Posts

Despite Pete Hegseth, Signal is Good

/10 Comments/in , /by

Why you should use Signal (But maybe ditch Whatsapp?)

Pete Hegseth is Bad at His Job

The Secretary of Defense and Fox Host Pete Hegseth keeps using Signal to talk about war plans with people he’s not supposed to be talking with at his day job. He also gets caught, because he’s bad at security as well as his job. Hegseth uses his personal phone for Department of Defence business, including killing a lot Yemenis.

What Hegseth was supposed to use instead of his consumer cell phone is a SCIF, or Sensitive Compartmented Information Facility. I’ve been in one. I was emphatically invited to leave my phone at the door. There were large men making this point to me, and I took it to heart. A SCIF is secure, but it is as much about control and legal obligations as it is about security, and rightfully so. Secure communications for a national government don’t just require security, they require accountability, integrity, and a durable record. After its classification period, that information belongs to all Americans. Historical accountability is something we’ve decided matters, and encoded into our laws.

On a technical level I wouldn’t be shocked if SCIFs use some of the same technology that’s in Signal to secure communications. It’s good stuff! But SCIFs are SCIFs, and consumer cell phones are cell phones. Your phone is not designed for government records retention, or hardened against specific nation-state threats. But modern, up-to-date phones have very good security, more hardened then most of the government systems that have ever existed. And it’s right there! In your phone without you having to do anything to get it! (Except apply new software updates when they turn up.)

So despite the fact that Hegseth’s phone would be one of the more targeted in the world, and Hegseth himself is an idiot, his phone isn’t necessarily compromised. It might be, but it’s hard to be sure. It’s quite hard to hack a modern phone, especially if the person using the phone updates it every time there’s an update released, and doesn’t click on things they don’t know are OK. There are fancy attacks, called Zero-Click Attacks, that don’t require any user interaction, but they’re hard to build and expensive.

At any given moment, you don’t know whether someone had a working attack against an up-to-date iPhone or Android until it’s discovered and patched. But mostly, the average user doesn’t have to worry about trying to secure their phone. You already secure your phone when you update it. The hackers aren’t in a race with you, or even Pete Hegseth, they’re in a race with large and well-funded security and design teams at Google and Apple — and those people are very good at their jobs. This is why the nerds (like me) always tell you to update software as soon as possible; these updates often patch security holes you never knew were there.

You’re more likely to download a vulnerability in something like Candy Crush, weird social media apps, or random productivity tools you’re tying out. But the folks at Google and Apple have your back there, too. They’ve put every app into its own software-based “container,” and don’t let apps directly interact with the core functions of your phone, or the other apps on it. Hackers try to break out of these containers, but again, it’s not easy. Even if they get a foothold in one, they might know a lot about how good you are at subway surfing, but not much else.

It’s hard out here for a phone hacker.

Sometimes the hackers hit pay dirt, and find some flaw in phone software that lets them take over the phone from the air, with no user interaction — that zero-Ccick attack. This is very scary, but also very precious for the hackers. Unless there’s a very good reason, no one is going to risk burning that bug on you. If an attack like that is found, it will be top priority for those big smart security teams at Google and Apple. There will be long nights. There will also be an update that fixes it; apply updates as soon as you see them. Once a vulnerability is patched, the malware companies have to go back to the drawing board and look for another bug they can exploit to get their revenue stream back.

The high profile malware companies often sell their software, especially if they have a zero-click attack, to governments and corporations. They don’t want normal people using it, because the more it gets used, the faster they will be back at square one after Google and Apple take their toys away.

Nerd’s Delight

Signal LogoSignal is usually the favorite app your exhausting nerd friend keeps badgering you to download. It’s risen to even more prominence due to Pete Hegseth’s repeated idiocy. But this has caused doubt and confusion, because if you found out what Signal was from Hegseth’s leaks and blunders, it doesn’t look so good. Using Signal for DoD high level communications is not only illegal, it is stupid. Signal isn’t meant for government classified communications.

But it is meant for you, and it’s very good at what it does.

Signal is two things: First, an app for Android and iPhone (with a handy desktop client) which encrypts chats and phone calls. That’s the Signal app you see on your phone. second, the other part is the Signal Protocol, Signal’s system of scrambling communications so that people outside of the chat can’t see or hear anything inside the chat.

Signal Protocol, the encryption system Signal uses, is a technology called a Double Ratchet. It is an amazing approach that is pretty much unbreakable in a practical sense. The very short version of how that encryption works is this: you generate special very long numbers, and so does the person you’re talking to. (This generation is done by your phone and servers on the net in the background of your chat, and you never have to see any of it.) You each use that number to encrypt a message that only the other person can read. The only way to figure out that secret number is to factor the very large number and then start guessing based on the factors.

It turns out computers don’t like factoring big numbers anymore than you did in middle school, so guessing those long numbers is very hard and tiring — meaning it takes the computer a lot of energy to try. In computers, very hard always translates to expensive and slow. The extra trick in Signal’s double ratchet is a mechanism for taking that already hard number to guess and “ratcheting” it to new hard numbers – with every single message. Every Hi, Whatup, and heart emoji get this powerful encryption. Even if someone was using super computers to break into your chat (and they aren’t) every time they broke the encryption, they’d just get that message, and be back at square one.

That’s expensive, frustrating hard work, and your chats aren’t worth the bother.

The Strongest Link, Weakened?

Messenger also uses the Signal protocol

Whatsapp adopted Signal Protocol in 2014, granting encrypted privacy and safety to over a billion people.

Signal is secure. Whatsapp and Facebook Messenger use Signal protocol too, and are also secure, for now… but Meta has made some decisions that complicate things. In a rush to add AI to everything whether you want it or not, Meta has added AI to its Signal Protocol-secured chat rooms. This doesn’t break the Signal Protocol, that works fine. But to have AI in chats means that by definition, there’s another participant listening in your chat. If there wasn’t, it couldn’t reply with AI things. If you’re not comfortable with this, it might be time to ditch Whatsapp and Facebook Messenger for Signal.

I’m personally not comfortable with it, in part because as far as I can tell, there’s nothing technically or legally stopping law enforcement from demanding access to that listening function in any chat room. It may only give the police access to parts of the conversation, but I’d like the chance to defend my data myself if it comes to it. I don’t want to have it picked up from a third party without so much as notice to me.

Meta is in the the room with you, like it or not. Is it recording all your chats somewhere? I doubt it. It’s a bad idea that would make too much trouble for Meta if it got out. But I can’t know for sure. I know there’s no listener in Signal, because the protocol makes hiding a listener functionally impossible. (To be clear, Meta isn’t hiding it, they’re advertising it. But it’s still a listener.)

Encryption for All

Make no mistake, that Whatsapp and Facebook Messenger use Signal’s protocol is wonderful news. It means that, without having to know anything about internet or computer security, one day there was an update, and billions of users got to rely on some of the best encryption ever designed, without even knowing it. This is important both for keeping people safe online, and for making society better, as activists, small businesses, families, and everyone with and internet connection can talk freely and safely to their people and their communities. It doesn’t stop ill-intentioned people from doing bad and deceptive things like lie, cheat, and steal, but it makes it harder for them to enlist the computers into their schemes.

The problem with Pete Hegseth using Signal is two-fold: He has to retain records legally, and ratcheting encryption is intentionally ephemeral. Signal is the worst way to retain records, beyond perhaps toilet paper and sharpie. The second problem is that if he does have a vulnerable app on his phone, or there’s a general vulnerability the teams at Apple and Google haven’t found yet, someone could be listening into what his phone is doing. Maybe even through his Candy Crush Saga, a fun game you will never find in a SCIF, no matter how much you wish you could.

SCIFs are kind of boring. No phones, the windows are weird (to defeat directional mics) and in my case, I had to have security escort me to the bathroom. I imagine that’s why an exciting guy like Hegseth doesn’t use them. But he is not only putting people in danger with his shenanigans, he’s also robbing the American people of a record that is, by law, our right to have. And it’s looking like an era of American history in which we want to be preserving evidence.

The Online Lives of Others

If you’ve never seen the movie The Lives of Others, go watch it. It’s great, and annoyingly relevant right now.

There is another threat coming from the EU and UK that rears its head every few years, and probably from the US soon enough as well. Many governments and law enforcement agencies want, have wanted for years, a scheme digital rights advocates call Chat Control. Law enforcement would have a back door into everyone’s encryption, usually a listener, like the Meta AI, but much worse. It would bug all chats — a spook in every phone. The excuse is always CSAM, or Child Sexual Abuse Material, but the proposal is always the same – to strip every person of privacy and the technical means to protect it, in the name of protecting children. This ignores a lot of of issues that I won’t go into here, but suffice to say the argument is as dishonest as it is ineffectual.

