James Clapper

The Special Sanger Cyber Unicorn: Iran Warmonger Edition

I noted earlier that the reporting on the US not imposing cybersanctions on China appears to have credulously served its purpose in creating a narrative that may have helped create the environment for some kind of deal with China.

NYT’s David Sanger did his own version of that story which deserves special focus because it is so full of nonsense — and nonsense that targets Iran, not China.

Sanger starts his tale by quoting something President Obama said at Fort Meade over the weekend out of context. In response to a question about the direction of cybersecurity in the next 5-10 years, Obama spoke generally about both state and non-state actors.

Q Good afternoon, Mr. President. You alluded to in your opening remarks the threat that cyber currently is. And there’s been a lot of talk within the DOD and cyber community of the possibility of a separate branch of the military dedicated to cyber. I was wondering where you see cyber in the next five to ten years.

THE PRESIDENT: Well, it’s a great question. We initiated Cyber Command, anticipating that this is going to be a new theater for potential conflict. And what we’ve seen by both state and non-state actors is the increasing sophistication of hacking, the ability to penetrate systems that we previously thought would be secure. And it is moving fast. So, offense is moving a lot faster than defense.

Part of this has to do with the way the Internet was originally designed. It was not designed with the expectation that there would end up being three or four or five billion people doing commercial transactions, et cetera. It was thought this was just going to be an academic network to share papers and formulas and whatnot. And so the architecture of the Internet makes it very difficult to defend consistently.

We continue to be the best in the world at understanding and working within cyber. But other countries have caught up. The Russians are good. The Chinese are good. The Iranians are good. And you’ve got non-state hackers who are excellent. And unlike traditional conflicts and aggression, oftentimes we don’t have a return address. If somebody hacks into a system and goes after critical infrastructure, for example, or penetrates our financial systems, we can’t necessarily trace it directly to that state or that actor. That makes it more difficult as well. [my emphasis]

Sanger excised all reference to “excellent” non-state hackers, and instead made this a comment about hacking by state actors.

“Offense is moving a lot faster than defense,” Mr. Obama told troops on Friday at Fort Meade, Md., home of the National Security Agency and the United States Cyber Command. “The Russians are good. The Chinese are good. The Iranians are good.” The problem, he said, was that despite improvements in tracking down the sources of attacks, “we can’t necessarily trace it directly to that state,” making it hard to strike back.

Sanger then took this comment very specifically directed at the upcoming Xi visit and China,

And this is something that we’re just at the infancy of.  Ultimately, one of the solutions we’re going to have to come up with is to craft agreements among at least state actors about what’s acceptable and what’s not.  And so, for example, I’m going to be getting a visit from President Xi of China, a state visit here coming up in a couple of weeks.  We’ve made very clear to the Chinese that there are certain practices that they’re engaging in that we know are emanating from China and are not acceptable.  And we can choose to make this an area of competition — which I guarantee you we’ll win if we have to — or, alternatively, we can come to an agreement in which we say, this isn’t helping anybody; let’s instead try to have some basic rules of the road in terms of how we operate.

And suggested it was directed at other states more generally.

Then he issued a warning: “There comes a point at which we consider this a core national security threat.” If China and other nations cannot figure out the boundaries of what is acceptable, “we can choose to make this an area of competition, which I guarantee you we’ll win if we have to.”

Sanger then spends six paragraphs talking about how hard a time Obama is having “deterring” cyberattacks even while reporting that China and the US have forged some kind of deal that would establish norms that are different than deterrence but might diminish attacks. He also, rather curiously, talks (again) about “unprecedented” theft of personal information in the OPM hack that we need to deter — even though James Clapper has repeatedly said publicly that we do the same thing (and by some measures, on a much bigger scale).

Continue reading

What If the Intelligence Community Is Looking for the Wrong Malicious Use of OPM Data?

Screen Shot 2015-09-14 at 9.11.40 AMThe revelation in last week’s cyber threats hearing the press has been most agog about is that James Clapper predicted hackers would get around to changing, rather than just stealing, data.

[after 19:00] In the future I believe we’ll see more cyber operations that will change or manipulate electronic information to compromise its integrity — in other words, compromise its accuracy and its reliability, instead of merely deleting it or disrupting access to it.


[after 56:00] To this point, it’s either been disruption — of a website, for example, but more commonly, just purloining information. As I indicated in my opening statement though, I believe the next push on the envelope here is going to be the manipulation or deletion of data, which will of course compromise its integrity.

Um. Really, journalists who cover this area?

The notion that a cyber operator will change data is not new. Proof of that concept happened years ago, with the StuxNet attack, when US and Israeli hackers made the Iranians think everything was going peachy with their centrifuges when in fact they were spinning out of control. No one may yet have manipulated our data, but we’ve manipulated others’ data.

Which I guess means, according to Clapper’s definition, StuxNet was an attack and not just a hack — in case you had any doubts.

One thing I found far more interesting was Clapper’s repeated assertion that the IC has seen no use of the Office of Personnel Management data.

[after 49:00; see also after 1:29] Clapper: What we’ve done is speculate how it could be used. And again the distinction I was just making with Congressman Westmoreland had to do with the terminology of saying that the OPM breach was an attack. Getting back to definitional issues, we wouldn’t characterize it that way. What’s of great concern with respect to the OPM breach, which I spoke to briefly in my opening statement had to do with potential uses of that data. And of course, we’re looking. Thus far we haven’t seen any evidence of their usage of that data.

