The Mechanics of Deception

Yaacov Apelbaum - The Prince of Deception

Much has been said and written about Christopher Steele’s authorship of the notorious document that alleges Russia-Trump collusion. According to Glenn Simpson of Fusion GPS, Steele was hired by them in June 2016 to gather information about “links between Russia and [then-presidential candidate] Donald Trump.” Pursuant to that business arrangement, Steele prepared a series of reports styled as intelligence briefings, some of which were later compiled into a collection of documents and published by BuzzFeed and later become known as the “Trump dossier.”

On the face of the dossier, it appears that Steele gathered most of his raw information from multiple Russian government sources inside of Russia and a few in the US. He then edited the raw intelligence which seems to be a combination of conversations and notes, organized it in a summarized brief format, and published/leaked parts of it or in its entirety on a rotating schedule.

According to Steele’s testimony, he was the compiler and creator of the documents, a claim which is pivotal in the question of the authenticity of the dossier—and the DOJs reliance on it for the FISA warrants.

My initial impression of the dossier was that the writing was sloppy, it had multiple styles, an English, and non-English writers, and that it was assembled in haste. Setting aside the role of the peripheral players in this saga, the “salacious” aspects of it, and the ad nauseam arguments about its verifiability, I think that we can still learn a lot about the mechanics of its composition and those who participated in its creation.

When Simpson testified on November 8th and 14th in front of the Permanent Select Committee on Intelligence, he was very vague about the makeup of the dossier team and said that he hired Steele, who then used his “old contacts and farmed out other research to native Russian speakers who made phone calls on his behalf“. Two of these “native Russian speakers” were subsequently identified as Nellie Ohr and Edward Baumgartner. But even with this revelation, there are still many unanswered questions. For example: Why is the dossier so poorly written? Did Ohr and Baumgartner just collate the raw content and Steele published it? Did they themselves contribute any original research? Where did Ohr and Baumgartner get the raw material in the first place? Why does the dossier exhibit such odd mixture of sources and topics?

In this post, I’ll try to answer these and other questions and demonstrate how by using several readily available open source OSINT, network graphing, and writing style analysis tools we can pin point the sources and the individuals involved in this project.

Dramatis Personæ  
Glenn Simpson……… Co-founder of Fusion GPS.
Peter Fritsch………… Co-founder of Fusion GPS.
Christopher Steele….. Co-founder Orbis Business Intelligence.
Edward Baumgartner.. Co-founder of Edward Austin.
Nellie Ohr…………….. Russian Intelligence Specialist and wife of Bruce Ohr.
Bruce Ohr……………. Associate Deputy Attorney General & husband of Nellie Ohr.
Jonathan Winer……… ST’s special envoy and a colleague of Steele.
David Kramer……….. Asst. Secretary in the ST, Dir. @ McCain Institute, a friend of the Ohrs.
Perkins-Coie………… A US Law firm representing the DNC and a customer of Fusion GPS.
Natalia Veselnitskya… Russian attorney and a customer of Fusion GPS.

ST= State Department

Christopher Steele
Steele was the primary investigator and writer of the dossier. He graduated from Cambridge University in 1986 with a degree in Social and Political Sciences. While at college, he wrote for the student newspaper Varsity. Steele was recruited by MI6 directly following his graduation, first working in London at the Foreign and Commonwealth Office (FCO) from 1987 to 1989, then from 1990 to 1993 at the UK Embassy in Moscow. Steele returned to London in 1993 and was posted to Paris in 1998.  Shortly after that, his cover was blown through a media leak that disclosed the identity of 116 MI6 agents he left the service in 2003. In 2009, Steele, with his fellow MI6-retiree Chris Burrows, co-founded the private intelligence agency Orbis Business Intelligence.

Yaacov Apelbaum - Christopher Steele
Image 1: Christopher Steele

According to the Orbis website, the company draws on extensive experience at the boardroom level, in government, multilateral diplomacy, and international business to develop bespoke solutions for clients.

It also refers to their sources of a “global network of senior associates” which is made up of regional, industry and academic experts, as well as prominent business figures, their expertise and a closed network of contacts worldwide.

Yaacov Apelbaum - ORBIS Business Intelligence
Image 2: The Orbis Business Intelligence Website

The Orbis mission statement is:

“Our core strength is our ability to meld a high–level source network with a sophisticated investigative capability. We provide strategic advice, mount intelligence–gathering operations and conduct complex, often cross–border investigations.”

Nellie H. Ohr
Nelie Ohr was the second contributor to the dossier. She earned a degree in history and Russian literature at Harvard and Radcliff, followed by an MA and PhD in history from Stanford. She taught history at Vassar College and after leaving that position, free-lanced as a contractor for a number of government and commercial organizations conducting research and translation projects.

As part of her PhD work during the 1990s, she worked in Russia and, according to at least one source, had powerful political connections and serious clout there. In her book Adventures in Russian Historical Research, Cathy Frierson writes: “Nellie encouraged me to call the Smolensk archive [the home of Russia’s historical state secrets] director, assuring me that he would welcome me.”

Yaacov Apelbaum - Nellie Ohr
Image 3: Nellie Ohr

It’s interesting that in 2017, shortly after her position with Fusion GPS ended, Ohr landed a new gig not in Russian translation or analysis work but rather as a cybersecurity expert. Her new title was Principal at Accenture Security. In this capacity, she delivered a presentation during the ISO-ISAC Fall 2017 session entitled: “Ties Between Government Intelligence Services and Cyber Criminals – Closer Than You Think?”

Yaacov Apelbaum - Nellie Ohr Accenture
Image 4: Nellie Ohr, Principal Accenture Security

Ohr’s presentation focused on enforcement activity in 2016-2017 and provided examples of how cyber threat actors were arrested, indicted, or identified in intelligence reports by US and European governments. She pointed out connections and ties between government intelligence services (such as the FSB) and cybercrime actors. She discussed the drivers and mechanisms between state and criminal cooperation and offered a case study that explored how seemingly ordinary cybercrime combined with strategic espionage. 

Shortly after the news broke out about her being married to Bruce Ohr from the DOJ, Accenture scrubbed their web content and removed all references to her name, (see “Nelie Ohr” site: As of March 2018, she was no longer listed as a member of the Accenture Security team.

Edward Baumgartner
The third contributor to the dossier, Edward Baumgartner, has a BA in history from Vassar College and an MA in Russian, Eastern European, and Central Asian Studies from Harvard. 

Yaacov Apelbaum - Edward Baumgartner 2
Image 5: Edward Baumgartner

Image 6: Baumgartner’s university track (source LinkedIn profile)

He specializes in the Former Soviet Union (FSU). Baumgartner started as an independent consultant in the FSU, focusing on research and business intelligence. From 2002 to 2005, he was the head of the Russia business at a London-based public relations consultancy. His clients included Russian government-owned and private companies.

In 2010, Baumgartner cofounded the UK-based intelligence consulting firm Edward Austin.

