Having said all this, I find myself disappointed in the results so far. The latest in a long line of efforts of prove this or that event did not happen is, as expected, a bust. And, for those who have no idea what I’m referring to, I do mean this piece in The Nation.

I read the original research, had questions then, and found most of them answered. And then Patrick Lawrence decided to take matters into his own hands. When the push-back came, I was in no way surprised; although the origin did catch me off-guard.

Without access to the breached servers, there are no forensic answers. Even those companies who substantiate the findings are relying on the claims of a not wholly impartial company. But, as you will see, there is another path to the truth.

While not everyone can understand network forensics, there is one thing we can all do, and do generally well in most cases. We can read. Furthermore, the DNC hack is not the whole of the Russia story.

There are many claims, many sides, to the saga surrounding the last election. For the most part, all we have are reports from journalists to inform us. Yet these are incredibly valuable sources. With wise use, they offer us all the answers we seek.

A Forgotten History

What better place to begin than at the beginning. Or, perhaps it is better to say, before the beginning.

I gather most people assume an interest in Trump’s ties to Russia begins when the DNC emails start leaking out. Or, at the very least, when the Orange Menace asks Russia to hack Hillary’s deleted emails. Nothing could be farther from the truth.

The farther we look back, the more we will find. As you can see, some of those emails tell a different story. Clearly, there is an interest in Trump’s connections to Russia pre-dating the conclusion of the nomination.

A couple of examples of the Clinton campaign’s interest in Trump’s foreign policy experience.

Clearly, the Clinton campaign is looking for Trump’s weaknesses concerning Russia before the end of the election. Perhaps before discovering the DNC servers are the targets of Russian hackers. And definitely before Trump is their opponent.

While these emails, at first glance, may seem to bear little connection to the DNC hacking, I see in them a crucial role. They show the Clinton campaign in the process of highlighting one of Trump’s biggest weaknesses; his lack of foreign policy experience.

But this is a play handicapped by Hillary’s own history.

At this point in the campaign, with Bernie Sanders chances fading, Hillary’s looking forward to the general election. A well-known part of her strategy involves reaching out to Republican voters. But not just any Republican voters; she desperately wants the support of neoconservatives.

Their support should be assured, except there is one small problem. Both Hillary and Bill have extensive ties to foreign interests. Some of which involve Russia (including at least one Russian bank).

For the neocons, ties to Russia are a no-no. Cozy relationships with the oligarchs under Putin will not go over well in conservative circles. And god forbid you make deals seen as disadvantaging the United States.

Turning to other leaked emails, we see the campaign has an awareness of the problem as well. After WikiLeaks threatens to release these very emails, that such a release might cause further complications is implicit. So, how will the Clinton campaign respond?

Given Hillary’s history, her first impulse will involve deflection. Much of the groundwork, as you can see, is already in place. But how do we get from there to making accusations the Trump campaign is colluding with the Russians?

Only now can we turn to the DNC hack.

A Curious Discrepancy

On June 14, the Washington Post first reports the hacking of the Democratic National Committee. Buried within the story, we find the DNC and CrowdStrike are completely unaware of one another. In fact, their fateful meeting is the result of a referral.

DNC leaders were tipped to the hack in late April. Chief executive Amy Dacey got a call from her operations chief saying that their information technology team had noticed some unusual network activity. “It’s never a call any executive wants to get, but the IT team knew something was awry,” ­Dacey said. And they knew it was serious enough that they wanted experts to investigate. That evening, she spoke with Michael Sussmann, a DNC lawyer who is a partner with Perkins Coie in Washington. Soon after, Sussmann, a former federal prosecutor who handled computer crime cases, called [CrowdStrike COO Shawn] Henry, whom he has known for many years. Within 24 hours, CrowdStrike had installed software on the DNC’s computers so that it could analyze data that could indicate who had gained access, when and how.

Oddly, this doesn’t match accounts concerning a prior breach at the DNC.

