Warning: count(): Parameter must be an array or an object that implements Countable in /home/tbrnew5/public_html/wp-includes/post-template.php on line 284

TBR News January 24, 2019

Jan 24 2019

The voice of him that crieth in the wilderness, Isaiah 40:3-8 

Washington, D.C. January 24, 2019:”There isn’t any question that the planet’s huge ice caps are melting at a furious rate and that, as a logical consequence, the planet’s  sea levels are rising.

However, in the United States at least, oceanographers are enjoined from discussing the obvious fact that coastal cities and infrastructure are headed for massive, long-term flooding and destruction.

This is not to be talked about because the government has neither the money nor the desire to aid their flooded citizens and further, the banks who hold mortgages on houses and businesses under water will not forgive the mortgages they hold on these properties.

This means a displaced citizen must pay on a house that is under water and if they do not, foreclosures happen and credit is ruined.

The government will not want to challenge the banks so either the flood victim pays off or has to live in a tent. “

 

The Table of Contents

  • Senate plans votes to end shutdown, but solution still far off
  • Ex-Trump lawyer Cohen postpones testimony to Congress, citing ‘threats’
  • Locked out of House by Pelosi, Trump vows State of Union alternative
  • Senate intel panel subpoenas former Trump lawyer Cohen, says Cohen adviser
  • Democrats launch inquiry into White House’s use of security clearances
  • Russia says ‘arbitrary’ Israeli air strikes on Syria must stop
  • Venezuela crisis: How the world sees it
  • The CIA Confessions: The Crowley Conversations
  • Adelaide breaks its all-time heat record, hitting 46.6C,(115 F) in extreme Australia heatwave
  • European court orders Italy to pay Amanda Knox damages
  • Everybody Does It: The Messy Truth About Infiltrating Computer Supply Chains

 Senate plans votes to end shutdown, but solution still far off

January 24, 2019

by Richard Cowan, Susan Cornwell

Reuters

WASHINGTON (Reuters) – The Republican-led U.S. Senate planned votes on Thursday for competing proposals to end the partial government shutdown – both of which were likely to fail – as lawmakers and the White House sniped at each other over how to break their monthlong impasse.

Just hours before the Senate was scheduled to vote, there were signs that lawmakers might consider new ideas for ending the 34-day shutdown, which was triggered by Trump’s demand for money to fund his long-promised wall on the U.S.-Mexico border. The shutdown has left hundreds of thousands of government workers furloughed or working without pay.

House of Representatives Speaker Nancy Pelosi, a Democrat, told reporters that she was willing to meet face-to-face with Republican President Donald Trump to discuss the issue.

Her comment came one day after she announced that Trump’s State of the Union speech in the House chamber, scheduled for Tuesday, would not occur until the shutdown ended, despite the president’s plans to come. Trump, who considered giving the speech at another venue, conceded late on Wednesday and said he would deliver the speech in the House in the “near future.”

Trump wants $5.7 billion for the border barrier, opposed by Democrats, as part of any legislation to fund about a quarter of the federal government.

The longest such shutdown in U.S. history has left 800,000 federal workers, as well as private contractors, without pay and struggling to make ends meet, with the effects on government services and the economy reverberating nationwide.

U.S. Commerce Secretary Wilbur Ross on Thursday urged furloughed federal workers to seek loans to pay their bills while adding in a CNBC interview that he couldn’t understand why they were having trouble getting by.

Pelosi denounced the comments.

“Is this the, ‘Let them eat cake’ kind of attitude or ‘Call your father for money?’ or ‘This is character building for you?’” Pelosi asked at a news conference.

She said she did not understand why Ross would make the comment “as hundreds of thousands of men and women are about to miss a second paycheck tomorrow.”

Trump had a response for Pelosi as well.

“Nancy just said she ‘just doesn’t understand why?’ Very simply, without a Wall it all doesn’t work. Our Country has a chance to greatly reduce Crime, Human Trafficking, Gangs and Drugs. Should have been done for decades. We will not Cave!” he said in a tweet.

VOTES PROCEED

Meanwhile, Senate Majority Leader Mitch McConnell planned a vote on Thursday afternoon on a Democratic proposal to fund the government for three weeks that does not include wall funding.

Its prospects looked dim in the Republican-majority Senate, although at least one conservative senator reportedly plans to back it. The Democratic-controlled House has passed similar bills but Trump has rejected legislation that does not include the wall funding.

McConnell has previously said he would not consider legislation that Trump did not support. The fact that he is willing to allow a vote suggests he may be trying to persuade lawmakers of both parties to compromise.

Republican Senator Cory Gardner intends to vote for the bill, the Denver Post said, citing the lawmaker’s spokesman. Gardner’s representatives could not be reached for immediately for comment.

McConnell also planned to hold a vote on a separate bill that includes wall funding and a temporary extension of protections for “Dreamers,” hundreds of thousands of people brought to the United States illegally as children, to reflect an offer Trump made on Saturday.

Democrats have dismissed Trump’s offer, saying they would not negotiate on border security before reopening the government and would not trade a temporary extension of the immigrants’ protections in return for a permanent border wall they have called ineffective, costly and immoral.

McConnell’s calculation may be that if both bills fail, Republicans and Democrats would be convinced to seek a deal.

One possibility emerged on Wednesday when House Democratic leaders floated the idea of giving Trump most or all of the money he seeks for security along the Mexican border but that could not be used to build a wall.

Representative James Clyburn, the No. 3 House Democrat, said Democrats could fulfill Trump’s request for $5.7 billion for border security with technological tools such as drones, X-rays and sensors, as well as more border patrol agents.

A Reuters/Ipsos poll last week found more than half of Americans blamed Trump for the shutdown even as he has sought to shift blame to Democrats after saying last month he would be “proud” to close the government for border security.

Reporting by Richard Cowan and Susan Cornwell; additional reporting by Susan Heavey and Roberta Rampton; Writing by Jeff Mason; Editing by Bill Trott

 

 

Locked out of House by Pelosi, Trump vows State of Union alternative

January 23, 2019

by Susan Heavey and Susan Cornwell

Reuters

WASHINGTON (Reuters) – U.S. President Donald Trump said on Wednesday he would hold an alternative event to the State of the Union address after Democratic leader Nancy Pelosi barred him from speaking in the House of Representatives until the partial government shutdown ends.

The clash between two of Washington’s most powerful leaders escalated the standoff that has partly closed the government for 33 days and that threatens the U.S. economy and the livelihoods of about 800,000 federal workers.

On Speaker Pelosi’s move to lock him out of the House, Trump said at a White House meeting on border security, “It’s a disgrace.”

Pelosi told the president that for now she would not consider a measure authorizing the speech, an annual, televised rite in American politics traditionally delivered in the House chamber.

“Again, I look forward to welcoming you to the House on a mutually agreeable date for this address when government has been opened,” Pelosi said to Trump in a letter.

Earlier in the day, Trump essentially dared her to disinvite him from making the speech, which was set for next Tuesday.

Several House Democrats said Pelosi did the right thing.

“He’s an uninvited guest. This chamber doesn’t belong to him. We have a separation of powers here,” said Representative Jamie Raskin of Maryland. “We make the laws here, and his job is to make sure the laws are faithfully executed. He hasn’t done that, and he’s not invited.”

The State of the Union speech, used by presidents to announce their policy goals for the year, has become a hostage to the showdown between Trump and congressional Democrats over his demand for funding for a U.S.-Mexico border wall.

