccifer has been feeding Bernie diehards, either out of his own motivation or his handler’s. It is worth noting that while Guccifer claims to oppose Trump’s policies, he did say this about Sanders: “I have nothing to say about Bernie Sanders. It seems he never had a chance to win the nomination as the Democratic Party itself stood against him!”

Why stomp on the Bears other big blasts?

Which has me wondering about yesterday generally. If someone is orchestrating all these leaks, why have Guccifer “give a speech” on the same day as two highly managed releases, especially given that Guccifer failed to deliver the goods? Indeed, why invite Guccifer to, or have him accept an invitation from, a pretty staid security conference at all?

And what is the role of Darren Martyn, a LulzSec Irish hacker who was indicted along with Jeremy Hammond but apparently never extradited. He’s apparently the one who read Guccifer’s speech. Which raises all sorts of questions about Guccifer’s ties to the Anon group of hackers, or maybe also to what Martyn has been doing since he was indicted in the US.

Let me just close with an observation.

The Democrats have, rightly, been worried about what Guccifer will release closer to the election; I’ve heard specific concerns from connected Dems that he will release far more damning financial documents. The FBI, too, appears uncertain whether the set of documents Guccifer has is the same that the GRU-related hackers are believed to have spied on at the DNC. Thus, both the DNC and FBI would love to do something to make Guccifer show more of his hand.

Before this hack, we were all just waiting to see what Julian Assange, who is clearly maximizing damage to Hillary, will drop next.

And instead, by inviting Guccifer to appear at a conference, someone got Guccifer to drop an additional 700 MB of files while everyone is busy looking at the Powell emails.

 

Tortured Diplomacy

The AP has a story reporting (something that was public) that Colin Powell was not briefed on torture from the start, which meant in several cases Ambassadors to affected countries got briefed and instructed not to tell their superiors.

A Senate report on the CIA’s interrogation and detention practices after the 9/11 attacks concludes that the agency initially kept the secretary of state and some U.S. ambassadors in the dark about harsh techniques and secret prisons, according to a document circulating among White House staff.

The still-classified report also says some ambassadors who were informed about interrogations of al-Qaida detainees at so-called black sites in their countries were instructed not to tell their superiors at the State Department, the document says.

[snip]

A former senior CIA official said the secretary of state at the time, Colin Powell, eventually was informed about the program and sat in meetings in which harsh interrogation techniques were discussed. But Powell may not have been informed when the techniques were first used in 2002, the official said.

[snip]

The former CIA official said it would be standard practice for ambassadors informed about a covert operation to be instructed not to share it with others who did not have a “need to know,” as determined by the National Security Agency. Ambassadors in countries in which the CIA set up black sites to interrogate prisoners were usually told about it, said the official, who, like others interviewed for this story, would not be quoted by name because some of the information remains classified.

This narrative — developed as part of the initial Senate Intelligence Committee effort to study torture which ultimately became the torture report — suggests Colin Powell may not have briefed on torture techniques until September 16, 2003.

According to CIA records, pursuant to a request from the National Security
Adviser, the Director of Central Intelligence subsequently briefed the Secretary of
State and the Secretary of Defense on the CIA’s interrogation techniques on
September 16, 2003.

That seems very late — but he was apparently specifically not invited to a July 2003 meeting at which Principals reauthorized torture even in light of Khalid Sheikh Mohammed’s treatment. And these two comments from 2009 were awfully vague.

Remember, in January 2002, Powell and others at State tried very hard to get Bush to adhere to the Geneva Conventions they failed. Which is probably why he didn’t find out for a long time.

In any case, the implication is that Powell’s Ambassadors knew, but Powell did not.

I’ve just started looking at who the Ambassadors in question might be — especially with AP’s anonymous and probably lying CIA source claiming Ambassadors did get told (which the CIA often doesn’t do but which is a violation of protocol) but two stick out right away.

First, there’s Darryl Johnson, Ambassador to Thailand while Abu Zubaydah was being tortured. I don’t know anything about him, but note he presented his credentials on March 29, literally the day after Zubaydah was captured in Pakistan. Imagine asking your hosts to use their military base to torture people on on your second day officially on the job!

