Posts

Three Things: Still Active Measures

[Note the byline. This post contains some speculative content. / ~Rayne]

Whether counter-arguments or conspiracy theories, it’s interesting how certain narratives are pushed when tensions rise. But are they really theories or conditioning? And if conditioning, could other media infrastructure changes create more successful conditioning?

~ 3 ~

In an interview with Fox News post-Helsinki summit, Vladmir Putin made a point of blaming the Democratic Party for “manipulations of their party.”

…“The idea was about hacking an email account of a Democratic candidate. Was it some rigging of facts? Was it some forgery of facts? That’s the important thing that I am trying to — point that I’m trying to make. Was this — any false information planted? No. It wasn’t.”

The hackers, he said, entered “a certain email account and there was information about manipulations conducted within the Democratic Party to incline the process in favor of one candidate.” …

Have to give Putin props for sticking with a game plan — increase friction within the American left and fragment Democratic Party support to the benefit of Trump and the Republican Party at the polls and ultimately Putin himself if sanctions are lifted. Christopher Steele indicated in the Trump-Russia dossier that the Kremlin was using active measures to this effect in 2016 to widen the divide between Sanders and Clinton supporters; apparently left-splitting active measures continue.

But this is only part of an attack on the Democratic Party; another narrative undermines both the DNC and the FBI by questioning the investigation into the DNC’s hacking. Why didn’t the FBI take possession of the server itself rather than settle for an image of the system? A key technical reason is that any RAM-resident malware used by hackers will disappear into the ether if the machine is turned off; other digital footprints found only in RAM memory would likewise disappear. “The server” isn’t one machine with a single hard drive, either, but 140 devices — some of which were cloud-based. Not exactly something the FBI can power down and take back to a forensic lab with ease, especially during the hottest part of a campaign season.

But these points are never effectively made as a counter narrative, though some have tried with explainers, and certainly not featured in broadcast or cable news programs. The doubt is left to hang in the public’s consciousness, conditioning them to question FBI’s competence and the validity of their investigative work.

If Putin is still using active measures to divide Democratic Party voters, is it possible this narrative about the hacked DNC server is also an ongoing active measure? What if the active measure isn’t meant to undermine the FBI by questioning its actions? What if instead the lingering doubt is intended to shape future investigations into hacked materials which may also rely on server images rather than physical possession of the hardware? What if this active measure is pre-crime, intended to tamper with future evidence collection?

~ 2 ~

I’d begun drafting this post more than a week ago, but came to a halt when FCC chair Ajit Pai did something surprisingly uncorrupt by putting the brakes on the Sinclair-Tribune merger.

Sinclair Broadcast Group is a propaganda outlet masquerading as a broadcast media company. The mandatory airing of Boris Epsteyn’s program across all Sinclair stations offers evidence of Sinclair’s true raison d’etre; Epsteyn is a Russian-born former GOP political strategist who has been responsible for messaging in both the McCain-Palin campaign and the Trump administration, including the egregious 2017 Holocaust Remembrance Day statement which omitted any mention of Jews. The mandatory statement Sinclair management forced its TV stations to air earlier this year about “fake news” is yet another. The forced ubiquity and uniformity of messaging is a new element at Sinclair, which already had a history of right-wing messaging including the attempt to run a Kerry-bashing political movie to “swiftboat” the candidate just before the 2004 elections.

Sinclair and Tribune Media announced a proposed acquisition deal last May. If approved, the completed acquisition would give Sinclair access to 72% of U.S. homes — an insanely large percentage of the local broadcast TV market effectively creating a monopoly. There was bipartisan Congressional pushback about this deal because of this perceived potential monopoly.

FCC’s Ajit Pai wanted to relax regulations covering UHF stations — they would be counted as less than a full VHF station and therefore appear to reduce ownership of marketshare. Democrats protested this move as it offered Sinclair unfavorable advantage when evaluating stations it would acquire or be forced to sell during its Tribune acquisition.

Fortunately, Pai had “serious concerns” about the Sinclair-Tribune deal:

We have no idea to which administrative judge this deal may be handed, let alone their sentiments on media consolidation. We don’t know if this judge might be Trump-friendly and rule in favor of Sinclair, taking this horror off Ajit Pai’s back — which might be the real reason Pai punted after his egregious handling of net neutrality and the pummeling he’s received for it, including the hacking of the FCC’s comments leading up to his decision to end Obama-era net neutrality regulations and subsequent “misleading” statements to the media about the hack. New York State is currently investigating misuse of NY residents’ identities in the hack; one might wonder if Pai is worried about any personal exposure arising from this investigation.

BUT WAIT…the reason I started this post began not in New York but in the UK, after reading that Remain turnout may have been suppressed by news reports about “travel chaos,” bad weather, and long lines at the polls. Had the traditional media played a role in shaping turnout with its reporting?

I went looking for similar reports in the U.S. — and yes, news reports of long lines may have discouraged hundreds of thousands of voters in Florida in 2012. This wasn’t the only location with such reports in the U.S. during the last three general elections; minority voters are also far more likely to experience these waits than voters in majority white areas.

Probabilistic reports about a candidate’s win/loss may also suppress turnout, according to a Pew Research study.

Think about low-income voters who can’t afford cable TV or broadband internet, or live in a rural location where cable TV and broadband internet isn’t available. What news source are they likely to rely upon for news about candidates and voting, especially local polling places?

Hello, local broadcast network television station.

Imagine how voter turnout could be manipulated with reports of long lines and not-quite-accurate probabilistic reports about candidates and initiatives.

Imagine how a nationwide vote could be manipulated by a mandatory company-wide series of reports across a system of broadcast TV stations accessing 72% of U.S. homes.

How else might a media company with monopolistic access to American households condition the public’s response to issues?

~ 1 ~

There was all kinds of hullabaloo about the intersection of retiring Justice Anthony Kennedy, his son Justin, and Justin’s employment at Deutsche Bank at the same time DB extended financing to Donald Trump. It looks bad on the face of it.