I said as I was watching and others have said since that this likely just reflects China — almost universally believed to be the OPM perpetrator — playing the long game. It will use the knowledge when it’s good and ready, all the while we’ll know it has it.

All that said, the other thing Clapper said that I found very interesting was that the IC has varying degrees of confidence about who did this hack.

[after 20:00] Clapper: And while speaking of the OPM breaches, let me say a couple of words about attribution, which is not a simple process and involves at least three related but distinct determinations: geographic point of origin, the identity of the actual perpetrator doing the keystrokes, and the responsibility for actually directing the attack. In the case of OPM, we’ve had differing degrees of confidence across the IC in our assessment of the responsibility for each of these elements. Of late, unauthorized disclosures and foreign defensive improvements have cost us some technical accesses.

Apparently, not everyone in the IC is completely convinced China did this. This is the kind of statement we never saw, as far as I remember, with regards to the Sony hack (though, admittedly, it’s a lot easier to make unsubstantiated accusations against North Korea than China). Are people really not convinced?

Note, too, the casual reference to the US losing some technical accesses, presumably in response to Snowden’s disclosures and the heightened awareness from our adversaries just how badly we’ve pawned them for years. Given the assumption China hacked OPM, this likely means we’ve lost some visibility into Chinese actions in the last two years.

The evidence China did this hack in part stems from its complexity; few — but not no — other actors could pull it off. That someone would hack United, in tandem with OPM, would support that, given that United flies so many flights from Dulles to China.

All that said is it possible — remotely — some other sophisticated state actor could have done this?

I’m going to assume Clapper is just downplaying the certainty here, possibly in advance of Xi Jinping’s visit to DC.

But if it is remotely true, would that have an effect on our ability to monitor for the use — or even manipulation — of OPM data? That is, if we were looking for Chinese use of the data — focusing on people of Chinese descent and/or people stationed there — would we miss attempts to compromise clearance holders another sophisticated state actor — say, Israel — might target? I’ll just remind that at a time when the US was trying to set up the IRGC for an assassination attempt, someone spamouflaged what likely included our target. I presume that as we got closer and then finalized the Iran deal, Israel’s targeting of our spooks has intensified.

In any case, Clapper seems confident that the data was not compromised here, which is something other commentators have raised as a worry (because doing so would allow you to create clearances for people who had not been vetted, for example).

[after 1:29]My working definition of whether it’s an attack or not and my characterization of it not being an attack in that there was no destruction of data or manipulation of data, it was simply stolen.

But if we’re not 100% sure this is China (again, I’m skeptical we have much doubt), maybe we couldn’t be so sure about whether the data has been manipulated or — at the very least — used to compromise our clearance holders.

Transcribing James Clapper

Hamid Karzai refused to meet with Obama during a surprise visit just after MYSTIC disclosures, so Obama called from Air Force One instead.

Hamid Karzai refused to meet with Obama during a surprise visit just after MYSTIC disclosures, so Obama called from Air Force One instead.

Yesterday, during the Q&A to his speech at INSA (which is where defense and intelligence contractors huddle with government paymasters), James Clapper conceded that Edward Snowden brought needed transparency but had also damaged operations. Rather than obliquely pointing to the exposure that Skype was no longer safe from surveillance, as he and his ilk normally do, Clapper pointed to what he claimed was a concrete example: what journalists have reported as revelations about full take cell phone content (SOMALGET or MYSTIC) leading to loss of access in Afghanistan.

After Clapper made the claim, a lot of reporters did what reporters do: they transcribed his comments uncritically. Lots of journalists did this, but here’s WaPo’s version from Ellen Nakashima:

One of the disclosures based on documents leaked by Edward Snowden, the former National Security Agency contractor, prompted the shutdown of a key intelligence program in Afghanistan, the nation’s top spy said Wednesday.

“It was the single most important source of force protection and warning for our people in Afghanistan,” Director of National Intelligence James R. Clapper Jr. said at an intelligence conference.

He was addressing a question about the impact of revelations by Snowden, whose leaks led to a global debate about the proper scope of U.S. surveillance at home and abroad.

Nakashima and other reporters assumed Clapper meant the MYSTIC/SOMALGET program, which Nakashima noted the WaPo first described (on March 18, 2014), followed by The Intercept two months later (on May 19, 2014), followed by WikiLeaks revealing Afghanistan as the target country several days later (on May 23, 2014). [Update: Note Cryptome correctly determined Afghanistan was the country on May 19, the day the Intercept published.]

Having laid all that out, however, Nakashima doesn’t quote the part of Clapper’s answer that would either discredit his description or reveal it’s something else. Here’s Ars Technica’s transcription of that part of it.

And programs that had a real impact on the security of American forces overseas, including one program in Afghanistan, “which he exposed and Glenn Greenwald wrote about, and the day after he wrote about it, the program was shut down by the government of Afghanistan,” Clapper noted.

If it’s the MYSTIC/SOMALGET program Clapper was really talking about, then his claim is self-refuting. Because either folks in Afghanistan recognized the program themselves back when WaPo wrote about it in March 2014, or probably didn’t until WikiLeaks confirmed they were the target. It wouldn’t have been Greenwald’s story, in which he withheld the information the government requested in any case.

For the moment, I’m going to assume that was the program, but let’s remember it might not be.

If so, consider what Clapper has done. As I mentioned, normally when people want to beat up Snowden, they point to his disclosure NSA had compromised Skype. But they never confirm that — they just mention it obliquely. Here, Clapper has confirmed the thing (actually just one of the things) that NSA had asked Greenwald to withhold. Given how vague WikiLeaks was about how they knew (after all, they’re not known to have the Snowden documents themselves), if this is MYSTIC/SOMALGET it seems that Clapper has definitively confirmed something that was at least of unknown provenance before.

