Showing posts with label Intelligence. Show all posts
Showing posts with label Intelligence. Show all posts

Saturday, December 10, 2016

Check Out This Old School Intelligence Community Surveillance Detection Video

Note: Dude, again, I am not an intel dude. NOT my lane.

A few days ago, I wrote an article about how political parties could deal with a hostile foreign intelligence service actively targeting them for exploitation. One of the techniques I recommended revolved around avoiding physical surveillance. The video below goes into a lot of detail regarding surveillance detection routes. It appears to have been a declassified intelligence community video from the 1970s(?). This is for purely entertainment purposes. If you think you need to add this to your repertoire, then I suggest doing two things:
  1. Hire a professional to teach you. A video is no substitute for actual training. That said, the materials in this are dated and I would imagine any serious surveillance would have a suitable counter to any SDR. However; this sets a nice introduction into the topic.
  2. If you need this and you're going against any significant intelligence threat, you might be already screwed. Seriously.


This guy seems to know a lot more than I do on this stuff.

Thursday, October 16, 2014

How-To: Map Ebola Like A Pro In Ten Easy Steps

(Photo: US Army)
I have been doing a few posts about Ebola the last two weeks, in order to explain the challenges we face in security with this epidemic and where we can find resources to help. This past week, I received an email to attend a workshop held at a local college to learn how to map the Ebola virus. This was a challenge I would gladly accept and so off I went to the land of academia in order to save the world. The instructor, geographer Theresa Cleary began the course by explaining the problem facing all of the disaster relief organizations.

The Problem

With countless agencies now operating in Africa to combat Ebola’s consistent climb upwards, medical personnel operating there are finding out they face unique challenges in Africa. I experienced much of what they’re going through while stationed in Korea my first tour as a security advisor and driver. At the time, the biggest obstacle I faced was getting around Seoul. While I had the benefit of transliterated maps, I would have killed for a GPS unit. Relief workers in Africa are facing a similar dilemma. Most people don’t realize how much of the African urban and rural settings are not mapped. There are entire road networks and villages no map has officially recognized. In a situation where you have to make contact with every single potential victim, being able to safely navigate to them is paramount.

The Solution

So how do we make sure we have the areas are mapped? Well, by way of open source mapping. In other words, citizen volunteers sit at computers and outline and label every nuance of interest to aid organizations. Once the citizen volunteers do their part, validators spot-check your work and send off the information you collected that was accurate and send back anything you sent off that was wrong. In the entire timeframe of instruction to operation, I mapped over 17 buildings and a few roads. Shortly before writing this post, I mapped 7 roads and 3 foot paths. Total time to do all of this was roughly 30 minutes with only an hour and half worth of instruction. Most importantly, the software this is done on is free and open-source.


I know you’re curious how you can do the same thing. At least you should be. If you don’t think you should be, call me and I’ll explain rather vigorously. So here’s how to get started.
  1. Go to and sign-up for an account. Once your email is confirmed, then follow Step 2.
  2. Go to to see the open tasks for humanitarian groups working on Ebola.
  3. Before accepting any tasks, I HIGHLY suggest you go to and read the articles on how to navgate and what exactly the various terrain feature labels correspond to visually on a map.
  4. Once you’re done there, go back to and find your tasks.
  5. Click on the task you want and then go to the side map and click on an are that is not “done” or “validated”. It should be the grid with no coloring. Once you click there, look to the left sidebar and you should see where it says start mapping, click there.
  6. Next, click on the arrow next to where it says “Edit with” and go to iD Browser. Trust me, you’ll thank me later.
  7. From there a map should have opened up in another browser where you will do your edits.
  8. Find your area and zoom in on areas where there’s a lack of data and outlines are not done for features.
  9. Click on either the line or poly pointers at the top menu bar and then outline the shapes of what you’re tasked. When done, click on the last point of the shape again. If necessary, click on any line in the shape to bring up a mini-menu that will “square” edges away.
  10. When you feel like you’re done, click on the save button at the top menu bar. Feel free to leave a comment in the sidebar. I was told to put “task-whatever the number was-hotosm – whatever feature the task called for” Go back to original hotosm screen and make sure you “unlock” this map so others can work on it. Before you unlock, be sure to leave a comment stating what you did.

That’s it. Easy peasy. By the end of the day, you will have helped out relief efforts in perhaps one of the biggest public health crises the world has seen in a while. Give it a whirl and let me know what you think. Also, share this information with other people.

Wednesday, April 16, 2014

Video: The Story of Glenn Duffie Shriver - Student, Chinese Spy

Many times, when we hear the Chinese have recruited spies on US soil, they are normally Chinese-American scientists. Like most foreign intelligence services (FIS), the Chinese realized it would be much more valuable to have someone who could get inside the Central Intelligence Agency who perhaps wasn't Chinese-American. Meet Glenn Duffie Shriver, a Michigan college student Beijing recruited to join the CIA in 2007. Although he failed to matriculate into the agency, he was paid over $70,000 to do so. American counterintelligence discovered this recruitment and prosecuted Shriver. Subsequently, in 2010, he was sentenced to four years in federal prison for committing espionage for a foreign government. The video above describes Shriver's recruitment, the consequences of his actions, and subsequent attempts by the Chinese to recruit agents from backgrounds similar to Shriver's.

Here are some resources to learn more about Shriver:

