The Baker Leak Investigation

One of the things that we have continuously heard in the news cycle is how former FBI General Counsel James A. Baker is under investigation for leaking. Just to give a quick background on him, when he left the FBI, he became a fellow for Brookings Institute and wrote for Lawfare. In 2019 he joined R Street, a conservative think tank. Looking up R Street, they used to be a part of The Heartland Institute, but broke away after a disagreement on climate change. I will post what happened below, but it is important to note that Charles Koch is a donor to The Heartland Institute just to map what end of conservatism we are on.

Report the ad team to the FBI

It has recently come into the news cycle that AG Barr has tapped John Durham to lead a new DOJ probe into the origins of the FBI’s opening of Crossfire Hurricane. People were quick to note that John Durham is also leading the Baker leak investigation. I have seen the Baker leak investigation being reported alongside the passing of the Steele Dossier from reporter David Corn to Baker a week after Corn wrote his Halloween article on Carter Page. This being the subject of the leak investigation made little sense because Corn sent the information up to Baker therefor, if anything, Corn was submitting a tip to the FBI.

Seeing that there may be more to this story, a quick search led to figuring out that his leak involved the Yahoo! Email Scan. He had been put under investigation for apparently leaking information while correcting a false story. You can read about more details pertaining to his leak investigation here, but in short it brings forward a wide variance of issues surrounding FISA and 702s.

The area where I want to focus is the Yahoo Email Scan that was first reported by Reuters on October 3, 2016. On behalf of the FBI or NSA, Yahoo! had built in a function that scans all incoming user emails dating back to 2015. This represents the first time that a major tech company obliged to an intelligence agencies request for incoming emails instead of the ones that had already been sent. This also caused controversy because Yahoo! did not fight the request, they only obliged. In the article, Reuters points out that internet giants handing over bulk information is common, but real time tracking is a first. This also brought up concerns over the 702 access in regards to American privacy rights per the constitution. Senator Ron Wyden chimed in to defend the process. It is an odd request too, for emails why would real time be necessary since the communication would be there waiting?

To add an extra layer of drama, on October 6, 2016 Admiral Mike Rodgers, the head of the NSA, denied the claims in the Reuters article that all emails were being scanned. He specified that it would be illegal to do so. Instead, he specified that in order for the FISA court to approve surveillance, there would have to be a specific scope that is allowed to be spied on. The article then goes into more details as to what exactly Yahoo! did to comply with the court ordered demands.

Yahoo! had modified their software that already scans emails for spam, malware, and child pornography. They were provided a specific character string which would be searched for on all incoming emails with the ones with the character string being reported back. Essentially, another spam filter. So what can this specific character string be? The Reuters article gives a hint.

Originally, I had thought that the real time monitoring was used to spy on the common communication workaround that is known as drafting. In short with drafting, you use a shared email account which you only draft an email and the other person logs on and just reads the draft. This prevents a communication being sent which doesn’t leave a signature or trail. This was popularized during the Patreaus case where he was drafting to send information over to Paula Broadwell, the reporter he was leaking to and having an affair with. If interested, I had written about Patreaus in a past post called Drones.

After realizing that this can not be the answer as it has to do with specific character strings, looking into the lead provided by Reuters yielded some fruit. Upon reviewing the Yahoo! hack that started in 2014, the hackers had used forged cookies to intrude into the emails. The hackers had broken into the source code for Yahoo! email and were able to enter the system without any password. If I had to take a guess, they most likely recognized the cookie which leaves you logged into a laptop or device without having to sign in every time and replicated the cookie in order to create a skeleton key type of access. From a user standpoint, there is nothing that can be done as this was a hack on Yahoo! itself and once you have the source code, you have the keys to the kingdom.

In terms of the specific character string that was being requested, doing a little searching, cookies are sent with emails. If I had to guess once again, the FBI was able to identify a forged cookie and use that forged cookie to track down other forged cookies to see which accounts were being rooted and map out a network in order to help identify where this is stemming from. In Baker’s correction, perhaps this was the investigative technique that was leaked?

Almost a thousand words in, and we are only beginning. When tackling this subject, I had reached out to see if any of the famous Spygate characters had Yahoo! email accounts. The first hit was top Hillary Clinton aide, Huma Abedin. Abedin also happens to be married to pervert Anthony Weiner. If James Comey is reading this blog he now knows that they are married. Abedin’s case was brought into the spotlight when she was caught forwarding sensitive State Department emails and passwords to government systems to her personal Yahoo! email account in 2009. This was before every single Yahoo! email account was hacked.

Taking a look at the MYE OIG Report, the FBI had obtained a 2703 (d) for Abedin’s emails on February 18, 2016. By June, they had concluded that the emails were no longer in her email account. Issue is that there was a confirmed classified document from the State Department which would have been included in the Yahoo! hack as Clinton was out as Secretary of State by 2013.

Another Spygate character who also used a Yahoo! email account was Ukrainian DNC operative Alexandra Chalupa. The story was broken by the man who birthed the Trump-Russia Collusion narrative on September 23, 2016, Michael Isikoff. In his article he explains how a DNC operative in Ukraine had a Yahoo! email account was receiving notifications that her email was being targeted by state sponsored actors. Isikoff links to the email between Chalupa and Luis Miranda from the DNC. What is funny when you actually read the email dated May 3, 2016, Chalupa admits that she was already working with Isikoff for the past few weeks. She includes a screen shot of the notification where she also leaves her tabs open showing that she was researching Paul Manafort. From a personal standpoint, I find it odd how specific the notification is, it shows that Yahoo! has a built in algorithm that is able to differentiate attacks from state sponsored attacks. Could this be the forged cookies?

Now that we have a few targets recognized, heading back to the Daily Caller article, they mention that the Yahoo! hacks have been attributed to Igor Sushchin, a Russian intelligence agent. Looking over the indictment, the intrusions started in 2014 and continued to and included at least September 2016. The Reuters article which I attributed to Baker was posted on October 4, 2016. It is worth noting that the hackers still had access in the system until November 2016.

This has me wondering if the hacks on the DNC and DCCC stemmed from the Sushchin hack. Reading the indictment, their spearfishing also targeted Google accounts and that can crossover to another Clinton staffer Cheryl Mills. She has a clone story to Huma Abedin, only it is Gmail instead of Yahoo!.

While I thought I would be done by now, Twitter user @verykate44 pointed out a strange date sequencing that is worth mentioning. Per Chelsea Manning’s lawsuit against the FBI, DOJ, and DOD that was filed on November 14, 2016. It is interesting to note that this was filed while Manning was still in jail. What was pointed out was the October 3, 2016 date which is listed in Manning’s lawsuit. This is one day before the Reuters article broke. Since the lawsuit came after, it is an interesting benchmark for her claims that are listed below about improper FISA surveillance.

While the FISA talk and the date before seem like they could just be coincidental, the reason why I listed them was because in the same lawsuit, Manning specifically brings Huma Abedin’s investigation into the fold. Manning states that they abruptly ended her investigation to move resources to Abedin’s case between October 26 – October 27, 2016. Anthony Weiner’s laptop investigation was reopened by the FBI on October 28, 2016.

All this information was open sourced information so the lawsuit could be framed around that already public information. It is just odd for Manning to write about FISA and Huma Abedin in her lawsuit and while it may be unrelated, it was worth a mention.

This goes to show how one leak can cause a tangled web of information and disinformation that takes years to prosecute and/or figure out. James Baker, what did you do?

Work on this article was assisted by the research of @Wakeywakey16@ThunderB, and @smc12256.

2 thoughts on “The Baker Leak Investigation

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s