The firm’s mission statement:

“With an established network spanning the FSU and beyond, Edward Austin serves clients in the private and public sectors worldwide. We are pan-FSU. Alongside extensive work in Russia, Kazakhstan and Ukraine – the region’s three main economies – we have completed numerous projects on the ground in the wider Central Asia region (Kyrgyzstan, Mongolia, Tajikistan, Turkmenistan, Uzbekistan), the Caucasus (Armenia, Azerbaijan, Georgia), the Baltics (Estonia, Latvia, Lithuania), Belarus and Moldova. Reinforcing this is a global network of trusted partners, enabling us to undertake work across jurisdictions worldwide.”

Yaacov Apelbaum - Edward Austin
Image 7: Edward Austin Business Intelligence website

The Dossier Network
An often missed detail is that the fellowship of the dossier was a close-knit group, everyone knew each other long before embarking on the quest to find the alleged collusion. As you can see from the network chart below, this team worked on multiple projects for different customers but utilized the same materials, resources, and connections. Some of these relationships go back more than 20 years.

Yaacov Apelbaum - The Trump Dossier Network
Image 8: The Dossier Network (click on image to see a larger version)

For example, Edward Baumgartner, Nellie Ohr, Bruce Ohr, and David Kramer are Harvard alumni, Fritsch, Ohr, and Baumgartner attended Vassar College. Ohr and Baumgartner were together at the History department at Vassar College in the 1990s, where Baumgartner was Ohr’s student. Simpson knew Steele from his days in the WSJ, going back to 2009. Jonathan Winer from the State Department knew Steele going back to 2009.

Steele, in 2012 was already under a lucrative contract with the State Department to produce a series of about 100 reports on the Ukraine-Russia conflict. These reports contained a significant amount of economic and financial data that was shared with other agencies like the DOJ.

Nellie Ohr’s relationship with Steele goes back to early 2000’s or even earlier. Bruce Ohr’s relationship with Steele began long before the Trump presidential bid. It goes back to Steele’s 2010-2013 FIFA corruption investigation. Bruce was then chief of the Organized Crime and Racketeering Section in the DOJ, which had a keen interest in the early stages of the case. In 2015, the DOJ indicted a number FIFA affiliated individuals. Interestingly, the DOJ did not charge anyone at FIFA with bribery because US federal bribery laws cover only payments to government officials. Bruce’s team, instead alleged racketeering, wire fraud, and money laundering conspiracies.

In 2013, Bruce as the Assistant Deputy Director at DOJ, participated in the third St. Petersburg International Legal Forum. He was a speaker at a session titled “Criminal Matters and Allegations of Crimes in International Arbitration”, a topic deeply connected to the Magnitsky Act. It’s interesting to note that his lecture included many of the components of the yet-to-be dossier’s: “money laundering operations”, “payment of large bribes and kickbacks”, “forged documents”, and “collusive schemes”.

Yaacov Apelbaum - Bruce Ohr St. Petersburg 2013
Image 9: Bruce Ohr 2013 St. Petersburg talk

From Simpson’s testimonies, we know that while at Fusion GPS Baumgartner was working on these three projects:

  1. The dossier
  2. The Prevezon project helping the Russian government-owned company Prevezon defend itself against a US government charge alleging a 230 million dollar money laundering scheme
  3. Russian government lobbying efforts aimed at reversing the Magniseky Act

During the Prevezon contract which ran through October 2016, Baumgartner was the lead writer and researcher working closely in Moscow with Natalia Veselnitskaya. Veselnitskaya, was his primary source for all Russian intelligence, research and discovery materials for all three Fusion GPS projects.

The cases that Baumgartner and Veselnitskaya were working can be taken out of a Tom Clancy novel. They are full of intrigue, greed, and suspicious deaths.

The Magniseky Act lobbying case revolved around one Sergei Magnitsky, a Russian whistleblowing tax accountant, working for Hermitage Capital who outed some Russian officials for fraud. He was arrested and detained without trial for a year until he finally died in prison in 2009. When his family examined his body, they found evidence that he was beaten to death while in custody. Then-president Medvedev’s investigative committee report cited with the family.

This story helps shed some light on the company that Baumgartner, Steele, Ohr, and Simpson were keeping and to put the dossier project in the right context. The Fusion GPS motto has always been “We don’t use the word ‘sold out.’ We use the word ‘cashed in’“

Dossier Authorship Claims
The House Intelligence Committee’s hearings on November 2017 attempted among other things to answer the dossier authorship question. Simpson testified that Steele used his old contacts and farmed out other research to native Russian speakers who made phone calls on his behalf. In the hearing transcripts Simpson comes through as being evasive, ambiguous, he hemmed and hawed a lot, and had problems remembering and recalling details. But despite his fogginess, he was crystal clear about Steele being the author of the documents.

The credibility of the dossier briefs depends on the premise that Steele, as of mid-2016 still had an active portfolio of highly placed HUMINT inside Russia. It also relies on the integrity of his chain of acquisition.

In his testimony, Simpson identified Baumgartner as a second contributor to the dossier:

Foster: And what type of work did Mr. Baumgartner undertake for Fusion?

Simpson: Discovery mostly, helping locate witnesses. He speaks Russian. So he would work with the lawyers on gathering Russian language documents, gathering Russian language media reports, talking to witnesses who speak Russian, that sort of thing. He may have dealt with the press.  I just don’t remember.

Foster: So was Mr. Baumgartner also working on opposition research for Candidate Trump?

Simpson: At some point, I think probably after the end of the Prevezon case we asked him to help with I think — my specific recollection is he worked on specific issues involving Paul Manafort and Ukraine.

Somewhat surprising is Baumgartner’s denial of Simpson’s statement that he did work on the dossier.


“I was helping them [Fusion GPS] on this other project, which was unrelated, and they mentioned it to me in July 2016, I was never made aware of Chris Steele’s work or the dossier, and it was kept that way deliberately. I would have had nothing to add, anyway. I produce memos based on information that is in the public record that can be given to the feds or shared with journalists.”

But then, in a contradictory statement, Baumgartner said that he produced memos that could be given to the Feds. We now know that the only memos given to the Feds (DOJ and FBI) by Steele and Fusion GPS were the dossier documents.

The third contributor, Nellie Ohr, was another Russian intelligence analyst working for Fusion GPS and Steele. She has not been deposed nor has voluntarily offered any insight into her role in the writing process, so it’s difficult to ascertain the exact part she played. Not surprisingly, when questioned, Simpson didn’t mention her. However, from a recent House Intelligence Committee memo it’s clear that Nellie Ohr was in fact “employed by Fusion GPS to assist in the cultivation of opposition research on Trump”; the memo adds that Bruce Ohr “later provided the FBI with all of his wife’s opposition research.” 

Asked by Intelligence panel staff if he verified Steele’s “sources in Russia” or corroborated their information, Simpson said he’d never been to Russia himself and couldn’t “evaluate the credibility of someone on the other side of the [Atlantic]”, Nor could he confirm that Steele actually spoke directly with any of his Russian sources.