About a month and a half before, CrowdStrike appears in an earlier story from the Washington Post. At the end of the previous April, the Sanders campaign has withdrawn a lawsuit regarding access issues on the DNC server. But this article has another interesting tale to tell.

The announcement followed the completion of an outside investigation into the breach that found that four Sanders staffers had looked at unauthorized data related to 11 states over the course of an hour on the night of Dec. 16, according to a DNC summary of the findings. The DNC declined to release the study itself by the firm CrowdStrike. … In a statement Friday, Luis Miranda, the DNC communications director, said that the CrowdStrike analysis “confirmed that the DNC’s initial findings, which were the basis of the temporary shutdown in December, were accurate.”

As you can see, CrowdStrike is already working for the DNC. In other words, the story of reaching out to a third party, who then brings these two entities together for the first time, is total bullshit. And CrowdStrike has recently examined some DNC servers, while detecting no Russians.

Is there a way to explain the discrepancy? Let’s examine several possibilities.

First, I could be reading it wrong (wouldn’t be the first time), though I have read it several times. I do not see any other way of interpreting what is right before my eyes. The story rather clearly suggests the DNC was not aware of CrowdStrike before late April.

A second, equally likely, possibility involves simple error. An overzealous editor has removed important context. Ellen Nakashima has incorrectly quoted the official; or believes readers know of the earlier story. Although one would assume the DNC has the means to reach out and correct mistakes.

Finally, Amy Dacey may have no personal awareness of CrowdStrike’s work…

Note: This image has been modified to remove excessive white space. The original is here.

Well, that eliminates one possible explanation.

The evidence something is amiss is undeniable. Who is behind this convoluted and false sequence of events; the DNC, the Washington Post, or someone else? And why create a story someone, such as I for instance, might catch?

Same John. Same.

One more question, perhaps only tangentially related, is raised by another interview with a key player. Why did the DNC order CrowdStrike to take their findings to the Washington Post?

By the time of the hack, however, Donald Trump’s relationship to Russia had become an issue in the election. The DNC wanted to go public. At the committee’s request, Alperovitch and Henry briefed a reporter from The Washington Post about the attack. On June 14, soon after the Post story publicly linked Fancy Bear with the Russian GRU and Cozy Bear with the FSB for the first time, Alperovitch published a detailed blog post about the attacks. Alperovitch told me he was thrilled that the DNC decided to publicize Russia’s involvement.

From the publicly available evidence, it appears the Post is the first to learn of the hack outside of the DNC and CrowdStrike. Surely a foreign attack on an American political party is a matter for the Feds, not the press. Unless you have something you don’t want the Feds to see?

Don’t you hate it when your own organization kneecaps you?

“A Clear Preference for Donald Trump”

Ancillary to the DNC hack is another significant event; more notable for its absence than anything else. Where are the embarrassing Donald Trump emails?

While CrowdStrike claims official Russian involvement, one incident does not an effort make. Still, the fact the Republicans are not subject to a data dump is highly suggestive. At least it is highly suggestive to some people.

Several months after the DNC hacking, and shortly after the election, the “intelligence community” concludes the Russians are trying to help Donald Trump. At the heart of this assessment is the lack of releases similar to the DNC emails.

Let’s dig a little deeper into this.

During a Senate Committee hearing featuring James Clapper (DNI), John Brennan (CIA), and James Comey (FBI) among others, Comey answers a question about the absence of complementary releases:

There was evidence that there was hacking directed at state level organization, state-level campaigns and the RNC. But old domains of the RNC, email domains that they were no longer using. The information was harvested from there but it was also — old stuff. None of that was released. We did not develop any evidence that the Trump campaign or the current RNC was successfully hacked.

As with many of Comey’s statements, his response is not one hundred percent correct. He should be aware some Republican emails are released via the DCLeaks website. Perhaps the nature of those emails plays some role in his mistaken testimony.