Even more interesting is Chris Hill, the lifetime diplomat who was Ambassador to Poland from 2000 through 2004, spanning the period when a number of detainees were being tortured. Hill went on to serve as Ambassador to South Korea immediately thereafter, then became Assistant Secretary of State for East Asia. In the latter two roles he played a key role in the 6-party talks with North Korea and had very significant disagreements with Dick Cheney. Hill then went on to serve as Ambassador to Iraq. I find it interesting to imagine how knowledge of Cheney’s torture might have made their principled disagreements even worse.

Of course, it’s possible AP’s source is lying and none of these men — or the other Ambassadors in the black site countries — really were briefed.

Update: Here’s a 2008 story (there were many similar ones at the time) that insinuates Powell was at the torture meetings. I think it’s meant to deceive.

Speaking at UN, Obama Tries to Claim He Was Always For Diplomacy in Syria

I had seen several indications this morning that Obama planned to call for a diplomatic approach to the ongoing conflict in Syria despite the earlier indications that he intended to pursue a military strike even if the UK did not join and the UN did not provide a resolution authorizing force. I was hopeful that this new-found reliance on diplomacy would go all the way to calling for a ceasefire to provide safe conditions for the gathering and destruction of Syria’s stockpile of chemical weapons.

Alas, my hopes were once again dashed as Obama fell far short of proposing a ceasefire and he wound up delivering very convoluted remarks as he tried to maintain the fiction that Bashar al-Assad’s forces have been proven to have carried out the August 21 chemical weapons attack and that he favors diplomacy over military action. The quotations I will use here are from the Washington Post’s transcript of his speech.

In a move that approaches Colin Powell’s historic spinning of lies before the invasion of Iraq, Obama stated that there is no dispute that Syrian forces are responsible for the August 21 attack:

The evidence is overwhelming that the Assad regime used such weapons on August 21st. U.N. inspectors gave a clear accounting that advanced rockets fired large quantities of sarin gas at civilians. These rockets were fired from a regime-controlled neighborhood and landed in opposition neighborhoods.

It’s an insult to human reason and to the legitimacy of this institution to suggest that anyone other than the regime carried out this attack.

As I stated shortly after the UN report came out, the report did not show that the rockets for which they determined trajectories carried sarin. That argument is strengthened further by the subsequent realization by others that not one of the environmental samples from the Moadamiyah site came back as positive for sarin. So now one of the famous lines that cross at a Syrian military installation has to be disregarded entirely because there is no evidence of sarin at the point of rocket impact. [Look for the website and reporters for the linked post to be attacked mercilessly. Both the Global Research site I linked to in one questioning post and the Mint Press site which suggested a Saudi false flag operation have been attacked savagely as to their credibility. Remarkably, I have yet to see any of those attacks actually contradict the questions that have been raised.*]

Let’s take a look at Obama’s logical gymnastics as he tried to justify both his initial intent to attack Syria and then his rediscovery that he prefers a diplomatic approach. Early in his Syria comments, he claimed ” A peace process is stillborn.” He gave no evidence of what, if any, role the US played in the peace process. In fact, his next sentence provides a partial clue to just how the peace process died: “America and others have worked to bolster the moderate opposition, but extremist groups have still taken root to exploit the crisis.”

You see, those moderate groups that we are arming are not able to defeat the extremists that others are arming. Sounds like a child caught fighting who says “he hit me back first”.

So that background of a stillborn peace process is why, even before the weak evidence from the UN that the US is misrepresenting came out, Obama insisted that he had to attack Assad. Obama’s ploy to support his actions approached a George W. Bush administration level of disdain for the UN itself as he supplied his rationalization: Read more

Praising by Damned Faintness: The NSAs, SoSs, and SoDs Who Didn’t Endorse Chuck Hagel

Ever since this letter, in which a bunch of former Directors of Central Intelligence–but not Poppy Bush–came out against torture investigations, I’ve been more interested in who doesn’t sign these endorsement letters than who does.

For example, did you notice that Harold Koh did not vouch for John Brennan’s respect for the rule of law the other day, even though his counterpart at DOD, Jeh Johnson, did?

The same is true of this letter–signed by a bunch of former National Security Advisors and Secretaries of Defense and State in support of Chuck Hagel’s nomination to be Defense Secretary.

