On April 17, 2016, the CBS news magazine show, 60 Minutes aired an episode titled “Hacking Your Phone.” The following excerpt took place between the reporter and a German hacker.
Sharyn Alfonsi: Is one phone more secure than another? Is an iPhone more secure than an Android?
Karsten Nohl: All phones are the same.
Sharyn Alfonsi: If you just have somebody’s phone number, what could you do?
Karsten Nohl: Track their whereabouts, know where they go for work, which other people they meet when-- You can spy on whom they call and what they say over the phone. And you can read their texts.
Mobile phone users still think of their mobile devices as phones. They forget that they’re computers, that they are listening as well as speaking devices capable of hearing whatever is said within range of their microphones and that they are seeing devices capable of “filming” whatever is in clear view of their camera eyes.
SS7 is a phone communications technology developed in 1975, in use today, and its vulnerability is well known. Well known, I’m sure, by the FBI and the IC. Perhaps less well known by the Trump Organization, Trump’s family, and Trump’s inner circle. It’s probably well known but perhaps forgotten by those not using, or refusing to use, secure phones. It’s even possible that Russian intelligence services assumed at the time of the run-up to the US elections that the people they were dealing with within the Trump circle — certainly the man himself — would, of course, only be using secure phones. Or, maybe they didn’t and didn’t bother to do so themselves.
Here’s a quick and dirty explanation of what SS7 is and does. For a more thorough explanation go here.
SS7 controls telephone calls, both wired and wireless, through the use of a control signal that is separate from the actual voice circuit. It allows phone networks to exchange the information needed for passing calls and text messages between each other and to ensure correct billing. It also allows users on one network to roam on another, which is often needed in a foreign country.
[snip]
The most important takeaway is to understand that the telephone network that your phone connects to is not secure and probably never will be. . .Telephone networks were not designed to be secure.
That’s enough background information for readers to follow me into some considerations that have occurred to me but that have not been investigated by ferreting reporters. What we’ve just summarized should be kept in mind when we speculate about what Mueller knows and how he knows what he knows.
I’d like to begin by thinking about the famous Comey-Trump “loyalty dinner” that took place over a year ago in the WH. “The President and I had dinner on Friday, January 27 at 6:30 pm in the. Green Room. . .” Comey testified before the Senate Select Committee on Intelligence six months later, after he had been fired. We all remember his famous reply to a question from Sen. Feinstein, “I’ve seen the [President’s] tweet about tapes. Lordy, I hope there are tapes!”
What if there are tapes? Not tapes made by Trump; he’s denied that he made any. What if they were made by Comey’s cell phone, equipped by the FBI, with Comey’s permission, to exploit SS7? Nothing like having a discreet aide-mémoire to back one’s own near perfect total recall of table talk with the president. I realize that making such recordings without letting the second party know, can be illegal. But is it in Washington, D.C.? I also realize that such a recording probably would not be admissible evidence in a court of law since it was obtained without a warrant. Both conditions notwithstanding, there is plenty of reason to believe that such a recording could exist, given knowledge, opportunity, and mentality — all of which the FBI and Comey had at the time. In fact, it’s likely that many agents and IC personnel have and use deliberately exploited phones in carrying out their investigations.
Moving on to Michael Flynn’s indictment by Mueller for lying to the FBI about communicating with Kislyak back in January of 2017, let’s review early interceptions captured at the beginning of the Trump-Russia scandal prior to the appointment of Special Counsel.
Several officials said that while sanctions were discussed between Flynn and Kislyak in the December call, they did not see evidence in the intercept that Flynn had an “intent” to convey an explicit promise to take action after the inauguration.
[snip]
It is not clear when the FBI began to probe Flynn’s communications with Kislyak. Senior members of the Obama administration learned in early January that the FBI was investigating the relationship, according to former officials.
[snip]
. . .Yates, Director of National Intelligence James R. Clapper and CIA Director John O. Brennan recommended informing the Trump team of the Flynn matter. But FBI Director James B. Comey pushed back, arguing that doing so could interfere with the bureau’s ongoing investigation. The FBI is examining contacts between Trump associates and Russian officials. — WaPo, Feb. 17, 2017
What is widely known is that the FBI obtained FISA warrants against Manafort and Page. Not so against Flynn. Perhaps that was unnecessary since America always monitors foreign ambassadors, using various methods, paying close attention to those representing our adversaries.
In May, 2017 we learned Flynn and Kislyak had 18 other phone calls between them that had not been known, occurring in the last seven months of the presidential campaign.
Six of the previously undisclosed contacts described to Reuters were phone calls between Sergei Kislyak, Russia’s ambassador to the United States, and Trump advisers, including Flynn, Trump’s first national security adviser, three current and former officials said.
[snip]
The 18 calls and electronic messages took place between April and November 2016 as hackers engaged in what U.S. intelligence concluded in January was part of a Kremlin campaign to discredit the vote and influence the outcome of the election in favor of Trump over his Democratic challenger, former secretary of state Hillary Clinton.
In addition to the six phone calls involving Kislyak, the communications described to Reuters involved another 12 calls, emails or text messages between Russian officials or people considered to be close to Putin and Trump campaign advisers.
