As you've probably heard by now, this morning Wikileaks started releasing a new cache of information regarding CIA hacking tools. This is interesting on a variety of levels, but many of the reports focus on the claims that encrypted chat apps like Signal, Whatsapp and Telegram may be compromised. See the top two links in this screenshot:
Wikileaks itself may have contributed to this view with the following paragraph in its release:
These techniques permit the CIA to bypass the encryption of WhatsApp, Signal, Telegram, Wiebo, Confide and Cloackman by hacking the "smart" phones that they run on and collecting audio and message traffic before encryption is applied.
But the details don't seem to show that those apps are compromised, so much as that Android and iOS devices are compromised. It's always been true that if someone can get into your phone, the encryption scheme you use doesn't matter, because they can just pull keystrokes or grab data before you encrypt it -- in the same way that someone looking over your shoulder can read your messages as well. That's not a fault of the encryption or the app, but of the environment in which you're using the app itself.
And that should really be the bigger concern here. Over the years, nearly all of the focus on hacking mobile phones has been on the NSA and its capabilities, rather than the CIA. But it's now clear that the CIA has its own operations, akin to the NSA's hacking operations (kinda makes you wonder why we need that overlap). Except that the CIA's hacking team seems almost entirely unconcerned with following the federal government's rules on letting private companies know about vulnerabilities they've discovered.
Remember, the Obama White House put in place what it called a Vulnerabilities Equities Program in which the intelligence community is supposed to default to letting private companies know about vulnerabilities. And, yes, this was always something of a joke as there was a giant loophole involving "except for a clear national security or law enforcement need" that the NSA basically used to withhold vulnerabilities all the time. Still, at least the NSA appeared to get around to revealing some vulnerabilities eventually (probably once they were no longer useful).
Here, however, it looks like the CIA was hoarding some really serious vulnerabilities with wild abandon. In a chart released by Wikileaks you see that the CIA is getting these vulnerabilities from a variety of sources. Some it's finding itself, some it's purchasing, and some are shared via other agencies, such as the NSA or the UK's GCHQ. As Ed Snowden notes, there is now clear evidence (which many suspected, but which had not been proven) that the US government was secretly paying to keep US software unsafe and vulnerable. That's really dangerous. It's putting basically everyone in much more serious danger, just so the CIA, NSA and others can get in when they want to:
The CIA reports show the USG developing vulnerabilities in US products, then intentionally keeping the holes open. Reckless beyond words.
This is why the whole conversation about mandating backdoors and "going dark" was so dangerous in the first place. Those were plans to force even more of these vulnerabilities into the wild, just for the very very rare cases where they were needed by law enforcement or intelligence.
At a time when the President is suddenly acting as if he's concerned about domestic surveillance (at least of himself), perhaps now would be a good time to crack down on this kind of stuff. I'm not holding my breath -- but, for now, we're getting a lot more insight into the CIA's electronic surveillance methods, and it sounds like there's more to come.
Well, here's a surprise. President Obama has just commuted the bulk of Chelsea Manning's sentence, meaning she will be freed this May, rather than having to spend another three decades in jail. Manning, of course, was sent to prison for sharing a large chunk of US diplomatic cables with Wikileaks. Manning was sentenced to 35 years in prison nearly four years ago (with credit for the 3.5 years she'd already been held, often in solitary confinement). Many people were already outraged at the sentence, especially given that there was no evidence of any actual harm from the leaks.
There were two big campaigns going on over the past few months -- one to pardon Ed Snowden, and another to commute Manning's sentence. President Obama had already made it fairly clear that he had no interest in pardoning Snowden based on the totally false claim that he could not pardon Snowden prior to Snowden being convicted. In the past few weeks, however, there were at least a few hints and rumors that Obama was seriously considering commuting Manning's sentence, and that led to even more focus on the campaign. Ed Snowden himself also advocated for Manning, even ahead of his own case:
Mr. President, if you grant only one act of clemency as you exit the White House, please: free Chelsea Manning. You alone can save her life.
And yes, commuting the sentence (which shortens the sentence, but is not a full pardon...) is a form of clemency. So now there's a separate question to ask: will Assange agree to be extradited to the US (or will he just come here voluntarily?). Perhaps after Trump takes over later this week, that won't be such a huge concern, since Trump has magically morphed into a huge Wikileaks/Assange supporter.
Unfortunately, though, it does appear that the likelihood of a Snowden pardon is also almost nil. In discussing today's commutation of Manning's sentence, White House spokesperson Josh Earnest basically argued that what Snowden did was much worse than Manning, because he "fled":
"Chelsea Manning is somebody who went through the military criminal justice process, was exposed to due process, was found guilty, was sentenced for her crimes, and she acknowledged wrongdoing," he said. "Mr. Snowden fled into the arms of an adversary, and has sought refuge in a country that most recently made a concerted effort to undermine confidence in our democracy."