Although, for reasons of source protection we cannot disclose how, WikiLeaks has confirmed that the identity of victim state is Afghanistan.

In other words, Clapper has confirmed something that hadn’t been confirmed before, precisely because the journalists involved had deferred to the government’s request not to publish it.

Or did he?

Clapper claimed “the program was shut down by the government of Afghanistan.”

Admittedly, the MYSTIC/SOMALGET disclosures came at an awkward time for US-Afghan relations. Hamid Karzai had been pushing back against night raids, prisoner transfers, and CIA militias. In part because the US wouldn’t cede Afghan sovereignty on such issues, Karzai was refusing to sign the Bilateral Security Agreement (raising the same kind of SOFA negotiation problems that forced us to withdraw troops from Iraq). Throughout this two month period, the election and run-off were going on.

So the disclosure that the US had compromised Afghanistan’s entire cell phone system — and implicitly, had copies of every cell call that Karzai and his potential replacements might make — would surely anger the Afghans, especially Karzai. Notably, two days after the WikiLeaks disclosure, Karzai refused to meet when President Obama made a surprise visit to the country on May 25, so (as shown by the White House image above) Obama called him from Air Force One instead.

But if that’s the case — if Afghanistan forced the US to shut down the full-take collection of cell phone content even as Obama was making surprise last minute visits (which may even have been an attempt to convince Karzai to reverse that decision) — then the fault lies not just, or even primarily, with Snowden. It lies with a long history of US refusal to cede to Afghanistan’s demands for some kind of functional sovereignty. This telecom disclosure may have been one more in a series of aggravations, but it was by no means the only one. Moreover, given that President Ghani’s relationship with the US is, thus far at least, far better than Karzai’s was at the time, it’s quite possible he has permitted the US to resume full-take collection.

James Clapper would be a lot more likely to confirm that Afghanistan had shut down NSA’s full-take collection if it had been resumed again under Karzai’s successor. Not least, because it would provide adversaries with false confidence the NSA didn’t have full take coverage.

Now consider this description of the Bahamian fallout from the equivalent disclosure. It shows that two parties were involved — the country’s telecom as well as the government. Indeed, all stories on this make it clear telecom providers are centrally involved in the collection program.

Moreover, the Intercept version of the story makes it quite clear they withheld not just the target country, but also the provider at the center of it.

The NSA documents don’t specify who is providing access in the Bahamas. But they do describe SOMALGET as an “umbrella term” for systems provided by a private firm, which is described elsewhere in the documents as a “MYSTIC access provider.” (The documents don’t name the firm, but rather refer to a cover name that The Intercept has agreed not to publish in response to a specific, credible concern that doing so could lead to violence.) Communications experts consulted by The Intercept say the descriptions in the documents suggest a company able to install lawful intercept equipment on phone networks.

And they withheld it for the same reason, because revealing it would lead to violence. That provider name has not been made public (though for a variety of reasons I think that’s the key secret here). Shutting down the system would have to involve, at a minimum, the Afghan government, this provider, plus Afghanistan’s multiple cell providers.

There are more reasons to believe Clapper’s story is bullshit. From the 2005 STELLAR WIND disclosures, which revealed the US was collecting all US-Afghanistan calls, to reports as early as 2008 that the Taliban were targeting cell providers because they recognized the security risk the networks posed, there is zero chance our adversaries in Afghanistan were unaware that the US had close to full dominance over the communications lines. There were also earlier Snowden disclosures — including Tempora, XKeyscore, and what sounded like transcripts obtained using a Stingray from a Afghan raid — that would have confirmed that view. The US is collecting close to everything from most countries where it remains at war, via a variety of overlapping means. There’s little about this disclosure in particular that added to the risk — but then, our adversaries had long been learning of our tactics and adjusting accordingly.

There is, then, the possibility it was one of these other disclosures Clapper was whining about — such as the potential Stingray one.

But if Clapper was talking about SOMALGET, and if it is true that the full-take collection got shut down, it means he and the government are blaming Snowden for long-term mismanagement of the Afghan relationship. It also may well mean that Ghani has let the US resume collection and Clapper’s public “confirmation” was designed — in addition to launching some unwarranted shots at Edward Snowden — to create the false impression the collection remains inactive.

James Clapper is a confirmed liar. Even setting aside his lies to Congress, it is his job to lie to adversaries. While that doesn’t mean journalists shouldn’t report what he says, there’s a great deal of context that should accompany such transcriptions.

How Does Duty to Warn Extend to Cyberattacks?

Steve Aftergood has posted a new directive from James Clapper mandating that Intelligence Community members warn individuals (be they corporate or natural persons) of a threat of death of seriously bodily harm.

This Directive establishes in policy a consistent, coordinated approach for how the Intelligence Community (IC) will provide warning regarding threats to specific individuals or groups of intentional killing, serious bodily injury, and kidnapping.

The fine print on it is quite interesting. For example, if you’re a drug dealer, someone involved in violent crime, or you’re at risk solely because you’re involved in an insurgency, the IC is not obliged to give you notice. Remember, the FBI did not alert members of Occupy Wall Street someone was plotting to assassinate them. Did they (then) not do so because they considered Occupy an “insurgency”? Would they consider them as one going forward?

But I’m most interested in what this should mean for hacking.