About a quarter of the government has been shut down since Dec. 22 when some U.S. agencies’ funding expired for reasons unrelated to border security or immigration. Trump at first expressed support for legislation to restore the agencies’ funding. Then he demanded that any shutdown-ending measure must contain $5.7 billion for the border wall, funding that Democrats oppose.

During the 2016 presidential campaign, Trump promised that Mexico would pay for his wall, but Mexico refused and now the Republican president wants U.S. taxpayers to pay for it.

House Democrats have approved several measures to fully reopen the government, but none has won approval in the Senate, which is controlled by the Republicans. Test votes on related measures were scheduled for Thursday in the Senate.

Pelosi suggested on Jan. 16 that Trump postpone the State of the Union speech because of the closure.

She cited concerns about security for the event. Earlier on Wednesday, Trump tried to brush aside Pelosi’s concerns and said he planned to deliver the address before the U.S. Congress as scheduled next Tuesday.

“It would be so very sad for our Country if the State of the Union were not delivered on time, on schedule, and very importantly, on location!” Trump wrote to Pelosi.

The president is required to give Congress a report on the nation, but is not required to deliver it in a live, televised address before lawmakers. Many past presidents have delivered it in writing.

Reporting by Susan Heavey and Susan Cornwell; additional reporting  by David Morgan; editing by Kevin Drawbaugh, Lisa Shumaker and Jonathan Oatis

 

Ex-Trump lawyer Cohen postpones testimony to Congress, citing ‘threats’

January 23, 2019

by Susan Cornwell

Reuters

WASHINGTON (Reuters) – President Donald Trump’s former personal lawyer Michael Cohen is postponing his Feb. 7 testimony to the U.S. Congress because of threats against his family from Trump, his adviser said on Wednesday.

Cohen, who has pleaded guilty to crimes including campaign finance violations during Trump’s 2016 election campaign and is cooperating with investigators, had received “ongoing threats against his family from Trump” and Trump’s lawyer Rudy Giuliani, the adviser, attorney Lanny Davis, said in a statement.

Trump called Cohen a “rat” in a tweet last month for cooperating with prosecutors. Cohen had been Trump’s self-described longtime “fixer” and once said he would take a bullet for the New York real estate developer.

In a Fox News interview this month, and other forums, Trump also suggested he had damaging information on Cohen’s father-in-law. “That’s the one that people want to look at,” Trump said in the interview. Giuliani also referred to possible issues with him.

Cohen’s father-in-law, Fima Shusterman, could not immediately be reached for comment. He has been involved in the taxicab business like Cohen himself.

Cohen was expected to appear before the U.S. House of Representatives Oversight Committee A new date has not been scheduled and he will go to a federal prison in March.

During an event at the White House, Trump was asked about Cohen saying he had been threatened by him and Giuliani.

“I would say he’s been threatened by the truth. He’s only been threatened by the truth,” Trump said.

Giuliani told Reuters that the “president’s response covers it.”

Representative Elijah Cummings, chair of the Committee on Oversight and Reform, and Representative Adam Schiff, chairman of the House Permanent Select Committee on Intelligence, both Democrats, said in a statement they understood the concerns for the safety of Cohen and his family in light of the attacks by Trump and Giuliani.

But the lawmakers said they would not “let the President’s tactics prevent Congress” from getting to the truth.

“I promise you that we will hear from Mr. Cohen. … Whatever we have to do

But the lawmakers said they would not “let the President’s tactics prevent Congress” from getting to the truth.

“I promise you that we will hear from Mr. Cohen. … Whatever we have to do to get him here, we’re going to do it,” Cummings told reporters in a Capitol hallway. He declined to say if that meant a subpoena.

Chicago attorney Andrew Boutros said he was not sure what to make of it all. “Mr. Cohen’s statement is long on conclusions and short on facts and details,” said Boutros, a former federal prosecutor.

Cohen was sentenced in December to three years in prison for crimes including orchestrating hush payments to women in violation of campaign laws before the 2016 election. He said in the guilty plea that he was directed to make the payments by Trump. The president and his lawyers have argued the payments were a personal matter unrelated to the election.

Cohen had volunteered to testify before the congressional panel. Davis said Cohen looked forward to testifying at a later date.

Reporting by Susan Cornwell; Additional reporting by David Alexander, Nathan Layne, Andy Sullivan, Ginger Gibson and Karen Freifeld; Editing by Grant McCool and Peter Cooney

 

Senate intel panel subpoenas former Trump lawyer Cohen, says Cohen adviser

January 24, 2019

WASHINGTON (Reuters) – The Senate Intelligence Committee on Thursday subpoenaed President Donald Trump’s former lawyer Michael Cohen to testify, a day after Cohen said he planned to postpone an appearance next week in the U.S. House of Representatives, Cohen’s adviser Lanny Davis said.

“This morning the Senate Intelligence Committee served Michael Cohen with a subpoena,” Davis said in a statement.

MSNBC and CNN said the subpoena called for Cohen to appear before the panel in mid-February.

A spokesman for Senator Richard Burr, the chairman of the Senate Select Committee on Intelligence, declined to comment on the subpoena.

Cohen, who has pleaded guilty to crimes including campaign finance violations during Trump’s 2016 election campaign and is cooperating with investigators, postponed his scheduled House appearance because of “ongoing threats against his family from Trump” and Trump’s lawyer Rudy Giuliani, Cohen’s adviser, attorney Lanny Davis, said on Wednesday.

Trump called Cohen a “rat” in a tweet last month for cooperating with prosecutors. Cohen had been Trump’s self-described longtime “fixer” and once said he would take a bullet for the New York real estate developer.

In a Fox News interview this month, and other forums, Trump also suggested he had damaging information on Cohen’s father-in-law. “That’s the one that people want to look at,” Trump said in the interview. Giuliani also referred to possible issues with him.

Reporting by Tim Ahmann and Karen Freifeld; Writing by David Alexander; editing by Diane Craft

 

Democrats launch inquiry into White House’s use of security clearances

  • Trump officials accused of ‘grave breaches of national security’
  • Questions over Jared Kushner, Michael Flynn and Rob Porter

January 23, 2019

by Sabrina Siddiqui in Washington and agencies

The Guardian

A powerful House committee now led by Democrats has launched an investigation into the Trump administration’s use of security clearances, accusing the White House and the 2016 presidential transition team of “grave breaches” in the process that awards access to some of the nation’s most closely guarded secrets.

The inquiry by the House oversight and reform committee, announced on Wednesday, takes direct aim at some of those closest to the president over the past two years, including the former national security adviser Michael Flynn, Trump son-in-law and senior adviser Jared Kushner and former White House aide Rob Porter.

The review also sets up one of the first potential fights between a Democrat-led House committee and a White House bracing for a number of investigations in the wake of last year’s midterm elections that eroded Republican control in Congress.

Representative Elijah Cummings of Maryland, the oversight committee chairman, said in a letter to the White House that he was undertaking the investigation in response to “grave breaches of national security at the highest level of the Trump administration”.

“The goals of this investigation are to determine why the White House and Transition Team appear to have disregarded established procedures for safeguarding classified information, evaluate the extent to which the nation’s most highly guarded secrets were provided to officials who should not have had access to them, and develop reforms to remedy the flaws in current White House systems and practices,” he wrote.

Questions over security clearances have long plagued the Trump White House.

Former national security adviser Michael Flynn maintained a security clearance even after lying to the FBI about his secret conversations with the Russian ambassador to the US.