Wednesday, August 7, 2013

Ten OPSEC Lessons Learned From The Good Guys, Bad Guys, and People-in-Between

If you've been in the security world long enough, you've heard of a term called "OPSEC" or operational security. This is a security discipline in which organizations or individual operators conduct their business in a manner that does not jeopardize their true mission. If you're a police officer who is staking out a house, it would be bad OPSEC to sit outside the house in a marked police vehicle. I think it's prudent we discuss this discipline so we can better analyze our own processes by which we protect ourselves and our operations. Reviewing the OPSEC process is a great place to start. The following come from Wikipedia (I know - it's super-scholarly):
  1. Identification of Critical Information: Identifying information needed by an adversary, which focuses the remainder of the OPSEC process on protecting vital information, rather than attempting to protect all classified or sensitive unclassified information.
  2. Analysis of Threats: the research and analysis of intelligence, counterintelligence, and open source information to identify likely adversaries to a planned operation.
  3. Analysis of Vulnerabilities: examining each aspect of the planned operation to identify OPSEC indicators that could reveal critical information and then comparing those indicators with the adversary’s intelligence collection capabilities identified in the previous action.
  4. Assessment of Risk: First, planners analyze the vulnerabilities identified in the previous action and identify possible OPSEC measures for each vulnerability. Second, specific OPSEC measures are selected for execution based upon a risk assessment done by the commander and staff.
  5. Application of Appropriate OPSEC Measures: The command implements the OPSEC measures selected in the assessment of risk action or, in the case of planned future operations and activities, includes the measures in specific OPSEC plans.
  6. Assessment of Insider Knowledge: Assessing and ensuring employees, contractors, and key personnel having access to critical or sensitive information practice and maintain proper OPSEC measures by organizational security elements; whether by open assessment or covert assessment in order to evaluate the information being processed and/or handled on all levels of operatability (employees/mid-level/senior management) and prevent unintended/intentional disclosure.
We should also recognize good guys aren't the only ones who practice this discipline. As a matter of fact, the bad guys do as well and many are quite good at it. The lessons we could learn from them, our fellow security professionals, and others are almost immeasurable.
  1. NEVER trust a big butt and a smile. Yup. I started off with that. Bear with me. Many intelligence agencies and law enforcement organizations use sex as a means to get close to a target or person of interest. Most bad guys realize this. However, many do not to their own detriment. When involved with people in a relationship or sexual encounter, they get very close to you and your secrets. I liken these people to "trusted agents" who you allow close enough to you that can get more information than you're willing or able to share publicly. Poor OPSEC practitioners often forget this. Most of their security failures stem from this fatal flaw. I'm not saying to not be in a relationship or to eschew intimacy. If you're in a job that requires you adhere to sound OPSEC principles, what I'm advising you to do is to exercise due diligence and conduct a risk analysis before you do. Think Marion Barry, Anthony Weiner, and Elliott Spitzer.
  2. Immortal words spoken during an EPIC fail.
  3. Always have a thoroughly vetted back-story for your cover. This is commonly referred to as "legend" in the intelligence community. This is an identity in line with your established, synthetic cover. For example, I previously mentioned the hacker known as the The Jester in a previous blog post. Depending on which side you're on, he's either a bad guy or a good guy. However, the lessons he teaches us about cover are insightful. Whenever someone "doxes" him, he has a prepared and detailed analysis as to how he created that cover identity. Many times he'll use a name that does exist with a person who either does not exist or who he has cleverly manufactured using a multitude of identity generators. He'll use disposable credit cards, email, LinkedIn profiles, VPNs which show logins from his cover location, etc. He even engages in cyber-deception with other actors to establish various cover stories for operations that require them. Whether you like him or not, he's certainly good at one thing we know for sure - cover discipline.
  4. NEVER trust anyone you just met. I see you laughing. Many people mistakenly believe they can and should trust everyone they meet. They will often claim they don't but their behavior says otherwise. As Ronald Reagan is often quoted is saying, "In God we trust, all others we verify" I firmly believe this to be the most crucial aspect of operational security. Proper trust is needed in any environment for the mission to be accomplished. However, blind trust can and will kill any hopes of a successful mission. Whether you're checking identification at an entry control point or planning cybersecurity for an online bank, you should always treat every introduction you don't initiate as suspect. Then triage people and their level of access according to risk acceptance. This is a lesson we learned with Edward Snowden. He'd only been at Booze Hamilton a few months before he began siphoning massive amounts of classified information he had no direct access or need-to-know. Another saying I'm fond of is "Keep your enemies close, but your friends closer." I'm not saying everyone you meet is going to steal from you or betray your trust. Like my momma always says, "Not everyone that smiles at you is your friend and not every frown comes from an enemy."
  5. Shut the hell up! No. Seriously. Shut up. If you hang around the special operations community, you'll hear a term used to describe the work they do as "quiet professionals". Most successful bad guys realize the best way to ensure longevity to shut the hell up. Bragging about or giving "pre-game commentary" before an operation are guaranteed ways to get caught or killed. The truly dangerous people are the one's who never say a word and just do their work. Sometimes, lethality is best expressed with silence.

  6. Watch what you leak. While we can keep our mouths shut, it is more difficult in the information age to keep everything connected to us quiet. In order to properly protect ourselves, we have to begin this process by conducting proper risk analysis. Is what I'm doing right now giving away something I don't want the public to know? Is the the device or medium I'm talking on able to give away information I'm not comfortable with sharing? Does my enemy have the ability to intercept or analyze what I'm doing in order to gain sensitive information? What "tells" am I projecting? These are a few of many questions you should be asking in order to ensure you're limiting "noise litter".

    In the information age, do I need to say more?
  7. If you're doing secret stuff, NEVER EVER EVER EVER EVER, talk on the wire. Look at the Mafia as a perfect example of what not to do. As an OPSEC practitioner, you should never communicate on any medium that can give away your secrets or be intercepted. John Gotti got busted talking on the wire. A person rule of thumb: If it can receive messages, it can transmit messages without you knowing. Treat every computer like an informant - feed it what you're willing to share with your adversary.
  8. NEVER ever touch or be in the same place as the "product". For the uninitiated, that is one of first rules of the dope game. Every successfully, elusive drug dealer knows to keep away from the "product" (read "drugs). Whatever the "product" in your "game", ensure you put enough distance between you and it. If you have to be close to it, then have a good reason to be with it.
  9. Recognize "the lion in the tall grass". When practicing OPSEC, if there is one thing you should never forget is why you're doing it. The reason you're practicing it is simple - there are people out there that oppose you. Ignore them at your detriment.
  10. NEVER say something you can't backup or prove immediately. Nothing says you're a person needing to be checked out better than saying things you can backup or prove. People who are trying to vet you will require you backup what you say for a reason. Be ready for this. A great example of this is demonstrated by people who claim to be connected to someone of stature in order to gain access. In this case, they're found out because the target asked the other party who could not confirm this.
  11. Treat your real intentions and identity as that gold ring from Lord of the Rings. I'm not saying put your driver's license on a necklace so a troll who think it's his "precious" won't take it. First of all, that's too cool to happen in real life. Second, you'll look like an idiot. Finally, there are more practical ways of protecting your identity. For starters, never have anything that connects your identity to your operation. Next, if you have to use your real identity in connection with an operation, give yourself some ability to deny the connection. Lastly, NEVER trust your identity, intentions, or operations to anyone or anything other than yourself.
I've decided to include the more practical list from the "Notorious B.I.G." to drive home some of these principles:

  1. Rule number uno, never let no one know
    How much, dough you hold, 'cause you know
    The cheddar breed jealousy 'specially
    If that man *** up, get your *** stuck up
  2. Number two, never let 'em know your next move
    Don't you know Bad Boys move in silence or violence
    Take it from your highness
    I done squeezed mad clips at these cats for they bricks and chips
  3. Number three, never trust nobody
    Your moms'll set that *** up, properly gassed up
    Hoodie to mask up, s***, for that fast buck
    She be layin' in the bushes to light that *** up
  4. Number four, know you heard this before
    Never get high on your own supply
  5. Number five, never sell no *** where you rest at
    I don't care if they want a ounce, tell 'em bounce
  6. Number six, that God*** credit, dig it
    You think a *** head payin' you back, *** forget it
  7. Seven, this rule is so underrated
    Keep your family and business completely separated
    Money and blood don't mix like two *** and no ***
    Find yourself in serious s***
  8. Number eight, never keep no weight on you
    Them cats that squeeze your *** can hold jobs too
  9. Number nine, shoulda been number one to me
    If you ain't gettin' bags stay the f*** from police
    If niggaz think you snitchin' ain't tryin' listen
    They be sittin' in your kitchen, waitin' to start hittin'
  10. Number ten, a strong word called consignment
    Strictly for live men, not for freshmen
    If you ain't got the clientele say hell no
    'Cause they gon' want they money rain, sleet, hail, snow
Don't forget the admonition from Notorious B.IG. gives that should never be diminished:
Follow these rules, you'll have mad bread to break up
If not, twenty-four years, on the wake up
Slug hit your temple, watch your frame shake up
Caretaker did your makeup, when you pass