Here’s how the directive defines “seriously bodily harm.”

Serious Bodily Injury means an injury which creates a substantial risk of death or which causes serious, permanent disfigurement or impairment.

As I have noted, NSA has secretly defined “serious bodily harm” to include threat to property — that is, threats to property constitute threats of bodily harm.

If so, a serious hack would represent a threat of bodily harm (and under NSA’s minimization procedures they could share this data). While much of the rest of the Directive talks about how to accomplish this bureaucratically (and the sources and methods excuses for not giving notice), this should suggest that if a company like Sony is at risk of a major hack, NSA would have to tell it (and the Directive states that the obligation applies for US persons and non-US persons, though Sony is in this context a US person).

So shouldn’t this amount to a mandate for cybersharing, all without the legal immunity offered corporations under CISA?


I Con the Record: Drop the Lawsuits and We’ll Release the Data Hostages

I Con the Record just announced that the NSA will make the phone dragnet data it has “analytically unavailable” after the new system goes live in November, and unavailable even to techs three months later.

On June 29, 2015, the Foreign Intelligence Surveillance Court approved the Government’s application to resume the Section 215 bulk telephony metadata program pursuant to the USA FREEDOM Act’s 180-day transition provision. As part of our effort to transition to the new authority, we have evaluated whether NSA should maintain access to the historical metadata after the conclusion of that 180-day period.

NSA has determined that analytic access to that historical metadata collected under Section 215 (any data collected before November 29, 2015) will cease on November 29, 2015.  However, solely for data integrity purposes to verify the records produced under the new targeted production authorized by the USA FREEDOM Act, NSA will allow technical personnel to continue to have access to the historical metadata for an additional three months.

Separately, NSA remains under a continuing legal obligation to preserve its bulk 215 telephony metadata collection until civil litigation regarding the program is resolved, or the relevant courts relieve NSA of such obligations. The telephony metadata preserved solely because of preservation obligations in pending civil litigation will not be used or accessed for any other purpose, and, as soon as possible, NSA will destroy the Section 215 bulk telephony metadata upon expiration of its litigation preservation obligations.

As I understand it, whatever data has been found to be two or three degrees of separation from a baddie will remain in NSA’s maw, but the data that has never returned off a search will not.

I’m pleasantly surprised by this, as I suspect it reflects a decision to accept the Second Circuit verdict in ACLU v. Clapper and to move to shut down other lawsuits.

As I noted, two weeks ago, the ACLU moved for an injunction against the dragnet, which not only might have led to the Second Circuit ordering the government to purge ACLU’s data right away (and possibly, to stop collecting all data), but also basically teed up the Second Circuit to remind the FISC it is not an appellate court. I worried that would lead the FISC to ask FISCR to review its dragnet decisions under a provision newly provided under the USA F-ReDux.

Shortly after ACLU filed its request for an injunction, the government asked for an extension to … today, which the court granted.

So I assume we’ll shortly see that filing arguing that, since the government has voluntarily set a purge date for all the dragnet data, ACLU should not get its injunction.

That doesn’t necessarily rule out a FISCR fast track request, but I think it makes it less likely.

The other player here, however, is the EFF.

I believe both ACLU and EFF’s phone dragnet client Council on American Islamic Relations, had not only standing as clients of dragnetted companies, but probably got swept up in the two-degree dragnet. But CAIR probably has an even stronger case, because it is public that FISC approved a traditional FISA order against CAIR founder Nihad Awad. Any traditional FISA target has always been approved as a RAS seed to check the dragnet, and NSA almost certainly used that more back when Awad was tapped, which continued until 2008. In other words, CAIR has very good reason to suspect the entire organization has been swept up in the dragnet and subjected to all of NSA’s other analytical toys.

EFF, remember, is the one NGO that has a preservation order, which got extended from its earlier NSA lawsuits (like Jewel) to the current dragnet suit. So when I Con the Record says it can’t destroy all the data yet, it’s talking EFF, and by extension, CAIR. So this announcement — in addition to preparing whatever they’ll file to get the Second Circuit off its back — is likely an effort to moot that lawsuit, which in my opinion poses by far the biggest threat of real fireworks about the dragnet (not least because it would easily be shown to violate a prior SCOTUS decision prohibiting the mapping of organizations).

We’ll see soon enough. For the moment, though, I’m a bit surprised by the cautious approach this seems to represent.

Update: Timeline on data availability fixed.

Update: Here’s the government’s brief submitted today. I’m rather intrigued by how often the brief claims USA F-ReDux was about bulk “telephony” data when it was supposed to be about all bulk collection. But I guess I can return to that point.

Update: They depart from describing USA F-ReDux as a ban bulk collection of telephony when they describe it as a ban on collection of bulk collection under Section 215, also not what the bill says.

Part of the compromise on which Congress settled, which the President supported, was to add an unequivocal ban on bulk collection under Section 215 specifying that “[n]o order issued under” Section 215(b)(2) “may authorize collection of tangible things without the use of a specific selection term that meets the requirements” of that subsection.

Update: This is key language — and slightly different from what they argued before FISC. I will return to it.