A private company like Orbis (unless they are a front for SIS) lacks the means to properly vet foreign intelligence sources let alone vet the source’s information. But that didn’t create any doubt in Simpson’s mind—a former investigative reporter for the WSJ. He said that he completely deferred to Steele’s expertise and did not question his findings because of his “sterling reputation”.

The sterling reputation he was referring to was Steele’s work on the FIFA corruption case. According to Steele, he provided investigative services and intelligence to the Interpol and FBI which resulted in the arrest and prosecution of a number of FIFA officials. The problem with this case’s sources and methods is the same as with the dossier initiative. 

The whole FIFA case revolved around England’s hope to host either the 2018 or 2022 World Cup, but FIFA awarded those tournaments to Russia and Qatar. Steele was then ‘hired’ in 2009 by England’s Football Association to investigate allegations of corruption by FIFA.

Steele didn’t actually perform any hands-on investigative work himself. Just from the surface evidence, it looks like some of his friends/contact in MI5, MI6, or Scotland Yard shared with him the SIGINT, HUMINT, and FININT intercepts. He then repackaged the data and passed the file to the FBI and Interpol all the while collecting a lot in service fees. The dossier initiative was also not an altruistic act. Steele received over $165K for his 35-page report.

Simpson pimped Steele as a real-life James Bond with deep connections inside the Kremlin, and because of this, he didn’t have to corroborate any of his reports. But Steele, his previous contacts in Russia now long gone, had to rely on others like Ohr, Baumgartner, and Veselnitskaya, the Russian lawyer (who doesn’t speak or read English) and her network to generate his so-called ‘raw intelligence’.

The Dossier Structure
The dossier is 35 pages long and has the following structure (see the sample from page 13 below):

  1. Company intelligence report number date/running total
  2. Report subheading “Russia/USA Growing Backlash in Kremlin…”
  3. Summary of report usually in bullet point format (the raw intelligence)
  4. Detailed discussion of summary points with citation of sources

Yaacov Apelbaum - Steele Dossier Sample Page
Image 10: Dossier sample report

The reports are not sequential and are spaced unevenly. As we can see from the table below, they also contain formatting problems and data entry errors which suggests some haste and carelessness in their preparation.

Report # Report Title Report Date

For example, the first company intelligence report dates to 20-June-2016 and is marked number 80; then the dossier jumps to report number 86. There are data entry mistakes in some of the dates, for example, report 86 is dated 2015, report 95 has a missing date. There are also logical sequence problems with report numbers vs. dates. For example, report 86 is dated 20-Jul-15 even if we assume that 2105 is a typo and it should have been 2016, report 94 comes two reports after it but its dated 19-Jul-2016.  

Steele’s Vast Shadow Army of Unverified Sources
According to Steele, the document is sourced from about 34 valuable, trusted, and highly placed Russian intelligence and political assets that he had direct access to. 

Steele’s assets included:

  1. A senior Russian Foreign Ministry figure
  2. A former top Russian intelligence officer
  3. Several knowledgeable FSB sources
  4. A trusted compatriot (there are references to at least 5 of these)
  5. A former top level Russian intelligence officer who is still active inside the Kremlin
  6. A senior Russian financial official
  7. A close associate of Trump
  8. Source E (redacted)
  9. A female staffer at the Ritz Carlton hotel
  10. An ethnic Russian operative connected to the Ritz Carlton hotel
  11. A senior Kremlin official
  12. A Russian IT specialist with direct knowledge of FSB operations
  13. A senior Russian government figure
  14. An ethnic Russian who is a close associate of Trump
  15. A separate source with direct knowledge of Trump’s investment in Russia
  16. A Russian source close to Rosneft President
  17. An official close to Presidential Administration Head Sergei Ivanov
  18. A Kremlin official close to Sergei IVANOV
  19. A trusted associate of a Russian émigré
  20. Two well-placed and established Kremlin sources
  21. A source close to premier Dmitriy Medvedev
  22. A close colleague (of Steele)
  23. A Kremlin official involved in US relations
  24. A Kremlin insider
  25. A Kremlin advisor
  26. A well-placed Russian figure
  27. An American political figure associated with TRUMP
  28. A senior member of the Russian Presidential Administration (PA)
  29. A senior Russian MFA official
  30. Top level Russian official
  31. Two knowledgeable St Petersburg sources
  32. A senior Russian leadership figure
  33. A Russian Foreign Ministry official
  34. Igor Sechin’s close associate

If this list of assets is genuine and so is his chain of acquisition, then Steele somehow managed to not only recruit new agents since his MI6 days in Moscow in the early 1990s, but he also succeeded in holding on to his old assets. This is a pretty impressive feat for someone who left Russia in 1993 and had his cover blown publically 20 years ago.

Steele’s claims of access to deep resources in Russia also begs the obvious question of why would MI6 be willing to co-share their deepest intelligence assets in Russia with Orbis? Or, why would MI5 tolerate a private firm actively engaged in espionage against Russia and meddling in a US election from British soil? Is it plausible that the British security services just didn’t know that smack dab in the middle of London from his castle at Grosvenor Gardens, just a skip and a jump 300 feet from Buckingham Palace was Dr. Evil and his two mini-me’s remotely controlling legions of deep Russian assets and aggressively plotting against a US presidential candidate?

Yaacov Apelbaum - Orbis vs. MI6 HQ
Image 11: Orbis Business Intelligence building location in London

Glenn Simpson, Steele’s handler, was asked by Congressman Trey Gowdy during the House Intelligence Committee’s November 14 Hearing (see excerpt below), if Steele had gone “to Russia as part of this project,” to which Simpson replied, “No, sir.” Steele, at the time he compiled the dossier, hadn’t been back to Russia in 17 years.

Gowdy then asked him: “How was he able to accumulate information in Russia if he didn’t go?” Simpson stated: “Well, so to be clear, he really would not be safe if he went to Russia. He’s been exposed as a former undercover British Intelligence officer who worked in Moscow. So it wouldn’t be wise for him to go to Russia.” Simpson then explained how Steele was able to collect all of this intelligence by: “… and generally, you have a network of sources who live in or came from the place that you’re interested in. So, you know, generally speaking, you would have –you would run a network of sub-sources or subcontractors who travel around and gather information for you. And so without getting into who his sources are, I can say generally, he hires people who can travel and talk to people and find out what’s going on”.

Yaacov Apelbaum - Gowdy Simpson Q&A
Image 12: Excerpt from Glenn Simpson’s congressional hearing testimony

On the possibility that Steele was just fed a steady diet of dezinformatsiya, according to Steele’s own words that was not unlikely because:

“Disinformation is an issue in my profession, it is a central concern, and we are trained to spot disinformation, and if I believed this [the dossier] was disinformation, or I had concerns about that, I would tell you [Fusion GPS] that. And I’m not telling you that. I’m telling you that I don’t believe this [the dossier] is disinformation.”

So what Steele is saying here is: ‘I am a wise old British gentleman spy, I was trained at the Hogwarts School of spy Wizardry, and you can trust everything I’m telling you. Now, poof be gone!’