He also noted that while the documents Ms. Manning provided to WikiLeaks were "damaging to national security," the ones Mr. Snowden disclosed were "far more serious and far more dangerous." (None of the documents Ms. Manning disclosed were classified above the merely “secret” level.)
While I agree that there was a difference in the types of documents revealed, one might also make the argument that Snowden's leaks revealed much more serious problems and the impact of his leaks were much more important in revealing to the American public abuses by our own government. Separately, the whole "fled into the arms of adversary" thing is silly as well. As has been explained multiple times, Snowden ended up in Russia after the US pulled his passport while he was traveling. And, at the same time, a big part of the reason Snowden left the US was the unfortunate treatment of Manning by the military judicial process. Snowden properly surmised that he would not be treated fairly. And apparently that continues to this day.
Either way, it's good that Manning's sentence has been commuted. It's been clear from many reports that Manning was unlikely to survive the full sentence given to her, and she's been treated horribly in prison as well. It's still too bad that President Obama is unwilling to also pardon Snowden.
While many support the idea of Wikileaks, many now worry that the organization's supposed goal of total transparency often plays second fiddle to Julian Assange's ego and the group's often inconsistent behavior. But whatever you think of Assange as a human being, it's important to remember that the group wouldn't be necessary if the established media actually did its job. Groups like Wikileaks are just symptoms of a broader disease: the larger media's shift to banal infotainment, and the failure of these giant media conglomerates to hold companies and governments accountable to the truth.
That said, it's becoming downright comedic to watch Assange, Wikileaks and whistleblowers become increasingly vilified or deified -- depending entirely on what's being said, who it's being said about, or what color-coded partisan jumpsuit you're wearing.
For example, Assange was a hero to Democrats after exposing government misdeeds during the Iraq and Afghanistan wars, but was demonized incessantly in the wake of the DNC hack (to the point where the actual data revealed was thoroughly ignored). Similarly, Assange was derided by Republicans as the very worst sort of scoundrel for the better part of the last decade, a position that has, well, softened in the wake of the Clinton campaign-crippling DNC hack. After all, the enemy of my enemy is my friend, for now, right?
In fact Assange has bizarrely become a temporary folk hero to many of the same folks that wanted his head on a pike just a few months ago. Sarah Palin, for example, in 2010 got very close to advocating that Assange be hunted down and killed, likening him to an "anti-American operative with blood on his hands." That position was forged, in part, after Wikileaks leaked Palin's Yahoo e-mails back in 2008 after a hacker gained access to the Alaskan government documents Palin had been storing on a private server.
This week, however, Palin took to Twitter and Facebook to lavish praise on Assange after the Wikileaks founder was interviewed on Fox News, an outlet that has also, on occasion, advocated that Assange be put to death. Apparently, that's all water under the bridge now:
Palin took things even further over on Facebook, where she not only apologized for her past comments on Assange, but actually encouraged people to go watch the "Snowden" movie:
"Exposing the truth re: the Left having been oh-so-guilty of atrocious actions and attitudes of which they've falsely accused others. The media collusion that hid what many on the Left have been supporting is shocking. This important information that finally opened people's eyes to democrat candidates and operatives would not have been exposed were it not for Julian Assange. I apologize for condemning Assange when he published my infamous (and proven noncontroversial, relatively boring) emails years ago.
ps. If you get the chance, catch the movie "Snowden." That movie and Hannity's interview tonight are quite enlightening."
For the record she didn't "condemn" Assange, she suggested he be treated like al Qaeda and Taliban leaders (read: violence). And while it's nice that Palin now sees (or pretends to see) that her past anti-whistleblower positions were violently misguided, it's unlikely that this is any kind of lasting sea change. After all, the real message being sent here is that whistleblowers and leakers are the very worst sort of villains when they're saying things we don't want to hear, but they're heroes of the highest order when they leak data that damages our enemies or props up the weekly partisan narrative du jour.
And while this positional flip flop on a certain front is incredibly entertaining in a David Lynch sort of way, transparency and truth don't work that way. While leaking organizations and whistleblowers themselves are certainly fallible, the truths they reveal are non-negotiable, and don't care about partisan patty cake. In other words, these same folks suddenly lavishing praise on whistleblowers now because it's tactically convenient, will be back arguing for assassination by drone strike the moment the next whistleblower reveals truths they'd prefer remain hidden.