It’s an ongoing fight pitting children against a right of privacy and personal integrity, and it always will be an ongoing fight, because it would give the police and governments nearly limitless power to spy on the entire populous all the time.

Total digital surveillance is simply not a feasible way to run a society. It is the police state the East German Stasi dreamed of having. It must be resisted for human decency and flourishing. Let’s give the totalitarian desire for a spy in every phone no oxygen, it has no decency, no matter who it claims to be protecting.

Even if you never do anything that could be of interest to governments or law enforcement, using encryption creates more freedom for all. If only “criminals” or “enemies” use Signal, then using Signal becomes a red flag. If everyone uses Signal (or Signal protocol in Whatsapp/Messenger), then it’s normal. You get the measure of protection it provides from scammers and hackers, and you help people fighting criminals and resisting tyranny, all over the world. This is one of the reasons adding Signal protocol to the Meta systems was such a great moment in the history of the net. A good portion of humanity gained a real measure of privacy that day.

If activists and people “with something to hide” are the only people using encryption like Signal, it’s grounds for suspicion. But if everyone is using it, the journalists and activists who need it for political reasons don’t stand out. The battered partners and endangered kids can find it and use it safely to get help. And everyone is safer from scams and hacking attacks — because what you do and say has some of the best protection we’ve every conceived of as a society, even if it’s just your shopping list.

 

Share this entry

Fridays with Nicole Sandler

/35 Comments/in /by

 

Listen on Spotify (transcripts available)

Listen on Apple (transcripts available)

Share this entry

Whiskey Pete’s Dirty Desktop

/22 Comments/in /by

We continue to get more details of Whiskey Pete Hegseth’s abysmal operational security.

Today, NYT revisited the issue of Pete Hegseth’s shoddy operational security, tracking all the other accounts he had registered under the phone number with which he used Signal.

Mr. Hegseth had a significant social media presence, a WhatsApp profile and a Facebook page, which he still has.

On Aug. 15, 2024, he used his personal phone number to join Sleeper.com, a fantasy football and sports betting site, using the username “PeteHegseth.” Less than two weeks later, a phone number associated with his wife, Jennifer, also joined the site. She was included in one of the two Signal chats about the strikes.

Mr. Hegseth also left other digital breadcrumbs, using his phone to register for Airbnb and Microsoft Teams, a video and communications program.

Mr. Hegseth’s number is also linked to an email address that is in turn linked to a Google Maps profile. Mr. Hegseth’s reviews on Google Maps include endorsements of a dentist (“The staff is amazing”), a plumber (“Fast, honest, and quality work”), a mural painter (“Painted 2 beautiful flags for us — spot on”) and other businesses. (Google Maps street view blurs out Mr. Hegseth’s former home.)

What they don’t say is the accessibility of his personal phone number could have made it easier to ID the IP address for the computer that (per the AP) Hegseth set up in his office so he could access Signal.

Defense Secretary Pete Hegseth had an internet connection that bypassed the Pentagon’s security protocols set up in his office to use the Signal messaging app on a personal computer, two people familiar with the line told The Associated Press.

The existence of the unsecured internet connection is the latest revelation about Hegseth’s use of the unclassified app and raises the possibility that sensitive defense information could have been put at risk of potential hacking or surveillance.

Known as a “dirty” internet line by the IT industry, it connects directly to the public internet where the user’s information and the websites accessed do not have the same security filters or protocols that the Pentagon’s secured connections maintain.

Other Pentagon offices have used them, particularly if there’s a need to monitor information or websites that would otherwise be blocked.

But the biggest advantage of using such a line is that the user would not show up as one of the many IP addresses assigned to the Defense Department — essentially the user is masked, according to a senior U.S. official familiar with military network security.

[snip]

Hegseth initially was going to the back area of his office where he could access Wi-Fi to use his devices, one of the people familiar said, and then he requested a line at his desk where he could use his own computer.

That meant at times there were three computers around his desk — a personal computer; another for classified information; and a third for sensitive defense information, both people said.

Because electronic devices are vulnerable to spying, no one is supposed to have them inside the defense secretary’s office. Important offices at the Pentagon have a cabinet or drawer where staff or visitors are required to leave devices.

But there’s a detail that remains unexplained, one which makes this more interesting.

In addition to the texts themselves, Jeffrey Goldberg provided a number of useful details about the Houthi PC small group thread.

He included the list of the 19 people who belonged to it when he left.

We see the Principals add people (and Mike Waltz add someone believed to be Stephen Miller) along the way.

Goldberg also included metadata showing Mike Waltz setting the disappearing messages. In addition, we see Marco Rubio adding a second account for himself, “MAR added MAR.”

Rubio might have done that if he had a second device.

Given that that was all public by March 26 — which was, itself, nine days after Goldberg dropped off the list — it raises questions about why, on both March 26 and March 28 (per a CIA filing in the American Oversight lawsuit), people were fiddling with administrative settings.

I understand that the Director’s personal Signal account was reviewed and a screenshot of the Signal Chat at issue was captured from the Director’s account on 31 March 2025, and transferred to Agency records systems the same day. I understand that the screenshot reflects the information available at the time the screenshot was captured, which I characterized as “residual administrative content” in my initial declaration. I used that terminology because the screenshot does not include substantive messages from the Signal chat; rather, it captures the name of the chat, “Houthi PC small group”, and reflects administrative notifications from 26 March and 28 March relating to changes in participants’ administrative settings in this group chat, such as profile names and message settings.

That is, the only thing left on John Ratcliffe’s personal cell phone when they went to archive messages covered by the Federal Records Act was a version of the screen shot above — with the name of the chat, the dates March 26 and 28, changes in message settings (perhaps Mike Waltz trying to undo the damage of his disappearing timeline), and changes in profile names.

It’s the last bit that is most interesting. It might reflect people, in addition to the 19, who were added after Goldberg dropped off, people who were even more problematic to be included in the chat than Jeffrey Goldberg. It shouldn’t reflect people changing their own screen names; at that point, after Goldberg published, there would be no point.

But there’s also something that remains unexplained, given the new information we have.

We know from the second of three DOD declarations in the same American Oversight lawsuit that someone — the passive voice is used — did a search of Whiskey Pete’s “mobile device,” whence the “available Signal application messages that are at issue in this case have been preserved.” We know from the third declaration that a search — possibly the only one — that was conducted (the passive voice is used again) on March 27, between the day of the first admin changes reflected on Ratcliffe’s personal phone, March 26, and the day of the second administrative changes, March 28.

What we don’t have, however, is any indication how Hegseth accessed Signal via two different devices, the personal cell that was searched (passive voice) and the desktop in his office hooked up to the dirty old Internet — that is, whether he had a second account, maybe called WarFightersLoveWhiskey or just Pete, or whether he did in fact use his publicly identifiable phone number on the desktop hooked up to the dirty old Internet. That’s actually one possible explanation for the changes on March 26 and 28.

Perhaps we could answer that question by searching the device in Whiskey Pete’s office for Federal Records Act compliance?

Or maybe, as I said, there was someone added in the nine days after Goldberg left.

Share this entry

Self-Reportation: Pete Hegseth’s Witch Hunt Ensnared Himself

/78 Comments/in /by

As I wrote here, three top Pete Hegseth aides were ousted (most reports continue to use the passive voice) last week, purportedly in the witch hunt he started to look for the sources of various suspected leaks. Longtime Trump press aide John Ullyot also resigned or was asked to, depending on whom you believe.

That seems to have precipitated the exposure — first by NYT — that Whiskey Pete Hegseth had a second Signal chat, one he himself curated. Although the list, which dates back to before Hegseth’s confirmation, purports to convey administrative and scheduling details, Hegseth included roughly the same Houthi attack information that he shared on the Signal thread that included Jeffrey Goldberg.

That means he shared it with people who didn’t have a need to know — his brother and his lawyer, Tim Parlatore — and his spouse, who is not a DOD employee at all (even though she babysits him in important meetings).

[T]he information Mr. Hegseth shared on the Signal chat included the flight schedules for the F/A-18 Hornets targeting the Houthis in Yemen — essentially the same attack plans that he shared on a separate Signal chat the same day that mistakenly included the editor of The Atlantic.

Mr. Hegseth’s wife, Jennifer, a former Fox News producer, is not a Defense Department employee, but she has traveled with him overseas and drawn criticism for accompanying her husband to sensitive meetings with foreign leaders.