An information security professional known as "The Grugq" gave a very interesting talk on OPSEC, I think it is worth taking a glance at (try to contain all laughter and bafoonery at the preview image - we're running a family show here, folks):

Thursday, June 6, 2013

Terrorism and Intelligence Legislation You Should Know About But Don't

Now that this NSA story has spawned the insane amount of nonsensical and baseless conjecture on my Twitter feed, I thought I'd take a moment and educate everyone on intelligence and terrorism legislation they should already know about but don't for various reasons.

  • Biological Weapons Anti-Terrorism Act of 1989
  • Executive Order 12947 signed by President Bill Clinton Jan. 23, 1995, Prohibiting Transactions With Terrorists Who Threaten To Disrupt the Middle East Peace Process, and later expanded to include freezing the assets of Osama bin Laden and others.
  • Omnibus Counterterrorism Act of 1995
  • US Antiterrorism and Effective Death Penalty Act of 1996 (see also the LaGrand case which opposed in 1999-2001 Germany to the US in the International Court of Justice concerning a German citizen convicted of armed robbery and murder, and sentenced to death)
  • Executive Order 13224, signed by President George W. Bush Sept. 23, 2001, among other things, authorizes the seizure of assets of organizations or individuals designated by the Secretary of the Treasury to assist, sponsor, or provide material or financial support or who are otherwise associated with terrorists. 66 Fed. Reg. 49,079 (Sept. 23, 2001).
  • 2001 Uniting and Strengthening America by Providing Appropriate Tools for Intercepting and Obstructing Terrorism Act (USA PATRIOT Act)(amended March 2006) (the Financial Anti-Terrorism Act was integrated to it) - I don't have enough energy to discuss the Patriot Act. All you need to know is that it gives the US government very broad powers in order to combat terrorism.
  • Homeland Security Act of 2002, Pub. L. 107-296.
  • Support Anti-Terrorism by Fostering Effective Technologies Act (SAFETY Act) of 2002
  • REAL ID Act of 2005 - Perhaps one of the most controversial pieces of legislation from the Bush era, it set forth certain requirements for state driver's licenses and ID cards to be accepted by the federal government for "official purposes", as defined by the Secretary of Homeland Security. It also outlines the following: 
    • Title II of the act establishes new federal standards for state-issued driver licenses and non-driver identification cards.
    • Changing visa limits for temporary workers, nurses, and Australian citizens.
    • Funding some reports and pilot projects related to border security.
    • Introducing rules covering "delivery bonds" (similar to bail bonds but for aliens who have been released pending hearings).
    • Updating and tightening the laws on application for asylum and deportation of aliens for terrorist activity.
    • Waiving laws that interfere with construction of physical barriers at the borders
  • Animal Enterprise Terrorism Act of 2006 - The Animal Enterprise Terrorism Act (AETA) prohibits any person from engaging in certain conduct "for the purpose of damaging or interfering with the operations of an animal enterprise." and extends to any act that either "damages or causes the loss of any real or personal property" or "places a person in reasonable fear" of injury. 
  • Military Commissions Act of 2006 - The United States Military Commissions Act of 2006, also known as HR-6166, was an Act of Congress signed by President George W. Bush on October 17, 2006. The Act's stated purpose was "To authorize trial by military commission for violations of the law of war, and for other purposes." It was declared unconstitutional by the Supreme Court in 2008 but parts remain in order to use commissions to prosecute war crimes.
  • National Defense Authorization Act of 2012 - The second most controversial piece of legislation from the War on Terror authorizes "the President to use all necessary and appropriate force pursuant to the Authorization for Use of Military Force (Public Law 107-40; 50 U.S.C. 1541 note) includes the authority for the Armed Forces of the United States to detain covered persons (as defined in subsection (b)) pending disposition under the law of war.
    (b) Covered Persons- A covered person under this section is any person as follows:
    (1) A person who planned, authorized, committed, or aided the terrorist attacks that occurred on September 11, 2001, or harbored those responsible for those attacks.
    (2) A person who was a part of or substantially supported al-Qaeda, the Taliban, or associated forces that are engaged in hostilities against the United States or its coalition partners, including any person who has committed a belligerent act or has directly supported such hostilities in aid of such enemy forces.
    (c) Disposition Under Law of War- The disposition of a person under the law of war as described in subsection (a) may include the following:
    (1) Detention under the law of war without trial until the end of the hostilities authorized by the Authorization for Use of Military Force.
    (2) Trial under chapter 47A of title 10, United States Code (as amended by the Military Commissions Act of 2009 (title XVIII of Public Law 111-84)).
    (3) Transfer for trial by an alternative court or competent tribunal having lawful jurisdiction.
    (4) Transfer to the custody or control of the person’s country of origin, any other foreign country, or any other foreign entity.
    (d) Construction- Nothing in this section is intended to limit or expand the authority of the President or the scope of the Authorization for Use of Military Force.
    (e) Authorities- Nothing in this section shall be construed to affect existing law or authorities relating to the detention of United States citizens, lawful resident aliens of the United States, or any other persons who are captured or arrested in the United States.
    (f) Requirement for Briefings of Congress- The Secretary of Defense shall regularly brief Congress regarding the application of the authority described in this section, including the organizations, entities, and individuals considered to be ‘covered persons’ for purposes of subsection (b)(2).
  • Homeland Security Presidential Directive/HSPD-5 requires all federal and state agencies establish response protocols for critical domestic incidents in line with the National Incident Management System.


Friday, May 31, 2013

INFOGRAPHIC: Syria's S-300s

You may heard by now of the S-300 missiles Russia has pledged to sell to the Syrian regime. There has been a great deal of speculation from the White House and other interested entities as to whether this could prolong or even send the crisis in an even greater spiral. In an effort to provide you with the facts about the S-300, I included this pretty cool infographic from a Twitter user who has demonstrated a wealth of knowledge when it comes to missiles and all things that go "boom":

Saturday, May 25, 2013

Loose Lips Just Don't Sink Ships - How Leaks Compromise More Than Just Secrets

This is how the Taliban handles spies.