Plaintiffs assert that, by not changing the language of Section 215 authorizing the collection of business records during the transition period, Congress implicitly incorporated into the USA FREEDOM Act this Court’s opinion holding that Section 215 did not authorize bulk collection. See Pls.’ Mot. 7- 8. Plaintiffs rely on language providing that the legislation does not “alter or eliminate the authority of the Government to obtain an order under” Section 215 “as in effect prior to the effective date” of the statute. USA FREEDOM Act § 109, 129 Stat. at 276. That language does not advance plaintiffs’ argument, however, because the statute says nothing expressly about what preexisting authority the government had under Section 215 to obtain telephony metadata in bulk. It is implausible that Congress employed the  word “authority” to signify that the government lacked authority to conduct the Section 215 bulk telephony-metadata program during the 180-day transition period, contrary to the FISC’s repeated orders and the Executive Branch’s longstanding and continuing interpretation and application of the law, and notwithstanding the active litigation of that question in this Court. That is especially so because language in the USA FREEDOM Act providing for the 180-day transition period has long been a proposed feature of the legislation. It is thus much more plausible that the “authority” Congress was referring to was not the understanding of Section 215 reflected in this Court’s recent interpretation of Section 215, but rather the consistent interpretation of Section 215 by 19 different FISC judges: to permit bulk collection of telephony metadata.

The FISC Purportedly Continues to Have Problems with “Relevant” and “All”

Amid posts bewailing Rand Paul because the Senator’s substantial discussions of the problems with EO 12333 and Section 702 spying aren’t the substantial discussions he wants (I’ll return to these once more pressing matters have passed), Steve Vladeck has returned to the USA F-ReDux topic on which he doesn’t keep contradicting himself: the amicus.

As he notes (and I noted here), Mitch McConnell is (as we speak) attempting to water down the already flimsy FISC amicus via amendment. And Vladeck — as he has before — exposed the false claims that the objections to the amicus comes from the judiciary, this time as represented in the letter from Director of the Administrative Offices of US Courts James Duff.

Why is such a radical amendment to a provision in the House bill that was negotiated very carefully so necessary? According to the memo, “Amendment 1451 is responsive to the judiciary’s continual opposition to the amicus structure of the USA Freedom Act,” as manifested in “a letter to Congress from the director of the Administrative Office of the U.S. Courts.”


I don’t mean to belabor the point. If anything, as I suggested yesterday, section 401 of the House-passed USA FREEDOM Act is a terribly weak version of what should have been a very good (and unobjectionable) idea–allowing a security-cleared outside lawyer to participate in the tiny percentage of cases before the FISC that involve applications for anything besides individualized warrants (you know, the cases in which adversarial participation is already authorized).Part of why section 401 is so weak is because members of Congress have consistently allowed themselves to be snookered by (or have found it convenient to hide behind) the objections of the “judiciary.”

On the merits, though, these objections are patently unavailing. And they certainly aren’t the objections of the “judiciary.”

I’ve also tracked how others, like James Clapper, have been using these purported judiciary concerns to undercut the “advocate” that President Obama used to pretend to want.

What’s particularly interesting, however, is one of the recurrent problems the “judges” seem to keep having. Duff emphasizes that one problem with amici is the Executive would lie to the FISC if telling the truth might risk revealing useful information to an amici. And as one part of that, he focuses on USA F-ReDux’s intent to get

Designated amici are required to have access to “all relevant” legal precedent, as well as certain other materials “the court determines are relevant.


We are concerned that a lack of parallel construction in proposed clause (6)(A)(i) (apparently differentiating between access to legal precedent as opposed to access to other materials) could lead to confusion in its application.

This is what Clapper seemed to be going after last September.

Clapper signals he will make the amicus curiae something different. First, he emphasized this amicus will not interfere with ex parte communications between the court and the government. That may violate this passage of Leahy’s bill, which guarantees the special advocate have access to anything that is “relevant” to her duties.

(A) IN GENERAL.—If a court established under subsection (a) or (b) designates a special advocate to participate as an amicus curiae in a proceeding, the special advocate—


(ii) shall have access to all relevant legal precedent, and any application, certification, petition, motion, or such other materials as are relevant to the duties of the special advocate;

Given that in other parts of 50 USC 1861, “relevant” has come to mean “all,” it’s pretty amazing that Clapper says the advocate won’t have access to all communication between the government and the court.

But the really interesting thing — the reason McConnell’s as-we-speak attempt to gut the amicus further — is that the House already fixed some of this. In a manager’s amendment presented as technical clarifications (but which, on this issue, were not), Bob Goodlatte rewrote this passage:

(i) shall have access to all relevant legal precedent, and any application, certification, petition, motion, or such other materials that the court determines are relevant to the duties of the amicus curiae;

To read like this, to directly address one of Huff’s stated concerns:

(i) shall have access to any relevant legal precedent, and application, certification, petition, motion, or such other materials that the court determines are relevant to the duties of the amicus curiae;

That is, Goodlatte already gave the court complete discretion over what the amicus could access, up to and including underlying legal precedents.

Of course, all that assumes the courts will get all the information they need, which they have a long history of not doing.

Here’s the real takeaway though. The President likes to claim he supports this reform. But he has already made it clear he didn’t really want an advocate at the FISC, but would instead like the FISC to remain a rubber stamp.

AP Also Notes the Torture and Drones Double Standard

After the Torture Report came out, I argued we ought to take a broader lesson from it about failures of accountability in CIA’s covert programs. Specifically, I noted how the drone program — which operated under the same Memorandum of Notification as torture for years — appeared to suffer from the same problems as the torture program.

On the second day of Barack Obama’s presidency, he prohibited most forms of physical torture. On the third, a CIA drone strike he authorized killed up to 11 civilians.


