Home / 2017 / March (page 5)

Monthly Archives: March 2017

Trump Talks Healthcare While Swamp Resists – Dems Call Inhumane While Conservative Cucks Say It Falls Short

Earler today, Republican House leaders led by GOP speaker Paul Ryan unveiled their proposed replacement for Obamacare – the utterly failed assault on the middle class which was authored in large part by convicted felon, democrat operative, and White House regular Robert Creamer – who wrote 628 pages of it from prison.

You can check out the new GOP proposal here, as well as Trump’s comments from earlier today:

The basics are as follows:

  • Removes Obamacare taxes on drugs, health-insurance premiums, and medical devices.
  • Removes individual / employer mandate which was severely harming the middle class.
  • Prohibit health insurers from denying coverage for pre-existing conditions.
  • Allow basement-dwelling neckbeards to remain on their parents’ plans until they are 26 (45% older than they were when they became grown ass legal adults).
  • Low income protections: provides states with $100 Billion to help low-income Americans afford healthcare.
  • Enhanced Health Savings Accounts – nearly doubling the amount people can contribute.
  • Provide a tax credit of up to $14,000 / year for low and middle-income individuals and families who don’t receive insurance through work or a government program.

While Paul Ryan says he can guarantee enough votes to win passage in the House, the American Health Care Act – also known as TrumpCare (and now RyanCare), key Democrats denounced the proposal – claiming it will deprive millions of Americans of health insurance. On the far right, lawmakers publicly condemned the plan as a lackluster repackaging of Obamacare. Utah Republican Senator Mike Lee called it “exactly the type of back-room dealing and rushed process that we criticized Democrats for,” with others echoing similar sentiment.

“We think you have to get rid of Obamacare completely” -Rep. Jim Jordan (R-OH)

Outside of congress, conservative groups including the Club for Growth, Americans for Prosperity, Heritage Action for America, and the Koch backed Freedom Partners claim that “RyanCare” doesn’t go far enough- with the Club for Growth calling it a “warmed-over substitute for government-run healthcare”

Secretary of Health and Human Services  Dr. Tom Price, M.D. (R-GA) the man hired to oversee the process calls it a “work in progress”

“You start at a starting point, people engage and they get involved in the process, sometimes to a greater degree,” Price said. “We’ll work through it. This is an important process to be had.”

Vice President Mike Pence calls the new proposal a “framework,” leaving the door open to modification – and even President Trump hedged:

Trump’s smart – he’s not taking credit for the new Healthcare Bill, while at the same time letting Paul Ryan do battle with the rest of the swamp. Perhaps this is why Ryan had such a curious sudden hard-on for Trump the other week…

Comments »

Wikileaks “Vault 7” Released – Exposes CIA Cyber Warfare And Surveillance Tools

Wikileaks just dumped the much tweeted about “Vault 7” on the world – entitled “Inside the CIA’s Global Hacking Force” and it exposes the CIA’s electronic surveillance apparatus. It appears that similar to previous Wikileaks releases – more will come out over time. Check it out on the Wikileaks website here.

Some highlights:

  • The CIA’s “Engineering Development Group” is responsible for creating all of their cyber-warfare tools.
  • The CIA can “spoof” it’s malware to appear as though it’s a foreign intel agency’s
  • iPads / iPhones / Android devices and Smart TV’s are all susceptible to hacks and malware. Samsung Smart TV’s for example can go into a “Fake Off” mode in which they appear to be powered down while eavesdropping.
    • The increasing sophistication of surveillance techniques has drawn comparisons with George Orwell’s 1984, but “Weeping Angel”, developed by the CIA’s Embedded Devices Branch (EDB), which infests smart TVs, transforming them into covert microphones, is surely its most emblematic realization.
  • The US Consulate in Frankfurt is a CIA hacker base.
  • The Obama administration promised to disclose all serious vulnerabilities they found to Apple, Google, Microsoft, and other US-based manufacturers. They broke that promise.
  • The Frankfurt consulate is a major CIA hacking base of operations.
  • The CIA was looking into hacking into cars in late 2014
  • Instant messaging encryption is a joke.
  • The CIA laughs at Anti-Virus / Anti-Malware programs.
  • Imgur gallery of some of the various tools.

More below…

Press Release

Today, Tuesday 7 March 2017, WikiLeaks begins its new series of leaks on the U.S. Central Intelligence Agency. Code-named “Vault 7” by WikiLeaks, it is the largest ever publication of confidential documents on the agency.

The first full part of the series, “Year Zero”, comprises 8,761 documents and files from an isolated, high-security network situated inside the CIA’s Center for Cyber Intelligence in Langley, Virgina. It follows an introductory disclosure last month of CIA targeting French political parties and candidates in the lead up to the 2012 presidential election.

Recently, the CIA lost control of the majority of its hacking arsenal including malware, viruses, trojans, weaponized “zero day” exploits, malware remote control systems and associated documentation. This extraordinary collection, which amounts to more than several hundred million lines of code, gives its possessor the entire hacking capacity of the CIA. The archive appears to have been circulated among former U.S. government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive.

“Year Zero” introduces the scope and direction of the CIA’s global covert hacking program, its malware arsenal and dozens of “zero day” weaponized exploits against a wide range of U.S. and European company products, include Apple’s iPhone, Google’s Android and Microsoft’s Windows and even Samsung TVs, which are turned into covert microphones.

Since 2001 the CIA has gained political and budgetary preeminence over the U.S. National Security Agency (NSA). The CIA found itself building not just its now infamous drone fleet, but a very different type of covert, globe-spanning force — its own substantial fleet of hackers. The agency’s hacking division freed it from having to disclose its often controversial operations to the NSA (its primary bureaucratic rival) in order to draw on the NSA’s hacking capacities.

By the end of 2016, the CIA’s hacking division, which formally falls under the agency’s Center for Cyber Intelligence (CCI), had over 5000 registered users and had produced more than a thousand hacking systems, trojans, viruses, and other “weaponized” malware. Such is the scale of the CIA’s undertaking that by 2016, its hackers had utilized more code than that used to run Facebook. The CIA had created, in effect, its “own NSA” with even less accountability and without publicly answering the question as to whether such a massive budgetary spend on duplicating the capacities of a rival agency could be justified.

In a statement to WikiLeaks the source details policy questions that they say urgently need to be debated in public, including whether the CIA’s hacking capabilities exceed its mandated powers and the problem of public oversight of the agency. The source wishes to initiate a public debate about the security, creation, use, proliferation and democratic control of cyberweapons.

