As people continue to unravel the various parties involved in the January 6 insurrection, including Roger Stone and his repurposed group, Stop the Steal, I want to finish unpacking the Mueller-related files liberated by BuzzFeed last month.
Before I do that though, I want to lay out one potential implication of some things I said as part of my Rat-Fucker Rashomon series on Roger Stone’s prosecution.
In the post from that series on Jerome Corsi’s prescience that WikiLeaks would dump John Podesta’s emails, I showed that Ted Malloch, Rick Gates, and Paul Manafort all testified that Stone had advance knowledge of the Podesta drop in August — and according to Gates, he had that knowledge before August 14.
According to the SSCI Report, in part of Rick Gates’ October 25, 2018 interview that remains redacted,
Gates recalled Stone advising him, prior to the release of an August 14 article in The New York Times about Paul Manafort’s “secret ledger,” that damaging information was going to be released about Podesta. 1579 Gates understood that Stone was referring to nonpublic information. Gates further recalled later conversations with Stone about how to save Manafort’s role on the Campaign, and that Stone was focused on getting information about John Podesta, but said that Stone did not reveal the “inner workings” of that plan to Gates. 1580
An unredacted part of that 302 — which is likely the continuation of the discussion cited in SSCI — explains,
Gates said there was a strategy to defend Manafort by attacking Podesta. The idea was that Podesta had baggage as well. Gates said it was unfortunate the information did not come out in time to defend Manafort from his ultimate departure from the campaign.
In a September 27, 2018 interview, Manafort provided details of two conversations that he placed in August 2016, one of which provided specific details (which remain redacted, purportedly to protect Podesta’s privacy!) about John Podesta’s alleged ties with Russia.
Manafort was sure he had at least two conversations with Stone prior to the October 7, 2016 leak of John Podesta’s emails.
In the one conversation between Stone and Manafort, Stone told Manafort “you got fucked.” Stone’s comment related to the fact that Manafort had been fired. The conversation was either the day Manafort left the campaign or the day after.
In the other conversation, Stone told Manafort that there would be a WikiLeaks drop of emails with Podesta, and that Podesta would be “in the barrel” and Manafort would be vindicated. Manafort had a clear memory of the moment because of the language Stone used. Stone also said Manafort would be pleased with what came out. It was Manafort’s understanding that WikiLeaks had Podesta’s emails and they were going to show that [redacted] Manafort would be vindicated because he had to leave the campaign for being too pro-Russian, and this would show that Podesta also had links to Russia and would have to leave.
Manafort’s best recollection was the “barrel” conversation was before he got on the boat the week of August 28, 2016.
Roger Stone’s longtime friend Paul Manafort, at a time when he lying to protect key details about what happened in 2016, nevertheless confirmed that Stone had detailed knowledge not just that the Podesta files would drop, but what Russian-based attacks they would make of them.
In the piece arguing that Guccifer 2.0, not Julian Assange, was Roger Stone’s go-between with the Russian operation, I noted that SSCI believes Roger Stone had obtained his advance knowledge that WikiLeaks would later release John Podesta files by mid-day August 15, 2016.
Indeed, the Mueller Report describes that Corsi told Ted Malloch later in August that, “Stone had made a connection to Assange and that the hacked emails of John Podesta would be released prior to Election Day,” not that he himself had.
Appearing in the midst of a story about Stone’s lies about his go-between with WikiLeaks, the texts and emails are fairly innocuous. Though the SSCI Report does seem to believe Corsi’s story that this moment — and the 24 minute call between Corsi and Stone at 12:14PM on August 15 — is when Corsi told Stone about what the Podesta files would include.
(U) The Committee is uncertain how Corsi determined that Assange had John Podesta’s emails. Corsi initially explained in an interview with the SCO that during his trip to Italy, someone told him Assange had the Podesta emails. Corsi also recalled learning that Assange was going to “release the emails seriatim and not all at once.”1572 However, Corsi claimed not to remember who provided him with this information, saying he could only recall that “it feels like a man” who told him.1573
(U) Corsi further recalled that on August 15, after he returned from Italy, he conveyed this information to Stone by phone.1574 According to Corsi, the information was new to Stone. Stone seemed “happy to hear it,” and the two of them “discussed how the emails would be very damaging” to Clinton. 1575 Corsi also reiterated by both text and email to Stone on August 15 that there was “[m]ore to come than anyone realizes. Won’t really get started until after Labor Day.”1576
So three witnesses sympathetic to Stone say he had advance knowledge of the Podesta dump, and the neutral observers at SSCI believe that happened by mid-day on August 15, 2016.
