Thursday, September 1, 2016

In Attempted Hit Piece, NYT Makes Putin Hero of Defeating TPP

In an remarkable hit piece NYT spent over 5,000 words yesterday trying to prove that all of WikiLeaks’ leaks are motivated from a desire to benefit Russia.

That of course took some doing. It required ignoring the evidence of the other potential source of motivation for Julian Assange — such as that Hillary participated in aggressive, and potentially illegal, prosecution of Assange for being a publisher — even as it repeatedly presented evidence that that was Assange’s motivation.

Putin, who clashed repeatedly with Mrs. Clinton when she was secretary of state,

[snip]

In late November 2010, United States officials announced an investigation of WikiLeaks; Mrs. Clinton, whose State Department was scrambled by what became known as “Cablegate,” vowed to take “aggressive” steps to hold those responsible to account.

[snip]

Another person who collaborated with WikiLeaks in the past added: “He views everything through the prism of how he’s treated. America and Hillary Clinton have caused him trouble, and Russia never has.”

It also required dismissing some of the most interesting counterexamples to the NYT’s thesis.

Sunshine Press, the group’s public relations voice, pointed out that in 2012 WikiLeaks also published an archive it called the Syria files — more than two million emails from and about the government of President Bashar al-Assad, whom Russia is supporting in Syria’s civil war.

Yet at the time of the release, Mr. Assange’s associate, Ms. Harrison, characterized the material as “embarrassing to Syria, but it is also embarrassing to Syria’s opponents.” Since then, Mr. Assange has accused the United States of deliberately destabilizing Syria, but has not publicly criticized human rights abuses by Mr. Assad and Russian forces fighting there.

As I have noted, there is a significant likelihood that the Syria files came via Sabu and Anonymous from the FBI — that is, that it was actually an American spy operation. Even aside from how important a counterexample the Syrian files are (because they went directly contrary to Putin’s interests in protecting Assad, no matter how bad they made Assad’s western trade partners look), the provenance of these files and Assange’s current understanding of them deserve some attention if NYT is going to spend 5,000 words on this story.

But the most remarkable stunt in this 5,000 screed is taking Wikileaks’ efforts to show policies a great many people believe are counterproductive — most importantly, passing trade deals that benefit corporations while hurting real people, but also weakening other strong hands in climate change negotiations — and insinuating they might be a Putinesque plot. This bit requires editorial notes in line:

From November 2013 to May 2016, WikiLeaks published documents describing internal deliberations on two trade pacts: the Trans-Pacific Partnership, which would liberalize trade [ed: no, it would protect IP, the opposite of liberalizing trade] between the United States, Japan and 10 other Pacific Rim countries, and the Trade in Services Agreement, an accord between the United States, 21 other countries and the European Union.

Russia, which was excluded, has been the most vocal opponent of the pacts [this is presented with no evidence, nor even a standard of evidence. I and all of America’s TPP opponents as well as TPP opponents from around the world must redouble our very loud effort], with Mr. Putin portraying them as an effort to give the United States an unfair leg up in the global economy.

The drafts released by WikiLeaks stirred controversy among environmentalists, advocates of internet freedom and privacy, labor leaders and corporate governance watchdogs, among others. They also stoked populist resentment against free trade that has become an important factor in American and European politics. [Here, rather than admitting that this broad opposition to these trade deals shows that Putin is not the most vocal opponent of these pacts — contrary to their foundational assumption in this section — they instead portray a wide spectrum of well-considered activism as unthinking response to Putinesque manipulation. And note, here, a news outlet is complaining that ordinary citizens get access to critically important news, without even blushing? Also note the NYT makes no mention of the members of Congress who were also begging for this information, which makes it easier to ignore the profoundly anti-democratic nature of these trade agreements.]

The material was released at critical moments, with the apparent aim of thwarting negotiations, American trade officials said. [In a piece obscuring the unpopular and anti-democratic nature of these trade deals, the NYT gives these sources anonymity.]

WikiLeaks highlighted the domestic and international discord on its Twitter accounts.

American negotiators assumed that the leaks had come from a party at the table seeking leverage. [That anonymity again: NYT is protecting some bitter trade negotiators who’ve invented a paranoid conspiracy here. On what grounds?]

Then in July 2015, on the day American and Japanese negotiators were working out the final details of the Trans-Pacific Partnership, came what WikiLeaks dubbed its “Target Tokyo” release.