And of course one prominent defense-cum-fact-check portrays Justin’s relationship to DB’s loans to Trump as merely administrative:

The extent to which Kennedy worked with Trump on this loan, or possibly on other Deutsche Bank matters, is unclear. “In that role, as the trader, he would have no contact with Trump … unless Eric [Schwartz] was trying to get Justin in front of Trump for schmoozing reasons,” Offit said, adding that he had recently spoken with former colleagues at the bank about Kennedy’s work.

Seems odd there has been little note made of Jared Kushner’s relationship with LNR Partners LLC — a company which Manta says has only 17 employees — and its subsidiary LNR Property which financed the Kushner 666 Fifth Avenue property in 2012. There was a report in Medium and another on DailyKos but little note made in mainstream news media.

I’m sure it’s just a coincidence that along with his business partner, Justin Kennedy was named 26th on the 50 Most Important People in Commercial Real Estate Finance in 2013 by the Commercial Observer — a publication of Observer Media, then owned by Jared Kushner.

I wonder what Justin’s rank was on this list while he worked at Deutsche Bank (also with current business partner Toby Cobb).

How odd this deal and the relationship wasn’t defended. I guess it’s just coincidence all the amphibians and reptiles know each other well in the swamp.

~ 0 ~

Let’s not forget:

587 Puerto Rican homes still don’t have electricity.

All asylum seeking families haven’t been reunited. Children may still be in danger due to poor care and lack of adequate tracking. As of yesterday only 364 children of more than 2500 torn from their families were reunited.

Treat this as an open thread.

How to Charge Americans in Conspiracies with Russian Spies?

As I laid out a few weeks ago, I provided information to the FBI on issues related to the Mueller investigation, so I’m going to include disclosure statements on Mueller investigation posts from here on out. I will include the disclosure whether or not the stuff I shared with the FBI pertains to the subject of the post. 

In general, Jack Goldsmith and I have long agreed about the problems with charging nation-state spies in the United States. So I read with great interest his post laying out “Uncomfortable Questions in the Wake of Russia Indictment 2.0 and Trump’s Press Conference With Putin.” Among other larger normative points, Goldsmith asks two questions. First, does indicting 12 GRU officers in the US expose our own nation-state hackers to be criminally prosecuted in other countries?

This is not a claim about the relative moral merits of the two countries’ cyber intrusions; it is simply a claim that each side unequivocally breaks the laws of the other in its cyber-espionage activities.

How will the United States respond when Russia and China and Iran start naming and indicting U.S. officials?  Maybe the United States thinks its concealment techniques are so good that the type of detailed attribution it made against the Russians is infeasible.  (The Shadow Brokers revealed the identities of specific NSA operators, so even if the National Security Agency is great at concealment as a matter of tradecraft that is no protection against an insider threat.)  Maybe Russia and China and Iran won’t bother indicting U.S. officials unless and until the indictments actually materialize into a trial, which they likely never will.  But what is the answer in principle?  And what is the U.S. policy (if any) that is being communicated to military and civilian operators who face this threat?  What is the U.S. government response to former NSA official Jake Williams, who worked in Tailored Access Operations and who presumably spoke for many others at NSA when he said that “charging military/gov hackers is dumb and WILL eventually hurt the US”?

And, how would any focus on WikiLeaks expose journalists in the United States to risks of prosecution themselves.

There is a lot of anger against WikiLeaks and a lot of support for indicting Julian Assange and others related to WikiLeaks for their part in publishing the information stolen by the Russians.  If Mueller goes in this direction, he will need to be very careful not to indict Assange for something U.S. journalists do every day.  U.S. newspapers publish information stolen via digital means all the time.  They also openly solicit such information through SecureDrop portals.  Some will say that Assange and others at WikiLeaks can be prosecuted without threatening “real journalists” by charging a conspiracy to steal and share stolen information. I am not at all sure such an indictment wouldn’t apply to many American journalists who actively aid leakers of classified information.

I hope to come back to the second point. As a journalist who had a working relationship with someone she came to believe had a role in the attack, I have thought about and discussed the topic with most, if not all, the lawyers I consulted on my way to sitting down with the FBI.

For the moment, though, I want to focus on Goldsmith’s first point, one I’ve made in the past repeatedly. If we start indicting uniformed military intelligence officers — or even contractors, like the trolls at Internet Research Agency might be deemed — do we put the freedom of movement of people like Jake Williams at risk? Normally, I’d absolutely agree with Goldsmith and Williams.

But as someone who has already written extensively about the ConFraudUs backbone that Robert Mueller has built into his cases, I want to argue this is an exception.

As I’ve noted previously, while Rod Rosenstein emphasized that the Internet Research Agency indictment included no allegations that Americans knowingly conspired with Russians, it nevertheless did describe three Americans whose activities in response to being contacted by Russian trolls remain inconclusive.

Rod Rosenstein was quite clear: “There is no allegation in the indictment that any American was a knowing participant in the alleged unlawful activity.” That said, there are three (presumed) Americans who, both the indictment and subsequent reporting make clear, are treated differently in the indictment than all the other Americans cited as innocent people duped by Russians: Campaign Official 1, Campaign Official 2, and Campaign Official 3. We know, from CNN’s coverage of Harry Miller’s role in building a cage to be used in a fake “jailed Hillary” stunt, that at least some other people described in the indictment were interviewed — in his case, for six hours! — by the FBI. But no one else is named using the convention to indicate those not indicted but perhaps more involved in the operation. Furthermore, the indictment doesn’t actually describe what action (if any) these three Trump campaign officials took after being contacted by trolls emailing under false names.

On approximately the same day, Defendants and their co-conspirators used the email address of a false U.S. persona, [email protected], to send an email to Campaign Official 1 at that donaldtrump.com email account, which read in part:

Hello [Campaign Official 1], [w]e are organizing a state-wide event in Florida on August, 20 to support Mr. Trump. Let us introduce ourselves first. “Being Patriotic” is a grassroots conservative online movement trying to unite people offline. . . . [W]e gained a huge lot of followers and decided to somehow help Mr. Trump get elected. You know, simple yelling on the Internet is not enough. There should be real action. We organized rallies in New York before. Now we’re focusing on purple states such as Florida.

