Posts

Organized Crime

Know what you call a crowd that requires 25 pardons to cover their illegal activities of the last 5 years?

As it happens, Trump is mulling the pardons at a juncture when loyalty appears his principal concern, complaining repeatedly over the past weeks that Republicans are deserting him when he needed them to help overturn the election results.

He has largely frozen out those advisers and associates who do not seem on the same page. One person who used to speak to Trump regularly, but who delicately encouraged him to soften his post-election stance, no longer has his calls returned and hasn’t heard from Trump in weeks.

In all, the President is considering pardons for more than two dozen people in his orbit whom he believes were targeted — or could be targeted in the future — for political ends. That’s in addition to hundreds of requests from others who have approached the White House directly, and tens of thousands more whose petitions are pending at the Justice Department.

Organized crime.

Roger Stone Takes Georgia, and the Senate, Hostage

As far as I know, virtually no one else has accurately reported on the significance of this footnote in the Mueller Report, liberated by BuzzFeed hours before election day.

1279 Some of the factual uncertainties are the subject of ongoing investigations that have been referred by this Office to the D.C. U.S. Attorney’s Office.

The footnote explains why, on March 22, 2019, the Mueller team had not yet charged Roger Stone for conspiring with Russian intelligence officers to steal files from Democrats that could be leaked to help Donald Trump get elected President: because DOJ was still investigating it. The footnote — and the entire public record since then — make it clear that that investigation into Stone on CFAA conspiracy charges was ongoing. Indeed, I have shown that the Stone trial for lying to Congress to cover up the identity of his claimed go-between with WikiLeaks strongly suggests that his go-between was neither Jerome Corsi nor Randy Credico, but Guccifer 2.0, quite possibly an American cut-out working with the Russians.

While there are signs that Bill Barr effectively shut down that ongoing investigation by forcing the four Stone prosecutors to withdraw from the case, an investigation into whether Stone conspired with Russia would neither be tolled nor precluded on double jeopardy grounds. Nor would such crimes be covered by Trump’s commutation of Stone’s sentence for covering up who his go-between with WikiLeaks was, which appears to have been an effort to distract from his ties directly to the Russian operation. They are entirely different crimes. To pardon Stone for conspiring with Russia, Trump might well have to specify that Stone did conspire with Russia, something that would not only create legal jeopardy for himself, but would require admitting what he has tried to deny for four straight years, that his campaign “colluded” — conspired even! — with Russia to win.

It would be uncontroversial for Joe Biden’s Attorney General to reopen a case against Roger Stone for conspiring with Russia.

That may be useful background to the news that, after remaining relatively quiet for much of the 2020 election (or at least fronted by Steve Bannon), Stone is now threatening to hold Georgia’s Senate seats — and with it, GOP control of the Senate — hostage.

Conservative operatives and a super PAC with ties to infamous GOP dirty trickster Roger Stone are calling for Trump supporters to punish Republicans by sitting out Georgia’s crucial Senate runoffs or writing in Trump’s name instead. And though their efforts remains on the party’s fringes, the trajectory of the movement has Republicans fearful that it could cost the GOP control of the Senate.

The most aggressive call to boycott or cast protest ballots in the two runoff races has, so far, come from a dormant pro-Trump super PAC with ties to Stone, which unveiled a new initiative to retaliate against the Republican Party’s supposed turncoats by handing Democrats control of the U.S. Senate.

The group, dubbed the Committee for American Sovereignty, unveiled a new website encouraging Georgia Republicans to write in Trump’s name in both of the upcoming Senate runoff elections, which could determine the party that controls the upper chamber during President-elect Joe Biden’s first two years in office. The PAC argued that doing so will show support for the president in addition to forcing Republicans to address the wild election-fraud conspiracy theories floated by Trump supporters and members of his own legal team.

The effort uses some of the same infrastructure that the Mueller team scrutinized as part of its investigation of Stone.

The Committee for American Sovereignty and a sister nonprofit group were set up in 2016 as vehicles for prominent pro-Trump operatives—most notably Stone and former Blackwater chief Erik Prince—to attempt to suppress the Black vote by amplifying claims that Bill Clinton had an illegitimate biracial son. It’s been mostly quiet since then. The PAC’s recent filings with the Federal Election Commission disclose nothing but outstanding federal and state tax liabilities, and its new effort in Georgia doesn’t appear to have received much pickup yet.

A request for comment sent to the Committee for American Sovereignty email address on file with the FEC was not returned. Efforts to reach Pamela Jensen, a California political activist who leads the group, were not successful. Her husband, an attorney named Paul Jensen who describes Stone as a “long time client,” told The Daily Beast in an email his wife “has no comment, and nor do I.” Stone did not respond to inquiries about his present involvement with the group.

Stone made fairly naked threats in the days leading up to Trump’s commutation of his sentence, in that case to share information with prosecutors about Trump’s knowledge of his 2016 activities. The threats worked. This time around, Trump may not have the power to respond to Stone’s threats.

But Stone has proven in the past he’s willing to take reckless actions when he is cornered.

Some Details of Mueller’s GRU Indictment You Probably Missed

When the Mueller team wrote the GRU indictment, they were hiding that Roger Stone might one day be included in it.

Last week,  DOJ unsealed language making it clear that, when Mueller closed up shop in March 2019, they were still investigating whether Roger Stone was part of a conspiracy with Russia’s GRU to hack-and-leak documents stolen from the Democrats in 2016.

The Office determined that it could not pursue a Section 1030 conspiracy charge against Stone for some of the same legal reasons. The most fundamental hurdles, though, are factual ones.1279 As explained in Volume I, Section III.D.1, supra, Corsi’s accounts of his interactions with Stone on October 7, 2016 are not fully consistent or corroborated. Even if they were, neither Corsi’s testimony nor other evidence currently available to the Office is sufficient to prove beyond a reasonable doubt that Stone knew or believed that the computer intrusions were ongoing at the time he ostensibly encouraged or coordinated the publication of the Podesta emails. Stone’s actions would thus be consistent with (among other things) a belief that he was aiding in the dissemination of the fruits of an already completed hacking operation perpetrated by a third party, which would be a level of knowledge insufficient to establish conspiracy liability. See State v. Phillips, 82 S.E.2d 762, 766 (N.C. 1954) (“In the very nature of things, persons cannot retroactively conspire to commit a previously consummated crime.”) (quoted in Model Penal Code and Commentaries § 5.03, at 442 (1985)).

1279 Some of the factual uncertainties are the subject of ongoing investigations that have been referred by this Office to the D.C. U.S. Attorney’s Office.

That means, eight months after they charged a bunch of GRU officers for the hack-and-leak, DOJ still hadn’t decided whether Stone had criminally participated in that very same conspiracy.

That raises questions about why they obtained the indictment before deciding whether to include Stone in it.

In his book, Andrew Weissmann provides an explanation for the timing of it.

A problem arose, however, when it came to the timing of this indictment. Having secured the Intelligence Community’s and Justice Department’s go-ahead, Jeannie aimed to have the indictment completed by July 2018. However, Team M’s first case against Manafort was scheduled to go to trial in Virginia in mid-July and, with Manafort showing little sign of wanting to plead, much less cooperate, with our office, we had few doubts that the trial would go forward. If we brought Team R’s indictment just before the trial, the judge in the Manafort case would go bonkers, justifiably concerned that such an indictment from the Special Counsel’s Office could generate adverse pretrial publicity, even if it didn’t relate directly to the Manafort charges.

But we couldn’t afford to wait to bring the hacking indictment until after both of Manafort’s trials concluded—the trial in Virginia was slated to start in July and the trial in Washington in early September. By then, we would be running up on the midterms, and we would not announce any new charges that close to the election (consistent with Department policy). But waiting until mid-November would be intolerable to Mueller. I told Jeannie I thought we could safely defend ourselves from any objections from the Virginia judge if she brought her case at least two weeks before the start of our July trial—that, I hoped, would give us a reasonable buffer.

Jeannie said she could manage that, then quickly noted that the new timetable created yet another problem: Two weeks before our trial, the president was scheduled to be in Helsinki, where he would be meeting privately with Vladimir Putin. Our indictment would require alerting the State Department, given their diplomatic concerns in preparing for and running a summit, as the indictment would accuse the Russians explicitly of election interference. That was standard operating procedure, but there was also the real perception issue that the indictment could look like a commentary on Trump’s decision to meet alone with Putin, which we did not intend.

We brought the dilemma to Mueller. He suggested we determine whether the White House would take issue with our proceeding just before the president’s trip—would it pose any diplomatic issues? The answer we got back was no: The administration would not object to the timing. I suspect the White House Counsel’s Office did not want to be perceived as dictating to us how or when to bring our indictment, or as hiding evidence of Russian election interference. In retrospect, a less generous interpretation of their blessing to move forward was that they knew dropping the indictment just before the trip would provide Trump and Putin an opportunity to jointly deny the attack on a global stage—that they were playing us, as Barr would later on. [my emphasis]

The indictment was ready in July. If it wasn’t announced then and if both Manafort trials went forward, then prohibitions on pre-election indictments would kick in, meaning the indictment wouldn’t be released in mid-November. That would have been “intolerable” for Mueller’s purposes. Weissmann doesn’t note that mid-November would also be after the election, meaning that the indictment might not get released before a hypothetical post-election Mueller firing and so might not get released at all. That may be what intolerable means.

Other possible factors on the GRU indictment timing

One thing that almost certainly played a factor in DOJ obtaining the indictment before they decided whether to include Stone in it, however, was Andrew Miller’s appeal.

Stone’s former aide Andrew Miller was interviewed for two hours at his home on May 9, 2018; this is almost certainly the 302 from the interview. Assuming that is his 302, Miller was asked about his relationship with Stone, Stone’s relationship with Trump, a bunch of Stone’s right wing nut-job friends, and someone whom Miller knew under a different name. Nothing in the unredacted passages of the interview reflects Miller’s role coordinating Stone’s schedule at the RNC, even though that was the focus of a follow-up subpoena after Miller testified to the grand jury. At the end of the interview, Miller agreed to appear voluntarily for a follow-up and grand jury testimony.

But then Stone learned about the interview.

We know that from the description of a pen register Mueller obtained on Stone a week later, described in affidavits. The PRTT showed that Miller had called Stone twice in the days after his interview with the FBI. On May 11, 2018, Miller lawyered up and his new lawyer, Alicia Dearn, told Mueller that Miller would no longer appear voluntarily (remember that Stone had offered to get a lawyer who would help Randy Credico refuse to testify).

This timeline lays out the early part of Miller’s subpoena challenge.

Miller emailed Stone over a hundred times over the month after his FBI interview. Miller did schedule a grand jury appearance, but then blew it off. Mueller started moving to hold Miller in contempt on June 11. In the days between then and a hearing on the subpoena, Miller and Stone exchanged five more emails. Then, in late June, Miller added another lawyer, Paul Kamenar (whom Stone would add to his team after his sentencing, presumably to allow Kamenar to access the evidence against him under the protective order). Kamenar made it clear he would appeal Miller’s subpoena.

In other words, in late June, the Mueller team learned that they would have to wait a while to get Miller before the grand jury (it ultimately took until the moment Mueller closed up shop on May 29, 2019). All the back and forth also would have made it clear how damaging Stone believed Miller’s testimony against him to be. When Mueller obtained a second warrant for Stone’s emails in early August 2018, the team would have gotten the content of those emails to learn precisely what Stone had to say to Miller about his testimony.

So Miller’s challenge to his subpoena meant that Mueller’s team would not obtain testimony that — it seems clear — they knew went to the heart of whether Stone was conspiring with Russia until well after the midterm election.

If my concerns that “Phil” had a role in the Guccifer 2.0 operation were correct, there’s a chance my big mouth had a role in the timing, too. Starting on June 28, I started considering revealing that I had gone to the FBI in what would eventually become this post. Contrary to the invented rants of people like Glenn Greenwald and Eli Lake, even a year into an investigation into what I had shared with the FBI, long after the time they would have been able to dismiss my concerns if they had no merit, prosecutors did not blow me off.

My interaction with Mueller’s press person in advance of going forward extended over five days. I emailed the press person on June 28 and said I wanted to run something by him. He blew it off for a day (there was a Manafort hearing), then on Friday I wrote again saying I run my decision by my lawyer, and was still planning on going forward. He still blew it off. The next day, I suggested he go check with a particular prosecutor; while the prosecutor hadn’t been in my interview, he was involved in setting it up. The press guy called back within an hour, far more interested in the discussion, and chatty about the fact that I live(d) in Michigan. He asked me to explain the threats I believed I had gotten after I went to the FBI. He asked me generally what I wanted to say. I noted that I believed if people guessed why I had gone to the FBI, they would guess the Shadow Brokers side of it, since TSB had dedicated its last words to a tribute to me, but probably not the Guccifer 2.0 side.

He told me “some people” needed to discuss it. Early on Monday July 1, we spoke again first thing in the morning. He asked me to describe more specifically what I would say. I described the select parts of my post that I suspected would be most sensitive, and read the text that I planned to publish. He said some people needed to discuss it and I would hear by the end of the day. At the end of the workday, he apologized for a further delay. After some more back-and-forth, he told me, around 10PM, that my post would not damage the investigation. The Special Counsel’s Office took no view on whether it was a stupid idea or not (it probably was, not least because one can never understand the moving parts in an investigation like this).

I posted the next day, part of a mostly-failed attempt to get Republicans to care about the non-partisan sides of this investigation. That was 11 days before the actual indictment.

I didn’t know then and frankly I still can’t rule out whether, over those two days, when “some people” discussed my plans, they reached a final conclusion that my concerns about an American who might have a role in the Guccifer 2.0 operation were either baseless or could not be proven.

But the aftermath shows they were still investigating Stone’s ties to Guccifer 2.0, whether not I was right about an American involved in it. Later in July, after the GRU indictment was released, prosecutors would obtain a warrant on several of Stone’s Google accounts in an attempt to determine whether he was the person looking up dcleaks and Guccifer 2.0 before the sites went live. A month and a half later, they would get two warrants, two minutes apart, one for Stone’s cell site location, and another for a Guccifer 2.0 email account, possibly an attempt to co-locate Stone and someone using the Guccifer account. That was the beginning of the period when Mueller’s team would start gagging warrant applications to hide the scope of the investigation from Stone.

For several months after releasing an indictment that made it appear as if all the answers about the hack-and-leak were answered, then, Mueller’s team took a number of steps that aimed to understand any tie between Stone and Guccifer 2.0. Even sixteen months after the GRU indictment, the Guccifer 2.0 persona ended up being an unstated focus of Stone’s trial — a trial about his lies to hide his true go-between with WikiLeaks — too.

Whatever the reason for the timing of the GRU indictment, given the confirmation that Mueller’s team was still investigating whether Stone had foreknowledge of ongoing GRU hacks that would merit including him in the hack-and-leak conspiracy when they closed up shop in March 2019, it’s worth revisiting the GRU indictment. At the time Mueller’s team wrote it, they knew at a minimum they were killing time to get Miller’s testimony, and subsequent steps they took show they they continued to pursue a prong of the investigation pertaining to Guccifer 2.0 that they planned to hide from Stone. So it’s worth seeing how they wrote the indictment to allow for the possibility of later including Stone in it, without telegraphing that that was a still open part of the investigation.

The Stone investigation parallels several of the counts charged in Mueller’s GRU indictment

The indictment charges 12 GRU officers for several intersecting conspiracies: Conspiracy against the US by hacking to interfere in the 2016 election (incorporating various CFAA charges and 18 USC §371), conspiracy to commit wire fraud for using false domain names (18 USC §3559(g)(1)), aggravated identity theft for stealing the credentials of victims (18 USC 1028A(a)(1)), conspiracy to launder money for using bitcoin to hide who was funding the hacking infrastructure (18 USC §1956(h)), and conspiracy against the US for tampering with election infrastructure (18 USC §371). In addition there’s an abetting charge (18 USC §2). Those charges are similar to, but do not exactly line up with, the other GRU indictment obtained in 2018, for hacking international doping agencies, which I’ll call the WADA indictment. The WADA indictment includes hacking, wire fraud, money laundering conspiracies, along with identity theft, as well. But it doesn’t include the abetting charge. And as described below, it deals with the leaking part of the operation differently.

DOJ used the abetting charge in Julian Assange’s indictments, a way to try to hold him accountable for the theft of documents by Chelsea Manning. Given the mention of Company 1, WikiLeaks, in the indictment, that may be why the abetting charge is there.

