>Teixeira used his real name and home address in North Dighton, Massachusetts, for the billing information associated with his Discord account, according to the affidavit.
Alternatively, the “leak” is a controlled disclosure of realistic misinformation.
The “leaker”‘s real life identity then “goes to jail” for 30 years and they work for the government in clandestine services under a new identity. This tactic confuses the enemy, and has the side benefit of scaring your own into being more careful with real classified docs.
If I was unethical enough to work for the security apparatus, the above is definitely something I would do.
I was thinking like that too. Many many "leaks" are intentional.
For this one to work, you would have to convince the Russian secret services, a pretty high bar. Usually, leaks just have to pass a sniff test, or not even that, people can just glance over the factual basis for the leak if it's convenient for their world view (e.g. FBI leaking photos from Trump's raid)
The vast majority of intelligence assets are analysts or sigint, not James Bond-ish operators who can discard identities and their family/friend/etc like a Scooby Doo mask. This is not a plausible thing.
Yeah, what they actually did was probably follow WaPo's investigation, which found and publicly announced who it was first, and worked back from that very quickly.
Good. I am actively working on the front lines of the Ukraine war in a humanitarian capacity.[1]
The danger posed to civilians and soldiers by stolen intelligence is real, and the cavalier sharing of such documents without regard to the consequences is, and should be, a serious crime punishable to the fullest extent of the law.
Someone on NPR mentioned that it included locations running low on ammo in Ukraine, and they were discussing how this wasn’t good timing for an upcoming spring offensive.
uff, that's big if true, it could jeopardize the entire plan. But then again, Ukraine has been saying only 5 people know of the true plan, so maybe it won't matter (surely more people know which depos are running low).
Do you have other charity or non-profit recommendations aside from your own personal one? Only asking because I have no measure[1] of how effective yours has been, and I figure in your capacity, you likely don't mind who the intermediary is just so long as it gets to the right place.
Yes, we're only a year old, and haven't even filed our first tax return yet!
The key with us is that we're not an intermediary, we do the sourcing and delivering of aid ourselves. We're one of the few that do -- most NGOs you would have heard of outsource their deliveries to us.
Obviously, I think we're incredibly effective, and if you'd like to hear more details, I'd love to share: shoot me an email brian [at] ukraineaidinternational.org
There's give and take here. For example, we see that US, UK and other NATO countries have their constituent special forces on the ground in Ukraine. For the United States this requires a literal act of Congress if US troops are on the ground for more than 30 days.
This is at a minimum an indictable offense by a sitting US president, though it is not without precedent.
Journalists have a responsibility to make sure people are not killed (including their own colleagues who might be there) as a result of their reporting.
But previously with the Snowden and Manning leaks, journalists still published the leaked docs (with selective redactions for truly sensitive content). In this case, I've not seen any actual docs linked or published, even though they claim "they're on Twitter"
I’ve seen ~40 images of realistic looking gov docs on 4chan and Twitter back when this broke. Most of it was pretty boring stuff, and indicated Ukraine has a lot more hardware than Russia in-theater.
I do wonder how does a national guard “intelligence” grunt have access to decisive foreign intelligence. Maybe the docs they have access to are fuzzed/not that secret.
NY Post used one of the leaked images as illustration for their article (this one was available on 4chan for a couple of days, so not as sensitive as others it seems):
From a quick skim of that (and also some other coverage), my first two impressions:
- This kid's emotional age is too low to justify anything resembling the the security clearance that he seems to have had.
- Sending the FBI's "special forces" and armored car out to pick up this kid was a stupid machismo waste of resources. Two grannies and a golf cart would have been more than enough to do the job.
Maybe I'm too old, or hang with the wrong crowds - but my sense is that that "very clear message" only works within a certain narrow, violent, and machismo mindset. Outside of that mindset - it sends quite different messages, most of which are counterproductive.
Any chance that you've seen an action movie or two in which a lone hero was hauled off by a whole gang of big, tough bad guys?
If you post top secret documents to a discord server, that's a leak. That's a leak even if everyone else on the server is cleared for top secret or even if no-one other than you is on the discord server.
Should I be surprised that a 21-year-old member of the Massachusetts Air National Guard, in the intelligence wing, had access to these sort of documents? Or is this expected? Was this part of a larger organizational failure, or just one man's betrayal?