I'll preface this piece by saying for the record "I am NOT a spy nor have I EVER been a spy. I have NEVER worked inside the intelligence community. What you read here is my opinion backed up by historically factual information." Whew! Now that I've gotten that out of the way, we can discuss a topic I've been meaning to cover - why unauthorized disclosure of sensitive information should remain illegal without legal protections for anyone.

Most people have no clue how the United States and other countries obtain their human intelligence. They assume we send American spies into foreign lands who sneak around embassies and high-end hotels and casinos battling terrorists and criminal kingpins. Most students of modern US intelligence will tell you that is NOT the case. In fact, how we get that intelligence is by sending American intelligence officers who are trained to be clandestine but who do not steal information themselves. That's right. Most human intelligence officers are highly-trained salesmen and recruiters who work diligently to get citizens from target countries to spy on their respective countries. In other words, our HUMINT officers convince other people to betray target states and organizations. We can also get that information by using third-party human intelligence from another country who may be more ethnically credible to penetrate certain denied areas. We'll touch on that later.

This week you have no doubt heard about the Associated Press debacle with the Department of Justice. What you may not be aware of is the "leak" in question is about the alleged penetration of our government  and the Saudi government into the terrorist organization al Qaeda of the Arab Peninsula (AQAP). This was a highly classified operation which I can only assume involved undercover assets who were willing to betray this very dangerous organization. Someone in the Obama administration took it upon themselves to reveal this operation to the Associated Press. This, of course, is VERY illegal and for good reason. Remember those undercover assets I mentioned previously? What do you think would happen to those assets who were operating without the expectation their involvement would be made public to the largest news source in the world? Take a wild guess.

Do you remember Aldrich Ames? He's the guy who betrayed his country and sold secrets to the USSR. What you may not know is that through his leak, he inadvertently killed 10 Russian citizens who fed the Central Intelligence Agency information. How about Valerie Plame? She's another asset who was "burned" (her covert identity revealed publicly) for very political reasons allegedly. I can assure the target country she worked in, Iraq, deployed several counterintelligence agents to contacts she  had in that country. Once an operation has been "burned", all of the assets involved are compromised and can no longer conduct their missions.

Given what you watched above, take a few things into consideration:

  • The very real danger they pose throughout the region they operate in. 
  • How recluse and difficult such organizations can be and the difficulty to get someone to betray this organization. 
  • The operations we were able to stop because of this operation. One of which was the latest plane plot by AQAP. 
  • The potential for further penetration and more insightful intelligence disappearing because a bureaucrat in D.C. took it upon themselves to deliver to the Associated Press information about the success of this ongoing operation. 
  • The likelihood the assets were compromised and the likelihood of their survival and those with whom they had contact.

So you can imagine my surprise to learn of the AP's outrage that the DoJ was investigating their contacts with various people who had knowledge of this operation. You've heard, no doubt, the DoJ subpoenaed the AP's call records for over two months and then those of reporters who may have been the source's contact. I have 11 years of criminal investigations experience and will be the first to attest that this is very customary when you're looking to connect people from one area to another. Whether or not, the DoJ should have subpoenaed the AP's phone company is a different story and "way above my pay grade".

As you can guess, unauthorized disclosure of classified information is a crime. It's actually a very serious crime. Don't believe me. Here's the statute. You'll do good to note there is zero accommodation or exemption for releases to the press.

(a) Whoever knowingly and willfully communicates, furnishes, transmits, or otherwise makes available to an unauthorized person, or publishes, or uses in any manner prejudicial to the safety or interest of the United States or for the benefit of any foreign government to the detriment of the United States any classified information—(1) concerning the nature, preparation, or use of any code, cipher, or cryptographic system of the United States or any foreign government; or
(2) concerning the design, construction, use, maintenance, or repair of any device, apparatus, or appliance used or prepared or planned for use by the United States or any foreign government for cryptographic or communication intelligence purposes; or
(3) concerning the communication intelligence activities of the United States or any foreign government; or
(4) obtained by the processes of communication intelligence from the communications of any foreign government, knowing the same to have been obtained by such processes—
Shall be fined under this title or imprisoned not more than ten years, or both.
(b) As used in subsection (a) of this section—
The term “classified information” means information which, at the time of a violation of this section, is, for reasons of national security, specifically designated by a United States Government Agency for limited or restricted dissemination or distribution;
The terms “code,” “cipher,” and “cryptographic system” include in their meanings, in addition to their usual meanings, any method of secret writing and any mechanical or electrical device or method used for the purpose of disguising or concealing the contents, significance, or meanings of communications;
The term “foreign government” includes in its meaning any person or persons acting or purporting to act for or on behalf of any faction, party, department, agency, bureau, or military force of or within a foreign country, or for or on behalf of any government or any person or persons purporting to act as a government within a foreign country, whether or not such government is recognized by the United States;
The term “communication intelligence” means all procedures and methods used in the interception of communications and the obtaining of information from such communications by other than the intended recipients;
The term “unauthorized person” means any person who, or agency which, is not authorized to receive information of the categories set forth in subsection (a) of this section, by the President, or by the head of a department or agency of the United States Government which is expressly designated by the President to engage in communication intelligence activities for the United States.
(c) Nothing in this section shall prohibit the furnishing, upon lawful demand, of information to any regularly constituted committee of the Senate or House of Representatives of the United States of America, or joint committee thereof.
(1) Any person convicted of a violation of this section shall forfeit to the United States irrespective of any provision of State law—
(A) any property constituting, or derived from, any proceeds the person obtained, directly or indirectly, as the result of such violation; and
(B) any of the person’s property used, or intended to be used, in any manner or part, to commit, or to facilitate the commission of, such violation.
(2) The court, in imposing sentence on a defendant for a conviction of a violation of this section, shall order that the defendant forfeit to the United States all property described in paragraph (1).
(3) Except as provided in paragraph (4), the provisions of subsections (b), (c), and (e) through (p) ofsection 413 of the Comprehensive Drug Abuse Prevention and Control Act of 1970 (21 U.S.C. 853 (b), (c), and (e)–(p)), shall apply to—
(A) property subject to forfeiture under this subsection;
(B) any seizure or disposition of such property; and
(C) any administrative or judicial proceeding in relation to such property,
if not inconsistent with this subsection.
(4) Notwithstanding section 524 (c) of title 28, there shall be deposited in the Crime Victims Fund established under section 1402 of the Victims of Crime Act of 1984 (42U.S.C. 10601) all amounts from the forfeiture of property under this subsection remaining after the payment of expenses for forfeiture and sale authorized by law.(5)As used in this subsection, the term “State” means any State of the United States, the District of Columbia, the Commonwealth of Puerto Rico, and any territory or possession of the United States.
As you can tell, the law is very specific and for good reason, as I outlined before. The business of deriving the intelligence we need from terrorist organization and rogue states requires secrecy. The best way I can describe the importance of keeping clandestine operations secret is to have you watch my child and I play "hide-and-go seek". Children love to tell you where they're going to hide because it makes it easier for you to catch them. Imagine if your child was very clever and never told you where they were hiding. Better yet, what if you never knew they were playing the game. Then, imagine if the stakes were higher - much higher than preempting a really good game. The same could be said of the modern spy game were exponentially more lives are at risk.