Once a single cyber ‘weapon’ is ‘loose’ it can spread around the world in seconds, to be used by rival states, cyber mafia and teenage hackers alike.

Julian Assange, WikiLeaks editor stated that “There is an extreme proliferation risk in the development of cyber ‘weapons’. Comparisons can be drawn between the uncontrolled proliferation of such ‘weapons’, which results from the inability to contain them combined with their high market value, and the global arms trade. But the significance of “Year Zero” goes well beyond the choice between cyberwar and cyberpeace. The disclosure is also exceptional from a political, legal and forensic perspective.”

Wikileaks has carefully reviewed the “Year Zero” disclosure and published substantive CIA documentation while avoiding the distribution of ‘armed’ cyberweapons until a consensus emerges on the technical and political nature of the CIA’s program and how such ‘weapons’ should analyzed, disarmed and published.

Wikileaks has also decided to redact and anonymise some identifying information in “Year Zero” for in depth analysis. These redactions include ten of thousands of CIA targets and attack machines throughout Latin America, Europe and the United States. While we are aware of the imperfect results of any approach chosen, we remain committed to our publishing model and note that the quantity of published pages in “Vault 7” part one (“Year Zero”) already eclipses the total number of pages published over the first three years of the Edward Snowden NSA leaks.


CIA malware targets iPhone, Android, smart TVs

CIA malware and hacking tools are built by EDG (Engineering Development Group), a software development group within CCI (Center for Cyber Intelligence), a department belonging to the CIA’s DDI (Directorate for Digital Innovation). The DDI is one of the five major directorates of the CIA (see this organizational chart of the CIA for more details).

The EDG is responsible for the development, testing and operational support of all backdoors, exploits, malicious payloads, trojans, viruses and any other kind of malware used by the CIA in its covert operations world-wide.

The increasing sophistication of surveillance techniques has drawn comparisons with George Orwell’s 1984, but “Weeping Angel”, developed by the CIA’s Embedded Devices Branch (EDB), which infests smart TVs, transforming them into covert microphones, is surely its most emblematic realization.

The attack against Samsung smart TVs was developed in cooperation with the United Kingdom’s MI5/BTSS. After infestation, Weeping Angel places the target TV in a ‘Fake-Off’ mode, so that the owner falsely believes the TV is off when it is on. In ‘Fake-Off’ mode the TV operates as a bug, recording conversations in the room and sending them over the Internet to a covert CIA server.

As of October 2014 the CIA was also looking at infecting the vehicle control systems used by modern cars and trucks. The purpose of such control is not specified, but it would permit the CIA to engage in nearly undetectable assassinations.

The CIA’s Mobile Devices Branch (MDB) developed numerous attacks to remotely hack and control popular smart phones. Infected phones can be instructed to send the CIA the user’s geolocation, audio and text communications as well as covertly activate the phone’s camera and microphone.

Despite iPhone’s minority share (14.5%) of the global smart phone market in 2016, a specialized unit in the CIA’s Mobile Development Branch produces malware to infest, control and exfiltrate data from iPhones and other Apple products running iOS, such as iPads. CIA’s arsenal includes numerous local and remote “zero days” developed by CIA or obtained from GCHQ, NSA, FBI or purchased from cyber arms contractors such as Baitshop. The disproportionate focus on iOS may be explained by the popularity of the iPhone among social, political, diplomatic and business elites.

A similar unit targets Google’s Android which is used to run the majority of the world’s smart phones (~85%) including Samsung, HTC and Sony. 1.15 billion Android powered phones were sold last year. “Year Zero” shows that as of 2016 the CIA had 24 “weaponized” Android “zero days” which it has developed itself and obtained from GCHQ, NSA and cyber arms contractors.

These techniques permit the CIA to bypass the encryption of WhatsApp, Signal, Telegram, Wiebo, Confide and Cloackman by hacking the “smart” phones that they run on and collecting audio and message traffic before encryption is applied.

CIA malware targets Windows, OSx, Linux, routers

The CIA also runs a very substantial effort to infect and control Microsoft Windows users with its malware. This includes multiple local and remote weaponized “zero days”, air gap jumping viruses such as “Hammer Drill” which infects software distributed on CD/DVDs, infectors for removable media such as USBs, systems to hide data in images or in covert disk areas ( “Brutal Kangaroo”) and to keep its malware infestations going.

Many of these infection efforts are pulled together by the CIA’s Automated Implant Branch (AIB), which has developed several attack systems for automated infestation and control of CIA malware, such as “Assassin” and “Medusa”.

Attacks against Internet infrastructure and webservers are developed by the CIA’s Network Devices Branch (NDB).

The CIA has developed automated multi-platform malware attack and control systems covering Windows, Mac OS X, Solaris, Linux and more, such as EDB’s “HIVE” and the related “Cutthroat” and “Swindle” tools, which are described in the examples section below.

CIA ‘hoarded’ vulnerabilities (“zero days”)

In the wake of Edward Snowden’s leaks about the NSA, the U.S. technology industry secured a commitment from the Obama administration that the executive would disclose on an ongoing basis — rather than hoard — serious vulnerabilities, exploits, bugs or “zero days” to Apple, Google, Microsoft, and other US-based manufacturers.

Serious vulnerabilities not disclosed to the manufacturers places huge swathes of the population and critical infrastructure at risk to foreign intelligence or cyber criminals who independently discover or hear rumors of the vulnerability. If the CIA can discover such vulnerabilities so can others.

The U.S. government’s commitment to the Vulnerabilities Equities Process came after significant lobbying by US technology companies, who risk losing their share of the global market over real and perceived hidden vulnerabilities. The government stated that it would disclose all pervasive vulnerabilities discovered after 2010 on an ongoing basis.

“Year Zero” documents show that the CIA breached the Obama administration’s commitments. Many of the vulnerabilities used in the CIA’s cyber arsenal are pervasive and some may already have been found by rival intelligence agencies or cyber criminals.

As an example, specific CIA malware revealed in “Year Zero” is able to penetrate, infest and control both the Android phone and iPhone software that runs or has run presidential Twitter accounts. The CIA attacks this software by using undisclosed security vulnerabilities (“zero days”) possessed by the CIA but if the CIA can hack these phones then so can everyone else who has obtained or discovered the vulnerability. As long as the CIA keeps these vulnerabilities concealed from Apple and Google (who make the phones) they will not be fixed, and the phones will remain hackable.