Phone calls and emails and text messages while Russian election meddling was active. Among several others. That’s a difficult amount of information to collect from multiple sources at many levels in the Trump campaign and multiple Russian contacts abroad by means of FISA warrant(s) alone, which are difficult to obtain from a judge. (Recall, the June 2017 request that purportedly named Trump, was denied; an amended more restricted request [Trump not named] was later granted.) But all those communications are fairly simple to obtain by SS7 exploitation.
The FBI was open about its investigative methods in the “2015 case concerning three low-level spies who had been arrested in New York.” This is the case Carter Page was involved in, yet was never arrested over, in spite of all the ways the FBI collected evidence against his Russian contact and the others.
“In the course of this investigation, the FBI has employed a variety of lawful investigative methods. For example, the FBI has conducted extensive physical and electronic surveillance of the defendants — including the covert placement of microphone-type listening devices in certain locations; the covert placement of video cameras in public locations; the monitoring and recording of the phone calls of certain of the defendants; and the use of a confidential source,” says the criminal complaint. . .”
Let’s assume the Russians were using cell phones and that most likely the folks they called, emailed, and texted were, too. To track three individual Russian phones plus all the others, I believe the covert exploitation of the SS7 vulnerability enabled the “monitoring and recording.”
The complaint continued. . .
“In addition, and among other things, the FBI has lawfully obtained multiple audio recordings of discussions involving certain of the defendants that occurred at various locations within a secure office in Manhattan used by SVR agents to send and receive intelligence reports and assignments from Moscow Center.”
The italicized text is a huge tell. The FBI was able to hear what was said between Manhattan and Moscow in various locations within a secure office. Further
A retired FBI supervisor who oversaw surveillance operations confirmed to The Daily Beast that agents are also able to monitor and record conversations in the Russian Mission to the United Nations complex in the Bronx and at the Russian embassy in Washington, D.C.
“The exact same thing in Washington,” the retired FBI supervisor said.
“Every telephone, every room, is bugged, every one of them is monitored.”
He is certain that this included the communications between Gen. Michael Flynn and the then Russian ambassador, Sergey I. Kislyak.
I suggest that it may be possible to do all monitoring most efficiently by using the SS7 vulnerability exploit. Because it is impossible to secure a FISA warrant to cover spontaneous occurrences among suspects whose communications must be surveilled, I further suggest that it was precisely this technology that was employed to capture everything that took place during the April 27, 2016 Mayflower Hotel meeting where Jeff Sessions and Donald Trump “had contact” with Kislyak. Whose phone or phones were involuntarily the active eavesdropper(s) is unknown and unconfirmable. So I won’t speculate about whose I believe it was/were. The WH has protested that Trump’s interaction with the ambassador was just at the level of receiving line politeness. However, a later secret meeting including those three and other actors, including Page, Manafort, and possibly others (Boris Epshteyn?) took place.
Nobody will talk about that.
"In retrospect," Sessions told reporters, "I should have slowed down and said, ‘But I did meet one Russian official a couple of times, and that would be the ambassador.’"
Lawmakers involved in the Russia investigation would not discuss the April meeting.
"I can’t comment on any of that," Sen. Mark Warner, the ranking Democrat on the Senate Intelligence committee, told NBC News.
"Can’t talk about it," said Sen. Ron Wyden, D-Oregon, a member of the committee.
This is the meeting that Comey, in addressing the Senate investigation committee, hinted would be a huge problem for Sessions because he had previously, while under oath, failed “to disclose two separate contacts with Russian ambassador Sergey Kislyak.“ In closed session, no doubt Comey made it clear that the FBI had recordings of Sessions (and other Trump officials, if not the president as well) conversing with Kislyak at the Mayflower Hotel beyond the reception line incidental contact. The realization that the FBI had him cold forced Sessions to “edit” his testimony.
I’m going to close this diary at this point. I’m currently working on finding supporting documentation for additional probable employment of SS7 exploitation by the FBI and/or our IC agents and the Five Eyes intelligence alliance (FVEY = US, Canada, Great Britain, Australia, New Zealand) that would explain how we know what Carter Page’s activities were on behalf of the Trump campaign in its efforts to collude with Russia in order to defeat Hillary Clinton. If I can find credible sources that back up my ideas about what was learned from intercepted communications before the Mueller investigation collected documents and devices from various actors in the Trump-Russia scandal, I’ll follow up this diary with a second. If not, I’ll keep my peace because not to do so approaches publicizing a personal conspiracy theory. All that I feel is prudent to say now is that my idea does answer the question I’ve been concerned with here — “How did the FBI (IC & FVEY) know about exactly what was communicated in the many meetings that occurred between Trump officials and Russian officials, both in person and remotely all over the world, in the run-up to the 2016 presidential election?”
Special Counsel Robert Mueller was not appointed to uncover the facts regarding possible Russian collusion with the Trump campaign in a vacuum. Evidence of crime existed. To be credible, I assert that the evidence of crimes had to be in the form of intercepted, often spontaneous, communications among the suspects. In the absence of such evidence, there are no grounds for investigation. I think Mueller began building his case with a far more substantial evidential underpinning than did Archibald Cox.