Posts

[Photo: National Security Agency, Ft. Meade, MD via Wikimedia]

The Preferred Anti-Obama Russian Hack Story Remains Silent on Shadow Brokers

Michael Isikoff and David Corn are fluffing their upcoming book on the Russian tampering with the 2016 election. This installment covers the same ground, and the same arguments, and has the same weaknesses that this WaPo article did: It describes how urgent but closely held the CIA tips were (without considering whether the close hold on the intelligence led the IC to make incorrect conclusions about the attack). It describes efforts to make a public statement that got drowned out by the Pussy Grabber and Podesta releases. It airs the disappointment of those who thought Obama should have launched a more aggressive response.

Perhaps the biggest addition to the WaPo version is that this one includes more discussion of Obama’s thoughts on cyber proliferation, with the acknowledgement that the US would be more vulnerable than Russia in an escalating cyber confrontation.

Michael Daniel and Celeste Wallander, the National Security Council’s top Russia analyst, were convinced the United States needed to strike back hard against the Russians and make it clear that Moscow had crossed a red line. Words alone wouldn’t do the trick; there had to be consequences. “I wanted to send a signal that we would not tolerate disruptions to our electoral process,” Daniel recalled. His basic argument: “The Russians are going to push as hard as they can until we start pushing back.”

Daniel and Wallander began drafting options for more aggressive responses beyond anything the Obama administration or the US government had ever before contemplated in response to a cyberattack. One proposal was to unleash the NSA to mount a series of far-reaching cyberattacks: to dismantle the Guccifer 2.0 and DCLeaks websites that had been leaking the emails and memos stolen from Democratic targets, to bombard Russian news sites with a wave of automated traffic in a denial-of-service attack that would shut the news sites down, and to launch an attack on the Russian intelligence agencies themselves, seeking to disrupt their command and control modes.

[snip]

One idea Daniel proposed was unusual: The United States and NATO should publicly announce a giant “cyber exercise” against a mythical Eurasian country, demonstrating that Western nations had it within their power to shut down Russia’s entire civil infrastructure and cripple its economy.

[snip]

The principals did discuss cyber responses. The prospect of hitting back with cyber caused trepidation within the deputies and principals meetings. The United States was telling Russia this sort of meddling was unacceptable. If Washington engaged in the same type of covert combat, some of the principals believed, Washington’s demand would mean nothing, and there could be an escalation in cyber warfare. There were concerns that the United States would have more to lose in all-out cyberwar.

“If we got into a tit-for-tat on cyber with the Russians, it would not be to our advantage,” a participant later remarked. “They could do more to damage us in a cyber war or have a greater impact.” In one of the meetings, Clapper said he was worried that Russia might respond with cyberattacks against America’s critical infrastructure—and possibly shut down the electrical grid.

[snip]

Asked at a post-summit news conference about Russia’s hacking of the election, the president spoke in generalities—and insisted the United States did not want a blowup over the issue. “We’ve had problems with cyber intrusions from Russia in the past, from other counties in the past,” he said. “Our goal is not to suddenly in the cyber arena duplicate a cycle escalation that we saw when it comes to other arms races in the past, but rather to start instituting some norms so that everybody’s acting responsibly.”

The most dramatic part of the piece quotes an angry Susan Rice telling her top Russian expert to stand down some time after August 21.

One day in late August, national security adviser Susan Rice called Daniel into her office and demanded he cease and desist from working on the cyber options he was developing. “Don’t get ahead of us,” she warned him. The White House was not prepared to endorse any of these ideas. Daniel and his team in the White House cyber response group were given strict orders: “Stand down.” She told Daniel to “knock it off,” he recalled.

Daniel walked back to his office. “That was one pissed-off national security adviser,” he told one of his aides.

But like the WaPo article before it, and in spite of the greater attentiveness to the specific dates involved, the Isikoff/Corn piece makes not one mention of the Shadow Brokers part of the operation, which first launched just as NSC’s Russian experts were dreaming up huge cyber-assaults on Russia.

On August 13, Shadow Brokers released its first post, releasing files that had compromised US firewall providers and including a message that — while appearing to be an attack on American Elites and tacitly invoking Hillary — emphasizes how vulnerable the US would be if its own cybertools were deployed against it.

We want make sure Wealthy Elite recognizes the danger cyber weapons, this message, our auction, poses to their wealth and control. Let us spell out for Elites. Your wealth and control depends on electronic data. You see what “Equation Group” can do. You see what cryptolockers and stuxnet can do. You see free files we give for free. You see attacks on banks and SWIFT in news. Maybe there is Equation Group version of cryptolocker+stuxnet for banks and financial systems? If Equation Group lose control of cyber weapons, who else lose or find cyber weapons? If electronic data go bye bye where leave Wealthy Elites?

Sure, it’s possible the IC didn’t know right away that this was a Russian op (though Isikoff and Corn claim, dubiously and in contradiction to James Clapper’s November 17, 2016 testimony, that the IC had already IDed all the cut-outs Russia was using on the Guccifer 2.0 and DC Leaks operations). Though certainly the possibility was publicly discussed right away. By December, I was able to map out how it seemed the perpetrators were holding the NSA hostage to any retaliation attempts. Nice little NSA you’ve got here; it’d be a shame if anything happened to it. After the inauguration, Shadow Brokers took a break, until responding to Trump’s Syria strike by complaining that he was abandoning those who had gotten him elected.

Respectfully, what the fuck are you doing? TheShadowBrokers voted for you. TheShadowBrokers supports you. TheShadowBrokers is losing faith in you. Mr. Trump helping theshadowbrokers, helping you. Is appearing you are abandoning “your base”, “the movement”, and the peoples who getting you elected.

That was followed by a release of tools that would soon lead to billion dollar attacks using repurposed NSA tools.

As recently as February, the NSA and CIA were still trying to figure out what Russia (and the stories do appear to confirm the IC believed this was Russia) had obtained.

I mean, it’s all well and good to complain that Obama asked the NSC to stand down from its plans to launch massive cyberattacks as a warning to Putin. But you might, first, consider whether that decision happened at a time when the US was facing far greater uncertainty about our own vulnerabilities on that front.

10 Years of emptywheel: Jim’s Dimestore

As you saw in Marcy’s posts yesterday, emptywheel is celebrating the ten year anniversary of the move from The Next Hurrah to Firedoglake.   You will notice that the current version of the blog comes to you without ads. If you want this wonderful state of affairs to continue, contributions are a must. A new subscription option helps to make sure the hamsters keep turning the wheels on the magic blog-hosting machines and the ever more sophisticated mole-whacking machinery stays up to date.

Marcy’s outstanding work over the years has received great acclaim. A huge part of the success of the blog, though, has been its ongoing tradition of the best commenting community on the internet. Over the years, the conversations that have taken place on each seminal post have helped to decipher the meaning of cryptic government documents, bring in alternate views and point out new information as it breaks. In the end,  emptywheel isn’t just a blog, it’s a community. For all of your support and participation during these trying times, we thank you.

In keeping with the “10” theme, Marcy has a post highlighting her favorite surveillance posts over each of the last ten years. She has graciously allowed a few of us hangers-on to participate with posts of our own.  I haven’t been an official emptywheeler for all of those ten years.  I did spend a year as an evening editor at Firedoglake around the time of the migration from TNH, so I got to start my friendship with this group of writers and commenters around that time.  I’m going to list my favorite ten posts from the time I started posting here, shortly after the blog moved from Firedoglake to the independent site. Several of these posts link back to earlier work at MyFDL. Sadly, the archives of that work were imperfectly migrated to the Shadowproof successor to Firedoglake, and so searching for those is imperfect and many of the graphics are lost.

So here is Jim’s Dimestore listing my 10 favorite posts on Emptywheel.net, in chronological order:

DETAILS OF SILICON-TIN CHEMISTRY OF ANTHRAX ATTACK SPORES PUBLISHED; WILLMAN TUT-TUTS

Sandia National Laboratories image of attack spore. In the upper frame, silicon, in green, is found exclusively on the spore coat and not on the exosporium (outer pink border).

Perhaps my favorite topic over the years has been a technical analysis of the evidence presented by the FBI in its Amerithrax investigation. It is absolutely clear from this analysis of the anthrax attacks of 2001 that the FBI failed to demonstrate how Bruce Ivins could have carried out the attacks on his own. This post goes deep into the technical weeds of how the spores in the attack material were treated so that they would disperse easily and seem to float on air. The bottom line is that high amounts of silicon are found inside these spores. The silicon could not have gotten there naturally, and it took very sophisticated chemistry to get it there and treat it to make sure it stayed. Ivins had neither the expertise nor the equipment to achieve this highly advanced bioweaponization. Earlier work I did in this series showed that Ivins also could not have grown the anthrax used in the attacks.  My favorite candidate for where it was produced is an isolated lab built by the Defense Threat Reduction Agency on what is now called the Nevada National Security Site (formerly the Nevada Test Site) that Judy Miller described on September 4, 2001.  That article by Miller has always stood out to me as the ultimate limited hangout presented by DoD before the fact, where we see a facility of the perfect size for producing the amount of material used in the anthrax attacks. Those attacks occurred just a short time after the article was published. Miller’s assurance in the article that the site only was used for production of harmless bacteria sharing some characteristics with anthrax just never smelled right to me.