Mr. Hegseth’s brother Phil and Tim Parlatore, who continues to serve as his personal lawyer, both have jobs in the Pentagon, but it is not clear why either would need to know about upcoming military strikes aimed at the Houthis in Yemen.

[snip]

Mr. Hegseth created the separate Signal group initially as a forum for discussing routine administrative or scheduling information, two of the people familiar with the chat said. The people said Mr. Hegseth typically did not use the chat to discuss sensitive military operations and said it did not include other cabinet-level officials.

Mr. Hegseth shared information about the Yemen strikes in the “Defense | Team Huddle” chat at roughly the same time he was putting the same details in the other Signal chat group that included senior U.S. officials and The Atlantic, the people familiar with Mr. Hegseth’s chat group said.

Sharing the attack details with his spouse put him at far greater exposure of willful violation of 18 USC 793, sharing National Defense Information with someone not authorized to receive it.

Of the 13 people that AP reports were in the thread, NYT identifies the following:

  1. Hegseth
  2. His wife Jennifer
  3. His brother Phil
  4. His lawyer turned DOD employee Tim Parlatore
  5. DOD spox Sean Parnell
  6. Chief of Staff Joe Kasper (who reportedly is moving elsewhere)
  7.  Dan Caldwell (who was also on the Goldberg list)  …
  8. And Darin Selnick, the latter two of whom were ousted in Kasper’s witch hunt last week

NYT does not say that either Colin Carroll — also fired last week — or Ullyot participated in the chat, though Ullyot was a booster during his confirmation and so by definition could have.

But everyone who participated in the chat would be witness to Hegseth sharing data he insists is not classified, but which a jury could easily find to be National Defense Information because its sharing could obviously put service members at risk. In Espionage Act cases, a jury decides whether something is NDI.

NYT implies that this thread differs from the Mike Waltz one because Hegseth used his personal device, but I’m not sure there’s any confirmation that he used a DOD device for the Waltz chat, either. (John Ratcliffe used his personal device, and Tulsi implied she had in congressional testimony; Marco Rubio had two versions of the thread and so probably two different devices).

In either case, Hegseth’s thread includes a stupid mixture of public and private, and the administrative details on the thread alone, to say nothing of the Houthi attack details, would mean the Federal Records Act covers the thread. By law Hegseth has to make copies of the thread and archive it on DOD servers.

There’s increasing reason to believe that the witch hunt Hegseth initiated on March 21 led to this place — has created and is creating more risk going forward. That is, it increasingly looks like the paranoid witch hunt that Hegseth started in March may now ensnare him personally, if no other way than making those targeted willing to share secrets they were otherwise keeping about Hegseth but now have incentive to share to exonerate themselves.

Hegseth himself tied the story directly to the firings last week at an appearance at the White House today.

You know, what a big surprise that a bunch of — a few leakers get fired and suddenly a bunch of hit pieces come out from the same media that peddled the Russia hoax, won’t give back their Pulitzers…

[snip]

This is what the media does. They take anonymous sources from disgruntled former employees and then they try and slash and burn people and ruin their reputation.

But the witch hunt also intersects with the legal response to the disclosure of the original thread in important ways.

As a reminder, Kasper ordered the investigation on March 21, between the time, on March 15, that Jeffrey Goldberg concluded Mike Waltz’ Signal chat was real and so dropped off the chat, and the time, on March 24, Goldberg first disclosed it. As I laid out here, one of the stories identified among the suspected leaks — on the deployment of the USS Vinson carrier group from the East China Sea to the Red Sea — overlaps with the original Houthi thread (and so could be among the texts exchanged after Goldberg dropped off).

In any case — as this timeline makes clear — the witch hunt was in process even as two separate legal responses to the Atlantic story, an American Oversight lawsuit and an Inspector General investigation requested by both Roger Wicker and Jack Reed — kicked off.

A CIA declaration submitted in the American Oversight lawsuit, which the government has construed to apply only to the Signal chat disclosed by Goldberg, confirmed that Ratcliffe’s copy of the text thread includes none of the substantive messages but did include metadata showing there were changes to the original Signal text thread made after the first disclosures of it, on March 26 and 28. Whoever made those changes is at risk not just of violating the FRA, but also obstructing the legal processes that started after Goldberg revealed the texts.

The declarations submitted by DOD (the first, reflecting a request that Hegseth forward a copy of the chat to DOD, a second, by a more senior lawyer, noting that a search of Hegseth’s mobile device was conducted and “available Signal messages … have been preserved,” and a third, noting that the screen shots of the Signal texts were taken on March 27) have been more ambiguous. As American Oversight noted in its most recent filing,

For example, rather than specifying which messages were preserved, the Supplemental DoD Declaration vaguely references the preservation of “existing Signal application messages,” which, as shown by the Supplemental Blankenship Declaration, could be none. Suppl. Bennett Decl. ¶ 2, ECF No. 15-1.

But in any case, DOD took those screen shots on a day between changes made to the list (and the day Wicker and Reed asked DODIG to investigate), and so might reflect the first set of alterations.

CNN describes that the three men ousted last week — Dan Caldwell, Darin Selnick, and Colin Carroll — will be interviewed in the IG investigation, an investigation about which (CNN reports) Hegseth is increasingly concerned.

Hegseth has also grown increasingly concerned about the inspector general investigation, the sources said. Caldwell, Selnick and Carroll expect to be interviewed as part of that probe, the sources added.

That all three will be interviewed is of some interest: only Caldwell was known to be on the Waltz Signal list. If DOD’s IG has reason to interview the other two, it suggests they may already have more reason to be interested in Hegseth’s other use of Signal. But as the NYT noted, “Mr. Hegseth’s aides” (a term not necessarily limited to those on the Signal chats) advised him not to discuss operational details on that chat.

One person familiar with the chat said Mr. Hegseth’s aides had warned him a day or two before the Yemen strikes not to discuss such sensitive operational details in his Signal group chat, which, while encrypted, is not considered as secure as government channels typically used for discussing highly sensitive war planning and combat operations.

[snip]

Several of these staff members encouraged Mr. Hegseth to move the work-related matters in the “Defense | Team Huddle” chat to his government phone. But Mr. Hegseth never made the transition, according to some of the people familiar with the chat who spoke on condition of anonymity to discuss internal deliberations.

I don’t rule out the possibility that Hegseth fired them all to make it impossible for Acting Inspector General Steven Stebbins to subpoena the men (rather than because of the witch hunt he attributed it to). But it sounds like they’re willing to submit to voluntary interviews at this point, if for no other reason then to vindicate their innocence.

Which brings me to a point I’ve obsessed about since the beginning. The witch hunt, as laid out by Joe Kasper, was never designed to be a normal leak investigation. For those, you make a referral right away to the FBI, describing the suspected leak and providing a list of all the people known to have access to the leaked material.

Instead, this leak investigation envisioned a report for Whiskey Pete, and referrals by Kasper if he discovered leakers he wanted to face further investigation.

This investigation will commence immediately and culminate in a report to the Secretary of Defense. The report will include a complete record of unauthorized disclosures within the Department of Defense and recommendations to improve such efforts. I expect to be informed immediately if this effort results in information identifying a party responsible for an unauthorized disclosure, and that such information will be referred to the appropriate criminal law enforcement entity for criminal prosecution

A paragraph added to CNN’s story (along with an April 4 story about which Hegseth was worried, one which could show up in Hegseth’s personal Signal list) describes that Hegseth “demanded” the FBI get involved but some of his aides dissuaded him because of the IG investigation.

Following the press reports — including one in The New York Times about the questionable success of a massive military campaign against the Houthis — Hegseth began to lash out and grew suspicious that senior military officials, as well as some of his closest advisers, were leaking to undermine him, the sources added.

At one point, Hegseth even demanded an FBI probe into the leaks — which some of his aides advised against, sources said. There was already an active inspector general investigation focusing on Hegseth, and bringing in the FBI might only invite more scrutiny, those aides advised. [my emphasis]

But this conversation should have happened before March 21, almost a week before DOD IG considered investigating. And the only reason aides would recommend against FBI involvement is if they were protecting people — perhaps themselves, perhaps those close to Hegseth, perhaps Hegseth himself — from criminal exposure.

That is, at least some of Hegseth’s aides worried that if the FBI got involved, they would discover a crime.

That’s not surprising. At least four of them witnessed Hegseth providing his wife information that a jury might decide was NDI.

Anyway, this probably is not done.

In a blockbuster op-ed claiming to support Hegseth but calling on Trump to fire him, Ullyot described things in (which decried the “horrible crisis-communications advice” offered by Parnell without naming him), “key Pentagon reporters have been telling sources privately” that, “more shoes to drop in short order, with even bigger bombshell stories coming this week.”