Relying on top-secret N.S.A. documents, the release highlighted 35 American espionage targets in Japan, including cabinet members and trade negotiators, as well as companies like Mitsubishi. The trade accord was finally agreed on — though it has not been ratified by the United States Senate — but the document release threw a wrench into the talks.

“The lesson for Japan is this: Do not expect a global surveillance superpower to act with honor or respect,” Mr. Assange said in a news release at the time. “There is only one rule: There are no rules.” [That the US spies on trade negotiations was of course not news by this point. But it is, nevertheless, worthy to point out.]

Because of the files’ provenance, United States intelligence officials assumed that Mr. Assange had gotten his hands on some of the N.S.A. documents copied by Mr. Snowden.

But in an interview, Glenn Greenwald, one of the two journalists entrusted with the full Snowden archive, said that Mr. Snowden had not given his documents to WikiLeaks and that the “Target Tokyo” documents were not even among those Mr. Snowden had taken.

The next paragraph goes on to note that the same NSA documents focused on climate negotiations between Germany and the UN, which seems to suggest the NYT also believes it is in petro-state leader Putin’s interest for the US attempts to dominate climate change negotiations to be thwarted, even as Assange describes US actions as protection petroleum interests, which of course align with Putin’s own.

In other words, as a central piece of evidence, the NYT spent 11 paragraphs repackaging opposition to shitty trade deals — a widely held very American view (not to mention a prominent one is most other countries affected) — into something directed by Russia, as if the only reasons to oppose TPP are to keep Russia on an equal shitty neoliberal trade footing as the rest of us, as if opposing the deals don’t benefit a whole bunch of red-blooded Americans.

That’s not only logically disastrous, especially in something billed as “news,” but it is very dangerous. It makes legitimate opposition to bad (albeit widely accepted as good within beltway and I guess NYT conventional wisdom) policy something disloyal.

NYT’s argument that Putin was behind WikiLeaks’ NSA leaks doesn’t hold together for a lot of reasons (not least that those two topics are probably not what Putin would prioritize, or even close). But it also has the bizarre effect, in a hit piece targeting Assange and Putin, of making Putin the hero of the anti-TPP movement.

And yet, NYT’s three journalists don’t seem to understand how counterproductive to their “journalistic” endeavor that argument is.

Wednesday, August 31, 2016

SEKRIT Memo: Ix-Nay on the Artians-May

A mere two days ago, we got tantalizing news of sentient life in space.

An international team of scientists from the Search for Extraterrestrial Intelligence (SETI) is investigating mysterious signal spikes emitting from a 6.3-billion-year-old star in the constellation Hercules—95 light years away from Earth. The implications are extraordinary and point to the possibility of a civilization far more advanced than our own.

The unusual signal was originally detected on May 15, 2015, by the Russian Academy of Science-operated RATAN-600 radio telescope in Zelenchukskaya, Russia, but was kept secret from the international community. Interstellar space reporter Paul Gilster broke the story after the researchers quietly circulated a paper announcing the detection of “a strong signal in the direction of HD164595.”

[snip]

The signal’s strength indicates that if it in fact came from a isotropic beacon, the power source would have to be built by a Kardashev Type II civilization. (The Kardashev scale is used to determine the progress of a civilization’s technological development by measuring how much energy was used to transmit an interstellar message.) An ‘Isotropic’ beacon means a communication source emitting a signal with equal power in all directions while promoting signal strength throughout travel.

This created quite the tizzy among space watchers and had me warning it was a Russian plot to steal the election.

Oh, sure, there were warnings.

“The signal may be real, but I suspect it’s not ET,” Seth Shostak, senior astronomer at the SETI Institute, told GeekWire. “There are other possibilities for a wide-band signal such as this, and they’re caused by natural sources or even terrestrial interference.”

Nick Suntzeff, a Texas A&M University astronomer, agrees. “God knows who or what broadcasts at 11 GHz, and it would not be out of the question that some sort of bursting communication is done between ground stations and satellites,” he told Ars Technica, explaining that the signal was observed in the radio spectrum used by the military. “I would follow it if I were the astronomers, but I would also not hype the fact that it may be at SETI signal given the significant chance it could be something military.”

But nevertheless, last we heard — two whole days ago — America’s ET watchers were going to monitor that location permanently and telescopes in our hemisphere were turning their eye to watch the signal.

Still, he adds, “the signal is provocative enough that the RATAN-600 researchers are calling for permanent monitoring of this target.”