Look, it's getting ridiculous that Hillary Clinton defenders keep insisting that the John Podesta emails released by Wikileaks are full of fakes and doctored content. With most other leaks, including the one of Colin Powell's emails, the victims (and, yes, they are victims) eventually admit that the leaked content is legit. Not so with the Podesta emails. But that's dumb. As Robert Graham points out, it's
totally possible to validate many of the emails. And they do validate.
Whether you like or dislike Wikileaks, whether you think Julian Assange is a wonderful or horrible person, whether you think Wikileaks is just a propaganda tool of Russia or a powerful force for transparency -- one thing you cannot say is that the organization has been caught releasing fake or doctored information. It (and Assange) do have a history of overhyping releases, or misrepresenting their significance. And Assange does seem to be pretty quick to jump on conspiracy theories that don't hold up under much basic scrutiny. But, to date, pretty much everything that Wikileaks has actually leaked has checked out as legit.
So it's been a bit bizarre watching people try to insist that the troves of John Podesta emails that Wikileaks has been releasing are somehow fake, doctored or manipulated. We recently wrote about Newsweek reporter Kurt Eichenwald going crazy insisting that he had proved that Wikileaks and the Russians teamed up to "manipulate" an email. Of course, the reality turned out to be that a young American part-time reporter for a Russian-owned news site, had simply misread a tweet and turned it into an article. No big conspiracy. No manipulation. And, certainly, none of that has anything to do with Wikileaks (amusingly, Eichenwald then deleted all his tweets claiming proof that Wikileaks was a part of this conspiracy, and apparently tried to silence the young reporter by telling him he'd try to get him a job elsewhere).
Perhaps even more ridiculous is DNC chair Donna Brazile trying to deny any information from any email released by Wikileaks, including one specific one that she sent, apparently revealing a CNN primary debate question to the Clinton campaign prior to the debate (Brazile worked as a commentator on CNN at the time). This video is absolutely cringeworthy, starting at about five and a half minutes into this video. Brazile tries to avoid answering the question about sending debate questions to the Clinton campaign, first barely feigning ignorance of the issue, and then insisting multiple times that the emails are fake/doctored/not verified, and insisting that she did not send the email in question.
Being interviewed by Megyn Kelly, here's how Brazile tries to claim that the emails are not real, but basically comes out with a word salad of nothing, rather than simply admitting that the email is legit.
MEGYN KELLY: You're accused of receiving a debate question whether a CNN town hall where they partnered with TV One that you had this question on March 12th, that verbatim, verbatim was provided by Roland Martin to CNN the next day. How did you get that question, Donna?
DONNA BRAZILE: Well, Kelly, as I play straight up and with you, I did not receive any questions from CNN.
KELLY: Where did you get it?
BRAZILE: First of all, what information are you providing to me that will allow me to see what you're talking about? Everybody's....
KELLY: You've got the Wikileaks showing you messaging the Clinton campaign with the exact wording of a question asked at the March 13th CNN TV One Townhall debate.
BRAZILE: Kelly, Kelly, Kelly. You know, as a Christian woman, I understand persecution, but I will not sit here and be persecuted. Because your information is totally false.
KELLY: I'm getting it from Podesta's email.
BRAZILE: What you're -- well, Podesta's e-mails were stolen. You're so interested and talking about stolen material, you're like a thief that wants to bring into the night the things that you found that was in the gutter. I'm not...
KELLY: Donna. CNN's Jake Tapper came out and said this was unethical. "Someone was unethically helping the Clinton campaign." He said "I love Donna Brazile, but this is very, very upsetting. My understanding is that the email..."
BRAZILE: I love CNN
KELLY: This is Jake Tapper: 'My understanding is that the e-mails came from Roland Martin or someone around Roland Martin." He said "this is very upsetting and troubling." That's your own colleague at CNN. It's not Megyn Kelly. Who gave you that question?
BRAZILE: Megyn, once again, I said it and I said it on the record and I'll say it on the record and I'll keep saying it on the record. I am not going to try to validate falsified information. I have my documents. I have my files. Thank God I have not had my personal e-mails ripped off from me and stolen and given to some criminals to come back altered. I have my records and files. And as i said repeatedly, CNN, in the 14 years I was associated with CNN, I've never received anything. If I had a blank piece of paper, that would basically be the end of this conversation. I never get documents from CNN. Period.
KELLY (eye roll): Your email to the Clinton campaign said 'sometimes I get the questions in advance.'
BRAZILE: Uh, ma'am. Y'know. You know what...
KELLY: And CNN is saying Roland Martin gave them to you. Or someone at TV One. And they were provided to Hillary before that town hall.