This is laughable! Vetting is a critical part of the evaluation and reliability a source and its information. It’s such an essential part of the craft that no reliable decisions about the information can be made without it. Given the poor quality of his raw intelligence, Steele’s lack of concern for the possibility that he was being fed disinformation is alarming.

A Man and a Woman Walk into a Bar and the Craft
While still in the early stages of his clandestine dossier project, Steele and Fusion GPS launched a coordinated media blitz to publish the briefs. Steele was sharing the details with a handful of DOJ, FBI, and political figures such as Kramer and Winer (see Image 8). He was also regularly briefing reporters from The New York Times, The Washington Post, Yahoo! News, The New Yorker, and CNN.

Many of the reports betray source information. For example:

a close associate of TRUMP who had organized and managed his recent trips to Moscow”.

Speaking in July 2016, a Russian source close to Rosneft President confided the details of a recent secret meeting between him and…Carter PAGE”.

Assuming that Steele didn’t intentionally plan to burn his sources, leaking such details to the media shows exceptionally poor craft.

By “craft” I’m referring to all of the skills and abilities of intelligence from writing, to briefing, to field collections. Operators can have “good craft,  “bad craft”, or “no craft at all.”

For example, a female agent with good craft can walk into a bar, meet a man assigned to seduce her, get him to buy her drinks, and have the man working for her by the end of the evening. That’s good craft. On the other hand, a man is picked up by a beautiful woman at a bar, convinces himself that she really likes him in spite of the fact that he is fifty, balding and overweight. After he buys her the drinks, he comes to feel that she is, in fact, his soul mate. He tells her about his latest intelligence operation in detail and never sees her again. This is a total lack of craft.  Steele seems to fit squarely in the second category.

In December 2016, when the story about the mysterious death of Oleg Erovinkin came out, Simpson attempted to leverage it to shut down questions about Steele’s sources and methods. He was suggesting that Erovinkin, a former general in the FSB, was one of Steele’s deep sources. A few other individuals within Steele’s circle also tried to put out this narrative. For example, Luke Harding in his book, Collusion: Secret Meetings, Dirty Money, and How Russia Helped Donald Trump Win states:

A person close to Steele admitted that in the wake of the dossier the Kremlin did appear to be wiping out some kind of American or Western espionage network.

If this is really the case that the Russians were now eliminating Steele’s sources (i.e. Migayas Shirinskiy, Denis Voronenkov, Vitaly Churkin, Alexander Kadakin, Andrey Malanin, Petr Polshikov, Sergei Krivov, and Nikolai Gorokhov) then the death of thee people can be entirely blamed on Steele’s 2016 whirlwind dossier media tour and his criminal negligence.

Typos and Errors
The report contains a large number of errors and inaccuracies that should have been caught and corrected at the final copyedit before publication, after all, Simpson, Steele, Ohr, and Baumgartner earn their living writing. You would certainly expect that one of them would read and clean up the document before it was sent out.

The errors in the briefs include the consistent misspelling of names like the “Alfa Group” with “Alpha Group” which betrays the fact that the writer is not versed in the material he is writing about. This could alternatively be explained as gangsta style spelling, but it’s odd that someone like Steele who was raised on the Queens’s English would adopt this style of writing in an official correspondence.

What Language was the Report Written in?
It’s clear from the grammar, punctuation, spelling, idioms, and sentence structure that the report is suffering from some serious English deficiencies. Almost all media commentators point out that this is because the raw intelligence came from some Ivans who ‘don’t speaka de English’. This is also one of the leading arguments in favor of the authenticity of the intelligence. After all, would one expect perfectly written British English prose from a source working for the FSB?

It’s hard to buy this argument. It has the hallmarks of a false flag operation written all over it. Steele doesn’t speak fluent Russian, nor for that purpose even reads or writes Russian.

According to Simpson, Steele: “… farmed out other research to native Russian speakers who made phone calls on his behalf“.  So he wasn’t personally conducting the debriefings of his assets; some other Russian speaker conducted and translated the interviews into English. The only other plausible members of the dossier team to be able to do this were Ohr and Baumgartner. We know that Ohr didn’t travel to Russia in 2016. So Baumgartner is the only remaining candidate. He is a British national, his base of operation was Moscow and London, he traveled to Russia frequently, and he had been working on two other similar projects for Fusion GPS.

Simpson confirmed that Baumgartner’s job for Fusion GPS was the translation of Russian language documents, writing reports, and interviewing assets who speak Russian. He said: “So we retained Ed to—originally in the Prevezon case—to do some interviews in Moscow, I think, and retrieve some records from Russia. And other Russian language-related tasks.”

We also know that the only two Russian specialists Steele hired were Baumgartner and Ohr, both native English speakers with advanced degrees from ivy league schools. So if indeed Baumgartner and/or Ohr produced the bulk of the raw intelligence, then why did they dumb down their writing style and forget how to properly form English sentences? After all, Baumgartner prides himself on his flawless spoken Russian and touts his firm’s translation services:

“Several blue-chip corporate names in the region retain Edward Austin to write, translate and edit their press releases, presentations and other corporate material.”

Ohr also practically lived in the Lenin Library and the Smolensk archive for several years reading and translating documents in Russian and then made a name for herself as a book reviewer writing in perfect English.

On the question of chain of transmission, Steele said: “Such intelligence was not actively sought; it was merely received.” This is a dream come true for every intelligence officer—a gift of priceless intelligence with no strings, no effort, no work. High-value actionable intelligence just tossed over the transom. 

So was the Detail section of each report, i.e., the ‘raw intelligence’ part ‘received’ in Russian? Or was it written in English and then rewritten in a ‘Russian style’ to make it look more authentic?

VC Funding and The Protocols of the Elders of Zion
It is interesting that the dossier contains a significant amount of non-political and business-related activity. There is also a generous amount of emphasis on cyber warfare and cybercrime. Neither of these subjects has much to do with the stated objectives of the original research of gathering information about “links between Russia and [then-presidential candidate] Donald Trump”.

Russian involvement in cyber-related crime is old news. Russian, Ukrainian, and other FSU based botnets that distribute malware for commercial gain and industrial espionage have been operating at full capacity since the mid-2000’s. With some of the more significant players having known government affiliations.

So why the sudden increase in Russian cyberwarfare related chatter? The reason could be that someone asked Steele to include this material in the dossier in order to address the DNC email leak which was published in June-July 2016.

An illustration for this cyber crime-related material can be found in report 86 dated 26 July 2016, under item 3. We see the following paragraph:

In terms of the FSB’s recruitment of capable cyber operatives to carry out its, ideally deniable, offensive cyber operations, a Russian IT specialist with direct knowledge reported in June 2016 that this was often done using coercion and blackmail. In terms of ‘foreign’ agents, the FSB was approaching US citizens of Russian (Jewish) origin on business trips to Russia. In one case a US citizen of Russian ethnicity had been visiting Moscow to attract investors in his new information technology program. The FSB clearly knew this and had offered to provide seed capital to this person in return for them being able to access and modify his IP, with a view to targeting priority foreign targets by planting a Trojan virus in the software. The US visitor was told this was common practice. The FSB also had implied significant operational success as a result of installing cheap Russian IT games containing their own malware unwittingly by targets on their PCs and other platforms.