With the original thread, in which Hegseth unwittingly shared information on a pending attack with someone not authorized to receive it, there are already questions about whether Hegseth destroyed communications covered by the Federal Records Act. Now, he has fired at least three people, two of whom witnessed Hegseth wittingly share the same information with, at least, his spouse, and some of whom likely told him not to do so before he did.

Having fired them under cover of a leak investigation, he may make it much clearer to American Oversight, to DOD’s Inspector General, and to Congress, that he was the leaker he was looking for from the start.

Update: American Oversight amended their complaint today, incorporating Whiskey Pete’s family Signal list.

Update: NBC seems to confirm something that appeared obvious to me: Whiskey Pete used his personal device for both the Friends and Family thread and the Waltz one.

The material Kurilla sent included details about when U.S. fighters would take off and when they would hit their targets — details that could, if they fell into the wrong hands, put the pilots of those fighters in grave danger. But he was doing exactly what he was supposed to: providing Hegseth, his superior, with information he needed to know and using a system specifically designed to safely transmit sensitive and classified information.

But then Hegseth used his personal phone to send some of the same information Kurilla had given him to at least two group text chats on the Signal messaging app, three U.S. officials with direct knowledge of the exchanges told NBC News.

The sequence of events, which has not been previously reported, could raise new questions about Hegseth’s handling of the information, which he and the government have denied was classified. In all, according to the two sources, less than 10 minutes elapsed between Kurilla’s giving Hegseth the information and Hegseth’s sending it to the two group chats, one of which included other Cabinet-level officials and their designees — and, inadvertently, the editor of The Atlantic magazine. The other group included Hegseth’s wife, his brother, his attorney and some of his aides.

Hegseth shared the information on Signal even though, NBC News has reported, an aide warned him in the days beforehand to be careful not to share sensitive information on an unsecure communications system before the Yemen strikes, according to two sources with knowledge of the matter.

That raises the stakes on that second DOD declaration which describes that someone (the declaration uses the passive voice) searched the device Hegseth used for the Waltz chat.

Share this entry

Trump Has No Policy Process, Just Wormtongue and Palace Intrigue

/75 Comments/in /by

The last paragraph of this NYT story describing absolutely insane plans for the State Department -“eliminating almost all of its Africa operations,” “cutting offices … that address climate change[,] refugee issues, … democracy[,] and human rights concerns,” mandating use of AI for “‘policy development and review’ and ‘operational planning’,” and replacing the Foreign Service exam with loyalty oaths — describes that the Executive Order laying out those plans is not the only proposed plan out there.

It links this story, published by NYT five days earlier, describing more modest plans: closing six embassies in Africa, not the entire continent.

The Trump administration is considering plans to close 10 embassies and 17 consulates and reduce or consolidate the staff of several other foreign missions, according to an internal State Department memo viewed by The New York Times.

The closures and other reductions outlined in the document, which is undated, would pare back the American presence on nearly every continent. They represent an expansion of plans the Trump administration was working on earlier this year for closing a dozen foreign missions and laying off local staff who work in those locations.

The cuts are in keeping with President Trump’s plans to reduce federal spending across the government, as well as a proposal that State Department leaders have been considering to cut nearly 50 percent of the department’s spending.

But the new proposed reductions have raised fresh concerns that the United States will be ceding vital diplomatic space to China, including in areas of the world where Washington has a greater presence than Beijing, compromising American national security, including intelligence gathering.

The competing plans — one a memo, the other an Executive Order that would be signed by Trump and would therefore oblige memo-writers to defer to Trump’s order — comes in the wake of the ouster of Pete Marocco, the Jan6er who effectuated the destruction of USAID, from the State Department.

There are several versions of Marocco’s ouster and his fate, but this Politico story describes that Marco Rubio fired him, in part because of differing opinions about how to destroy USAID (which has long since been accomplished, but during which, Rubio repeatedly made claims about GOP-supported programs like PEPFAR that turned out to be false).

Peter Marocco, the Trump administration official in charge of dismantling USAID, left a meeting at the White House last week to return to his office at the State Department. But when he arrived, Marocco could not enter the building: security told him he was no longer an employee there, according to a person familiar with the situation.

Word of Marocco’s firing quickly tore through the Republican Party and MAGA ecosystem, startling President Donald Trump’s loyalists who viewed the aide as part of an elite cohort of administration true believers. Loud voices on the right piled on Secretary of State Marco Rubio, accusing him of undermining their disruptive agenda.

Yet Marocco’s abrupt termination, which has not been fully reported until now, was not an impulsive dismissal or a case of Rubio going rogue. This report was based on conversations with five people, including administration officials and allies, all of whom were granted anonymity to discuss sensitive internal matters. Four of the people said Rubio fired Marocco. They gave varying explanations: one administration official said Rubio and others wanted Marocco out due to what they saw as his bulldozer operating style and failure to work effectively with colleagues; others pointed to substantive disagreements between Rubio and Marocco over how to dismantle USAID. Meanwhile, Marocco allies viewed Rubio and his team as insular, controlling and obstructionist to the DOGE agenda ordered by the president.

One White House official said Rubio went to a senior White House aide for clearance to remove Marocco after tensions reached a boiling point last week. They described Marocco’s firing as “the first MAGA world killing from inside the White House.”

It also describes the backlash targeting Rubio that has resulted.

In the days since his ouster, Marocco’s MAGA allies have come to his defense and raised new suspicions of Rubio, including questions about why he would want to protect USAID and whether he’s loyal to the president.

[snip]

“He’s really not a MAGA guy, he’s a neocon,” a Trump ally said of Rubio, adding that this move “is gonna bite him.”

This is the third instance of an ugly cabinet-level dispute in the Trump Administration in recent weeks.

NYT’s account of Gary Shapley’s installment to head the IRS, without Scott Bessent’s involvement, followed by his removal at the hands of Bessent, incorporates several pieces of intrigue. First, there’s Shapley’s installment by Musk and then Bessent’s reversal of Musk’s plot.

Mr. Bessent had complained to Mr. Trump this week that Mr. Musk had done an end run around him to get Mr. Shapley installed as the interim head of the I.R.S., even though the tax collection agency reports to Mr. Bessent, the people familiar with the situation said. They spoke on the condition of anonymity to discuss private conversations.

The clash was the latest instance of Mr. Musk’s influence in the Trump administration that has alarmed top officials. It was also the latest upheaval at the tax agency, with much of its staff pushed out or quitting. Mr. Trump earlier this week called for the I.R.S. to revoke Harvard University’s tax-exempt status after the school refused to impose sweeping changes demanded by the administration.

An I.R.S. spokeswoman declined to comment on the leadership changes.

Mr. Shapley, a longtime I.R.S. agent, gained fame among conservatives after he claimed that the Justice Department had slow-walked its investigation into Hunter Biden’s taxes.

Mr. Musk’s Department of Government Efficiency pushed Mr. Shapley’s appointment through White House channels, but Mr. Bessent was not consulted or asked for his blessing, according to those with knowledge of the dynamic. Mr. Bessent then got Mr. Trump’s approval to unwind the decision within days, they said. Mr. Shapley had been working from the I.R.S. commissioner’s office as late as Friday morning.

Then, there’s Musk’s magnification of Laura Loomer’s attack on Bessent in response.

The feud between Mr. Musk and Mr. Bessent went public late Thursday night, when Mr. Musk amplified a social media post from the far-right researcher Laura Loomer accusing Mr. Bessent of colluding with a “Trump hater.”

“Troubling,” Mr. Musk wrote about Mr. Bessent’s meeting John Hope Bryant, the chief executive of the nonprofit Operation HOPE. Mr. Bryant is working on a financial literacy effort with Treasury officials.

Ms. Loomer had called that meeting a “vetting failure.”

Finally, there’s an oblique comment about DOGE boy Gavin Kliger’s removal on the same day as Shapley, one that WaPo describes in more detail: Kliger was shut out of IRS systems just as he was about to start a purge of IRS employees in the middle of tax season.

Early Friday morning, the IRS rescinded building and systems access for DOGE official Gavin Kliger, according to the people familiar with the situation. The Post could not immediately confirm the reason for the revocation.

Kliger was managing the massive layoffs at the agency that could cut the tax agency’s headcount by 25 percent. More layoff notices had been planned for Friday afternoon, the people said, but those notifications have been paused.

As laid out in declarations from USAID workers, Kliger left his digital fingerprints all over Marocco’s dismantling of USAID.

Left unsaid is whether Musk installed Shapley so as to empower Kliger to destroy the IRS just as it sets to processing this year’s tax receipts.