INTELLIGENCE AIDE FLYNN RE MCCHRYSTAL: “EVERYONE HAS A DARK SIDE”

When Michael Hastings’ article in Rolling Stone led to Stanley McChrystal’s firing, little did we know that this would be the beginning of the fall from grace for David Petraeus and his all-star band of torture enablers. These “operators”, as Hastings termed the team, relied on night raids and illegal detentions as the core of their counterterrorism initiatives in Iraq and Afghanistan. These foolishly evil practices fueled massive growth in the insurgencies in response. In this post, Flynn reveals to us that he felt McChrystal, and everyone else, has a “dark side”. As we now await fallout from Flynn’s guilty plea for his lies to the FBI about conversations with Russian Ambassador Kislyak (mainly, his testimony against the rest of Trump’s team), it appears that Flynn himself found the dark side to be quite compelling.

DESPITE METAPHYSICAL IMPOSSIBILITY, US GOVERNMENT REPEATEDLY ATTEMPTS RETROACTIVE CLASSIFICATION

Another favorite topic of mine over the years has been the utter futility of the military’s efforts to “train” troops in both Iraq and Afghanistan. It has been an endless sequence of the military getting countless “do-overs”, with Congress rolling over and believing every single utterance of “This time it will work for sure!”. Part of the military’s strategy in hiding their training failures was to keep changing how Afghan troops were counted and evaluated for combat readiness. A corollary to the futility of the training effort is the horrific death toll of “green on blue” attacks, where the Afghan or Iraqi trainees attacked and often killed those who were training them. When this problem got especially bad in Afghanistan in 2011, DoD commissioned a sociological analysis that returned a result the military did not like. The report indicated that the military was utterly failing to address vast cultural differences between Afghan and coalition troops.  The military, in its infinite wisdom, decided to classify the report, but did so after it already had been released in unclassified form.  Oops.

PERSIANS PUNK PHOTO PRETENDERS: PARCHIN PRETTY IN PINK

Detail from the photo carried in CNN’s story showing the pink tarp over the building said to contain the blast chamber.

Neocons have long lusted after violent regime change in Iran. Cooked up allegations on Iran’s nuclear capabilities have played a central role over the years in how they wished to achieve that war. Despite the neocons’ best efforts to sabotage negotiations, Iran agreed to a comprehensive set of severe restrictions on its nuclear capabilities in return for “dropping” (quotes because the US has claimed other grounds for maintaining other sanctions) the worst of the US sanctions that crippled Iran’s economy. Along the way, I had a ton of fun picking at two of the worst offenders in spreading anti-Iran propaganda: David Albright of the Institute for Science and International Security and George Jahn of AP. Reports that Iran had constructed a high explosives blast chamber at the Parchin military site became quite a point of argument. Albright spent countless hours scouring satellite images of the site and claimed the photographs showed that Iran was attempting to clean radioactivity from the site. Iran seemed to have a lot of fun with this process. I’m sure the pink tarps in the post here were added just to punk Albright. I maintained that the real evidence of what had taken place at the site couldn’t be scrubbed, because the accused activity would have resulted in the steel chamber itself being made radioactive throughout its entire thickness. Perhaps Iran made the same assessment, because once the IAEA gained access to the site, there was no steel chamber to be found. Was there ever a blast chamber there? Who knows? In the end, whether Iran carried out that work is immaterial, as the Joint Comprehensive Plan of Action has the most aggressive inspection regime ever agreed to by a country that hasn’t just lost a war.  We can rest assured that Iran has no capability at the current time of assembling a nuclear weapon, and the neocons are left to pout about diplomacy working better than their war ever could have. If you want to know why Donald Trump put Rex Tillerson in charge of dismantling the Department of State, look no further than the success diplomacy played in achieving the JCPOA.

JOHN GALT KILLS TEXANS IN MASSIVE FERTILIZER PLANT EXPLOSION

When a massive explosion in West, Texas killed 15 people, injured over 250 and destroyed 500 homes, it was clear to me who had killed these Texans: Ayn Rand’s mythical libertarian hero John Galt. How else do  you explain a site being allowed to store hundreds of thousands of pounds of ammonium nitrate with inadequate fire protection and fatally close to inhabited structures than the misguided libertarian belief that free enterprise should rule?  In the post, I pointed to the dangers inherent in the lack of zoning laws that allowed this fatal mixture of structures. As we later learned from the Washington Post,  John Galt’s influence on the destruction was decades in the making:

The plant was a mom-and-pop operation, a distribution center where farmers picked up custom mixes of fertilizer to boost crop yields. It was built in 1962 a half-mile outside West. As the harvests grew, so did the town. In 1967, the rest home opened 629 feet from the plant. In the early ’70s, a two-story apartment complex was built even closer. Then a playground and basketball court, a mere 249 feet away.

We learned last year that ATF has determined that the fire that preceded the blast was intentional.  So while we don’t know who started the fire itself, we know for a fact that, ultimately, it was John Galt who killed these 15 Texans.

US DRONE STRIKE IN PAKISTAN REEKS OF POLITICAL RETALIATION YET AGAIN

The current concern that Donald Trump will lash out in fury with a nuclear strike, somewhere, anywhere, just to vent his anger over Mueller’s noose tightening over his entire administration is not the first time that it was appropriate to be concerned about an  enraged high-ranking government official killing innocent people. In the case of John Brennan, poorly targeted rage attacks carried out as retaliation for a perceived wrong happened repeatedly. In the post linked here, a drone strike in Pakistan’s tribal area seemed timed as retaliation for Pakistan refusing to reopen supply routes that had been closed six months earlier when the US killed 24 Pakistani troops in an erroneous attack. The post goes on to detail other rage drone strikes that Brennan ordered, with the worst probably being the killing of over 40 people who were simply gathered to discuss mineral rights. That strike was carried out the day after the CIA’s Raymond Davis was finally released and was clearly carried out without proper evaluation of targeting criteria, as it seems few if any actual terrorists were killed.

NO, WE AREN’T ALL GOING TO DIE BECAUSE EBOLA PATIENTS ARE COMING TO US FOR TREATMENT

image.ppat.v04.i11.g001

Scary, color-enhanced electron micrograph of Ebola virus particles. Creative Commons license courtesy of Thomas W. Geisbert, Boston University School of Medicine.

The Ebola outbreak in 2014 led to widespread fear in the US, especially when it was announced that medical personnel who had been treating Ebola patients in Africa and became infected would be transported to Atlanta for treatment. There was no appreciation for how the disease actually is spread, what the conditions were where the medical workers became infected in Africa and how such spread would be much less likely in a properly run US hospital. A poorly run hospital in Texas, however, did manage to have personnel treating Ebola acquire infections. Of course, the treatment at CDC in Atlanta was carried out without incident, and the virus did not spread in the US, even after the Texas hospital had its initial failure. In fact, as the virus wound down, those who study and understand the virus were shown to have been completely correct in their analysis when they modeled how large the outbreak would get before receding once proper intervention was carried out. But the fears of Ebola wiping out the US weren’t the only bit of bad science that had to be knocked down during the outbreak. Conspiracy theories started spreading that the Ebola virus in the 2014 outbreak had been genetically engineered in a bioweapons lab and was accidentally released from a lab in Africa. DNA sequence analysis quickly debunked that one.

WASHINGTON POST FAILS TO DISCLOSE HEINONEN’S UANI CONNECTION IN ANTI-IRAN OP/ED

Yes, the Iran nuclear agreement is so important that it is the only topic repeated in my ten favorite posts. In this post, we are in the time just a few months before the agreement is finalized, and the neocon opponents of the deal are reaching a fever pitch. The post outlines a horrible failure of full disclosure by the Washington Post. This occurred after Bezos purchased the paper, but clearly was a failure of beating back the darkness in which democracy dies. In this case, the Post carried an op-ed opposing the Iran deal. Besides allowing an incendiary headline (The Iran Time Bomb) and giving voice to Michael Hayden and neocon nightmare Ray Takeyh, the Post made its biggest failure regarding the middle author, Olli Heinonen. The Post allowed Heinonen to identify himself only by his current Harvard affiliation and his former role in IAEA. What is left out of that description is that Heinonen was also playing a prominent role on the Advisory Board of United Against Nuclear Iran, shadowy group with even more shadowy funding sources. Somehow, in the course of its “advocacy” work against Iran, UANI had come into possession of US state secrets that suddenly allowed it to avoid a civil case for defamation of a businessman they accused of breaking sanctions against Iran. Why, yes, of course the New York Times also allowed Heinonen to deceptively carry out his work on their pages, too. This time it was in a “news” story that came out shortly after the UANI civil court case was dismissed when the judge stated the case could not proceed because of the state secrets involved. Of course, even after more than two and a half years, neither the Washington Post nor New York Times have admitted their omissions in describing Heinonen’s affiliations in the cited articles. It is really remarkable that diplomacy defeated this full court press by the neocons who were working with the full cooperation of the media.