[snip]

In the meantime, the SETI Institute, based in Mountain View, California, directed its Allen Telescope Arraytoward HD 164595 on Sunday night, while METI International (Messaging Extraterrestrial Intelligence) did the same with the Boquete Optical SETI Observatory in Panama.

Turns out, two days into that permanent monitoring, the ET-watchers have decided it’s not ET.

We cautioned readers that, because the signal was measured at 11Ghz, there was a “significant chance” it was of terrestrial origin, likely due to some military activity.

Well, it apparently was. First, astronomers with the search for extraterrestrial intelligence downplayed the possibility of an alien civilization. “There are many other plausible explanations for this claimed transmission, including terrestrial interference,” Seth Shostak, a senior astronomer with SETI, wrote.

Now the Special Astrophysical Observatory of the Russian Academy of Sciences has concurred, releasing a statement on the detection of a radio signal at the RATAN-600 radio astronomy observatory in southern Russia. “Subsequent processing and analysis of the signal revealed its most probable terrestrial origin,” the Russian scientists said.

Or, to put it differently, after secretly monitoring this site 95 light years away for 15 months, the Russians have suddenly figured out that this is terrestrial origin.

Maybe even some kind of military activity.

All of which would seem to raise a bunch of other questions. Like who wrote the memo telling all the ET-watchers to Ix-Nay their stories of Artians-May? Or, if this is previously unseen military activity that Russians couldn’t identify for 15 months (but were might attentive to, mind you), whose military activity that might be? And what that previously unidentified military activity might be?

It probably means Russian martians aren’t going to steal our election. But the more interesting question is what this really was…

Tuesday, August 30, 2016

Breaking: Russians Claim They’ve Found Extraterrestrial Life to Tamper with Our Elections

Russians secretly found what might be a sign of life coming from a star 95 light years away and people are in a tizzy.

An international team of scientists from the Search for Extraterrestrial Intelligence (SETI) is investigating mysterious signal spikes emitting from a 6.3-billion-year-old star in the constellation Hercules—95 light years away from Earth. The implications are extraordinary and point to the possibility of a civilization far more advanced than our own.

The unusual signal was originally detected on May 15, 2015, by the Russian Academy of Science-operated RATAN-600 radio telescope in Zelenchukskaya, Russia, but was kept secret from the international community. Interstellar space reporter Paul Gilster broke the story after the researchers quietly circulated a paper announcing the detection of “a strong signal in the direction of HD164595.”

It turns out, however, that the story got way overhyped.

“No one is claiming that this is the work of an extraterrestrial civilization, but it is certainly worth further study,” wrote Paul Glister, who covers deep space exploration on the website Centauri Dreams. He seems to have missed headlines like “Alien Hunters Spot Freaky Radio Signal Coming From Nearby Star,” “Is Earth Being Contacted by ALIENS? Mystery Radio Signals Come From a Sun-like Star” and “SETI Investigating Mysterious, Extraterrestrial Signal From Deep Space Star System.”

[snip]

“God knows who or what broadcasts at 11 GHz, and it would not be out of the question that some sort of bursting communication is done between ground stations and satellites,” he told Ars Technica, explaining that the signal was observed in the radio spectrum used by the military. “I would follow it if I were the astronomers, but I would also not hype the fact that it may be at SETI signal given the significant chance it could be something military.”

In other words, there’s a good chance the signal is the product of terrestrial activity rather than a missive crafted by extraterrestrial life on a distant exoplanet. For those who prefer a different outcome, there are plenty of movies that can offer more thrilling narratives.

So in the spirit of the silly season that our election has become, I’m going to go one better, taking the word “Russia” and some very thin evidence and declare this an election year plot. Everything else that has thin evidence and the word Russia is an election year plot, after all.

Consider the latest panic, caused by someone leaking Michael Isikoff an FBI alert on two attacks on voter files that took place this summer. Isikoff wasted no time in finding a cyber contractor willing to sow panic about Russians stealing the election.

The FBI has uncovered evidence that foreign hackers penetrated two state election databases in recent weeks, prompting the bureau to warn election officials across the country to take new steps to enhance the security of their computer systems, according to federal and state law enforcement officials.

The FBI warning, contained in a “flash” alert from the FBI’s Cyber Division, a copy of which was obtained by Yahoo News, comes amid heightened concerns among U.S. intelligence officials about the possibility of cyberintrusions, potentially by Russian state-sponsored hackers, aimed at disrupting the November elections.

[snip]

“This is a big deal,” said Rich Barger, chief intelligence officer for ThreatConnect, a cybersecurity firm, who reviewed the FBI alert at the request of Yahoo News. “Two state election boards have been popped, and data has been taken. This certainly should be concerning to the common American voter.”