As someone who works in a MUCH smaller organization that deals with 'sensitive' data, it is extremely difficult to maintain the policy of least privilege.
The system almost can not be maintained from the outside, because administrators don't see every individual document, and not all sensitive forms of data can be targeted by automation/scanners. This means the actual people doing the business processes with the data must take personal responsibly for keeping it properly maintained. And aside from that nebulous property of 'personal responsibility' they must also have an accurate ability to classify it.
Aside from that, workers who deal with the data have a bunch of conflicting incentives, like working with people in other teams, working efficiently, and maintaining the policy of least privilege.
The problems I've seen dealing with keeping information secure in a small environment make me feel like it'd actually be impossible to do at the scale of The US Government.
So yeah, my money is on 'organizational failure' but also 'inherent complexity'
Apparently he was a network tech for the classified network. The real scandal here is there weren’t alarm bells ringing somewhere that a low level network tech was printing and viewing top secret documents.
I do think it’s kind of odd that we, as a country, have decided people are not mentally mature enough to use alcohol or tobacco and yet we’re apparently willing to just hand these junior adults stacks and stacks of sensitive intelligence information. I’m not saying he shouldn’t be held responsible for his actions but I do think part of the blame is also on the system that allowed him access.
Anyone who has been in their early 20s knows the false sense of invincibility that comes with finally being an adult. The simple fact that he did this (and apparently just to impress a chat room of teenagers? yikes!) tells me he lacked the emotional maturity to understand what was being asked/expected of him. And since the leak doesn’t appear to be malicious or “whistleblower” in nature it seems he totally and completely failed to understand the consequences of his actions.
All kinds of sensitive military operations are conducted by 21-year-olds, such as nuclear missile maintenance and readiness:
> "The film starts in September 1980, when a 21-year-old missile technician named Dave Powell dropped the socket from a socket-wrench... When the socket fell, it plunged 70 feet to pierce the side of the Titan II missile. The puncture released pressurized rocket fuel and set off a chaotic series of events and decisions that highlighted a chain of command ill-prepared to deal with disaster."
Chelsea Manning was 20 years old and had full access to State Department cables and secret military video, for comparison. The military aims recruiting heavily towards teenagers, incidentally, for various reasons.
Older people with more independent thinking might be even more willing to leak data about government incompetence, criminal activity, reckless stupidity and so on.
What I think the source of surprise with is not primarily his age as such, but that he is a relatively junior service member in a role with no obvious connection to the material.
A more senior person with broad but not obviously connected scope of responsibility, or a similarly junior person with an obviously-related role, would be less surprising.
Those leaks are a proof that agencies can't or unwilling to protect the data they are collecting. If even crucial war information isn't really protected you can imagine the lack of protection for less important data.
Most of the last big leaks came from contractors or minor ranks with access.
Yup I was agreeing with you. It's interesting that in this sense scale harms the objective. As you increase the apparatus of the intelligence machine, you inevitably reduce its ability to be genuinely clandestine just because you have to allow more and more people behind the curtain.
As one of the Twitter replies points out (https://twitter.com/dirtturd/status/1646618532950450176), there's no way that the pattern on the granite countertop is actually a match, given that in the Instagram photo the match is on the edge of the counter - whereas in the leak, the match is clearly not on the edge of the counter. The floor is also an entirely different color in the leaks v. the Instagram photo.
Someone else then raised the point of "well maybe there are duplicate splotches", in which case there would surely be duplicates across many countertops in many homes - probably one with a floor color that actually matches the one shown in the leaks.
A couple other folks in that thread seem to assume "well the splotch sample was clearly rotated so the paper could've been on the counter", in which case you'd think some of the leak photos would've shown the edge on which the splotch exists and would've shown more matching splotches. Still flimsy, at best.
Assuming the suspect really is guilty, I highly doubt this was how the suspect got caught; it reeks of parallel construction. If this is really the only evidence anyone has of the suspect's guilt, then a conviction in spite of the "evidence" being blatantly non-evidence would be yet another damning condemnation of my country's already-damningly-condemned "justice" system.
This is the sort of crowd-sourced investigative thinking like when Reddit "Got The Boston Bomber"[1]. Investigators aren't looking at patterns on granite countertops or splotches etc as primary evidence. They may well use that to confirm something but that's not the way the found the guy.