WAVING THE CONSTITUTION AT THOSE WHO IGNORE IT

I waved my pocket copy of the Constitution at Nancy Pelosi on July 19,2008. Khizr Khan waved his at Donald Trump on July 28,2016.

I waved my pocket copy of the Constitution at Nancy Pelosi on July 19,2008. Khizr Khan waved his at Donald Trump on July 28,2016.

I haven’t written much in the last couple of years, but I just couldn’t avoid writing this one only ten days after surgery to replace my aorta. When I saw Khizr Khan’s appearance at the Democratic National Convention, I was really moved when he waved his pocket copy of the Constiution at Donald Trump. I had done the same thing in July of 2008 when Nancy Pelosi appeared at Netroots Nation in Austin. I was waving my Constitution at Pelosi to remind her of her failure to impeach George W. Bush and Dick Cheney for their roles in torture and illegal wars. Khan was calling out Trump for his campaign promises that so clearly violate the Constiution. Sadly, Trump has followed through in enforcing many of those policies Khan warned us about and we are left without much more recourse than continuing to wave our Constitutions at those who violate it on a daily basis.

ON JULY 2016 PANEL, GEORGE PAPADOPOULOS USED SAME COVER ORGANIZATION AS JOSEPH MIFSUD 

My one minor contribution so far to the unfolding saga of Russian influence on the 2016 election was prompted by noticing a photo in my Twitter stream shortly after the George Papadopoulos plea agreement was made public. What initially caught my eye was that my Congressman, Ted Yoho, was in the photo with Papadopoulos while both appeared in a panel discussion in Cleveland in July of 2016. However, once I started digging into the circumstances of the photo, I discovered that when he appeared for the panel, Papadopoulos claimed an affiliation with an entity that was also an affiliation for the shadowy Joseph Mifsud. We still don’t have a satisfactory explanation of how these two came to have a shared cover organization where it seems both Papadopoulos and Mifsud had positions that were grossly inflated with respect to their previous career accomplishments. I still think that if we ever discover who was behind these two getting such inflated positions, we will learn much about who might have been orchestrating later events in which these two played roles.

10 Years of emptywheel: Key Non-Surveillance Posts 2013-2015

Happy Birthday to me! To us! To the emptywheel community!

On December 3, 2007, emptywheel first posted as a distinct website. That makes us, me, we, ten today.

To celebrate, over the next few days, the emptywheel team will be sharing some of our favorite work from the last decade. I’ll be doing 4 posts featuring some of my most important or — in my opinion — resilient non-surveillance posts, plus a separate post bringing together some of my most important surveillance work. I think everyone else is teeing up their favorites, too.

Putting together these posts has been a remarkable experience to see where we’ve been and the breadth of what we’ve covered, on top of mainstays like surveillance. I’m really proud of the work I’ve done, and proud of the community we’ve maintained over the years.

For years, we’ve done this content ad free, relying on donations and me doing freelance work for others to fund the stuff you read here. I would make far more if I worked for some free-standing outlet, but I wouldn’t be able to do the weedy, iterative work that I do here, which would amount to not being able to do my best work.

If you’ve found this work valuable — if you’d like to ensure it remains available for the next ten years — please consider supporting the site.

2013

What a Targeted Killing in the US Would Look Like

Amid now-abandoned discussions about using the FISA court to review targeted killing, I pointed out that a targeted killing in the US would look just like the October 28, 2009 killing of Imam Luqman Abdullah.

Article II or AUMF? “A High Level Official” (AKA John Brennan) Says CIA Can Murder You

When the second memo (as opposed to the first 7-page version) used to authorize the killing of Anwar al-Awlaki, it became clear that OLC never really decided whether the killing was done under Article II or the AUMF. That’s important because if it’s the latter, it suggests the President can order anyone killed.

John Brennan Sworn in as CIA Director Using Constitution Lacking Bill of Rights

I know in the Trump era we’re supposed to forget that John Brennan sponsored a whole lot of drone killing and surveillance. But I spent a good deal of the Obama Administration pointing that out. Including by pointing out that the Constitution he swore to protect and defend didn’t have the First, Fourth, Fifth, and Sixth amendment in it.

2014

The Day After Government Catalogs Data NSA Collected on Tsarnaevs, DOJ Refuses to Give Dzhokhar Notice

I actually think it’s unreasonable to expect the government’s dragnets to prevent all attacks. But over and over (including with 9/11), NSA gets a pass when we do reviews of why an attack was missed. This post lays out how that happened in the Boston Marathon case. A follow-up continued that analysis.

A Guide to John Rizzo’s Lies, For Lazy Journalists

Former CIA General Counsel John Rizzo lies, a lot. But that doesn’t seem to lead journalists to treat his claims skeptically, nor did it prevent them from taking his memoir as a statement of fact. In this post I summarized all the lies he told in the first 10 pages of it.

Obama to Release OLC Memo after Only 24 Congressional Requests from 31 Members of Congress

Over the year and a half when one after another member of Congress asked for the OLC memos that authorized the drone execution of Anwar al-Awlaki, I tracked all those requests. This was the last post, summarizing all of them.

The West’s Ideological Vacuum

With the rise of Trump and the success of Russia intervening in US and European politics, I’ve been talking about how the failures of US neoliberal ideology created a vacuum to allow those things to happen. But I’ve been talking about the failures of our ideology for longer than that, here in a post on ISIS.

KSM Had the CIA Believing in Black Muslim Convert Jihadist Arsonists in Montana for 3 Months

There weren’t a huge number of huge surprises in the SSCI Torture Report for me (indeed, its scope left out some details about the involvement of the White House I had previously covered). But it did include a lot of details that really illustrate the stupidity of the torture program. None was more pathetic than the revelation that KSM had the CIA convinced that he was recruiting black Muslim converts to use arson in Montana.

2015

The Jeffrey Sterling Trial: Merlin Meets Curveball

A big part of the Jeffrey Sterling trial was CIA theater, with far more rigorous protection for 10 year old sources and methods than given to 4 year old Presidential Daily Briefs in the Scooter Libby trial. Both sides seemed aware that the theater was part of an attempt, in part, to help the CIA gets its reputation back after the Iraq War debacle. Except that the actual evidence presented at trial showed CIA was up to the same old tricks. That didn’t help Sterling at all. But neither did it help CIA as much as government prosecutors claimed.

The Real Story Behind 2014 Indictment of Chinese Hackers: Ben Rhodes Moves the IP Theft Goal Posts

I’ve written a lot about the first indictment of nation-state hackers — People’s Liberation Army hackers who compromised some mostly Pittsburgh located entities, including the US Steel Workers. Contrary to virtually all the reporting on the indictment, the indictment pertained to things we nation-state hack for too: predominantly, spying on negotiations. The sole exception involves the theft of some nuclear technology from Westinghouse that might have otherwise been dealt to China as part of a technology transfer arrangement.

Obama’s Terrorism Cancer Speech, Carter’s Malaise Speech

In response to a horrible Obama speech capitulating to Republican demands he treat the San Bernardino attack specially, as Islamic terrorism, I compared the speech to Jimmy Carter’s malaise speech. Along the way, I noted that Carter signed the finding to train the mujahadeen at almost the exactly moment he gave the malaise speech. The trajectory of America has never been the same since.

Other Key Posts Threads

10 Years of emptywheel: Key Non-Surveillance Posts 2008-2010

10 Years of emptywheel: Key Non-Surveillance Posts 2011-2012

The Compartments in WaPo’s Russian Hack Magnum Opus

The WaPo has an 8300 word opus on the Obama Administration’s response to Russian tampering in the election. The article definitely covers new ground on the Obama effort to respond while avoiding making things worse, particularly with regards to imposing sanctions in December. It also largely lays out much of the coverage the three bylined journalists (Greg Miller, Ellen Nakashima, and Adam Entous) have broken before, with new details. The overall message of the article, which has a number of particular viewpoints and silences, is this: Moscow is getting away with their attack.

“[B]ecause of the divergent ways Obama and Trump have handled the matter, Moscow appears unlikely to face proportionate consequences.”

The Immaculate Interception: CIA’s scoop

WaPo starts its story about how Russia got away with its election op with an exchange designed to make the non-response to the attack seem all the more senseless. It provides a dramatic description of a detail these very same reporters broke on December 9: Putin, who was personally directing this effort, was trying to elect Trump.

Early last August, an envelope with extraordinary handling restrictions arrived at the White House. Sent by courier from the CIA, it carried “eyes only” instructions that its contents be shown to just four people: President Barack Obama and three senior aides.

Inside was an intelligence bombshell, a report drawn from sourcing deep inside the Russian government that detailed Russian President Vladi­mir Putin’s direct involvement in a cyber campaign to disrupt and discredit the U.S. presidential race.

[snip]

The material was so sensitive that CIA Director John Brennan kept it out of the President’s Daily Brief, concerned that even that restricted report’s distribution was too broad. The CIA package came with instructions that it be returned immediately after it was read.

[snip]

In early August, Brennan alerted senior White House officials to the Putin intelligence, making a call to deputy national security adviser Avril Haines and pulling national security adviser Susan Rice side after a meeting before briefing Obama along with Rice, Haines and McDonough in the Oval Office.