Trump’s former staff secretary Rob Porter operated on an interim security clearance despite allegations of spousal abuse.

And the president’s son-in-law, Jared Kushner, was forced to revise his form three times after omitting 100 foreign contacts while applying for top-level security clearance.

That move resulted in Kushner having his access downgraded, though it was restored last May after the completion of his background check.

Cummings has also requested documents pertaining to the former White House chief of staff John Kelly’s own internal review of the security clearance process in 2018, which according to his statement “found that 34 White House officials who had started working on the first day of the Trump administration were still working with interim security clearances as of November 2017 and that more than 130 political appointees in the Executive Office of the President were working with interim security clearances as of that date”.

In addition to investigating specific security clearances granted to White House officials, Cummings is asking the White House to explain why it has failed to provide Congress with information about its security clearance process as required by a law passed last year. The law required the White House to provide Congress a report on its security clearance procedures by last August.

The White House did not immediately respond to a request for comment.

 

Russia says ‘arbitrary’ Israeli air strikes on Syria must stop

January 23, 2019

MOSCOW (Reuters) – Russia said on Wednesday that Israel should stop carrying out what Moscow called arbitrary air strikes on Syria, days after the Israeli air force targeted what Israel said were Iranian forces there.

Israel has repeatedly attacked what it describes as Iranian targets in Syria and those of allied militia, including Lebanon’s Hezbollah. Prime Minister Benjamin Netanyahu describes the effort as an open-ended campaign to push back arch-foe Tehran.

The strikes have long caused friction between Israel and Russia, which apart from Iran is Syrian President Bashar al-Assad’s other major foreign backer.

Israeli officials have spoken in the past of an agreement with Moscow under which they have made clear their strikes on Syria would not threaten Assad, while Russia has promised to help limit Iranian influence near the Israeli frontier. A hotline set up since 2015 is aimed at ensuring Russian forces in Syria are not surprised by Israeli attacks.

“The practice of arbitrary strikes on the territory of a sovereign state, in this case, we are talking about Syria, should be ruled out,” Russian Foreign Ministry spokeswoman Maria Zakharova said, in answer to a question from Russian news agency TASS about recent Israeli air strikes on Syria.

She said such strikes added to tensions in the region, which she said was not in the long-term interests of any country there, including Israel.

“We should never allow Syria, which has suffered years of armed conflict, to be turned into an arena where geopolitical scores are settled,” TASS cited her as saying.

Her comments follow Israeli strikes in Syria on Monday. Israel did not immediately respond.

Earlier on Wednesday, Netanyahu signalled that the Syria sorties would continue.

“The IDF (Israel Defence Force) is the only military that is fighting the Iranian army in Syria,” he said during a visit to an Israeli army base. “I am certain in our ability to defeat the enemy.”

Reporting by Tom Balmforth and Dan Williams; editing by Andrew Osborn

 

Venezuela crisis: How the world sees it

Venezuela is in the midst of a political crisis after opposition politician Juan Guaido declared himself president. DW takes a look at how countries in South America and beyond reacted to the move.

January 24, 2019

DW

Venezuela’s opposition leader and president of the National Assembly, Juan Guaido, stunned the world on Wednesday when he declared himself acting president.

The move has split opinion in the international community, with some countries recognizing the 35-year-old as president, several voicing support for President Nicolas Maduro, and others calling for fresh elections.

Countries that recognize Guaido:

  • United States: President Donald Trump declared Guaido the legitimate president on Twitter. He also pledged US “economic and diplomatic power to press for the restoration of Venezuelan democracy.”
  • Lima Group: Thirteen of the bloc’s 14 members — Argentina, Brazil, Canada, Chile, Colombia, Costa Rica, Guatemala Guyana, Honduras, Panama, Paraguay, Peru and Saint Lucia — recognized the move in a joint statement. Brazilian President Jair Bolsonaro said: “In a note I have recognized Juan Guaido as Venezuelan president … we will give all political support to take this process to an end.”
  • Organization of American States: OAS President Luis Almagro welcomed Guaido’s announcement on Twitter. The union includes all 35 independent countries in the Americas.
  • Canada: Foreign Minister Chrystia Freeland declared her country’s support for Guaido, telling DW that Canada “recognizes and expresses our full support for the interm presidency of Venezuela.”

          Countries that support Maduro:

  • Cuba: Maduro’s long-time socialist ally said it backed Maduro against the “coup attempt.” Foreign Minister Bruno Rodriguez said the Venezuelan president would “prevail against the imperialist intervention.”
  • Bolivia: Leftist President Evo Morales also wrote on Twitter: “The claws of imperialism are again trying to deal a death blow to democracy and self-determination.”
  • Mexico: The government of President Andres Manuel Lopez Obrador refused to sign the Lima Group statement and instead said it would continue recognizing Maduro as president.
  • Russia: The Kremlin said Maduro was the legitimate president and warned that any external attempts to support regime change went against international law
  • Turkey: A presidential spokesman wrote on Twitter that Turkey stood by Maduro. He wrote: “My brother Maduro! Stay strong, we are by your side.”
  • China: The foreign ministry said Beijing rejected external interference in Venezuela and fresh sanctions against Maduro’s government. “China supports the efforts of the Venezuelan government to protect the sovereignty, independence and stability of the country,” a spokesman said.

And how did Europe react?

German Foreign Minister Heiko Maas said: “We call on all actors in Venezuela to exercise prudence and renounce violence.”

In a statement released on Thursday, the EU said that civil rights, freedom and the safety of Juan Guaido all need to be “observed and respected.”

The European Union’s foreign policy chief, Federica Mogherini, called for “free and credible elections.” The bloc did not recognize Guaido as president.

Donald Tusk, the president of the European Council, which represents the EU member governments, said separately that “unlike Maduro,” Guaido has “a democratic mandate from Venezuelan citizens” because he was elected to Venezuela’s parliament. Tusk called for a united response from EU countries that “supports democratic forces.”

French President Emmanuel Macron hailed the “courage” of protesters and tweeted that ‘Europe supports restoration of democracy’ in Venezuela following the “illegitimate election” of Nicolas Maduro.

Stopping short of explicitly recognizing Guaido as Venezuelan president, a spokesman for British Prime Minister Theresa May said: “We fully support the democratically elected National Assembly with Juan Guaido as its president.”

 

The CIA Confessions: The Crowley Conversations

January 24, 2019

by Dr. Peter Janney

On October 8th, 2000, Robert Trumbull Crowley, once a leader of the CIA’s Clandestine Operations Division, died in a Washington hospital of heart failure and the end effects of Alzheimer’s Disease. Before the late Assistant Director Crowley was cold, Joseph Trento, a writer of light-weight books on the CIA, descended on Crowley’s widow at her town house on Cathedral Hill Drive in Washington and hauled away over fifty boxes of Crowley’s CIA files.

Once Trento had his new find secure in his house in Front Royal, Virginia, he called a well-known Washington fix lawyer with the news of his success in securing what the CIA had always considered to be a potential major embarrassment.

Three months before, on July 20th of that year, retired Marine Corps colonel William R. Corson, and an associate of Crowley, died of emphysema and lung cancer at a hospital in Bethesda, Md.

After Corson’s death, Trento and the well-known Washington fix-lawyer went to Corson’s bank, got into his safe deposit box and removed a manuscript entitled ‘Zipper.’ This manuscript, which dealt with Crowley’s involvement in the assassination of President John F. Kennedy, vanished into a CIA burn-bag and the matter was considered to be closed forever.