If that’s the case, I pointed out in the Guccifer 2.0 post, then it means when the persona asked the rat-fucker whether Stone had found anything interesting in the documents he posted, it would appear to be a reference to the DCCC documents released days earlier, but would actually be reference to the Podesta files.
August 15, 2016 (unknown time): Guccifer 2.0 DMs Stone: “thank u for writing back . . . do u find anyt[h]ing interesting in the docs i posted?”
So long as the WikiLeaks story is kept separate from the Guccifer 2.0 one, that August 15 DM from Guccifer 2.0 to Stone appears to be a question about the DCCC emails posted on August 12, and so, as Stone claimed, totally innocuous. But given the evidence that Corsi and Stone acquired advance knowledge of the content of select Podesta emails by August 15 — particularly given Stone’s claim, reportedly made before July 22, to have been in touch with Guccifer 2.0 and his apparent foreknowledge of the GRU personas — that August 15 DM appears to be a comment on the Podesta files.
That is, that August 15 was not innocuous at all. It appears to have been, rather, the GRU’s persona asking Stone whether he liked what he had received in advance.
That is, it would be a kind of double entendre, a comment that seemed to have an innocuous public meaning, but in fact was a public marker of direct coordination between the Russian operation and the Trump campaign.
Consider the implications if that were true of the other comments from Guccifer 2.0 to Roger Stone. There were two such comments that have been made public. On August 16, Roger Stone linked a piece of his, talking about “How the election can be rigged against Donald Trump,” part of Stone’s Stop the Steal campaign that would eventually morph into the January 6 insurrection. Via DM, Stone asked G2 to RT it, which the persona did, saying he was “paying u back.”
Then on August 17, G2 buttered Stone up a bit, then offered to help him.
Starting at 1AM on August 18, Roger Stone himself buttered up the new replacement campaign manager for Donald Trump, offering him some way to win the election. “I do know how to win this but it ain’t pretty,” a similar pitch as Stone made to Paul Manfort just weeks earlier.
Affidavits show that Stone and Bannon continued to talk.
On August 19, 2016, Bannon sent Stone a text message asking if he could talk that morning. On August 20, 2016, Stone replied, “when can u talk???”
Bannon testified under oath at Stone’s trial that this conversation might have pertained to “the tougher side of politics” that the Trump campaign might use to “make up some ground,” possibly relating to Stone’s role as envoy to WikiLeaks.
Q. When Mr. Stone wrote to you, “I do know how to win this but it ain’t pretty,” what in your mind did you understand that to mean?
A. Well, Roger is an agent provocateur, he’s an expert in opposition research. He’s an expert in the tougher side of politics. And when you’re this far behind, you have to use every tool in the toolbox.
Q. What do you mean by that?
A. Well, opposition research, dirty tricks, the types of things that campaigns use when they have got to make up some ground.
Q. Did you view that as sort of value added that Mr. Stone could add to the campaign?
A. Potentially value added, yes.
Q. Was one of the ways that Mr. Stone could add value to the campaign his relationship with WikiLeaks or Julian Assange?
A. I don’t know if I thought it at the time, but he could — you know, I was led to believe that he had a relationship with WikiLeaks and Julian Assange.
This is the testimony Stone is threatening to sue Bannon over.
The next day, Stone tweeted his famous “Podesta time in the barrel” tweet.
The communication between Stone and Bannon continued; I’ll return to it in a follow-up post. But first, there was one more DM exchange between G2 and Stone: When, on September 9, G2 wrote Stone seemingly out of the blue and asked, “what do u think of the info on the turnout model for the democrats entire presidential campaign”?
Stone did’t respond at first. G2 probed again: “?” Then G2 sent HelloFL’s post on the Florida turnout model that G2 had sent Aaron Nevins. And G2 lectured the rat-fucker about a topic on which Stone is an expert: the import of voter turnout.
“Pretty standard,” Stone correctly said of the base level oppo research that G2 had sent Nevins.
And for years, that exchange made perfect sense. The Nevins data was the only publicly known turnout data that G2 might have had (indeed, it’s still the only data that most people know about). And so it made sense: G2 was just trying to fluff up his value with the candidate’s rat-fucker by pointing to data the quality of which the rat-fucker already had easy access.
Except, that data was not — as G2 referenced — “the turnout model for the democrats entire presidential campaign.” It pertained only to Florida.