The compromised Illinois GOP emails provided to the Tribune were dated from August to October of 2015 and did not involve Trump, Clinton or the presidential contest. The emails were sent to the state Republican Party. The subjects of the compromised emails included a suburban York Township Republican Women’s event; a request by McLean County GOP Chairman Chuck Erickson to attend a county training event that included Erickson’s phone number; and a notification from Mike Bigger, a member of the Illinois Republican State Central Committee, that he would be attending an event “and bringing a $1,000 check” from the Stark County party organization.

One gets the impression the emails are not particularly valuable. Still, nothing here suggests the assessment is wrong. Unless the RNC has a convincing explanation for why they are not breached, we can still assume whoever hacked the DNC is showing a preference.

Until now, few details had been disclosed about the nature of the targeting of Republican organizations, especially the flagship Republican National Committee, where hackers sent so-called phishing emails last spring to an email address there. Those emails were quarantined by a filter meant to detect spam as well as potentially malicious traffic that may carry viruses or trick recipients into divulging passwords, two officials said. A third person familiar with the investigation said RNC staff members didn’t realize they had been the target of spies until June, after Democratic committee leaders revealed that hackers had successfully gained a foothold inside their networks. Once inside, they reportedly were able to access a trove of DNC opposition research on Mr. Trump, then a candidate. RNC officials, concerned they too might have been compromised, called a private computer security firm, which in turn called the FBI and obtained information about what kinds of malicious emails to look for, the person said. Upon inspection, the RNC found that its electronic filters had blocked emails sent to a former employee matching the description they’d been warned about.

Compare the behavior of the security company the RNC contacts with for assistance to CrowdStrike’s. Notice a difference here?

The conclusion Russia is demonstrating a preference for Trump, based on email releases, now rests on shaky ground. The Republicans successfully prevent similar breaches. And those emails which are phished are not particularly newsworthy.

And with these facts in hand, what can we say about the intelligence community’s assessment?

Senator Collins: Did — does it depend on an assessment that the Russians covertly collected information from primarily Democratic sources but some Republican sources as well, but only chose to release these derogatory information from Democratic sources? [DNI] Director [James] Clapper: That’s correct.

“Meetings with Russian Officials”

We’ll return to the intelligence community in a moment. First, we should really touch on a few other subjects.

During the closing days of the election, dark suggestions — hints really — are sloshing around. Does the Trump campaign have any connection to the hacked DNC emails? Why are allies of Trump making veiled threats concerning WikiLeaks releases?

Surprisingly, the Washington Post is the first to remark on the lack of linkage between statement and event. Take for instance Roger Stone’s tweets; many of which are claims of impending doom for the Clinton campaign. And, for each claim, a corresponding result… of nothing.

Yet from such non-evidence, a whole spawn of new claims spring forth. Members of the Trump campaign are meeting, and coordinating, with the Russians. All of whom are intermediaries with various degrees of connection to the Kremlin.

For the most part, these claims are not amenable to historical treatment; there is simply too little evidence, and too much hearsay. For the most part, the claims rely on suspicious intelligence and sourcing. Yet, even as the logic defies reason, the claimants press ahead:

Anyone with reasonable knowledge of the Russian government should know that any conversation with a high-ranking Russian official is likely to be reported back to the Kremlin — and potentially intercepted by U.S. spy agencies. Sessions definitely qualifies as someone who would have “reasonable knowledge of the Russian government.

And never let an obvious contradiction get in the way. You might confuse the official narrative with your previous statements, or something.

Michael McFaul, who served as U.S. ambassador to Russia during the Obama administration, said that he was in Moscow meeting with officials in the weeks leading up to Obama’s 2008 election win. “As a former diplomat and U.S. government official, one needs to be able to have contact with foreigners to do one’s job,” McFaul said. McFaul, a Russia scholar, said he was careful never to signal pending policy changes before Obama took office.

Which is it Ambassador McFaul?