Thus far, we have correlation, without any insight into causation.

The far right targeting of Bessent is of particular concern, given the evidence he’s holding together the US (and with it, the global) economy with his own shoestrings. WSJ reported this week that he and Howard Lutnick had to sneak into the Oval Office to override Peter Navarro’s disastrous tariff plans.

On April 9, financial markets were going haywire. Treasury Secretary Scott Bessent and Commerce Secretary Howard Lutnick wanted President Trump to put a pause on his aggressive global tariff plan. But there was a big obstacle: Peter Navarro, Trump’s tariff-loving trade adviser, who was constantly hovering around the Oval Office.

Navarro isn’t one to back down during policy debates and had stridently urged Trump to keep tariffs in place, even as corporate chieftains and other advisers urged him to relent. And Navarro had been regularly around the Oval Office since Trump’s “Liberation Day” event.

So that morning, when Navarro was scheduled to meet with economic adviser Kevin Hassett in a different part of the White House, Bessent and Lutnick made their move, according to multiple people familiar with the intervention.

They rushed to the Oval Office to see Trump and propose a pause on some of the tariffs—without Navarro there to argue or push back. They knew they had a tight window. The meeting with Bessent and Lutnick wasn’t on Trump’s schedule.

The two men convinced Trump of the strategy to pause some of the tariffs and to announce it immediately to calm the markets. They stayed until Trump tapped out a Truth Social post, which surprised Navarro, according to one of the people familiar with the episode. Bessent and press secretary Karoline Leavitt almost immediately went to the cameras outside the White House to make a public announcement.

And multiple outlets have described Bessent’s thus far successful efforts to prevent Trump from firing Jerome Powell.

Treasury Secretary Scott Bessent has repeatedly cautioned White House officials that any attempt to fire Federal Reserve Chair Jerome Powell would risk destabilizing financial markets, according to two people close to the White House granted anonymity to share details of private discussions.

Bessent’s private message reinforces what President Donald Trump already knows but comes as the president’s anger with the Fed chair is growing because Powell hasn’t shown signs that he will cut interest rates soon. It also comes against the backdrop of widespread market turmoil over the administration’s far-reaching trade war.

Trump’s fury with Powell burst into public view on Thursday morning, when he said in a post on Truth Social that his “termination cannot come fast enough!”

But Powell’s job looks safe for now.

Bessent is a mediocre Treasury Secretary, in no way the match for his counterparts. Yet he is increasingly all that’s standing between Trump and his most feverish nutjobs and far bigger financial catastrophe.

Given Loomer’s success firing NSA Director Timothy Haugh and six NSC staffers, it may be only a matter of time before the nutjobs get to Bessent, too.

The third cabinet level blowup is more opaque. As laid out here, three of Whiskey Pete Hegseth’s top aides were escorted out of the Pentagon in the wake of a leak investigation. Politico reported that they were fired — passive voice — on Friday, but the guy who led the investigation used to explain their ouster is also leaving his current role.

Joe Kasper, Defense Secretary Pete Hegseth’s chief of staff will leave his role in the coming days for a new position at the agency, according to a senior administration official, amid a week of turmoil for the Pentagon.

Senior adviser Dan Caldwell, Hegseth deputy chief of staff Darin Selnick and Colin Carroll, the chief of staff to Deputy Defense Secretary Stephen Feinberg, were placed on leave this week in an ongoing leak probe. All three were terminated on Friday, according to three people familiar with the matter, who, like others, were granted anonymity to discuss a sensitive issue.

[snip]

Two of the people said Carroll and Selnick plan to sue for wrongful termination. The Pentagon did not respond to a request of comment.

Kasper had requested an investigation into Pentagon leaks in March, which included military operational plans for the Panama Canal, a second carrier headed to the Red Sea, Musk’s visit and a pause in the collection of intelligence for Ukraine.

But some at the Pentagon also started to notice a rivalry between Kasper and the fired advisers.

“Joe didn’t like those guys,” said one defense official. “They all have different styles. They just didn’t get along. It was a personality clash.”

The changes will leave Hegseth without a chief of staff, deputy chief of staff, or senior adviser in his front office.

“There is a complete meltdown in the building, and this is really reflecting on the secretary’s leadership,” said a senior defense official. “Pete Hegseth has surrounded himself with some people who don’t have his interests at heart.” [my emphasis]

Some of those targeted — who have long-standing ties to Hegseth, going back to his failed non-profit management — are denying any role in leaks.

Whatever the genesis of this upheaval or the partisan explanation for it, it leaves a wildly unqualified man at the top of the world’s largest military with no top aides.

There are other signs of the collapse of all management inside the White House — such as the White House attempt to explain away their attack on Harvard with a bullshit claim that they accidentally sent out a letter demanding to effectively take over Harvard University.

Everywhere you look you have to wonder whether Susie Wiles is as much in charge as Amy Gleason is at DOGE, whether her title of Chief of Staff is just a convenient fiction to cover up for the reality that Trump does whatever the last person in the room tells him to do.

And often as not, the last person in the room is Stephen Miller.

We’ve already seen that the three cabinet secretaries struggling to assert control over their own agencies deferred to Stephen Miller when he told the participants of the famous Signal chat what Trump thought.

That is, it’s not just that Stephen Miller is often the last one in the room with Trump. It’s not just that Stephen Miller’s policy ideas are batshit insane (and that he’s the author of Trump’s most egregious abuses of power). It’s also that Miller often stands in as the Word of DOGE, the Word of Trump.

Kremlinologists are pointing to evidence — his demotion at Trump’s most recent cabinet meeting, for example — that Elon’s power at the White House has started to wane (while ignoring that Elon has moved onto the next phase of takeover, cashing in, cashing in, and cashing in).

But behind all the intrigue, Stephen Miller’s ascendance remains, apparently uncontested and possibly unbound.

Share this entry

Whiskey Pete Hegseth Finally Finds Some White Men to Purge

/40 Comments/in /by

Amid all the other news, the purge of suspected leakers Pete Hegseth announced last month has netted three targets — all white men, for a change! Politico has not only provided a roster, but described the scope of the leak investigation.

The Pentagon put a third top official on administrative leave Wednesday as part of a wide-ranging leak investigation, according to a defense official and a person familiar with the matter.

Colin Carroll, chief of staff to Deputy Defense Secretary Stephen Feinberg, was suspended a day after two other political appointees were placed on leave following a probe into potential leaks of sensitive information.

The leaks under investigation include [1] military operational plans for the Panama Canal, [2] a second carrier headed to the Red Sea, [3] Elon Musk’s controversial visit to the Pentagon to discuss China and a [4] pause in the collection of intelligence for Ukraine, according to the official.

[snip]

Dan Caldwell, a senior adviser to Defense Secretary Pete Hegseth, and Darin Selnick, the Defense Department’s deputy chief of staff, were escorted out of the Pentagon by security officers and had their building access suspended pending further investigation, the official said. Caldwell and Selnick both previously worked at Concerned Veterans for America, the nonprofit that Hegseth once led. [my annotation]

An Air Force Special Forces Command Chief Master Sergeant was also removed on Monday, though no one has said the investigation described to be targeting him is Pete Hegseth’s purge.

When this investigation was first reported by CNN, it focused on the disclosure to NYT, for a story published on March 20  [1], that Hegseth was about to give Elon Musk a briefing on US war plans against China.

The memo comes after President Donald Trump pushed back on a New York Times report that DOGE head Elon Musk would be briefed on US military plans for a potential war with China while at the Pentagon on Friday. Trump said he wouldn’t show such plans “to anybody.”

And surely that’s a big focus of this investigation. As news of these ousters broke, Marc Caputo released a story ret-conning Trump’s unhappiness with the briefing, claiming, against all sense, that Trump got mad at Elon but not, also, Hegseth about it.

  1. Defense Secretary Pete Hegseth suspended two top Pentagon officials, Dan Caldwell and Darin Selnick, as part of an investigation into who leaked word of a planned top-secret briefing on China for Elon Musk.
  2. Axios learned that Musk or Hegseth didn’t just decide to call off that briefing after the leak. President Trump himself ordered staffers to kill it.
  • “What the f**k is Elon doing there? Make sure he doesn’t go,” Trump said, a top official recalled to Axios.

Why it matters: Musk has annoyed several administration officials with his constant presence at the White House, his haphazard social media posts and his slash-and-burn tactics at his Department of Government Efficiency.

  • The planned Pentagon briefing, however, got him cross with the boss at the Resolute Desk.