Other reporting may explain why the report portrays Bush, rightly or wrongly, as so uninvolved in the torture program. Both Woodward and Mayer explain that the Sept. 17, 2001, MON was designed to outsource all the important decision-making to the CIA. “To give the President deniability, and to keep him from getting his hands dirty,” Mayer writes in The Dark Side, “the [MON] called for the President to delegate blanket authority to Tenet to decide on a case-by-case basis whom to kill, whom to kidnap, whom to detain and interrogate, and how.” Whether or not Bush had knowledge of what was going on, the very program itself was set up to insulate him from the dirty work, giving him the ability to claim ignorance of a torture program everyone else knew about. (Later, Bush claimed that he was fully briefed.)

But as we know, this insulation created the conditions for a program that was allowed to spin so horribly out of control that the CIA was able to misplace 29 detainees and not worry all that much.

The implications of this subterfuge, however, do not end with the torture program. Nor with George W. Bush. This is the same MON that authorizes the CIA’s current drone program. Presumably that means the drone program is characterized by the same unaccountable structures.

Indeed, after Obama escalated the CIA’s use of drones when he took office, the program suffered from some of the same problems as the torture program. The CIA appears to have misinformed Congress about the details, given claims by people like House Intelligence Committee ranking member Dutch Ruppersberger (D-Md.) that the program had “very minor” civilian casualties, despite the fact that evidence shows that more than 1,000 people have been killed while targeting fewer than 50 terrorists. And like the CIA’s detention and torture of the wrong suspects, a number of drone strikes have killed the wrong people — but with even greater frequency.

Top-ranking members of Congress, including Sen. Dianne Feinstein (D-Calif.), the chair of the Senate Intelligence Committee, have long insisted they have more oversight over the drone program than they did over torture. But the number of significant mistakes — take, for example, the attack on a wedding party earlier this year — suggests that oversight isn’t preventing the same kind of mistakes that happened with torture. Moreover, as with the torture program, the congressional intelligence committees aren’t able to get the information they request from the White House and the CIA. It was only after years of requests that the intelligence committees were allowed to review the administration’s justification for having the CIA kill Anwar al-Awlaki, a U.S. citizen, with a drone strike. Worse, the reports that the CIA killed Awlaki’s 16-year-old son, Abdulrahman, are also shrouded in secrecy and full of inconsistencies.

AP’s Ken Dilanian has a long article in similar vein, noting that the drone and Non Official Cover program have never been scrutinized this closely, in spite of complaints of abuse.

Yet the intelligence committees have never taken a similar look at what is now the premier counterterrorism effort, the CIA’s drone-killing program, according to congressional officials who were not authorized to be quoted discussing the matter.

Intelligence committee staff members are allowed to watch videos of CIA drone missile strikes to monitor the agency’s claims that civilian casualties are limited. But these aides do not typically get access to the operational cables, message traffic, interview transcripts and other raw material that forms the basis of a decision to kill a suspected terrorist.

Nor have they been able to examine cables, emails and raw reporting to investigate recent perceived intelligence lapses, such as why the CIA failed to predict the swift fall of Arab governments, Russia’s move into Ukraine or the rapid military advance of the Islamic State group.

And there have been no public oversight reports on the weak performance of the CIA’s multibillion-dollar “nonofficial cover” program to set up case officers posing as businessmen, which has met with some criticism.

In addition to the nice review of how Dianne Feinstein’s staffers’ managed to do this work (which you should click through to read), Dilanian also got a fairly scathing interview with Feinstein herself (though she insists drones get enough oversight). In it, she professes to have lost her faith that CIA is telling the truth in briefings.

The torture investigation, she said in an interview with The Associated Press, has “changed how I view management in the CIA. It’s changed how I view the brotherhood of the CIA. I believe you do not lie to your oversight committee. And I think the way the program was managed was sloppy.”

The lesson for traditional intelligence oversight, she said, was that “you can sit and listen to a report ??? you don’t know whether it’s all the truth, you don’t know what gets left out. And part of (CIA) tradecraft is deception.”

She said she believes the CIA continues to lie about the effectiveness of torture.

And she dishes on White House collaboration with the CIA to overclassified the report.

But while Obama publicly supported releasing the report’s findings and conclusions, the administration privately pushed to keep significant parts of the summary secret, Feinstein said.

“The president said that he agreed the report should be made public, that he doesn’t condone (the harsh interrogations), but it sort of ends there,” Feinstein said.

She said she perceived “an incredible closeness” between Obama’s chief of staff, Denis McDonough, and Brennan, “and the president and John Brennan.” In negotiations with Feinstein about what parts of the summary should be censored, McDonough spoke for the White House, but there was no daylight between him and the CIA, she said.

Feinstein said both wanted to black out large chunks of the executive summary in the name of protecting sensitive information.

It also provides more details on the attempt to fearmonger DiFi into suppressing the report at the last minute, including that Democrats found James Clapper’s report on the dangers of releasing it to be all that convincing.

This is, I think, one of the necessary conclusions to draw from the Torture Report: oversight isn’t working, because — as DiFi notes — CIA’s tradecraft is all about deception.

Let’s hope she really has learned a bit from this process, even if it’s too late to do anything about it as Chair.

Why Didn’t the Government Make a Bigger Deal about Iranians Hacking Sheldon Adelson?

As I keep explaining to gobsmacked security experts, according to the DHS, not only are motion picture studios like Sony considered Critical Infrastructure the security establishment must protect, but so are casinos (and campgrounds!) as part of the “Commercial Facilities Sector.”