While the sharing of this information with just three aides adds to the drama, WaPo doesn’t consider something else about it. The inclusion of Rice and McDonough totally makes sense. But by including Avril Haines, Brennan was basically including his former Deputy Director who had moved onto the DNSA position, effectively putting two CIA people in a room with two White House people and the President. Significantly, Lisa Monaco — who had Brennan’s old job as White House Homeland Security Czar and who came from DOJ and FBI before that — was reportedly excluded from this initial briefing.

There are a number of other interesting details about all this. First, for thousands of wordspace, the WaPo presents this intelligence as irreproachable, even while providing this unconvincing explanation of why, if it is so secret and solid, the CIA was willing to let WaPo put it on its front page.

For spy agencies, gaining insights into the intentions of foreign leaders is among the highest priorities. But Putin is a remarkably elusive target. A former KGB officer, he takes extreme precautions to guard against surveillance, rarely communicating by phone or computer, always running sensitive state business from deep within the confines of the Kremlin.

The Washington Post is withholding some details of the intelligence at the request of the U.S. government.

If this intelligence is so sensitive, why is even the timing of its collection being revealed here, much less its access to Putin?

That seemingly contradictory action is all the more curious given that not all agencies were as impressed with this intelligence as CIA was. It’s not until much, much later in its report until WaPo explains what remains true as recently as Admiral Rogers’ latest Congressional testimony: the NSA wasn’t and isn’t as convinced by CIA’s super secret intelligence as CIA was.

Despite the intelligence the CIA had produced, other agencies were slower to endorse a conclusion that Putin was personally directing the operation and wanted to help Trump. “It was definitely compelling, but it was not definitive,” said one senior administration official. “We needed more.”

Some of the most critical technical intelligence on Russia came from another country, officials said. Because of the source of the material, the NSA was reluctant to view it with high confidence.

By the time this detail is presented, the narrative is in place: Obama failed to respond adequately to the attack that CIA warned about back in August.

The depiction of this top-level compartment of just Brennan, Rice, McDonough, and Haines is interesting background, as well, for the depiction of the way McDonough undermined a State Department plan to institute a Special Commission before Donald Trump got started.

Supporters’ confidence was buoyed when McDonough signaled that he planned to “tabledrop” the proposal at the next NSC meeting, one that would be chaired by Obama. Kerry was overseas and participated by videoconference.

To some, the “tabledrop” term has a tactical connotation beyond the obvious. It is sometimes used as a means of securing approval of an idea by introducing it before opponents have a chance to form counterarguments.

“We thought this was a good sign,” a former State Department official said.

But as soon as McDonough introduced the proposal for a commission, he began criticizing it, arguing that it would be perceived as partisan and almost certainly blocked by Congress.

Obama then echoed McDonough’s critique, effectively killing any chance that a Russia commission would be formed.

Effectively, McDonough upended the table on those (which presumably includes the CIA) who wanted to preempt regular process.

Finally, even after  these three WaPo journalists foreground their entire narrative with CIA’s super duper scoop (that NSA is still not 100% convinced is one), they don’t describe their own role in changing the tenor of the response on December 9 by reporting the first iteration of this story.

“By December, those of us working on this for a long time were demoralized,” said an administration official involved in the developing punitive options.

Then the tenor began to shift.

On Dec. 9, Obama ordered a comprehensive review by U.S. intelligence agencies of Russian interference in U.S. elections going back to 2008, with a plan to make some of the findings public.

The WaPo’s report of the CIA’s intelligence changed the tenor back in December, and this story about the absence of a response might change the tenor here.

Presenting the politics ahead of the intelligence

The WaPo’s foregrounding of Brennan’s August scoop is also important for the way they portray the parallel streams of the intelligence and political response. It portrays the Democrats’ political complaints about Republicans in this story, most notably the suggestion that Mitch McConnell refused to back a more public statement about the Russian operation when Democrats were pushing for one in September. That story, in part because of McConnell’s silence, has become accepted as true.

Except the WaPo’s own story provides ample evidence that the Democrats were trying to get ahead of the formal intelligence community with respect to attribution, both in the summer, when Clapper only alluded to Russian involvement.

Even after the late-July WikiLeaks dump, which came on the eve of the Democratic convention and led to the resignation of Rep. Debbie Wasserman Schultz (D-Fla.) as the DNC’s chairwoman, U.S. intelligence officials continued to express uncertainty about who was behind the hacks or why they were carried out.

At a public security conference in Aspen, Colo., in late July, Director of National Intelligence James R. Clapper Jr. noted that Russia had a long history of meddling in American elections but that U.S. spy agencies were not ready to “make the call on attribution” for what was happening in 2016.

And, more importantly, in the fall, when the public IC attribution came only after McConnell refused to join a more aggressive statement because the intelligence did not yet support it (WaPo makes no mention of it, but DHS’s public reporting from late September still attributed the the threat to election infrastructure to “cybercriminals and criminal hackers”).

Senate Majority Leader Mitch McConnell (R-Ky.) went further, officials said, voicing skepticism that the underlying intelligence truly supported the White House’s claims. Through a spokeswoman, McConnell declined to comment, citing the secrecy of that meeting.

Key Democrats were stunned by the GOP response and exasperated that the White House seemed willing to let Republican opposition block any pre-election move.

On Sept. 22, two California Democrats — Sen. Dianne Feinstein and Rep. Adam B. Schiff — did what they couldn’t get the White House to do. They issued a statement making clear that they had learned from intelligence briefings that Russia was directing a campaign to undermine the election, but they stopped short of saying to what end.

A week later, McConnell and other congressional leaders issued a cautious statement that encouraged state election officials to ensure their networks were “secure from attack.” The release made no mention of Russia and emphasized that the lawmakers “would oppose any effort by the federal government” to encroach on the states’ authorities.

When U.S. spy agencies reached unanimous agreement in late September that the interference was a Russian operation directed by Putin, Obama directed spy chiefs to prepare a public statement summarizing the intelligence in broad strokes.

I’m all in favor of beating up McConnell, but there is no reason to demand members of Congress precede the IC with formal attribution for something like this. So until October 7, McConnell had cover (if not justification) for refusing to back a stronger statement.

And while the report describes Brennan’s efforts to brief members of Congress (and the reported reluctance of Republicans to meet with him), it doesn’t answer what remains a critical and open question: whether Brennan’s briefing for Harry Reid was different — and more inflammatory — than his briefing for Republicans, and whether that was partly designed to get Reid to serve as a proxy attacker on Jim Comey and the FBI.

Brennan moved swiftly to schedule private briefings with congressional leaders. But getting appointments with certain Republicans proved difficult, officials said, and it was not until after Labor Day that Brennan had reached all members of the “Gang of Eight” — the majority and minority leaders of both houses and the chairmen and ranking Democrats on the Senate and House intelligence committees.

Nor does this account explain another thing: why Brennan serially briefed the Gang of Eight, when past experience is to brief them in groups, if not all together.

In short, while the WaPo provides new details on the parallel intelligence and political tracks, it reinforces its own narrative while remaining silent on some details that are critical to that narrative.

The compartments

The foregrounding of CIA in all this also raises questions about a new and important detail about (what I assume to be the subsequently publicly revealed, though this is not made clear) Task Force investigating this operation: it lives at CIA, not FBI.

Brennan convened a secret task force at CIA headquarters composed of several dozen analysts and officers from the CIA, the NSA and the FBI.

The unit functioned as a sealed compartment, its work hidden from the rest of the intelligence community. Those brought in signed new non-disclosure agreements to be granted access to intelligence from all three participating agencies.

They worked exclusively for two groups of “customers,” officials said. The first was Obama and fewer than 14 senior officials in government. The second was a team of operations specialists at the CIA, NSA and FBI who took direction from the task force on where to aim their subsequent efforts to collect more intelligence on Russia.

Much later in the story, WaPo reveals how, in the wake of Obama calling for a report, analysts started looking back at their collected intelligence and learning new details.

Obama’s decision to order a comprehensive report on Moscow’s interference from U.S. spy agencies had prompted analysts to go back through their agencies’ files, scouring for previously overlooked clues.

The effort led to a flurry of new, disturbing reports — many of them presented in the President’s Daily Brief — about Russia’s subversion of the 2016 race. The emerging picture enabled policymakers to begin seeing the Russian campaign in broader terms, as a comprehensive plot sweeping in its scope.

It’s worth asking: did the close hold of the original Task Force, a hold that appears to have been set by Brennan, contribute to the belated discovery of these details revealing a broader campaign?

The surveillance driven sanctions

I’m most interested in the description of how the Obama Admin chose whom to impose sanctions on, though it includes this bizarre claim.

But the package of measures approved by Obama, and the process by which they were selected and implemented, were more complex than initially understood.

The expulsions and compound seizures were originally devised as ways to retaliate against Moscow not for election interference but for an escalating campaign of harassment of American diplomats and intelligence operatives. U.S. officials often endured hostile treatment, but the episodes had become increasingly menacing and violent.

Several of the details WaPo presents as misunderstood (including that the sanctions were retaliation for treatment of diplomats) were either explicit in the sanction package or easily gleaned at the time.