BRAZILE: Well anybody who knows me... and... and... and there are a number of your colleagues as well. They know me very well. I know how I play it. I know what I do before every debate. I know what I do before every show -- even this show. I do my homework. I communicate. I talk.
KELLY: I understand.
BRAZILE: But I just, once again, let you know that... as far as I know that... that... that CNN has never provided me with questions. Absolutely. Ever. Nada. Sorry.
KELLY: Well, when you said "from time to time I get the questions in advance," what were you referring to? Because in that email you offered the exact question that one of the moderators, Roland Martin, then proposed the next day.
BRAZILE: So. So. My, my, my reference back to you, ma'am, with all respect -- and I respect you greatly --
KELLY: And I respect you too.
BRAZILE: The... the... the validity of those emails -- if I can only tell you one things, because you know, this whole episode is under criminal investigation -- but I can just tell you one thing: a lot of those emails, I would not give them the time of the day. I've seen so many doctored emails. I've seen things that come from me at two in the morning, that I don't even send. There are several email addresses that I once used, and I'm so sorry that we... these have not been verified. This is... nobody will. This is...
KELLY: I got it.
BRAZILE: This is under investigation. And let me just tell you something. If there's anything that I have, I will share. I don't have an agenda to smear anybody...
KELLY: Alright. I've got to run because we have another guest waiting...
Okay, so, here's the problem. She did send the email. And it's verified. Graham proves it in his post. The trick is DKIM (DomainKeys Identified Mail) signatures. DKIM was a system set up a while back to try to fight spam by cryptographically proving that the account that says it sent the mail actually sent the email in question. Not all email systems use DKIM, but hillaryclinton.com does use it, which is great for transparency, but bad for Donna Brazile.
Graham looked up that email in particular and found that it validates, using a Thunderbird add-on to check these things:
Downloading the raw email from WikiLeaks and opening in Thunderbird, with the addon, I get the following verification that the email is valid. Specifically, it validates that the HillaryClinton.com sent precisely this content, with this subject, on that date.
Let's see what happens when somebody tries to doctor the email. In the following, I added "MAKE AMERICA GREAT AGAIN" to the top of the email.
As you can see, we've proven that DKIM will indeed detect if anybody has "doctored" or "falsified" this email.
Graham also offered one whole bitcoin to anyone who can forge an email that still validates correctly under this method to show his confidence that the emails are verified as actually sent as is, despite Brazile's wacky performance.
Of course, the Clinton campaign keeps insisting that the emails are doctored, but fails to show any proof. Here's the campaign's Chief Strategist, Joel Benenson, saying many are not authentic:
BENENSON: Well, first of all, I'll tell you something, I haven't spent a lot of time reading through WikiLeaks e-mails.
But I will tell you this, what we know is that many are not authentic. We know that this is a hack, 17 of Russians -- no, because these e-mails, we have no idea whether they are authentic or not or whether they've been tampered with once the Russians, which 17 American intelligence agencies say are responsible for these hackings, have been manipulated. I have seen things -- I'm not going to go into details --
STEPHANOPOULOS: But you're not suggesting that those are --
BENENSON: They may well be. I don't know. I know I've seen things that aren't authentic, that we know aren't authentic. And it's not surprising. What's ridiculous about this whole conversation is that 17 intelligence agencies have said the Russians are responsible for this. Donald Trump refuses to accept it, refuses to condemn them.
Benenson is full of shit. Again, whether or not you like or dislike Wikileaks, or question Assange's motives, there's a simple fact here: the documents it's released have not been shown to be false, faked, doctored or inauthentic at all. And it's possible to verify many of them, and some have even written scripts to verify them in bulk.
The Clinton campaign, as it so often does, is making things worse for itself by being stupid. It's trying to cover up legitimate information, and the coverup always comes across worse than the original actions. Just admit that these emails are legit and move on. Lying about it is not a good look, even if that's just the way things go these days in politics.
Amidst the reporting and fervor over the email hack of Hillary Clinton's campaign chairman, John Podesta, there has been something of a recent discussion that has begun over the ethics of circulating what is in that hacked cache. Some within the media itself have worried about about reporting either too much on the hacked emails, or even at all in some cases, with still others going for a more nuanced position of encouraging the reporting of information in the public interest while leaving all the personal stuff in the emails undisclosed to whatever degree is possible.
I don’t fault anyone for reporting real news, whatever the source, but circulating stuff from hacked emails just b/c it amuses you is gross.
It's not difficult to see the wisdom and morality in some of this, particularly when one witnesses the glee the Clinton campaign's political opponents have taken in circulating internal communications within the campaign that have no real public value other than serving as a point-and-laugh target for the most partisan among us. And it seems as though some in the GOP have in mind that there are certainly people on the other side of the aisle that would take the same joy in all of this, if the shoe were on the other hacked foot, as it were. Marco Rubio, for instance, recently released a statement indicating that anything published by WikiLeaks was out of bounds, as far as he was concerned.