The Commercial Facilities Sector consists of eight subsectors:

  • Public Assembly (e.g., arenas, stadiums, aquariums, zoos, museums, convention centers).
  • Sports Leagues (e.g., professional sports leagues and federations).
  • Gaming (e.g., casinos).
  • Lodging (e.g., hotels, motels, conference centers).
  • Outdoor Events (e.g., theme and amusement parks, fairs, campgrounds, parades).
  • Entertainment and Media (e.g., motion picture studios, broadcast media).
  • Real Estate (e.g., office and apartment buildings, condominiums, mixed use facilities, self-storage).
  • Retail (e.g., retail centers and districts, shopping malls).

Which is why I find it interesting that along with noting that hackers might start altering — rather than just zeroing out — the entries in software, in his Global Threats testimony James Clapper asserted that “Iranian actors have been implicated” in hacking Sheldon Adelson’s casino.

Iran very likely values its cyber program as one of many tools for carrying out asymmetric but proportional retaliation against political foes, as well as a sophisticated means of collecting intelligence. Iranian actors have been implicated in the 2012-13 DDOS attacks against US financial institutions and in the February 2014 cyber attack on the Las Vegas Sands casino company.

A number of outlets reported that Iran, rather than Iranian actors, did the hack.

Bloomberg reported that Iranians were behind the hack in December.

I can think of a number of reasons why the US didn’t make a bigger deal out of Iranians hacking our critical infrastructure Sheldon Adelson’s casinos. Because they couldn’t prove the tie between the actors and the Iranian state, because fighting to protect Adelson’s corruption is less palatable than fighting to protect Hollywood, because it would have focused on Adelson’s threats to bomb Iran, and because they’re trying to craft a peace deal.

And that’s probably just a start.

Still, I’m surprised others — such as Bibi Netanyahu — haven’t made a bigger issue out of Iranian actors’ successful attack on one of the people funding the anti-Iranian lobby.

The Persistent Concerns about Altered Financial Data

Remember that weird passage in the President’s Review Group Report warning against changing the account numbers in financial accounts as part of offensive cyberattacks?

(2) Governments should not use their offensive cyber capabilities to change the amounts held in financial accounts or otherwise manipulate the financial systems;

Second, governments should abstain from penetrating the systems of financial institutions and changing the amounts held in accounts there. The policy of avoiding tampering with account balances in financial institutions is part of a broader US policy of abstaining from manipulation of the financial system. These policies support economic growth by allowing all actors to rely on the accuracy of financial statements without the need for costly re-verification of account balances. This sort of attack could cause damaging uncertainty in financial markets, as well as create a risk of escalating counter-attacks against a nation that began such an effort. The US Government should affirm this policy as an international norm, and incorporate the policy into free trade or other international agreements.

It was the kind of warning that left the strong impression that the US had already been engaged in such books-baking.

It’s back again, in James Clapper’s Global Threats Report (curiously, it was not in last year’s Global Threats Report).

Integrity of Information

Most of the public discussion regarding cyber threats has focused on the confidentiality and availability of information; cyber espionage undermines confidentiality, whereas denial-of-service operations and data-deletion attacks undermine availability. In the future, however, we might also see more cyber operations that will change or manipulate electronic information in order to compromise its integrity (i.e., accuracy and reliability) instead of deleting it or disrupting access to it. Decisionmaking by senior government officials (civilian and military), corporate executives, investors, or others will be impaired if they cannot trust the information they are receiving.

  • Successful cyber operations targeting the integrity of information would need to overcome any institutionalized checks and balances designed to prevent the manipulation of data, for example, market monitoring and clearing functions in the financial sector.

Altering data to misinform decision-makers is not new — part of the Stuxnet attack involved making the Iranians believe everything was going swimmingly even though centrifuges were spinning out of control (though it’s not clear how much of this involved data and how much visuals).

But the persistent concern that the US not engage in such behaviors and now the apparent rising concern that someone would do the same to us sure raises questions about which financial institutions have already had their books cyber-cooked.

James Clapper Admits Phone Dragnet Data Retention Is about Discerning Patterns

In the Q&A portion of a James Clapper chat at Council on Foreign Relations yesterday, he was asked about the phone dragnet and Section 215 (this starts after 48:00).

He made news for the way he warned Congress that if they take away Section 215 (he didn’t specify whether he was talking about just the phone dragnet or Section 215 and the roughly 175 other orders authorized under it) and something untoward happens as a result, they better be prepared to take some of the blame.

Q: In recent days the government reauthorized the telephone metadata collection program through June 1st, when there’s the Sunset date, obviously, of Section 215 of the PATRIOT Act. What do you want to see happen after that?

Clapper: Well, what we have agreed to, Attorney General Eric Holder and I, last September, signed a letter saying that we supported the notion of moving the retention of the data to providers in a bill that was — actually came out of the Senate from Senator Leahy, so we signed up to that. I think that’s the only thing that’s realistic if we’re going to have this at all. In the end, the Congress giveth and the Congress taketh away. So if the Congress in its wisdom decides that the candle isn’t worth the flame, the juice isn’t worth the squeeze, whatever metaphor you want to use, that’s fine. And the Intelligence Community will do all we can within the law to do what we can to protect the country. But, I have to say that every time we lose another tool in our toolkit, you know? It raises the risk. And so if we have — if that tool is taken away from us, 215, and some untoward incident happens which could have been thwarted had we had it I just hope that everyone involved in that decision assumes responsibility. And it not be blamed if we have another failure exclusively on the intelligence community.