The small group of CIA officials gathered at Trento’s house to search through the Crowley papers, looking for documents that must not become public. A few were found but, to their consternation, a significant number of files Crowley was known to have had in his possession had simply vanished.

When published material concerning the CIA’s actions against Kennedy became public in 2002, it was discovered to the CIA’s horror, that the missing documents had been sent by an increasingly erratic Crowley to another person and these missing papers included devastating material on the CIA’s activities in South East Asia to include drug running, money laundering and the maintenance of the notorious ‘Regional Interrogation Centers’ in Viet Nam and, worse still, the Zipper files proving the CIA’s active organization of the assassination of President John Kennedy..

A massive, preemptive disinformation campaign was readied, using government-friendly bloggers, CIA-paid “historians” and others, in the event that anything from this file ever surfaced. The best-laid plans often go astray and in this case, one of the compliant historians, a former government librarian who fancied himself a serious writer, began to tell his friends about the CIA plan to kill Kennedy and eventually, word of this began to leak out into the outside world.

The originals had vanished and an extensive search was conducted by the FBI and CIA operatives but without success. Crowley’s survivors, his aged wife and son, were interviewed extensively by the FBI and instructed to minimize any discussion of highly damaging CIA files that Crowley had, illegally, removed from Langley when he retired. Crowley had been a close friend of James Jesus Angleton, the CIA’s notorious head of Counterintelligence. When Angleton was sacked by DCI William Colby in December of 1974, Crowley and Angleton conspired to secretly remove Angleton’s most sensitive secret files out of the agency. Crowley did the same thing right before his own retirement, secretly removing thousands of pages of classified information that covered his entire agency career.

Known as “The Crow” within the agency, Robert T. Crowley joined the CIA at its inception and spent his entire career in the Directorate of Plans, also know as the “Department of Dirty Tricks,”: Crowley was one of the tallest man ever to work at the CIA. Born in 1924 and raised in Chicago, Crowley grew to six and a half feet when he entered the U.S. Military Academy at West Point in N.Y. as a cadet in 1943 in the class of 1946. He never graduated, having enlisted in the Army, serving in the Pacific during World War II. He retired from the Army Reserve in 1986 as a lieutenant colonel. According to a book he authored with his friend and colleague, William Corson, Crowley’s career included service in Military Intelligence and Naval Intelligence, before joining the CIA at its inception in 1947. His entire career at the agency was spent within the Directorate of Plans in covert operations. Before his retirement, Bob Crowley became assistant deputy director for operations, the second-in-command in the Clandestine Directorate of Operations.

Bob Crowley first contacted Gregory Douglas  in 1993  when he found out from John Costello that Douglas was about to publish his first book on Heinrich Mueller, the former head of the Gestapo who had become a secret, long-time asset to the CIA. Crowley contacted Douglas and they began a series of long and often very informative telephone conversations that lasted for four years. In 1996, Crowley told Douglas that he believed him to be the person that should ultimately tell Crowley’s story but only after Crowley’s death. Douglas, for his part, became so entranced with some of the material that Crowley began to share with him that he secretly began to record their conversations, later transcribing them word for word, planning to incorporate some, or all, of the material in later publications

Conversation No. 81

Date: Sunday, April 20, 1997

Commenced: 9;10 AM CST

Concluded: 9:27AM CST

GD: Just to let you know, Robert, I was able to sell the two drawings I got from Mueller.

RTC: Very good, Gregory. Did you get your price for them?

GD Yes. Fine Chagal trash. I can understand why Hitler burned a lot of this but it does sell. Mueller must have had a warehouse full of this. Much of it came from Jewish collections in Paris and Amsterdam and to my mind, just artistic trash. Same school as the idea that Myron and Estelle bought the Picasso because it matched their rug. Taste up the anus. A friend of mine was in Paris and visited the Rothschild palace there. The building was a beautiful place but the gaudy garbage inside looked like the parlor of a Tijuana whorehouse.

RTC: (Laughter) Well, there’s no disputing tastes, is there?

GD: No, but art is art and junk is junk. Stolen junk but junk the same.

RTC: What about the Polish piece?

GD: That Raphael? It’s safe now. When Heini died, his wife begged me to get it out of the house before someone saw it so I was of assistance. ‘Portait of a Gentlemen.” Looked more like a Hollywood makeup artist if you ask me but a beautiful piece. Well, Frank looted it and the Leonardo from the Poles in ’39 and they got the ‘Lady with the Ermine’ back but the Gestapo had bagged the Raphael and Mueller took it at the end week of the war. The Germans were looking for portable treasures, you know. , and after the war into the hands of its liberators for precisely the same reason. Many paintings, sculptures, rare books, manuscripts and other valuables have never surfaced in public since the war ended in 1945.The Raphael belonged to the wealthy Polish Czartoryski family. Hans Frank, the Governor of the former Polish territory. Frank brought the painting back to Germany since he had to evacuate his post as the Soviets advanced into Poland. The Raphael was taken from Frank by the Gestapo, and the Americans seized the Da Vinci and later returned it to the Poles. The Raphael painting, “Portrait of a Gentleman,” is still listed as missing.

RTC: I understand we got our hands on boatloads of stolen art. Wasn’t Mueller selling it as I recall?

GD: Yes. He got the Rothschild coins, which consisted of a collection of over 2,000 rare gold coins taken from the Vienna branch of the Rothschild family and kept at the Hohenfurth monastery in Czechoslovakia for safe keeping. These coins were taken from the Linz collection in the last month of the war by Dr. von Hummel, Bormann’s secretary, and Dr. Rupprecht, curator of Hitler’s armor collection and an acquaintance of Müller. The collection was transported by car to Berchtesgaden and vanished from sight.

RTC: Did Mueller get these too, are you sure?

GD: I have seen some of them. Yes. Of course the Raphael would be impossible to sell in public auction, but the coins are a different matter. Some for the wife and his second family, some for my dealer friends and some for me. A good, constructive business, Robert.

RTC: All that income was most welcome.

GD: Oh yes, and I wonder how many top CIA people have a Raphael or Fra Fillippi print  on their walls. I have a few of my own. Who can prove where they came from? Who cares? On the other hand, if the Polacks discovered where the Raphael was now, there would be many loud questions asked.

RTC: I would imagine that we kept most of that noise making down. Amazing what a few private threats will do.

GD: Well, if I had it, I would just hang it on my wall and avoid eating Polish sausage. My God, Heini made millions with the stuff. And I’ll bet he even gave you people a few dollars out of the kindness of his heart.

RTC: We take it where we get it. Swiss gold, Nazi looted art, drugs, name it and rejoice.

GD: Name it? You adulterated the gold reserves of a number of our blessed allies during the war…or rather after it. They think they have pure gold bars but what they do have are low grade gold heavily plated. Well, they put the stuff in their vaults and never use it. And how much of the other countries stuff did you keep? I mean, just to protect it from the Russians? Of course they stole too but we beat them to most of it. I have a tea service that belonged to Catherine the Great but someone want to buy it so I may part with it. I don’t give tea parties these days and silver is so hard to keep clean.

RTC: If you have a nice porcelain teapot, Emily would love it.

GD: I have about eight in storage. Eighteenth century French do?

RTC: Original?