But the charges in the Mueller GRU indictment also parallel those for which the office was investigating Stone: he was investigated for CFAA charges from the start (that first affidavit focused exclusively on Guccifer 2.0), 371 was added in the next affidavit, aiding and abetting a conspiracy was added in the third affidavit, and wire fraud was added in March 2018 (the campaign finance charges that would be declined in the Mueller Report were added in November 2017). While the wire fraud investigation might be tied to Stone’s own disinformation on social media, the rest all stems from the charges eventually filed against the GRU in July 2018. Those same charges remained in Stone’s affidavits through 2018 (though did not appear in the early 2019 warrants used to search his houses and devices).

Mueller charged Unit 74455 officers for “assisting” in the DNC leak, without describing whom they assisted

Given the overlap on charges between those for which Mueller investigated Stone and those that appeared in the indictment, the treatment of the information operation in the GRU indictment — particularly when compared with the WADA indictment — is of particular interest. In both cases, the indictment described the InfoOps side to be conducted by Russian military intelligence GRU Unit 74455, as distinct from Unit 26165, which did most (but not all, in the case of the election operation) of the hacking.

In the WADA indictment, none of the personnel involved in the hack-and-leak at Unit 74455 are named or charged. Instead the indictment explains that, “these [Fancy Bears Hack Team social media accounts] were acquired and maintained by GRU Unit 74455.” Later, the indictment describes these accounts as being “managed, at least in part, by conspirators in GRU 74455,” notably allowing for the possibility that someone else may have been involved as well. The actions associated with that infrastructure are generally described in the passive voice: “were registered,” “were released” (several times). For other actions, the personas were the subject of the action: “”@fancybears and @fancybearHT Twitter accounts sent direct messages…”

The Mueller indictment, however, names three Unit 74455 officers: It charges Aleksandr Osadchuk and Anatoliy Kovalev in the hack of the election infrastructure (Kovalev got charged in the recent GRU indictment covering the Seoul Olympics and NotPetya, as well).

And it charges Osadchuk and the improbably named Aleksey Potemkin in the hack-and-leak conspiracy. The Mueller indictment describes that those two Unit 74455 officers set up the infrastructure for the leaking part of the operation. Significantly, it describes that these officers “assisted” in the release of the stolen documents.

Unit 74455 assisted in the release of stolen documents through the DCLeaks and Guccifer 2.0 personas, the promotion of those releases, and the publication of anti-Clinton content on social media accounts operated by the GRU.

[snip]

Infrastructure and social media accounts administered by POTEMKIN’s department were used, among other things, to assist in the release of stolen documents through the DCLeaks and Guccifer 2.0 personas.

The indictment doesn’t describe whom these officers assisted in releasing the documents.

Unlike the WADA indictment, the Mueller indictment also includes specific details proving that GRU did control the social media infrastructure. It describes how the conspirators used the same cryptocurrency account to register “dcleaks.com” as they used in the spear-phishing operation, and the same email used to register the server was also used in the spear-phishing effort.

The funds used to pay for the dcleaks.com domain originated from an account at an online cryptocurrency service that the Conspirators also used to fund the lease of a virtual private server registered with the operational email account [email protected] The dirbinsaabol email account was also used to register the john356gh URL-shortening account used by LUKASHEV to spearphish the Clinton Campaign chairman and other campaign-related individuals.

[snip]

For example, between on or about March 14, 2016 and April 28, 2016, the Conspirators used the same pool of bitcoin funds to purchase a virtual private network (“VPN”) account and to lease a server in Malaysia. In or around June 2016, the Conspirators used the Malaysian server to host the dcleaks.com website. On or about July 6, 2016, the Conspirators used the VPN to log into the @Guccifer_2 Twitter account. The Conspirators opened that VPN account from the same server that was also used to register malicious domains for the hacking of the DCCC and DNC networks.

(Note, this is some of the evidence collected via subpoenas to tech companies that the denialists ignore when they claim that CrowdStrike was the only entity to attribute the effort to Russia.)

The Mueller indictment describes how Potemkin controlled the computers used to launch the dcleaks Facebook account.

On or about June 8, 2016, and at approximately the same time that the dcleaks.com website was launched, the Conspirators created a DCLeaks Facebook page using a preexisting social media account under the fictitious name “Alice Donovan.” In addition to the DCLeaks Facebook page, the Conspirators used other social media accounts in the names of fictitious U.S. persons such as “Jason Scott” and “Richard Gingrey” to promote the DCLeaks website. The Conspirators accessed these accounts from computers managed by POTEMKIN and his co-conspirators.

Finally, there’s the most compelling evidence, that some conspirators logged into a Unit 74455-controlled server in Moscow hours before the initial Guccifer 2.0 post went up and searched for the phrases that would be used in the first post.

On or about June 15, 2016, the Conspirators logged into a Moscow-based server used and managed by Unit 74455 and, between 4:19 PM and 4:56 PM Moscow Standard Time, searched for certain words and phrases, including:

Search Term(s)

“some hundred sheets”

“some hundreds of sheets”

dcleaks

illuminati

широко известный перевод [widely known translation]

“worldwide known”

“think twice about”

“company’s competence”

Later that day, at 7:02 PM Moscow Standard Time, the online persona Guccifer 2.0 published its first post on a blog site created through WordPress. Titled “DNC’s servers hacked by a lone hacker,” the post used numerous English words and phrases that the Conspirators had searched for earlier that day (bolded below):

Worldwide known cyber security company [Company 1] announced that the Democratic National Committee (DNC) servers had been hacked by “sophisticated” hacker groups.

I’m very pleased the company appreciated my skills so highly))) [. . .]

Here are just a few docs from many thousands I extracted when hacking into DNC’s network. [. . .]

Some hundred sheets! This’s a serious case, isn’t it? [. . .] I guess [Company 1] customers should think twice about company’s competence.

F[***] the Illuminati and their conspiracies!!!!!!!!! F[***] [Company 1]!!!!!!!!! [emphasis original]

Remember: in the weeks after DOJ released this indictment, Mueller’s team took steps to try to obtain proof of whether Roger Stone was the person in Florida searching on Guccifer’s moniker on June 15, 2016, before the initial post was published. If Stone did learn about this effort in advance, it would suggest he learned about Guccifer 2.0 operation around the same time as someone was searching on these phrases in a GRU server located in Moscow. It would mean Stone learned about the upcoming Guccifer post in the same timeframe as these GRU officers were reviewing it.

It’s not really clear what was going on here. The assumption has always been that GRU officers were looking for translations into English from a post they drafted in Russian, even though the quotation marks suggests the Russian officers were searching on English phrases.

The one exception to that seems to confirm that. Those conducting these searches appear to have searched on a Russian phrase, a phrase they would have easily understood.

широко известный перевод

Moreover, it would take a shitty-ass translation application to come up with the stilted English used in the post. Plus, “illuminati,” at least, is an easily recognized cognate, even for someone (me!) whose Russian is surely worse than the English of any one of these Russian intelligence officers.

Still, proof of this  activity — obtained via undescribed means — clearly ties the Guccifer operation to the GRU. It’s just not clear what to make of it. And the possibility that there’s an American component to the Guccifer 2.0 operation — whether “Phil” or someone else — one that may have alerted Stone to what was going on, provides explanations other than straight up translation. Indeed, it may be that GRU officers were approving the content that someone else wrote, originally in English. Which might also explain why Stone may have known about it in advance.

Whatever else, the GRU indictment only claims that these GRU officers “assisted” this effort. It doesn’t claim they wrote this post.

The Stone-adjacent Guccifer 2.0 activity

One other detail of Mueller’s GRU indictment of interest pertains to which Stone-adjacent activity it chose to highlight.

Stone had first made his DMs with Guccifer 2.0 public himself, in March 2017. They were covered in his House Intelligence Committee testimony. But when Mueller included them in the GRU indictment, Stone first denied, and then sort of conceded the reference to them might be him.  His initial denial was an attempt to deny he had spoken with people in the campaign other than Trump himself, even though he had released the communications himself over a year earlier.

Remember — Mueller was still weighing whether Stone was criminally involved in this conspiracy when Stone issued the initial denial!

But that’s not the most interesting detail of the part of the indictment that lays out with whom Guccifer 2.0 shared stolen documents (even ignoring one or two tidbits I’m still working on).

Mueller’s GRU indictment included — along with the reference to the Roger Stone DMs they still hadn’t determined whether reflected part of a criminal conspiracy or not — the Lee Stranahan exchange with Guccifer 2.0 that ended in Stranahan, a Breitbart employee who would later move to Sputnik, obtaining early copies of a document purportedly about Black Lives Matter.

On or about August 22, 2016, the Conspirators, posing as Guccifer 2.0, sent a reporter stolen documents pertaining to the Black Lives Matter movement. The reporter responded by discussing when to release the documents and offering to write an article about their release.

These Stranahan exchanges are really worth attention, not just for the way they prove that Stone-adjacent people got early releases on request (which, lots of evidence suggests, also happened with Stone with respect to the Podesta files pertaining to Joule Holdings), but also for the way Guccifer 2.0 ignored Stranahan’s claim in early August 2016 to have convinced Stone that Guccifer 2.0 was not Russian.

Note what this indictment didn’t mention, though: Guccifer 2.0’s outreach to Alex Jones (about whom, unlike Stranahan, the FBI questioned Andrew Miller).

As I’ve pointed out, in the SSCI Report, there’s a long section on Jones that remains almost entirely redacted. Citing to five pages of a report the title of which is also redacted, the four paragraphs appear between the discussions of Guccifer 2.0’s outreach to then-InfoWars affiliate Roger Stone and Guccifer 2.0 and dcleaks’ communication with each other.

According to Thomas Rid’s book, Active Measures, both dcleaks and Guccifer 2.0 tried to reach out to Jones on October 18, 2016.

On October 18, for example, as the election campaign was white hot and during the daily onslaught of Podesta leaks, both GRU fronts attempted to reach out to Alex Jones, a then-prominent conspiracy theorist who ran a far-right media organization called Infowars. The fronts contacted two reporters at Infowars, offered exclusive material, and asked to be put in touch with the boss directly. One of the reporters was Mikael Thalen, who then covered computer security. First it was DCleaks that contacted Thalen. Then, the following day, Guccifer 2.0 contacted him in a similar fashion. Thalen, however, saw through the ruse and was determined not to “become a pawn” of the Russian disinformation operation; after all, he worked at Infowars. So Thalen waited until his boss was live on a show and distracted, then proceeded to impersonate Jones vis-à-vis the Russian intelligence fronts.23

“Hey, Alex here. What can I do for you?” the faux Alex Jones privately messaged to the faux Guccifer 2.0 on Twitter, later on October 18.

“hi,” the Guccifer 2.0 account responded, “how r u?”

“Good. Just in between breaks on the show,” said the Jones account. “did u see my last twit about taxes?”

Thalen, pretending to be Jones, said he didn’t, and kept responses short. The officers manning the Guccifer 2.0 account, meanwhile, displayed how bad they were at media outreach work, and consequently how much value Julian Assange added to their campaign. “do u remember story about manafort?” they asked Jones in butchered English, referring to Paul Manafort, Donald Trump’s former campaign manager. But Thalen no longer responded. “dems prepared to attack him earlier. I found out it from the docs. is it interesting for u?”24

Rid describes just one of two outreaches to Jones (through his IC sources, he may know of the report the SSCI relies on). But a key detail is that this outreach used as entrée some stolen documents from May 2016 showing that the Democrats were doing basic campaign research on Trump’s financials. It then purports to offer “Alex Jones” information on early Democratic attacks on Paul Manafort’s substantial Ukrainian graft, possibly part of the larger GRU effort to claim that Ukraine had planned an election year attack on Trump.

That is, unlike Stranahan’s request for advance documents, this discussion intended for “Alex Jones,” ties directly to Stone’s efforts to optimize the Podesta release. And it’s something that some entity prevented SSCI from publishing.

It’s also something Mueller’s team left out of an indictment aiming to lay out the hack-and-leak case before they might get fired, but in such a way as to hide the then-current state of the investigation from Roger Stone.

There were actually a number of Stone-adjacent associates in contact with GRU’s personas. And as recently as just a few months ago, the government wanted to hide the nature of those ties.

Unsealed Mueller Report Passages Confirm the Then-Ongoing Investigation into Roger Stone

BuzzFeed released the last bits of the Mueller Report that Judge Reggie Walton ordered released late last night. I will have far more to say about them between meetings later today.

But for now, I want to point to the key paragraph on why Mueller didn’t charge Roger Stone in the hack-and-leak case. Basically, it says that neither Corsi’s testimony nor “other evidence currently available to the Office” is sufficient to prove that when Stone was coordinating the Podesta file dump, he knew that Russians continued to hack Democratic targets.

But then it includes a footnote that says there are “ongoing investigations” (plural) that the DC US Attorney’s Office will continue to pursue to try to address these factual uncertainties.

The Office determined that it could not pursue a Section 1030 conspiracy charge against Stone for some of the same legal reasons. The most fundamental hurdles, though, are factual ones.1279 As explained in Volume I, Section III.D.1, supra, Corsi’s accounts of his interactions with Stone on October 7, 2016 are not fully consistent or corroborated. Even if they were, neither Corsi’s testimony nor other evidence currently available to the Office is sufficient to prove beyond a reasonable doubt that Stone knew or believed that the computer intrusions were ongoing at the time he ostensibly encouraged or coordinated the publication of the Podesta emails. Stone’s actions would thus be consistent with (among other things) a belief that he was aiding in the dissemination of the fruits of an already completed hacking operation perpetrated by a third party, which would be a level of knowledge insufficient to establish conspiracy liability. See State v. Phillips, 82 S.E.2d 762, 766 (N.C. 1954) (“In the very nature of things, persons cannot retroactively conspire to commit a previously consummated crime.”) (quoted in Model Penal Code and Commentaries § 5.03, at 442 (1985)).

1279 Some of the factual uncertainties are the subject of ongoing investigations that have been referred by this Office to the D.C. U.S. Attorney’s Office.

As I described in May, in fall 2018, Mueller’s team took a bunch of investigative steps that they kept under seal. Then, they used the witness tampering case to obtain more information.

It’s unclear how much closer prosecutors got to proving the hack-and-leak case (though they obviously obtained Andrew Miller’s testimony, which was evidence not “currently available” when the Mueller Report was written). But there also appears to be evidence that, by intervening in the Stone sentencing, leading all the prosecutors to drop off the case, Bill Barr killed that part of the investigation.

Prosecutors were still working on proving Stone’s role in the hack-and-leak in March 2019. What’s unclear is how much closer they had since gotten to charging it before Barr intervened.

“Show Me the Metadata:” A Forensic Tie Between Shadow Brokers and Guccifer 2.0

On October 16, 2017, some of the last words the persona Shadow Brokers (TSB) ever wrote hailed my journalism.

TSB special shouts outs to Marcy “EmptyWheel” Wheeler, is being what true journalist and journalism is looking like thepeoples!

TheShadowBrokers, brokers of shadows.

As I noted at the time, I really didn’t need or appreciate the shout-out. I wrote a serious post analyzing that TSB post, but mostly I was trying to tell TSB to fuck off and leave me alone.

That was months after I told the FBI that I thought that someone I knew, whom I will refer by the pseudonym “Phil,” might be the voice of TSB, and less than a week after I got a Psycho-themed threat I deemed worthy of calling the cops.

As I laid out here, I told the FBI that months before Phil had left a comment on my site on July 28, 2016, signed [email protected], he had done some paranoid things starting on June 14, 2016, including making multiple references to ties he claimed to have with Russia. He then attended a Trump rally on August 13, 2016, taking pictures he would later suggest were really sensitive.

In addition to my suspicions about Guccifer 2.0, I also told the FBI that I suspected Phil was part of the operation that had been dumping NSA exploits and other records on the Internet starting in August 2016.

Unlike with Guccifer 2.0, Phil never signed a comment at the site under the name TSB — though on September 21, 2017, someone left a comment asking for my opinion about the ways the government was pursuing TSB.

‘Merican

September 21, 2017 at 1:58 am

Is what you say easier get FISA than Criminal warrant or FISA keep secret from rest of government, but Criminal warrant maybe not? FBI is not intelligence agency is law enforcement agency why have access FISA? You write many articles about the shadow brokers, what you think FISA or Criminal for the shadow brokers? You thinking anyone in US government is looking for the shadow brokers? US government not even say name “name that shall never be spoken”. What is best way discover national security letter sent to your service provider? …asking for a friend!