One of those easily gleaned details is that the sanctions on GRU and FSB were mostly symbolic. WaPo uses the symbolic nature of the attack on those who perpetrated the attack as a way to air complaints that these sanctions were not as onerous as those in response to Ukraine.

“I don’t think any of us thought of sanctions as being a primary way of expressing our disapproval” for the election interference, said a senior administration official involved in the decision. “Going after their intelligence services was not about economic impact. It was symbolic.”

More than any other measure, that decision has become a source of regret to senior administration officials directly involved in the Russia debate. The outcome has left the impression that Obama saw Russia’s military meddling in Ukraine as more deserving of severe punishment than its subversion of a U.S. presidential race.

“What is the greater threat to our system of government?” said a former high-ranking administration official, noting that Obama and his advisers knew from projections formulated by the Treasury Department that the impact of the election-related economic sanctions would be “minimal.”

Three things that might play into the mostly symbolic targeting of FSB, especially, are not mentioned. First, WaPo makes no mention of the suspected intelligence sources who’ve been killed since the election, most credibly Oleg Erovinkin, as well as a slew of other suspect and less obviously connected deaths. It doesn’t mention the four men Russia charged with treason in early December. And it doesn’t mention DOJ’s indictment of the Yahoo hackers, including one of the FSB officers, Dmitry Dokuchaev, that Russia charged with treason (not to mention the inclusion within the indictment of intercepts between FSB officers). There’s a lot more spy vs. spy activity going on here that likely relates far more to retaliation or limits on US ability to retaliate, all of which may be more important in the medium term than financial sanctions.

Given the Yahoo and other indictments working through San Francisco (including that of Yevgeniey Nikulin, who claims FBI offered him a plea deal involving admitting he hacked the DNC), I’m particularly interested in the shift in sanctions from NY to San Francisco, where Nikulin and Dokuchaev’s victims are located.

The FBI was also responsible for generating the list of Russian operatives working under diplomatic cover to expel, drawn from a roster the bureau maintains of suspected Russian intelligence agents in the United States.

[snip]

The roster of expelled spies included several operatives who were suspected of playing a role in Russia’s election interference from within the United States, officials said. They declined to elaborate.

More broadly, the list of 35 names focused heavily on Russians known to have technical skills. Their names and bios were laid out on a dossier delivered to senior White House officials and Cabinet secretaries, although the list was modified at the last minute to reduce the number of expulsions from Russia’s U.N. mission in New York and add more names from its facilities in Washington and San Francisco.

And the WaPo’s reports confirm what was also obvious: the two compounds got shut down (and were a priority) because of all the spying they were doing.

The FBI had long lobbied to close two Russian compounds in the United States — one in Maryland and another in New York — on the grounds that both were used for espionage and placed an enormous surveillance burden on the bureau.

[snip]

Rice pointed to the FBI’s McCabe and said: “You guys have been begging to do this for years. Now is your chance.”

The administration gave Russia 24 hours to evacuate the sites, and FBI agents watched as fleets of trucks loaded with cargo passed through the compounds’ gates.

Finally, given Congress’ bipartisan fearmongering about Kaspersky Lab, I’m most interested that at one point Treasury wanted to include them in sanctions.

Treasury Department officials devised plans that would hit entire sectors of Russia’s economy. One preliminary suggestion called for targeting technology companies including Kaspersky Lab, the Moscow-based cybersecurity firm. But skeptics worried that the harm could spill into Europe and pointed out that U.S. companies used Kaspersky systems and software.

In spite of all the fearmongering, no one has presented proof that Kaspersky is working for Russia (there are even things, which I won’t go in to for the moment, that suggest the opposite). But we’re moving close to de facto sanctions against Kaspersky anyway, even in spite of the fact (or perhaps because) they’re providing better intelligence on WannaCry than half the witnesses called as witnesses to Congress. But discrediting Kaspersky undercuts one of the only security firms in the world who, in addition to commenting on Russian hacking, will unpack America’s own hacking. You sanction Kaspersky, and you expand the asymmetry with which security firms selectively scrutinize just Russian hacking, rather than all nation-state hacking.

The looming cyberattack and the silence about Shadow Brokers

Which brings me to the last section of the article, where, over 8000 words in, the WaPo issues a threat against Russia in the form of a looming cyberattack Obama approved before he left.

WaPo’s early description of this suggests the attack was and is still in planning stages and relies on Donald Trump to execute.

Obama also approved a previously undisclosed covert measure that authorized planting cyber weapons in Russia’s infrastructure, the digital equivalent of bombs that could be detonated if the United States found itself in an escalating exchange with Moscow. The project, which Obama approved in a covert-action finding, was still in its planning stages when Obama left office. It would be up to President Trump to decide whether to use the capability.

But if readers make it all the way through the very long article, they’ll learn that’s not the case. The finding has already been signed, the implants are already being placed (implants which would most likely be discovered by Kaspersky), and for Trump to stop it, he would have to countermand Obama’s finding.

The implants were developed by the NSA and designed so that they could be triggered remotely as part of retaliatory cyber-strike in the face of Russian aggression, whether an attack on a power grid or interference in a future presidential race.

Officials familiar with the measures said that there was concern among some in the administration that the damage caused by the implants could be difficult to contain.

As a result, the administration requested a legal review, which concluded that the devices could be controlled well enough that their deployment would be considered “proportional” in varying scenarios of Russian provocation, a requirement under international law.

The operation was described as long-term, taking months to position the implants and requiring maintenance thereafter. Under the rules of covert action, Obama’s signature was all that was necessary to set the operation in motion.

U.S. intelligence agencies do not need further approval from Trump, and officials said that he would have to issue a countermanding order to stop it. The officials said that they have seen no indication that Trump has done so.

Whatever else this article is designed to do, I think, it is designed to be a threat to Putin, from long gone Obama officials.

Given the discussion of a looming cyberattack on Russia, it’s all the more remarkable WaPo breathed not one word about Shadow Brokers, which is most likely to be a drawn out cyberattack by Russian affiliates on NSA. Even ignoring the Shadow Brokers’ derived global ransomware attack in WannaCry, Shadow Brokers has ratcheted up the severity of its releases, including doxing NSA’s spies and hacks of the global finance system, It has very explicitly fostered tensions between the NSA and private sector partners (as well as the reputational costs on those private sector partners). And it has threatened to leak still worse, including NSA exploits against current Microsoft products and details of NSA’s spying on hostile nuclear programs.

The WaPo is talking about a big cyberattack, but an entity that most likely has close ties to Russia has been conducting one, all in plain sight. I suggested back in December that Shadow Brokers was essentially holding NSA hostage in part as a way to constrain US intelligence retaliation against Russia. Given ensuing events, I’m more convinced that is, at least partly, true.

But in this grand narrative of CIA’s early warning and Obama’s inadequate response, details like that remain unsaid.

John Brennan Denies a Special Harry Reid Briefing

This passage from John Brennan’s testimony about Russia to the House Intelligence Committee yesterday has gotten a lot of attention:

Through the so-called Gang of Eight process, we kept Congress apprised of these issues as we identified them. Again, in consultation with the White House, I personally briefed the full details of our understanding of Russian attempts to interfere with the election to Congressional leadership, specifically Senators Harry Reid, Mitch McConnell, Dianne Feinstein, and Richard Burr, and to Representatives Paul Ryan, Nancy Pelosi, Devin Nunes, and Adam Schiff between 11 August and 6 September. I provided the same briefing to each of the Gang of Eight members.  Given the highly sensitive nature of what was an active counterintelligence case involving an ongoing Russian effort to interfere in our presidential election, the full details of what we knew at the time were shared only with those members of Congress, each of whom was accompanied by one senior staff member. The substance of those briefings was entirely consistent with the main judgments contained in the January classified and unclassified assessments, namely that Russia’s goals were to undermine public faith in the US democratic process, denigrate Secretary Clinton and harm her electability and potential presidency and to help President Trump’s election chances.

The passage has been used to question why GOP leaders, most especially Mitch McConnell, didn’t react more strongly, particularly given public reports that he wouldn’t sign onto a more aggressive statement about Russian efforts.

As I noted in this post, the record thus far reflects a difference in emphasis (on protecting the election systems rather than on Russian attempts to hurt Clinton).

But I want to look more closely at what Brennan actually said.

His description of the briefings seems to be a denial of what I laid out in this post — the NYT report that he gave Harry Reid a special briefing (one which may have been based on the Christopher Steele dossier) that was more alarming than others.

CIA DIRECTORS SHOULD NOT MEET WITH JUST ONE GANG OF EIGHT MEMBER

The second detail I find most interesting in this story is that John Brennan privately briefed Harry Reid about his concerns about the Russians.

John O. Brennan, the C.I.A. director, was so concerned about the Russian threat that he gave an unusual private briefing in the late summer to Harry Reid, then the Senate Democratic leader.

Top congressional officials had already received briefings on Russia’s meddling, but the one for Mr. Reid appears to have gone further. In a public letter to Mr. Comey several weeks later, Mr. Reid said that “it has become clear that you possess explosive information about close ties and coordination between Donald Trump, his top advisors, and the Russian government — a foreign interest openly hostile to the United States.”