GD: Of course. Who knows where it came from so enjoy it. I have a nice gold cigarette case that belonged to Nicholas the Second. Faberge work. Don’t smoke but it looks nice on the table right under a nice oil of the last Tsar. They smoked long cigarettes with attached cardboard holders. Has Nicky’s initial set with stones on the front lower right. You smoke?

RTC: Well……..I’m not supposed to. Were you going to give me the gold case?

GD: I thought a box of Camels might do.

RTC: A very kind person. But you don’t smoke.

GD: Ah, but you’re not supposed to. How about a nice eighteenth century silver Torah? The Gestapo bagged it in some synagogue in Stuttgard in November of 38. Tag and all. Fine work but it looks weird in the hall and like the silver service, it’s a bitch to keep clean.

RTC: No thanks.

 

(Concluded at 9:27 AM CST)

              https://www.amazon.com/s/ref=nb_sb_noss?url=search-alias%3Daps&field-keywords=Conversations+with+the+Crow+by+Gregory+Douglas

 

Adelaide breaks its all-time heat record, hitting 46.6C,(115 F) in extreme Australia heatwave

Seventeen records broken in South Australia amid animal culls and mass fish deaths in other parts of the country

January 24, 2019

by Naaman Zhou

The Guardian

Temperature records have tumbled across South Australia, with the city of Adelaide experiencing its hottest day on record, as the second heatwave in as many weeks hit southern parts of Australia.

Adelaide hit 46.6C (115.88 F) on Thursday afternoon, the hottest temperature recording in any Australian state capital city since records began 80 years ago.

The Red Lion, a pub in the city’s Elizabeth North suburb, promised to hand out free beers if the mercury rose above 45C.(113 F) By 1pm, there was a line out the door and round the block.

In Port Augusta, 300km north-west, an all-time record was also set, as the city hit 49.5C. (121.1F)

Last week, temperatures in Adelaide, home to 1.3 million people, hit 45C,(113 F) sending homelessness shelters into a “code red”, and sparking fears of another mass fish death in the Menindee Lakes in the neighbouring state of New South Wales.

In central and western Australia, local authorities were forced to carry out an emergency animal cull, shooting 2,500 camels – and potentially a further hundred feral horses – who were dying of thirst.

On Thursday, 17 records were broken across South Australia, either of all-time temperatures or January records.

Sternhouse Bay (45.6C)(114.08F) , Port Lincoln (47C)(116.6F), Minnipa (47.3)(118.04F), and Snowtown (47.3C)(117.14F) were among the hottest, with Snowtown beating its previous record by 1.3C.(34.34F)

Thursday’s heat is set to spread across the states of Victoria and New South Wales, just days after an earlier record-breaking heatwave passed across the country.

Last week, a dozen heat records fell, with nine alone in NSW. The small NSW outpost of Noona, around 800km west of Sydney, recorded the country’s highest ever overnight minimum temperature of 35.9C.

The back-to-back heatwaves are part of a summer that the Bureau of Meteorology predicted as being hotter and drier than average, partially as a result of climate change.

On Friday, Victoria will become the “hottest place in Australia”, according to Jonathan How from the bureau.

The cities of Mildura, Swan Hill and Echuca are set for 46C (114.8F), which could break records.

In Melbourne, as Novak Djokovic and Lucas Pouille settle in for the semi-finals of the Australian Open, the maximum temperature will be 43C,(109.4F) with 44C (111.2 F) in some suburbs.

 

European court orders Italy to pay Amanda Knox damages

Europe’s top human rights court says Italy did not give Amanda Knox a lawyer when questioned by police over her British roommate. Knox spent four years in prison in Italy before she was acquitted.

January 24, 2018

DW

The European Court of Human Rights (ECHR) on Thursday ordered Italy to pay more than €18,000 ($20,000) to Amanda Knox after finding police denied her proper legal representation during questioning over the murder of her British roommate in 2007.

Knox complained to the ECHR that Italy had violated her rights by not providing a lawyer and said her police interpreter had acted unprofessionally. She also claimed that officers failed to investigate her allegations of being mistreated during questioning.

The court agreed that Italy’s failure to provide a lawyer or professional interpreter could have negatively affected later legal proceedings. It ordered Italy to pay €10,400 in damages plus €8,000 for Knox’s legal costs and expenses.

The court however found no evidence for Knox’s claim that she was mistreated during questioning.

Knox, a US citizen, and her former Italian boyfriend Raffaele Sollecito were found guilty of murdering Meredith Kercher, a fellow student, in the Italian town of Perugia in 2009. Both were released on appeal two years later.

Italy’s supreme court finally acquitted Knox and Sollecito of any wrongdoing in 2015. Rudy Guede, a local drug dealer, was convicted of Kercher’s murder in 2010.

Authorities say Guede did not act alone, but are yet to convict anyone else for the crime.

 

Everybody Does It: The Messy Truth About Infiltrating Computer Supply Chains

January 24, 2019

by Micah Lee and Henrik Moltke

The Intercept

In October, Bloomberg Businessweek published an alarming story: Operatives working for China’s People’s Liberation Army had secretly implanted microchips into motherboards made in China and sold by U.S.-based Supermicro, giving Chinese spies clandestine access to servers belonging to over 30 American companies, including Apple, Amazon, and various government suppliers, in an operation known as a “supply chain attack,” in which malicious hardware or software is inserted into products before they are shipped to surveillance targets.

Bloomberg’s report, based on 17 anonymous sources, including “six current and former senior national security officials,” began to crumble soon after publication as key parties issued swift and unequivocal denials. Apple said that “there is no truth” to the claim that it discovered malicious chips in its servers. Amazon said the Bloomberg report had “so many inaccuracies … as it relates to Amazon that they’re hard to count.” Supermicro stated it never heard from customers about any malicious chips or found any, including in an audit it hired another company to conduct. Spokespeople for the Department of Homeland Security and the U.K.’s National Cyber Security Centre said they saw no reason to doubt the companies’ denials. Two named sources in the story have publicly stated that they’re skeptical of its conclusions.

But while Bloomberg’s story may well be completely (or partly) wrong, the danger of China compromising hardware supply chains is very real, judging from classified intelligence documents. U.S. spy agencies were warned about the threat in stark terms nearly a decade ago and even assessed that China was adept at corrupting the software bundled closest to a computer’s hardware at the factory, threatening some of the U.S. government’s most sensitive machines, according to documents provided by National Security Agency whistleblower Edward Snowden. The documents also detail how the U.S. and its allies have themselves systematically targeted and subverted tech supply chains, with the NSA conducting its own such operations, including in China, in partnership with the CIA and other intelligence agencies. The documents also disclose supply chain operations by German and French intelligence.

What’s clear is that supply chain attacks are a well-established, if underappreciated, method of surveillance — and much work remains to be done to secure computing devices from this type of compromise.

“An increasing number of actors are seeking the capability to target … supply chains and other components of the U.S. information infrastructure,” the intelligence community stated in a secret 2009 report. “Intelligence reporting provides only limited information on efforts to compromise supply chains, in large part because we do not have the access or technology in place necessary for reliable detection of such operations.”

Nicholas Weaver, a security researcher of the International Computer Science Institute, affiliated with the University of California, Berkeley, told The Intercept, “The Bloomberg/SuperMicro story was so disturbing because an attack as described would have worked, even if at this point we can safely conclude that the Bloomberg story itself is bovine excrement. And now if I’m China, I’d be thinking, ‘I’m doing the time, might as well do the crime!’”