They will have found him because the photo was geotagged to his house, or he's on Discord - his personal credit card has probably paid for nitro or the account is linked to his personal phone for 2fa or something. Everyone on the internet goes full CSI but most of the ways people get caught are really mundane.
> This is the sort of crowd-sourced investigative thinking like when Reddit "Got The Boston Bomber"
It's the literal opposite (suggesting someone's innocence instead of someone's guilt), but sure.
> They will have found him because the photo was geotagged to his house, or he's on Discord - his personal credit card has probably paid for nitro or the account is linked to his personal phone for 2fa or something.
Then you'd think they would've mentioned that instead of fixating on some splotch in a granite countertop as if it actually proves anything.
That tweet is from a journalist, not a member of the investigative team which arrested him.
Just as an example, the NYT/Bellingcat couldn't get a court order to get discord to reveal the credit card details a given account used to pay for nitro (in my example of a possible way he could have been caught) and then a order to get the card issuer to reveal the billing address of the card. But the FBI for sure could.
1. Someone else on his discord server cooperated with the case agent
2. He switched from posting as plaintext to posting photos because he thought he would get into trouble transcribing at work. THe photos were the ones the Bellingcat journalist deduced as being taken in his parent's kitchen.
3. The FBI had already identified him. He was using his primary discord account, had told other people on discord, his first name, that he lived in Massachusetts and worked for Air National Guard. Even with a common first name that is going to narrow the list a lot.
4. He repeatedly searched the word "leak" from his work computer, which was logged and led to an FBI alert from his work infosec monitoring.
> The claim isn’t that this is how he was caught, but that it was a breakthrough—an important turning point—in the investigation.
I expect most people would even misunderstand that description. While this may have been a breakthrough in "a investigation", is not claimed to have been such in "the investigation". Is expect most people to interpret "the investigation" as talking about the law enforcement investigation into this while the Twitter post is a journalist talking about "our investigation" (presumably that of the organization he works for).
Then you can present the other pieces of evidence made public at your leisure. I don't doubt they exist - but this granite splotch is so far the only one actually presented by anyone.
The FBI isn't posting all of the evidence on twitter, because it'll be presented in a court room. The legal system is always slower than speculation by journalists.
> given that in the Instagram photo the match is on the edge of the counter - whereas in the leak, the match is clearly not on the edge of the counter.
This was my first thought as well, but your comment made me go back and look again. And actually, I find it more convincing now. You can see a line from the floor just below to the right of the marking.
Also, I think the Twitter poster you're linking doesn't understand that the photo was taken from the opposite angle and the marking was thus rotated to match, putting the paper directly on the counter at the edge and consistent with the leaked document photo.
> You can see a line from the floor just below to the right of the marking.
I can't see any such line in the leak version of the splotch - whereas you can see the shadowing from the edge of the counter in the Instagram version. It's readily apparent that this is not the same splotch - even (especially) after (as I mention above) rotating the splotch to line it up in both versions.
The line is very clear, it's on the right side just below the orange circle. I found it difficult to understand the geometry of how it could be there given that the table appears to extend to the right just under that line. But you can set the edge and it's not actually the table extending, instead that is likely catching a bit of a camo jacket like you can see in the Instagram post sitting on a chair in just that location.
> The line is very clear, it's on the right side just below the orange circle.
The only lines I'm seeing in the leak photo are other granite splotches; there's nothing indicating that it's a table edge or a camo jacket or anything else.
The Tweet doesn't do a good job, but in the New York Times article, you can see that at least one of the document photos is at the edge of the counter and also shows the tile floor:
I have never seen so much paranoia and conspiratorial thinking from Hacker news than with this story unfolding. Many comments saying "it can't be this easy and dumb, can it?" Ask any government worker who works in classified spaces, and the answer is overwhelmingly yes.
I bet any documents relating to planning for the Nordstream pipeline explosion were a lot more carefully controlled. These war planning documents were clearly distributed to a much wider audience, so leaks become much more likely.
It does also point towards a certain degree of disillusionment within military circles, the rank and file ar probably not thrilled about the idea of being sent overseas for another Iraq/Afghanistan style disaster, only in eastern Europe this time.
Please don't talk about hypothetical conspiracies as though they are fact on here. The rest of the Internet has enough of that.