"Today it is the Democrats. Tomorrow, it could be us," Rubio said in a statement. "I will not discuss any issue that has become public solely on the basis of WikiLeaks," added Rubio, who is up for re-election. "As our intelligence agencies have said, these leaks are an effort by a foreign government to interfere with our electoral process, and I will not indulge in it."
Frankly, it's refreshing to see a major political partisan actually understand that when you open up every option on the table to attack the political opponent, that can come back and bite you in the ass. But how wise is this particular stance, actually? It appears to rely on two premises: that Russia is behind the email hack and that WikiLeaks is a bad organization for releasing the information it releases. Note that Rubio doesn't say that this particular email hack is out of bounds, but rather that any issue raised as a result of a WikiLeaks release is. That's a hefty barrel of sand in which to put one's head in such a proactive fashion, and it presupposes that WikiLeaks' releases in the past, present, and future have not involved anything of the public interest which politicians and public servants should be talking about and/or addressing.
Time Magazine once said WikiLeaks "could become the most important journalistic tool since the Freedom of Information Act." Why? Well, because the value in WikiLeaks is that it knows far fewer boundaries than the general media and is willing to release information that would otherwise not see the light of day. That it tends to do so en masse rather than with careful curation is a potential downside, certainly, but would Rubio and these others really have the public not know about the killing of journalists in Iraq, the Chinese arrests of Tibetan dissidents, the Peru oil scandal, and the rest? WikiLeaks is not explicitly anti-American, after all, and it has released information that is absolutely in the public interest and has caused discussions of political importance within our country that would have otherwise been impossible.
Put another way, it's quite easy for Rubio to take this stance in the wake of an email hack that represents a fairly routine political scandal. What has been uncovered in the Podesta leaks is not unimportant, but it also isn't earth-shattering. What if the hack and WikiLeaks leak had instead uncovered that Hillary Clinton had made a specific agreement with the Chinese government to offer them favors in exchange for illegal campaign contributions? Would Rubio's stance hold true, despite the overwhelming importance of such information to American voters. It's hard to imagine that it would.
So, a nuanced approach to what should be reported on the WikiLeaks release makes all the sense in the world. Let's have that discussion. But putting a blanket over any information generated by WikiLeaks as an organization isn't just dumb, it's cutting out an important source of public good from the masses.
I cut the cord years ago, so the only time I stumble into cable "news" coverage is usually at the gym or airport. And time and time again I'm struck by how the empty prattle is more in line with dystopian satire than anything resembling actual news reporting or intellectual analysis. Even when these channels feature live breaking news stories, you'd be hard pressed to find a reporter willing to call up a source and confirm details of what's happening, resulting in something that's more akin to industrialized speculation than the polished news product of multi-billion-dollar media empires.
The latest case in point: CNN's Chris Cuomo was dissecting the latest Wikileaks document dump when he decided to "inform" viewers that it's illegal for anybody but a member of the media to download and view the contents of the Podesta leaks:
"...Remember, it’s illegal to possess these stolen documents. It’s different for the media. So everything you learn about this, you’re learning from us."
Yeah, that's not how the First Amendment works. Legal precedent has repeatedly made it clear that the First Amendment offers the same protection to the press as to the public, even when it comes to possessing or distributing illegally obtained material (just as long as you weren't directly involved in the theft of the material in question). In its 2001 Bartnicki v. Vopper decision, the Supreme Court rejected even civil liability for distributing illegally obtained cellphone recordings, and refused to differentiate the public from the media in its ruling:
"The . . . question is whether the application of these statutes [that purport to ban distributing illegally obtained material, even when one wasn’t involved in the distribution,] in such circumstances violates the First Amendment. [Footnote: In answering this question, we draw no distinction between the media respondents and Yocum.]"
This isn't Cuomo's first run in with being violently wrong on legal fundamentals despite having graduated from Fordham with a law degree. He also took a bit of a beating last year when he apparently hallucinated a "hate speech" exception buried in the First Amendment. At some point you have to wonder if CNN is actively trying to be this bad at what it does, or if CNN boss Jeff Zucker is a subversive artist of the highest order, working tirelessly to craft a crushing, satirical look at modern American intellectual dysfunction.