But GRU had obtained data that may have provided a way to reconstruct the turnout model for the Democrats’ entire Presidential campaign: starting on September 5, they started hacking Hillary’s analytics, hosted on AWS. As the DNC described it in their lawsuit targeting (among others) Stone, this data was among the most valuable for the campaign. The hackers made several snapshots of the testing clusters the DNC used to test their analytics program.
On September 20, 2016, CrowdStrike’s monitoring service discovered that unauthorized users—later discovered to be GRU officers—had accessed the DNC’s cloud-computing service. The cloud-computing service housed test applications related to the DNC’s analytics. The DNC’s analytics are its most important, valuable, and highly confidential tools. While the DNC did not detect unauthorized access to its voter file, access to these test applications could have provided the GRU with the ability to see how the DNC was evaluating and processing data critical to its principal goal of winning elections. Forensic analysis showed that the unauthorized users had stolen the contents of these virtual servers by making exact duplicates (“snapshots”) of them and moving those snapshots to other accounts they owned on the same service. The GRU stole multiple snapshots of these virtual servers between September 5, 2016 and September 22, 2016. The U.S. government later concluded that this cyberattack had been executed by the GRU as part of its broader campaign to damage to the Democratic party.
In 2016, the DNC used Amazon Web Services (“AWS”), an Amazon-owned company that provides cloud computing space for businesses, as its “data warehouse” for storing and analyzing almost all of its data.
To store and analyze the data, the DNC used a software program called Vertica, which was run on the AWS servers. Vertica is a Hewlett Packard program, which the DNC licensed. The data stored on Vertica included voter contact information, such as the names, addresses, phone numbers, and email addresses of voters, and notes from the DNC’s prior contacts with these voters. The DNC also stored “digital information” on AWS servers. “Digital information” included data about the DNC’s online engagement, such as DNC email lists, the number of times internet users click on DNC advertisements (or “click rates”), and the number of times internet users click on links embedded in DNC emails (or “engagement rates”). The DNC also used AWS to store volunteer information—such as the list of people who have signed up for DNC-sponsored events and the number of people who attended those events.
The DNC’s Vertica queries and Tableau Queries that allow DNC staff to analyze their data and measure their progress toward their strategic goals—collectively, the DNC’s “analytics,”—are its most important, valuable, and highly confidential tools. Because these tools were so essential, the DNC would often test them before they were used broadly.
The tests were conducted using “testing clusters”—designated portions of the AWS servers where the DNC tests new pieces of software, including new Tableau and Vertica Queries. To test a new query, a DNC engineer could use the query on a “synthetic” data set—mock-up data generated for the purpose of testing new software—or a small set of real data. For example, the DNC might test a Tableau query by applying the software to a set of information from a specific state or in a specific age range. Thus, the testing clusters housed sensitive, proprietary pieces of software under development. As described above, the DNC derives significant value from its proprietary software by virtue of its secrecy: if made public, it would reveal critical insights into the DNC’s political, financial, and voter engagement strategies and services, many of which are used or intended for use in interstate commerce.
On September 20, 2016, CrowdStrike’s monitoring service discovered that unauthorized users had breached DNC AWS servers that contained testing clusters. Further forensic analysis showed that the unauthorized users had stolen the contents of these DNC AWS servers by taking snapshots of the virtual servers, and had moved those replicas to other AWS accounts they controlled. The GRU stole multiple snapshots of these servers between September 5, 2016 and September 22, 2016. The U.S. later concluded that this cyberattack had been executed by the GRU as part of its broader campaign to damage to the Democratic party. The GRU could have derived significant economic value from the theft of the DNC’s data by, among other possibilities, selling the data to the highest bidder.
The software would also be usable as executable code by DNC opponents, who could attempt to re-create DNC data visualizations or derive DNC strategy decisions by analyzing the tools the DNC uses to analyze its data.
So by the time G2 asked Stone what he thought of “the info on the turnout model for the democrats entire presidential campaign” on September 9, three weeks after having offered to help Stone, the GRU had started stealing snapshots relating to Hillary’s analytics four days earlier. If, as seems may have been the case with G2’s August 15 question, this question was meant to be a double entendre with a hidden meaning, it might suggest that GRU had shared this, a way to reconstruct Hillary’s crown jewels, with Trump’s rat-fucker (and in any case would have provided incredibly valuable information for whomever received the campaign strategy information that Konstantin Kilimnik was passing on).
Which is even more interesting given the conversations about data that Stone and Bannon were having at the time.