Barger noted that one of the IP addresses listed in the FBI alert has surfaced before in Russian criminal underground hacker forums. He also said the method of attack on one of the state election systems — including the types of tools used by the hackers to scan for vulnerabilities and exploit them — appears to resemble methods used in other suspected Russian state-sponsored cyberattacks, including one just this month on the World Anti-Doping Agency.

Ellen Nakashima claimed the FBI had stated “Russians” were behind the attack and then talked about how Russia (rather than journalists overhyping the story) might raise questions about the integrity of our elections.

Hackers targeted voter registration systems in Illinois and Arizona, and the FBI alerted Arizona officials in June that Russians were behind the assault on the election system in that state.

The bureau described the threat as “credible” and significant, “an eight on a scale of one to 10,” Matt Roberts, a spokesman for Arizona Secretary of State Michele Reagan (R), said Monday. As a result, Reagan shut down the state’s voter registration system for nearly a week.

It turned out that the hackers had not compromised the state system or even any county system. They had, however, stolen the username and password of a single election official in Gila County.

Roberts said FBI investigators did not specify whether the hackers were criminals or employed by the Russian government.

[snip]

Until now, countries such as Russia and China have shown little interest in voting systems in the United States. But experts said that if a foreign government gained the ability to tamper with voter data — for instance by deleting registration records — such a hack could cast doubt on the legitimacy of U.S. elections.

She also cites the same Barger fellow that Isikoff did who might make a buck off sowing fear.

Then Politico quoted an FBI guy and someone who works with state election officials (who are not on the normal circulation lists for these alerts) stating that the alert which is not all that unusual is unprecedented.

But some cyber experts said the FBI’s alert, first revealed by Yahoo News on Monday, could be a sign that investigators are worried that foreign actors are attempting a wide-scale digital onslaught.

A former lead agent in the FBI’s Cyber Division said the hackers’ use of a particular attack tool and the level of the FBI’s alert “more than likely means nation-state attackers.” The alert was coded “Amber,” designating messages with sensitive information that “should not be widely distributed and should not be made public,” the ex-official said.

One person who works with state election officials called the FBI’s memo “completely unprecedented.”

“There’s never been an alert like that before that we know of,” said the person, who requested anonymity to discuss sensitive intergovernmental conversations.

Multiple former officials and security researchers said the cyberattacks on Arizona’s and Illinois’ voter databases could be part of a suspected Russian attempt to meddle in the U.S. election, a campaign that has already included successful intrusions at major Democratic Party organizations and the selective leaking of documents embarrassing to Democrats. Hillary Clinton’s campaign has alleged that the digital attacks on her party are an effort by Russian President Vladimir Putin’s regime to sway the election to GOP nominee Donald Trump. Moscow has denied any involvement.

Then David Sanger used a logically flawed Harry Reid letter calling for an investigation to sow more panic about the election (question: why is publishing accurate DNC documents considered “propaganda”?).

It turns out the evidence from the voting records hacks in the FBI alert suggests the hacks involved common tools that could have been deployed by anyone, and the Russian services were just one of several included in the hack.

Those clued-in to the incidents already knew that SQL Injection was the likely cause of attack, as anyone familiar with the process could read between the lines when it came to the public statements.

The notion that attackers would use public VPS / VPN providers is also a common trick, so the actual identity of the attacker remains a mystery. Likewise, the use of common SQL Injection scanners isn’t a big shock either.

The interesting takeaway in all of this is that a somewhat sensitive memo was leaked to the press. The source of the leak remains unknown, but flash memos coded to any severity other than Green rarely wind-up in the public eye. Doing so almost certainly sees access to such information revoked in the future.

And yet, there is nothing overly sensitive about the IOCs contained in this memo. The public was already aware of the attacks, and those in the industry were certain that something like SQL Injection was a possible factor. All this does is prove their hunches correct.

As for the attribution, that’s mostly fluff and hype, often used to push an agenda. Those working in the trenches rarely care about the Who, they’re more interested inWhat and How, so they can fix things and get the business back to operational status.

And Motherboard notes that stealing voter data is sort of common.

On Monday, Yahoo reported the FBI had uncovered evidence that foreign hackers had breached two US state election databases earlier this month. The article, based on a document the FBI distributed to concerned parties, was heavily framed around other recent hacks which have generally been attributed to Russia, including the Democratic National Committee email dump.