Even the latest revelation yields little more than boastful intentions. Once you get past the lead-up they show, at worst, a desire to boost Trump’s image as a negotiator.

“If he says it we own this election,” Mr. Sater wrote. “Americas most difficult adversary agreeing that Donald is a good guy to negotiate.”

As I said earlier, for the most part, we have too little evidence and too much insinuation. Until we come upon the meeting between Donald Trump’s oldest son and a Russian lawyer. Here we have a wealth of evidence for something — but what?

“Yeah. I’m a moron! What can I say? Fuhgettaboutit…”

To some observers, this is the smoking gun for the claims of “collusion.” Apart from the fact collusion does not apply in the sense many people seem to think it does, there are problems with their theory. Here’s one tweet I picked at random stating the most obvious.

Why are so many people ignoring the obvious?

Another includes the man who claims the lawyer in question is an agent of Putin. William Browder has a significant interest in making such claims; he’s responsible for the sanctions Natalia Veselnitskaya and her clients are looking to have lifted. At best, according to one impartial source, Ms. Veselnitskaya sits at a low-level in Russian politics.

But more importantly, we have Donald Trump’s own statements; all of which lead us away from a connection between the soon-to-be leaked DNC emails and this meeting. As a matter of record, the evidence suggests — and quite strongly — that the meeting was indeed about Hillary’s deleted emails. The evidence also suggests Donald Trump was well aware of what his son was doing.

Several facts are in black and white. The day Donald Jr. confirms his desire to meet with Ms. Veselnitskya, his father promises a “major address” concerning Hillary Clinton’s “corrupt dealings.” To say this suggests the elder Donald believes he’s about to receive some juicy information is to understate the significance of such a coincidence (big league).

But are the “official documents and information that would incriminate Hillary and her dealings with Russia” the emails from the DNC? There are reasons to say otherwise. And, once again, the evidence is right there in black and white.

In the effort to create a connection that likely does not exist, the New York Times (and others) emphasize the following words from Donald Jr.’s June 3rd email: “if it’s what you say I love it.” But take a look at his full response. Do you see what I see? Would it help to make it clearer?

Thanks Rob I appreciate that. I am on the road at the moment but perhaps I just speak to Emin first. Seems we have some time and if it’s what you say I love it especially later in the summer. Could we do a call first thing next week when I am back? Best, Don

“Later in the summer.” Later in the summer may mean exactly what it means. But the DNC hack is revealed five days later. The persona known as Guccifer 2.0 reaches out to reporters the next day. And the DNC emails are released exactly one week after that.

The importance of “later in the summer” is clear for those of us who follow politics. “Later in the summer” brings to mind the ominous October Surprise. For damaging emails about Hillary Clinton to have the most devastating effect, a release closer to the end of the general election is much preferable. Donald Trump Jr. may be an idiot, but he is no political novice.

Thanks to the impatience of these Russians, “later in the summer” becomes “next week.” And, given Donald Trump’s equal impatience, he wants to stick the dagger in the Clinton campaign’s weakly beating heart as soon as he has the blade. Sadly, for him, the whole meeting is a scam; and his visible frustration is where we are now conditioned to find it.

Far from joking, I find Trump’s public request to Russia is a reflection of his frustration. He doesn’t care what’s in those 33,000 deleted emails. He doesn’t care she willfully set up a private server to violate the FOIA. He really wants to know why — and how — Hillary Clinton gets off for committing what he (and others) considers a crime.

One final fuck you to the fantastic drama around meetings with Russian officials. Several emails released as part of various investigations may show a certain reticence on the part of the Trump campaign to meet with Russian officials. The sort of behavior one finds at odds with setting up a Russian puppet in the White House.

The Sincerest Form of Flattery

Behind the story of direct contact with Russian officials lies the “many, many, many, many” connections between Trump and Russia. Many, if not most, of Trump’s suspected vulnerabilities are of the financial variety. These connections also serve as the means to explain “his unusual flattery of Vladimir Putin.”