We don't have any evidence around your claims other than speculation and that's not the point of this forum (in fact, the Discord where these docs were leaked seems like the exact kind of place for that comment).
People who haven’t worked in areas with classified/sensitive information don’t seem to appreciate that once you have the appropriate clearances, you’re considered trustworthy.
You are treated as one of the gang, and people will often willingly share information with you that may even fall outside of what you need to know.
If someone is motivated to then collect/disseminate that information, it is exceedingly simple. It is always going to be difficult to stop these sorts of leaks.
I mean, I watched a reality TV/gameshow host run the executive branch for 4 years, culminating in a press conference at The Four Seasons Landscaping. I don't know who expects competence from the federal government anymore, but it isn't me.
The thing about something like this is that there are always individuals who will seek gain from classified access for themselves. The US has a singular focus on financial gain, but mental evaluation needs to be a more clear part to this.
The problem is "clout" seekers are all over the military. Have a conversation with a person in a highly selective field in the military and you'll find a crazy high amount of capable narcissists and God complex egos to go around.
This is why I'm saying to a degree this isn't a surprise to people in the IC.
It's probably a parallel construction. They might have found him using other sources or methods which they might not want to reveal. The should already be embarrassed some 20 year old kid had access to all this stuff, so any further embarrassment would be nice to avoid.
Once they had him, they sifted through the stuff until they found some plausible confirmation and the pattern just looked a fun enough one for the media to report on.
It's actually pretty common for folks in their 20s to have access to this within government work. Getting a clearance isn't particularly hard, so long as you have a job that sponsors you. That would include military work
I can see having access to information about some particular technology they may be using in the military. But he was working as a network administrator or tech support of some sort. It's odd they'd have someone who isn't trusted enough to rent a car or buy a drink in most state to get close to that high level of intelligence.
Yeah, but that's the same disparity that makes it illegal for a soldier to buy alcohol, but perfectly acceptable to hand them an assault weapon and put them in a war zone.
Network admins generally require a higher level of clearance since they have lower level access to systems that are harder to apply access controls to
The title is an editorialization: no government source (to my knowledge) has claimed that the IG photo was used to find the leaker, only that it served as a piece of data singling this suspect out among several. It’s much more likely that other, officially undisclosed, evidence led them to the suspect in the first place.
Thanks for noting that. I've updated the title since so many people (not unreasonably) seemed to jump to the inclusion that "investigators" meant "police".
You are calling the public relations arm of intelligence services that publishes “accidentally found public information” leaks like a shower an entity independent from government.
I'm surprised they don't do (steganography-style) watermarking when a TS doc is printed. Put random little dots on the page just like they do on currency bills. Color them in a manner that it looks like imperfections on the paper.
Or change the spacing between words ever so slightly.
95 comments
[ 5.3 ms ] story [ 188 ms ] thread(CNN live blog https://news.ycombinator.com/item?id=35570705)
The “leaker”‘s real life identity then “goes to jail” for 30 years and they work for the government in clandestine services under a new identity. This tactic confuses the enemy, and has the side benefit of scaring your own into being more careful with real classified docs.
If I was unethical enough to work for the security apparatus, the above is definitely something I would do.
For this one to work, you would have to convince the Russian secret services, a pretty high bar. Usually, leaks just have to pass a sniff test, or not even that, people can just glance over the factual basis for the leak if it's convenient for their world view (e.g. FBI leaking photos from Trump's raid)
(This is mostly a joke, but...)
The danger posed to civilians and soldiers by stolen intelligence is real, and the cavalier sharing of such documents without regard to the consequences is, and should be, a serious crime punishable to the fullest extent of the law.
[1]https://ukraineaidinternational.org
Lamest “leak” of all time tbh.
[1] https://www.charitynavigator.org/ein/881848788
The key with us is that we're not an intermediary, we do the sourcing and delivering of aid ourselves. We're one of the few that do -- most NGOs you would have heard of outsource their deliveries to us.
Obviously, I think we're incredibly effective, and if you'd like to hear more details, I'd love to share: shoot me an email brian [at] ukraineaidinternational.org
This is at a minimum an indictable offense by a sitting US president, though it is not without precedent.
It seems lots of journalists have them, and none of the public.