While the Bloomberg story painted a dramatic picture, the one that emerges from the Snowden documents is fragmented and incomplete — but grounded in the deep intelligence resources available to the U.S. government. This story is an attempt to summarize what that material has to say about supply chain attacks, from undisclosed documents we’re publishing for the first time today, documents that have been published already, and documents that have been published only in part or with little to no editorial commentary. The documents we draw on were written between 2007 and 2013; supply chain vulnerabilities have apparently been a problem for a long time.

None of the material reflects directly on Bloomberg Businessweek’s specific claims. The publication has not commented on the controversy around its reporting beyond this statement: “Bloomberg Businessweek’s investigation is the result of more than a year of reporting, during which we conducted more than 100 interviews. Seventeen individual sources, including government officials and insiders at the companies, confirmed the manipulation of hardware and other elements of the attacks. We also published three companies’ full statements, as well as a statement from China’s Ministry of Foreign Affairs. We stand by our story and are confident in our reporting and sources.”

U.S. “Critical Infrastructure” Is Vulnerable to Supply Chain Attacks

The U.S. government as a general matter takes seriously the possibility of supply chain tampering, and of China in particular conducting such meddling, including during manufacturing, according to government documents.

A classified 2011 Department of Defense “Strategy for Operating in Cyberspace” refers to supply chain vulnerabilities as one of the “central aspects of the cyber threat,” adding that the U.S.’s reliance on foreign factories and suppliers “provides broad opportunities for foreign actors to subvert and interdict U.S. supply chains at points of design, manufacture, service, distribution, and disposal.”

Chinese hardware providers could position themselves in U.S. industry to compromise “critical infrastructure upon which DoD depends,” according to the document.

Another classified document, a 2009 National Intelligence Estimate about “The Global Cyber Threat to the US Information Infrastructure,” assessed with “high confidence” that there was an increased “potential for persistent, stealthy subversions” in technology supply chains due to globalization and with “moderate confidence” that this would occur in part by tampering with manufacturing and by “taking advantage of insiders.” Such “resource-intensive tactics” would be adopted, the document claimed, to counter additional security on classified U.S. networks.

Each National Intelligence Estimate focuses on a particular issue and represents the collective judgment of all U.S. intelligence agencies, as distilled by the director of national intelligence. The 2009 NIE singled out China and Russia as “the greatest cyber threats” to the U.S. and its allies, saying that Russia had the ability to conduct supply chain operations and that China was conducting “insider access, close access, remote access, and probably supply chain operations.” In a section devoted to “Outside Reviewers’ Comments,” one such reviewer, a former executive at a maker of communications hardware, suggested that the intelligence community look more closely at the Chinese supply chain. The reviewer added:

The deep influence of the Chinese government on their electronics manufacturers, the increasing complexity and sophistication of these products, and their pervasive presence in global communications networks increases the likelihood of the subtle compromise — perhaps a systemic but deniable compromise — of these products.

The NIE even flagged supply chain attacks as a threat to the integrity of electronic voting machines, since the machines are “subject to many of the same vulnerabilities as other computers,” although it noted that, at the time in 2009, U.S. intelligence was not aware of any attempts “to use cyber attacks to affect U.S. elections.”

Beyond mostly vague concerns involving Russia and China, the U.S. intelligence community did not know what to make of the vulnerability of computer supply chains. Conducting such attacks was “difficult and resource-intensive,” according to the NIE, but beyond that, it had little information to understand the scope of the problem: “The unwillingness of victims and investigating agencies to report incidents” and the lack of technology to detect tampering meant that “considerable uncertainty overshadows our assessment of the threat posed by supply chain operations,” the NIE said.

A section within the 2011 Department of Defense Strategy for Operating in Cyberspace is devoted to the risk of supply chain attacks. This section describes a strategy to “manage and mitigate the risk of untrustworthy technology used by the telecommunications sector,” in part by bolstering U.S. manufacturing, to be fully operational by 2016, two years after Bloomberg said the Supermicro supply chain attack occurred. It’s not clear if the strategy ever became operational; the Defense Department, which published an unclassified version of the same document, did not respond to a request for comment. But the 2009 NIE said that “exclusion of foreign software and hardware from sensitive networks and applications is already extremely difficult” and that even if an exclusion policy were successful “opportunities for subversion will still exist through front companies in the United States and adversary use of insider access in US companies.”

A third document, a page on “Supply Chain Cyber Threats” from Intellipedia, an internal wiki for the U.S. intelligence community, included classified passages echoing similar worries about supply chains. A snapshot of the page from 2012 included a section, attributed to the CIA, saying that “the specter of computer hardware subversion causing weapons to fail in times of crisis, or secretly corrupting crucial data, is a growing concern. Computer chips are increasingly complex and subtle modifications made in design or manufacturing processes could be made impossible to detect with the practical means currently available.” Another passage, attributed to the Defense Intelligence Agency, flagged application servers, routers, and switches as among the hardware likely “vulnerable to the global supply chain threat” and added that “supply chain concerns will be exacerbated as U.S. providers of cybersecurity products and services are acquired by foreign firms.”

A 2012 snapshot of a different Intellipedia page listed supply chain attacks first among threats to so-called air-gapped computers, which are kept isolated from the internet and are used by spy agencies to handle particularly sensitive information. The document also said that Russia “has experience with supply chain operations” and stated that “Russian software companies have set up offices in the United States, possibly to deflect attention from their Russian origins and to be more acceptable to U.S. government purchasing agents.” (Similar concerns over Russian antivirus software firm Kaspersky Lab led to a recent ban on the use of Kaspersky software within the U.S. government.) Kaspersky Lab has repeatedly denied that it has ties to any government and said it would not help a government with cyber espionage. Kaspersky is even reported to have helped expose former NSA contractor Harold T. Martin III, who was charged with large-scale theft of classified data from the NSA.

Chinese Telecom Firm Seen as Threat

Beyond broad worries, the U.S. intelligence community had some specific concerns about China’s ability to use the supply chain for espionage.

The 2011 Defense Department strategy document said, without elaborating, that Chinese telecommunications equipment providers suspected of ties to the People’s Liberation Army “pursue inroads into the U.S. telecommunications infrastructure.”

This may be a reference, at least in part, to Huawei, the Chinese telecommunications giant that the department feared would create backdoors in equipment sold to U.S. communications providers. The NSA went as far as to hack into Huawei’s corporate communications, looking for links between the company and the People’s Liberation Army, as reported jointly by the New York Times and the German news magazine Der Spiegel. The report cited no evidence linking Huawei to the People’s Liberation Army, and a spokesperson from the company told the publications it was ironic that “they are doing to us is what they have always charged that the Chinese are doing through us.”

The U.S. intelligence community appeared concerned that Huawei might help the Chinese government tap into a sensitive transatlantic telecommunications cable known as “TAT-14,” according to a top-secret NSA briefing on Huawei. The cable carried defense industry communication on a segment between New Jersey and Denmark; a 2008 upgrade was contracted to Mitsubishi, which “subcontracted the work Out to Huawei. Who in turn upgraded the system with a High End router of their own,” as the document put it. As a broader concern, the document added that there were indications the Chinese government might use Huawei’s “market penetration for its own SIGINT purposes” — that is, for signals intelligence. A Huawei spokesperson did not comment in time for publication.