Yeah, so I get that it's political silly season, and people like to throw around all kinds of arguments of "bias" -- especially towards the media. I've been on the receiving end of those accusations, but for the most part, I think claims of media bias are silly and over-hyped. What's true, though, is that it's all too easy to be sloppy in reporting and to try to hype up a nothing story into a something story. Here's a story where no one comes out of it looking very good and the end result is a complete mess. It starts with Newsweek reporter Kurt Eichenwald. Last night I saw a marginally interesting story by Eichenwald about how a Russian government connected news website, Sputnik, misread an email leaked via Wikileaks from Hillary Clinton pal Sidney Blumenthal to campaign chief John Podesta. The email contained a link and full text to a much earlier Eichnwald story about Benghazi and Clinton. The Sputnik story incorrectly stated that the text in the email was by Blumenthal, and not by Eichenwald. It took one sentence out of this longer article, and falsely claimed that Blumenthal was admitting that the mess in Benghazi was "preventable." As Eichenwald notes, this is wrong:
Those words sounded really, really familiar. Really familiar. Like, so familiar they struck me as something I wrote. Because they were something I wrote.
The Russians were quoting two sentences from a 10,000-word piece I wrote for Newsweek, which Blumenthal had emailed to Podesta. There was no mistaking that Blumenthal was citing Newsweek—the magazine’s name and citations for photographs appeared throughout the attached article.
Okay. So that's actually kind of interesting. This Russian source was so eager to get a story out of the leaked emails that it misrepresented them -- either by accident or on purpose. That's marginally interesting, and certainly a fun thing to report on. What happened next is where things really go off the rails. While Sputnik pulled down its story once Eichenwald pointed out the error, a few hours later, Donald Trump mentioned the story at a rally as if it were true:
At a rally in Wilkes Barre, Pennsylvania, Trump spoke while holding a document in his hand. He told the assembled crowd that it was an email from Blumenthal, whom he called “sleazy Sidney.”
“This just came out a little while ago,’’ Trump said. “I have to tell you this.” And then he read the words from my article.
“He’s now admitting they could have done something about Benghazi,’’ Trump said, dropping the document to the floor. “This just came out a little while ago.”
Okay. So we've still got a story here, and the story is this: holy shit, Donald Trump is willing to take very, very unreliable sources and broadcast them as fact. But that's not the story that Eichenwald started pushing. He went on something of a Twitter rampage making a bunch of claims that were not supported at all by the story, claiming variably that (1) the leaked emails were doctored (2) that Wikileaks was responsible for this (3) that the Russians and Wikileaks are in cahoots and (4) that Trump and the Russians are in cahoots. Now, any of these might actually be true. But none of them are actually supported by any actual evidence. Eichenwald just makes the logical leaps from what's written above, assuming that only the Russians could have given Trump that news -- ignoring that the story on Sputnik was getting passed around on social media (again: real story: Trump relies on unreliable sources for news). Here are just a few of Eichenwald's many, many tweets promoting his own article (and note how most have tons of retweets):
Note that he insists that the only way Trump could have gotten this is from the Russians. But that's clearly not true. The Sputnik story was up and lots of people saw it, and it was discussed on Twitter and elsewhere. It makes perfect sense that someone who saw it either works for the Trump campaign or knew someone there and sent it over. Again: that's the real story: Trump relies on sketchy sources found online.
This morning lots of people were pointing out the problems with Eichenwald's exaggerations about his story, including the Washington Post, NY Magazine and Glenn Greenwald at the Intercept. Greenwald's account highlights that many Hillary Clinton supporters keep saying that the Podesta leaks include faked emails, but no one has pointed out a single one.
Eichenwald, for his part, keeps insisting that the original Sputnik report involved a "manipulated" email, which implies that the email was faked or doctored. This is flat out wrong. The email was misrepresented. It's entirely possible that it was misrepresented on purpose to make Clinton look bad. But misrepresented is different than doctored. Here, let me prove it to you: Eichenwald misrepresented who could have possibly seen the Sputnik piece. He did not doctor that information.
I don't think -- as some are claiming -- that this is evidence of "media bias" on Eichenwald's part. I honestly think that he's guilty of the same thing that probably happened with Sputnik. He saw what seemed to be a really great story, and oversold it. Sputnik did the same. Both look bad.
And, honestly, almost everyone comes out of this looking bad. Eichenwald and Newsweek oversold a story. Various Clinton supporters look bad for buying the claims in the story without reading them or checking them carefully. Trump, of course, looks bad for relying on a Russian government site for unreliable news. And, basically, everyone looks at this story and sees from it what they want. Trump supporters can see more examples of media bias. Clinton supporters believe there's more support for the idea that Russia is supporting Trump. Wikileaks haters get more ammo claiming that the site is working with the Russians and/or that it's releasing fake emails (though it does not appear to be doing so). Again: many of these things may actually be true, but this story only supports the single claim of Trump relying on bad info.