While I’m generally sympathetic to Democrats’ complaints that DOJ should have either remained silent about both investigations or revealed both of them, it was stupid for Brennan to give this private briefing (and I hope he gets grilled about it by HPSCI when he testifies in a few weeks). In addition to the things Reid said publicly about the investigation, it’s fairly clear he and his staffers were also behind some of the key leaks here (and, as CNN reported yesterday, leaks about the investigation actually led targets of it to alter their behavior). For reasons beyond what appears in this story, I think it likely Reid served as a cut-out for Brennan.

And that’s simply not appropriate. There may well have been reasons to avoid briefing Richard Burr (who was advising Trump). But spooks should not be sharing information with just one party. CIA did so during its torture cover-up in ways that are particularly troubling and I find this — while not as bad — equally problematic.

When Brennan said he “provided the same briefing to each of the Gang of Eight members,” he might be seen as denying that the briefing to Reid was anything unusual.

Except this NYT article describes Reid’s as taking place in “late summer” and describes top officials as already having received briefings. Another NYT article describes the special briefing for Reid as having taken place on August 25.

In an Aug. 25 briefing for Harry Reid, then the top Democrat in the Senate, Mr. Brennan indicated that Russia’s hackings appeared aimed at helping Mr. Trump win the November election, according to two former officials with knowledge of the briefing.

The officials said Mr. Brennan also indicated that unnamed advisers to Mr. Trump might be working with the Russians to interfere in the election. The F.B.I. and two congressional committees are now investigating that claim, focusing on possible communications and financial dealings between Russian affiliates and a handful of former advisers to Mr. Trump. So far, no proof of collusion has emerged publicly.

Mr. Trump has rejected any suggestion of a Russian connection as “ridiculous” and “fake news.” The White House has also sought to redirect the focus from the investigation and toward what Mr. Trump has said, with no evidence, was President Barack Obama’s wiretapping of phones in Trump Tower during the presidential campaign.

The C.I.A. and the F.B.I. declined to comment for this article, as did Mr. Brennan and senior lawmakers who were part of the summer briefings.

In the August briefing for Mr. Reid, the two former officials said, Mr. Brennan indicated that the C.I.A., focused on foreign intelligence, was limited in its legal ability to investigate possible connections to Mr. Trump. The officials said Mr. Brennan told Mr. Reid that the F.B.I., in charge of domestic intelligence, would have to lead the way.

As described by the NYT, the Reid briefing went beyond what Brennan says he briefed all the Gang of Eight members on, specially with regards to Trump advisors working with Russia. It’s possible Brennan briefed Reid twice.

Much later in the hearing, Trey Gowdy asked Brennan about the Steele dossier. Some of Brennan’s responses — especially his claim not to know who commissioned the Steele dossier; watch him play with his pen — were not all that believable. Brennan went on to say that the CIA didn’t rely on the dossier, but his denial pertained to the IC report on the hack.

It wasn’t part of the corpus of intelligence, uh, information that we had. It was not in any way used as a basis for the intelligence community assessment that was done, uh, it was not.

Note the funny mouth gesture which used to be Brennan’s main “tell.”

Gowdy being Gowdy was not smart enough to ask whether the dossier was ever used in a briefing to members of Congress.

As I have noted, the IC denials pertaining to the dossier are, um, unconvincing (one two three). That’s all the more true given that Steele has admitted to sharing copies of his dossier with his former employer, who would naturally share with Brennan (elsewhere in the hearing Brennan refused to address what our foreign partners had shared with us).

In any case, it seems to me the question is not so much whether McConnell blew off the seriousness of the Brennan warning, but, still, whether Reid received another briefing–perhaps outside that date scope–that included information McConnell didn’t get.

Thoughts on the NYT Comey Blockbuster

The NYT has a big piece on Jim Comey’s involvement in the election you should definitely read. Rather than share my thoughts in a tweet storm I thought I’d share here so we can all gab about it.

Consensus coming closer to Jim Comey being self-righteous

As long time readers know, I think Jim Comey is self-righteous. He creates a heroic self-image that is often overblown (as it was regarding the post hospital hero events). So I was happy to see this paragraph — and observations matching it — through out the story.

Mr. Comey made those decisions with the supreme self-confidence of a former prosecutor who, in a distinguished career, has cultivated a reputation for what supporters see as fierce independence, and detractors view as media-savvy arrogance.

Comey deserves all the criticism he has gotten for his statements about the Hillary investigation. But we’re stuck with Comey for now; he’s one of the few checks against Trump’s arbitrary rule (and Comey is enough of a media hound to be able to create the space to conduct the investigation into Trump).

But one way or another I’m happy people are beginning to understand Comey not as the hospital hero, nor as a partisan, but as someone who doesn’t (or didn’t?) assess his own actions with a fair measure.

The secret David Margolis meeting

One of two really interesting new details in this story is that, when Comey was trying to decide what to do, he consulted with David Margolis, who has long been treated as the conscience of DOJ by DOJers. (See this bmaz post for more background on Margolis.)

Mr. Comey sought advice from someone he has trusted for many years. He dispatched his deputy to meet with David Margolis, who had served at the Justice Department since the Johnson administration and who, at 76, was dubbed the Yoda of the department.

What exactly was said is not known. Mr. Margolis died of heart problems a few months later. But some time after that meeting, Mr. Comey began talking to his advisers about announcing the end of the Clinton investigation himself, according to a former official.

This meeting (and the description of how they staged Margolis’ funeral so the DOJ people criticizing Comey wouldn’t have to share a stage with him) plays a weird role in the story, as if just the mention of the meeting serves to exonerate Comey’s terrible decision to announce the end of the Hillary investigation.

But what the story doesn’t note is that Comey was effectively consulting with the person who for years always intervened to make sure DOJ’s lawyers don’t get held accountable for their misconduct (most notably, he did this for John Yoo). Now, I’m not sure whether as FBI Director Comey’s behavior might have been reviewed by the Office of Professional Responsibility; as it happens DOJ IG is doing so. But it is not ethical to have the guy who, later on, would bless your actions, bless them before the fact. It’s like getting pre-approval to break the rules.

Loretta Lynch should have recused

One of the details others find most interesting is that the FBI acted as they did, in part, because a Democratic operative suggested in an email that Loretta Lynch would ensure nothing came of the investigation.

During Russia’s hacking campaign against the United States, intelligence agencies could peer, at times, into Russian networks and see what had been taken. Early last year, F.B.I. agents received a batch of hacked documents, and one caught their attention.

The document, which has been described as both a memo and an email, was written by a Democratic operative who expressed confidence that Ms. Lynch would keep the Clinton investigation from going too far, according to several former officials familiar with the document.

Read one way, it was standard Washington political chatter. Read another way, it suggested that a political operative might have insight into Ms. Lynch’s thinking.

Normally, when the F.B.I. recommends closing a case, the Justice Department agrees and nobody says anything. The consensus in both places was that the typical procedure would not suffice in this instance, but who would be the spokesman?

The document complicated that calculation, according to officials. If Ms. Lynch announced that the case was closed, and Russia leaked the document, Mr. Comey believed it would raise doubts about the independence of the investigation.

I’ve got a slew of hacking related questions about this document — starting with why it hasn’t, as far as I know, been leaked. The described timing as “early last year” suggests that it may have been hacked in the FSB phase of the hacking. But the document would have solidified the narrative the Russians were reportedly fostering about Hillary.

The article doesn’t pursue those questions, but it notes that in response to finding it, Comey did not ask Lynch to recuse. He should have. You recuse whether or not there’s basis for recusal but because of appearances as well. Moreover, so much awfulness could have been avoided had she recused. This was one of the big own goals of this whole mess.

CIA Directors should not meet with just one Gang of Eight member

The second detail I find most interesting in this story is that John Brennan privately briefed Harry Reid about his concerns about the Russians.

John O. Brennan, the C.I.A. director, was so concerned about the Russian threat that he gave an unusual private briefing in the late summer to Harry Reid, then the Senate Democratic leader.

Top congressional officials had already received briefings on Russia’s meddling, but the one for Mr. Reid appears to have gone further. In a public letter to Mr. Comey several weeks later, Mr. Reid said that “it has become clear that you possess explosive information about close ties and coordination between Donald Trump, his top advisors, and the Russian government — a foreign interest openly hostile to the United States.”

While I’m generally sympathetic to Democrats’ complaints that DOJ should have either remained silent about both investigations or revealed both of them, it was stupid for Brennan to give this private briefing (and I hope he gets grilled about it by HPSCI when he testifies in a few weeks). In addition to the things Reid said publicly about the investigation, it’s fairly clear he and his staffers were also behind some of the key leaks here (and, as CNN reported yesterday, leaks about the investigation actually led targets of it to alter their behavior). For reasons beyond what appears in this story, I think it likely Reid served as a cut-out for Brennan.

And that’s simply not appropriate. There may well have been reasons to avoid briefing Richard Burr (who was advising Trump). But spooks should not be sharing information with just one party. CIA did so during its torture cover-up in ways that are particularly troubling and I find this — while not as bad — equally problematic.

Two missing details: the leaks and the delayed notice to Congress

While this is already a comprehensive story (though its telling of October 7 omits key details), there are two parts that seem critical that are missing: the flood of leaks from FBI and the decision to delay notifying the Gang of Four of the CI investigation.