I thought Phil might be TSB, in part, because Phil had said almost identical things to me in private that TSB said publicly months later. There were other things in TSB’s writing that resonated with stuff I knew about Phil. And while Phil and I never (as far as I recall) talked about TSB, at least once he did say some other things that went a long way to convincing me he could be TSB; I thought he was seeking my approval for what TSB was doing, approval I was unwilling to give.

There are, however, public exchanges between the persona TSB and me, in addition to that shout out in what turned out to be TSB’s swan song.

For example, after I wrote a post on January 5, 2017 wondering why the government hadn’t included TSB in any of its discussions of election year hacking, TSB tweeted to me, complaining that I had described TSB as “bitching” about the coverage, rather than calling it “trolling.” (Note, the language in these screen caps reflects the language used by the people who first archived these tweets, so don’t go nuts about the Russian.)

TSB then RTed my article, suggesting other outlets were complicit for not asking the same questions.

The first tweet, at least, didn’t adopt the fake Borat voice that TSB used to mask a very fluent English, though I think there were some other tweets TSB sent that day where that may be true as well. In neither of these tweets did TSB mock me for misspelling “Whither” (the post’s title originally spelled it “Wither”); that’s a bit odd, because TSB rarely passed up any opportunity to be an asshole on Twitter.

Then, on July 18, 2018, after I had revealed I had shared information with the FBI, someone started a Twitter account under the name LexingtonAl that ultimately claimed to be — and was largely viewed as, by those who followed it — TSB (the persona deleted most tweets in February 2019, but many are saved here). Starting in December 2018, Lex and I had several exchanges about what TSB had actually done. 

Here’s my side of one from that month where I pointed out a problem with Lex’s claim that TSB consisted of just three contractors who leaked the files to reveal US complicity with tech companies to other Americans. The claim didn’t accord with having sent the files to WikiLeaks (as both WikiLeaks and TSB claimed in real time).

At the time, Lex went on an anti-Semitic rant about things he hated. Assuming that Lex is TSB (as he claimed), I got demoted from being TSB’s favorite journalist to third on the list of things Lex hated.

Note: when I interacted with Phil, he was never anti-Semitic (though he was a raging asshole when angry), but Lex was clearly even more disturbed than Phil was in the period when I interacted with him.

Then, in January, Lex bitched (again, in anti-Semitic terms) about a post I had done noting that, given Twitter’s poor security at the time, the Twitter DMs that Hal Martin allegedly sent Kaspersky might have served to frame him.

The post had noted that the early TSB posts — including a number sent after Martin was arrested — had relied on similar cultural allusions as the DMs sent from Martin’s Twitter account. Shortly thereafter the FBI arrested Martin in a guns-wagging raid on his home in Maryland. Per this Kim Zetter story, the Tweets had mentioned the 2016 version of Jason Bourne and Inception. I reiterated that on Twitter.

It was a factual observation supported by the content of the earlier TSB posts, not a comment about any spookiness behind the release of the files.

I asked why TSB was so defensive about having those cultural allusions called out.

Lex responded with another anti-Semitic rant.

I responded,

Finally, in February 2019, Lex invoked me — including that I had “had a breakdown and outed her source” — sort of out of the blue in the middle of what might be called his claimed doctrine behind the leaks.

I noted that if his claimed doctrinal explanation were true, then TSB would have done a victory lap (and stopped dropping files) when Microsoft President Brad Smith started advocating for a Digital Geneva Convention in February 2017, which would have brought about an end to the practice that, Lex claimed, was his reason for dumping the files.

Not only didn’t TSB mention that in real time (instead choosing to exacerbate the tensions between the US and Microsoft), but TSB kept dropping files for six months after that.

Lex responded with another attack.

I have far less evidence that I could share to prove that TSB or Lex are Phil. But little noticed in the midst of TSB’s widely-discussed obsession with Jake Williams, a former NSA hacker whom TSB probably tried to frame as the source of the files, TSB also had an obsession with me — and certainly took notice when I revealed that I had gone to the FBI.

All that said, virtually all of these communications post-dated the time when I went to the FBI.

I went to the FBI in the wake of the WannaCry attack. The attack, reportedly a North Korean effort to make use of the tools dropped by TSB that went haywire, ended up causing a global worm attack that shut down hospitals and caused hundreds of billions of dollars in damage. When I have alluded to the ongoing damage I was trying to prevent, that’s what I mean: the indiscriminate release of NSA exploits to the public which, in that case, literally shut down hospitals on the other side of the world. 

There’s no defense for that.

While I had been trying to find some way to share my concerns long before that, I may never have met directly with the FBI about any of my suspicions except for another detail: I learned that there was a forensic tie between the Guccifer 2.0 and TSB personas. While, at the time, I had moderate confidence about both my belief that Phil had a role in the Guccifer operation and moderate confidence that he was TSB, when I learned there was a forensic tie between the two of them, it increased my confidence in both. 

A strong caveat is in order: the forensic tie isn’t decisive; it could be insignificant, or untrue.

The forensic tie is that someone logged into one of the Guccifer 2.0 accounts — I think the WordPress account — using the same IP address as someone who logged into the early staging sites — either Pastebin or GitHub — for the TSB operation.

If someone using the same IP address accessed both sites — probably using a VPN — it could mean either that the same person was involved, or whoever staged these things was doing little to cover their tracks and outsiders were accessing their infrastructure. One of the people who told me about this forensic tie interpreted it as a deliberate attempt to tie the two operations together, sort of yanking the government’s chain.

I learned of this forensic tie from multiple people, all of whom are credible. That said, I can’t rule out that they learned it from the same person. No one has reported on this in the years since these operations, even though I’ve tried to get better sourced journalists to go chase it down. Indeed, I recently learned that a top outside expert on issues related to TSB did not know this forensic detail.

The FBI had to chase down a lot of weird forensic shit pertaining to these influence operations, because that’s how this kind of operation works. I have noted in the past, for example, that some script kiddies tried to hijack an early Guccifer 2.0 email account; that was investigated by a Philadelphia grand jury in spring of 2017. So this forensic tidbit could be similarly unrelated to the people behind the operation.

So I don’t want to oversell this forensic tie. I do want to encourage others to try to chase it down. 

But it was something that significantly influenced my understanding of all this in 2017, when files released by TSB had just caused the worst damage of any cyber attack in history, to date.

When I mentioned the forensic tie during my FBI interview, the lead agent responded that they couldn’t confirm or deny anything during the interview. I wasn’t there to get confirmation.

Still, if it’s true — given what we’ve learned since about the Guccifer 2.0 operation — it is hugely significant.

TSB started staging its release — per this really helpful SwitHak timeline — on July 25, the same day Trump directed people to get Roger Stone to chase down the next WikiLeaks releases. The first files were encrypted on August 1, after Stone had already pitched Paul Manafort on a way to “save Trump’s ass.” TSB loaded the NSA files on GitHub just after Stone published a piece suggesting that Guccifer 2.0, and not Russia, had hacked the DNC. TSB went live overnight on August 12-13, not long after Guccifer 2.0 publicly tweeted to Stone, “Thanks that u believe in the real #Guccifer2.” WikiLeaks publicized the effort on August 15, after some private back and forth between Guccifer 2.0 and Stone, including Guccifer 2.0’s question, “thank u for writing back . . . do u find anyt[h]ing interesting in the docs i posted?” And, per the SSCI analysis and my own, WikiLeaks helped to boost TSB the same day Jerome Corsi may have started giving Roger Stone advance information about the content of the John Podesta emails that wouldn’t be dropped for another two months (SSCI appears not to have considered, much less concluded, that Guccifer 2.0 might be Stone’s source).

If the forensic tie between Guccifer 2.0 and TSB is real, it means that during precisely the same period when Roger Stone was desperately trying to optimize the release of the John Podesta files to save his buddies Paul Manafort and Donald Trump, related actor TSB was beginning a year-long effort to burn the NSA to the ground.

(Part of) What I Shared with the FBI

On July 28, 2016, something happened that would eventually lead me to the FBI.

I’m going to explain part of that story now. I’m explaining it for several reasons. I had promised myself I wouldn’t let another election pass without sharing what happened. Even now, I can’t entirely make sense of it — that was part of the point, confusion. But the release of documents in the wake of the Mueller investigation has provided a great number of public details (some of which I laid out in my Rat-Fucker Rashomon series) with which this story might be consistent. I can’t prove that this story explains the unanswered questions about the Roger Stone story (and Bill Barr’s intervention in the Stone sentencing seems to have shut down some parts of any ongoing investigation to do so). But at least I can share details that may provide an explanation.

It started with a several-day dispute about attribution, starting on July 26, 2016, which included discussions about Guccifer and Crowdstrike. A guy I will refer to by the pseudonym Phil and I were texting on Signal debating that attribution. On the 27th, Phil disputed the Crowdstrike report that APT 28, which had done the hack, was GRU, “Russia didn’t write this APT damnit.”

I told him, vaguely, that I knew that entities external to both the DNC and Crowdstrike had evidence confirming the GRU attribution. I had a well-placed source who knew Phil was wrong. He seemed not only sure he could convince me otherwise, but intent on learning what I knew, which I didn’t share.

The next day, July 28, 2016, Phil made up an excuse for wanting me to tell him what his IP address was–it was a bullshit excuse and doesn’t matter for the purpose of this story. “Can you see an ip on your website,” he asked. “Yeah I can get logs.” I said, “Easiest obviously is fr a comment.” (I was wrong about my ability to see the IP address, and he may have known that, because he had been testing how requests to my site worked for months.) “Now,” he said, as he left a comment. 

I forgot about the request until the next day, July 29, when another of the people who can approve first-time comments at the site emailed me with the comment, which had been posted moments after he had told me, “Now.” “I debated about approving that comment by icelanderia in DNC Hack sourcing post,” the person said. “But didn’t because of the email addy attached to it.” To readers of the public site, the comment read, “Just one phrase. Show me the metadata.” It was signed “Icelanderia.” Visible only to those of us with backstage access, however, it was signed [email protected]

Much later, Phil told me he liked leaving comments at my site as a, “Great outlet to talk to my usg pals.” Until late 2017, we kept getting comments at the site which were consistent with disinformation deliberately left in the first Guccifer 2.0 releases, but which might or might not have been him.

But I knew that first one, [email protected] was Phil, purportedly left to find out what IP address his comments would show up as. He never did follow up to ask me whether I could see his IP address. And so I was left trying to figure out why the hell he signed a comment with the name of the persona who was trying to obfuscate what really happened with the DNC hack.

Normally, I don’t think twice about comments left at my site under obviously fake names. Lots of people choose not to use their real email addresses when leaving comments at this site. Unsurprisingly, we’ve had a ton of comments claiming to use NSA email addresses. And from time to time — though, given how chummy and long-established emptywheel’s comments section is and how closely we moderate obvious trolls, not all that often — people try to get funny with their log-in names. 

In this case I did take notice. I did so, partly, because of how he had left it, giving me a heads up that it was him, but doing so in such a way that only I would know it was him (as noted, he never did ask me what IP he had come in under and, as I said, I was never able to determine that). But it also made me rethink stuff that had happened between us going back to fall 2015 and earlier, especially because of what had happened starting on June 14, 2016, the day that the Democrats publicly announced they had been hacked by the Russians, when he tried to get me to change my operational security even as he seemed to be debating about going forward with something, which he referred to in terms of “tapping out.”

On June 14, 2016, the same day the Washington Post reported that the DNC had been hacked by Russia, Phil called me up and asked me to delete notes of conversations we had had going back to December 2015, notes telling a story about his life and motivations for being angry with the government that he had wanted me to tell after he died, which he claimed — starting in December 2015 — was going to be imminent. The next day, he claimed he believed he was being investigated by the FBI for the way he had narced out some people in April, which was his explanation for escalating levels of paranoia. That same day, he asked me to shift our comms to the Silent Circle text service, which would have put the texts beyond the reach of US law enforcement. This was at least the fourth effort he had made to shift to more secure comms than Signal and PGP email with me, including a highly inappropriate suggestion earlier that spring; each time, including this one, I blew off the request, because I didn’t believe these conversations were that sensitive or interesting. 

Starting at 3:12PM on June 21, the weirdness resumed. He asked me to change my PGP key, inventing a bullshit excuse, while explaining he was flipping his own keys. He showed me a traceroute on my site he had done, reflecting my recent addition of Cloudflare to protect the site (he had concocted an earlier traceroute in May 2016 that–I’m certain–was designed to make me paranoid). He advised me that when using a VPN, one should always choose a Swiss or even a Russian server. He told me he worked for a company owned by FSB’s founding fathers. 

Around 8:12PM on June 21, he claimed, “I am getting DDOSed like a motherfucker–is it you or ‘Gucifer’?” 

As far as I knew, he had no website to be DDOSed. As he surely knew, I didn’t have the capability to DDOS anything. It was just word salad invoking the newly unveiled GRU persona, but amid the other weirdness I didn’t make too much of it.

He then called me and repeated much of the story he had told me over the past six months, the story the notes of which he had, just a week earlier, asked me to destroy. In that retelling of the story, he would include several details about Russia (on top of the FSB founding fathers comment). He described a meeting he attended months before, overseas, one that (he claimed) members of Russian intelligence had also attended, where he had been physically beat up. Before that June 21 conversation, he had told me a version of that overseas meeting story at least 6 times, including telling me about the meeting in real time (in just two of those tellings do I remember him mentioning Russian intelligence, and precisely who in Russian intelligence he said attended was inconsistent). I’m not attesting that his claims about the meeting were true, I’m describing that he kept telling me about the meeting over the course of more than six months. 

Another detail in that June 21 conversation was the way he insisted to me, as he had at least once before June 14, almost plaintively, that he hates Russia. Phil told me that two of his most cherished possessions were trophies from interactions with Russia. At the time, I didn’t understand why he felt it was so urgent to convince me he really did hate Russia, but after the fact it seemed to be an effort to excuse himself, like emphasizing that he had been physically beaten.

There was a third story, too, another story about an interaction with Russia more alarming than the others, another one he had told me once prior to June 14. The story involved a moment when Russians held “a gun to [his] head.” I believe the story, as he told it to me, was a well-rehearsed lie, one he had told others. But if the lie served to explain away something else, it would be the kind of thing that might mean his comment might not be a joke, that he might have a role in the Guccifer 2.0 operation. 

In June, this felt somewhat stalkerish. I still had no idea why he was telling me this, aside from the fact he wanted me to tell the story of his grievances with the government, but he was also in a bad place and I was trying to make sense of it. The next day, June 22, between 12 and 5PM ET, we spoke again on and off. When I suggested I might be under surveillance to see how he’d react, he said there were no rules, saying that no one could back out of a deal (I had no idea what deal he was talking about). “360 degress of no rules, tap out is not an option unless (Apparently) you are a politician. But even then…”

The next day, June 23, just after 5PM, he told me he had been contemplating a line from a Cormac McCarthy screenplay: “The world in which you seek to undo the mistakes that you make, is different from the world where the mistakes were made.” He added, within that same hour, “I’m done. I don’t re-decide.” Phil was, obviously, a mess, but he was also done talking about ways out of whatever mess he was in. 

I broke off communication at that point for a period, but a week later, at 6:51PM on June 30, he was back. He told me he had “unfucked his problems.”

As weird as all this was, in those days in June, I was just observing, trying to figure out what had caused the sudden bout of paranoia, and honestly trying to figure out what he wanted out of me. I sure as hell didn’t think, at the time, there was a tie between all that and the DNC hack (remember, he was claiming — probably another lie — that the FBI was investigating him, which I assumed was what all the weirdness was about). 

But when I remembered all this on July 29, it made me reconsider whether there was a tie. As I’ve alluded to publicly in the past, it is why I spent six months on my part to test the Russian attribution for myself, to decide for myself whether the IC and Crowdstrike, along with people in tech companies and individuals who fought this hack personally with whom I’d spoken — were correct, that it had been the Russians, or whether what I took to be Phil’s suggestion that he or people he knew, without the Russians, may have been involved. Absent such an effort, I assume that certain other people who’ve interacted with Phil have, instead, taken the existence of an American body claiming to have been involved as enough to deny Russian involvement. That may be what happened with Roger Stone.