But this is the state of things today. 2016 can't end fast enough. Hopefully 2017 is better.
We've long been supporters of the concept of Wikileaks around here, though we've had some concerns about some of the decisions it has made. Generally speaking, though, we find the accusations and conspiracy theories around Wikileaks to be somewhat ridiculous. The latest comes buried in a Politico article about the massive amount of dysfunction within the Democratic National Committee. Apparently since Wikileaks released a bunch of DNC emails, leading to chair Debbie Wasserman Schultz stepping down, it has freed up a bunch of people to bitch and whine about her (lack of) leadership and what a mess the whole DNC has been recently.
But, buried deep within that article is this wacky tidbit:
Staff members were briefed in a Tuesday afternoon meeting in Washington that their personal data was part of the hack, as were Social Security numbers and other information for donors, according to people who attended. Don’t search WikiLeaks, they were told — malware is embedded throughout the site, and they’re looking for more data.
We've seen various organizations impacted by Wikileaks come up with all sorts of excuses and claims about why people shouldn't use the site, but "the site is embedded with malware" is a new one. It also seems hellishly unlikely. It's the kind of thing that someone would discover and it would destroy whatever credibility Wikileaks has left. I guess anything is possible, but this sounds like the DNC freaking out over the leaks and trying to spread bogus rumors in the hopes that it will get people to stop looking at their leaked files.
Important Update: Michael Best has now come out and said that it was actually he who uploaded the files in question, which he got from the somewhat infamous (i.e., hacked the Hacking Team) hacker Phineas Fisher. Through a somewhat convoluted set of circumstances, it appeared the files were associated with the Wikileaks leak when they were not -- and then basically everyone just started calling each other names:
The files were obtained by Phineas Fisher, who was the source. As far as I can tell, Fisher did not intend to dump all of the files publicly, and Fisher has not indicated that he meant to give any of the files to WikiLeaks to publish. However, they received a partial set of the documents and decided to publish them.
Following the WikiLeaks release of the partial set, Fisher decided to release his set. Since the files came from a known source (Fisher has been responsible for many high profile hacks, including the hack on the Hacking Team), I used the torrent file that the files were released through to create a bittorrent instance on the Internet Archive’s server. The server proceeded to download the torrent and create the item that was linked to by WikiLeaks.
After the personal information was discovered, the AKP files were removed from the Internet Archive’s server.
Although I wasn’t aware that it was included in the release at the time, I accept my responsibility in distributing the personal information. The explanation as to how it happened is not an excuse for the fact that it did happen.
Of course, in the meantime, there's been a lot of nastiness, with Wikileaks and its supporters unfairly claiming that Zeynep Tufekci was an agent for the Erdogan government -- which is insane if you know her at all. As Best notes in his piece, it's entirely reasonable that Tufekci assumed Wikileaks was responsible for the files (even though she only accused them, accurately, of promoting the files, not uploading or hosting them -- and they did, in fact, tweet a link to the files as well as post it to Facebook), and while Wikileaks may be on the defensive about other claims about its leaks, it didn't need to attack her credibility in the process. And it is true that Wikileaks tweeted a link to the files.
Update 2: In response to our update, Zeynep Tufekci has sent over the following quote, noting that she still has concerns about how Wikileaks handled this:
"Wikileaks has never clarified that the emails it hosts are almost entirely mundane emails of ordinary citizens and revealed nothing of public interest after days of intense combing (though there were privacy violations there as well), and it has never apologized for the fact that the databases that it repeatedly, and via multiple channels, pointed to its millions of followers as full data of "our AKP emails" (they weren't) and "more" actually contained private and sensitive information of tens of millions of people in Turkey, including more than 20 million women. I never claimed that they hosted; I was agnostic on that point so none of the substantive discussions revolves around who hosted them. However, I'm glad the person who uploaded them has come forward to apologize, and learn from this. I hope the broader hacker community also reflects on this, and realizes that rushing, jumping on news cycles, dumping data indiscriminately, uploading stuff you do not know, working in a language you do not understand with no local contacts, and then accusing your critics of being government shills without the slightest attempt at research is not okay."
And... original article below.
Last week, we (like many others) reported on the news that Turkey was blocking access to Wikileaks, after the site released approximately 300,000 emails, supposedly from the Turkish government. We've long been defenders of Wikileaks as a media organization, and its right to publish various leaks that it gets. However, Zeynep Tufekci, who has long been a vocal critic of the Turkish government (and deeply engaged in issues involving the internet as a platform for speech) is noting that the leak wasn't quite what Wikileaks claimed it was -- and, in fact appears to have revealed a ton of private info on Turkish citizens.