And none of the journalists will just publish the actual complete documents.
Seems pretty suspect.
https://nypost.com/2023/04/14/jack-teixeira-made-frantic-fin...
- This kid's emotional age is too low to justify anything resembling the the security clearance that he seems to have had.
- Sending the FBI's "special forces" and armored car out to pick up this kid was a stupid machismo waste of resources. Two grannies and a golf cart would have been more than enough to do the job.
Is it disproportionate to the threat? Absolutely. But that’s not why it’s done.
Any chance that you've seen an action movie or two in which a lone hero was hauled off by a whole gang of big, tough bad guys?
And for what it's worth, they were about role-playing games, which limits their impact even if they are bona fide :)
The system almost can not be maintained from the outside, because administrators don't see every individual document, and not all sensitive forms of data can be targeted by automation/scanners. This means the actual people doing the business processes with the data must take personal responsibly for keeping it properly maintained. And aside from that nebulous property of 'personal responsibility' they must also have an accurate ability to classify it.
Aside from that, workers who deal with the data have a bunch of conflicting incentives, like working with people in other teams, working efficiently, and maintaining the policy of least privilege.
The problems I've seen dealing with keeping information secure in a small environment make me feel like it'd actually be impossible to do at the scale of The US Government.
So yeah, my money is on 'organizational failure' but also 'inherent complexity'
Anyone who has been in their early 20s knows the false sense of invincibility that comes with finally being an adult. The simple fact that he did this (and apparently just to impress a chat room of teenagers? yikes!) tells me he lacked the emotional maturity to understand what was being asked/expected of him. And since the leak doesn’t appear to be malicious or “whistleblower” in nature it seems he totally and completely failed to understand the consequences of his actions.
> "The film starts in September 1980, when a 21-year-old missile technician named Dave Powell dropped the socket from a socket-wrench... When the socket fell, it plunged 70 feet to pierce the side of the Titan II missile. The puncture released pressurized rocket fuel and set off a chaotic series of events and decisions that highlighted a chain of command ill-prepared to deal with disaster."
https://www.theverge.com/2017/1/10/14232574/command-and-cont...
Chelsea Manning was 20 years old and had full access to State Department cables and secret military video, for comparison. The military aims recruiting heavily towards teenagers, incidentally, for various reasons.
Older people with more independent thinking might be even more willing to leak data about government incompetence, criminal activity, reckless stupidity and so on.
A more senior person with broad but not obviously connected scope of responsibility, or a similarly junior person with an obviously-related role, would be less surprising.
Most of the last big leaks came from contractors or minor ranks with access.
[1] https://edition.cnn.com/2022/08/15/politics/classified-infor...
It's not enough to call it top secret, it has to be handled as such.
Someone else then raised the point of "well maybe there are duplicate splotches", in which case there would surely be duplicates across many countertops in many homes - probably one with a floor color that actually matches the one shown in the leaks.
A couple other folks in that thread seem to assume "well the splotch sample was clearly rotated so the paper could've been on the counter", in which case you'd think some of the leak photos would've shown the edge on which the splotch exists and would've shown more matching splotches. Still flimsy, at best.
Assuming the suspect really is guilty, I highly doubt this was how the suspect got caught; it reeks of parallel construction. If this is really the only evidence anyone has of the suspect's guilt, then a conviction in spite of the "evidence" being blatantly non-evidence would be yet another damning condemnation of my country's already-damningly-condemned "justice" system.
They will have found him because the photo was geotagged to his house, or he's on Discord - his personal credit card has probably paid for nitro or the account is linked to his personal phone for 2fa or something. Everyone on the internet goes full CSI but most of the ways people get caught are really mundane.
[1] https://www.reddit.com/r/MuseumOfReddit/comments/1iv343/the_...
It's the literal opposite (suggesting someone's innocence instead of someone's guilt), but sure.
> They will have found him because the photo was geotagged to his house, or he's on Discord - his personal credit card has probably paid for nitro or the account is linked to his personal phone for 2fa or something.
Then you'd think they would've mentioned that instead of fixating on some splotch in a granite countertop as if it actually proves anything.
Just as an example, the NYT/Bellingcat couldn't get a court order to get discord to reveal the credit card details a given account used to pay for nitro (in my example of a possible way he could have been caught) and then a order to get the card issuer to reveal the billing address of the card. But the FBI for sure could.