Here’s who did endorse:

Hon. Madeleine Albright, former Secretary of State

Hon. Samuel Berger, former National Security Advisor

Hon. Harold Brown, former Secretary of Defense

Hon. Zbigniew Brzezinski, former National Security Advisor

Hon. William Cohen, former Secretary of Defense

Hon. Robert Gates, former Secretary of Defense

Hon. James Jones, former National Security Advisor

Hon. Melvin Laird, former Secretary of Defense

Hon. Robert McFarlane, former National Security Advisor

Hon. William Perry, former Secretary of Defense

Hon. Colin Powell, former Secretary of State and National Security Advisor

Hon. George Shultz, former Secretary of State

Hon. Brent Scowcroft, former National Security Advisor

Which leaves–in addition to currently serving Tom Donilon, Leon Panetta, and Hillary Clinton–these non-endorsers:

Stephen Hadley

Condi Rice (both NSA and State)

Anthony Lake (Lake directs UNICEF right now, which may preclude such endorsements)

Frank Carlucci (both NSA and Defense Secretary) [Update: Thanks to Justin Raimundo for correcting me–while Carlucci did not sign this letter, he did sign a LTE in support of Hagel]

John Poindexter

William Clark (NSA for Reagan)

Richard Allen (NSA for Reagan)

Henry Kissinger (both NSA and State)

Donald Rumsfeld

Dick Cheney

James Schlesinger

James Baker III

Jeebus, White House, get on your game! You want people to vote for Hagel? Release the list of all the corporatist warmongers who didn’t endorse Chuck Hagel. Hagel may not be my first choice, but there is no clearer praise than the list of non-endorsers Hagel has racked up.

Colin Powell’s Last Vial of Anthrax

Dammit, I gave away half the game, the “who” said these words.

I have seen some information that would suggest that they have been actively working on delivery systems.

[snip]

I’m not talking about uranium or fissile material or the warhead; I’m talking about what one does with a warhead.

[snip]

There is no doubt in my mind — and it’s fairly straightforward from what we’ve been saying for years — that they have been interested in a nuclear weapon that has utility, meaning that it is something they would be able to deliver, not just something that sits there

But when? And about which country?

Contrary to what you might think, these words come not from Colin Powell’s famous UN speech, but from the speech where he rolled out the Laptop of Death in 2004, in the days just after Bush’s re-election when Dick Cheney was shoving Powell out the door.

The Laptop of Death, you’ll recall, amounted to war in a box, all the evidence you’d need to justify a war against Iran based on claims it was developing not just nukes, but nukes “they would be able to deliver, not just something that sits there.” It included the adaptation plans to Iran’s Shahab-3 missiles, the plans for a tunnel that bore no signs it’d be used for testing nukes but got included anyway, and evidence that a defunct firm had once produced a material–green salt–used in uranium processing. It was logically impossible all those things would be on one laptop, available for the taking, but that didn’t stop the usual suspects from selling the Laptop of Death as credible intelligence.

As the years went on, evidence grew the laptop had come from MEK–the same terrorists we’ve outsourced our Iranian scientist assassination to, perhaps by way of Mossad. And once the Iranians were given a copy of some of the documents, they were able to show they were forgeries.

It seems like a good time to remind everyone that even after Colin Powell ruined his reputation with the UN presentation, he still agreed to lend his diminished credibility to yet more transparent propaganda to start what might have been (and may yet still be) the next war. As Tiny Revolution and Digby note, Powell’s latest book attempts to refute bloggers who call him a liar for the UN presentation. Well, if he didn’t know, then why did he step up willingly to sell Cheney’s propaganda a second time, at a time when he owed the Bush Administration nothing?

Here’s an even better reason to remind people how long the Iran warmongers have been trying to sow war with transparent propaganda. As I joked and Moon of Alabama mocked at more length, they appear to have given the guy who drew the crappy illustration of the Mobile Bioweapons Labs based on admitted exile warmonger Curveball’s lies his job back, this time to draw the detonation tank Jim White already threw water on.

For whatever reason, even at the moment Colin Powell tries to pretend that the last time this hack illustrator sowed his wares everything was done in good faith, they’re rolling out similarly laughable illustrations again.

The Crooks Trying to Bail-Out Alberto Gonzales

Let me start by stating that the words “legal” and “trust” don’t belong on a letterhead with Alberto Gonzales’ name blazoned at the top.

But that’s not the most interesting part of the letter soliciting donations for a legal defense fund for AGAG (linked by Main Justice). It’s the number of signers who were deeply embroiled in Bush Administration corruption. Starting, appropriately enough, with Bush himself.

President and Mrs. Bush have already made substantial gifts to the Judge’s legal expense fund.