The premise, if one is willing to entertain it, is Trump’s bankruptcies have left him unable to secure loans from American banks. The evidence, flimsy as it is, is mainly comprised of suggestions, boasts, and people surrounding Trump who, in some way, connect to Russia.

As usual, there’s a small problem with the financial vulnerability angle. Donald Trump does not have a problem getting loans from American banks.

Contrary to countless reports portraying President Donald Trump’s relationship with banks as toxic, a new MarketWatch analysis shows Trump has virtually no trouble getting loans on good terms these days. Big banks like Barclays also welcome Trump’s money in brokerage accounts and one of the biggest, J.P. Morgan Chase, oversees his family trusts, according to a recent presidential disclosure. … On the contrary, some of his assets are rated as triple-A. The CMBS [collateralized mortgage bond security] that includes the Trump Tower note was rated triple-A.

What will people like Rachael Maddow reach for now, I wonder? Oh yes, those advisors and other assorted hangers-on, all with connections to Russia. Compare them to associates of the Clinton’s — including those with direct and indirect connections to Russian interests.

I can’t wait to see that lead story.

This still leaves us with many questions about Trump’s apparent inability to criticize the Russians. I seem to remember a president who also sought cooperation with Russia. He too was accused of going light on the criticism.

But Obama’s choices are no explanation. I believe I have one, as usual, based on publicly-available sources. I find Trump’s flattery is something he reserves for the people he wants to do business with; both personal and political. I suspect it also serves as a way to troll President Obama. Trump is nothing if not petty.

And, because the record is so rich, it’s really not an effort to find in Trump’s own tweets quite a large amount of criticism for Russia, and Putin. One has to wonder, do these highly-paid “journalists” not know how to use the Trump Twitter Archive? Sad!

Hacking Voter Registration Rolls

One of the more alarming stories surrounding the election involves confirmed voter database breaches in at least two states. These are, of course, part of some grand Russian effort. But in a notable twist, here events represent direct action on the part of the hackers; not a campaign of indirect influence.

The story appears to originate, as most seem to, with Pravda on the Potomac:

Hackers targeted voter registration systems in Illinois and Arizona, and the FBI alerted Arizona officials in June that Russians were behind the assault on the election system in that state. … It turned out that the hackers had not compromised the state system or even any county system. They had, however, stolen the username and password of a single election official in Gila County. Roberts said FBI investigators did not specify whether the hackers were criminals or employed by the Russian government…. The Arizona incident is the latest indication of Russian interest in U.S. elections and party operations…. … The FBI has told Illinois officials that it is looking at foreign government agencies and criminal hackers as potential culprits, Menzel said.

In both cases, no one goes on the record to claim official Russian involvement. Yet both serve to imply the Russian government has moved on from the DNC hack. Hey everybody, the Russians are trying to screw with the American election systems! [Cue to the patriotic war music…]

Roberts said FBI investigators did not specify whether the hackers were criminals or employed by the Russian government. … The Arizona incident is the latest indication of Russian interest in U.S. elections and party operations, and it follows the discovery of a high-profile penetration into Democratic National Committee computers. … The Russian campaign is also sparking intense anxiety about the security of this year’s elections.

But claiming the Russians are hacking the electoral system has numerous benefits. Democrats can now look for ways to tie a British-based microtargeting firm to Russia. Unsurprisingly, they are doing so on the basis of a very faulted story.

One more item of interest is worth noting. In September of last year, an official with the DHS provides a plausible purpose for the hacks. And he does so in a Congressional hearing.

[Andy Ozment, Assistant Secretary Department of Homeland Security, Office of Cybersecurity and Communications] The cyberattacks that you’re referring to in Arizona and Illinois were attacks on voter registration systems and they seem to have been intended to just copy the data on those systems, possibly for the purposes of selling personal information. So we have not seen intrusions intended to in any way impact individual’s votes in — in actual voting.