1. Someone else on his discord server cooperated with the case agent
2. He switched from posting as plaintext to posting photos because he thought he would get into trouble transcribing at work. THe photos were the ones the Bellingcat journalist deduced as being taken in his parent's kitchen.
3. The FBI had already identified him. He was using his primary discord account, had told other people on discord, his first name, that he lived in Massachusetts and worked for Air National Guard. Even with a common first name that is going to narrow the list a lot.
4. He repeatedly searched the word "leak" from his work computer, which was logged and led to an FBI alert from his work infosec monitoring.
[1] https://www.theguardian.com/us-news/2023/apr/14/leaked-penta...
The claim isn’t that this is how he was caught, but that it was a breakthrough—an important turning point—in the investigation.
> If this is really the only evidence anyone has
Literally no one has claimed anything like that, only “this is a thing that helped point us in his direction”.
I expect most people would even misunderstand that description. While this may have been a breakthrough in "a investigation", is not claimed to have been such in "the investigation". Is expect most people to interpret "the investigation" as talking about the law enforcement investigation into this while the Twitter post is a journalist talking about "our investigation" (presumably that of the organization he works for).
Because that's the one thing stated to have linked the suspect to the leaked documents.
> Are you assuming the match wasn't made by a human?
I'm making no assumption either way; whether it's a human or machine making the match doesn't change the match's flimsiness.
It is not. The title is editorialized, and the twitter post is referring to a NY Times investigation.
The FBI got the leakers home address directly from Discord.
Then you can present the other pieces of evidence made public at your leisure. I don't doubt they exist - but this granite splotch is so far the only one actually presented by anyone.
It's all here in the court filing:
https://storage.courtlistener.com/recap/gov.uscourts.mad.255...
The FBI isn't posting all of the evidence on twitter, because it'll be presented in a court room. The legal system is always slower than speculation by journalists.
This was my first thought as well, but your comment made me go back and look again. And actually, I find it more convincing now. You can see a line from the floor just below to the right of the marking.
Also, I think the Twitter poster you're linking doesn't understand that the photo was taken from the opposite angle and the marking was thus rotated to match, putting the paper directly on the counter at the edge and consistent with the leaked document photo.
I can't see any such line in the leak version of the splotch - whereas you can see the shadowing from the edge of the counter in the Instagram version. It's readily apparent that this is not the same splotch - even (especially) after (as I mention above) rotating the splotch to line it up in both versions.
The only lines I'm seeing in the leak photo are other granite splotches; there's nothing indicating that it's a table edge or a camo jacket or anything else.
https://www.nytimes.com/live/2023/04/14/us/leaked-documents-...
Even so, I suspect that parallel construction is likely.
The orange circle marker makes it a bit harder to see, but it certainly looks like an edge on both of those photos.
Clearly they had other sources, and this is a laughable attempt to divert from that.
https://www.smithsonianmag.com/arts-culture/a-wwii-propagand...
Well now they know how the leaker was unmasked, they don't need to poke around asking that question any more do they?
lol.
It does also point towards a certain degree of disillusionment within military circles, the rank and file ar probably not thrilled about the idea of being sent overseas for another Iraq/Afghanistan style disaster, only in eastern Europe this time.
We don't have any evidence around your claims other than speculation and that's not the point of this forum (in fact, the Discord where these docs were leaked seems like the exact kind of place for that comment).
You are treated as one of the gang, and people will often willingly share information with you that may even fall outside of what you need to know.
If someone is motivated to then collect/disseminate that information, it is exceedingly simple. It is always going to be difficult to stop these sorts of leaks.
I have close to zero trust in the abilities or goodwill of Federal entities.
The problem is "clout" seekers are all over the military. Have a conversation with a person in a highly selective field in the military and you'll find a crazy high amount of capable narcissists and God complex egos to go around.
This is why I'm saying to a degree this isn't a surprise to people in the IC.
Once they had him, they sifted through the stuff until they found some plausible confirmation and the pattern just looked a fun enough one for the media to report on.
Network admins generally require a higher level of clearance since they have lower level access to systems that are harder to apply access controls to
Just in case there's any confusion.
Or change the spacing between words ever so slightly.
https://en.wikipedia.org/wiki/Machine_Identification_Code