The same vulnerabilities exist for the population at large, including the U.S. Cabinet, Congress, top CEOs, system administrators, security officers and engineers. By hiding these security flaws from manufacturers like Apple and Google the CIA ensures that it can hack everyone &mdsh; at the expense of leaving everyone hackable.

‘Cyberwar’ programs are a serious proliferation risk

Cyber ‘weapons’ are not possible to keep under effective control.

While nuclear proliferation has been restrained by the enormous costs and visible infrastructure involved in assembling enough fissile material to produce a critical nuclear mass, cyber ‘weapons’, once developed, are very hard to retain.

Cyber ‘weapons’ are in fact just computer programs which can be pirated like any other. Since they are entirely comprised of information they can be copied quickly with no marginal cost.

Securing such ‘weapons’ is particularly difficult since the same people who develop and use them have the skills to exfiltrate copies without leaving traces — sometimes by using the very same ‘weapons’ against the organizations that contain them. There are substantial price incentives for government hackers and consultants to obtain copies since there is a global “vulnerability market” that will pay hundreds of thousands to millions of dollars for copies of such ‘weapons’. Similarly, contractors and companies who obtain such ‘weapons’ sometimes use them for their own purposes, obtaining advantage over their competitors in selling ‘hacking’ services.

Over the last three years the United States intelligence sector, which consists of government agencies such as the CIA and NSA and their contractors, such as Booze Allan Hamilton, has been subject to unprecedented series of data exfiltrations by its own workers.

A number of intelligence community members not yet publicly named have been arrested or subject to federal criminal investigations in separate incidents.

Most visibly, on February 8, 2017 a U.S. federal grand jury indicted Harold T. Martin III with 20 counts of mishandling classified information. The Department of Justice alleged that it seized some 50,000 gigabytes of information from Harold T. Martin III that he had obtained from classified programs at NSA and CIA, including the source code for numerous hacking tools.

Once a single cyber ‘weapon’ is ‘loose’ it can spread around the world in seconds, to be used by peer states, cyber mafia and teenage hackers alike.

U.S. Consulate in Frankfurt is a covert CIA hacker base

In addition to its operations in Langley, Virginia the CIA also uses the U.S. consulate in Frankfurt as a covert base for its hackers covering Europe, the Middle East and Africa.

CIA hackers operating out of the Frankfurt consulate ( “Center for Cyber Intelligence Europe” or CCIE) are given diplomatic (“black”) passports and State Department cover. The instructions for incoming CIA hackersmake Germany’s counter-intelligence efforts appear inconsequential: “Breeze through German Customs because you have your cover-for-action story down pat, and all they did was stamp your passport”

Your Cover Story (for this trip)
Q: Why are you here?
A: Supporting technical consultations at the Consulate.

Two earlier WikiLeaks publications give further detail on CIA approaches to customs and secondary screening procedures.

Once in Frankfurt CIA hackers can travel without further border checks to the 25 European countries that are part of the Shengen open border area — including France, Italy and Switzerland.

A number of the CIA’s electronic attack methods are designed for physical proximity. These attack methods are able to penetrate high security networks that are disconnected from the internet, such as police record database. In these cases, a CIA officer, agent or allied intelligence officer acting under instructions, physically infiltrates the targeted workplace. The attacker is provided with a USB containing malware developed for the CIA for this purpose, which is inserted into the targeted computer. The attacker then infects and exfiltrates data to removable media. For example, the CIA attack system Fine Dining, provides 24 decoy applications for CIA spies to use. To witnesses, the spy appears to be running a program showing videos (e.g VLC), presenting slides (Prezi), playing a computer game (Breakout2, 2048) or even running a fake virus scanner (Kaspersky, McAfee, Sophos). But while the decoy application is on the screen, the underlaying system is automatically infected and ransacked.

How the CIA dramatically increased proliferation risks

In what is surely one of the most astounding intelligence own goals in living memory, the CIA structured its classification regime such that for the most market valuable part of “Vault 7” — the CIA’s weaponized malware (implants + zero days), Listening Posts (LP), and Command and Control (C2) systems — the agency has little legal recourse.

The CIA made these systems unclassified.

Why the CIA chose to make its cyberarsenal unclassified reveals how concepts developed for military use do not easily crossover to the ‘battlefield’ of cyber ‘war’.

To attack its targets, the CIA usually requires that its implants communicate with their control programs over the internet. If CIA implants, Command & Control and Listening Post software were classified, then CIA officers could be prosecuted or dismissed for violating rules that prohibit placing classified information onto the Internet. Consequently the CIA has secretly made most of its cyber spying/war code unclassified. The U.S. government is not able to assert copyright either, due to restrictions in the U.S. Constitution. This means that cyber ‘arms’ manufactures and computer hackers can freely “pirate” these ‘weapons’ if they are obtained. The CIA has primarily had to rely on obfuscation to protect its malware secrets.

Conventional weapons such as missiles may be fired at the enemy (i.e into an unsecured area). Proximity to or impact with the target detonates the ordnance including its classified parts. Hence military personnel do not violate classification rules by firing ordnance with classified parts. Ordnance will likely explode. If it does not, that is not the operator’s intent.

Over the last decade U.S. hacking operations have been increasingly dressed up in military jargon to tap into Department of Defense funding streams. For instance, attempted “malware injections” (commercial jargon) or “implant drops” (NSA jargon) are being called “fires” as if a weapon was being fired. However the analogy is questionable.

Unlike bullets, bombs or missiles, most CIA malware is designed to live for days or even years after it has reached its ‘target’. CIA malware does not “explode on impact” but rather permanently infests its target. In order to infect target’s device, copies of the malware must be placed on the target’s devices, giving physical possession of the malware to the target. To exfiltrate data back to the CIA or to await further instructions the malware must communicate with CIA Command & Control (C2) systems placed on internet connected servers. But such servers are typically not approved to hold classified information, so CIA command and control systems are also made unclassified.

A successful ‘attack’ on a target’s computer system is more like a series of complex stock maneuvers in a hostile take-over bid or the careful planting of rumors in order to gain control over an organization’s leadership rather than the firing of a weapons system. If there is a military analogy to be made, the infestation of a target is perhaps akin to the execution of a whole series of military maneuvers against the target’s territory including observation, infiltration, occupation and exploitation.