The thing is, voter records are not some extra-special commodity that only elite, nation-sponsored hackers can get hold of. Instead, ordinary cybercriminals trade this sort of data, and some states make it pretty easy to obtain voter data through legal means anyway.

In December of last year, CSO Online reported that a database of some 191 million US voter records had been exposed online. They weren’t grabbed through hacking, per se: the dump was available to anyone who knew where to look, or was happy to just cycle through open databases sitting on the internet (which, incidentally, common cybercriminals are).

In other words, by all appearances there is no evidence to specifically tie these hacks even to Russian criminals, much less than the Russian state. But the prior panic about the DNC hack led to a lower trigger for alerts on a specific kind of target, voter rolls, which in turn has fed the panic such that most news outlets have some kind of story proving Russian life on Mars based on the shadows they saw in the sand.

It’s not the Russian’s who are raising questions about the voting integrity — beyond questions that have persistently been raised for 15 years which have already lowered confidence in our voting system. It is shitty reporting.

So I’m going to join in. These ETs 95 light years away? I’m positive they want to steal our election.

Wednesday, August 24, 2016

Takedowns of Shadow Brokers Files Affirm Files as Stolen

I’ve been wondering something.

Almost immediately after the Shadow Brokers posted their Equation Group files, GitHub, Reddit, and Tumblr took down the postings of the actual files. In retrospect, it reminded me of the way Wikileaks was booted off PayPal in 2010 for, effectively, publishing files.

So I sent email to the three outlets asking on what basis they were taken down. GitHub offered the clearest reason. In refreshingly clear language, its official statement said,

Per our Terms of Service (section A8), we do not allow the auction or sale of stolen property on GitHub. As such, we have removed the repository in question.

Mind you, A8 prohibits illegal purpose, not the auction of stolen property:

You may not use the Service for any illegal or unauthorized purpose. You must not, in the use of the Service, violate any laws in your jurisdiction (including but not limited to copyright or trademark laws).

Moreover, at least in its Pastebin explanation, Shadow Brokers were ambiguous about how they obtained the files.

How much you pay for enemies cyber weapons? Not malware you find in networks. Both sides, RAT + LP, full state sponsor tool set? We find cyber weapons made by creators of stuxnet, duqu, flame. Kaspersky calls Equation Group. We follow Equation Group traffic. We find Equation Group source range. We hack Equation Group. We find many many Equation Group cyber weapons. You see pictures. We give you some Equation Group files free, you see. This is good proof no? You enjoy!!! You break many things. You find many intrusions. You write many words. But not all, we are auction the best files.

They state they “found” the files, or at least traces of the files, and only say they “hacked” to obtain them to get to the latest stage. If they (in the Russian theory of the files) were “found” on someone’s own system, does that count as “stealing” property?

Tumblr wasn’t quite as clear as GitHub. They said,

Tumblr is a global platform for creativity and self-expression, but we have drawn lines around a few narrowly defined but deeply important categories of content and behavior, as outlined in our Community Guidelines. The account in question was found to be in violation of these policies and was removed.

But it’s not actually clear what part of their user guidelines Shadow Brokers violated. They’ve got a rule against illegal behavior.

I guess the sale of stolen property is itself illegal, but that goes back to the whole issue of Shadow Brokers’ lack of clarity of how they got what they got. Their property specific guidelines require someone to file a notice.

Intellectual property is a tricky issue, so now is as good a time as any to explain some aspects of the process we use for handling copyright and trademark complaints. We respond to notices of alleged copyright infringement as per our Terms of Service and the Digital Millennium Copyright Act; please see our DMCA notification form to file a copyright claim online. Please note that we require a valid DMCA notice before removing content. Parties asserting a trademark infringement claim should identify the allegedly infringing work and the legal basis for their claim, and include the registration and/or application number(s) pertaining to their trademark. Each claim is reviewed by a trained member of our Trust and Safety team.

If we remove material in response to a copyright or trademark claim, the user who posted the allegedly infringing material will be provided with information from the complainant’s notice (like identification of the rightsholder and the allegedly infringed work) so they can determine the basis of the claim.

The tech companies might claim copyright violations here (or perhaps CFAA violations?), but the files came down long before anyone had publicly IDed them as the victims. So the only “owner” here would  be the NSA. Did they call Tumblr AKA Verizon AKA a close intelligence partner of the NSA?

Finally, Shadow Brokers might be in violation of Tumblr’s unauthorized contests.

The guidelines say you can link to whackjob contest (which this is) elsewhere, but you do have to make certain disclosures on Tumblr itself.