Filmware Attacks Worry U.S. Intelligence

In other documents, spy agencies flagged another specific concern, China’s growing prowess at exploiting the BIOS, or the Basic Input/Output System. The BIOS, which is also known by the acronyms EFI and UEFI, is the first code that gets executed when a computer is powered on before launching an operating system like Windows, macOS, or Linux. The software that makes up the BIOS is stored on a chip on the computer’s motherboard, not on the hard drive; it is often referred to as “firmware” because it is tied so closely to the hardware. Like any software, the BIOS can be modified to be malicious and is a particularly good target for computer attacks because it resides outside the operating system and thus, cannot be easily detected. It is not even affected when a user erases the hard drive or installs a fresh operating system.

The Defense Intelligence Agency believed that China’s capability at exploiting the BIOS “reflects a qualitative leap forward in exploitation that is difficult to detect,” according to the “BIOS Implants” section in the Intellipedia article on threats to air-gapped computers. The section further stated that “recent reporting,” presumably involving BIOS implants, “corroborates the tentative view in a 2008 national intelligence estimate that China is capable of intrusions more sophisticated than those currently observed by U.S. network defenders.”

A 2012 snapshot of another Intellipedia page, on “BIOS Threats,” flags the BIOS’s vulnerability to supply chain meddling and insider threats. Significantly, the document also appears to refer to the U.S. intelligence community’s discovery of BIOS malware from China’s People’s Liberation Army, stating that “PLA and [Russian] MAKERSMARK versions do not appear to have a common link beyond the interest in developing more persistent and stealthy” forms of hacking. The “versions” mentioned appear to be instances of malicious BIOS firmware from both countries, judging from footnotes and other context in the document.

The Intellipedia page also contained indications that China may have figured out a way to compromise the BIOS software that’s manufactured by two companies, American Megatrends, commonly known as AMI, and Phoenix Technologies, which makes Award BIOS chips.

In a paragraph marked top secret, the page stated, “Among currently compromised are AMI and Award based BIOS versions. The threat that BIOS implants pose increases significantly for systems running on compromised versions.” After these two sentences, concluding the paragraph, is a footnote to a top-secret document, which The Intercept has not seen, titled “Probable Contractor to PRC People’s Liberation Army Conducts Computer Network Exploitation Against Taiwan Critical Infrastructure Networks; Develops Network Attack Capabilities.”

The word “compromised” could have different meanings in this context and does not necessarily indicate that a successful Chinese attack occurred; it could simply mean that specific versions of AMI and Phoenix’s Award BIOS software contained vulnerabilities that U.S. spies knew about. “It’s very puzzling that we haven’t seen evidence of more firmware attacks,” said Trammell Hudson, a security researcher at the hedge fund Two Sigma Investments and co-discoverer of a series of BIOS vulnerabilities in MacBooks known as Thunderstrike. “Most every security conference debuts several new vulnerability proof-of-concepts, but … the only public disclosure of compromised firmware in the wild” came in 2015, when Kaspersky Lab announced the discovery of malicious hard drive firmware from an advanced hacking operation dubbed Equation Group. “Either as an industry we’re not very good at detecting them, or these firmware attacks and hardware implants are only used in very tailored access operations.”

Hudson added, “It is quite worrisome that many systems never receive firmware updates after they ship, and the numerous embedded devices in a system are even less likely to receive updates. Any compromises against the older versions have a ‘forever day’ aspect that means that they will remain useful for adversaries against systems that might be in use for many years.”

American Megatrends issued the following statement: “The BIOS firmware industry, and computing as a whole, has taken incredible steps towards security since 2012. The information in the Snowden document concerns platforms that pre-date current BIOS-level security. We have processes in place to identify security vulnerabilities in boot firmware and promptly provide the mitigation to our OEM and ODM customers for their platforms.”

Phoenix Technologies issued the following statement: “The attacks described in the document are well-understood in the industry. Award BIOS was superseded by today’s more secure UEFI framework which contained mitigations for these types of firmware attacks many years ago.”

Successful Supply Chain Attacks by France, Germany, and the U.S.

The Snowden documents reviewed so far discuss, in often vague and uncertain terms, what U.S. intelligence believes its adversaries like China and Russia are capable of. But these documents and others also discuss in much more specific terms what the U.S. and its allies are capable of, including descriptions of specific, successful supply chain operations. They also describe in broad strokes the capabilities of various NSA programs and units against supply chains.

The Intellipedia page on threats to air-gapped networks disclosed that as of 2005, Germany’s foreign intelligence agency, the BND, “has established a few commercial front companies that it would use to gain supply chain access to unidentified computer components.” The page attributes this knowledge to “information obtained during an official liaison exchange.” The page did not mention who BND’s target was or what sorts of activities the front companies were engaged in.

BND has been “setting up front companies for both HUMINT and SIGINT operations since the 1950s,” said Erich Schmidt-Eenboom, German author and BND expert, using the jargon terms for intelligence gathered both by human spies and through electronic eavesdropping, respectively. “As a rule, a full-time BND employee will found a small GmbH [company], which is responsible for a single operation. In the SIGINT area, this GmbH also maintains contacts with industrial partners.”

BND did not respond to a request for comment.

The Intellipedia page also stated that, beginning in 2002, France’s intelligence agency, DGSE, “delivered computers and fax equipment to Senegal’s security services and by 2004 could access all the information processed by these systems, according to a cooperative source with indirect access.” Senegal is a former French colony. Representatives of the Senegalese government did not respond to a request for comment. DGSE declined to comment.

Much of what’s been reported about the U.S.’s supply chain attack capabilities came from a June 2010 NSA document that The Intercept’s co-founder Glenn Greenwald published with his 2014 book “No Place to Hide.” The document, an article from an internal NSA news site called SIDtoday, was published again in 2015 in Der Spiegel with fewer redactions (but without any new analysis).

SIDtoday concisely explained one NSA approach to supply chain attacks (formatting is from the original article):

Shipments of computer network devices (servers, routers, etc.) being delivered to our targets throughout the world are intercepted. Next, they are redirected to a secret location where Tailored Access Operations/Access Operations (AO – S326) employees, with the support of the Remote Operations Center (S321), enable the installation of beacon implants directly into our targets’ electronic devices. These devices are then re-packaged and placed back into transit to the original destination.

Supply chain “interdiction” attacks like this involve compromising computer hardware while it’s being transported to the customer. They target a different part of the supply chain than the attack described by Bloomberg; Bloomberg’s story said Chinese spies installed malicious microchips into server motherboards while they were being manufactured at the factory, rather than while they were in transit. The NSA document said its interdiction attacks “are some of the most productive operations in TAO,” or Tailored Access Operations, NSA’s offensive hacking unit, “because they pre-position access points into hard target networks around the world.” (TAO is known today as Computer Network Operations.)

Interdicting specific shipments may carry less risk for a spy agency than implanting malicious microchips en masse at factories. “A design/manufacturing attack of the sort alleged by Bloomberg is plausible,” Eva Galperin, director of cybersecurity at the Electronic Frontier Foundation, told The Intercept. “That’s exactly why the story was such a big deal. But just because it’s plausible doesn’t mean it’s happened, and Bloomberg just didn’t bring in enough evidence, in my opinion, to support their claim.” She added, “What we do know is that a design/manufacturing attack is highly risky for the attacker and that there are many less risky alternatives that are better suited to the task at hand.

The 2010 document also described a successful NSA attack against the state-run Syrian Telecommunications Establishment. The NSA knew the company had ordered computer network devices for its internet backbone, so the agency interdicted these devices and redirected them to a “load station,” where the agency implanted “beacons” and then placed the devices back into transit.