I don’t know what the term “IT Specialist” means in Steele’s world of rent-a-spy, but for most of us in the field, it describes individuals who use their technical expertise to implement, monitor, or maintain IT systems. Even if this IT Specialist was working for the FSB, IT staff in any intelligence organization is usually not privy to case files and sources and methods used to recruit agents. It doesn’t take much imagination to cross-reference Steele’s fictitious “IT Specialist” to Snowden and his exploits. In fact, Snowden describes an almost identical story where allegedly coercion and blackmail were used to turn a banker into an agent.

As for the term “with direct knowledge”, does he mean that this IT Specialist claimed to have participated in one of these offensive cyber operations and willingly shared this information with Steele? 

The same goes for the proposition that an “IT Specialist” would have firsthand knowledge of the FSB’s playbook for recruitment of US citizens of (Jewish) Russian origin. The whole premise that the FSB is targeting US Jews because they are greedy and would flip for a price sounds like it was taken from Borat in the nest of the Jews or the protocols. it reeks of institutionalized anti-Semitism which could have been planted in the report deliberately to generate outrage.

Another noteworthy observation is the general vagueness of the cyber section and the writer’s poor understanding of computer terminology in frequently confusing terms like IP (intellectual property) with a code base and Trojans with Viruses.

Besides, whoever wrote this section needs to make up his/her mind about which attack vector is it, a Trojan? A virus? Or cheap Russian IT games (probably meant to say ‘IT Utilities’ like rogue anti-virus) infected with malware.

To illustrate the FSB’s ’recruitment’ method, Steele tells us about a US citizen who travels to Russian hoping to attract investors in his “information technology program”. What does that even mean?  Is he talking about an executive of a US startup that is looking for seed money in Russia?  If so, the proposition is ridiculous; anyone that has ever tried to raise capital in a startup knows that because of IP and regulatory constraints, the funding source is always country specific. Also, the idea that a US executive running a US-based software company would willingly allow the FSB to plant a virus in his software is laughable. You don’t have to be a genius to know that when he is caught—the question is when, not if—the company would be destroyed and he would be looking at massive personal civil penalties and a very long jail sentence. 

It may also be of interest that many of the dossier’s cybersecurity allegations such as the ties between the Russian government intelligence services and cybercrime actors and the drivers and mechanisms between state and criminal cooperation are repeated almost verbatim in Ohr’s Accenture Security presentation that she delivered almost a year later in the FS-ISAC 2017 Summit. The case study in her presentation explored how seemingly for profit Romanian and Bulgarian hackers combined with strategic Russian espionage initiatives and this mirrors the last dossier report.

Yaacov Apelbaum - Nellie Ohr 2017 FS-ISAC Presentation
Image 13: Nallie Ohr’s presentation to the FS-ISAC 2017 Fall Summit

Nellie Ohr’s 2017 presentation was derived almost verbatim from another presentation that she and her husband delivered during the 2010 symposium of the National Institute of Justice in Russia. The subject of that event was: Legal Racketeering in Russia and National Security Issues. The talk covered these topics:

How are international criminal organizations attempting to co-opt the state to suit its interests? How are states attempting to use international criminal organizations to advance their interests? How does international organized crime present itself as a national security threat to different types of countries? How do links to other malevolent actors, like terrorist or insurgent groups, manifest themselves and factor into the previous questions? 

Not surprisingly, the 2010 program participants included a few familiar dossier characters like:

Glenn Simpson – Senior Fellow International Assessment and Strategy Center
Nellie Ohr – Researcher Open Source Works
Bruce Ohr – Chief Organized Crime and Racketeering Section Criminal Division DOJ
Greg Gatjanis – Director for Counternarcotics and Counterterrorism (worked with Ohr)
Mathew Burrows – Counselor National Intelligence Council (attended Cambridge with Steele)
Lisa Holtyn – Intelligence Advisor Organized Crime and Racketeering DOJ (hosted Ohr in 2014)

It’s almost certain that Nellie Ohr’s source for her commercial Accenture 2017 presentations was the 2010 material. If that is the case, then she must have gotten it by cannibalizing “raw intelligence” from some internal DOJ, FBI, and other agency sources.

Dossier Language
The subheading of Company Intelligence Report 2016/080 report is titled: “Republican candidate Donald Trump’s activities in Russia and compromising relationship with the Kremlin.”

The phrase should read: “Republican candidate Donald Trump’s activities in Russia and his compromising relationship with the Kremlin.” It is difficult to explain how Steele actually wrote this. “Chris Steele,” as he is known in his early days as a reporter for the Cambridge University student publication, also served as president of the Cambridge Union Society, a debating club. So the riddle is, how could a Cambridge university journalist and master English debater form such a phrase?

This issue with the subheading text is a pattern found throughout the dossier: it appears that the “Detail” section of most reports was written by someone whose native language was not English.

Source Credibility Index
Every source has credibility ranging from a ‘Pathological Liar’ to the ‘Word of God’.  All intelligence organizations have values system for source credibility. Credibility is a subtle thing and depends on many constantly changing factors. The Key trade craft for any case officer is the ability to constantly evaluate and the determine credibility of his sources. One of the glaring problems with Steele’s reports is that the intelligence credibility indicator is marked with vague fluffy terms like “well-placed”, “trusted”, “knowledgeable, etc.  Steele is not assigning sufficient granularity of trust to his sources.

Also, the general impression is that Steele is enamored with the titles of his assets. Which is a bad thing. The rule is ‘Never fall in love with a source”. Steele also doesn’t provide any indication that he cross-verified the raw intelligence from multiple sources.

In a recent December of 2017 court testimony Steele has acknowledged that his final December report (# 166), contained information he never vetted. He stated that “The contents of the report did not represent (and did not purport to represent) verified facts, but were raw intelligence which had identified a range of allegations that warranted investigation given their potential national security implications”.

It’s easy to get lost in all of these weasel words, but the common name for “raw intelligence” that does not represent, nor purports to represent verified facts is called a rumor.

Run-on Sentences and Poor Punctuation
Paragraphs like the following do not need further discussion:

“Alpha held ‘kompromat’ on Putin and his corrupt business activities from the 1990s whilst although not personally overly bothered by Alpha’s failure to reinvest the proceeds of its TNK oil company sale into the Russian economy since, the Russian president was able to use pressure on this count from senior Kremlin colleagues as a lever on Fridman and AVEN to make them do his political bidding.”

Non-Native English Speaker
There are many misuses of the English language that should have activated the alarm bells of any critical reader. One sentence states: “Trump’s previous efforts had included exploring the real estate sector in St. Petersburg as well as Moscow but in the end Trump had had to settle for the use of extensive sexual services there from local prostitutes rather than business success.”

Besides the obvious contextual problem, it is difficult to logically balance “sexual services” and “business success”. So in lieu of business opportunities, Trump allegedly settled for extensive sex?