One more thing about Tumblr, though. It claims it will give notice to a user before suspending their content.

Finally, there’s Reddit, which blew off my request altogether. Why would they take down Shadow Brokers, given the range of toxic shit they permit to be posted?

They do prohibit illegal content, which they describe as,

Content may violate the law if it includes, but is not limited to:

  • copyright or trademark infringement
  • illegal sexual content

Again, GitHub’s explanation of this as selling stolen property might fit this description more closely than copyright infringement, at least of anyone who would have complained early enough to have gotten the files taken down.

The more interesting thing about Reddit is they claim they’ll go through an escalating series of warning before taking down content, which pretty clearly did not happen here.

We have a variety of ways of enforcing our rules, including, but not limited to

  • Asking you nicely to knock it off
  • Asking you less nicely
  • Temporary or permanent suspension of accounts
  • Removal of privileges from, or adding restrictions to, accounts
  • Adding restrictions to Reddit communities, such as adding NSFW tags or Quarantining
  • Removal of content
  • Banning of Reddit communities

Now, don’t get me wrong. These are dangerous files, and I can understand why social media companies would want to close the barn door on the raging wild horses that once were in their stable.

But underlying it all appears to be a notion of property that I’m a bit troubled by. Even if Shadow Brokers stole these files from NSA servers — something not at all in evidence — they effectively stole NSA’s own tools to break the law. But if these sites are treating the exploits themselves as stolen property, than so would be all the journalism writing about it.

Finally, there’s the question of how these all came down so quickly. Almost as if someone called and reported their property stolen.

The Two Tales of Russia Hacking NYT

Yesterday, CNN posted this “first on CNN” story:

Hackers thought to be working for Russian intelligence have carried out a series of cyber breaches targeting reporters at The New York Times and other US news organizations, according to US officials briefed on the matter.

The intrusions, detected in recent months, are under investigation by the FBI and other US security agencies. Investigators so far believe that Russian intelligence is likely behind the attacks and that Russian hackers are targeting news organizations as part of a broader series of hacks that also have focused on Democratic Party organizations, the officials said.

Here’s what the NYT’s own account of the hacking (attempt) is:

The New York Times’s Moscow bureau was the target of an attempted cyberattack this month. But so far, there is no evidence that the hackers, believed to be Russian, were successful.

“We are constantly monitoring our systems with the latest available intelligence and tools,” said Eileen Murphy, a spokeswoman for The Times. “We have seen no evidence that any of our internal systems, including our systems in the Moscow bureau, have been breached or compromised.”

[snip]

The New York Times’s Moscow bureau was the target of an attempted cyberattack this month. But so far, there is no evidence that the hackers, believed to be Russian, were successful.

“We are constantly monitoring our systems with the latest available intelligence and tools,” said Eileen Murphy, a spokeswoman for The Times. “We have seen no evidence that any of our internal systems, including our systems in the Moscow bureau, have been breached or compromised.”

So CNN tells an alarming story about specific reporters being targeted that fits into a larger narrative, citing both the FBI (in which Evan Perez has very good sources) and “other US security agencies,”  which presumably means the NSA. NYT tells an entirely different story, stating that an attack on its bureau in Russia was targeted unsuccessfully, relying solely on official sources as the FBI. One wonders why the NYT story required Nicole Perloth and David Sanger, and also why David Sanger didn’t cite any of his extensive sources at NSA, where these allegations appear to derive.

It’s quite possible both of these stories are misleading. But they do raise questions about why the spooks want to sensationalize these Russian hacks while NYT chooses to downplay them.

North Dakota and Feds Suppress Native American Pipeline Protesters

[top: planned Dakota Access pipeline route, via Dakota Access LLC; bottom: Keystone XL pipeline, via Independent-UK]

[top: planned Dakota Access pipeline route, via Dakota Access LLC; bottom: Keystone XL pipeline, via Independent-UK]

What’s the difference between these two pipelines? Only variations are the origin of the oil they may transport and their location as far as I can tell since they are described as competing pipelines.

Oh, and the Keystone XL pipeline was vetoed by President Obama a year ago this past February because Congress tried to ram through approval, attempting to “circumvent longstanding and proven processes for determining whether or not building and operating a cross-border pipeline serves the national interest,” according to the president.

In both cases — Keystone XL and the Dakota Access — the planned pipelines traversed Native American tribal lands and/or water systems upon which these sovereign nations relied. The affected tribes have protested the credible threats these pipelines pose to their health and safety as well as their heritage and sovereignty.