This week, CNN reported that the FBI was “clarifying” an earlier policy fostering more contact between FBI employees with the media in response to leaks about the Trump campaign. (Click through to read about the TV series coming out focusing on FBI heroism that the FBI exercised editorial control over!!!)

The FBI is overhauling its media policy, restricting contacts between the news media and its employees amid controversy over alleged leaks, bureau officials told CNN.

The new media policy was rolled out this week at a conference in Washington attended by FBI special agents in charge of its 56 field offices, according to officials who attended.
Media access to top officials at the FBI became more common in recent years under FBI Director James Comey, part of a transparency effort he said was aiming at demystifying the FBI and helping the public understand its mission. But the new policy appears to curtail that access.
An official familiar with the development of the new policy described it as largely a “clarification” intended to reinforce existing rules on who is authorized to talk to reporters, not a step back from Comey’s transparency initiatives.

Not only should this policy have been put in place before people leaked details of FISA orders, but it should have been put in place in early 2016, when it was clear FBI Agents were leaking details of the Hillary investigation to try to force their supervisors to expand its scope to include the Clinton Foundation.

Instead, the possibility that FBI Agents would leak was one of the reasons why Comey did what he did. The correct thing, instead of making unprecedented public statements as he did, would have been to shut down the leaking.

Additionally, according to Comey’s testimony, FBI actually delayed notifying at least the heads of the Intelligence Committees  until fairly recently. The NYT acknowledges that this detail was hidden. But I’d love to understand how this departure from normal briefing affected all the other decisions (particularly in light of the the Brennan meeting).

In any case, read the whole thing. It’s very frustrating. But it also lays out a series of things that Comey — and other Obama officials — should have done differently.

Brennan Makes Even Crazier Plausible Deniability Claims about Trump Dossier

As I have laid out, the intelligence community has been making some odd claims about the Trump dossier. First, James Clapper claimed that the IC was the last to learn of the dossier, in spite of the fact that IC member FBI was getting the reports at least by August and probably earlier. Then, Sunday, John Brennan claimed the IC couldn’t be held responsible for leaking the dossier (though without denying that the IC had leaked it), because the dossier had already been out there; except the dossier — released with a report that post-dates all known public versions of the dossier — therefore post-dates what “was already out there.”

Brennan’s back with yet another claim, this in response to Trump’s insinuation that Brennan might have leaked it: Brennan claimed he has never read the dossier.

“Was I a leaker of this? No,” Mr. Brennan said Monday in an interview at CIA headquarters, days before he ends a career that has spanned more than three decades and that took him from entry-level recruit to head of the nation’s most storied spy service.

“First of all, this is not intelligence community information,” Mr. Brennan said. He noted that the dossier had been circulating “many months” and that he first heard about it from inquiring reporters last fall. To date, he hasn’t read the document and gave it no particular credence, he said.

“I would have no interest in trying to give that dossier any additional airtime,” Mr. Brennan said.

I mean, sure, you’re conducting one of the most sensitive briefings of recent history. The briefers here are all principals — along with Brennan and Clapper, Admiral Mike Rogers and Jim Comey. And you don’t even read the stuff that goes into it? You don’t review the underlying dossier that, you claim, you’re briefing just so Trump knows what the Russians have on him?

That may well be true. But if it is, it suggests a very deliberately cultivated plausible deniability, one that the decision to have Comey brief the dossier to Trump by himself only adds to. Most charitably, Brennan cultivated such deniability only to ensure he can claim that the CIA is not engaging in domestic politics (and that may well be enough).

But along with the pointedly false claims about what the IC knew when, the claim raises questions about why CIA would go so far out of its way to be able to claim they didn’t know.

The Significance of the December 13 Trump Dossier Report

John Brennan and Donald Trump are in a fight.

In his press conference last week, Trump called out the intelligence community for “allowing … information that turned out to be so false and fake” out, likening the leak to something that would happen in Nazi Germany.

I think it was disgraceful, disgraceful that the intelligence agencies allowed any information that turned out to be so false and fake out. I think it’s a disgrace. And I say that and I say that.

And that’s something that Nazi Germany would have done and did do. It’s a disgrace. That information that was false and fake and never happened got released to the public, as far as BuzzFeed, which is a failing pile of garbage, writing it, I think they’re going to suffer the consequences.

Over the weekend, Brennan went on Fox News to scold Trump for the Nazi analogy. At that appearance, he said this about the release of the dossier.

I think as the Director of National Intelligence said in his statement, this is information that’s been out there, circulating, for many months. So it’s not a question of the intelligence community leaking or releasing this information. It was already out there.

[snip]

There is no basis for Mr. Trump to point fingers at the intelligence community for leaking information that was already available publicly.

In response to Brennan’s appearance (and his suggestion Trump didn’t know what the fuck he was doing in Syria and Russia), Trump insinuated that Brennan may have leaked the dossier.

Let’s unpack this. Because while I have no idea who leaked the document (though I highly doubt Brennan would have done so personally), the intelligence community’s claims are really suspect.

As I noted last week, the James Clapper statement rather bizarrely claimed the IC was the last to know about the document. The dossier, according to Clapper, was “widely circulated in recent months among the media, members of Congress and Congressional staff even before the IC became aware of it.”

That (as some people have pointed out) cannot be true.

The stories about what Christopher Steele did when have been evolving. But David Corn’s description, based off a conversation that occurred before the IC started making public claims, strongly suggests that Steele started sharing documents with the FBI “soon” after “the end of June.”

By the end of June, he was sending reports of what he was finding to the American firm.

The former spy said he soon decided the information he was receiving was “sufficiently serious” for him to forward it to contacts he had at the FBI. He did this, he said, without permission from the American firm that had hired him. “This was an extraordinary situation,” he remarked.

Some other reports, based off claims made after the Clapper statement, put this date later — maybe August — even while the implication has always been that the FBI request for a FISA warrant in June stems from these reports.

Even if that information sharing dates to August, however, it would mean the FBI — a member of the IC — had regular updates from the dossier at least by then, if not by June. Sure, you might claim that FBI investigative teams are not part of the IC, but given that this would be a counterintelligence investigation, that’d be a laughable claim.

In other words, even assuming the claims about where the dossier came from and who paid for it are true, the IC was not the last to know, but one of the first.

There are two other dates of note that go into the claim the dossier was widely circulated before it got briefed to Trump this month. We know that the IC briefed the Gang of Eight on this dossier in October. Shortly thereafter, Corn received a copy of the dossier and wrote about it (though he has not revealed who gave it to him). Then in December, John McCain got a copy from Sir Andrew Wood. According to a Guardian article published around 9AM on the same day as the Clapper statement, McCain had not only received the dossier, but handed it over — yet another copy — to the FBI on December 9.

Senator John McCain, who was informed about the existence of the documents separately by an intermediary from a western allied state, dispatched an emissary overseas to meet the source and then decided to present the material to Comey in a one-on-one meeting on 9 December, according to a source aware of the meeting. The documents, which were first reported on last year by Mother Jones, are also in the hands of officials in the White House.

McCain, in a statement released midday on the day of the Clapper statement, is more vague about the hand-off date, describing it only as “late last year.”

I’m working on the specific times, but it is significant that the Guardian with the exact date came out in the morning on January 11, the vague McCain statement came out mid-day sometime, and Clapper’s statement came out that evening.

That’s significant because some people assume that McCain is the one who released the dossier — the dossier he received on December 9.

If that date is correct, the dossier couldn’t have come from McCain, because the last report in the dossier is dated four days later, December 13.

Very significantly, this last report, which talks about the Russian cover-up of the hack, alleges “the operatives involved had been paid by both TRUMP’s team and the Kremlin.” This is, in my opinion, one of the most incendiary claims in the entire dossier — that Trump not only encouraged Russia’s campaign, but paid operatives involved in it.

Just as significantly, the date completely undermines the substance of Brennan’s defense. When he says, “this is information that’s been out there, circulating, for many months. … It was already out there. … There is no basis for Mr. Trump to point fingers at the intelligence community for leaking information that was already available publicly,” he’s wrong. The full set of information released to BuzzFeed — including the allegation Trump paid for this operation — actually hasn’t been out there, because it post-dates all known circulation of the document.

Also remember that journalists have suggested they got copies of the dossier that redacted all the sources. This one didn’t. At least one likely source named in the report has died in curious circumstances since the release of the report.

I really have no idea where the dossier got leaked from — that is one reason I’m so interested in artifacts in the document that may raise questions about the provenance of the released dossier. I also wouldn’t, at this point, be surprised if Trump were getting his own stream of intelligence, possibly even from Russia, about where and how it got released.

But thus far, the IC’s claims about the dossier are even more dodgy than Trump’s, which is saying something.

Trump Raises the Axe over the Intelligence Community, Again

The Intelligence Community is finishing its report on the intelligence regarding Russia’s influence in our elections. The report is expected to be delivered to President Obama tomorrow and briefed to President Elect Trump on Friday.

That’s the context for — and surely at least part of the explanation for — this WSJ story reporting that Trump plans to reorganize the intelligence community.