Thursday, May 23, 2013

INFOGRAPHIC: Pew Institute Poll - Sharing, Connections, & Privacy In The World Of Teen Social Media

This infographic from the Pew Institute provides some amazing insight into how teens view their social media privacy. As an investigator, I can share with you the value that social media has in gathering information on a person. Teens have historically been the most active users of social media and therefore their online "lives" traditionally have been insightful to say the least.

                      (click to enlarge)

Tuesday, May 14, 2013

What A Burned CIA Officer and A Patriot Hacktivist Can Teach Us About Cover Discipline

Ryan Fogle, an alleged CIA officer being detained by Russian
counterintelligence after his cover was "blown" (Source: AFP)
In light of the news a Central Intelligence Agency officer was detained by Russian counterintelligence, I felt it would be good to examine what it means to have good "cover discipline". In order to accomplish missions that require stealth in plain sight, intelligence operatives use what is commonly referred to as "cover" which is a fictional persona adopted by individual officers so that their true identity and purpose remain unknown to their target. "Cover" takes a significant amount of time to develop and assimilate into the officer. Persons who operate "undercover" will spend a great deal of time studying and perfecting their "cover". Where most officers get caught is when they lose "cover discipline". This could be something as simple as confusing one's "cover" name with their "real" name. In some cases, like the one depicted in this film, "cover" is often lost due to carelessness.

A recent display of good "cover" discipline came coincidentally during an exchange with a "hacktivist" known as The Jester and Jeff Bardin, a leading information security expert. The Jester and Bardin engaged in a phony confrontation regarding The Jester's alleged betrayal of Bardin's "cover" during an information security intelligence operation. The "feud" ended with Bardin "revealing" The Jester's "real" name which was actually a "cover" he developed for this operation over two years ago. It was very elaborate but according to those involved, it was a success.

Here's a snippet from The Jester and Bardin's "feud":
The Jester posted this with regards to his "cover" on another website:
For just such an occasion.....
On the 1st July 2011 - I myself left this on pastebin >>
I also purposely left this in source code of my blog:
Later I created this:
and to bolsert I also created this
It's taken almost 2 years for anyone to spot the deliberate mistake. Well Done.
He doesn't exist. It's a decoy. Good to know who's who though. Thanks.

You will notice the meticulousness of the preparation involved in developing a good cover. The Jester has been active for a few years and has yet to be successfully unmasked because of his adherence to good "cover discipline".

I'm not an intelligence expert nor have I ever claimed to be. However, I have studied intelligence gathering and espionage for quite some time. What I have learned is that spies on rely on secrecy, deception, and disguise to conduct clandestine operations. In order to be successful, spies must "live, eat, and breathe" their cover story. As it's stated in this article, "Cover is a mosaic, it's a puzzle," said James Marcinkowski, a former CIA case officer who attended the dinner. "Every piece is important [to protect] because you don't know which pieces the bad guys are missing."

For more information on "cover":

VIDEO: Defenses Against Espionage

It never ceases to amaze me how many of the cardinal rules of security and threat mitigation are relevant know matter which era or platform they are adhered to in. This video is a perfect illustration of that. It's a video produced by the National Security Council for government contractors who worked with classified projects. It follows a fictional case wherein a company loses a key piece of classified information they produced.  Of interest to security practitioners are the human security vulnerabilities exposed. Many of the fictional characters are exploited using social engineering. While the manner in which the information is much more elaborate than what we say in modern corporate espionage, the lessons are the same.

Monday, May 13, 2013

VIDEO: Espionage Target - You (June 15, 1964)

This video is a classic from the Cold War. While some of the material is outdated, those same human security vulnerabilities still exist whether it be financial, sex, or peer pressure. The only difference between when this film was produced and now is the theater of operations has changed from being solely in an analog world to a digital, multi-spectrum world.

Here's the synopsis from
Exposes the worldwide operation of the Sino-Soviet espionage system and shows how Communist agents used any means to obtain vital information from military personnel. Reconstructs three actual cases to demonstrate various facets of espionage techniques. Explains how agents of different nationalities probe for vulnerable areas, such as loneliness, indebtedness, fast money, sex and the sporting life. Portrays the agent as he subtly approaches, ensnares and involves his victim until it is too late for the victim to retreat. Purpose: Information on communist espionage methods.

VIDEO: NOVA: Quantum Confidential

If you were a spy, how could you ensure that an encrypted message got safely to your allies? Send it using entangled particles! Here, watch how a technique called quantum cryptography could save a state secret from falling into enemy hands.

Watch Quantum Confidential on PBS. See more from NOVA.

Friday, May 3, 2013

VIDEO: Sabotage: Perfecting the Art of Surprise (as told by the CIA)

The Office of Strategic Services, founded June 13, 1942, was the precursor to the Central Intelligence Agency. It was America's wartime espionage and special operations arm during World War II. That being said, an area where it performed rather successfully was sabotage. The CIA released the video below to demonstrate some of the ingenuity agents had to employ in order to complete these challenging missions.

Thursday, January 10, 2013

Have You Seen Former FBI Agent Robert Levinson?

Former Special Agent Robert Levinson missing since March 2007
Robert Levinson is a former FBI agent who has gone missing since March 2007 in Iran. He was acting as a private investigator looking into cigarette-smuggling. There has been contact with the hostage-takers and Robert Levinson's family. There are some experts who have noted the sophisticated tradecraft involved in the transmission of these messages from the hostage-takers. They conclude this points to Iran clearly. The Iranian government contends they had nothing to do with this. Iranian president Mahmoud Ahmadnejad has stated, "Our security officials and agents have expressed their willingness to assist the FBI, if the FBI has any information about his travels around the world." It's curious he would make such a statement. What would his "travels around the world" illuminate for the Iranians? Ahmenijad has a history of playing coy whenever the Iranians have ever been directly linked with any nefarious activities. It's like asking your child to tell you who broke lock on a drawer you were keeping his Christmas presents and they reply "I would be happy to help you find the lock if you would tell me what the lock was protecting."

Here's an example of the messaging sent to Levinson's family.