The email also identified thirteen “confirmed locations” in Florida for the rallies and requested the campaign provide “assistance in each location.”

[snip]

Defendants and their co-conspirators used the false U.S. persona [email protected] account to send an email to Campaign Official 2 at that donaldtrump.com email account.

[snip]

On or about August 20, 2016, Defendants and their co-conspirators used the “Matt Skiber” Facebook account to contact Campaign Official 3.

Again, the DOJ convention of naming makes it clear these people have not been charged with anything. But we know from other Mueller indictments that those specifically named (which include the slew of Trump campaign officials named in the George Papadopoulos plea, KT McFarland and Jared Kushner in the Flynn plea, Kilimnik in the Van der Zwaan plea, and the various companies and foreign leaders that did Manafort’s bidding, including the Podesta Group and Mercury Public Affairs in his indictment) may be the next step in the investigation.

In the GRU indictment, non US person WikiLeaks is given the equivalent treatment.

On or about June 22, 2016, Organization I sent a private message to Guccifer 2.0 to “[s]end any new material [stolen from the DNC] here for us to review and it will have a much higher impact than what you are doing.” On or about July 6, 2016, Organization 1 added, “if you have anything hillary related we want it in the next tweo [sic] days prefable [sic] because the DNC [DemocraticNationalConvention] is approaching and she Will solidify bernie supporters behind her after.” The Conspirators responded,“0k . . . i see.” Organization I explained,“we think trump has only a 25% chance of winning against hillary . . . so conflict between bernie and hillary is interesting.”

But the activities of other American citizens — most notably Roger Stone and Donald Trump — are discussed obliquely, even if they’re not referred to using the standard of someone still under investigation. Here’s the Roger Stone passage.

On or aboutAugust 15,2016, the Conspirators,posing as Guccifer 2.0,wrote to a person who was in regular contact with senior members of the presidential campaign of Donald J. Trump, “thank u for writing back. . . do u find anyt[h]ing interesting in the docs i posted?” On or about August 17, 2016, the Conspirators added, “please tell me if i can help u anyhow . . . it would be a great pleasureto me.” On or about September 9, 2016,the Conspirators, again posing as Guccifer 2.0, referred to a stolen DCCC document posted online and asked the person, “what do u think of the info on the turnout model for the democrats entire presidential campaign.” The person responded,“[p]retty standard.”

The Trump one, of course, pertains to the response GRU hackers appear to have made when he asked for Russia to find Hillary’s emails on July 27.

For example, on or about July 27, 2016, the Conspirators attempted after hours to spearphish for the first time email accounts at a domain hosted by a third‑party provider and used by Clinton’s personal office. At or around the same time, they also targeted seventy‐six email addresses at the domain for the Clinton Campaign.

Finally, there is yesterday’s Mariia Butina complaint, which charges her as an unregistered Russian spy and describes Aleksandr Torshin as her boss, but which also describes the extensive and seemingly willful cooperation with Paul Erickson and another American, as well as with the RNC and NRA. Here’s one of the Americans, for example, telling Butina that her Russian bosses should take the advice he had given her about which Americans she needed to meet.

If you were to sit down with your special friends and make a list of ALL the most important contacts you could find in America for a time when the political situation between the U.S. and Russia will change, you could NOT do better than the list that I just emailed you. NO one — certainly not the “official” Russian Federation public relations representative in New York — could build a better list.

[snip]

All that you friends need to know is that meetings with the names on MY list would not be possible without the unknown names in your “business card” notebook. Keep them focused on who you are NOW able to meet, NOT the people you have ALREADY met.

Particularly as someone whose communications (including, but not limited to, that text) stand a decent chance of being quoted in an indictment in the foreseeable future, let me be very clear: none of these people have been accused of any wrong-doing.

But they do suggest a universe of people who have attracted investigative scrutiny, both by Mueller and by NSD, as willing co-conspirators with Russian spies.

Granted, there are three different kinds of Russian spies included in these three documents:

  • Uniformed military intelligence officers working from Moscow
  • Civilian employees who might be considered intelligence contractors working from St. Petersburg (though with three reconnaissance trips to the US included)
  • Butina and Torshin, both of whom probably committed visa fraud to engage as unregistered spies in the US

We have a specific crime for the latter (and, probably, the reconnaissance trips to the US by IRA employees), and if any of the US persons and entities in Butina’s indictment are deemed to have willingly joined her conspiracy, they might easily be charged as well. Eventually, I’m certain, Mueller will move to start naming Americans (besides Paul Manafort and Rick Gates) in conspiracy indictments, including ones involving Russian spies operating from Russia (like Konstantin Kilimnik). It seems necessary to include the Russians in some charging documents, because otherwise you’ll never be able to lay out the willful participation of everyone, Russian and American, in the charging documents naming the Americans.

So while I generally agree with Goldsmith and Williams, this case, where we’re clearly discussing a conspiracy between Russian spies — operating both from the US and from Russia (and other countries), wearing uniforms and civilian clothing –and Americans, it seems important to include them in charging documents somewhere.

How Russian Spies Cultivated the NRA and National Prayer Breakfast to Seek Republican Assets

DOJ just announced the arrest, over the weekend, of gun rights activist Maria Butina for conspiracy to spy for Russia. (complaint, affidavit)

The affidavit explains how, between March 2015 (when she expected the GOP would “likely obtain control over the U.S. government after the 2016 elections”) and 2017, Butina worked with Aleksandr Torshin and two US persons to cultivate Republicans and lay the groundwork for warmer relations between Republicans and Russia. She focused on the NRA, she explained, because “the NRA [is] the largest sponsor of the elections in the US congress.”

The person listed as USP 1 (who has been named but I’ll wait for confirmation) laid out precisely how she should pitch herself — not too critical of Obama, pretense that there was a post-Putin world on the horizon — and gave her all the introductions to friendly types she might need.

The end of the narrative laid out in the complaint describes meticulous details around the National Prayer Breakfast last year, on February 2, 2017. Trump very nearly met with Torshin at the meeting, only pulling out at the last minute.