Another sentence begins with “Speaking to a trusted compatriot.” After trying to make sense of the sentence, it’s clear that the writer meant “according to a trusted compatriot.” The “speaking to”  jumbles the meaning.

Non-English Idioms
In writing about sex, the author is particularly byzantine. He says that Russian authorities had compromised Trump by catching him in his “personal obsessions and sexual perversion.”

In another instance, Trump was alleged to have gotten revenge on the Obamas by “defiling the bed where they had stayed on one of their official trips to Russia by employing a number of prostitutes to perform a ‘golden showers’ urination show.”

These archaic terms hint that the writer had some classical training because it sounds like he/she is using phraseology from Suetonius’s The Twelve Caesars (see reference to Tiberius and his ‘licentious indulgences and sexual perversion’ and Nero’s ‘defiling’ acts).

The usage of “a number” with the plural form “prostitutes” seems forced and is designed to emphasize the ‘largeness’ of the event. As far as shower go, the phrase is “golden shower,” singular and the addition of the term “urination show” is redundant.

Missing Articles
One expects to find definite and indefinite articles that are often omitted. For example, the phrase “to encourage splits and divisions in western alliance” is missing “the” before “western alliance.” The phrase “anchored upon countries’ interest” should read: “anchored upon the country’s interest”. The author frequently misuses the possessive form as well.

Sentences that begin with the word “however” without a comma as in: “However it has not as yet been distributed abroad.” In other instances, “however” is followed by a comma: “However, there were other aspects …”.  There is no consistency in the use of serial commas before or after conjunctions like ‘and’ and ‘but”.

Multiple Authors?
The briefs suggest that there were multiple authors, one perhaps Russian and English. At one point, the reader is told that the Trump campaign leaked the DNC documents to WikiLeaks “to swing supporters of Bernie SANDERS away from Hillary CLINTON and across to TRUMP.” The “Summary” section cleans up the language. Now the goal is to switch voters “away from CLINTON and over to TRUMP.” This stenographic sleight of hand is forced and artificial.  Whoever was conducting the original interview would/should have corrected this at the moment of transcription. 

British English
Steele is a Brit educated in British English. The document contains distinctly British spellings such as “programme,” “defence,” “authorised,” and “manoeuvre.” So, are we to assume that Steele’s deep intelligence assets in the FSB and Kremlin also attended Cambridge? 

There are other little details that bog the mind like when the author writes: “Things had become even ‘hotter’ since August on the TRUMP-RUSSIA track.” what is the significance of “hotter” in quotes? 

Talking Points vs. Raw Intelligence Narrative
One point that repeats itself toward the end of the document is the notion of “Moscow’s interference in the US Presidential election campaign.” Another is Trump’s perceived “unfitness” for office. These statements read less like raw intelligence and more like Steele has gone native and is now working on some political talking points for a speech.

Writing Style Analysis
The dossier’s content is interesting, but what about the writing style? Can we find the author’s fingerprints? To perform this analysis, we would need a writing sample containing a few hundred words from each potential author.

I’ve managed to get samples written by all three dossier musketeers. Ohr has a significant amount of book reviews online, and I also managed to get a copy of her PhD dissertation.  Baumgartner was little more challenging. Most of his writings are no longer available—quite an achievement for a person who claims to have been a reporter for several years. I found a depository with some of his commercial work and news related pieces. Steele’s were by far the most difficult to locate.  Despite his having worked as a reporter for the Cambridge Varsity student newspaper, all of the digitized copies of his prose have disappeared without a trace from the Cambridge library. But as it goes, luck favors the prepared and I was fortunate enough to be able to pull a few copies of his articles from another source (see sample below).

Yaacov Apelbaum - Christopher Steele Early Writings
Image 14: Christopher Steele’s sample writing

In the analysis of the text and content I’ve used following techniques and a number of Open Source tools.  The total search and analysis time was about 2.5 hours.

  1. OSINT platform – Buscador
  2. Network link analysis and Graph – Open Sementic Search with Neo4J
  3. Writing style analysis – stylo R package and JGAAP

Writer Baseline Profile
As can be seen from the analysis below, Steele, Ohr, and Baumgartner demonstrate a distinct writing style (images 15-17).

Yaacov Apelbaum - Steele's Writer Profile
Image 15: Christopher Steele’s profile

Yaacov Apelbaum - Ohr's Writer Profile
Image 16: Nellie Ohr’s profile

Yaacov Apelbaum - Baumgartner Writer Profile
Image 17: Edward Baumgartner’s profile

The textual analysis of the reports comprising the dossier shows some interesting results. First I created a ground truth baseline for each of the dossier team members. The ground truth seen in images 18-20 was based on writings they published before 2016.

Yaacov Apelbaum - Christopher Steele Writer Baseline
Image 18: Steele’s writing style

Yaacov Apelbaum - Nellie Ohr Writer Baseline
Image 19: Ohr’s writing style

Yaacov Apelbaum - Edward Baumgartner Writer Baseline
Image 20:
Baumgartner writing style

Once I had a good baseline and a stylistic fingerprint, I proceeded to analyze the individual reports.  From the sample below, we can see that despite Steele’s claim that he wrote the document, (images 21-24), it is almost certain that it was written by another person, likely Baumgartner or Ohr. The writing style fits their writer profile in multiple categories. Even the “Detail” section in each report which appears on the surface to have been written by non-native English speakers, (i.e. the Russian raw intelligence) fits Baumgartner’s style. 

Simply removing definite articles from sentences and using poor punctuation is not enough to mask the fact that we have a single author and he is not Steele. There are, however, a few anomalies in the data (image 25) that indicate that some of the content—especially the latter reports that are written in a ‘talking point’ style—have been written by another unidentified author.

Yaacov Apelbaum - Dossier report writer profoile 1
Image 21:
Dossier report sample 1

Yaacov Apelbaum - Dossier report writer profoile 2
Image 22:
Dossier report sample 2

Yaacov Apelbaum - Dossier report writer profoile 3
Image 23: Dossier report sample 3

Yaacov Apelbaum - Dossier report writer profoile 4
Image 24: Dossier report sample 4

Yaacov Apelbaum - Dossier report writer profoile 5
Image 25: Anomalous dossier report

Baumgartner and Social Media
In addition to the writing style analyses, I’ve also correlated the content of the reports with various social media sources like Twitter, LinkedIn, and Facebook. The results reinforce the conclusion of the writing style results. As you can see below, Baumgartner’s tweets touch on many of the major topics and phrases in the dossier such as: Mikhail (Misha) Fridman, The Alfa group, Rigging the elections, Divisive campaigning, US citizens of Russian (Jewish) origin, Kremlin Buyer’s remorse, and others.

Yaacov Apelbaum - Baumgartner fridman

Yaacov Apelbaum - Baumgartner alfa group

Yaacov Apelbaum - Baumgartner rig US elections

Yaacov Apelbaum - Baumgartner divisive

Yaacov Apelbaum - Baumgartne russian jews 

Yaacov Apelbaum - Baumgartner buyers remorse

Image 26: Baumgartner’s tweets with key dossier keywords

Baumgartner social media posting history is also noteworthy because it correlates directly with his work in Fusion GPS. For example, he is re-posting information about the dossier utilizing media sources like Mother Jones. He’s essentially betraying prior knowledge of the dossier by including these specific buzzwords in his tweets.