Once I was convinced about the Russian attribution in December 2016 and given a growing certainty I couldn’t test key parts of this story myself, I began to consider sharing it with the government in a way that protected both my identity and Phil’s. 

As I noted in the title, these events were just one part of the reason I went to the FBI in 2017, and not actually the most urgent reason at the time, nor the one I had most confidence in. There’s another part of the election year attack — one few people know is related — that I believed (and still believe) he may have had a role in, too. Those other parts of this story were, in 2017, an escalating, ongoing threat, which is part of why I ultimately chose to meet with two FBI cyber agents and a prosecutor from DOJ’s National Security Division, to stop ongoing damage if I was right. 

Now, four years later, it’s clear the details Phil shared with me in 2016 might be consistent with several details discovered in the Roger Stone investigation. Indeed, starting in August 2018, Mueller’s team appears to have investigated whether Stone had been co-present, in the US, with someone involved in this operation, and they also appear to have confirmed, after the Mueller team shut down, that Stone met with someone face-to-face at the RNC who gave Stone advance warning of the DNC drop. On July 15, 2016, Phil described to me flying east from the West Coast. 

More interesting still is the way that Phil’s activities over a key weekend in August 2016 overlap with Roger Stone’s. I won’t yet lay out how this timeline looks (I’ll return to it). For now, compare the one I did in this post to the timeline I lay out here. 

On August 12, 2016, the night that Guccifer 2.0 released DCCC documents the timing of which Jerome Corsi had predicted, Phil texted me at 11:32PM and told me he was thinking of going to the Trump rally that was scheduled — inexplicably, from a campaign strategy standpoint — in Roger Stone and Paul Manafort’s home state of Connecticut the next day. “Should I stay or should I go…” he said, but he already had a ticket. At 9:46 AM the next morning, he said it again. “Trump rally [in CT] tonight, thinking of swinging by.”

He did go, and made sure I had abundant contemporaneous record of it. At 4:21PM he told me he was close to the protest venue. At 4:33PM he told me he had put together an IMSI catcher for the event to track where the Secret Service had Stingrays.

Amid those texts, I told him that I had freed up the Guccifer comment at my site; I wanted to see how he’d react. “Haha-the mouthpiece,” he responded. “‘they’ are clueless as I’m fond of saying…” he added, which I took not only as confirmation that he did leave the comment, but also to mean that he believed the authorities misunderstood the Guccifer persona. 

It was an hour, though, before the calls started. From 5:57PM to 6:58PM, he kept calling me and sharing video of what he was doing at a protest close to the rally (as well as a screenshot of the IMSI catcher).

At the time, I thought he was hoping to film himself picking a confrontation with the cops that would go viral. I thought it was really stupid and started ignoring his calls. It was actually years before I reviewed all these videos. When I did, I realized that he was not interacting with any of the protestors. He was, instead, just badgering the cops, in really controlled fashion. He was filming the confrontations so as to catch their name badges. And then, each of several times he did this, he would back off and thank the cops for what they were doing. Those interactions would have left a handful of cops, whose names I’d have, who would have remembered him as the obnoxious guy at an event protesting Donald Trump. 

At 9:59PM, he told me the rally itself was done, he was not in jail, and his phone was intact. He showed me a document that he had picked up at the rally.

The next morning, August 14, at 7:22AM, he texted me a picture to let me know he was in NYC. That was the day Jerome Corsi claims he started a file named “Podesta,” that would eventually become posts that integrated documents publicly released in October. 

Again, I didn’t make much of this, as I didn’t make much of earlier events. 

Except that just over a week later, as part of a conversation from 7:56 to 8:28PM on August 21 (and so hours after Stone’s famous “time in the barrel” comment), he emphasized to me that I was the only one whom he had sent videos from the August 13 protest. Then he said there were more. “I have like 20 more vids before and after no one gets,” he told me. Something was interesting enough, both from before and after he attended the protest of the Trump rally, that was not only worth filming, but that was more sensitive than these protest videos.

Even as Stone and the persona Guccifer 2.0 were chatting away on Twitter over the weekend of August 12, a guy who’d just covertly signed his name “Guccifer2” on my site was at the Trump rally, taking videos of … something.

 Not immediately, but over time, I’ve wondered what might be on those videos.

On January 1, 2017, in the wake of Trump boasting that, “I also know things that other people don’t know,” about the Russian hack, I did a post wondering if what Trump thought he knew was the same thing that Craig Murray believed — that there was an American involved in this operation. I wrote, “I have a suspicion that Trump’s campaign did meet with such a person (I even have a guess about when it would have happened).” I had the rally in mind. Within 30 minutes after I published the post, after having not spoken to me in weeks (he later told me he had been overseas), Phil called me, but hung up before we spoke. 

Indeed, events that the investigation have since made public — including the confirmation that Roger Stone set about getting Julian Assange a pardon no later than 7 days after Trump won the election — made me revisit additional texts from July 29, ones I hadn’t even paid attention to in real time. 

On July 29, 2016 — the same day I was trying to figure out why this guy had just made a big deal of signing a comment guccifer2 — we had another conversation, one I believed at the time was unrelated, a discussion about what motivated Julian Assange. Revenge, I argued: the guy hates Hillary, going back to 2010. “Yes” Phil conceded, “but he has a puppeteer too — IDK who and maybe it’s just $ but.” Again, I was sure this was “sheer retaliation for him.” “You might be right,” Phil responded, “but there’s a political or $ way to get him out — please don’t lose sight of that…” I still didn’t buy it, and asked again why. “B/C if ‘I’ wanted badly enough for him to release that data in a manner that benefitted me, I could get him out and he’s damn sure in prison — where people do desperate things.”

On that day in July 2016, no one in public knew there’d be a second dump. Certainly, no one knew that, on that day and the next, Roger Stone was in conversations with Trump’s campaign manager planning how to optimize the next dump. “Good shit happening,” Stone told Manafort just over an hour before this exchange, before the old friends spent 67 minutes on the phone together on July 30, their longest conversation of the year. No one knew that Stone would turn immediately to getting Assange out of the Embassy at least as early as November 15, probably even before. 

But Phil, who had just made sure I knew he signed a comment Guccifer2, seemed to be sure of it before it all started. 

Rat-Fucker Rashomon: Guccifer 2.0 the Go-Between

Fresh off the weekend of Roger Stone’s trial, prosecutors got Rick Gates to testify, and then called former FBI Agent Michelle Taylor back on the stand. Ostensibly, they needed to call Taylor to introduce a transcript of a scene from Godfather II that Stone kept using to try to convince Randy Credico to lie to the House Intelligence Committee, something that the two sides had been debating throughout the first week of the trial.

But the first thing prosecutors did when they got their FBI witness back on the stand was to bring Guccifer 2.0 into it.

Q. When you first testified last week, do you remember testifying about the release of some emails of the Democratic National Committee by an organization called WikiLeaks on July 22nd, 2016?

A. Yes, I do.

Q. What was the name of the online persona or figure who took credit for hacking or obtaining those documents from the Democratic National Committee?

A. Guccifer 2.0.

Q. During Mr. Stone’s testimony before the House Intelligence Committee, was he asked about that persona, Guccifer 2.0, and that alleged hack?

A. Yes, he was.

MR. ZELINSKY: I would like to publish now, please, for the witness and the jury, what’s been admitted as Government’s Exhibit 1. This is page 28 of Government’s Exhibit 1.

BY MR. ZELINSKY: Q. Ms. Taylor, I want to direct your attention to the portion of — oh, and, Ms. Taylor, just to remind the jury, what is Government’s Exhibit 1?

A. This is a transcript of Mr. Stone’s testimony before HPSCI.

Q. I’ve put on the screen in front of you page 28 of the transcript. Can you read for us, please, the question and answer that I have highlighted there?

A. “MR. SWALWELL: In 2016, August of 2016, you and the American public are aware, from press reporting, that Russia is accused of hacking democratic emails, is that — “MR. STONE. Yes.”

Q. I want to direct your attention now to page 29, the next page of the same exhibit. Can you read, please, the question and answer that I’ve highlighted on page 29 of Government’s Exhibit 1, the transcript?

A. “MR. SWALWELL: It took me a while, too. “Were you aware when you wrote that article, the Breitbart one, that Guccifer 2.0 was assessed by the Intelligence Community as a cutout for the Russian intelligence services? “MR. STONE: I was aware of that claim, but I don’t subscribe to it. There’s a substantial amount of information you can find online that questions that. I realize it’s an assertion, but as I said in my statement, our intelligence agencies are often wrong.”

Q. Finally, Ms. Taylor, I would like to direct your attention to page 113, bottom of 113 to the top of 114 of the same exhibit, the transcript. First, can you read for us, please, the question that starts at the bottom of page 113 of the transcript?

A. “MR. SCHIFF: Mr. Stone, you’ve acknowledged that it’s the conclusion of the intelligence community that Guccifer 2 is a cutout of the Russian intelligence agencies.”

Q. And Mr. Stone’s response?

A. “MR. STONE: They have said that, yes.”

Mind you, Guccifer 2.0 had been mentioned earlier in the trial, as when Taylor read off HPSCI communications with Stone or Randy Credico’s texts with Stone mentioning the persona, as well as legal debates outside the presence of the jury. Prosecutors also had Taylor present two Guccifer 2.0 posts that were published on the same days as calls involving Stone, June 15 and June 30, in the latter case, a call to Trump.

Q. Can you please read for us the first two sentences of the Guccifer 2 Word Press post from June 15th, 2016?

A. Sure. “Worldwide known cyber security company CrowdStrike announced that the Democratic National Committee, DNC, servers had been hacked by sophisticated hacker groups. I’m very pleased the company appreciated my skills so highly, but, in fact, it was easy, very easy.”

[snip]

Q. Did this same author, Guccifer 2.0, post another message about the hack a few weeks later?

A. He did.

Q. I’d like to publish now, please, for the witness and the Court — and the jury, excuse me, Government’s Exhibit 150, which appears at tab 4 of your binder. What is Government’s Exhibit 150?

A. This is another Word Press post by Guccifer 2 dated June 30, 2016.

Jonathan Kravis would remind the jury how the latter post coincided with a call between Stone and Trump in his closing arguments.

And Stone’s lawyers raised the persona a few times, in their opening, in cross examination, and their close.

But this was the first time prosecutors directly addressed Stone’s claims and communications about Guccifer 2.0, as opposed to with Trump or — via a never identified go-between — with WikiLeaks.

In the prosecution prior to this point, as in most of these Roger Stone stories, the WikiLeaks story was kept remarkably distinct from the Guccifer 2.0 story.

Of the four stories told about Roger Stone, two adopt a structure that treat Stone’s communication with Guccifer 2.0 and WikiLeaks in parallel: there are a handful of communications between him and Guccifer 2.0 (pages 194 to 196 of the SSCI Report, one paragraph on page 44 of the Mueller Report), and a separate discussion of Stone’s attempts to optimize the WikiLeaks releases (pages 221 to 252 of the SSCI Report, pages 51 to 59 of the Mueller Report).

The affidavits show that initial investigative work focused on Guccifer 2.0, not WikiLeaks. The way in which later affidavits present these issues changed over time. But many of them separate Stone’s “Public interactions with Guccifer 2.0 and WikiLeaks” from the (later) “Private Twitter Direct Messages with WikiLeaks and ASSANGE.” The affidavits generally stopped mentioning Stone’s private DMs with Guccifer 2.0 in March 2018.

That parallel structure applies to the indictments, too. Stone gets his own paragraph, ¶44, in the GRU indictment. But the Stone indictment makes absolutely no mention of Guccifer 2.0. The government declared Stone’s prosecution a “related case” to the GRU one, meaning the same judge — Amy Berman Jackson — would preside. Stone’s team unsuccessfully objected. Prosecutors explained the designation, in part, because, “Certain Netyksho defendants, through a fictitious online persona they created, Guccifer 2.0, also interacted directly with Stone concerning other stolen materials posted separately online.” Ultimately, ABJ denied Stone’s attempt to dissociate the case. Stone made an equally unsuccessful attempt to make the Russian attribution more central to the case, even addressing his communications with Guccifer 2.0. Ultimately, however, the case was totally separate.

And yet, just before it closed their case, the government got their FBI witness to review the part of Stone’s HPSCI testimony where he acknowledged that the intelligence community had assessed that Guccifer 2.0 was a cut-out for Russian intelligence.

In response, Stone’s attorney Bruce Rogow got Taylor to confirm that she didn’t know independently whether Guccifer is Russian and “was not aware” of any other communications between Stone and Guccifer 2.0, something he tried unsuccessfully to emphasize in his close.

Q. Good morning, again, Ms. Taylor.

A. Good morning.

Q. Do you know, independently, whether or not Guccifer is Russian?

A. I don’t.

Q. Did Mr. Stone turn over his communications with Guccifer that he mentioned in the transcript?

A. He did.

Q. Did you find any other communications between Mr. Stone and Guccifer?

A. I’m not aware of any.

Taylor’s response was the same one the Mueller Report gave, in that sole paragraph on Stone’s communications with Guccifer 2.0 referenced above. A sentence that has been unsealed since the original release reads, “The investigation did not identify evidence of other communications between Stone and Guccifer 2.0,” beyond the DMs in August and September, 2016. Earlier in that paragraph, however, a previously redacted passage reveals the significance of it. “After the GRU had published stolen DNC documents through Guccifer 2.0, Stone told members of the Campaign that he was in contact with Guccifer 2.0,” which it cites to this almost entirely redacted passage in a Rick Gates interview, a passage that seems to discuss events that predate the July 22 DNC release.

SSCI has read this unredacted 302, and they assess (as I have in the past, about a different 302) that Gates was just confused between the illusory deleted Clinton emails and actual advance knowledge of emails.

FBI, FD-302, Gates 4/10/2018. The Committee assesses· that, at this time, the references to Clinton’s “emails” reflected a focus on allegedly missing or deleted.emails from Clinton’s personal server during her tenure as Secretary of State.

But in context, the unredacted passage in the Mueller Report suggests that Stone told Gates — and others — that he spoke to Guccifer 2.0 before those known August and September exchanges.

This is a question that prosecutors might have asked Gates to testify about publicly. As noted, his testimony directly preceded Taylor’s second trip to the stand. Rather than ask for clarification on that question, though, Aaron Zelinsky instead had Gates describe how, on June 15, in the wake of the DNC announcement that it had been hacked by Russia (and, though Zelinsky didn’t say it, the launch of the Guccifer 2.0 site), Stone asked for the phone numbers of Jared Kushner and one other staffer “to debrief them on the developments of the DNC announcement.” Indeed, Zelinsky treated this as entirely a discussion about WikiLeaks’ upcoming leaks, not Guccifer 2.0’s existing one.

Q. During the balance of June — we’re still in June of 2016 — did you continue to discuss WikiLeaks with Mr. Stone?

A. Yes, off and on.

Q. Why did you continue, in June, to continue to discuss WikiLeaks with Mr. Stone?

A. Because at that point, both myself and Mr. Manafort didn’t believe the information was coming because it still hadn’t come out. And Mr. Manafort had asked me from time to time to check with Mr. Stone to see if the information was still real and viable.

Q. And when you say the “information,” you mean releases from WikiLeaks; is that correct?

A. That’s correct.

As for Agent Taylor’s response to Bruce Rogow’s question — that she was not aware of any other communications between Guccifer 2.0 and Stone besides the DMs he shared with HPSCI — she might not be aware of any late-discovered communications between Stone and Guccifer 2.0 beyond those he shared with HPSCI even if there were any. She testified that her role on “that piece” of the investigation — meaning the investigation of Roger Stone — was as a case agent.

Q. Ms. Taylor, in the course of your work with the FBI, was there a time in your career when you were assigned to work on the investigation led by then Special Counsel Robert Mueller?

A. Yes.

Q. And in particular in the course of your work on the special counsel’s investigation, did you participate in the piece of the investigation that concerned the defendant in this case, Roger Stone?

A. Yes, I did.

Q. What was your role on that piece of the special counsel’s investigation?

A. I was one of the case agents on the investigation of Mr. Stone.

According to Andrew Weissmann’s book, though, her primary role on Mueller’s team wasn’t on the Stone team, she was the lead agent on the obstruction team (which, given the involvement of Andrew Goldstein in certain interviews in fall 2018, was closely involved in investigating Roger Stone’s witness tampering and cover story as part of the obstruction piece). Taylor wrote none of the affidavits targeting Stone. Additionally, she had left the FBI months before the trial, in August 2019, so she also wouldn’t have been included in an interview conducted over the weekend of the trial (possibly with Andrew Miller, Stone’s aide who had managed his schedule at the RNC, where Stone appears to have gotten advance notice of the DNC leak).