I’ll have more to say about this indictment (there’s a bunch of screen caps on my Twitter feed). But understand that this indictment is not even part of the Mueller probe. Nevertheless, several parts of it get two degrees away from Trump and his spawn.

The Quid Pro Quo: a Putin Meeting and Election Assistance, in Exchange for Sanctions Relief (Part Two in a Series)

As I explained in Part One of this series, I think the Mueller questions leaked by the Trump people actually give a far better understanding of a damning structure to the Mueller investigation — one mapping out cultivation, a quid pro quo, and a cover-up — than the coverage has laid out. This post will lay out how, over the course of the election, the Russians and Trump appear to have danced towards a quid pro quo, involving a Putin meeting and election assistance in exchange for sanctions relief if Trump won (as noted, the Russians dangled real estate deals to entice Trump based on the assumption he wouldn’t win).

April 27, 2016: During the campaign, what did you know about Russian hacking, use of social media, or other acts aimed at the campaign?

Given the structure of George Papadopoulos’ plea, it’s highly likely Mueller knows that Papadopoulos passed on news that the Russians had thousands of Hillary emails they planned to release to help Trump to people in the campaign. Papadopoulos could have passed on that news to Stephen Miller and Corey Lewandowski as early as April 27. On the same day, Papadopoulos helped draft Trump’s first foreign policy speech, which Papadopoulos reportedly told Ivan Timofeev signaled a willingness to meet.

Between the time the GRU first exfiltrated DNC emails in April and the election, Trump invoked “emails” 21 times on Twitter (usually to refer to emails from Hillary’s server). The first of those times came on June 9, less than an hour after the Trump Tower meeting. The most famous of those came on July 27, when Trump addressed Russia directly.

Earlier in the day, Trump had called on Russia to release the emails not to the FBI, but to the press.

Russia, if you’re listening, I hope you’re able to find the 30,000 emails that are missing. I think you will probably be rewarded mightily by our press.

The timing may reflect awareness among some in the campaign that the call to Russia was a step too far legally. (h/t TC for the addition)

That Trump’s email comments pertain mostly to Hillary’s home-based server doesn’t actually exonerate him. Right after the DNC release (and therefore the July 27 Trump tweet), GOP rat-fucker Peter Smith started reaching out to Russian hackers in hopes of finding hacked versions of those emails. His support documents named Steve Bannon, Kellyanne Conway, Sam Clovis, and Mike Flynn. If those people actually learned of the effort (there’s reason to believe Smith was just overselling the ties to the campaign), it’s possible that Trump learned about it as well.

As to social media, while it has gotten virtually no attention, the reference to three Florida-based Trump campaign officials in the Internet Research Agency indictment suggests further investigative interest in them.

[T]here are three (presumed) Americans who, both the indictment and subsequent reporting make clear, are treated differently in the indictment than all the other Americans cited as innocent people duped by Russians: Campaign Official 1, Campaign Official 2, and Campaign Official 3. We know, from CNN’s coverage of Harry Miller’s role in building a cage to be used in a fake “jailed Hillary” stunt, that at least some other people described in the indictment were interviewed — in his case, for six hours! — by the FBI. But no one else is named using the convention to indicate those not indicted but perhaps more involved in the operation. Furthermore, the indictment doesn’t actually describe what action (if any) these three Trump campaign officials took after being contacted by trolls emailing under false names.

So Mueller may be pursuing whether there was state-level coordination going on, and if so, how far up the campaign chain of command knowledge of that coordination extended.

May 31, 2016: What discussions did you have during the campaign regarding any meeting with Mr. Putin? Did you discuss it with others?

On June 16, 2015, the day Trump announced his campaign, the Agalarovs offered to serve as an intermediary between him and Putin.

Then, starting at least as early as March 31, 2016 (with Trump’s first foreign policy meeting), his aides started floating pitches for meetings with increasingly senior campaign officials that would hypothetically lead up to one between Trump and Putin.

Those include at least:

  • The George Papadopoulos thread, spanning from March 21 through August 15
  • The Carter Page thread, including his Moscow trip in July, and possibly continuing through his December Moscow trip
  • The NRA thread, focusing on the NRA meeting in Kentucky in May; NRA’s longer outreach includes Trump associates John Bolton and David Clarke

We know Trump was present and did not object when Papadopoulos pitched this in the May 31 meeting. Several of the other entrees went through Don Jr. Many of the offers got briefed at least as far as Jared Kushner and Paul Manafort. We don’t know how many of the other offers he learned about. We just know that years earlier he had joked about becoming Putin’s best friend, and over the course of the campaign, Russian intermediaries made repeated, persistent efforts to work towards a meeting between Trump and Putin, with a meeting between Agalarov representatives (who, again, had offered to serve as intermediaries with Putin when Trump kicked off the campaign) and the most senior people on the campaign happening just as Trump sealed up the nomination.

May 31, 2016: What discussions did you have during the campaign regarding Russian sanctions?

This is an open-ended question that might pose particular problems for Trump given the misleading statement claiming the June 9 meeting was about adoptions and not the Magnitsky sanctions. More interesting still are hints that Mueller sees a signaling going back and forth involving Papadopoulos; some of this may have involved signaling a willingness to provide sanctions relief.

Both Aras Agalarov and Natalia Veselnitskaya followed up after the election pushing for sanctions relief.

June 9, 2016: When did you become aware of the Trump Tower meeting?

Sam Nunberg has suggested Trump probably learned of the Trump Tower meeting before it happened. While he is unreliable on that point, the original June 3, 2016 email Rob Goldstone sent to Don Jr suggests reaching out to Trump’s assistant Rhona Graff.

I can also send this info to your father via Rhona, but it is ultra sensitive so wanted to send to you first.

Democrats suspect that between two calls Don Jr had with Emin Agalarov about the meeting on June 6, 2016, he called his dad.