[A]dvisers also are working on a plan to restructure the Central Intelligence Agency, cutting back on staffing at its Virginia headquarters and pushing more people out into field posts around the world. The CIA declined to comment on the plan.

“The view from the Trump team is the intelligence world [is] becoming completely politicized,” said the individual, who is close to the Trump transition operation. “They all need to be slimmed down. The focus will be on restructuring the agencies and how they interact.”

[snip]

The Office of the Director of National Intelligence was established in 2004 in large part to boost coordination between intelligence agencies following the Sept. 11, 2001 terror attacks.

Many Republicans have proposed cutting the ODNI before, but this has proven hard to do in part because its mission centers are focused on core national security issues, such as counterterrorism, nuclear proliferation, and counterintelligence.

“The management and integration that DNI focuses on allows agencies like the CIA to better hone in on its own important work,” said Rep. Adam Schiff (D., Calif.), the ranking Democrat on the House Intelligence Committee, who believes dismantling the ODNI could lead to national security problems.

Mr. Trump’s advisers say he has long been skeptical of the CIA’s accuracy, and the president-elect often mentions faulty intelligence in 2002 and 2003 concerning Iraq’s weapons programs. But he has focused his skepticism of the agencies squarely on their Russia assessments, which has jarred analysts who are accustomed to more cohesion with the White House.

The report repeats earlier reporting — in part from some of the same WSJ reporters — that Trump planned this briefing. Back then, in mid-November, Trump was merely disdainful of the IC and much of the reorganization appeared to be a mix of vengeance on the part of Mike Flynn and, frankly, some reasonable ideas (things like splitting NSA and reversing some of the questionable changes John Brennan made). At the center of it all was a plan to make Admiral Mike Rogers Director of National Intelligence.

The day after that reporting, however, outlets reported that Ash Carter and James Clapper had been planning to fire Rogers, partly because the NSA had remained a leaky sieve under his tenure and partly because he had delayed cyber-bombing ISIS (perhaps to preserve intelligence collection). And that’s before it became public that the NSA hadn’t adopted four security measures recommended after the Snowden leaks.

After that, of course, Democrats and the CIA started leaking that Russia hacked the DNC with the purpose of electing Trump, which gave Trump the entrée to suggest this discussion is all politicized, which has escalated to this week. Trump seems to have orchestrated the Sean Hannity interview at which Julian Assange said what he has long said — that he didn’t get the DNC files from Russia.

Reuters is now reporting that after the election the IC determined that third parties had gotten the files from Russian entities to Wikileaks, which means Assange likely has no idea where the files came from.

But the timing of this story, sourced significantly to the Trump camp, seems to be a warning to those who will brief Trump on Friday. While Clapper and Brennan are on their way out (the fate of Comey and Rogers is still undecided), they certainly will want to protect their agencies.

Which should make for an interesting briefing Friday.

The Conspiracy Theory in YouGov’s Conspiracy Theory Poll

YouGov has a poll showing that “belief in conspiracy theories largely depends on political identity.” For example, it shows that Republicans believe Obama is Kenyan.

It focuses on several things it considers conspiracy theories tied to this election, including pizzagate, millions of alleged illegal votes, and claims about the Russian hack.

Interestingly, it shows that half of Clinton voters believe that Russia tampered with vote tallies to get Trump elected, in spite of the White House’s assurances that did not happen.

It’s the other tested question about Russian hacking that strikes me as more curious. 87% of Clinton voters believe Russia hacked Democratic emails “in order to help Donald Trump,” whereas only 20% of Trump voters believe that.

That’s about the result I’d expect. But to explain why this is a conspiracy theory, YouGov writes,

Similarly, even after the Central Intelligence Agency and the Federal Bureau of Investigation reported that Russia was responsible for the leaks of damaging information from the Democratic National Committee and the Clinton campaign and that the hacking was done to help Donald Trump win the Presidency, only one in five say that is definitely true, about the same percentage as believe it is definitely not true.

So YouGov bases this “truth” on a claim that the CIA and FBI “reported that Russia was responsible for the leaks … and that the hacking was done to help Donald Trump win the Presidency.”

Except there has been no such report, not from CIA and FBI, anyway.

There was an official report finding that,

The U.S. Intelligence Community (USIC) is confident that the Russian Government directed the recent compromises of e-mails from US persons and institutions, including from US political organizations. … These thefts and disclosures are intended to interfere with the US election process.

That is, the official report stated that the hack was “intended to interfere with the US election process;” it did not say the hack was done to help Trump.

Moreover, while the report speaks for the entire IC (including the FBI), the report itself came from DHS and ODNI, not FBI or CIA.

It is absolutely true that anonymous leakers — at least some of whom appear to be Democratic Senate sources — claim that CIA said the hack happened to get Trump elected. It is also true that anonymous sources passed on the substance of a John Brennan letter that said in separate conversations with Jim Comey and James Clapper, each agreed with Brennan about the purpose of the hack, which WaPo edited its previous reporting to say included electing Trump as one of a number of purposes, but that’s a third-hand report about what Jim Comey believes.

But that was not an official report, not even from CIA. Here’s what John Brennan said when interviewed about this topic by NPR’s Mary Louise Kelly:

You mentioned the FBI director and the director of national intelligence. And NPR confirmed with three sources that after the three of you meeting last week, you sent a memo to your workforce and that the memo read: There is strong consensus among us on the scope, nature and intent of Russian interference in our presidential elections. Is that an accurate quote from your memo?

I certainly believe that, that there is strong consensus.

Was there ever not?

Well, sometimes in the media, there is claims, allegations, speculation about differences of view. Sometimes I think that just feeds concerns about, you know, the strength of that intelligence and …

And in this case it was reports of tension between FBI and CIA …

… and differences of view. And I want to make sure that our workforce is kept as fully informed as possible so that they understand that what we’re doing, we’re doing in close coordination with our partners in the intelligence community. And so I try to keep my workforce informed on a periodic basis. But aside from whatever message I might have sent out to the workforce, there is, I strongly believe, very strong consensus among the key players — but not just the leaders of these organizations, but also the institutions themselves. And that’s why we’re going through this review. We want to make sure that we scrub this data, scrub the information and make sure that the assessment and analysis is as strong and as grounded as it needs to be.

That quote I read you about the memo that you sent mentioned that there is agreement on scope, nature and intent of Russian interference. And intent is the one that’s been controversial recently, the question of motive. How confident are you in the intelligence on that? It seems like proving motive is an infinitely harder thing than proving that somebody did something. The “why” is tough.

I will not disagree with you that the why is tough. And that’s why there needs to be very careful consideration of what it is that we know, what it is that we have insight into and what our analysis needs to be. But even back in early October when Jim Clapper and Jeh Johnson put out this statement, it said “the intent to interfere in the election.” Now, there are different elements that could be addressed in terms of how it wanted to interfere. And so that’s why this review is being done to make sure that there is going to be a thorough look at the nature, scope and intent of what transpired.

What’s been reported is that the CIA has concluded the intent was to interfere with the election with the purpose of swinging at Donald Trump. Is that an accurate characterization?

That’s an accurate characterization of what’s been appearing in the media. Yes.

Is it an accurate characterization of where the CIA is on this?

Well, that’s what the review is going to do. And we will be as forward-leaning as the intelligence and analysis allows us to be, and we will make sure that, again, President Obama and the incoming administration understands what the intelligence community has assessed and determined to have happened during the run-up to this election.

Why not confirm that that’s where the CIA is on this? Why not confirm if you have the evidence that you believe is …

Because I don’t work for NPR, Mary Louise. I work for the president, I work for the administration, and it is my responsibility to give them the best information and judgment possible.

That is, the CIA Director specifically avoided stating what he or his agency believes the motive to be, deferring to the ongoing review of the evidence, something that Obama also did in his press conference earlier this month.

Q Mr. President, I want to talk about Vladimir Putin again. Just to be clear, do you believe Vladimir Putin himself authorized the hack? And do you believe he authorized that to help Donald Trump? And on the intelligence, one of the things Donald Trump cites is Saddam Hussein and the weapons of mass destruction, and that they were never found. Can you say, unequivocally, that this was not China, that this was not a 400-pound guy sitting on his bed, as Donald Trump says? And do these types of tweets and kinds of statements from Donald Trump embolden the Russians?

THE PRESIDENT: When the report comes out, before I leave office, that will have drawn together all the threads. And so I don’t want to step on their work ahead of time.

What I can tell you is that the intelligence that I have seen gives me great confidence in their assessment that the Russians carried out this hack.

None of that is to say that CIA and (perhaps to a lesser extent) FBI don’t think Russia hacked Democrats to help Trump, as one of several — probably evolving over the course of the election — reasons. CIA surely does (but then it has a big incentive to downplay the most obvious motivation, that Russia was retaliating for perceived and real CIA covert actions against it). FBI probably does.

But there has been no “report” that they believe that, just anonymous reports of reports. The official stance of the Executive Branch is that they’re conducting a review of the evidence on this point.

Perhaps if YouGov wants to test conspiracy theories, it should start by sticking to topics about which there aren’t a slew of anonymous leaks and counter-leaks contravened by public deferral?