On October 31, 2016, Baumbarnger was already retweeting the “dossier”.  Of interest are the dates. According to the date stamp on the last dossier, report # 186, it was written on 13 December 2016. So if we to accept this chronology, then we must conclude that individual reports were leaked out as soon as they were written, indicating that the dossier was not released in a single final batch form.

Yaacov Apelbaum - Baumgartner Trump as a double agent 2

Yaacov Apelbaum - Baumgartner pimping the dossier

Image 27: Baumgartner’s tweets of the dossier publication

After his initial retweet of the dossier, he embarks on a regular publication schedule further discussing some of the core talking points in the document. This includes topic like “Trump is a Russian agent”, an sheepish reference to “Christopher Steele, ex-British Intelligence officer, said to have repared [prepared] dossier on Trump…”, and the rationale for why a private security firm (i.e. Orbis) had to do the Clapper’s job.

Yaacov Apelbaum - Baumgartner Trump as a double agent

Yaacov Apelbaum - Baumgartner pimping steele

Yaacov Apelbaum - Baumgartner pimping orbis

Image 27: Baumgartner’s on-going dossier postings

As time goes on and the dossier story fails to create a groundswell, Baumgartner starts exhibiting signs of outrage. In addition to a lot of profanity, his posts also include calls for a coup against the “scumbag” elected president.

Yaacov Apelbaum - Baumgartner call for revolution 1

Yaacov Apelbaum - Baumgartner call for revolution 2

Image 29: Comrade Baumgartner and the call to arms

It’s interesting that even as of March 2018, Baumgartner’s Russian version website is actively pushing Russian propaganda articles such as “Путин: РФ стала одним из лидеров в системе противодействия отмыванию преступных доходов:”- Putin: Russia has become one of the leaders in the system of combating money laundering.  Which raises the question, is Baumgartner suffering from a reverse polarity disorder or is he just an agent provocateur?


Image 30: Retweet of a posting by TASS Russian News Agency

Fusion GPS’s Role
We know that Simpson played a significant role in both the ‘editorial’ and ‘creative’ processes. In his testimony, he confirmed sharing his investigative research with Steele. Obviously, he also directly supervised Ohr and Baumgartner. Fusion GPS’s involvement certainly went beyond just acting as the general contractor for the law firm Perkins Coie who had commissioned the report.

Simpson must have also acted as the intake for some of the US political sources found in the dossier that shows up in phrases like “an American political figure” and “TRUMP’s associate”. This included communications from the likes of Cody Shearer (who was working on a ‘second Trump-Russia dossier’), Sidney Blumenthal, and Jonathan Winer.

Winer himself sheds light on this information pipeline. According to his own account, he and Steele met and became friends in 2009 when both were in the business intelligence involving Russia. Winer went back to work at the State Department in 2013 but stayed in touch with Steele. He regularly shared Steele’s corporate intelligence work with the State Department’s Russia desk. “Over the next two years, I shared more than 100 of Steele’s reports with the Russia experts at the State Department, who continued to find them useful.”

What’s with the Ham?
There is a lot of buzz in the media about Nellie Ohr getting a Ham radio license and her possible uses for it. As the dossier project was kicking into gear, she apparently upgraded her skills far beyond Russian history and politics. In May 23rd, 2016, at the ripe old age of give or take 60, she gets a Technician radio license and is issued the call sign KM4UDZ with the registration information below:

Nellie H. Ohr, KM4UDZ
6435 Tucker Ave
Mc Lean, VA 22101

License Class: Technician
License Issue Date: May 23 2016
License Expiration Date: May 23 2026
FCC Last Transaction: LIISS
FCC Licensee ID: L02028239
FCC FRN Number: 0025607250
Latitude: 38.94,   38d 56m 24s N
Longitude: -77.19,   77d 11m 24s W
Grid: FM18
County: Fairfax

There are a number of curious things about her getting an Amateur Radio license so late in her career. 

  1. Her professional profile does not show her to be the techie type. She does not possess any technical, computer, or engineering skills (which is what typically propels individuals to get an Amateur Radio license).   
  2. She does not belong to any ARRL radio club in the Fairfax area 
  3. The radio clubs in her registration area have no records of administering the exam (Ham Radio exams are typically administered by the local ARRL club).
  4. Her call sign, KM4UDZ, shows no public activity which is an oddity because new hams are typically very chatty and can’t stay off the air when they first get their license.

As can be seen in Image 30, her technician rating is the lowest class of amateur radio license and has limited privileges with regard to the available frequencies and transmitter power output.

Yaacov Apelbaum - Technician Class Frequency Privileges in Ham Radio
Image 31: Technician Class Frequency Privileges in Ham Radio

So for all of the conspiracy theorists out there that believe that Ohr was engaged in OSS style late night transmissions from her barn to her controller in Moscow: relax. She wasn’t. Her radio class limits would only give her a line of sight range of 5-10 miles. In a repeater mode, she could push the range to 20-200 miles. If you don’t think that a 10-mile range is sufficient, think again. It is most likely that Ohr’s rationale for using a Ham Radio was as a substitution for a cell and landline phones in order to communicate with person/s located nearby. As you can see from the map below, she was well within the range of the entire downtown Washington D.C. area.

Yaacov Apelbaum - Nillie Ohr's HAM Radio Range
Image 32: Nellie Ohr Ham radio broadcast range map

We know that Ohr was the dossier’s liaison to some other agencies. It’s not unlikely that someone versed in SIGINT told her that she had to use a Ham radio because if the project went south, the first line of investigation would have been to subpoena all of her cell and phone records and analyze them with a tool like Log Analysis to completely re-construct her operational network.

Yaacov Apelbaum - Phone Log Analysis Tools
Image 33: Log Analysis phone number network discovery application

We know that her husband Bruce Ohr was the Department of Justice’s official contact for Steele and Fusion GPS and in fact held meetings with him about the dossier. We also know that he headed a task force code named Cassandra and Operation Fast and Furious that among other thing utilized cell phone tracking technology to identify money laundering and drug and weapon smuggling. So it makes sense that he was aware of the need for electronic surveillance countermeasures.

But what about tracing her Ham call sign during transmission, wouldn’t that eliminate her radio anonymity?

In theory, this is true, but in practice, it can be circumvented. If Ohr was careful, this problem could have been solved with devices like the Harris XG-75P/100P.  Encrypted radio transmissions can also be used to obscure the identify of the sender and receiver of the message. For example, unencrypted HSMM uses a ping packet containing the station call sign to identify the station, similar to how a 2-meter repeater periodically announces its call sign. But if HSMM is operated using WEP encryption (available as a plug-in), those packets would be obscured, and the call sign of the station licensee could not be received by anyone without the keys. So, in addition to the message itself, the identity of the sender call signs would also be hidden.

