Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Thomas Rid Profile picture
@RidT
Oct 14, 2020 20 tweets 6 min read Read on X
CAUTION ADVISED with this morning's Burisma-Biden E-mail story. For several reasons. Image
First, the surfacing. This here is highly suspicious behavior. Especially when viewed in the context of a political campaign. Creative, anonymous, credibility-generating, somewhat plausible. Exactly how a professional would surface disinformation and potentially forgeries. Image
How hard would it be to do some research to identify a nosy, conservative, activist computer repair show owner likely to pass on political dirt, then lure him with stickers on the bait machine? Image
Also, the revealed emails are shared as image files, not in a file format that would contain header information and metadata. That makes it harder to analyze and verify the files. Image
Note that photos, which appear to look genuine, could be there simply to add credibility to forged emails surfaced along with the photos. This would be a standard tactic in disinformation operations. See amazon.com/Active-Measure…
Bottom line: *every individual little fact*—every email, every detail mentioned in an email—must be verified when data is surfaced in such a suspicious way, not just one piece of information, say a photo. It appears that The New York Post did not do that here.
To journalists considering writing about this toxic story: don't—unless you can independently verify more details. And even if you can verify something, acknowledge the possibility of disinformation up-front, especially against the backdrop of 2016. Not doing so is bad practice.
And for the record: I'm not a Biden supporter. I'm not even a voter in the United States. I research disinformation.
One more thing: it is also an old Cold War disinformation tactic to pass information, especially but not exclusively when forged, to low-brow newspapers that have high circulation and low standards of investigation. Ideal for surfacing and amplification.
Respect, Facebook
Just to be clear, clearer than the NYP story itself: the claim is that Hunter Biden himself dropped off *three* MacBooks for data recovery services at the unidentified computer repair shop, on or just before 12 April 2019.

This claim is so specific that it should be verifiable. Image
Also, important, *even if* the computer repair quote and April dropoff can be verified as accurate, that would *still not prove* that emails leaked this morning or in the next days are accurate.
The NYP published some of the leaked emails as PDFs. The metadata show that the emails were generated from Mail on MacOSX (and likely unmodified after the PDF was generated). Two PDFs were created about six months after the alleged repair shop data recovery, on 29/9 and 10/10. ImageImage
We now know the computer store in question. It has excellent reviews. Redactions are hard.
The Biden Campaign, so far, has denied one specific detail: the meeting described in this email, displayed up-front in the NYP story. Note that this email was the only email displayed as an image file, not a (unmodified) PDF printout from Mail in MacOSX. Image
The metadata for this image show that it was edited and prepared for publication with Photoshop yesterday afternoon.

Using an image is perhaps cleaner than a PDF embed (so this might be an editorial decision). But the formatting inconsistency certainly raises even more suspicion Image
These PDF metadata here are getting a lot of attention. It is important to caveat that metadata can be forged, and it's hard to tell if the metadata were tampered with if a formal chain of custody was not observed when handling the artifacts
I see a lot of people rushing to judgement on this story, on both sides of the aisle, claiming to know what’s really going on. That is a mistake.
The whole point of this thread was to say: be careful, withhold judgment. Did Hunter Biden himself hand in the laptop? Still unclear. Did the machine contain hacked files? Unclear. Were forgeries added to the mix? Unclear. Was a foreign intelligence service involved? Also unclear
I will say one thing: if this is a foreign intelligence operation, it has a critical design flaw—one single individual could bring down the surfacing cover story by correcting the record: Hunter Biden. (But then, of course, intelligence operations sometimes have design flaws).

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Thomas Rid

Thomas Rid Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @RidT

Thomas Rid Profile picture
Jun 25
Note of caution: I would not put too much weight on the leaked DIA assessment: it’s low confidence; it came too quickly; not available in full text; it got politicized; and done by one of the least impressive outfits of the USIC, if I may stick my neck out just a little bit.
First off, proper BDA needs to be done on the ground in Fordo, in ways that are highly likely very difficult to pull off, given the nature of the damage, and therefore need time. The IRGC, obviously, has the best ground access.
The IRGC, however, also has the an interest in misdirection and deception, in both public and private statements, given that they know they are owned — meaning any SIGINT here is perhaps not as reliable a source as it otherwise might be.
Read 4 tweets
Thomas Rid Profile picture
Nov 2, 2024
It appears that foreign influence operations on this platform are picking up, as expected. So here are a few high-level observations. Under normal circumstances I would write a proper longer piece. But in the interest of time, here you go. A few trends, questions, and hypotheses:
Most of the exposed Russian tradecraft is sloppy, and often the engagement on X is fake. But not always. One day after this remarkable WIRED story came out, the U.S. IC confirmed the attribution to Russia to reporters (Confirmation npr.org/2024/10/22/nx-…) wired.com/story/russian-…
The U.S. IC is reacting very fast. They expose content as foreign malign influence without amplifying it at the same time. That is excellent. It would be even better if there was one central reference point for all announcements, including press-call drops, perhaps with delay.
Read 9 tweets
Thomas Rid Profile picture
Oct 9, 2024
"Influence and Cyber Operations: An Update," the new OpenAI threat intelligence report, out a few hours ago. The document is interesting for one specific reason that hasn't been mentioned in public reporting so far cdn.openai.com/threat-intelli…
This is the money paragraph, from today's OpenAI report "Influence and Cyber Operations: An Update."

tldr: AI labs sit at a middle section of adversary kill chains—if staffed & equipped properly, the labs are potentially uniquely well positioned for threat intelligence insights Image
The report also has some interesting LLM TTP examples Image
Read 6 tweets
Thomas Rid Profile picture
Sep 30, 2024
JUST OUT — September was a wild month for scholars of modern covert influence operations. No longer do we have to rely on a campaign's digital footprints alone. My first analysis of ~3K leaked internal files and fresh FBI evidence on "Doppelganger."

foreignaffairs.com/russia/lies-ru…
This video was an internal production by the Social Design Agency, a disinformation firm in Moscow, produced in early August 2023, likely to be viewed by Vladimir Putin. Note the memo reproduced in the description, discussing the video.
Why is this leak interesting? Image
Read 10 tweets
Thomas Rid Profile picture
Sep 16, 2024
Several weeks ago German media (WDR, NDR, SZ) received a leak of internal files from the biggest Russian disinformation contractor, Social Design Agency, often referred to as Doppelganger. "Western security officials" confirmed authenticity. First story by @FlorianFlade et al
Another investigation in SZ (Would anybody with access share the PDF with me? DMs open) sueddeutsche.de/projekte/artik…
Another exclusive @tagesschau, this one is excellent. I wish they would excerpt or screenshot the source documents though tagesschau.de/investigativ/n…
Read 9 tweets
Thomas Rid Profile picture
Jun 23, 2024
Russian Saboteurs Behind Arson Attack at Berlin's Diehl Metal Factory in May

A huge deal, if confirmed. This WSJ story has some eye-popping details wsj.com/world/europe/r…
The WSJ does not identify who these "Western security officials" in this context. Image
Context: WSJ is citing German stories from last Friday here tagesschau.de/inland/regiona…
Image
Read 5 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

Send Email!

:(