Several months after Syrian Telecom received the devices, one of the beacons “called back to the NSA covert infrastructure.” At that point, the NSA used its implant to survey the network where the device was installed and discovered that the device gave much greater access than expected; in addition to the internet backbone, it provided access into the national cellular network operated by Syrian Telecom, since the cellular traffic traversed the backbone.

“Since the STE GSM [cellular] network has never been exploited, this new access represented a real coup,” the author of the NSA document wrote. This allowed the NSA to “automatically exfiltrate” information about Syria Telecom cellular subscribers, including who they called, when, and their geographical locations as they carried their phones throughout the day. It also enabled the NSA to gain further access to cellular networks in the region.

Another NSA document describes a different successful attack conducted by the agency. A slide from a 2013 NSA “program management review” described a top-secret supply chain operation targeting a Voice-Over-IP network for classified online phone calls. At an “overseas location,” the NSA intercepted an order of equipment for this network from a manufacturer in China and compromised it with implant beacons.

“The analysis and reporting on this target identified, with high granularity, [the target’s] method of hardware procurement,” stated a presentation slide. “As a result of these efforts, NSA and its [Intelligence Community] partners are now positioned for success with future opportunities.”

NSA Operations in “Adversary Space”

In addition to information about specific supply chain operations by the U.S. and its allies, Snowden documents also include more general information about U.S. capabilities.

Computer hardware can be altered at various points along the supply chain, from design to manufacturing to storage to shipment. The U.S. is among the small number of countries that could, in theory, compromise devices at many different points in this pipeline, thanks to its resources and geographic reach.

This was underlined in a top-secret 2011 presentation about the Special Collection Service, a joint NSA/CIA spying program operating out of U.S. diplomatic facilities overseas. It referred to 80 global SCS sites as “points of presence” providing a “home field advantage in [the] adversary’s space,” from which “human enabled SIGINT,” can be conducted, and where supply chain “opportunities” present themselves, a suggestion that the NSA and CIA conduct supply chain attacks from U.S. embassies and consulates around the world. (The presentation was published by Der Spiegel in 2014, alongside 52 other documents, and apparently never written about. The Intercept is republishing it to include the speaker notes.)

One program that goes after computer supply chains in this manner is the NSA’s SENTRY OSPREY, in which the agency uses human spies to bug digital intelligence sources, or, as the top-secret briefing published by The Intercept in 2014 puts it, “employs its own HUMINT assets […] to support SIGINT operations,” including “close access” operations that essentially put humans right up against physical infrastructure. These operations, conducted in conjunction with partners like the CIA, FBI, and Defense Intelligence Agency, appear to have included attempts to implant bugs and compromise supply chains; a 2012 classification guide said they included “supply chain-enabling” and “hardware implant-enabling” — as well as “forward-based [program] presence” at sites in Beijing, as well as South Korea and Germany, all home to telecommunications manufacturers. Another program, SENTRY OWL, works “with specific foreign partners… and foreign commercial industry entities” to make devices and products “exploitable for SIGINT,” according to the briefing.

The Persistence Division

The NSA’s Tailored Access Operations played a critical role in the U.S. government’s supply chain interdiction operations. In addition to helping intercept shipments of computer hardware to secretly install hardware implants, one division of TAO, known as the “Persistence Division,” was tasked with actually creating the implants.

2007 top-secret presentation about TAO described “sophisticated” covert hacking of software, including firmware, over a computer network “or by physical interdiction,” and credits these attacks with providing U.S. spy agencies “some of their most significant successes.”

Another document, a 2007 NSA wiki page titled “Intern Projects,” first published by Der Spiegel, described “ideas about possible future projects for the Persistence Division.” The projects described involved adding new capabilities to the NSA’s existing malicious firmware-based implants. These implants could be inserted into target computers via supply chain attacks.

One potential project proposed to expand a type of BIOS malware to work with computers running the Linux operating system and to offer more ways to exploit Windows computers.

Another suggested targeting so-called virtualization technology on computer processors, which allows the processors to more efficiently and reliably segregate so-called virtual machines, software to simulate multiple computers on a single computer. The proposed project would develop a “hypervisor implant,” indicating that it intended to target the software that coordinates the operation of virtual machines, known as the hypervisor. Hypervisors and virtual machines are used widely by cloud hosting providers. The implant would leverage support for virtual machines in both Intel and AMD processors. (Intel and AMD did not respond to requests for comment.)

Another possible project envisioned attaching a short hop radio to a hard drive’s serial port and communicating with it using a firmware implant. Yet another aimed to develop firmware implants targeting hard drives built by U.S. data storage company Seagate. (Seagate did not respond to a request for comment.)

Where to Hide Your Hardware Implant?

One of the reasons spy agencies like the NSA fear supply chain compromise is that there are so many places on a typical computer to hide a spy implant.

“Servers today have dozens of components with firmware and hundreds of active components,” said Joe FitzPatrick, a hardware security trainer and researcher. “The only way to give it a truly clean bill of health is in-depth destructive testing that depends on a ‘gold standard’ good reference to compare to — except defining that ‘gold standard’ is difficult to impossible. The much greater risk is that even perfect hardware can have vulnerable firmware and software.”

The Intellipedia page about supply chain threats lists and analyzes the various pieces of hardware where a computer could be compromised, including power supplies (“could be set to … self-destruct, damage the computer’s motherboard … or even start a fire or explosion”); network cards (“well-positioned to plant malware and exfiltrate information”); disk controllers (“Better than a root kit”); and the graphics processing unit, or GPU (“well positioned to scan the computer’s screen for sensitive information”).

According to the Bloomberg report, Chinese spies connected their malicious microchip to baseboard management controllers, or BMCs, miniature computers that are hooked into servers to give administrators remote access to troubleshoot or reboot the servers.

FitzPatrick, quoted by Bloomberg, is skeptical of the Supermicro story, including its description of how spies exploited the BMCs. But experts agreed that placing a backdoor into the BMC would be a good way to compromise a server. In a follow-up story, Bloomberg alleged that a “major U.S. telecommunications company” discovered a Supermicro server with an implant built into the Ethernet network card, which is one of the pieces of hardware listed in the Intellipedia page that’s vulnerable to supply chain attacks. FitzPatrick was, again, skeptical of the claims.

After the Bloomberg story was published, in a blog post on Lawfare, Weaver, the Berkeley security researcher, argued that the U.S. government should reduce the number of “components that need to execute with integrity” to only the central processing unit, or CPU, and require that that these “trusted base” components used in government systems be manufactured in the U.S., and by U.S. companies. In this way, the rest of the computer could be safely manufactured in China — systems would work securely even if components outside the trusted base, such as the motherboard, carried malicious implants. Apple’s iPhone and Intel’s Boot Guard, he argued, already work in this way. Due to the government’s purchasing power, “it should be plausible to write supply rules that, after a couple years, effectively require that U.S. government systems are built in a way that resists most supply chain attacks,” he told The Intercept.

While supply chain operations are used in real cyberattacks, they seem to be rare compared to more traditional forms of hacking, like spear-phishing and malware attacks over the internet. The NSA uses them to access “isolated or complex networks,” according to a 2007 top-secret presentation about TAO.

“Supply chain attacks are something individuals, companies, and governments need to be aware of. The potential risk needs to be weighed against other factors,” FitzPatrick said. “The reality is that most organizations have plenty of vulnerabilities that don’t require supply chain attacks to exploit.”

 

 

 

No responses yet

Leave a Reply