Levinson supposedly met with Dawud Salahuddin, an American fugitive who converted to Islam and later assasinated an Iranian diplomat in the US. Salahuddin describes himself as a close friend with whom he "shared hotel room on Kish on March 8. Iranian officials in plain clothes came to the room and detained and questioned Salahuddin about his Iranian passport, Salahuddin said. On his release a day later, Levinson had disappeared, and the Iranian officials told Salahuddin he had left Iran." Salahuddin then says something that caught my eye - "I don't think he is missing, but don't want to point my finger at anyone. Some people know exactly where he is," Salahuddin told the newspaper (Financial Times). "He came only to see me." Salahuddin is in a very tricky spot. Levinson was meeting him to network with Iranian officials who might provide leads for a cigarette company that retained Levinson's services. Salahuddin can't go into further details because of his delicate situation there - he's political in Iran and has supported reformers who oppose the current regime. If the Iranians did take Levinson and Salahuddin knows something, I would suspect he's not going to say much for fear of endangering his safe-haven. 

Fred Burton, the VP for Intelligence at Stratfor, has put out a video talking about hypothetical investigative techniques US authorities have engaged in since they received the messages from the hostage-takers. It is interesting to note the correlation between the imagery analysis to find terrorist groups via their messaging and the analysis that goes into locating a hostage like Levinson with similar messaging. His video is below.

I have several readers in Iran.  So I'm going to post Levinson's picture and biographical data as well as a link to his family's blog.

Kish Island, Iran
March 9, 2007 


levinson_r3.jpglevinson_r1.jpgMIST photo.jpg
Date of Birth:March 10, 1948Hair:Gray
Place of Birth:Flushing, New York              Eyes:Blue
Height:188 cm (74 inches) - at the
time of his disappearance
Weight:104 kg (230 pounds) - at the
time of his disappearance
Remarks:                Levinson wears eyeglasses. He is believed to have lost a significant amount of  weight, possibly 50-60 pounds.


Information is being sought regarding United States citizen Robert A. Levinson, a retired FBI Special Agent, who went missing during a business trip to Kish Island, Iran, on March 9, 2007. Levinson retired from the FBI in 1998 and worked as a private investigator following his retirement. Levinson traveled to Kish Island, Iran, on March 8, 2007, working on behalf of several large corporations, and his whereabouts, well-being and the circumstances surrounding his disappearance have been unknown since that time. 


The United States Government is offering a reward of up to $1,000,000 for information leading directly to the safe location, recovery and return of Robert A. Levinson 


If you have any information concerning Robert Levinson, please contact the FBI Tip Line at You can also contact your nearest American Embassy or U.S. Consulate

Field Office: Washington Field Office

Friday, November 30, 2012

US Navy X-47B UCAS first land-based catapult launch by theworacle

US Navy video of the first catapult launch of the Northrop Grumman X-47B unmanned combat aircraft system demonstrator (UCAS-D) on Nov 29, during shore-based aircraft-carrier integration testing at NAS Patuxent River, Maryland. The X-47B is to take-off and land on a carrier at sea in 2013.

New Amendments to NDAA To Rectify Old Issues?? (not really)

“Detainees in orange jumpsuits sit in a holding area under the watchful eyes of Military Police at Camp X-Ray at Naval Base Guantanamo Bay, Cuba, during in-processing to the temporary detention facility on Jan. 11, 2002. The detainees will be given a basic physical exam by a doctor, to include a chest x-ray and blood samples drawn to assess their health. DoD photo by Petty Officer 1st class Shane T. McCoy, U.S. Navy.”

Soooo....I caught this little gem while looking over the new National Defense Authorization Act 2013 amendments being voted on by the US Senate:
    (b) Report.--
(1) IN GENERAL.--Not later than 90 days after the date of the enactment of this Act, the Secretary of Defense shall submit to the Committees on Armed Services of the Senate and the House of Representatives a report on the use of naval vessels for the detention outside the United States of any individual who is captured pursuant to the Authorization for Use of Military Force. Such report shall include--
(A) procedures and any limitations on detaining such individuals at sea on board United States naval vessels;
(B) an assessment of any force protection issues associated with detaining such individuals on such vessels;
(C) an assessment of the likely effect of such detentions on the original mission of the naval vessel; and
(D) any restrictions on long-term detention of individuals on United States naval vessels.
(2) FORM OF REPORT.--The report required under paragraph (1) shall be submitted in unclassified form, but may contain a classified annex.
(a) Notice to Congress.--Not later than five days after first detaining an individual who is captured pursuant to the Authorization for Use of Military Force (Public Law 107-40; 50 U.S.C. 1541 note) on a naval vessel outside the United States, the Secretary of Defense shall submit to the Committees on Armed Services of the Senate and the House of Representatives a notice of the detention.
So when did we start detaining people on boats? You do realize this is what this alludes to? We have or had a need to so and someone in Congress wasn't notified until it was almost too late. Oh wait. That did happen to a guy named Ahmed Abdulkadir Warsame, a Somali terrorist held for over 2 months on a Navy ship.

This is the one that will surely make headlines (if it hasn't already):
(1) by redesignating subsection (b) as subsection (c); and
(2) by inserting after subsection (a) the following:
``(b)(1) An authorization to use military force, a declaration of war, or any similar authority shall not authorize the detention without charge or trial of a citizen or lawful permanent resident of the United States apprehended in the United States, unless an Act of Congress expressly authorizes such detention.
``(2) Paragraph (1) applies to an authorization to use military force, a declaration of war, or any similar authority enacted before, on, or after the date of the enactment of the National Defense Authorization Act For Fiscal Year 2013.
``(3) Paragraph (1) shall not be construed to authorize the detention of a citizen of the United States, a lawful permanent resident of the United States, or any other person who is apprehended in the United States.''.
Yup. You read it right. No more arrests of US citizens or permanent residents overseas without arresting them and bringing them before a US court. Actually. That's not exactly true. Check out what the folks at the ACLU think:
  • It would NOT make America off-limits to the military being used to imprison civilians without charge or trial. That's because its focus on protections for citizens and green-card holders implies that non-citizens could be militarily detained. The goal should be to prohibit domestic use of the military entirely. That's the protection provided to everyone in the United States by the Posse Comitatus Act. That principle would be broken if the military can find an opening to operate against civilians here at home, maybe under the guise of going after non-citizens. This is truly an instance where, when some lose their rights, all lose rights -- even those who look like they are being protected.
  • It is inconsistent with the Constitution, which makes clear that basic due process rights apply to everyone in the United States. No group of immigrants should be denied the most basic due process right of all -- the right to be charged and tried before being imprisoned.
  • It would set some dangerous precedents for Congress: that the military may have a role in America itself, that indefinite detention without charge or trial can be contemplated in the United States, and that some immigrants can be easily carved out of the most basic due process protections.
 It appears the contention about NDAA still stands.

Thursday, November 22, 2012

OPINION: Why Benghazi Keeps Me Up At Night

I got to thinking again about Benghazi.  Actually, that damn city has been on my mind for months.  I digress.  I kept thinking tonight about why the intelligence community (IC) would redact its knowledge of the attackers being terrorists.  It's a common question among many "Benghazi-gate" - as I like to call them - "DIY investigators".