Anyway, no one made sure Elon “doesn’t go;” the currently operative story is Elon went to the Pentagon, but didn’t get the briefing. If Trump were unhappy with the planned briefing, rather than its exposure, I doubt we’d have this kind of leak investigation, which purportedly prevented the briefing from happening.

But Politico mentions three more leaks targeted by the investigation:

  • A widely disseminated story [1] disclosing that DOD had developed military plans targeting the Panama Canal; NBC’s story was published March 13.
  • The deployment [2] of the USS Carl Vinson from Asia to the Red Sea; the Politico version, which noted USNI reported the news first, was like USNI’s report dated March 21. Both versions report the move first as a month-long extension of the deployment of the USS Harry S. Truman, which was damaged and then repaired in February after being struck by a merchant ship, with the Vinson sailing from East China to the Red Sea to overlap with it. On March 16, the Houthis attempted to attack the Truman in retaliation for the strikes on March 15 ordered up by Pete Hegseth’s signal chat, and potential Houthi disinformation has very recently claimed the Truman has been struck.
  • Stories [4] about a pause in intelligence sharing with Ukraine that were quickly and publicly confirmed by John Ratcliffe; here’s Politico’s March 5 version, bylined by one of the guys closely tracking the purge.

So in order, the leaks are:

  • March 5 story on Ukraine intelligence sharing
  • March 13 story on targeting Panama
  • March 20 story on the Elon briefing
  • March 21 story on the Vinson redeployment from the East China Sea to the Middle East

With that list in mind, let’s look at several aspects of the memo, dated the same day as the Vinson deployment, March 21, asking for the investigation.

It does, in fact, identify, “unauthorized disclosures of national security information involving sensitive communications with principals within the Office of the Secretary of Defense,” plural. So while the coverage focused on the Elon briefing, it reportedly entailed the others from the start, including the seemingly routine report on the Vinson deployment.

It not only mentioned “sensitive communications with principals within the Office of the Secretary of Defense,” but it asked for cooperation from “those responsible for maintaining and overseeing information security systems and in coordination with federal partners as required.” At first, in the days before Jeff Goldberg revealed Pete Hegseth conducts these discussions (including discussions about the Middle East operations like the Vinson deployment) via Signal chat, it seemed this might have been an investigation into DOD’s secure communications.

But given the inclusion of Dan Caldwell — the guy whom Hegseth instructed Mike Waltz to add as his representative to the famous Signal chat — as the first guy purged suggests this leak investigation could also be about the Signal chat.

Or other Signal chats. Mike Waltz apparently did this all the time.

American Oversight’s lawsuit seeking to preserve the signal chats Goldberg published already disclosed that the actual content of the chats did not get preserved on John Ratcliffe’s personal phone, and that between March 26 and March 28 — after Congress was already investigating — participants changed message settings.

In a filing asking James Boasberg to find that Ratcliffe defied his order submitted yesterday, American Oversight included this timeline of what we know from filings in that suit:

March 24: Excerpts of the Signal chat appear in The Atlantic.1

March 25: American Oversight files this action. On the same day, Defendant Ratcliffe testifies before the Senate Select Committee on Intelligence regarding his use of Signal.2

March 26: American Oversight files a motion for temporary restraining order. ECF No. 6. The same day, changes occur in the Signal chat “participants’ administrative settings . . . such as profile names and message settings.” Suppl. Blankenship Decl. ¶ 4, ECF No. 15-3. Also on the same day, The Atlantic publishes further excerpts from the Signal chat.3

March 27: This Court orders Defendants to “promptly make best efforts to preserve all Signal communications from March 11–15, 2025.” Min. Order, Mar. 27, 2025. The same day, the CIA’s Office of General Counsel reportedly issued a litigation hold notice. Blankenship Decl. ¶ 4, ECF No. 10-3.

March 28: Changes occur again in the Signal chat participants’ profile names and message settings. Suppl. Blankenship Decl. ¶ 4, ECF No. 15-3.

March 31: Defendant Ratcliffe’s Signal account is “reviewed” for the first time and found to contain no substantive messages from the Signal chat. Suppl. Blankenship Decl. ¶ 4, ECF No. 15-3.

1 See Jeffrey Goldberg, The Trump Administration Accidentally Texted Me Its War Plans, The Atlantic (Mar. 24, 2025), https://www.theatlantic.com/politics/archive/2025/03/trumpadministration-accidentally-texted-me-its-war-plans/682151/.

2 Sen. Select Comm. on Intel. Hr’g to Examine Worldwide Threats Tr., Mar. 25, 2025, available at https://www.dia.mil/Portals/110/Images/News/DIA%20in%20the%20News/Committee_Hearing _2025.pdf.

3 See Jeffrey Goldberg & Shane Harris, Here Are the Attack Plans that Trump’s Advisers Shared on Signal, The Atlantic (March 26, 2025), https://www.theatlantic.com/politics/archive/2025/03/signal-group-chat-attack-plans-hegsethgoldberg/682176.

All of that took place after Hegseth himself ordered an investigation into leaks including the extension of the Harry S. Truman deployment to fight the Houthis on March 21, the kind of thing that might have been on that Signal chat.

While American Oversight didn’t ask for any other declarations, it did note that the existing declarations [docket] raise real questions about who else, including Whiskey Pete, might have deleted these texts from their devices.

For example, rather than specifying which messages were preserved, the Supplemental DoD Declaration vaguely references the preservation of “existing Signal application messages,” which, as shown by the Supplemental Blankenship Declaration, could be none. Suppl. Bennett Decl. ¶ 2, ECF No. 15-1. Similarly, without specifying whether any substantive messages were preserved, the Supplemental State Declaration merely states that “images of the Signal chat”—including “any” images captured from the Secretary’s devices—have been preserved. See Decl. of Timothy J. Kootz ¶ 4, ECF No. 15-4. As with CIA, those “images of the Signal chat” may simply be the title of the group chat. The Supplemental State Declaration also suggests that Secretary Rubio accessed the Signal chat from multiple devices. Id. More broadly, the evidentiary issues identified in the Supplemental Blankenship Declaration raise substantial questions regarding what these other Defendants actually preserved.

In forthcoming filings, American Oversight will probe the clear deficiencies in Defendants’ recordkeeping practices evidenced by these standout omissions of whether and what substantive messages from the Signal chat still exist, as well as when and how any such messages were lost. [my emphasis]

All of which brings me to the last detail of the original leak announcement that has always struck me: it was set up not as conventional leak investigations are, as a referral to the FBI based on stories that include classified information. That’s how you find out who leaked what if you want all possible culprits involved. Rather, it was set up such that Hegseth himself would get reports on the findings, and from that point, the criminal referrals would go out.

This investigation will commence immediately and culminate in a report to the Secretary of Defense. The report will include a complete record of unauthorized disclosures within the Department of Defense and recommendations to improve such efforts. I expect to be informed immediately if this effort results in information identifying a party responsible for an unauthorized disclosure, and that such information will be referred to the appropriate criminal law enforcement entity for criminal prosecution. [my emphasis]

That is, this so-called leak investigation implicating the guy Hegseth would add to his inappropriate Signal chats was set up such that Hegseth himself gets to gatekeep who gets targeted by it.

He appears to have set it up that way, importantly, before he realized a journalist had witnessed him add Dan Caldwell to a Signal chat on which he himself would disseminate battle information to the personal cell phones of multiple list participants, including journalist Jeff Goldberg.

Update: Adding this for timeline considerations. Roger Wicker and Jack Reed asked DOD IG to investigate this on March 27, while participants in the Signal chat were altering names and retention.

[W]e ask that you conduct an inquiry into, and provide us with an assessment of, the following:

1. The facts and circumstances surrounding the above referenced Signal chat incident, including an accounting of what was communicated and any remedial actions taken as a result;

2. Department of Defense (DOD) policies and adherence to policies relating to government officers and employees sharing sensitive and classified information on non-government networks and electronic applications;

3. An assessment of DOD classification and declassification policies and processes and whether these policies and processes were adhered to;

4. How the policies of the White House, Department of Defense, the intelligence community, and other Departments and agencies represented on the National Security Council on this subject differ, if at all;

5. An assessment of whether any individuals transferred classified information, including operational details, from classified systems to unclassified systems, and if so, how;

6. Any recommendations to address potential issues identified.

Share this entry

Honesty, Humility, Integrity: Pete Hegseth Fails to Meet Standards He Claims Trans Service Members Lack

/54 Comments/in /by

Amid the torrent of scandal and legal fights characterizing Donald Trump’s second term, the United States faces a moral and ethical question about what it means to be honest, humble, to have integrity.