Just to give you a sense of how well “selling personal information” cleanly explains these breaches, consider the following:

The fact that private data was stolen from states is separately providing investigators a previously unreported line of inquiry in the probes into Russian attempts to influence the election. In Illinois, more than 90% of the nearly 90,000 records stolen by Russian state actors contained drivers license numbers, and a quarter contained the last four digits of voters’ Social Security numbers, according to Ken Menzel, the General Counsel of the State Board of Elections.

I must say, I do admire trying to fit the square peg of Russian interference into the round hole of identity thieves. Doing so surely takes a great deal of effort. I almost wish the writer had the heart to do so more convincingly.

No one can deny voters are seeing targeted ads during the election. But there is no plausible reason for Russia to steal voter data for the Trump campaign’s use. The fact political campaigns can easily purchase such data exposes modern snake-oil peddlers for the frauds they are.

So unless Putin’s plan includes sending millions of spies, armed with American’s personal information for the purpose of registering to vote, “Russian state actors” stealing social security and driver’s license numbers makes no sense at all.

Everything Depends on What You Mean By “Intelligence”

Working in intelligence, I imagine, bears more than a casual resemblance to the historian’s art. We both depend on sources, often of the same types and forms. We both assess the value of our sources with a number of similar factors in mind. And, we try to interpret what the source can tell us about the subject of our interest.

A poor source can (and often does) lead to a poor result. For both historians and intelligence professionals, I believe the phrase “garbage in, garbage out” conveys a certain hard truth. And when it comes to attribution sourcing from private security firms, the garbage is not only piling up, but beginning to stink mightily.

Beyond that, however, we really don’t know much about the sourcing for most intelligence claims. We can, however, see the results. They are, shall we say, less than encouraging.

Here is NSA Director Admiral Mike Rogers’ claiming that his agency is “watching” Russian hackers interfering with the French election. The usual suspects rush to report the statement. But very few note his French counterpart’s response.

Poupard said Rogers’ comments left him perplexed and that the French had long been on alert about potential threats to their presidential election. “Why did Admiral Rogers say that, like that, at that time? It really surprised me. It really surprised my European allies. And to be totally frank, when I spoke about it to my NSA counterparts and asked why did he say that, they didn’t really know how to reply either,” he said. “Perhaps he went further than what he really wanted to say.”

Were the French election the only example, you might correctly accuse me of inflating one mistake into a blanket condemnation. There are many more. Someone needs to account for failures such as these:

The original source for claims Russia is trying to hack into American institutions is the British GCHQ. They are also the source for this claim of Russian responsibility. It is one of a number of claims that, with a little investigation, turns out to be false.

When Qatari news sites are hacked, causing a diplomatic incident that remains unresolved, Russian hackers are immediately suspected. Within a few weeks, the Qataris discover the true source of the hacks; their neighbors in the UAE.

Part of the pattern of Russian interference involves hacking German institutions. One of these hacks includes a famous breach of the German parliament. Again, blaming the Russians turns out to be premature.

In another example from Germany, Russian trolls are suspects in a feared surge of fake-news. Here again, no evidence of Russian activity appears. Makes you wonder, is anyone even sure the Russians are real?

Something else I would like you to keep in mind concerning the relationship between historians and intelligence professionals. Like everyone, we have our biases. Doing our work well, we set them aside as much as possible, letting the evidence lead us to a conclusion; even a conclusion we do not expect. Doing our work poorly, we come to our conclusion first, and force the evidence.

I mention this because of the bearing it has on the history of intelligence. For those of you too young to remember, we went to war on the back of faulty intelligence. No, faulty is not quite the right word; fraudulent is more appropriate.

Am I about to accuse the American intelligence community of committing a fraud? Perhaps I am. For, as you will see, giving this piece from the Washington Post a close reading brings up all sorts of bad memories. Memories of forcing evidence to fit a pre-conceived conclusion.