Trump Jr.’s phone records show two calls to and from the same Russian number on June 6, 2016.62 The first call occurred at 4:04 pm on June 6, 2916 – just 21 minutes after Goldstone emailed Trump Jr. to say that Emin Agalarov was “on stage in Moscow but should be off within 20 minutes so I am sure can call. [emphasis added]” 63 At 4:38 pm, Trump Jr emailed Goldstone, “Rob, thanks for the help.”64

This documentary evidence indicates that a call likely took place between Trump Jr. and Emin Agalarov. During his interview, Trump Jr. confirmed that the Russian phone number belonged to Agalarov, though he claimed to not recall whether he actually spoke with him. Rather, despite one of the two calls reflecting a two-minute connection, Trump Jr. suggested that Agalarov may have left voice messages.65

The phone records also show a “blocked” number at 4:27 pm, between the two calls to and from Emin Agalarov. Trump Jr. claimed he did not know who was associated with the blocked number.66 While the Committee has not pursued leads to determine who called Trump Jr. at this crucial time from a blocked number, Corey Lewandowski told the Committee that Mr. Trump’s “primary residence has a blocked [phone] line.” 67

Mueller, of course, almost certainly has the phone records the Democrats weren’t able to obtain.

Finally, Steve Bannon has stated that he’s certain Don Jr “walk[ed] these jumos up to his father’s office on the twenty-sixth floor” on the day of the meeting. There’s reason to believe Ike Kaveladze and Goldstone could have done so, including the new piece of evidence that “Kaveladze left [a meeting with Rinat Akhmetshin and Natalia Veselnitskaya] after a few minutes to take a call from Agalarov to discuss the meeting.”

The day after the meeting — and four days before Trump’s birthday — Agalarov sent Trump an expensive painting as a present.

The June 9 meeting is, as far as is public, the most important cornerstone in a presumed quid pro quo. Russians offered unnamed dirt that Don Jr seemed to know what it entailed even before speaking to Emin Agalarov personally. Having offered dirt, four Russians — including two representatives of Trump’s long-time handler Aras Agalarov — laid out a pitch to end the Magnitsky sanctions. And less than a week later, a presumed Russian agent released the first dirt stolen from Hillary Clinton.

July 7, 2016: What knowledge did you have of any outreach by your campaign, including by Paul Manafort, to Russia about potential assistance to the campaign?

We don’t have many details on what Mueller knows about Manafort’s requests for help on the campaign. We do know he remained in close touch with Russians via someone the FBI believed was a Russian intelligence agent, Konstantin Kilimnik, through whom he remained in communications with Russian oligarch Oleg Deripaska. Deripaska is named in some court documents in a way that suggests his relationship with Manafort may be the still hidden third prong of investigation into Manafort approved by August 2, 2017.

Starting in April, Manafort and Kilimnik (whom Rick Gates and therefore presumably Manafort knew was a former GRU officer), exchanged a series of cryptic emails, suggesting that Manafort might be able to pay off the $20 million he owed Deripaska with certain actions on the campaign. In an email sent on July 7, Manafort offered to provide briefings on the campaign to Deripaska. On or around August 2, Manafort and Kilimnik met in person at the Grand Havana Club, in Kushner’s building at 666 5th Avenue. Both deny that anything about the campaign came up. Shortly after this meeting, one of Deripaska’s jets came to Newark, and Russian opposition figure Viktor Navalny has claimed to have proof the jet went from there to a meeting between Deripaska and Russian deputy prime minister Sergei Prikhodko.

An August 2017 report describes intercepts picking up “Russian operatives discussing their efforts to work with Manafort, … relay[ing] what they claimed were conversations with Manafort, encouraging help from the Russians.”

There’s one more area of potential assistance I find of interest. Since January, we’ve been getting hints that Oleg Deripaska has some tie to the Steele dossier, possibly through a lawyer he and Steele share. I’ve raised repeated concerns that the Russians learned about the dossier and found ways to feed Steele disinformation. If they did, the disinformation would have led Democrats to be complacent about the hacks that targeted them. And whether or not the dossier is disinformation (and whether or not Deripaska had a role in that, if true), Paul Manafort coached Reince Priebus on how to attack the dossier as a way to discredit the investigation into the campaign’s ties with Russia.

With regards to this Manafort question: remember that Rick Gates flipped on February 23, and the questions date to early March. So Gates may have proffered confirmation about these details. In any case, Mueller likely has learned far more about them two months after Gates flipped.

July 10-12, 2016: What involvement did you have concerning platform changes regarding arming Ukraine?

The Majority HPSCI Russia Report explains that the RNC platform was changed by staffers at the convention based off Trump’s public statements on sanctions.

[Rick] Dearborn generated a memorandum, dated August 1, 2016, outlining a detailed sequence of events that occurred between July 10 and 12, 2016. As part of that memo, J.D. Gordon created a timeline that noted candidate Trump’s policy statements–including at a March 31, 2016, national security meeting–served as the basis for the modification of [Diana] Denman’s amendments. Gordon’s timeline made it clear that the change was initiated by campaign staffers at the convention–not by Manafort or senior officials.

J.D. Gordon has not confirmed that he was asked about this, but he surely was. I would expect Mueller to have tested the timeline Gordon laid out in summer 2016 (when the platform change was a big political issue) against the testimony and communications records of everyone else involved.

Of course, by asking the question in this fashion, Mueller doesn’t reveal what he has already confirmed about the platform changes.

August 5, 2016: What did you know about communication between Roger Stone, his associates, Julian Assange or WikiLeaks?

After multiple public statements that the Russians were behind the hack-and-leak, on August 5, 2016 (after traveling from NY to LA to his home in FL), Roger Stone wrote a column claiming to believe that Guccifer 2.0 was a hacktivist with no ties to Russia. Stone’s purportedly changed beliefs about Guccifer 2.0 coincide with an August 4 claim he made in an email to Sam Nunberg that he had met with Julian Assange the night before. Stone’s claimed belief that Guccifer 2.0 is not Russian is key to his denials of any involvement or pre-knowledge of hack-and-leak events. It also kicked off an alternative story that others, up to and including Trump, have adopted to excuse their own embrace of the stolen emails. In other words, a key prong in the plausible deniability the Russians built into the hack-and-leak campaign came from long-time Trump associate Roger Stone, after a dramatic and unexplained change in beliefs (Lee Stranahan, who used to work for Breitbart and now works for Sputnik, has claimed some credit for the change, and given how lucid the August 5 column is, someone had to have helped Stone write it).