Evading forensics and anti-virus

A series of standards lay out CIA malware infestation patterns which are likely to assist forensic crime scene investigators as well as Apple, Microsoft, Google, Samsung, Nokia, Blackberry, Siemens and anti-virus companies attribute and defend against attacks.

“Tradecraft DO’s and DON’Ts” contains CIA rules on how its malware should be written to avoid fingerprints implicating the “CIA, US government, or its witting partner companies” in “forensic review”. Similar secret standards cover the use of encryption to hide CIA hacker and malware communication (pdf), describing targets & exfiltrated data (pdf) as well as executing payloads (pdf) and persisting (pdf) in the target’s machines over time.

CIA hackers developed successful attacks against most well known anti-virus programs. These are documented in AV defeats, Personal Security Products, Detecting and defeating PSPs andPSP/Debugger/RE Avoidance. For example, Comodo was defeated by CIA malware placing itself in the Window’s “Recycle Bin”. While Comodo 6.x has a “Gaping Hole of DOOM”.

CIA hackers discussed what the NSA’s “Equation Group” hackers did wrong and how the CIA’s malware makers could avoid similar exposure.


The CIA’s Engineering Development Group (EDG) management system contains around 500 different projects (only some of which are documented by “Year Zero”) each with their own sub-projects, malware and hacker tools.

The majority of these projects relate to tools that are used for penetration, infestation (“implanting”), control, and exfiltration.

Another branch of development focuses on the development and operation of Listening Posts (LP) and Command and Control (C2) systems used to communicate with and control CIA implants; special projects are used to target specific hardware from routers to smart TVs.

Some example projects are described below, but see the table of contents for the full list of projects described by WikiLeaks’ “Year Zero”.


The CIA’s hand crafted hacking techniques pose a problem for the agency. Each technique it has created forms a “fingerprint” that can be used by forensic investigators to attribute multiple different attacks to the same entity.

This is analogous to finding the same distinctive knife wound on multiple separate murder victims. The unique wounding style creates suspicion that a single murderer is responsible. As soon one murder in the set is solved then the other murders also find likely attribution.

The CIA’s Remote Devices Branch‘s UMBRAGE group collects and maintains a substantial library of attack techniques ‘stolen’ from malware produced in other states including the Russian Federation.

With UMBRAGE and related projects the CIA cannot only increase its total number of attack types but also misdirect attribution by leaving behind the “fingerprints” of the groups that the attack techniques were stolen from.

UMBRAGE components cover keyloggers, password collection, webcam capture, data destruction, persistence, privilege escalation, stealth, anti-virus (PSP) avoidance and survey techniques.

Fine Dining

Fine Dining comes with a standardized questionnaire i.e menu that CIA case officers fill out. The questionnaire is used by the agency’s OSB (Operational Support Branch) to transform the requests of case officers into technical requirements for hacking attacks (typically “exfiltrating” information from computer systems) for specific operations. The questionnaire allows the OSB to identify how to adapt existing tools for the operation, and communicate this to CIA malware configuration staff. The OSB functions as the interface between CIA operational staff and the relevant technical support staff.

Among the list of possible targets of the collection are ‘Asset’, ‘Liason Asset’, ‘System Administrator’, ‘Foreign Information Operations’, ‘Foreign Intelligence Agencies’ and ‘Foreign Government Entities’. Notably absent is any reference to extremists or transnational criminals. The ‘Case Officer’ is also asked to specify the environment of the target like the type of computer, operating system used, Internet connectivity and installed anti-virus utilities (PSPs) as well as a list of file types to be exfiltrated like Office documents, audio, video, images or custom file types. The ‘menu’ also asks for information if recurring access to the target is possible and how long unobserved access to the computer can be maintained. This information is used by the CIA’s ‘JQJIMPROVISE’ software (see below) to configure a set of CIA malware suited to the specific needs of an operation.


‘Improvise’ is a toolset for configuration, post-processing, payload setup and execution vector selection for survey/exfiltration tools supporting all major operating systems like Windows (Bartender), MacOS (JukeBox) and Linux (DanceFloor). Its configuration utilities like Margarita allows the NOC (Network Operation Center) to customize tools based on requirements from ‘Fine Dining’ questionairies.


HIVE is a multi-platform CIA malware suite and its associated control software. The project provides customizable implants for Windows, Solaris, MikroTik (used in internet routers) and Linux platforms and a Listening Post (LP)/Command and Control (C2) infrastructure to communicate with these implants.

The implants are configured to communicate via HTTPS with the webserver of a cover domain; each operation utilizing these implants has a separate cover domain and the infrastructure can handle any number of cover domains.

Each cover domain resolves to an IP address that is located at a commercial VPS (Virtual Private Server) provider. The public-facing server forwards all incoming traffic via a VPN to a ‘Blot’ server that handles actual connection requests from clients. It is setup for optional SSL client authentication: if a client sends a valid client certificate (only implants can do that), the connection is forwarded to the ‘Honeycomb’ toolserver that communicates with the implant; if a valid certificate is missing (which is the case if someone tries to open the cover domain website by accident), the traffic is forwarded to a cover server that delivers an unsuspicious looking website.

The Honeycomb toolserver receives exfiltrated information from the implant; an operator can also task the implant to execute jobs on the target computer, so the toolserver acts as a C2 (command and control) server for the implant.

Similar functionality (though limited to Windows) is provided by the RickBobby project.

See the classified user and developer guides for HIVE.

Frequently Asked Questions

Why now?

WikiLeaks published as soon as its verification and analysis were ready.

In Febuary the Trump administration has issued an Executive Order calling for a “Cyberwar” review to be prepared within 30 days.

While the review increases the timeliness and relevance of the publication it did not play a role in setting the publication date.


Names, email addresses and external IP addresses have been redacted in the released pages (70,875 redactions in total) until further analysis is complete.

  1. Over-redaction: Some items may have been redacted that are not employees, contractors, targets or otherwise related to the agency, but are, for example, authors of documentation for otherwise public projects that are used by the agency.
  2. Identity vs. person: the redacted names are replaced by user IDs (numbers) to allow readers to assign multiple pages to a single author. Given the redaction process used a single person may be represented by more than one assigned identifier but no identifier refers to more than one real person.
  3. Archive attachments (zip, tar.gz, …) are replaced with a PDF listing all the file names in the archive. As the archive content is assessed it may be made available; until then the archive is redacted.
  4. Attachments with other binary content are replaced by a hex dump of the content to prevent accidental invocation of binaries that may have been infected with weaponized CIA malware. As the content is assessed it may be made available; until then the content is redacted.
  5. The tens of thousands of routable IP addresses references (including more than 22 thousand within the United States) that correspond to possible targets, CIA covert listening post servers, intermediary and test systems, are redacted for further exclusive investigation.
  6. Binary files of non-public origin are only available as dumps to prevent accidental invocation of CIA malware infected binaries.