Here's my take:
  • The IC allegedly received an intelligence report via email that Ansar al-Sharia had claimed responsibility via Facebook.  We now know that post was either removed, never existed, or was posted by someone only familiar with the group, according to various "senior Administration sources" used by the media.  Why post something and then remove it?  Logic would dictate if you were bad enough to do the deed and then brag about it, why take it down.
  • If in fact the Facebook post were from the group, it's quite simple why they would remove it.  Terrorists aren't all that dumb and are certainly tech savvy enough to understand how IP addresses work.  If true, it is my supposition they realized that within minutes the IC would be running traces on the IP associated with that post and would be ramming a Hellfire missile down the author's throat not too soon afterwards.
  • I know what you're thinking - But that doesn't explain why the Director of National Intelligence would remove it from Ambassador Rice's statement.  Au contraire!  It does.  My guess is the IC was close to running that trace but hadn't acted on it for various reasons - one of which I'll explain in a bit.  In these types of dynamic situations, it can be difficult to ascertain fact from fiction.  When coordinating retribution attacks, you need to be accurate.  Supposing the Facebook post did exist, the IC presumably asked that Ambassador Rice not blow their cover by disclosing in fact that they knew who the bad guys were.  I see you over there making that face.  
  • Before this alleged posting by Ansar al-Sharia, we had no concrete evidence they were the culprit.  Had Ambassador Rice said this was terrorism too prematurely, we may have lost the tactical advantage of surprise and could have made things extremely problematic for our Libyan allies and our special operations units who undoubtedly would have/could have/should have been tasked with hunting down the culprits.  To give the situation some additional much-need perspective, it would do us all well to remember there wasn't a single capture from this attack.  With the absence of a significant amount of actionable chatter, the US government would have been flying blindly with a reprisal attack.
  • Oh. Did I forget to mention how unreliable the source that email cited was?  Yeah. About that.  CNN contacted a guy, Aaron Azelin who monitors jihadist sites for a living.  You'll love what he said.
"However, an examination of the known Facebook and Twitter accounts of Ansar al-Sharia in Benghazi reveals no such claim of responsibility. Aaron Zelin, a research fellow at the Washington Institute for Near East Policy, tracks dozens of jihadist websites and archives much of what they say. He told CNN he was unaware of any such claim having been posted on the official Facebook page or Twitter feed of Ansar al-Sharia in Benghazi.
Zelin, who said his RSS feed sends him any new statement from the group, provided CNN with a copy of that feed. It shows no Facebook update between September 8 and September 12, when a posting late that afternoon first referenced the attack. Zelin notes that the posting referred to a news conference the group had held earlier that day in Benghazi in which it denied any role in the assault on the consulate, while sympathizing with the attackers.
Accompanying a posting of the news conference on YouTube, a commentary says that the attack on the consulate was "a wave of rage for Allah and his Prophet, it came from the Muslim youths."
The posting continues: "Ansar al-Sharia brigade did not officially participate as a military body, nor received any orders directed from the brigade."
The group's Twitter feed tells the same story. The account, @anssarelshariea, bears the group's logo and a tweet on September 8 - and then nothing until four days later. And at no point is there a claim of involvement in or responsibility for the attack on the U.S. Consulate compound."
All of this makes me wonder, "How is that we had a CIA station in Benghazi but the only intelligence we had to verify this group was responsible came from a single Facebook post?"  I know getting a hold of sources during a crisis can be difficult and the intel may not be very credible but I can't help but wonder why we haven't heard more about the human intelligence that should have been available.  You would naturally assume the CIA would have been working its assets into this group and would have had some indication this was coming.  Maybe it did but that hasn't come out of any of the testimony, as far as I know.  Instead of asking this and other questions relating to what happened on the ground, we've been stuck with an oversight committee more obsessed with talking points and adulterous 4-star generals.  I firmly believe in order to properly secure any resource in a hostile environment, you have to be procuring actionable intelligence.  This did not happen in Benghazi.  Until we address this shortcoming, it may continue to happen.

Wednesday, November 21, 2012

The Confusion behind Fusion Centers

On October 3, 2012, the United States Senate published some not-so surprising news for many of us familiar with the "results" produced by fusion centers.  It turns out someone decided to look into what many assumed was one of the largest examples of bureaucracy - "fusion centers".  For those of you unfamiliar with fusion centers and what they do, essentially they are intelligence sharing centers created by state governments and the Departments of Justice and Homeland Security to work in concert with federal efforts to prevent, respond, and mitigate the threat of terrorism in the United States.  There are currently 72 centers nationwide.

The Senate Permanent Subcommittee on Investigations stated, "Department of Homeland Security efforts to engage state and local intelligence “fusion centers” has not yielded significant useful information to support federal counterterrorism intelligence efforts."  This a very damning report to say the least for fusion centers.  It doesn't help their cause that they have been mired by criticism ranging from the infamous Missouri Information Analysis Center (MIAC) 2009 report which labeled supporters of the Ron Paul movement and various right wing organizations and grass roots movements as terrorists and the Virginia fusion center 2009 report which stated universities were potential hubs of terrorist activities and labeled hacktivism as a form of terrorism.  

The Subcommittee stated in their press release
“It’s troubling that the very ‘fusion’ centers that were designed to share information in a post-9/11 world have become part of the problem. Instead of strengthening our counterterrorism efforts, they have too often wasted money and stepped on Americans’ civil liberties,” said Senator Tom Coburn, the Subcommittee’s ranking member who initiated the investigation.

The investigation determined that senior DHS officials were aware of the problems hampering effective counterterrorism work with the fusion centers, but did not always inform Congress of the issues, nor ensure the problems were fixed in a timely manner.
“Unfortunately, DHS has resisted oversight of these centers. The Department opted not to inform Congress or the public of serious problems plaguing its fusion center and broader intelligence efforts. When this Subcommittee requested documents that would help it identify these issues, the Department initially resisted turning them over, arguing that they were protected by privilege, too sensitive to share, were protected by confidentiality agreements, or did not exist at all. The American people deserve better. I hope this report will help generate the reforms that will help keep our country safe,” Dr. Coburn said.
Where it gets particularly disturbing is in their highlighted conclusions about their investigation.
The Department of Homeland Security estimates that it has spent somewhere between $289 million and $1.4 billion in public funds to support state and local fusion centers since 2003, broad estimates that differ by over $1 billion. The investigation raises questions about the value this amount of funding and the nation’s more than 70 fusion centers are providing to federal counterterrorism efforts:

• The investigation found that DHS intelligence officers assigned to state and local fusion centers produced intelligence of “uneven quality – oftentimes shoddy, rarely timely, sometimes endangering citizens’ civil liberties and Privacy Act protections, occasionally taken from already-published public sources, and more often than not unrelated to terrorism.”