Ten days later, after Stone had called on Twitter to let him out of Twitter jail, Guccifer 2.0 and Stone started exchanging (fairly innocuous) DMs.

There are events both before and after that which suggest Stone — probably through more interesting go-betweens than Randy Credico — sought information on what dirt Assange and Wikileaks had, and what and when planned to do with it.

Much has been made, especially in the DNC lawsuit, about Stone’s seeming prediction that “it would soon be Podesta’s time in the barrel.” Perhaps that’s true (and Stone’s explanation for the tweet is garbage), but any explanation of Stone’s supposed prediction needs to acknowledge that he more often predicted Wikileaks would release Clinton Foundation emails, not Podesta ones, that he got the timing somewhat wrong, and that he didn’t dwell on the Podesta emails at all once Wikileaks started releasing them (preferring, instead, to talk about Bill Clinton’s lady problems). Still, that may reflect Stone involvement in the Peter Smith operation, and efforts to get WikiLeaks to release purported Clinton Foundation emails passed on via hackers.

That Mueller is even asking this suggests (if the several grand jury witnesses in recent months dedicated to it don’t already) that Mueller has a pretty good idea that Stone’s communications were more extensive than his denials let on. That he thinks Stone may have shared that information with Trump is all the more interesting.

All of which is to say that the known answers to Mueller’s questions map out a quid pro quo set up during the election, in which Russians offered a Putin meeting and dirt on Hillary, with the expectation that Trump would lift the Magnitsky sanctions if he won (and would get a Trump Tower in Moscow if he lost). I suspect there are other pieces to the quid pro quo, dealing with Ukraine and Syria. But certainly the June 9 meeting set up an understanding: dirt in exchange for Magnitsky relief. The release of the Guccifer 2.0 emails may indicate the Trump camp provided some signal they had formally accepted the offer.

Update: Fixed syntax in last paragraph, h/t LT.

RESOURCES

These are some of the most useful resources in mapping these events.

Mueller questions as imagined by Jay Sekulow

CNN’s timeline of investigative events

Majority HPSCI Report

Minority HPSCI Report

Trump Twitter Archive

Jim Comey March 20, 2017 HPSCI testimony

Comey May 3, 2017 SJC testimony

Jim Comey June 8, 2017 SSCI testimony

Jim Comey written statement, June 8, 2017

Jim Comey memos

Sally Yates and James Clapper Senate Judiciary Committee testimony, May 8, 2017

NPR Timeline on Trump’s ties to Aras Agalarov

George Papadopoulos complaint

George Papadopoulos statement of the offense

Mike Flynn statement of the offense

Internet Research Agency indictment

Text of the Don Jr Trump Tower Meeting emails

Jared Kushner’s statement to Congress

Erik Prince HPSCI transcript

THE SERIES

Part One: The Mueller Questions Map Out Cultivation, a Quid Pro Quo, and a Cover-Up

Part Two: The Quid Pro Quo: a Putin Meeting and Election Assistance, in Exchange for Sanctions Relief

Part Three: The Quo: Policy and Real Estate Payoffs to Russia

Part Four: The Quest: Trump Learns of the Investigation

Part Five: Attempting a Cover-Up by Firing Comey

Part Six: Trump Exacerbates His Woes

Open Thread: Guns, Guns, and More Bloody Guns

This is an open thread dedicated to what the National Rifle Association wants you to believe is as necessary as air along with ~13,000 gun homicides each year, and seven children and teen gun deaths each day.

Freedom — we have it at gun point.

For the record, my household has guns. They’re used for hunting. Half the meat this household consumes is venison harvested from family property. They’re secured in a gun safe when not in use.

The Federal Assault Weapons Ban in force from 1994 to 2004 didn’t impede the ability of this household to hunt its annual venison. Mass shootings were markedly lower during the ban, however, though increasing use of high capacity magazines eventually thwarted the effects of the ban.

Do I believe in the Second Amendment? Sure — including the part about a “well regulated Militia.”

The NRA doesn’t believe in that part of the amendment because it affects their actual clients’ profit motive; regulating a militia means gun makers can’t sell more guns.

At some point gun makers and their lobbyists at the NRA need to face reality: the market is saturated, which is why Remington is going into bankruptcy. There are no more arguments to be made to increase gun sales when there are more guns in the U.S. than Americans.

There are no more arguments to be made to sell more guns into a saturated market when gun proponents care more about their guns than the shattered children in classrooms.

Or when gun proponents’ arguments rely on augmentation and dispersion by foreign agents.

Bring your discussions about guns here. Keep them out of other threads so that others can have uninterrupted discussions on topic.

Friday Morning: Some Place Warm

Warm, like the Philippines, the home of the Manila sound. It’s Friday once again and today’s jazz genre is the precursor to Pinoy rock (like Freddie Aguilar’s Anak) and Pinoy hip hop (like Andrew E’s Binibirocha).

The Manila sound emerged under Ferdinand Marcos’ regime; wish I knew more about this body of work to identify songs which pushed the envelope politically. You can still hear the ghost-like impact more than 300 years of Spanish colonialism in some riffs, shaped by other Asian and American influences.

Think I’ll try a mix mix cocktail later today with a little more contemporary Filipino jazz.

Coincidentally, “mix mix” is an apt description for this morning’s post. A lot of smallish, unrelated items in my inbox today…

The canary that didn’t chirp
Reddit may have received a National Security Letter, based on the disappearance of a notice in transparency reporting which up to now indicated no NSLs had been received. Was an NSL sent to Reddit in response to an online discussion last year with Edward Snowden, Laura Poitras, and Glenn Greenwald? Or did some other content trigger a possible NSL?