But then there are people like Gale Norton, who resigned just as Gonzales’ DOJ began investigating an oil-trading scandal and who later was investigated for a slimy deal with her future employer, Shell Oil. Or Alphonso Jackson, who was also investigated by DOJ for cronyism in HUD contracts. Or Margaret Spellings, who declined to crack down on the pay-to-play scandal in the student loan business. Or Hank Paulson, who was buddying up to Goldman Sachs even as he was crafting out a bailout for them. I’d raise Condi and Rummy and torture; but then, Gonzales was involved as deeply as they were in torture.

Then again, the number of corrupt people soliciting money to pay off Gonzales’ legal bills may just be a function of the corruption in the Bush Administration. Because almost all of Bush’s cabinet secretaries signed this letter. So much so, that the people who didn’t sign may be more interesting than anything else. There are a number minor players here: former Department of Energy Secretary Sam Bodman, former Department of Education Secretary Rod Paige, former Ag Secretary Ann Veneman.

But there are three notable omissions among the major Secretaries: John Ashcroft, Paul O’Neill, and Colin Powell.

Oh, and one more rather notable Bush Administration guy missing from the list of people trying to help Gonzales out of his legal defense hole–a guy known to be rather fond of legal defense funds, in fact, for the right people: Dick Cheney.

Why doesn’t Dick Cheney want to help Alberto Gonzales pay for protecting the Bush Administration?

The Powell Endorsement

As reported, Colin Powell just endorsed Obama, calling him a "transformational figure." He listed several reasons for his choice:

  • Obama’s response to the economic meltdown
  • Obama’s ability to reach all classes, races, and parties
  • Obama’s rhetorical ability and his substance
  • McCain’s erratic response to the economic crisis
  • Palin’s lack of preparedness for the Presidency
  • McCain’s smears
  • The wingnuttia of the Republican Party
  • The danger of two more conservatives on SCOTUS (he’s probably thinking about all the anti-torture decisions)
  • The attacks on Muslims (he mentions a Muslim woman burying her son in Arlington)–this was one of the most powerful parts of the endorsement

Just as interesting was what Powell had to say in a short availability after his appearance on MTP. His last question addressed the McCain campaign smears again. He called out Michelle Bachmann on her McCarthyist rant. Also, Powell made a really great defense of Obama’s tax policy, pointing out that all tax policy involves redistribution of wealth, it’s just a question of where it gets redistributed; he also pointed out that most people get their taxes back by using the services government provides. 

Say what you will about the value of Colin Powell’s endorsement. But whether you want it or not, please accept the importance in Powell calling out the McCain smears and attacks on Obama and America’s Muslims.

Colin Powell to Denounce the Lynch Mobs

We were discussing yesterday whether having the guy who lied to the UN to justify our illegal war in Iraq endorse Obama is a good thing or not. I wrote this.

One more thought on Powell.

I’m outtamyarse guessing that whether or not he endorses on Sunday, he will say something about the violence being stoked by McPalin.

It’s another moment–even more important one, IMO–like the UM affirmative action cases before SCOTUS, when he came out strongly for affirmative action. And this kind of racially-tinged violence would offend his sense of both decency–and what is necessary for a healthy country (you could even argue it hurts the troops when this kind of racism is stoked).

I even wonder (really outtmyarse) whether Powell was the one who got McCain to correct the woman who called Obama an Arab terrorist. Powell is one of the few people who could get McCain to do what he wants right now, bc McCain still wants to forestall an Obama endorsement. And McCain’s failure to call off the she-dog might well be enough to tip Powell. 

Apparently, my outta-arse is working better on politics these days than it is on football–at least for the first part of my guess (h/t karpaty lviv).

 Former U.S. Secretary of State Colin Powell is widely expected Sunday to denounce the personal attacks against Democratic presidential nominee Barack Obama.

[snip]

The Daily Telegraph reported Saturday that Col. Lawrence Wilkerson, Powell’s former chief of staff, said his ex-boss was "upset" by the "vitriol, bile and prejudice" aimed at Obama on the campaign trail.

"We’ve talked about this and I know it really bothers him and I’d expect him to talk about it," he said.

Say what you will about Powell, but unlike (say) Clarence Thomas, Powell has always done the right thing on race in this country. And the right thing, right now, is to shut down the ugly, violent racism driving the McCain campaign. 

If Powell is successful at shaming McCain into calling off his dogs, it will be a very important thing–not only for getting Obama elected, but also for governing this country going forward.