So even with Taylor on the stand, Bruce Rogow may not have been able to discover — much less convey to the jury — the government’s full understanding of what Guccifer 2.0’s relationship with Stone was … not what it was when other FBI agents wrote affidavits hiding part of the investigation from him a year earlier, not what it was when they obtained Andrew Miller’s testimony weeks after the release of the Mueller Report, not what it was after that last interview on November 9, 2019, over seven months after the completion of the Mueller Report and smack dab in the middle of the trial.

Indeed, when he was standing there asking the question of Mueller’s lead agent from the obstruction team about communications between his client and Guccifer 2.0, Rogow would know that the FBI had found searches, starting on May 17, 2016, that seemed to indicate that Stone had foreknowledge of the Russian hack-and-leak; Stone had received those two warrants (one, two) in discovery. But Rogow would not know — because it was among the 15 warrants that the government had withheld, in part, to hide the full scope of the investigation from Stone — that two minutes after the FBI obtained a warrant for Stone’s cell site location from June 14 to November 15, 2016, in part to confirm whether Stone had done the searches indicating foreknowledge of the Guccifer 2.0 operation and in part to figure out whom he met with on August 3, 2016 in LA when he would later claim to have been dining with Julian Assange — a different FBI agent, one likely tied to the GRU investigative team, obtained a search warrant for an email that Guccifer 2.0 set up on July 23, 2016. That email was set up the day after the DNC drop, and perhaps not coincidentally, on the last day on which Stone may have deleted his Google search history, hiding those earlier searches showing foreknowledge of the Russian operation.

Up to that moment when former Agent Taylor discussed Stone’s HPSCI testimony confirming he knew the intelligence community believed Guccifer 2.0 to be a Russian cut-out, Stone’s trial was about his lies about who his go-between with WikiLeaks was, not about truths and lies he may have told about Guccifer 2.0.

Unless Guccifer 2.0 was that go-between.

In any case, the trial was, ultimately, about Guccifer 2.0, because some of the evidence prosecutors used to prove that Stone spoke with the campaign about a go-between to WikiLeaks involved Guccifer 2.0. In addition to the disclosure that Stone spoke to Trump before the June 15 and after the June 30 Guccifer 2.0 posts, the trial made something else public for the first time, something that had been a key detail in the affidavits, and would be in the SSCI Report, but which was not one included in the Mueller Report (or Stone’s indictment).

At 8:16AM on August 15, Corsi texted and then at 8:17 AM Corsi emailed Stone the same message, telling him there was “more to come than anyone realizes”:

Appearing in the midst of a story about Stone’s lies about his go-between with WikiLeaks, the texts and emails are fairly innocuous. Though the SSCI Report does seem to believe Corsi’s story that this moment — and the 24 minute call between Corsi and Stone at 12:14PM on August 15 — is when Corsi told Stone about what the Podesta files would include.

(U) The Committee is uncertain how Corsi determined that Assange had John Podesta’s emails. Corsi initially explained in an interview with the SCO that during his trip to Italy, someone told him Assange had the Podesta emails. Corsi also recalled learning that Assange was going to “release the emails seriatim and not all at once.”1572 However, Corsi claimed not to remember who provided him with this information, saying he could only recall that “it feels like a man” who told him.1573

(U) Corsi further recalled that on August 15, after he returned from Italy, he conveyed this information to Stone by phone.1574 According to Corsi, the information was new to Stone. Stone seemed “happy to hear it,” and the two of them “discussed how the emails would be very damaging” to Clinton. 1575 Corsi also reiterated by both text and email to Stone on August 15 that there was “[m]ore to come than anyone realizes. Won’t really get started until after Labor Day.”1576

But that’s only so long as you keep the Guccifer 2.0 story separate from the WikiLeaks story, as the SSCI and Mueller Reports do.

If you combine those stories, though, here’s what a partial timeline looks like:

August 2, 2016: Corsi informs Stone that “the hackers” will release one dump shortly after he returns on August 12 and another in October; he also mentions Podesta.

August 3, 9:12AM: Stone emails Manafort to tell him about, “an idea to save Trump’s ass.”

August 4: Stone tells Sam Nunberg that he dined with Assange the night before (he had been in LA).

August 5: Stone flip-flops on prior public statements backing the Russian attribution, writing a column declaring that Guccifer 2.0, not Russia, did the DNC hack.

August 9: Both Julian Assange and Stone start pushing the Seth Rich conspiracy.

August 12, 5:41PM: Guccifer 2.0 releases DCCC docs, fulfilling the timing (but not the outlet) that Corsi predicted.

August 12, 6:31PM: Guccifer 2.0, Emma Best, and WikiLeaks begin a discussion about exclusivity on the DCCC documents for WikiLeaks.

August 12, 10:16PM: Guccifer 2.0 says he’ll send major trove of DCCC documents to WikiLeaks; WikiLeaks never publishes any DCCC documents.

August 12, 10:23PM: Guccifer 2.0 publicly calls out Stone, “Thanks that u believe in the real #Guccifer2.”

August 13, 10:19AM: Corsi texts Stone: “Call when you can.”

August 13, 10:42AM: WikiLeaks tweets “‘@Guccifer_2’ has account completely censored by Twitter after publishing some files from Democratic campaign #DCCC”

August 13, 11:15AM: Stone tweets, “@wikileaks @GUCCIFER_2 Outrageous! Clintonistas now nned to censor their critics to rig the upcoming election.”

August 13, 7:29PM: Stone tweets, “@DailyCaller Censorship ! Gruccifer is a HERO.”

August 14, 12:58PM: Guccifer 2.0 tweets, “#Guccifer2 Here I am! They’ll have to try much harder to block me! #DNCleak #dccchack”

August 14 (unknown time): Stone DMs Guccifer 2.0: “Delighted you are reinstated.”

August 14 (unknown time, per Corsi article): Corsi starts a file called “Podesta.”

August 15, 1:33AM: Stone tweets about Podesta for the first time ever, seemingly in response to NYT story on black ledger implicating Manafort: “@JohnPodesta makes @PaulManafort look like St. Thomas Aquinas Where is the @NewYorkTimes?”

August 15, 8:16 and 8:17 AM: Corsi texts and emails Stone, “More to come than anyone realizes.”

August 15, 12:14PM: Corsi and Stone speak for 24 minutes.

August 15, 2016 (unknown time): Guccifer 2.0 DMs Stone: “thank u for writing back . . . do u find anyt[h]ing interesting in the docs i posted?”

So long as the WikiLeaks story is kept separate from the Guccifer 2.0 one, that August 15 DM from Guccifer 2.0 to Stone appears to be a question about the DCCC emails posted on August 12, and so, as Stone claimed, totally innocuous. But given the evidence that Corsi and Stone acquired advance knowledge of the content of select Podesta emails by August 15 — particularly given Stone’s claim, reportedly made before July 22, to have been in touch with Guccifer 2.0 and his apparent foreknowledge of the GRU personas — that August 15 DM appears to be a comment on the Podesta files.

That is, that August 15 was not innocuous at all. It appears to have been, rather, the GRU’s persona asking Stone whether he liked what he had received in advance.

 


The movie Rashomon demonstrated that any given narrative tells just one version of events, but that by listening to all available narratives, you might identify gaps and biases that get you closer to the truth.

I’m hoping that principle works even for squalid stories like the investigation into Roger Stone’s cheating in the 2016 election. This series will examine the differences between four stories about Roger Stone’s actions in 2016:

As I noted in the introductory post (which lays out how I generally understand the story each tells), each story has real gaps in one or more of these areas:

My hope is that by identifying these gaps and unpacking what they might say about the choices made in crafting each of these stories, we can get a better understanding of what actually happened — both in 2016 and in the investigations. The gaps will serve as a framework for this series.

Rat-Fucker Rashomon: Getting the “Highest Level of Government” to Free Julian Assange

On June 10, 2017, according to affidavits submitted as part of the Mueller investigation, Roger Stone DMed Julian Assange and told him he was doing everything he could to “address the issues at the highest level of Government.”

57. On or about June 10, 2017, Roger Stone wrote to Target Account 2, “I am doing everything possible to address the issues at the highest level of Government. Fed treatment of you and Wikileaks is an outrage. Must be circumspect in this forum as experience demonstrates it is monitored. Best regards R.” Target Account 2 wrote back, “Appreciated. Of course it is!”

On June 19, 2017, according to the Mueller Report, the President dictated a message for Corey Lewandowski to take to Jeff Sessions, telling the (recused) Attorney General to meet with Robert Mueller and order him to limit his investigation only to future election meddling, not the election meddling that had gotten Trump elected.

During the June 19 meeting, Lewandowski recalled that, after some small talk, the President brought up Sessions and criticized his recusal from the Russia investigation.605 The President told Lewandowski that Sessions was weak and that if the President had known about the likelihood of recusal in advance, he would not have appointed Sessions.606 The President then asked Lewandowski to deliver a message to Sessions and said “write this down.” 607 This was the first time the President had asked Lewandowski to take dictation, and Lewandowski wrote as fast as possible to make sure he captured the content correctly.608 The President directed that Sessions should give a speech publicly announcing:

I know that I recused myself from certain things having to do with specific areas. But our POTUS . .. is being treated very unfairly. He shouldn’t have a Special Prosecutor/Counsel b/c he hasn’t done anything wrong. I was on the campaign w/ him for nine months, there were no Russians involved with him. I know it for a fact b/c I was there. He didn’t do anything wrong except he ran the greatest campaign in American history.609

The dictated message went on to state that Sessions would meet with the Special Counsel to limit his jurisdiction to future election interference:

Now a group of people want to subvert the Constitution of the United States. T am going to meet with the Special Prosecutor to explain this is very unfair and let the Special Prosecutor move forward with investigating election meddling for future elections so that nothing can happen in future elections.610

Days after Roger Stone told Julian Assange that he was trying to resolve matters at the highest level of government, the President of the United States tried to issue a back channel order that would shut down the investigation into Assange — and by association, Stone.

According to Lewandowski, neither he nor Rick Dearborn (on whom he tried to pawn off the task) actually delivered the message. But according to Andrew Weissmann, when he and Jeannie Rhee first got briefed on the investigation into how Russia released the documents it had stolen around that time, they learned no one was investigating it.

This effort didn’t start in June 2017, though. It started at least seven months earlier.

The SSCI Report reveals that the day before the Podesta emails got released, Stone probably had a six minute phone call with the candidate via Keith Schiller’s phone.

On the afternoon of October 6, Stone received a call from Keith Schiller’s number. Stone returned the call about 20 minutes later, and spoke-almost certainly to Trump–for six minutes.1663 The substance of that conversation is not known to the Committee. However, at the time, Stone was focused on the potential for a WikiLeaks release, the Campaign was following WikiLeaks’s announcements, and Trump’s prior call with Stone on September 29, also using Schiller’s phone, related to a WikiLeaks release. Given these facts, it appears quite likely that Stone and Trump spoke about WikiLeaks.

The SSCI Report and the affidavits reveal that Stone postponed a lunch with Jerome Corsi on October 8 to go meet with Trump.

On or about October 8, 2016, STONE messaged CORSI at Target Account 2, “Lunch postponed- have to go see T.” CORSI responded to STONE, “Ok. I understand.”

According to Mike Flynn, in the wake of the Podesta release, senior campaign officials discussed reaching out to WikiLeaks.

Beginning on October 7, 2016, WikiLeaks released emails stolen from John Podesta, the chairman of Hillary Clinton’s 2016 presidential campaign. The defendant relayed to the government statements made in 2016 by senior campaign officials about WikiLeaks to which only a select few people were privy. For example, the defendant recalled conversations with senior campaign officials after the release of the Podesta emails, during which the prospect of reaching out to WikiLeaks was discussed.

And then, days later, Roger Stone tried to reach out to WikiLeaks — seemingly in response to WikiLeaks’ public disavowal of any tie to Stone — only to be rebuffed.

On October 13, 2016, while WikiLeaks was in the midst of releasing the hacked Podesta emails, @RogerJStoneJr sent a private direct message to the Twitter account @wikileaks. This account is the official Twitter account of WikiLeaks and has been described as such by numerous news reports. The message read: “Since I was all over national TV, cable and print defending WikiLeaks and assange against the claim that you are Russian agents and debunking the false charges of sexual assault as trumped up bs you may want to rexamine the strategy of attacking me- cordially R.”

Less than an hour later, @Wikileaks responded by direct message: “We appreciate that. However, the false claims of association are being used by the democrats to undermine the impact of our publications. Don’t go there if you don’t want us to correct you.”

On October 16, 2016, @RogerJStoneJr sent a direct message to @Wikileaks: “Ha! The more you \”correct\” me the more people think you’re lying. Your operation leaks like a sieve. You need to figure out who your friends are.”

But after the election, it was WikiLeaks that reached out to Stone.

On November 9, 2016, one day after the presidential election, @Wikileaks sent a direct message to @RogerJStoneJr containing a single word: “Happy?” @Wikileaks immediately followed up with another message less than a minute later: “We are now more free to communicate.”

At Stone’s trial, Randy Credico testified that in that same period after the election, he put Roger Stone in touch with Margaret Kunstler, Credico’s tie to WikiLeaks and one of the 1,000 lawyers (per a snarky answer from Credico) who represented Assange, to discuss a pardon.

Q. Had you put Mr. Stone directly in touch with Ms. Kunstler after the election?

A. Yes, I did.

Q. And why had you done that?

A. Well, sometime after the election, he wanted me to contact Mrs. Kunstler. He called me up and said that he had spoken to Judge Napolitano about getting Julian Assange a pardon and needed to talk to Mrs. Kunstler about it. So I said, Okay. And I sat on it. And I told her–I told her–she didn’t act on it. And then, eventually, she did, and they had a conversation.

Credico is very evasive about the timing of all this. Texts between him and Stone, introduced as an exhibit at Stone’s trial, show that Credico raised asylum on October 3, three hours before he boasted that he was best friends with Assange’s lawyer, meaning Kunstler.

But when asked about the timing, Credico refused to answer, or even answer a yes or no question about whether discussions began before the election. Note, these texts were ones that neither Credico nor Stone provided at first, on Credico’s part because he no longer had them; the government ultimately subpoenaed them from Stone after Stone shared them with Chuck Ross. The texts Stone produced go through November 14, but the ones released at trial stop on October 3.

Later affidavits make clear, however, that on November 15, seven days after Trump won an election with Julian Assange’s help, Trump’s rat-fucker sent Kunstler a link to download Signal and asked her to call him, which she said she’d do. (This was the first day Stone was using the iPhone 7 on which he sent her these texts.)

Additionally, text messages recovered from Stone’s iCloud account revealed that on or about November 15, 2016, Stone sent an attorney with the ability to contact Julian Assange a link to download the Signal application. 15 Approximately fifteen minutes after sending the link, Stone texted the attorney, “I’m on signal just dial my number.” The attorney responded, “I’ll call you.”

15 This attorney was a close friend of Credico’s and was the same friend Credico emailed on or about September 20, 2016 to pass along Stone’s request to Assange for emails connected to the allegations against then-candidate Clinton related to her service as Secretary of State.

So the pardon discussions Credico testified about under oath began no later then a week after Assange helped Trump get elected and Credico refused to rule out that they started on November 9 or even earlier. The SSCI Report notes Credico had a 12 minute call with Stone on October 5 and five more calls on October 6.

After Trump was inaugurated in early 2017, via an attorney he shared with Oleg Deripaska, Assange tried to leverage CIA’s hacking tools believed to have been stolen the previous April to obtain an immunity deal. Even while those discussions were ongoing, on March 7, 2017, WikiLeaks released the first installment of CIA’s hacking tools, a release they called Vault 7. According to witnesses at the trial of the accused source, Joshua Schulte, the Vault 7 release brought CIA’s hacking-based spying virtually to a halt while the agency tried to figure out who would be compromised by the release.

But that didn’t stop the pardon discussions between WikiLeaks, including Assange personally, and Stone. After another spat about whether Stone had had a back channel to WikiLeaks which they aired on CNN, Stone returned to a discussion of a pardon on April 7.