The threat is real; there have been 11 pipeline accidents since 2000 on lines carrying oil or gasoline across the Dakotas. One of those pipeline accidents resulted in roughly 20,000 barrels or 865,000 gallons of oil spilling beneath a farm in North Dakota in 2013. There was a ten-day lag after the farmer brought the spill to the company’s attention until the state’s governor heard about the accident — ridiculous, considering North Dakota is the 47th largest state in terms of population, at less than 800,000 residents. It’s not like there were a lot of people in the way. The spill covered an area equal to seven football fields and clean-up is still under way and may not be completed until some time in 2017. The North Dakota Tesoro pipeline oil spill is one of the largest in the U.S. to date.

Oil producers and pipeline owners/operators have frankly been lousy in their responsibilities to the public. It’s not just the 11 pipeline accidents in the Dakotas since 2000; it’s a rather lengthy list of them across the entire country and a lengthy track record of crappy response to the damage done to the environment. My state, Michigan, which is surrounded by the largest bodies of fresh water in the world, is also the site of the largest oil pipeline spill in the U.S. In 2010, more than 1.1 million gallons of oil spilled, much of it into a waterway. Alarms notifying the pipeline’s owner, Enbridge, of the spill were initially ignored for 17 hours, blown off as operation notifications.

Simply unacceptable.

The Native American tribes have no reason whatsoever to believe oil producers and pipeline owners/operators will act with any more care than they have to date. Further, they have no reason to trust the U.S. government about these pipelines, either. They have been betrayed and damaged again and again by the U.S. — excessive and mortal police brutality, theft of human remains, theft and mismanagement of billions in assets, the indignity of fighting to remove the name of a mass murderer from public lands, the catastrophic contamination of the San Juan River supplying water to the Navajo nation — the insults are endless.

The latest insult: North Dakota’s Governor Jack Dalrymple signed an executive order to obtain more funding for additional police to deter approximately 1,500 protesters. The state has pulled water supplies used by the protesters and refused to allow portable toilets to be emptied. This follows a temporary restraining order granted to Dakota Access LLC by a federal district court against protesters’ interference with pipeline work. Native Americans have also been prevented from leaving reservation land, which may be a violation of civil rights and treaties.

Native Americans have legitimate concerns with the Dakota Access pipeline. For one, its planned route crosses the Missouri River which serves as the entire water source for the Standing Rock Sioux Tribe; the Army Corp of Engineers (ACOE) approved 200 water crossings by the pipeline in spite of requests by the Sioux to deny construction permits. The ACOE, however, reviewed and rejected an alternate pipeline route crossing the Missouri River near Bismarck as it was deemed a threat to the municipal water supply. This looks like outright racism on the face of it; the pipeline is a threat to 92% white Bismarck, but not a sovereign Native American tribe?

Secondly, the ACOE has been asked by U.S. Environmental Protection Agency (EPA), the U.S. Department of Interior (DOI) and the Advisory Council on Historic Preservation to conduct an investigation and prepare a formal Environmental Impact Statement (EIS), requiring consultation with the affected tribes. No EIS appears to have been conducted to date. In addition to the health and environmental safety concerns related to the pipeline’s installation and operation, the historical significance of the area is inadequately documented. The lack of a thorough assessment means the current Dakota Access pipeline plan may disrupt an older Mandan village site where Mandan may be buried. The site has cultural and religious significance to tribes and should be protected by the Advisory Council on Historic Preservation under federal law.

Dakota Access LLC is pressing for this pipeline to reduce the costs of oil. Shipping crude oil from North Dakota’s Bakken Shale reserve by rail or truck is more expensive than shipping by pipeline.

That is until ALL the true costs and externalities are added, like the spills, remediation, short- and long-term health and environmental problems are added. These costs haven’t been added to the true cost of oil and are instead a gamble which humans living nearest to the pipeline must pay if there is a failure.

[10-year monthly price of WTI per barrel via Megatrends]

[10-year monthly price of WTI per barrel via Megatrends]

While the oil producers and pipeline operators continue to hammer away at the cost of oil, the price of oil has fallen. They can’t drop the cost fast enough and deep enough to realize a return on investment. They will cut corners as much as possible as the price of oil falls — and it will, if demand for oil also falls as it has with the rise of hybrid and electric vehicles. Cutting corners means there will be greater risk the pipeline will not be adequately monitored or maintained, just as it wasn’t in Michigan.