On the one hand, you have over forty (thirty-two, eight, two) plaintiffs, challenging Donald Trump’s ban on their service in the military. They include Commander Emily Shilling, a naval aviator who flew over 60 combat missions before serving as a test pilot and now leading acquisition programs, Lieutenant Colonel Ashley Davis, who serves as an Air Battle Manager flying the E-3 AWACS, Major Minerva Bettis, who serves as an Air Force weapons instructor at Nellis Air Force Base, First Lieutenant Sean Kersch-Hamar, who serves as an Air Force weapons systems officer, Master Sergeant Logan Ireland, who serves as Flight Chief in the Air Force’s Office of Special Investigations, Staff Sergeant Vera Wolf, who serves as an Air Force weapons specialist.

While this is just a selection of the 40 plaintiffs, these happen to be the kinds of people who make strikes like those launched against the Houthis on March 15 happen.

These plaintiffs are being kicked out of the military for no other reason than because they are transgender. To justify kicking out these service members, Donald Trump accused all transgender people of lacking the honesty, humility, and integrity, not to mention the “warrior ethos,” to serve in the armed forces, a claim adopted in DOD’s implementation of Trump’s order.

They are being kicked out by Pete Hegseth.

During his confirmation hearing to be Secretary of Defense, Pete Hegseth confessed to serial adultery. He confessed to that as a way to dodge questions about drinking before work, spousal abuse, and sexual misconduct. He confessed to serial infidelity but denied the other allegations.

After denying the allegations, Hegseth refused to say whether showing up to work drunk, engaging in spousal abuse, or sexually assaulting a woman would disqualify him from serving as Secretary of Defense.

Pete Hegseth refused to say whether showing up to work drunk, engaging in spousal abuse, or sexually assaulting a woman would prove he lacked the honesty or integrity to work at DOD, much less lead it.

But questions about Hegseth’s fitness did not end with his confirmation hearings.

In his time as Secretary of Defense, Pete Hegseth has brought his spouse to sensitive international meetings. To be fair, he may simply not know better. Along with serial infidelity, in his confirmation hearing, Hegseth confessed that he had conducted almost no such international negotiations in the past. Maybe he simply doesn’t know that including spouses undermines candor and security?

Hegseth also hired his brother, Phil, who did PR at the non-profit which Hegseth financially ruined, to a senior position at DOD. This at least looks like nepotism, the hiring of someone because of who he is, other than merit. As he has with his spouse, Hegseth has toted his brother along to meetings: to his first big overseas trip, to Gitmo, to the Conor McGregor meeting at the White House.

All that might not have been enough to revisit questions about Hegseth’s honestly, humility, and integrity.

But then, Pete Hegseth — the guy kicking out every trans service member based on a claim they lack honesty, humility, and integrity — shared National Defense Information on an insecure Signal chat that happened to include a journalist. While the compromise of attack information did not, in real time, get anyone killed, between his comments on the chat and those of Vice President JD Vance and National Security Adviser Mike Waltz, the compromise may expose service members — people like Commander Shilling, Lieutenant Colonel Davis, Major Bettis, First Lieutenant Kersch-Hamar, Master Sergeant Ireland, or Staff Sergeant Wolf —  to possible legal danger going forward, because they raise questions about the presidential authorization for an operation that knowingly targeted a civilian residence.

Just as troubling, after his reckless actions were exposed, Hegseth has persistently lied about how sensitive the information is.

He has refused to accept responsibility for his own actions.

As the NYT describes, Hegseth’s intransigence has led those flying such missions to question whether the Secretary of Defense is going to get them killed, in part because he lacks the humility to admit that he did something wrong.

On air bases, in aircraft carrier “ready rooms” and in communities near military bases this week, there was consternation. The news that senior officials in the Trump administration discussed plans on Signal, a commercial messaging app, for an impending attack angered and bewildered men and women who have taken to the air on behalf of the United States.

The mistaken inclusion of the editor in chief of The Atlantic in the chat and Mr. Hegseth’s insistence that he did nothing wrong by disclosing the secret plans upend decades of military doctrine about operational security, a dozen Air Force and Navy fighter pilots said.

Worse, they said, is that going forward, they can no longer be certain that the Pentagon is focused on their safety when they strap into cockpits.

“The whole point about aviation safety is that you have to have the humility to understand that you are imperfect, because everybody screws up. Everybody makes mistakes,” said Lt. John Gadzinski, a retired Navy F-14 pilot who flew combat missions from aircraft carriers in the Persian Gulf. “But ultimately, if you can’t admit when you’re wrong, you’re going to kill somebody because your ego is too big.”

And that’s why I keep obsessing about the fact that Hegseth continues to lie about the Signal chat even as DOJ continues to insist that Commander Shilling, Lieutenant Colonel Davis, Major Bettis, First Lieutenant Kersch-Hamar, Master Sergeant Ireland, or Staff Sergeant Wolf lack honesty, integrity, and humility.

Hegseth is relying on such claims even though there’s absolutely no evidence to support it in the case of these 40-some named plaintiffs.

Here’s how Judge Benjamin Settle, a George W. Bush appointee, described it in the third of three orders freezing the trans ban.

Commander Emily “Hawking” Shilling, for example, transitioned within the Navy beginning in the fall of 2021 in reliance on the Austin Policy. She has been a Naval Aviator for 19 years. She has flown more than 60 combat missions, including in Iraq and Afghanistan, and was a Navy test pilot. She has 1750 flight hours in high performance Navy jets—including the F/A-18 Super Hornet—and has earned three air medals. She asserts without contradiction that the Navy already spent $20 million training her. There is no claim and no evidence that she is now, or ever was, a detriment to her unit’s cohesion, or to the military’s lethality or readiness, or that she is mentally or physically unable to continue her service. There is no claim and no evidence that Shilling herself is dishonest or selfish, or that she lacks humility or integrity. Yet absent an injunction, she will be promptly discharged solely because she is transgender.

Settle reached his conclusion via different means that Judge Ana Reyes, whose injunction focused on the clear animus targeting trans service members.

Settle didn’t deny there was animus; he just didn’t rely on it, focusing instead on DOD’s failure to present any evidence to support the stated goals of the trans ban, a ban that goes further even than the Mattis policy approved in Trump’s first term, which permitted trans members already serving, including some of the plaintiffs, to remain. DOJ relied on suppositions made in formulating the Mattis policy during Trump’s first term and ignored the reality of the last seven years — the honorable service of the plaintiffs who’ve served openly — that debunked those suppositions.

But Settle did hold that the stigma of being fired based on these shoddy claims would likely support a due process claim, even if DOD ousts these plaintiffs via an honorable discharge, which the government claims would eliminate any stigma.

The Military Ban and Hegseth Policy’s demeaning language is repeated even here in the government’s response: “The Commander has determined that it is ‘the policy of the United States Government to establish high standards for troop . . . honesty, humility, uniformity, and integrity,’ and that this policy is ‘inconsistent with the . . . constraints on individuals with gender dysphoria.’” Dkt. 76 at 41 (quoting Military Ban). In effect, the government, in line with the Military Ban and Hegseth Policy, posits that, as a class, transgender service members are only in the military as the result of a radical, insane, false gender ideology. See, e.g., Military Excellence and Readiness Fact Sheet (“During the Biden Administration, the Department of Defense allowed gender insanity to pervade our military organizations.”). There is no evidence in the record supporting these assertions.

One discharged from service based on these grounds is plainly stigmatized. The accuracy of the government’s proclamations is obviously contested, and plaintiffs are about to lose their military careers because of them. An honorable discharge does not erase or sanitize the language the government uses to describe the character of separated service members under the Military Ban and Hegseth Policy.

Plaintiffs have demonstrated the Chaudhry elements of a stigma-plus Procedural Due Process claim. They have also demonstrated that the Military Ban violates “bedrock” Due Process fairness principles precluding arbitrary or vindictive measures that upset settled expectations. On the record before the Court, they are likely to succeed on the merits of their Procedural Due Process claim.

There’s been a lot of attention to the arbitrary claims Trump has used to target one after another law firm (even while protecting Jones Day), though in my opinion far too many journalists have treated these grievances as real, ignoring the falsehoods Trump used to manufacture grievance. There has, similarly, been a lot of attention on the protected free speech that the government has used to justify kidnapping Mahmud Khalil, Rumeysa Ozturk, and others.

That’s all justified attention.

But there’s something especially noxious about this manufactured claim — the enthusiasm with which Hegseth has adopted Trump’s slander of all trans people as dishonest and lacking integrity.