Department of Homeland Security’s Cyber Security Division wants to fix open source software
“Hello, we’re from the government. We’re here to help you.” Uh-huh. Color me skeptical about this initiative intended to reduce vulnerabilities in open source software. when the government finds a way to insert itself into technology, it’s an opportunity for co-option and compromise. Can you say ‘backdoor’?

Fixing a problem with business iPhones may create a new one
A key reason the USDOJ went after Apple to crack the passcode on the San Bernardino shooter’s iPhone: poor or missing mobile device management software. Had the iPhone’s owner and issuer San Bernardino County installed an MDM app that could override the assigned user’s passcode, the FBI would have had immediate access to the iPhone’s contents. Employers are likely moving toward more and better MDM to prevent a future costly #AppleVsFBI situation. However, the new SideStepper malware is spreading and taking advantage of MDM’s ability to push software to enterprise-owned iPhones without the users’ approval.

FCC’s very busy Thursday

  • FCC approved a $9.25 monthly subsidy for Lifeline-eligible low-income folks to use on high-speed internet service. Now if only high-speed internet was less than $10/month, or available across the U.S. to all low-income citizens…there are still wide swaths of the U.S. where high-speed internet is simply a pipe dream, let alone adequate competition to keep prices within reach of the subsidy.
  • The subsidy’s approval came amid a lot of political scrambling and maneuvering due to conservatives’ resistance on spending (what a surprise, right?), though the investment should increase the number of users able to access state and federal programs online, reducing costs to operate them over the long run.
  • The FCC also voted to proceed with rulemaking on the handling of users’ personal information over ISPs. Privacy is currently regulated on telecommunications by the FCC, but not on ISPs. Implementing rules on ISPs substantially similar to telecoms may protect consumers’ privacy, which is otherwise wide open. It would also force more equitable competition between ISPs and telecoms on consumer communications services. Perhaps this makes it easier to understand why NBC and MSNBC — both owned by cable ISP company Comcast — have been completely in the tank for Donald Trump? (Might even explain why Trump was such an ass to Univision’s Jorge Ramos, as Comcast owns competitor Telemundo.)

Today in literacy

  • Participating in a book club could land you in prison in Angola (QZ) — There’s either more to this story, or Angola is incredibly repressive and ripe for trouble.
  • Fairy tales, now with more firearms (NPR) — The idiots at NRA think there’s not enough violence in fairy tales, so they’ve rewritten them with weapons added. Distorting the Constitution isn’t enough; why not distort children’s fiction, too?
  • Lawful Hacking: using Existing Vulnerabilities for Wiretapping on the Internet (Northwestern Journal of Technology and Intellectual Property) — Not a book, but a worthwhile read for infosec literacy.

Public Service Announcement: Backup/Alternate Site
You may have noticed the site’s connectivity going up and down; there’s some tinkering going on under the hood. If the site should go down for long, you can find our more recent content at this alternate site (bookmark for emergency use). If the site needs to stay down for longer periods of time for repairs or redesign, we’ll redirect traffic there. Comments left at the other site will not be ported back to this page, however, and the alternate location is not intended to replace this one though you may find you like the alternate site’s mobile version better.

That’s a wrap, I’m off to find some calamondins, or an approximation for a mix mix cocktail. Have a good weekend!

RuppRogers Fake Dragnet Fix Would End (?) Bulk Firearm Record Collection, But Not Bulk Credit Card Record Collection

I’m just beginning to go through the House Intelligence Fake Dragnet Fix bill — what I will henceforth call the RuppRogers Fake Dragnet Fix.

It does have some improvements — the kind of bones you throw into a legislation to entice members of Congress to back what is in fact a broad expansion of surveillance.

One of those is a prohibition on the use of FISA (presumably including Section 215) to engage in bulk collection of certain kinds of records:

Notwithstanding any other provision of law, the Federal Government may not acquire under the Foreign Intelligence Surveillance Act of 1978 (50 U.S.C. 1801 et seq.) library circulation records, library patron lists, book sales records, book customer lists, firearm sales records, tax return records, education records, or medical records containing information that would identify a person without the use of specific identifiers or selection terms.

I find this interesting, for one, because it is yet another piece of evidence that suggests the government has been using Section 215 (and National Security Letters, probably) to make its own firearm registry, in defiance of congressional intent.

But I also find it instructive to compare this list:

  • Some but not all library and book records
  • Firearm sales records
  • Tax return (but not other tax) records
  • Education records
  • Some but not all medical records

With the list laid out in this letter from Ron Wyden and Mark Udall and others.

  • Credit card purchases
  • Pharmacy records
  • Library records
  • Firearm sales records
  • Financial information
  • Book and movie purchase records

I would assume from the difference that NSA was unwilling to give up certain kinds of bulk collection, notably credit card and non-tax return financial records.

I think the use of Section 215 to collect gun records is patently illegal, even though I might support a gun registry if passed legislatively. But if we’re going to roll back that collection, let’s roll back the bulk financial record collection as well.

Faster and Furiouser Domestic Spying: Why Would the NSA Review Group Talk to the ATF?

Because I’m working on a post on John Bates’ response to the NSA Review Group recommendations, I happened to re-review the list of people the Review Group spoke with today (see page 277; Bates was the only one from the FISA Court they spoke with),

See if you find anything odd with this list of entities the Review Group spoke with from the Executive Branch (here’s a handy list of intelligence agencies to compare it to):

Assistant to the President for Homeland Security & Counterterrorism

Bureau of Alcohol, Tobacco, Firearms and Explosives

Central Intelligence Agency

Defense Intelligence Agency

Department of Commerce

Department of Defense

Department of Homeland Security

Department of Justice

Department of State

Drug Enforcement Agency

Federal Bureau of Investigations

National Archives and Records Administration

National Counterterrorism Center

National Institute for Standards and Technology

National Reconnaissance Office

National Security Advisor

National Security Agency

Office of the Director of National Intelligence

President’s Intelligence Advisory Board

Privacy and Civil Liberties Oversight Board

Program Manager for the Information Sharing Environment (PM-ISE)

Special Assistant to the President for Cyber Security

Treasury Department

Much of the list makes sense. You’ve got the people largely in charge of terrorism (NCTC, Lisa Monaco, FBI, Treasury), you’ve got some of the people in charge of cyber and/or corrupting encryption standards (DHS, Michael Daniel, NIST), you’ve got the people who have to deal with angry foreign leaders (State), you’ve got people in charge of data sharing and storage (PM-ISE and NARA), and you’ve got Commerce (which serves to boost, but also coerce, the tech companies on these issues).