At one level, I’m absolutely sympathetic with Clapper’s worries about getting blamed if there’s another attack (or something else untoward). In some cases (particularly in the aftermath of the 2009 Nidal Hasan and Umar Farouk Abdulmutallab attacks), politicians have raised hell about the Intelligence Community missing a potential attack. But that really did not happen after the Boston Marathon; contemporaneous polls even said most people accepted that you couldn’t prevent every attack. Moreover, in that case, NSA — the entity running the phone dragnet — was excluded from more intensive Inspector General review, as NSA has repeatedly been in the past (including, to a significant extent, the 9/11 attack), even though it had collected data on one or both of the Tsarnaev brothers but not accessed it until after the attack. In other words, NSA tends not to be held responsible even when it is.

Clapper’s fear-mongering has gotten most of the attention from that Q&A, even more than Clapper’s admission elsewhere that “moderate” in Syria — he used scare quotes — means “anyone who’s not affiliated w/I-S-I-L.”

But on the phone dragnet, I found this a far more intriguing exchange.

Q: And just to be clear, with the private providers maintaining that data, do you feel you’ve lost an important tool?

Clapper: Not necessarily. It will depend though, for one, retention period. I think, given the attitude today of the providers, they will probably do all they can to minimize the retention period. Which of course, from our standpoint, lessens the utility of the data, because you do need some — and we can prove this statistically — you do need some historical data in order to, if you’re gonna discern a pattern. And again, 215 to me, is much like my fire insurance policy. You know, my house has never burned down but every year I buy fire insurance just in case.

In general, discussions about why the NSA needs 5 years of phone dragnet have used a sleeper argument: a suspect might have spoken to someone of interest 4 years ago, which would be an important connection to identify and pursue. But that’s not what Clapper says here. They need years and years of our phone records not to find calls we might have made 5 years ago, but to “discern patterns.”

Well, that changes things a bit, and may even suggest how they’re actually using the phone dragnet.

While we know they have, at times, imputed some kind of meaning to the lengths of calls — for a while they believed calls under 2 minutes were especially suspicious until they realized calls to the pizza joint also tend to be under 2 minutes — there’s another application where pattern analysis is even more important: matching burner phones. You need a certain volume of past calls to establish a pattern of a person’s calls so as to be able to identify another unrelated handset that makes the same pattern of calls as the same person.

Connection chaining, not contact chaining.

Clapper’s revelation that they need years of retention for pattern analysis, not for contact chaining, seems consistent with the language describing the chaining process under USA Freedom Act.

(I) using the specific selection term that satisfies the standard required under subsection (b)(2)(C)(ii) as the basis for production; and

(II) using call detail records with a direct connection to such specific selection term as the basis for production of a second set of call detail records;

That is, they’d be getting all the calls the target had made, as well as all the calls an identifiable target’s associate or additional phone had made.

And remember, one of the NSA’s two greatest “successes” with the phone dragnet — when they found that Adis Medunjanin, whom they already knew to be associated with Najibullah Zazi, had a phone they hadn’t known about — involves burner matching. That match took place at an important moment, too, when the NSA had turned off its automatic correlation process (which uses a dedicated database to identify the other known identities of a person in a chain), and when its queries were as closely controlled as they ever have been in the wake of the massive violations in 2009. At a time when they were running a bare bones phone dragnet, they were still doing burner matching, and considered that a success.

Now, let me be clear: matching the burner phones of real suspects is a reasonable use for a phone dragnet, though the government ought to provide more clarity about whether they’re matching solely on call patterns or on patterns of handset use, including on the Internet. It’d also be nice if anyone caught in this fashion had some access to the accuracy claims the government has made and the basis used to make those accuracy claims (for one incarnation of the Hemisphere dragnet, DEA was claiming 94% accuracy, based of 10 years of data and, apparently, multiple providers). And this points to the importance of retaining FISC review of the targets, because people for whom there is not reasonable articulable suspicion of ties to terrorism ought to be able to use burner phones.

James Clapper’s office has gone to great lengths to try to hide any mention of pattern analysis in declassified discussions of the phone dragnet. Apparently, Clapper doesn’t think that detail needs to be classified anymore.

Emptywheel Twitterverse
bmaz @ryanlcooper @zunguzungu Not to take anything away from Lewis, who is a personal to me, and national, hero, but think his statement dubious.
bmaz @ryanlcooper @zunguzungu Think Aaron is right about that. Lewis did conflate truly different times.
JimWhiteGNV Hmmm. Maybe folks in Pakistan who got misguided Hellfires can send some back... https://t.co/w9ni8Ow6E7
bmaz @BlanksSlate + @DLind March 1 is opening day of spring training here in Cactus League. Just noting. For calendar purposes only, of course.
JimWhiteGNV Latest from @NBCNews: Beard scat found all over Syria.
JimWhiteGNV RT @cmagill: Bears respond to #Daesh shaving https://t.co/9mGoN1hzqA
JimWhiteGNV Does a beard shit in the woods?
JimWhiteGNV Does a bear shave in the woods?
bmaz @YeaYouRite @ryanlcooper Which, frankly, would have been totally acceptable. But Lewis instead flavored his comment into intra party attack.
bmaz @YeaYouRite @ryanlcooper Well, or even "I never met him personally, but there were so many and I am not going to attack his bonafides here".
bmaz @ryanlcooper Yeah, maybe fair. Thing is, this is a different climate. Don't tell me Lewis didn't know after SC in 2008.
bmaz This is great, and why, relative party politics aside, I have and do follow @tomwatson https://t.co/dYKgWNNhRm
February 2016
« Jan