Just Say No

This story got buried under the news of Andrew McCabe’s firing on Friday, but it’s important if we want to elect people who can bring about responsible government. That starts now, as we move toward November’s elections.

You know those cute little quizzes that are supposed to tell you something about who you are? Which movie star are you? Are you a cat or a dog person? What is your color? So much fun to compare with what you think of yourself and with your friends’ results. In fact, you could share on Facebook and urge your friends to see what their favorite color was. Those quizzes asked you to share most of your Facebook data before you could play.

You may have been contributing data to Cambridge Analytica’s work to help elect Donald Trump. Read more



Incompetence or Disloyalty?

That always seems to be the choice with these bozos.

Mr. Tillerson has voiced skepticism that the United States is even capable of doing anything to counter the Russian threat.

“If it’s their intention to interfere, they’re going to find ways to do that,” Mr. Tillerson said in an interview last month with Fox News. “And we can take steps we can take, but this is something that once they decide they are going to do it, it’s very difficult to pre-empt it.”

This is a man who was the CEO of Exxon. If he knew that Shell was stealing his top geological talent, would he have said something like that? Presumably he can talk to the NSA about what they would suggest? WTF is wrong with this guy?

Amazingly, there is actually a person in the relevant job of under secretary for public diplomacy, who seems to have a different view from his boss.

“This funding is critical to ensuring that we continue an aggressive response to malign influence and disinformation,” Mr. Goldstein said.

I really hate the conclusion that so many folks at the top of our government are disloyal. But they keep pushing me toward it.

It might be worthwhile to frontpage a list of all the Russia-friendly things that they’ve done. There’s this, and, only this week, Trump’s total disinterest in, and active distraction from, Vladimir Putin’s threatening speech.

If you’ll supply them, I’ll write a post in a day or so. My excuse for crowdsourcing is that it’s allergy season, and I’ve got a very busy Monday and Tuesday.



Inside Job Open Thread: Brad Parscale Bobs Up Again

The NYTimes handles the story as delicately as only the Grey Lady can:

With just 980 days to go until the next presidential election, President Trump said Tuesday that he would run again in 2020, an announcement that several White House advisers said simply meant the president would step up his preferred and much-missed activity of performing for an adoring crowd.

In effect, it continues the permanent campaign of a president who, from the time he took office over a year ago, has signaled his interest to run again and has kept holding campaign-style rallies. The president officially filed for re-election with the Federal Election Commission on Jan. 20, 2017, the day of his inauguration…

But another part of Mr. Trump’s announcement — that Brad Parscale, his 2016 campaign digital director, would be elevated to campaign manager — signaled a more complicated political maneuver on behalf of the president’s family, and specifically Jared Kushner, his son-in-law, according to the president’s advisers.

Mr. Kushner was close to Mr. Parscale during the 2016 campaign, and putting him in an expanded role was widely seen as a power play by the president’s son-in-law. It was first breathlessly reported by the Drudge Report — and billed as both a “historical record” and a “bold move. Matt Drudge, the website’s proprietor, is in frequent contact with Mr. Kushner.

Mr. Parscale, 42, is a frequent presence in Washington. The rare scruffily bearded man in Mr. Trump’s clean-shaven orbit, Mr. Parscale often spends one or two nights a week holding court with vendors and people he describes as “fans” in the lobby of the Trump International Hotel…

Mr. Parscale did not respond to a request for comment on Tuesday, but in an interview with The New York Times in June, he described himself as a “blue-collar kid from Kansas who understood what Trump was saying,” and spoke at length about his devotion to the Trump family.

“I was always the family guy on the campaign,” Mr. Parscale said. “If I saw or heard anything that I didn’t think was good for the family, my loyalty was to the family first.”

In another interview, in August, Mr. Parscale described his role on the 2016 campaign.

“I build the plumbing,” he said. “I changed the plumbing of campaigns, from moving it from TV to digital.”…

Last year Mr. Parscale also took a sizable cut from the Trump campaign. The biggest single expenditure of the $17 million it spent in 2017 was the $5.5 million it paid for digital advertising, nearly all of which passed through firms owned by Mr. Parscale…

He does what Mr. Trump wants done, without asking nosy questions about ‘ethics’ or ‘legality’. Of course he’s entitled to his due rewards, a little taste off the top. That’s how family is defined, in Trumpworld!