There are some absences. I’m surprised Department of Energy, which plays a key role in counterproliferation, isn’t on here. It’s light on counterintelligence functions, both at DNI and things like AFOSI (which I believe has some nifty cybertools). I’m also a little surprised DOD was represented as a whole, but not some of the branch intelligence organizations. Similarly, DHS was represented as a whole, but not some of its relevant branches (TSA, CBP, and Secret Service).

And then there’s the Drug Enforcement Agency, which is on the list.

And even more alarmingly, the Bureau of Alcohol, Tobacco, Firearms and Explosives.

Don’t get me wrong, neither is all that surprising. We know some of the tools covered by the Review Group — notably National Security Letters — have actually been (mis)used in drug investigations as well as in terrorism ones. Given the logic of the certifications we know exist — not to mention the Administration’s fear-mongering and increasing focus on Transnational Crime Organizations not run by Jamie Dimon — I wouldn’t be surprised if Section 702 were used to fight the war on drugs, if it hasn’t already been. And the drug war certainly is a foreign intelligence priority for EO 12333 collection. Given NSA’s increasing inclusion of drug cartels in the boilerplate comments it releases about Snowden stories, I expect we’ll hear some nifty things about the war on drugs before this is out.

Similarly, one of the first things we learned the government was using Section 215 and/or NSLs to collect was purchase records for beauty supplies, otherwise known as explosives precursors. Since then, Members of Congress have talked about tracking fertilizer purchases. And I’d be shocked if there weren’t at least a half-hearted attempt to track pressure cooker purchases. I guess, from ATF’s inclusion among the Review Group’s interlocutors, we know a little bit about where this data resides: in probably the most fucked up law enforcement agency in government (though maybe that’s Immigration and Customs Enforcement, which thankfully was not considered central enough to talk to the Review Group).

Still, given the increasing number of signals that these authorities have been used to track gun purchases, and ATF’s notorious failures at tracking gun purchases in the past, I wonder whether they’re involved not just to talk about explosives purchases, but also gun records?

The Review Group warned that,

Like other agencies, there are situations in which NSA does and should provide support to the Department of Justice, the Department of Homeland Security, and other law enforcement entities. But it should not assume the lead for programs that are primarily domestic in nature.

For a variety of reasons (both reasonable and unreasonable), it is much harder to claim that tracking gun purchases pertains to counterterrorism or another foreign intelligence purpose than tracking acetone purchases.

Is this one of the domestic security functions the Review Group worried about?

Syrian Moderate Coalition Fractures — Is al Nusra the Next MEK?

The US grand strategy of arming moderate groups within Syria’s opposition in the ongoing civil war (remember, we only arm folks so moderate that they eat enemies’ hearts) took a huge blow yesterday, as several groups previously aligned with the moderates threw their support into a group including the Islamist group Jabhat al Nusra, which has affiliations with al Qaeda. With the moderate coalition in disarray, it occurred to me to wonder whether al Nusra will now undergo a reputation-scrubbing and a lobbying campaign similar to that applied to MEK, which has been removed from the official list of terrorist organizations and continues to support US politicians who are willing to sell their services to any group with enough funding. There is hope for the future, though, as a UN treaty that would take significant steps toward stemming the flow of conventional weapons is gathering steam and has now been signed by more than half of the members of the UN.

The Washington Post brings us the news of the fractured moderate coalition:

American hopes of winning more influence over Syria’s fractious rebel movement faded Wednesday after 11 of the biggest armed factions repudiated the Western-backed opposition coalition and announced the formation of a new alliance dedicated to creating an Islamic state.

The al-Qaeda-affiliated Jabhat al-Nusra, designated a terrorist organization by the United States, is the lead signatory of the new group, which will further complicate fledgling U.S. efforts to provide lethal aid to “moderate” rebels fighting to topple Syrian President Bashar al-Assad.

The defecting groups are blaming the US for failing to come through with promised arms and for not bombing Assad after the August 21 chemical weapons attack:

Abu Hassan, a spokesman for the Tawheed Brigade in Aleppo, echoed those sentiments, citing rebel disappointment with the Obama administration’s failure to go ahead with threatened airstrikes to punish Assad for using chemical weapons in the suburbs of Damascus last month, as well as its decision to strike a deal with Russia over ways to negotiate a solution.

“Jabhat al-Nusra is a Syrian military formation that fought the regime and played an active role in liberating many locations,” he said. “So we don’t care about the stand of those who don’t care about our interests.”

Toward the end of the New York Times story on this development, we see the al Nusra group being described as less radical than the new kid on the block, the Islamic State in Iraq and Syria (ISIS): Read more

OMIGOD James Clapper Has Our Gun Purchase Records

It’s a testament to Ron Wyden’s good faith that this letter — asking James Clapper for more information about the government’s secret use of the Section 215 provision of the PATRIOT Act — didn’t try to inflame the NRA.

It’s not until the third paragraph in until Wyden (and the 25 other Senators who signed on) say,

It can be used to collect information on credit card purchases, pharmacy records, library records, firearm sales records, financial information, and a range of other sensitive subjects. And the bulk collection authority could potentially be used to supersede bans on maintaining gun owner databases, or laws protecting the privacy of medical records, financial records, and records of book and movie purchases. [my emphasis]

And while Wyden is right that the letter is bipartisan, I really wonder how it is that only four Republicans — Mike Lee, Dean Heller, Mark Kirk, and Lisa Murkowski — signed a letter raising these issues. Seriously. Not even Rand Paul?

I’ll come back to the loaded questions Wyden asks (I’m frankly still working on some loaded questions he asked 6 months ago — it has turned into a nearly fulltime beat).

But in the meantime, why isn’t the NRA screaming yet?