• DHS officials did not provide evidence to the Subcommittee showing unique contributions that state and local fusion centers made to assist federal counter terrorism intelligence efforts that resulted in the disruption or prevention of a terrorism plot.

• The investigation also found that DHS did not effectively monitor how federal funds provided to state and local fusion centers were used to strengthen federal counterterrorism efforts. A review of the expenditures of five fusion centers found that federal funds were used to purchase dozens of flat screen TVs, two sport utility vehicles, cell phone tracking devices and other surveillance equipment unrelated to the analytical mission of an intelligence center. Their mission is not to do active or covert collection of intelligence. In addition, the fusion centers making these questionable expenditures lacked basic, “must-have” intelligence capabilities, according to DHS assessments.
Here's the report: 

Wednesday, November 14, 2012

My Problem With Benghazi Conspiracy Theories

Folks, I have some fundamental issues with most conspiracy theories.  Many have very little data to substantiate what they either indirectly imply or overtly say.  Most of it is pure speculation with very vague familiarity of the incident (i.e. "I have a cousin who knows a guy in the military that says", "Newt said", "I heard it from Sean Hannity").  If you weren't there, then it's just speculation.  The various theories and innuendos about Benghazi are of the same ilk.  I'll spell out why by attempting to debunk the top four Benghazi theories/innuendos:
  1. As I mentioned before, Chris Stevens was NEVER EVER raped.  No one has stated this except for a lone newspaper out of Lebanon and few Facebook bloggers.
  2. Chris Stevens was not killed as the result of being shot, beaten, or burned.  He was killed by smoke inhalation.  Simply put, it takes only 20 minutes of active burning for lethal levels of smoke and heated air to accumulate.  Charlene Lamb, the Deputy Assistant Secretary for International Programs in the Bureau of Diplomatic Security at the Department of State, stated in her testimony before the House Oversight Committee on October 10, 2012
    1. "Gunfire was heard from multiple locations on the compound.  One agent secured Ambassador Stevens and Sean Smith, the information management officer, in the safe haven.  The other agents retrieved their M4 submachine guns and other tactical gear from Building B.  When they attempted to return to the main building, they encountered armed attackers and doubled back to Building B. The attackers used diesel fuel to set the main building ablaze.  Thick smoke filled the entire structure.  The Diplomatic Security agent began leading the Ambassador and Sean Smith through the debilitating smoke toward the emergency escape window.The agent, nearing unconsciousness himself, opened the window and crawled out.  He then realized they had become separated in the smoke.  So he reentered the building and searched multiple times for the Ambassador and Mr. Smith.  Finally the agent—suffering from severe smoke inhalation and barely able to breathe or speak – exited to the roof and notified the Tactical Operations Center of the situation (TOC)." 
    2. Even IF, the Department of Defense could have supplied tactical resources to respond to Benghazi, the likelihood Chris Stevens would have already been dead is very high.  Chris Stevens, more than likely, died at the early onset of this engagement.  Deputy Assistant Secretary Lamb got her intel from the TOC and the agents' after-action reports.  In other words, she heard it from the folks on the ground and not Fox, ABC, CBS, etc.
  3. The Department of Defense got an email to stand down.  This one comes from our dear friend, Newt Gingrich.  You'll do good to click on that link and note the timing of that email in relation to the election and the word "rumor" (ahem!....not a fact) in his quote.  
    1. Okay, folks the likelihood the DoD would have received an email to "stand down" is very unlikely.  If there is one thing we've learned since Ollie North, it's never send an email when involved in far-reaching conspiracies.  This conversation would have happened over a secure communications line or in person at the Situation Room and would have relayed the assets DoD would have needed to support and/or pull of a successful rescue operation and their respective availability.  I'm not sure if you're aware of this, but it takes the DoD a LONG time to respond to anything.  The assets (Special Operation Forces) DoD would have sent were more than likely on other missions related to GWOT (Global War on Terrorism).  Contrary to popular belief, the nearest special operations unit was in Rota, Spain. Folks, these guys don't ride on supersonic jets.  The flight time, not counting preparation, narrows your response time greatly.  Also, remember everything the government does in terms of its official actions is almost always recorded.  Leon Panetta will soon testify before Congress knowing this data was fully available to Congress.  My guess is Patraeus will testify to the same as it was his agency that provided most of the backup.
  4. The White House is blackmailing Patraeus with the affair scandal.  Why?  Seriously.  Why would the White House blackmail a guy who was going to testify any way?  This investigation has been going on for months.  Why now?  Divorces are messy and affairs even messier but lying to Congress about what a whole division of an intelligence agency knew is even worse for everyone involved.  Patraeus and anyone with a pulse in DC knows that.  But wait - there are more problems with this theory:
    1. The original investigator had sent shirtless pictures of himself to the victim.
    2. The investigation began by a complaint from someone with no connection to the White House and also sleeping with another General officer supposedly.
    3. The Patraeus affair would have presumably never have came to light had it not been for his mistress' threatening emails about her suspicions of the victim and Patraeus.  
    4. Just in case you're wondering the FBI's jurisdiction in all of this, remember threatening someone is a crime and if done over email is federal offense due to the federal government's jurisdiction over interstate commerce.
    5. Patraeus was still going to testify.  Remember Congress has subpoena power over anyone for any reason.  An oversight committee hearing is much like testifying in a court of law.  There is even oath.  The risk a blackmailer takes with blackmail once they reveal their hand is that target may be even more inclined to tell the truth.  If huge conspiracies are your thing, you can't afford to have this happen.
    6. Two GOP congressmen knew of the investigation days before the election and just sat on it.  In any conspiracy, you need loyal and discreet people - a shirtless FBI dude and a couple of GOP congressmen "in the know" are less than ideal. 
Before I get deluged with comments, let me answer some questions:

Were there screw-ups in Benghazi? 

Am I excusing those? 

Do I believe this investigation has become partisan beyond comprehension?  

Do I think the American people will ever get the whole truth?  
No for a variety of reasons.  

Should this diminish our need to find the truth? 
No.  People died and we need to know why in order to fix it.  

What/who do you blame for these deaths?  I think it is very ironic the CIA is rumored to have had an annex devoted to assisting the Libyan government in covertly collecting heavy weapons such as mortars from local militias and the consulate across the street from them is hit by mortars.  There was an intelligence and diplomatic failure on several levels.  My sources in Libya tell me the government was beginning to crack down on these rogue groups who were holding on to these weapons as insurance and as leverage to further their own burgeoning political agendas.  My supposition is the CIA mission was discovered.  In order to show their discontent at the Agency's participation in this crackdown, they retaliated.  They couldn't identify the location of the CIA mission so I assume they hit the next biggest American target on a historic day.  As luck would have it, Chris Stevens was there.  Will we ever hear that from anyone?  No, but perhaps - just once - we need to.

Here's a link to all of the public testimony given so far:

About Us