Politico:

Trump’s 2016 campaign and the digital operation that Parscale oversaw are under investigation by special counsel Robert Mueller. Earlier this month, Mueller indicted 13 Russians for trying to sabotage the last presidential campaign — helping Trump and hurting Hillary Clinton — through fake social media posts and other measures.

The special counsel in his charging documents said Trump campaign staffers were “unwitting” participants in the Russia effort, but he did not name any aides as co-conspirators.
Read more



Too Much Information

Do you wear a Fitbit?

If you do, satellites may be watching you.

Yesterday, Strava, a social network that collects data from devices with GPS, uploaded a heat map of its users around the world to the internet. Intelligence services are now combing that map for data about hidden military bases and other tidbits. It’s apparently not just fitbits, but mobile phones and a lot of other devices.

The Guardian gives a few examples. Here are a few more. Read more



Estonia Considers Its Monuments

Estonia’s Justice Minister, Urmas Reinsalu, said early in January that the government could take down the Soviet war memorial at Maarjamäe because it is falling apart and it is not on the official list of historic monuments. This led Prime Minister Jüri Ratas to suggest that the entire area, which includes a German cemetary and a memorial under construction to the victims of Communism, be designated a historic area.

The Soviet Union built many war memorials across its territory, particularly to commemorate World War II, or the Great Patriotic War, as they call it. I find those monuments moving; they are, after all, memorials to people who died in wars and who had families who grieved them. I’ve been to the Maarjamäe memorial a few times.

One of those times I visited with a graduate student who was studying monuments in the former Soviet Union. As we see now in the United States, monuments are a part of a country’s story of itself. The Soviet Union wanted to erase the past.

Read more



Trump’s Nonexistent Cyberdeterrence

Michael Morell and Mike Rogers argue that the United States has failed to deter Russia from its attacks on our electoral system because those attacks continue. They rely on a model of deterrence that assumes that what Russia is doing is in some way equivalent to physical war. They feel that the Barack Obama administration and Congress did not administer heavy enough penalties. They want “policies that prevent adversaries from achieving their objectives while imposing significant costs on their regimes.” but do not say what those policies would be.

Deterrence in cyberspace is not completely analogous to deterrence in physical war. Physical deterrence relies on observable, measurable things: the military and its equipment and positioning. Attribution in cyberspace is murkier than in the physical world, which weakens deterrence. Countermeasures are likely to rely on surprise, so they cannot be fully revealed to bolster deterrence. Imposing sanctions or other measures after the fact is possible and may deter future hostile action. An essential part of deterrence is a statement of unacceptable actions and the planned response to those actions.

Two recent long articles in the Washington Post on Russian interference in the 2016 US election list the countermeasures the Obama administration decided on. They included expulsions of 35 diplomats and the closure of two Russian compounds, economic sanctions against individuals, and planting of cyberweapons in Russia’s infrastructure that could be activated in the future. The last may or may not have been implemented; the articles are unclear. Read more



Penetration at All Levels: The Trump Organization Was Hacked Four Years Ago

David Corn and AJ Vicens at Mother Jones have the details.

Four years ago, the Trump Organization experienced a major cyber breach that could have allowed the perpetrator (or perpetrators) to mount malware attacks from the company’s web domains and may have enabled the intruders to gain access to the company’s computer network. Up until this week, this penetration had gone undetected by President Donald Trump’s company, according to several internet security researchers.

In 2013, a hacker (or hackers) apparently obtained access to the Trump Organization’s domain registration account and created at least 250 website subdomains that cybersecurity experts refer to as “shadow” subdomains. Each one of these shadow Trump subdomains pointed to a Russian IP address, meaning that they were hosted at these Russian addresses. (Every website domain is associated with one or more IP addresses. These addresses allow the internet to find the server that hosts the website. Authentic Trump Organization domains point to IP addresses that are hosted in the United States or countries where the company operates.) The creation of these shadow subdomains within the Trump Organization network was visible in the publicly available records of the company’s domains.

Here is a list of a Trump Organization shadow subdomains.

The existence of these shadow subdomains suggests a possible security compromise within Trump’s business network that created the potential for unknown actorsusing these Trump Organization subdomains—to launch attacks that could trick computer users anywhere into handing over sensitive information and unknowingly allow the attackers access to their computers and network. In fact, the IP addresses associated with the fake subdomains are linked to an IP address for at least one domain previously used by hackers to deploy malware known as an “exploit kit,” which can allow an attacker to gain a computer user’s passwords and logins or to take over another computer and gain access to the files within it.
Much more at the link. And I’m sure much more reporting and analysis to come over the next several days.