Organizational Chart

The organizational chart corresponds to the material published by WikiLeaks so far.

Since the organizational structure of the CIA below the level of Directorates is not public, the placement of the EDG and its branches within the org chart of the agency is reconstructed from information contained in the documents released so far. It is intended to be used as a rough outline of the internal organization; please be aware that the reconstructed org chart is incomplete and that internal reorganizations occur frequently.

Wiki pages

“Year Zero” contains 7818 web pages with 943 attachments from the internal development groupware. The software used for this purpose is called Confluence, a proprietary software from Atlassian. Webpages in this system (like in Wikipedia) have a version history that can provide interesting insights on how a document evolved over time; the 7818 documents include these page histories for 1136 latest versions.

The order of named pages within each level is determined by date (oldest first). Page content is not present if it was originally dynamically created by the Confluence software (as indicated on the re-constructed page).

What time period is covered?

The years 2013 to 2016. The sort order of the pages within each level is determined by date (oldest first).

WikiLeaks has obtained the CIA’s creation/last modification date for each page but these do not yet appear for technical reasons. Usually the date can be discerned or approximated from the content and the page order. If it is critical to know the exact time/date contact WikiLeaks.

What is “Vault 7”

“Vault 7” is a substantial collection of material about CIA activities obtained by WikiLeaks.

When was each part of “Vault 7” obtained?

Part one was obtained recently and covers through 2016. Details on the other parts will be available at the time of publication.

Is each part of “Vault 7” from a different source?

Details on the other parts will be available at the time of publication.

What is the total size of “Vault 7”?

The series is the largest intelligence publication in history.

How did WikiLeaks obtain each part of “Vault 7”?

Sources trust WikiLeaks to not reveal information that might help identify them.

Isn’t WikiLeaks worried that the CIA will act against its staff to stop the series?

No. That would be certainly counter-productive.

Has WikiLeaks already ‘mined’ all the best stories?

No. WikiLeaks has intentionally not written up hundreds of impactful stories to encourage others to find them and so create expertise in the area for subsequent parts in the series. They’re there. Look. Those who demonstrate journalistic excellence may be considered for early access to future parts.

Won’t other journalists find all the best stories before me?

Unlikely. There are very considerably more stories than there are journalists or academics who are in a position to write them.

Comments »

Last Night On Tucker: House Intel Committee Member Jim Himes (D-CT) Justifies Spying On Trump Campaign

Last night, Tucker Carlson debated a rapidly blinking Rep. Jim Himes (D-CT) – a member of the House Intelligence Committee, on claims that former President Obama ordered a wiretap of Donald Trump’s administration during the election. Tucker went into the interview giving Himes the respect of an unfurrowed brow, which did not last long. While the entire interview was an insightful sparring match (entire interview here), a particularly interesting moment came when Himes effectively laid out the legal mechanism which would justify spying on members of Trump’s campaign, including incoming NSA director Mike Flynn – the fruits of which led acting Attorney General (and Obama appointee) Sally Yates warning the Trump administration that Flynn had not been truthful about his conversations with Russia, and could possibly be blackmailed. This knowledge, and the leak of the story leading up to Flynn’s eventual resignation, could only have been obtained through covert surveillance.

In a response to Tucker – Himes suggested that since it’s routine for US Intelligence to monitor foreigners “like the Russian ambassador” who will sometimes “be talking to US persons,” it’s reasonable to expect that in the normal course of surveillance of foreigners, Americans might be monitored as well.

Quite frankly this was weak sauce considering the known scope and use of said surveillance as political weapons – leaked to various news organizations and spun into half-truths and wild accusations in an attempt to delegitimize Donald Trump. At the end of this political rabbit hole, the FBI, NSA, and the CIA have all said that there was no evidence of collusion between the Trump campaign and the Russians.

On the topic of surveillance:

The Tucker interview goes hand in hand with a well reasoned series of tweets made over the weekend by Michael Doran – Senior Fellow at the Hudson Institute and an expert on international politics of the Middle East. Doran laid out quite an interesting scenario – suggesting that while Trump’s phone may not have specifically been targeted, the Intel community may have indirectly targeted him similar to a “dolphin “accidentally” caught in a tuna net.” (#15 in the list below). Doran also summed his tweets up in a WSJ article:

In mid-January both the BBC and McClatchy reported that on Oct. 15 a Foreign Intelligence Surveillance Act court approved an investigation into Russian activities in the U.S. that focused on nameless Trump associates—three of them, according to the BBC. Also in mid-January, the New York Times reported on “a broad investigation into possible links between Russian officials and associates of [Mr.] Trump.”

Stipulating that they were, the government would find itself monitoring all of Mr. Trump’s calls with one of his political advisers, his lawyer and his national security adviser. Transcripts of those intercepts would be available to the Obama administration’s senior national-security officials. In this scenario, the tapping of Mr. Trump’s calls would be extensive –WSJ

Below is the first tweet in case you want to jump over to Twitter and follow along – or scroll down and keep reading:

  1. Why I Take Trump’s Claims of Wiretapping Seriously: An Essay in 30 Tweets
  2. All you bright bulbs say that Trump’s claim that Obama tapped his phone is “baseless.”
  3. He got the idea, you snicker, from an old Breitbart article—or from talk radio. Ha ha ha ha!
  4. I really do wish Trump hadn’t used a tweet storm to make his accusation. It’s grave & deserves a more solemn & judicious presentation.
  5. And I don’t know whether he’ll succeed in backing it up. But I bet he does, at least so as to win the political argument—and here’s why.
  6. You bright bulbs point to Clapper’s statement and coo, “No wiretapping of Trump took place!”
  7. This, however, is an overly literal interpretation of “wiretapping Trump.”
  8. The BBC reports that on 15 Oct a FISA court approved an investigation focusing on 3 Trump associates:
  9. Let’s speculate that this investigation allowed the NSA to monitor all calls of all 3 individuals.
  10. This allows us to build a scenario in which both Trump’s harsh accusation & Clapper’s categorical denial are true.
  11. Who might the 3 under investigation be? Candidate #1 would be Roger Stone, Trump’s informal political advisor:
  12. My 2nd candidate: Michael Cohen, Trump’s lawyer, who helped generate a pro-Russian peace plan for Ukraine.
  13. 3rd on my list: General Mike Flynn, who unwisely took money from the Russian government in 2015.
  14. All 3 had some connection or another w/Russia, so a request for a national security wiretap on them is a plausible possibility.
  15. As a result, Trump’s calls w/his pol advisor, lawyer, & Natsec advisor would be monitored. That’s many calls covering a lot of ground!
  16. Yet Clapper’s denial stands, b/c Trump’s phone wasn’t explicitly targeted. He was just a dolphin “accidentally” caught in a tuna net.
  17. You bright bulbs’ll stand your ground on the technical claim that Trump’s phone wasn’t tapped, but politically it’s a losing argument.
  18. And you’ll also say, “A cardinal rule of the Obama admin” was to leave FISA requests to the DOJ:
  19. Leave them to Loretta Lynch, you say? Someone about as divorced from politics as this video would suggest:
  20. Come on. It’s easy to imagine Obama winking & nodding to Lynch, or sending a trusted friend to whisper a few thoughts in her ear.
  21. “You have no evidence to back up that scurrilous claim!” you will scream.
  22. To which I must confess, you’re absolutely right. I don’t. I’m totally speculating. Point to you!
  23. And while I’m in retreat, let me also concede that Lynch’s meeting w/Bill Clinton was accidental & innocuous.
  24. But Trump still wins before the court of public opinion, b/c you just admitted 3 key things:
  25. (A) That Loretta Lynch got the NSA to tap hours and hours of Trump’s calls.
  26. (B) That she did so just 3 weeks before the election! And (C) That her “natsec investigation” turned up zero, zilch, nada & niente.
  27. But meanwhile, it “accidentally” generated copious leaks fueling the sinister accusation that Trump is Putin’s Manchurian candidate.
  28. I predict that if a Lynch “investigation” anything like this scenario did in fact occur, fair-minded people will side with Trump.
  29. Rachel Maddow will love your arguments, but they will only convince registered Dems, and not even all of them.
  30. This scenario is speculative. We don’t know the facts. They might yet prove you right. But the ground you’re on is weaker than you know.

Comments »

WikiLeaks Tweets Encrypted Torrent File – Set To Publish Password Tuesday (3/7/2017) At 9AM EST

It’s happening?

WikiLeaks just tweeted a torrent file after weeks of cryptic messages which many have interpreted to be an ultimatum to the deep state that they release files related to 9/11 and/or Hillary Clinton. Earlier this week, the FBI released a 42 page PDF entitled “Hillary R. Clinton Part 07 of 07” which contained several references to the “7th floor” (deep state), as well as the fact that the FBI was never meant to handle a case this large. Perhaps the release wasn’t exactly what Wikileaks wanted? Either way, looks like they’re set to release the password Tuesday at 9AM EST.

Perhaps a Costco run is in order?

Comments »

Washington Post Employee Arrested For Impersonating ICE Agent – Weapons And Tactical Gear Recovered At Home

Washington Post employee Itai Ozderman, 35, was arrested after his Gaithersburg, MD home was raided by Montgomery County Police on February 22nd at around 6 a.m, according to court documents. Ozderman is charged with impersonating an ICE officer on several occasions throughout Falls Church, VA.

When the warrant was served on Feb. 22 at Ozderman’s home in the 100 block of Elmira Lane, court documents say 10 weapons, including handguns, assault rifles, and a shotgun, were recovered.

Sources tell ABC7’s Kevin Lewis that Ozderman impersonated an ICE officer throughout Falls Church, Va. on more than one occasion. According to sources, Ozderman would ‘patrol’ while wearing a bullet proof vest with an ICE placard and a Baltimore County police badge. WJLA

Ozderman, an I.T. engineer at the Washington Post, is currently out on bond. No word on whether this alleged #FakeAgent is still employed with one of the original MSM outlets responsible for the term #FakeNews permeating the public lexicon.

Comments »

Mark Levin To CNN Mega-Choad Brian Stelter: You Are Thoroughly Dishonest

The unhinged left is in full damage control mode over the Obama wiretap scandal. We already know that the propagandists at CNN, MSNBC, WaPo, and their tentacle brethren across the MSM spectrum take marching orders from the left, so it comes as no surprise that the New York Times and CNN are madly scurrying to frame the wiretapping scandal as a “Conspiracy Theory.”

An aside: Did you know that the CIA invented the term in 1967 to discredit information outside the scope of the government’s carefully crafted narratives? It’s a form of propaganda – quite literally (as revealed in a 1976 FOIA request):

To employ propaganda assets to and refute the attacks of the critics. Book reviews and feature articles are particularly appropriate for this purpose. The unclassified attachments to this guidance should provide useful background material for passing to assets. Our ploy should point out, as applicable, that the critics are (I) wedded to theories adopted before the evidence was in, (II) politically interested, (III) financially interested, (IV) hasty and inaccurate in their research, or (V) infatuated with their own theories

Today’s propaganda is brought to you, once again, by the letters C.N.N. after radio host (and former Chief of Staff to Reagan’s Attorney General) Mark Levin laid out an exceedingly compelling argument that Obama employed “police state tactics” against Trump, which he expounded on in an interview with Fox News:

In propagandistic response, CNN’s deep state dick rider Brian Stelter penned a lame response, attempting to frame the whole thing as a conspiracy theory – and specifically calling out Mark Levin:

An incendiary idea first put forward by right-wing radio host Mark Levin is now burning across Washington, fanned by President Trump’s tweets and a huge number of supportive commentators and websites — even though the facts don’t back up the conclusion. MegaChoad

In response, Levin roasts the shit out of Stelter:


I simply put together the stories that YOUR profession reported, on the public record.  Do you deny there were two FISA applications?  Do you deny the first was turned down?  Do you deny the second was approved?  It’s called the Foreign Intelligence Surveillance Court.  It is about surveillance.  The fact that we cannot discern all the details because of the secrecy, except for what the media have revealed and selective leaks by the government, should cause you to want to know more, not to trash those who point it out.