As more and more alternative, green energy resources come on line along with the technology to use them, it will make even less sense to invest in pipelines which may not carry all that much oil. The Bakken Shale reserve is estimated at several hundred billion barrels of oil, but the amount which can be recovered readily and economically is much less than 10% of the estimated total reserve. If the oil is too expensive to extract AND competing energy resources are both cheaper and available, why build this pipeline at all? How is enabling our continuing addiction to oil in the long-term best interests of our country?

It will take some spine to do the right thing and force this project to slow down for a full EIS assessment. It will take even more spine to point out we are both at the end of fossil fuel and at the limit of our disregard for Native Americans’ lives. It can be done, however; just ask Canada’s Justin Trudeau how he did it.

Monday, August 22, 2016

The Government Uses FISCR Fast Track to Put Down Judges’ Rebellion, Expand Content Collection

Since it was first proposed, I’ve been warning (not once but twice!) about the FISCR Fast Track, a part of the USA Freedom Act that would permit the government to immediately ask the FISA Court of Review to review a FISC decision. The idea was sold as a way to get a more senior court to review dodgy FISC decisions. But as I noted, it was also an easy way for the government to use the secretive FISC system to get a circuit level decision that might preempt traditional court decisions they didn’t like (I feared they might use FISCR to invalidate the Second Circuit decision finding the phone dragnet to be unlawful).

Sure enough, that’s how it got used in its first incarnation — not just to confirm that the FISC can operate by different rules than criminal courts, but also to put down a judges rebellion.

As I noted back in 2014, the FISC has long permitted the government to collect Post Cut Through Dialed Digits using FISA pen registers, though it requires the government to minimize anything counted as content after collection. It reviewed that issue in 2006 and 2009 (both ties after magistrates in the criminal context deemed PCTDD to be content that was impermissible).

At least year’s semiannual FISC judges’ conference, some judges raised concerns about the FISC practice, deciding they needed to get further briefing on the practice. So when approving a standing Pen Register, the FISC told the government it needed further briefing on the issue.

Screen Shot 2016-08-22 at 5.39.13 PM

They didn’t deal with it for three months until just as they were submitting their next application. At that point, there was not enough time to brief the issue at the FISC level, which gave then presiding judge Thomas Hogan the opportunity to approve the PRTT renewal and kick the PCTDD issue to the FISCR, with an amicus.

Screen Shot 2016-08-22 at 5.43.08 PM

Importantly, when Hogan kicked the issue upstairs, he did not specify that this legal issue applies only to phone PRTTs.

Screen Shot 2016-08-22 at 5.45.02 PM

At the FISCR, Mark Zwillinger was permitted to weigh in as an amicus. He saw the same problem as I did. While the treatment of phone PCTDD is bad but, if properly minimized, not horrible, it becomes horrible once you extend it to the Internet.

Screen Shot 2016-08-22 at 5.59.12 PM

The FISCR didn’t much care. They found the collection of content using a PRTT, then promising not to use it except to protect national security (and a few other exceptions to the rule that the government has to ask FISC permission to use this stuff) was cool.

Screen Shot 2016-08-22 at 5.47.34 PM

Along the way, the FISCR laid out several other dangerous precedents that will have really dangerous implications. One is that content to a provider may not be content.

Screen Shot 2016-08-22 at 5.55.29 PM

This is probably the issue that made the bulk PRTT dragnet illegal in the first place (and created problems when the government resumed it in 2010). Now, the problem of collecting content in packets is eliminated!

Along with this, the FISCR extended the definition of “incidental” to apply to a higher standard of evidence.

Screen Shot 2016-08-22 at 6.07.50 PM

Thus, it becomes permissible to collect using a standard that doesn’t require probable cause something that does, so long as it is “minimized.”

Finally, addition, FISCR certified the redefinition of “minimization” that FISC has long adopted (and which is crucial in some other programs). Collecting content, but then not using it (except for exceptions that are far too broad), is all good.

Screen Shot 2016-08-22 at 6.01.41 PM

In other words, FISCR not only approved the narrow application of using calling card data but not bank data and passwords (except to protect national security). But they also approved a bunch of other things that the government is going to turn around and use to resume certain programs that were long ago found problematic.

I don’t even hate to say this anymore. I told privacy people this (including someone involved in this issue personally). I was told I was being unduly worried. This is, frankly, even worse than I expected (and of course it has been released publicly so the FISCR can start chipping away at criminal protections too).

Yet another time my concerns have been not only borne out, but proven to be insufficiently cynical.