On or about March 27, 2017, Target Account 1 wrote to Roger Stone, “FYI, while we continue to be unhappy about false \”back channel\” claims, today CNN deliberately broke our off the record comments.”

On March 27, 2017, CNN reported that a representative of WikiLeaks, writing from an email address associated with WikiLeaks, denied that there was any backchannel communication during the Campaign between Stone and WikiLeaks. The same article quoted Stone as stating: “Since I never communicated with WikiLeaks, I guess I must be innocent of charges I knew about the hacking of Podesta’s email (speculation and conjecture) and the timing or scope of their subsequent disclosures. So I am clairvoyant or just a good guesser because the limited things I did predict (Oct disclosures) all came true. ”

On or about April 7, 2017, Roger Stone wrote to Target Account 1, ” I am JA’s only hope for a pardon the chances of which are actually (weirdly) enhanced by the bombing in Syria (which I opposed) . You have no idea how much your operation leaks. Discrediting me only hurts you. Why not consider saying nothing? PS- Why would anyone listen to that asshole Daniel Ellsberg.”

On April 13, in the wake of the Vault 7 hack, Mike Pompeo declared WikiLeaks a non-state hostile intelligence service often abetted by Russia.

It is time to call out WikiLeaks for what it really is – a non-state hostile intelligence service often abetted by state actors like Russia. In January of this year, our Intelligence Community determined that Russian military intelligence—the GRU—had used WikiLeaks to release data of US victims that the GRU had obtained through cyber operations against the Democratic National Committee. And the report also found that Russia’s primary propaganda outlet, RT, has actively collaborated with WikiLeaks.

In response, Stone took to InfoWars on April 18, calling on Pompeo to either provide proof of those Russian ties or resign, defending the release of the Vault 7 tools along the way.

The Intelligence agencies continue to insist that Julian Assange is an active Russian Agent and that Wikileaks is a Russian controlled asset. The agencies have no hard proof of this claim whatsoever. Assange has said repeatedly that he is affiliated with no nation state but the Intelligence Agencies continue to insist that he is under Russian control because it fits the narrative in which they must produce some evidence of Russian interference in our election because they used this charge to legally justify and rationalize the surveillance of Trump aides, myself included.

[snip]

President Donald Trump said on Oct, 10, 2016 “I love Wikileaks” and Pompeo who previously had praised the whistleblowing operation now called Wikileaks “a non-state hostile Intelligence service often abetted by state actors like Russia”. Mr. Pompeo must be pressed to immediately release any evidence he has that proves these statements. If he cannot do so ,the President should discharge him.

[snip]

Julian Assange does not work for the Russians. Given the import of the information that he ultimately disclosed about the Clinton campaign, the Obama administration and the deep secrets in the CIA’s Vault 7, he has educated the American people about the tactics and technology the CIA has used to spy on ordinary Americans.

Assange personally DMed Stone to thank him for the article, while claiming that Pompeo had stopped short of claiming that WikiLeaks had gotten the stolen DNC emails directly, thereby making WikiLeaks like any other media outlet.

On or about April 19, 2017, Assange, using Target Account 2, wrote to Stone, “Ace article in infowars. Appreciated. But note that U.S. intel is engages in slight of hand maoevers [sic]. Listen closely and you see they only claim that we received U.S. election leaks \”not directly\” or via a \”third party\” and do not know \”when\” etc. This line is Pompeo appears to be getting at with his \”abbeted\”. This correspnds to the same as all media and they do not make any allegation that WL or I am a Russia asset.”

It’s in that context — in the wake of Trump’s trusted CIA Director (and a former WikiLeaks booster himself) asserting serial cooperation between Russia and WikiLeaks — that Stone and Assange had the exchange that directly preceded Trump’s attempt to shut down any investigation into the leaks to WikiLeaks.

On June 4, Stone threatened to “bring down the entire house of cards” if the government moved on Assange (Stone kept a notebook during the campaign detailing all the calls he had had with Trump), then raised a pardon again, suggesting Assange had done nothing he needed to be pardoned for.

56. On or about June 4, 2017, Roger Stone wrote back to Target Account 2, “Still nonsense. As a journalist it doesn’t matter where you get information only that it is accurate and authentic. The New York Times printed the Pentagon Papers which were indisputably stolen from the government and the courts ruled it was legal to do so and refused to issue an order restraining the paper from publishing additional articles. If the US government moves on you I will bring down the entire house of cards. With the trumped-up sexual assault charges dropped I don’t know of any crime you need to be pardoned for – best regards. R.” Target Account 2 responded, “Between CIA and DoJ they’re doing quite a lot. On the DoJ side that’s coming most strongly from those obsessed with taking down Trump trying to squeeze us into a deal.”

57. On or about June 10, 2017, Roger Stone wrote to Target Account 2, “I am doing everything possible to address the issues at the highest level of Government. Fed treatment of you and Wikileaks is an outrage. Must be circumspect in this forum as experience demonstrates it is monitored. Best regards R.” Target Account 2 wrote back, “Appreciated. Of course it is!”

According to texts between Stone and Credico, Stone at least claimed to be pursuing a pardon in early 2018 (though he may have been doing that to buy Credico’s silence).

And it wasn’t just Stone involved in the discussions to free Assange.

Manafort’s Ecuador trip

While it’s not clear to what end, Paul Manafort took steps relating to Assange as well.

There’s the weird story by Ken Vogel, explaining that between those two Stone-Assange exchanges in April and June, 2017, long-time Roger Stone friend Paul Manafort went to Ecuador to negotiate Assange’s expulsion.

In mid-May 2017, Paul Manafort, facing intensifying pressure to settle debts and pay mounting legal bills, flew to Ecuador to offer his services to a potentially lucrative new client — the country’s incoming president, Lenín Moreno.

Mr. Manafort made the trip mainly to see if he could broker a deal under which China would invest in Ecuador’s power system, possibly yielding a fat commission for Mr. Manafort.

But the talks turned to a diplomatic sticking point between the United States and Ecuador: the fate of the WikiLeaks founder Julian Assange.

In at least two meetings with Mr. Manafort, Mr. Moreno and his aides discussed their desire to rid themselves of Mr. Assange, who has been holed up in the Ecuadorean Embassy in London since 2012, in exchange for concessions like debt relief from the United States, according to three people familiar with the talks, the details of which have not been previously reported.

They said Mr. Manafort suggested he could help negotiate a deal for the handover of Mr. Assange to the United States, which has long investigated Mr. Assange for the disclosure of secret documents and which later filed charges against him that have not yet been made public.

The story never explained whether Manafort wanted Assange handed over for trial, for a golf vacation, or for Russian exfiltration (as was reportedly planned for Assange later in 2017).

That Manafort went to Ecuador and negotiated for an Assange release accords, however, with the 302 of a witness who called in to Mueller’s team. The witness described that Manafort had told him or her, in real time, that he had gone to Ecuador, “to try to convince the incoming President to expel Assange from the Embassy in order to gain favor with the U.S.”

Neither of these stories should be considered reliable, as written. 302s that Bill Barr’s DOJ is willing to release in unredacted form, as this one is, tend to be false claims that make Trump look less suspect than he really is. And Manafort-adjacent sources were using Ken Vogel to plant less-damning cover stories during this period. Further, as we’ll see, the dates of them, November 28 and December 3, 2018, respectively, puts them in a period after Trump knew that Mueller was investigating efforts to pardon Assange.

Manafort went to Ecuador in May of 2017. At the time, his lifelong buddy Roger Stone was still pursuing some means to get Assange released. It’s unclear precisely what Manafort asked Lenín Moreno to do.

WikiLeaks cultivates Trump’s oldest son

A more interesting parallel timeline (one that becomes more interesting if you track the communications in tandem, as I do below) is the dalliance between Don Jr and WikiLeaks. The failson’s communications with WikiLeaks are one area where all of the Roger Stone stories withhold key details. The Mueller Report, for example, covers only three of the Don Jr-WikiLeaks exchanges, which it caveats by explaining that it addresses the ones “during the campaign period” (again, only the one where Don Jr accesses a non-public website using the private password WikiLeaks shared involved a prosecutorial decision and so needed to be included).

Like the Mueller Report, the SSCI Report describes in the body of the report Don Jr’s exchange with WikiLeaks in a period around the time that Trump and his closest advisors had discussed reaching out to WikILeaks.

(U) WikiLeaks also sought to coordinate its distribution of stolen documents with the Campaign. After Trump proclaimed at an October 10 rally, “I love WikiLeaks” and then posted about it on Twitter,1730 WikiLeaks resumed messaging with Trump Jr. On October 12, it said: “Strongly suggest your dad tweets this link if he mentions us … there’s many great stories the press are missing and we’re sure some of your follows [sic] will find it. btw we just released Podesta Emails Part 4.”1731 Shortly afterward, Trump tweeted: “Very little pick-up by the dishonest media of incredible information provided by WikiLeaks. So dishonest! Rigged System!”1732 Two days later, Donald Trump Jr. tweeted the link himself: “For those who have the time to read about all the corruption and hypocrisy all the @wikileaks emails are right here: wlsearch.tk.”1733 Trump Jr. admitted that this may have been in response to the request from WikiLeaks, but also suggested that it could have been part of a general practice of retweeting the. WikiLeaks releases when they came out. 1734

But it only presents one part of the exchange that Jr and WikiLeaks had on November 8 and 9, and it relegates that to a footnote.

1738 (U) Ibid., pp. 164-166. WikiLeaks continued to interact with Trump Jr. after the general election on November 8, 2016. On November 9, 2016, WikiLeaks wrote to Trump Jr.: “Wow. Obama people will surely try to delete records on the way out. Just a heads up.”

As to the affidavits, the warrant application for Julian Assange’s Twitter account described having earlier obtained Don Jr’s Twitter account, but didn’t refer to him by name. Instead, it referred to him as “a high level individual associated with the Campaign,” and described just the September exchange between the two of them.

After the Atlantic provided more of those DMs, Don Jr, as he had earlier with his June 9 emails, released them himself. The Election Day exchange of which SSCI made no mention pushes Don Jr to adopt a strategy Russia was also pushing — to refuse to concede (a strategy that Trump will undoubtedly adopt on November 4 if he loses).

Hi Don; if your father ‘loses’ we think it is much more interesting if he DOES NOT conceed [sic] and spends time CHALLENGING the media and other types of rigging that occurred–as he has implied that he might do. He is also much more likely to keep his base alive and energised this way and if he is going to start a new network, showing how corrupt the old ones are is helpful. The discussion about the rigging can be transformative as it exposes media corruption, primary corruption, PAC corruption etc. We don’t like corruption ither [sic] and our publications are effective at proving that this and other forms of corruption exists.

That doesn’t pertain to pardons (though it does demonstrate that WikiLeaks was not involved in a journalistic enterprise).

But a DM from December 16, 2016 the SSCI similarly excerpted in a footnote does discuss what amounts to a pardon:

Hi Don. Hope you’re doing well! In relation to Mr. Assange: Obama/Clinton placed pressure on Sweden, UK and Australia (his home country) to illicitly go after Mr. Assange. It would be real easy and helpful for your dad to suggest that Australia appoint Assange ambassador to DC “That’s a really smart tough guy and the most famous australian you have! ” or something similar. They won’t do it, but it will send the right signals to Australia, UK + Sweden to start following the law and stop bending it to ingratiate themselves with the Clintons. Background: justice4assange.com

When these DMs were released on November 14, 2017, Assange tweeted out a follow-up to the December 2016 one, adding a threat by hashtagging, Vault8, the source code to the CIA files, a single example of which WikiLeaks had just released on November 9, 2017.

Meanwhile, the one other example where WikiLeaks provided the President’s son advice — a pitch for him to release his own June 9 emails via WikiLeaks in July 2017 — WikiLeaks explicitly suggested that Don Jr contact Margaret Kunstler, the same lawyer who had been discussing pardons with Assange nine months earlier.

There appears to be more — far more — to Margaret Kunstler’s role. Two 302s identifiable as hers have been released in response to the BuzzFeed FOIA, an interview on October 29, 2018 involving Stone prosecutor Aaron Zelinsky and Obstruction prosecutor Andrew Goldstein, and a second interview, this one by phone, on November 20, 2018, this one adding Russian prosecutor Rush Atkinson along with Zelinsky and Goldstein. Both 302s were released on October 1, 2020, the most recent release. In the first interview, only Kunstler’s response stating that she did not pass on Stone’s September request for information about Libya to Julian Assange was partly unsealed; there are at least five more paragraphs that remain redacted as part of an ongoing investigation. The second is eight pages long and appears to have at least four sub-topics with separate headings. Aside from the introductory paragraph, it remains entirely redacted, with over half covered by a b7A ongoing investigation exemption.

The investigation into much of Stone’s activities appears to have been shut down. But the investigation into the pardon discussions appears to have been ongoing just three weeks ago.

The Mueller question

The discussion of efforts to free Julian Assange appears, primarily, in two versions of the Roger Stone story. Prosecutors at Stone’s trial used the discussions to explain which of Stone’s threats — those naming Kunstler directly — worked most effectively to delay Credico’s cooperation. It also appears in affidavits, though with Don Jr’s identity obscured.

The SSCI report relegates both the Don Jr and Stone pardon discussions with WikiLeaks to footnotes and doesn’t quote Stone using the word “pardon” in the excerpts it includes. It does so even though the SSCI Report describes Dana Rohrabacher’s attempt to broker an Assange pardon in August 2017 in the body of the text.

The Mueller Report doesn’t discuss pardon efforts for Assange where you might expect it, along with discussions of pardons for Manafort, Flynn, Stone himself, and Michael Cohen. Mention of the effort to free Assange appears in just one place: amid the questions asked of Trump in an appendix.

Did you have any discussions prior to January 20, 2017, regarding a potential pardon or other action to benefit Julian Assange? If yes, describe who you had the discussion(s) with, when, and the content of the discussion(s).

I do not recall having had any discussion during the campaign regarding a pardon or action to benefit Julian Assange.

That appendix explains that Mueller’s team submitted these questions on September 17, 2018 (before both of Kunstler’s interviews) and Trump returned them on November 20, 2018.

In the interim period, on October 30, 2018, Don Jr’s close buddy, Arthur Schwartz, for the first time in years of having listened to former Sputnik employee Cassandra Fairbanks’ lobbying for Julian Assange in the right wing chat room they both (along with Ric Grenell) participated in responded by telling her that he would be charged and expelled from the embassy, that a pardon was not going to fucking happen and — at some point, if Fairbanks can be believed — suggesting someone with whom Schwartz was lifelong friends might be affected.

Arthur Schwartz warned me that people would be able to overlook my previous support for WikiLeaks because I did not know some things which he claimed to know about, but that wouldn’t be so forgiving now that I was informed. He brought up my nine year old child during these comments, which I perceived as an intimidation tactic.

He repeatedly insisted that I stop advocating for WikiLeaks and Assange, telling me that “a pardon isn’t going to fucking happen.” He knew very specific details about a future prosecution against Assange that were later made public and that only those very close to the situation would have been aware of. He told me that it would be the “Manning” case that he would be charged with and that it would not involve Vault 7 publication or anything to do with the DNC. He also told me that they would be going after Chelsea Manning. I also recollect being told, I believe, that it would not be before Christmas.

[snip]

The other persons who Schwartz said might also be affected included individuals who he described as “lifelong friends.”

Shortly after Trump submitted his answers, two stories — one public, one via witness testimony to Mueller — claimed that Manafort’s visit to Moreno, at a time when his buddy Stone was seeking a pardon, was actually an attempt to expel him from the embassy.

In spite of what Schwartz told Cassandra, however, the pardon discussions aren’t over. Just before Julian Assange’s extradition hearing started, Roger Stone’s buddy Tucker Carlson invited Glenn Greenwald on to make a three minute pitch — one in which Glenn explained what a good way this would be for Trump to stick it to the Deep State — for both Assange and Ed Snowden.

Timeline

September 20, 2016: WikiLeaks DMs Don Jr a link to putintrump site, including a password.

October 3, 2016: Credico raises asylum for Assange and tells Stone he’s best friends with Assange’s lawyer. WikiLeaks DMs Don Jr asking him to push a story about Hillary drone-striking Assange; Don Jr notes he has already done so and asks what is coming on Wednesday.

October 5, 2016: Credico and Stone speak for 12 minutes.

October 6, 2016: Stone probably has a six minute call with Trump. Stone has five calls with Credico.