(full text here)

Stelter – in response, issued a pithy tweet:

Let’s review who we’re dealing with:

Mark Levin:

Mark Reed Levin (/ləˈvɪn/; born September 21, 1957) is an American lawyer, author, and the host of syndicated radio show The Mark Levin Show. Levin worked in the administration of President Ronald Reagan and was a chief of staff for Attorney General Edwin Meese. He is president of the Landmark Legal Foundation, has authored six books, and contributes commentary to various media outlets such as National Review Online. On September 1, 2015, Levin was named Editor-in-Chief of Conservative Review.

Brian Stelter:

Brian Stelter (born September 3, 1985) is the senior media correspondent for CNN and the host of Reliable Sources. Previously he was a media reporter for The New York Times and the editor of TVNewser. Also a Gigantic choad.

Shall we review Mark Levin’s argument?

1. June 2016: FISA request. The Obama administration files a request with the Foreign Intelligence Surveillance Court (FISA) to monitor communications involving Donald Trump and several advisers. The request, uncharacteristically, is denied.

2. July: Russia joke. Wikileaks releases emails from the Democratic National Committee that show an effort to prevent Sen. Bernie Sanders (I-VT) from winning the presidential nomination. In a press conference, Donald Trump refers to Hillary Clinton’s own missing emails, joking: “Russia, if you’re listening, I hope you’re able to find the 30,000 e-mails that are missing.” That remark becomes the basis for accusations by Clinton and the media that Trump invited further hacking.

3. October: Podesta emails. In October, Wikileaks releases the emails of Clinton campaign chair John Podesta, rolling out batches every day until the election, creating new mini-scandals. The Clinton campaign blames Trump and the Russians.

4. October: FISA request. The Obama administration submits a new, narrow request to the FISA court, now focused on a computer server in Trump Tower suspected of links to Russian banks. No evidence is found — but the wiretaps continue, ostensibly for national security reasons, Andrew McCarthy at National Review later notes. The Obama administration is now monitoring an opposing presidential campaign using the high-tech surveillance powers of the federal intelligence services.

5. January 2017: Buzzfeed/CNN dossier. Buzzfeed releases, and CNN reports, a supposed intelligence “dossier” compiled by a foreign former spy. It purports to show continuous contact between Russia and the Trump campaign, and says that the Russians have compromising information about Trump. None of the allegations can be verified and some are proven false. Several media outlets claim that they had been aware of the dossier for months and that it had been circulating in Washington.

6. January: Obama expands NSA sharing. As Michael Walsh later notes, and as the New York Times reports, the outgoing Obama administration “expanded the power of the National Security Agency to share globally intercepted personal communications with the government’s 16 other intelligence agencies before applying privacy protections.” The new powers, and reduced protections, could make it easier for intelligence on private citizens to be circulated improperly or leaked.

7. January: Times report. The New York Times reports, on the eve of Inauguration Day, that several agencies — the Federal Bureau of Investigation (FBI), the Central Intelligence Agency (CIA), the National Security Agency (NSA) and the Treasury Department are monitoring several associates of the Trump campaign suspected of Russian ties. Other news outlets also report the exisentence of “a multiagency working group to coordinate investigations across the government,” though it is unclear how they found out, since the investigations would have been secret and involved classified information.

8. February: Mike Flynn scandal. Reports emerge that the FBI intercepted a conversation in 2016 between future National Security Adviser Michael Flynn — then a private citizen — and Russian Ambassador Sergey Kislyak. The intercept supposedly was part of routine spying on the ambassador, not monitoring of the Trump campaign. The FBI transcripts reportedly show the two discussing Obama’s newly-imposed sanctions on Russia, though Flynn earlier denied discussing them. Sally Yates, whom Trump would later fire as acting Attorney General for insubordination, is involved in the investigation. In the end, Flynn resigns over having misled Vice President Mike Pence (perhaps inadvertently) about the content of the conversation.

9. February: Times claims extensive Russian contacts. The New York Times cites “four current and former American officials” in reporting that the Trump campaign had “repeated contacts with senior Russian intelligence officials. The Trump campaign denies the claims — and the Times admits that there is “no evidence” of coordination between the campaign and the Russians. The White House and some congressional Republicans begin to raise questions about illegal intelligence leaks.

10. March: the Washington Post targets Jeff Sessions. The Washington Post reports that Attorney General Jeff Sessions had contact twice with the Russian ambassador during the campaign — once at a Heritage Foundation event and once at a meeting in Sessions’s Senate office. The Post suggests that the two meetings contradict Sessions’s testimony at his confirmation hearings that he had no contacts with the Russians, though in context (not presented by the Post) it was clear he meant in his capacity as a campaign surrogate, and that he was responding to claims in the “dossier” of ongoing contacts. The New York Times, in covering the story, adds that the Obama White House “rushed to preserve” intelligence related to alleged Russian links with the Trump campaign. By “preserve” it really means “disseminate”: officials spread evidence throughout other government agencies “to leave a clear trail of intelligence for government investigators” and perhaps the media as well.

Stelter’s piece is pissant yellow journalism, while Levin lays out a comprehensive timeline and a case for police state tactics. Can you spot the difference?

Comments »

Whoops! Deutsche Bank Needs 8 Billion Euros – Are They Raising Money Before EU Breaks Up?

Deutsche Bank ($DB) CEO John Cryan just can’t catch a break. After navigating the beleaguered bank through a $7.2 Billion toxic US mortgage settlement last December – contributing to a net loss of $2.1 Billion in Q4’16, and a $10 Billion Russian money-laundering settlement in January – it appeared that the bank’s troubles were behind them. Shares rallied back fiercely after hitting their lowest price in over 20 years last September over fears that the German government wouldn’t provide a bailout – should one be required, though it looks like the party may be over.

The bank just announced plans to raise 8 Billion Euros ($8.5 Billion USD) via special rights offering in order to shore up it’s core asset ratio – it’s fourth raise since 2010, and something which CEO John Cryan had previously declared a last resort. In total, they will have raised 30 billion Euros ($32 Billion USD) – more than their current market cap of $26.8 Billion (USD). Yikes. Shares fell almost 7% in early trading Monday

In a letter to employees, Cryan said everything’s under control (the plane is only missing a wing and a few engine bits):

We expect proceeds of around 8 billion euros from this. According to the future capital rules this would enable us to reach a core capital ratio of approximately 14 percent and remove a major source of uncertainty. That should make us significantly more attractive for our clients. -Source

How cool!

Deutsche is also walking back 2015 plans to spin off it’s Postbank subsidiary of retail banks – instead merging it with DB’s main private and commercial banking business, and they are re-integrating their market trading operations with corporate / investment banking.