When it came to his own alleged conduct, for which there was at least credible (if aggressively contested) evidence, Hegseth refused to concede whether dishonesty would disqualify him. Yet since then, Hegseth has used baseless insinuations about honesty, integrity, and humility to kick out people who’ve served honorably for two decades.

Pete Hegseth is lying about how dangerous his actions were. In doing so, he’s putting his career above those doing the riskiest work.

And all the while he’s slandering others about lacking honesty, integrity, and humility.

Talbott v. Trump docket

Ana Reyes opinion granting preliminary injunction

Shilling v. Trump docket

Benjamin Settle opinion granting preliminary injunction

Ireland v. Hegseth docket

Christine O’Hearn order granting TRO

Share this entry

Stephen Miller’s Presumed Babysitting of JD Vance’s European Animosity … and DOD’s Potential War Crimes

/168 Comments/in /by

Tulsi Gabbard’s testimony at the threat hearings was clear: After falsely claiming that fentanyl was the top threat to the United States, she said the second threat was China. That’s important background to the most interesting comment I’ve seen about the chat.

The Trumpsters on the chat were obsessed with making Europe pay for the operation. But — as  Nathalie Tocci noted in this NYT story focused on the Trumpsters’ obsession — the entire conversation ignored the import to China of transit through the Suez Canal.

“It is clear that the trans-Atlantic relationship, as was, is over, and there is, at best, an indifferent disdain,” said Nathalie Tocci, director of Italy’s Institute of International Affairs, who formerly advised a top E.U. official. “And at worst, and closer to that, there is an active attempt to undermine Europe.”

[snip]

He and others, like Anna Sauerbrey, the foreign editor of Die Zeit, noted that the explicit demand for payment, rather than just political and military support, as in Iraq and Afghanistan, was new. And it ignored the fact that “the U.S. depends on global trade,” she said, and that “France, Britain and the Netherlands have deployed ships to the region” for the same purpose. The Americans, she said, “are constantly overlooking European efforts.”

China, for example, gets most of its oil imports through the Bab el-Mandeb Strait and does much of its export trade with Europe through the same sea route. But no one is asking China to pay, Ms. Tocci noted.

In the texts released by Atlantic, there’s actually even more focus on the trade that transits the canal than the original story.

Indeed, it was at the center of debates over whether the strikes should go forward, which decision Tulsi Gabbard claimed had been made long before the chat started, and which debate, in yesterday’s cover story, was hailed as a policy process working.

Eleven minutes after Mike Waltz kicks off the thread with instructions that Joint Staff is sending “a more specific sequence of events in the coming days,” JD Vance piped in to say he thought the strikes were a mistake.

He focused on the fact that (he claimed) just 3% of US trade goes through Bab el-Mandeb, whereas 40% of Europe’s does.

Both Joe Kent (Tulsi’s unconfirmed aide) and John Ratcliffe respond that they could wait; indeed, in an arguably classified text, Ratcliffe says that more time would “be used to identify better starting points for coverage on Houthi leadership.” Kent also offers to provide unclassified details on shipping, perhaps to correct JD’s claim.

Remember, the person most likely to have been the “JG” whom Waltz tried to add to the chat instead of Jeff Goldberg is Jamieson Greer, Trump’s trade representative, who likely would have had the precise details (and also might be sufficiently grown up to point out how stupid this Signal chat was).

Then Pete Hegseth pipes up to second JD’s specific concerns about messaging, including his worry that (ha!) the plans will leak and “we look indecisive.”

Waltz responds to JD’s original point, correcting him about how much US traffic transits Bab el-Mandeb, accounting for the fact that the stuff transiting the canal ends up in trade with the US.

That’s the first 27 minutes of the substantive discussion. Somewhere between 8:32 and 8:42AM, Waltz adds “SM,” believed to be Stephen Miller.

After adding Miller (but without mentioning he added him), Waltz returns to the issue of sea lanes, asserting that unless the US reopens them, they won’t get reopened.

JD suggests that if Hegseth is okay with the strikes, “let’s go.” He suggests Houthi targeting of Saudi oil facilities are one downside risk, not Saudi involvement, which is why the US has often chosen to lead on Houthi strikes.

Then Hegseth agrees that the Europeans are “free-loading It’s PATHETIC,” and says “we are the only ones on the planet (on our side of the ledger) who can” reopen the shipping lanes — which may suggest he believes China could do it too.

As Tocci pointed out to NYT, there’s no discussion of asking China to pay for these strikes. No discussion of how doing so for China helps China build its influence in Europe. No discussion at all in how this might affect China.

These boys purportedly intent on confronting China simply don’t consider the policy decision’s affect on China. JD and Whiskey Pete, at least, are interested primarily in hurting Europe.

Another 46 minutes elapse before SM — added after JD was wailing about the Europeans — comments. He offers an interpretation of what Trump said: a green light on the operation, he opines, but the US would harass Egypt and Europe after the fact to extort a payback.

Eleven minutes later, Hegseth — the guy to whom JD appealed on this issue — agreed with SM’s interpretation of the President’s intent.

That settled it. As I noted, SM’s — presumed to be Stephen Miller, Trump’s top domestic policy advisor — interpretation of the President’s intent is the sole backup in this now public document that the President authorized the strike at all: “As I heard it, the president was clear: green light.”

And the next thing we know, after Waltz resets how long until this PRA/FRA-covered communications will be destroyed illegally — DOD is flattening the apartment of someone’s girlfriend.

Fist-flag-fire!

By March 17, locals in Sanaa were claiming 53 people had been killed in this and ensuing strikes, including five children.

Even ignoring the foreknowledge of a civilian target, that makes the whole thing legally precarious, because everyone on the list is relying on SM’s interpretation of presidential intent. With the foreknowledge, it puts everyone involved in the strike at much greater legal risk because the legality of it, seemingly a target with significant civilian exposure, is so fragile.

But the other thing it does is show SM — again, believed to be Trump’s top domestic policy advisor — serving as the surrogate for Trump, and doing so in a way designed to shut JD up.

Like wormtongue, his mere gloss of the leader’s intent is treated with uncontested authority.

 

Share this entry

Clean on OpSec: Pete Hegseth Spilled Specific Details of an Attack in Advance

/117 Comments/in /by

The Atlantic has published the texts (except for one naming a CIA officer whose name John Ratcliffe insists is not classified) it earlier withheld.

The White House is frantically spinning, claiming these attack plans — the likes of which both Tulsi Gabbard and Ratcliffe claimed not to recall in sworn testimony yesterday — don’t amount to “war plans.”

Karoline Leavitt is even sniping at the Wall Street Journal for its shock that Steve Witkoff was on the Signal chat thread while meeting with Putin at the Kremlin.

A real security scandal is that the Signal chat apparently included Steve Witkoff, Mr. Trump’s envoy to wars in the Middle East and Ukraine. Press reports say Mr. Witkoff was receiving these messages on the commercial app while in Moscow. This is security malpractice. Russian intelligence services must be listening to Mr. Witkoff’s every eyebrow flutter. This adds to the building perception that Mr. Witkoff, the President’s friend from New York, is out of his depth in dealing with world crises.

The meaning of Leavitt’s rebuttal is not remotely clear.

.@SteveWitkoff
was provided a secure line of communication by the U.S. Government, and it was the only phone he had in his possession while in Moscow.

If the Wall Street Journal Editorial Board cared about the truth, they could have reached out to our team for comment before running these lies.

This is classic Fake News from an outlet clearly determined to knock Steve Witkoff, who is a great patriot working effectively on behalf of President Trump to secure world peace.

She’s not denying he had Signal on the device with which he traveled (nor explained what devices he has had on his other international travels).

Update: Witkoff makes it more clear. The personal phone on which he was discussing military operations was at home.

I am incredulous that a good newspaper like the@WSJ would not check with me as to whether I had any personal devices with me on either of my trips to Moscow. If they had, they would have known the truth. Which is, I only had with me a secure phone provided by the government for special circumstances when you travel to regions where you do not want your devices compromised. That is why CBS News reported that Goldberg himself said that he “has not recounted Witkoff making any comments in that group chat until Saturday, after he left Russia and returned to the U.S.”. Guess why? Because I had no access to my personal devices until I returned from my trip. That is the responsible way for me to make these trips and that is how I always conduct myself. Maybe it is time for media outlets like the Journal to acknowledge when some of their people make serious reporting mistakes like this. I would appreciate it if the WSJ and other media outlets check with me the next time they make serious allegations. Thank you.

The desperate panic to deny the gravity of this situation, however, is a real testament to the contempt in which the White House holds the men and women whose lives were put at risk — may still be at risk — because their Defense Secretary is so incompetent he can’t bother with the least little OpSec.

Share this entry