October 7, 2016: The release of the Podesta email swamps the DHS/ODNI release attributing the DNC hack and tying WikiLeaks to Russia

October 8, 2016: Stone and Trump probably meet.

Shortly after Podesta release: Senior campaign officials discuss reaching out to WikiLeaks.

October 10, 2016: Trump tweets “I love WikiLeaks.”

October 12, 2016: WikiLeaks disavows any back channel with Stone. WikiLeaks also DMs Don Jr suggesting he get his father to tweet a link. Don Jr tweets it that day.

October 13, 2016: Stone and WikiLeaks exchange DMs.

October 14, 2016: Trump tweets the link WikiLeaks sent to Don Jr.

October 16, 2016: Stone tells WikiLeaks “You need to figure out who your friends are.”

October 21, 2016: WikiLeaks suggests that Don Jr release Trump’s tax returns to WikiLeaks.

November 8, 2016: WikiLeaks DMs Don Jr to suggest Trump not concede if he loses.

November 9, 2016: WikiLeaks DMs Don Jr to claim Obama’s people will delete records on the way out. WikiLeaks DMs Stone to say, “We are now more free to communicate.”

November 14, 2016: Stone gets a new phone.

November 15, 2016: Stone texts Margaret Kunstler a link to Signal and tells her to call him on it, which she said she would do.

December 16, 2016: WikiLeaks suggests that he ask his dad to suggest Australia appoint Assange as Ambassador to the US.

January 6, 2017: WikiLeaks DMs Don Jr a John Harwood tweet asking, Who do you believe, America?

March 7, 2017: WikiLeaks starts releasing the Vault 7 files, effectively halting CIA’s hacking capability for a period.

March 27, 2017: Stone and WikiLeaks exchange more complaints about whether Stone had a back channel.

April 7, 2017: Stone writes WikiLeaks that he is “JA’s only hope for a pardon.”

April 13, 2017: Mike Pompeo calls WikiLeaks a non-state hostile intelligence service often abetted by Russia.

April 18, 2017: Stone calls on Pompeo to release proof of WikiLeaks’ Russian ties or resign.

April 19, 2017: Assange thanks Stone for the attack on Pompeo, but claims that Pompeo has stopped short of calling WikiLeaks a Russian asset.

April 26, 2017: Assange DMs Don Jr some video on “Fake News.”

May 2017: Manafort meets in Ecuador with Lenín Moreno to discuss Assange.

June 4, 2017: Stone DMs Assange, threatening to “bring down the entire house of cards” if the US government moves on Assange.

June 10, 2017: Roger Stone tells Assange he is “doing everything possible … at the highest level of Government” to help Assange.

June 19, 2017: Trump tries to give a back channel order to Jeff Sessions to limit the Mueller investigation to future election meddling, not the meddling that helped him get elected.

July 11, 2017: WikiLeaks DMs Don Jr to suggest he release his June 9 emails via WikiLeaks, providing him Margaret Kunstler’s contact information as if she would take the submission.

October 12, 2017: Mueller’s team obtains Don Jr’s Twitter content.

November 6, 2017: Mueller’s team obtains WikiLeaks and Assange’s Twitter content.

November 14, 2017: Don Jr releases his Twitter DMs with WikiLeaks. Julian Assange publicly references the December 16 DM, suggests he can open “luxury immunity suites for whistleblowers,” and includes a Vault8 hashtag (referencing CIA’s source code).

December 21, 2017: Reported attempt to exfiltrate Assange from the embassy; DOJ charges Assange with CFAA conspiracy.

January 6, 2018: Stone claims “I am working with others to get JA a blanket pardon.”

September 17, 2018: Mueller submits questions to Trump, including one about a pardon for Assange.

October 29, 2018: Mueller’s team interviews Kunstler.

October 30, 2018: Arthur Schwartz tells Cassandra Fairbanks there’s not going to be a fucking Assange pardon.

November 20, 2018: Trump returns his questions to Mueller. Mueller’s team interviews Kunstler.


The movie Rashomon demonstrated that any given narrative tells just one version of events, but that by listening to all available narratives, you might identify gaps and biases that get you closer to the truth.

I’m hoping that principle works even for squalid stories like the investigation into Roger Stone’s cheating in the 2016 election. This series will examine the differences between four stories about Roger Stone’s actions in 2016:

As I noted in the introductory post (which lays out how I generally understand the story each tells), each story has real gaps in one or more of these areas:

My hope is that by identifying these gaps and unpacking what they might say about the choices made in crafting each of these stories, we can get a better understanding of what actually happened — both in 2016 and in the investigations. The gaps will serve as a framework for this series.

Rat-Fucker Rashomon: Steve Bannon and Dirty Tricks

Thus far in my Rat-Fucker Rashomon story, I’ve shown strong evidence that Roger Stone not only knew that John Podesta’s emails were coming, but knew or had the contents of some documents pertaining to an attack he had already been making on John Podesta. I showed that the timing of that release — via whatever means — likely served more to drown out the Russian attribution than the Access Hollywood tape, which has important implications for how he might have coordinated with WikiLeaks. And I suggested that the evidence Stone had far earlier knowledge of what the Russians were doing, even during the period when they were still hacking the DNC’s servers, makes some of all this focus on Podesta less important.

But there’s a limit to that claim. That’s because we still don’t know whether, when Stone promised he knew how to get Trump elected in the same period he was pursuing the Podesta files, that plan consisted just of optimizing the Podesta files, or whether there was something more. That makes the stories not told at Roger Stone’s trial all the more exasperating.

One of the most unsatisfying aspects of the Roger Stone trial, particularly for inattentive watchers, was that prosecutors never told us how Stone had gotten advance knowledge of what stolen emails would be released — nor even asserted as fact that he did.

As I keep noting, that’s not what they had to prove to win a guilty verdict.

But even more frustrating is the way DOJ proved its case that Stone had discussed WikiLeaks with the campaign. On at least three different occasions, the prosecution pointed to far more enticing communications about what really happened, but did not tell us what those communications meant.

The texts between Stone and Erik Prince on October 4, 2016 are one innocuous example.

They clearly pertain to WikiLeaks, which is all the prosecution needed to prove — that Stone had communications with people like Prince about advance knowledge of WikiLeaks that he subsequently lied about to cover up. But in the exhibit (which was entered by the FBI Agent; Prince was not called as a witness) there’s a reference — “Yes,” Stone confirmed he had heard more “from London” in the interim 7.5 hours since he had told Prince he was “checking” whether Assange had chickened out, then said, “want to talk on a secure line — got Whataspp?” to something far more interesting.

Affidavits obtained in early 2019 show that Stone first downloaded WhatsApp on October 4, suggesting he downloaded it solely to communicate with Prince (even though Stone already had Signal on his phone).

This is one of the rare areas where the Mueller Report provided more evidence than appeared at the trial. It revealed that Prince testified that,

Stone and Prince did speak subsequently, and Stone said that WikiLeaks would release more materials that would be damaging to the Clinton campaign. Stone also indicated to Prince that he had what Prince described  as almost “insider stock trading” type information about Assange.

But Prince didn’t testify at the trial, and it would be beyond the scope of what prosecutors needed to prove, and so we didn’t get to hear more about this “insider stock trading” information. Damnit.

In two other cases, though, prosecutors pointed to more substantive discussions that weren’t clearly labeled as WikiLeaks discussions, but which prosecutors presented as evidence that Stone was talking to the campaign about the upcoming releases. One was the August 3, 2016 email to Paul Manafort where he floated “an idea … to save Trump’s ass.”

As I noted in this post, Manafort seemed to try to hide this email and any follow-up conversation up in an interview with Mueller. And while Stone’s defense challenged whether this email was really related to WikiLeaks, in his closing argument, Jonathan Kravis argued that the plan was to use WikiLeaks releases to discredit Hillary.

On August 3rd, 2016, Stone writes to Manafort: “I have an idea to save Trump’s ass. Call me please.” What is Stone’s idea to save Trump’s ass? It’s to use the information about WikiLeaks releases that he just got from Jerome Corsi. How do know that’s what he had in mind; because that’s exactly what he did. As you just saw, just days after Stone sends this email to Paul Manafort, “I have an idea to save Trump’s ass,” he goes out on TV, on conference calls and starts plotting this information that he’s getting from Corsi: WikiLeaks has more stuff coming out, it’s really bad for Hillary Clinton.

Tactically, introducing the email was not at all necessary. Prosecutors had more than proven that Stone had lied about talking to the campaign. And the SSCI Report makes clear there was a shit-ton of other evidence that made this clear they could have used instead. But for whatever reason, they did include it, tying Stone’s attempts to cover up these conversations with the way Trump won.

Prosecutors introduced a similar exchange with Steve Bannon, the guy who took over from Manafort weeks later: an August 18, 2016 email exchange  where Stone claimed Trump could “still win” … “but it ain’t pretty,” and Bannon responded by asking to talk ASAP.

Manafort didn’t testify at Stone’s trial. But Bannon did. Prosecutors had Bannon sitting there on the stand, forcing him to repeat what he had said to a grand jury earlier in the year, yet they only asked him to say this much about what all this means, in which he begrudgingly admitted he believed this discussion about using social media to win was about WikiLeaks:

Q. At the bottom of this email Mr. Stone states, “Trump can still win, but time is running out. Early voting begins in six weeks. I do know how to win this, but it ain’t pretty. Campaign has never been good at playing the new media. Lots to do, let me know when you can talk, R.” Did I read that correctly?

A. That’s correct.

Q. Then you respond, “Let’s talk ASAP”; am I correct?

A. That’s correct.

Q. When Mr. Stone wrote to you, “I do know how to win this but it ain’t pretty,” what in your mind did you understand that to mean?

A. Well, Roger is an agent provocateur, he’s an expert in opposition research. He’s an expert in the tougher side of politics. And when you’re this far behind, you have to use every tool in the toolbox.

Q. What do you mean by that?

A. Well, opposition research, dirty tricks, the types of things that campaigns use when they have got to make up some ground.

Q. Did you view that as sort of value added that Mr. Stone could add to the campaign?

A. Potentially value added, yes.

Q. Was one of the ways that Mr. Stone could add value to the campaign his relationship with WikiLeaks or Julian Assange?

A. I don’t know if I thought it at the time, but he could — you know, I was led to believe that he had a relationship with WikiLeaks and Julian Assange.

Even though prosecutors didn’t lay out precisely what happened next — something that other evidence suggests may have implicated Jared Kushner — Stone’s team never challenged the prosecution claim that this email and the subsequent exchanges did pertain to WikiLeaks. Perhaps, because they had reviewed Bannon’s grand jury and more recent testimony, they knew how he would respond and thought better off leaving it unchallenged.

Perhaps, too, they didn’t want to have to explain how long this exchange persisted. For example, the Stone affidavits — starting with one obtained after Bannon’s first testimony — showed this particular email exchange lasted two more days, through August 19 and 20 (the day before the Podesta “time in the barrel” tweet).

On August 19, 2016, Bannon sent Stone a text message asking if he could talk that morning. On August 20, 2016, Stone replied, “when can u talk???”

And those discussions may have continued into face-to-face meetings in September.

On September 4, 2016, Stone texted Bannon that he was in New York City for a few more days, and asked if Bannon was able to talk.

[snip]

On September 7, 2016, Stone and Bannon texted to arrange a meeting on September 8, 2016 at the Warner Center in New York.

On September 7, 2016, Bannon texted Stone asking him if he could “come by trump tower now???”

On September 8, 2016, Stone and Bannon texted about arranging a meeting in New York.

This is a lot of back-and-forth to discuss the “the tougher side of politics.”

The August exchange is one of the most substantive things presented at Stone’s trial that doesn’t appear in the Mueller Report.

It does show up, in abbreviated form, in the SSCI Report, but given what else SSCI includes, how the bipartisan report described Trump’s campaign manager eagerly responding to the rat-fucker deserves note. The SSCI Report describes how Gates and Manafort responded to Stone’s proposal — amid these promises of additional WikiLeaks releases — of a plan “to save Trump’s ass” right in the body of the report.

Stone spoke by phone with Gates that night, and then called Manafort the next morning, but appeared unable to connect. 1559 Shortly after placing that call, Stone emailed Manafort with the subject line “I have an idea” and with the message text “to save Trump’s ass.”1560 Later that morning, Manafort called Stone back, and Stone tried to reach Gates again that afternoon. 1561

Bizarrely, the SSCI Report relegates the parallel conversation with Stone involving Steve Bannon, just two weeks later, to a footnote.

1589 (U) Ibid.; Testimony of Steve Bannon, United States v. Stone, pp. 850, 857- 861. In an email on August 18, Stone wrote to Bannon: “I do know how to win this but it ain’t pretty.” Email, Stone to Bannon, August 18, 2016 (United States v. Stone, Gov. Ex. 28). Bannon responded, “Let’s talk ASAP.” Ibid.

This is the guy who was in charge when the Podesta emails dropped. And yet the SSCI Report buries the fact that with Bannon, too, Stone pitched a plan to win using WikiLeaks. Moreover, the SSCI Report doesn’t mention that that plan focused on social media at all, or that discussions about it may have extended over three weeks.

And yet, having buried this pitch from Stone about using social media to win in a footnote, the SSCI Report then provides six pages of detail about how central the Podesta files were to the campaign, including in their social media campaign.

Before it presents that, however, the SSCI Report provides important context to an email exchange involving Stone and Bannon included in the Mueller Report, the Stone indictment, and released at the trial, context none of the other stories provide. It shows that before Breitbart reporter Matthew Boyle emailed Stone to find out what was up with Assange on October 4, Bannon had already reached out to Breitbart’s editors to track the release.

(U) The Trump Campaign tracked Stone’s commentary and the news about WikiLeaks. On October 2, Andrew Surabian, who ran the Campaign’s war room, emailed Stone’s Twitter prediction about a Wednesday release to Bannon, Kellyanne Conway, and the Trump Campaign press team. 1643 On October 3, Dan Scavino emailed the October 3 WikiLeaks Twitter announcement to Bannon.1644 That evening, Bannon reached out to two Breitbart editors, Wynton Han and Peter Schweizer, to ask if they would be awake “to get what he [Assange] has live.”I.645

(U) Separately, also on October 3, Bannon received an email from Matthew Boyle, another Breitbart editor, forwarding Boyle’s correspondence from earlier that day with Stone. In it, Boyle had asked Stone, “Assange-what’s he got? Hope it’s good.” Stone responded, “It is. I’d tell Bannon but he doesn’t call me back.” In his email to Bannon, Boyle advised Bannon to call Stone, and when Bannon said he had “important stuff to worry about,” Boyle replied, “Well clearly he knows what Assange has. I’d say that’s important.”1646

[snip]

(U) Trump was frustrated with the absence of a WikiLeaks release on October 4. Gates recalled that Trump had anticipated something would be released and later asked: “When is the other stuff coming out?”1653

(U) Following the announcement, Bannon complained to Stone by email about the lack of any new releases, asking “what was that this morning???”1654 Bannon wrote to Stone because Stone had said he “knew WikiLeaks and knew Julian Assange.”1655 Stone responded, echoing information he had received from Credico and Assange’s own announcement: “Fear. Serious security concern. He thinks they are going to kill him and the London police are standing done ” [sic]. However-a load every week going forward.” 1656

That Bannon used Breitbart as a cut-out to track what Assange was doing is important for several reasons. Bannon had had to ask the Mercers for permission before leaving Breitbart and joining the campaign, in part to avoid tying the Breitbart brand to any possible Trump loss. In August, Breitbart reporter Lee Stranahan had been in direct contact with Guccifer 2.0 and had gotten early access to a file on Black Lives Matter. Stone would use Breitbart as a platform for some of his own releases after the Podesta emails dropped. And there’s good reason to believe that whatever files Corsi prepped got shared with Breitbart itself.

Plus, in his first interview (one the SSCI Report treats, inexplicably, as credible), Bannon made a slew of claims denying enthusiasm regarding the Podesta release, claims utterly disproven by the documentary evidence. It’s possible Bannon believed he had hidden this enthusiasm from Mueller’s gaze at Breitbart.

Nevertheless, as the SSCI Report makes clear, there’s a great deal of evidence showing what a concerted focus the campaign paid to the stolen emails, how much of it focused on social media, and how the campaign couldn’t care less that this windfall had come from Russia. (The footnotes of this section of the SSCI Report are particularly valuable for the way they expose precisely who was involved in this campaign.)