Perhaps it’s best to raise money now while they still can – considering Marine Le Pen is currently leading the polls in the upcoming French election. If she wins, Frexit will happen – which means the European Central Bank safety net (which France and Germany primarily fund) will likely disintegrate, and EU member nations may be forced to revert to their pre-Euro currencies (notwithstanding desperate measures, such as a two-Euro system). Picture an old timey black and white movie where an obviously miniaturized set train derails. Perhaps this will be the price of returning to borders, language, and culture – as we all work through the new normal.

The Deutsche Bank announcement comes on the heels of Italy passing legislation in December to enable a nearly 9 Billion Euro state bailout of their largest bank – Monte dei Paschi, as opposed to reliance on the ECB.

Nothing to see here… just European banks trying to un-fuck themselves before they’re out of options.

Comments »

Based Stick Man AKA “Alt-Knight” Arrested – Sits In Exile While Antifa Scum Return To Mom’s Basement

You know why Batman is never arrested? Because he gets the fuck out of dodge before the cops show up. Based Stick Man, on the other hand, couldn’t sit idle while Berkeley cops did next to nothing all day as degenerate children maced old men and threw eggs at homeless advocates. As Antifa scum grew increasingly violent, one man – Based Stick Man, AKA the “Alt-Knight” AKA Spruce Wayne, whose real name is Kyle Chapman – whacked the shit out of a masked man-child.

Do you think it’s a coincidence that American flag is RIGHT in the shot? Fuck no – Kek willed this from the heavens. Unfortunately, the forces of evil have temporarily prevailed, and Stick Man was arrested for his gallantry:

A legal defense fund has been set up:

The legend of Stick Man has inspired quite a few works of art:

(click to enlarge)   



If you want more backstory as to how Stick Man emerged as a brainer of cucks – witness:

What’s next for the sticked crusader??

If it’s any consolation – Berkeley cops DID arrest at least one asshole – the green hat agitator from the pepper spray / egging incidents:

Comments »

NYT Mystery Source: Comey Asks DOJ To Reject Trump Wiretap Claims – Days After Comey Warns Over NYT Mystery Sources

FBI Director James Comey is an interesting guy. On one hand, it appears he’s spent the latter part of his career shilling for the Clintons; earning $6 Million dollars in one year as Lockheed’s top lawyer – the same year the egregiously overbudget F-35 manufacturer made a huge donation to the Clinton Foundation. Comey was also a board member at HSBC shortly after NY AG at the time Loretta “tarmac” Lynch let the Clinton Foundation partner slide with a slap on the wrist for laundering drug money. No joke.

Then there was the kangaroo court FBI investigation of Clinton’s private server – in which Comey recommended not prosecuting Hillary despite admitting horrendous breaches of protocol that would have landed any other Federal employee in prison. At that point in the timeline, democrats loved him!

But wait – mysteriously, Comey then went seemingly rogue; re-opening the investigation into Hillary’s private server a week and a half before the election, only to find no wrongdoing the day before polls opened. The Clinton camp has openly blamed Comey for contributing to Hillary’s loss – though they haven’t clarified if he’s ever spoken with a Russian ambassador, or where Comey’s actions rank in the whole blame game.

So – I don’t really know what to make of James Comey. His historical shilling for the Clintons and the establishment are at direct odds with the FBI’s investigative merry-go-round against Hillary – which has been blamed for doing serious harm to Hillary’s campaign. What we do know is that Trey Gowdy was in a meeting with Comey last week, in which the FBI director said not to trust anonymous sources from the NY Times and the Washington Post:

So, color me skeptical at today’s New York Times piece quoting anonymous sources who claim James Comey has asked the Department of Justice to publicly refute Trump’s assertions that Obama tapped his phones.

WASHINGTON — The F.B.I. director, James B. Comey, asked the Justice Department this weekend to publicly reject President Trump’s assertion that President Barack Obama ordered the tapping of Mr. Trump’s phones, senior American officials said on Sunday.

I’m not even going to link to the article. NYT is #FakeNews, and this looks like damage control.

Also, if we’re going to quote anonymous sources willy nilly, I see your Comey insider and raise you a mousey liberal journalist with an Obama White House insider who says that the wiretaps totally happened:

Plus, Brett “Bitchslapper” Baier cornering Paul Ryan with news of the wiretap – which Ryan didn’t refute:

NOW I’m hearing whispers from EXTRA anonymous sources that Loretta Lynch and the DOJ may have ordered the wiretaps – not Obama; which makes the whole clandestine Bill Clinton tarmac meeting all the more shady looking:

At this point, if Loretta Lynch actually ordered the wiretaps, are we to honestly believe that it wasn’t at the behest of Obama? And if not – if Lynch’s DOJ tapped the Trump campaign at the request of the Clintons, it’s an entirely different kettle of fish. I imagine that a Presidential candidate co-opting the United States Department of Justice into covertly monitoring their opponent might be a big no-no.

As always, developing…

Comments »

Was 11th Hour Obama DOJ Succession Swap An Attempted Hit-Job Over Russian Interference Probe?

A curious thing happened Seven days before Obama left the White House. No, not a shady arms deal with Kenya – that happened on Barry Hussein’s last day. I’m talking about a major change in the order of succession at the DOJ in the event Jeff Sessions recused himself from the Russia investigation. Instead of Acting Deputy Attorney General Dana Boente who would have ordinarily take over, Obama, without explanation, changed the law to skip over the Deputy AG position – instead providing his own list of U.S. Attorneys to take the case.

The man Obama placed at the head of the line of succession is D.C.’s U.S. Attorney Channing Phillips, who is quite cozy with President Obama and his attorney general, Eric Holder. He is a former senior adviser to Holder, and he stayed on to work under Obama’s next AG Loretta Lynch before Obama appointed Phillips D.C.’s U.S. attorney in 2015. Weekly Standard

Perhaps Obama assumed Sessions would ultimately have to recuse himself due to his involvement in the campaign? Or maybe the former President knew in advance about this witch hunt over Sessions and the Russian Ambassador. It was also a safe bet for Obama to assume that Trump wouldn’t keep Boente around after the election (which he isn’t, as Trump has appointed US Attorney Rod J. Rosenstein to the position – with his confirmation hearing next week).

Did Obama think the Trump administration wouldn’t notice? Whatever the case, Trump signed an Executive Order restoring the line of succession.

Comments »