Yes -- this "leak" actually contains spreadsheets of private, sensitive information of what appears to be every female voter in 79 out of 81 provinces in Turkey, including their home addresses and other private information, sometimes including their cellphone numbers. If these women are members of Erdogan's ruling Justice and Development Party (known as the AKP), the dumped files also contain their Turkish citizenship ID, which increases the risk to them as the ID is used in practicing a range of basic rights and accessing services. I've gone through the files myself. The Istanbul file alone contains more than a million women's private information, and there are 79 files, with most including information of many hundreds of thousands of women.
What's not in the leak, apparently, is anything really about Erdogan's government:
According to the collective searching capacity of long-term activists and journalists in Turkey, none of the "Erdogan emails" appear to be emails actually from Erdogan or his inner circle. Nobody seems to be able to find a smoking gun exposing people in positions of power and responsibility. This doesn't rule out something eventually emerging, but there have been several days of extensive searching.
At the very least, this does raise some ethical questions. In the past, Wikileaks has (contrary to what some believe!) actually been pretty good about redacting and hiding truly sensitive information that isn't particularly newsworthy. It's possible that this is just a slip up. Or it's possible that Wikileaks got lazy. Or it's possible that the organization doesn't care that much to go through what it gets in some cases. [Update: Or, see the update above, where we discover it was a third party that uploaded this data, that then got associated with the Wikileaks data after Wikileaks tweeted].
I still think that the organization has every right to release what it gets, but it should also be open to criticism and people raising ethics questions about what it has chosen to release. The fact that it appears to have failed to consider some of the questions in this case, and then possibly overplayed the story of what was in this release is certainly concerning, and harms Wikileaks' credibility. [Update: so, this was a mistake, though it's unfortunate that Wikileaks then lashed out out Tufekci and others making additionally baseless claims. Yes, it was wrongly accused, but that's no reason to wrongly accuse others as well.]
As you almost certainly know by now, on Friday Wikileaks released a bunch of hacked DNC emails just before the Democratic Presidential convention kicked off. While Wikileaks hasn't quite said where it got the emails, speculation among many quickly pointed to Russian state sponsored hackers. That's because of the revelation last month of two sets of hackers breaching the DNC's computer system and swiping (at the very least) opposition research on Donald Trump. Various cybersecurity research firms, starting with CrowdStrike, which was hired by the DNC to investigate, pointed the finger at the Russians.
Of course, whether or not you believe that may depend on how credible you find the big cybersecurity firms like CrowdStrike, FireEye and Mandiant (the big names that always pop up in situations like this). For what it's worth, these guys have something of a vested interest in playing up the threat of big hacks from nation-state level hackers. For a good analysis of why this finger-pointing may be less than credible, I recommend two articles by Jeffrey Carr, one noting that these firms come from a history of "faith-based attribution" whereby they are never held accountable for being wrong -- and another highlighting serious questions about the designation of Russia as being responsible for this particular hack (he notes that some of the research appeared to come pre-arrived at that conclusion, and then ignored any evidence to the contrary).
Still, the claim that the data came from the Russians has become something of a story itself. And, of course, who did the hack and got the info is absolutely a news story. But it's an entirely separate one from whether or not the leaked emails contain anything useful or newsworthy. And yet, because this is the peak of political silly season, some are freaking out and claiming that anyone reporting on these emails "has been played" by Putin and Russia. Leaving aside the fact that people like to claim that Russia's behind all sorts of politicians that some don't like, that should be entirely unrelated to whether or not the story is worth covering.
And yet, we already have stories arguing that "Putin weaponized Wikileaks to influence" the US election. That's ridiculous on multiple levels. Wikileaks releases all kinds of stuff, whether you agree with them or not. And the idea that this will actually impact the election seems... unlikely. Is the (not at all surprising) fact that the DNC is fully of cronyism and favoritism really suddenly going to shift voters to Trump? Of course, Wikileaks implicitly threatening someone with legal action for saying there's a connection between Russia and Wikileaks is pretty ridiculous as well.
To some extent, this reminds me of some people who freaked out over the Sony Pictures hack, a while back. There the culprit blamed was North Korea, a claim that at least many people remained skeptical of. But, even so, there were some (including Sony) who tried to argue that no one should report on the contents of the emails because it would somehow support the North Korean regime's goals.
Yes, whoever is behind such hacks is a story. But it does nothing to lessen or impact whether or not the leaked emails themselves are newsworthy. Arguing against anyone publishing stories about them just because they may have begun with Russian hackers is just a way of desperately trying to block embarrassing stories about the DNC from getting published.