(U) Despite the contemporaneous statement by the U.S. Government warning of Russian responsibility for the hacking and leaking of the DNC, DCCC, and Clinton Campaign documents and emails, the Trump Campaign considered the release of these materials to be its “October surprise.”1691 The Trump Campaign’s press team first found out about the WikiLeaks release when it “hit the press” on October 7,1692 and the Campaign quickly turned to capitalize on the Podesta emails: the following morning, October 8, the communications team began compiling information from the release that it could use to attack Clinton. 1693 WikiLeaks information was later integrated with Trump’s tweets, 1694 into his speeches, 1695 and into his press releases. 1696 Other members of the Trump family also scrutinized the news. 1697 And, the Campaign tracked WikiLeaks releases in order to populate a fake Clinton Campaign website, clintonkaine.com. 1698

[snip]

(U) Within the Campaign, there was no policy that governed using materials released by WikiLeaks.1717 To the contrary, the Campaign treated the releases as just another form of opposition research. 1718 Bannon’s view was that “anything negative that comes out [against an opponent] is clearly helpful to a campaign.”1719 According to Stephen Miller, “[i]t would have been political malpractice not to use the WikiLeaks material once it became public.” 1720 Gates described a “growing belief’ within the Campaign that Assange was, in fact, assisting their effort.”1721

(U) Rather than regulating the Campaign’s use ofWikiLeaks materials, Trump praised and promoted WikiLeaks repeatedly in the closing month of the campaign1722:

  • (U) October 10, 2016: “This just came out. WikiLeaks, I love WikiLeaks.”
  • (U) October 12, 2016: “This WikiLeaks stuff is unbelievable. It tells you the inner heart, you’·gotta read it.”
  • (U) October 13, 2016: “It’s been amazing what’s coming out on WikiLeaks.”
  • (U) October 31, 2016: “Another one came in today. This WikiLeaks is like a treasure trove.”
  • (U) November 2, 2016: “WikiLeaks, it sounds like, is going to be dropping some more . . Ifwe met tomorrow. I’d tell you about it tomorrow.”
  • (U) November 4, 2016: “Getting off the plane, they were just announcing new WikiLeaks, and I wanted to stay there, but I didn’t want to keep you waiting. Boy, I love reading those WikiLeaks.”

(U) Using Trump to promote WikiLeaks was a deliberate strategy employed by the Campaign, not only in his remarks, but also on social media. In mid-October, Ivanka Trump tasked the Campaign’s senior officials (including Bannon, Scavino, Stephen Miller and Jason Miller) with preparing two Trump tweets every day linking to WikiLeaks content, which, she said, would help “refocus the narrative.”1723 Trump tweeted direct references to WikiLeaks throughout October and November 2016, including on October 11, 12, 16, 17, 21 (twice), 22, 24, 27 and November 1.1724

[snip]

(U) The Campaign’s preoccupation with WikiLeaks continued until the general election. As the general election approached, Scavino, a member of the communications team who also had a role in administering Trump’s Twitter account during the campaign, 1739 increasingly forwarded updates relating to WikiLeaks to other Campaign officials, using subject lines like · “WIKI ABOUT TO DROP SOME BOMBS … 4 pmE” and “The WikiLeaks BOMB!” and linking to the latest WikiLeaks twitter post or its website. 1740 To one, Donald Trump Jr. responded: “Blow it out.” 1741

1691 (U) FBI, FD-302, Gates 4/19/2018.

1692 (U) Epshteyn Tr., p. 212.

1693 (U) See, e.g., Email, Shah to Ditto, Cheung, J. Miller, and Hicks, October 8, 2016 (DJTFP00019278) (attaching document titled “Wikileaks October 7, 2016 John Podesta Email Release”); Email, Epshteyn to Ellis, October 8, 2016 (DJTFP00019302-19304) (requesting “talkers on this asap” in reference to leaked speech excerpts). In his testimony, Bannon downplayed the relative importance of the WikiLeaks release in light or the Access Hollywood tape. Bannon recalled that the Campaign learned of the tape approximately 60 minutes before it was released, in the middle of debate preparation with Trump. See Bannon Tr., p. 206. According to Bannon, the tape was an “extinction level event,” and precipitated Republican Party efforts to “remove the candidate” the following day .. Ibid., pp. 207-208. Bannon claimed that he not recall finding out about the WikiLeaks release or speaking about it with Trump until the evening after the debate. Ibid., pp. 206-207.

1694 (U) Email, J. Miller to Giuliani, Hicks, Scavino, and S. Miller, October 11, 2016 (DJTFP00019376) (linking to WikiLeaks story in the LA Times).

1695 (U) Email, Gabriel to S. Miller and Ditto, October 27, 2016 (DJTFP00020051) (providing teleprompter script for Springfield, Ohio speech referencing WikiLeaks).

1696 (U) Email, Gates to Bannon, October 27, 2016 (SKB_SSCl-0001369-1370) (stating “This is good and exactly what we need,” and forwarding written Trump statement using WikiLeaks releases to attack Clinton under the subject line, “FW: Donald J. Trump Statement.”).

1697 (U) Email, J. Miller to Shah, et al., October 9, 2016 (DJTFP00024165) (discussing Eric Trump’s question about the WikiLeaks release, “Are we discussing Hillary selling weapons to Isis [sic] as per WikiLeaks email dump?”).

1698 (U) Email, Hemming to Parscale, Bannon, and Hall, “Re: Top Twenty-Five Wikileaks Revelations,” October 15, 2016 (SKB_SSCl-0001528-1530).

[snip]

1717 (U) Bannon Tr., p. 177; S. Miller Tr., p. -110.

1718 (U) For example, Hope Hicks told the Committee: “[E]veryone has opposition research, and this just happened to be available to everyone.” Hicks Tr., pp. 66–67. Kushner described the releases as a “popular topic” that “everyone was talking about.” Kushner II Tr., pp. ’52-54.

1719 (U) Bannon Tr., p. 171-172.

1720 (U) S. Miller Tr., p. 91.

1721 (U) FBI, FD-302, Gates 3/1/2018.

1722 (U) Some of these are reproduced in a video by The Washington Post. “Watch Trump Praise WikiLeaks,” The Washington Post, April 11, 2019. Public tabulations of the number of references in speeches, interviews, rallies, and debates Vary, but place it in excess of 100 mentions. See, e.g., Gabrielle Healy, “Did Trump really mention WikiLeaks over 160 times in the last month of the election cycle?” PolitiFact, April 21, 2017; David Choi and John Haltiwanger, “5 times Trump praised WikiLeaks during his 2016 election campaign,” Business Insider, April 11, 2019.

[snip]

1739 (U) Epshteyn.Tr,, p. 135.

1740 (U) Email, Scavino to Bannon; E. Trump, Trump Jr., Kushner, S. Miller, and Hicks, October 31, 2016 (TRUMPORG_69_016159); Email, Scavino to Bannon, Hicks, Kushner, S. Miller, Trump Jr., and E. Trump, (TRUMPORG_69_016934). See also Email, Scavino to Bannon, Hicks, Conway, and S. Miller, November 4, 2016 (TRUMPORG_69_017232) (“Tweet by WikiLeaks on Twitter”); Email, Scavino to Scavino, November 6, 2016 (TRUMPORG_69 _017455) (“8,263 DNC EMAILS RELEASED” and linking to WikiLeaks tweet); Email, Scavino to Bannon, S. Miller, Kushner, E. Trump, Trump Jr., November 7, 2016 (TRUMPORG_ 69 _ 017463) (subject “Wiki – CIIlCAGO PROTESTS COSTS” and linking to WikiLeaks documents).

1741 (U) Email, Trump Jr. to Scavino, Bannon, E. Trump, Kushner, S. Miller, and Hicks, October 31, 2016 (TRUMPORG _ 69_016164).

In light of Bannon’s meetings with Stone, his trial testimony, and the details of how the campaign exploited the stolen emails, the most obvious explanation for Stone’s “how to win this but it ain’t pretty” comment is that this response to the Podesta drop was prepared starting in August (which makes the timing of Stone’s “time in the barrel” comment, coming in the wake of the Stone and Bannon discussions, all the more intriguing).

Particularly given the timing of Stone’s meeting or meetings with Bannon in NY, that’s not the only possibility. The other ones are far more damning.

But the trial and affidavits both tell stories that suggest there’s far more to Stone’s proposals, to two consecutive Trump campaign managers, on how to win the campaign. The SSCI Report provides one answer, the most obvious answer, for what that plan was. And yet the SSCI Report, which frowns at the campaign for its embrace of emails stolen by Russia but consistently backs off the most damning conclusions regarding Trump, fails to connect whether there’s a tie between Stone’s promise, which it hides in a footnote, and the massive effort to capitalize on the emails.

Or worse.


The movie Rashomon demonstrated that any given narrative tells just one version of events, but that by listening to all available narratives, you might identify gaps and biases that get you closer to the truth.

I’m hoping that principle works even for squalid stories like the investigation into Roger Stone’s cheating in the 2016 election. This series will examine the differences between four stories about Roger Stone’s actions in 2016:

As I noted in the introductory post (which lays out how I generally understand the story each tells), each story has real gaps in one or more of these areas:

My hope is that by identifying these gaps and unpacking what they might say about the choices made in crafting each of these stories, we can get a better understanding of what actually happened — both in 2016 and in the investigations. The gaps will serve as a framework for this series.

Rat-Fucker Rashomon: Roger Stone’s Mid-Burglary Foreknowledge

This post showed that the SSCI Report ignored a lot of evidence (laid out in the affidavits) that Jerome Corsi and Roger Stone had specific details — possibly even the John Podesta emails themselves — pertaining to Joule Holdings, which they tried to use to claim he was as corrupt as (!!!) Paul Manafort. This post showed how, rather than actually explaining what the investigation learned about whether, how, and why Stone optimized the release of the Podesta files, the Mueller Report instead gave us a comedy routine starring Jerome Corsi.

Both public reports, then, presented the question, what did the candidate’s rat-fucker know and when did he know it, exclusively in terms of what Stone knew about the Podesta release. Indeed, the SSCI Report treats this as a question exclusively about what Stone knew of WikiLeaks’ plans.

The Committee could not reliably trace the provision of non-public information from WikiLeaks to Stone, and as a result. could not evaluate the full scope of Stone’s non-public knowledge of WikiLeaks’s activities.

The investigation, however, examined evidence Stone knew what was coming much earlier.

Rick Gates testified at Stone’s trial, for example, that Stone was predicting new releases in April and May of 2016. A previously redacted passage from the Mueller Report echoes that testimony.

In debriefings with the Office, former deputy campaign chairman Rick Gates said that, before Assange’s June 12 announcement, Gates and Stone had a phone conversation in which Stone said something “big” was coming and had to do with a leak of information. Stone also said to Gates that he thought Assange had Clinton emails.

SSCI reasonably reads those claims to relate to the uproar over Hillary’s “missing” State Department emails.

(U) In the spring of 2016, the Trump Campaign’s opposition research team primarily focused on Clinton’s “missing” emails, and financial contributions to the Clinton Foundation. 1437

1437 (U) FBI, FD-302, Gates 4/10/2018. The Committee assesses that, at this time, the references to Clinton’s “emails” reflected a focus on allegedly missing or deleted.emails from Clinton’s personal server during her tenure as Secretary of State.

But that’s not the only proof that Stone had advance knowledge earlier than August 2016.

There’s also the testimony from Stone aide Andrew Miller, testimony pursued for an entire year and the last bit of work completed by the Mueller team. Miller was subpoenaed for information about what he learned while scheduling Stone’s time at the RNC, the days before the DNC emails dropped. While Miller was subpoenaed for Stone’s trial and kept in DC for days awaiting possible testimony, he never did testify, so we don’t know what he might have said.

Still, Miller’s testimony might reveal that Stone learned of the impending DNC release, by WikiLeaks, days before it happened, as testimony from Michael Cohen and Paul Manafort supports.

All of those earlier claims, however, are presented in terms of what Stone knew about WikiLeaks’ plans. The affidavits tell a very different, albeit inconclusive story.

The FBI believed in 2018 that Stone had foreknowledge of Russia’s plans.

Two affidavits obtained in summer 2018 reveal that FBI had reason to believe that Stone was Googling the names of Russia’s personas, dcleaks and Guccifer 2.0, before they had been publicly unveiled. One of those affidavits described searches occurring starting on May 17, 2016.

93. During the course of its investigation, the FBI has also identified a series of searches that appear to relate to the personas Guccifer 2.0 and DCLeaks, which predate the public unveiling of those two personas. In particular, between May 17, 2016, and June 15, 2016 (prior to the publication of the Guccifer 2.0 WordPress blog), records from Google show that searches were conducted for the terms “dcleaks,” “guccifer,” and ”guccifer june,” from IP addresses within one of two ranges: 172.56.26.0/24, 107.77.216.0/24.3 These IP ranges are assigned to T-Mobile USA, Inc., and AT&T Mobility LLC, respectively, and, according to Google, the searches were all conducted from Florida. On or about June 13, 2018, this Court issued a search warrant for information associated with these searches and, in particular, for the full search histories associated with the CookieIDs that conducted the search. 4 As set forth in the affidavit submitted in support of that search warrant, IP logs obtained from Twitter showed that STONE used multiple IP addresses within the ranges 172.56.26.0/24 and 107.77.216.0/24 to log into his Twitter account @RogerJStoneJr. A Facebook account controlled by STONE also used an IP address within the range 172.56.26.0/24 on or about June 13, 2016, to purchase a Facebook advertisement.

Another affidavit more specifically focused on searches on Guccifer (but not, at least by this description, Guccifer 2.0) on June 15, 2016, before the WordPress site for Guccifer 2.0 was unveiled.

22. During the course of its investigation, the FBI has identified a series of searches that appear to relate to the persona Guccifer 2.0, which predate the public unveiling of that persona. In particular, on or about June 15, 2016 (prior to the publication of the Guccifer 2.0 WordPress blog), records from Google show that searches were conducted for the terms “guccifer” and “guccifer june,” from an IP address within the range 107. 77 .216.0/24. 1 This IP range is assigned to AT&T Mobility LLC, and, according to Google, the searches were all conducted from Florida.

Without seeing the FBI’s forensics, there might be explanations for both these searches. Some journalists, for example, got advance or private alerts on some of this activity, and searches on “Guccifer” in 2016 might be focused on Marcel Lazar, the hacker who first used the moniker Guccifer, who was sentenced in that period.

But in July and August 2018, just as the Mueller team was beginning to pursue the obstruction charges against Stone that focused everyone’s attention on how Stone learned that WikiLeaks was going to release stolen Podesta emails, the FBI had, in hand, data that strongly suggested that Stone, virtually alone in the country, had non-public information about the Russian hack-and-leak campaign in advance.

They believed he had it in May, while Russian hackers were still in the process of stealing the DNC emails.

If FBI were to — if they did — validate those searches (particularly the May search on dcleaks), it would provide independent evidence making it clear Stone’s claims of foreknowledge to Gates weren’t just confused boasts about Hillary’s missing State emails, as the SSCI Report concludes, but instead knowledge of the Russian operation akin to that George Papadopoulos obtained.

If the FBI had proof that Stone knew of the hack-and-leak while the Russians continued hacking, then the drama over whether Randy Credico or Jerome Corsi was Stone’s source would just be theater. Corsi’s August 2, 2016 boasting of foreknowledge of the schedule of upcoming WikiLeaks leaks would be just a distraction.

Roger Stone spoke to Donald Trump at least 13 times in May 2016, a month when (the FBI suspected) the rat-fucker had foreknowledge of the Russian theft of Democratic emails. The Watergate investigation, with far more authority and a successful subpoena of the President, never proved that Richard Nixon had foreknowledge of that burglary. Here, though, the FBI got far closer to that proof.


The movie Rashomon demonstrated that any given narrative tells just one version of events, but that by listening to all available narratives, you might identify gaps and biases that get you closer to the truth.

I’m hoping that principle works even for squalid stories like the investigation into Roger Stone’s cheating in the 2016 election. This series will examine the differences between four stories about Roger Stone’s actions in 2016:

As I noted in the introductory post (which lays out how I generally understand the story each tells), each story has real gaps in one or more of these areas:

My hope is that by identifying these gaps and unpacking what they might say about the choices made in crafting each of these stories, we can get a better understanding of what actually happened — both in 2016 and in the investigations. The gaps will serve as a framework for this series.