The Circle Jerk
In intelligence analysis there is a concept called “Circle Jerk”, it’s a form of a feedback loop that occurs when information becomes re-iterated and rewarded in perpetual cycles. For example,  “Analyst A” releases a bit of dubious intel. “Analyst B” reads the claim and puts it in his report.  “Analyst A” reads the intel in Analyst B’s report and decides that his intel may actually be true. “analyst C” picks up “Analyst A’s” and “Analyst B’s” reports and expands on it creatively.  “Analyst A” and “Analyst B” now are certain that their original piece was accurate. Actually, none of it is accurate. The same applies to many of Steele’s reports; they progressively build upon previous dubious intel.

So who wrote the dossier? All of the evidence points to Ohr and Baumgartner. Veselnitskaya was most likely their source (and Steele’s imaginary list of assets in Russia) for most of the raw Russian intelligence. She is the only person on the Fusion GPS team who actually had deep connections to Russian politics, the Kremlin, and Russian intelligence. Ohr most likely used DOJ and State Department documents that pertain to organized crime, cybersecurity, corruption, and opportunistically incorporated them into the reports.

It is likely that all of the tidbits of information in the report that are marginally plausible and give the dossier this thin veneer of creditability came from Veselnitskaya and Ohr. Simpson clearly alludes to this when he said in the testimony:

We –you know, they  [Steeles network of resources] identified -one memo identified a Russian guy who worked for an NGO called Rossotrudnichestvo, which is –you know, I didn’t know it at the time, but I was able to learn from looking at it that the FBI considers that to be a front for the SVR. So, you know, either the people were extremely knowledgeable about a lot of obscure intelligence stuff or, you know, they –what they’re saying had some credibility.

So, if Veselnitskaya and Ohr were the source for the raw intelligence, Baumgartner is likely the unnamed “friend” or “close colleague” of the alleged Russian insider sources, who we’re led to believe “confided” in that “mutual friend” who shows up all over Steele’s reports.

When it comes to the bulk of the literary work, Baumgartner and Ohr likely authored the ‘raw’ intelligence and Steele—if he did any actual writing— just touched up Baumgartner’s reports in order to tag them with his scent and make them look spyish. 

Ohr’s organizational role was probably limited to acting as the liaison between the Fusion GPS team, her husband Bruce at the DOJ, and possibly as a cut-out to other agencies. She generously took advantage of the lucrative billable hours that Fusion GPS presented to her. This was despite her being fully aware of the conflict of interest that this posed for her husband—which eventually lead to him losing two job titles and a demotion at the DOJ. 

Anyone who has ever worked in intelligence knows that a good debriefing must answer the questions of when, where, who and how. Very little of the dossier’s raw intel does that. It is mostly based on platitudesgeneralizations, and truisms. When Steele provides hard data like in report # 136 describing Cohen’s August 2016 trip Prague, he is proven wrong.

Steele anticipated this criticism and countered it by building-in plausible deniability through statements like:

“but key witnesses silenced and evidence hard to obtain” or

“all direct witnesses to this recently had been “silenced” i.e. bribed or coerced to disappear.”

In the end, Fusion GPS failed to deliver the goods and as the Elections of 2016 came to an end, Baumgartner posted this Tweet:

Yaacov Apelbaum - Baumgartner Après moi, le déluge

It is just this sort of pompous righteous comment that you might expect from a paid literary assassin. In response, I must point out that after you Mr. Baumgartner—indeed—did come the flood! And on the topic of French proverbs, I will defer to La Fontaine’s concluding line in the Cock and the Fox fable: “C’est double plaisir de tromper le trompeur” (it is a double pleasure to deceive the deceiver).

Simpson sold himself to the DOJ, State Department, and FBI as the ultimate fox, but in the end only delivered a pile of expensive chicken droppings.

As far as Steele and the rest of dossier cabal, they can be summed up in the a quote from Antony Johnston’s Atomic Blonde:

Percival : To win, first you have to know whose side you’re on. In our line of work, that’s right up there with black holes or “to be or not to be.” You fight the good fight, and then one day you wake up and you realize that all you were was Satan’s little helper.

© Copyright 2018 Yaacov Apelbaum, All Rights Reserved.


So How Tall is the Staff of Ra?

Yaacov Apelbaum - 3 Amah

We were going over some Indiana Jones trivia during dinner recently and one of the questions that came up had to do with the lenght of an item that appeared in the Raiders of the Lost Ark called the “Head of the Staff of Ra”.  The discussion must have triggered some long lost memory in my brain because I suddenly remembered that in the movie, that object—which is a sort of a medallion—had an inscription on it.

Hoping that there was a quick way to figure out the math, I searched online for the phrase “head of the staff of Ra” and got an image of the original prop used in the movie. Sure enough, both sides had a clear and legible engraving in none other than ancient Hebrew script (also known as Paleo-Hebrew ).

Yaacov Apelbaum - Headpiece to the staff of Ra

Transliterations and translations of the inscriptions are as follows:

Obverse Side

Reverse Side

vamh aht mel kds kbd yhvh vhmskn

tt amh qmtw

ואמה אחת מעל קדש כבוד ה’ והמישכן

תת אמה קומתו

And one amah above holy to honor G-D and the Tabernacle

TT amah is its height

As soon as I translated the text, I realized that the inscription had some glaring stylistic and contextual problems. First, the writer chose the word for “add” to be מעל which is most often used to means above or from as in Kings 1:20:41. The proper form should have been a word based on the root יסף. Second, the form of קדש כבוד is never used together in reference to holy offerings. The more common form should have been קדש ל’ה as in Exodus28:36.
Beyond the inscription itself, the script contains some contextual problems as well.  The main ones are:
Problem 1 – The movie script doesn’t jibe with the inscription text in terms of translation.
Problem 2 – The height measurement unit used are inconsistent.
Problem 3 – The seared imprint on Major Toht’s right hand is the obverse side of the inscription.

Problem 1

When Imam translates the inscription for Indy (see scrip below), he says: “This is a warning not to disturb the Ark of the Covenant”, yet that warning doesn’t exist in the inscription. It’s also a puzzle why Indy can’t translate it himself considering that he is a professor of archeology who graduated from the University of Chicago with a major in linguistics. Also, contrary to Imam’s claim that Indy should “…take back one kadam to honor the Hebrew God whose Ark this is”, the obverse inscription clearly calls for exactly the opposite: to ADD one amah to the base value.

Problem 2
Imam further states that the base height of the staff is six kadam and according the Salah’s calculation, this is about 72” (it’s actually 69”). The problem with this calculation is that we don’t know where Imam is getting the 6 kadam figure from. The inscription uses the term amah on both sides of the medallion. Interestingly, Egypt abandoned the use of the kadam in favor of the metric system in 1891, 45 years before the timeframe of the scene in the movie. Technically, then, Imam should not even be using the term.

Assuming that the reverse side of the medallion is following the form found in Kings 1:6:2, the height for the staff should be indicated in the first two letters of the word  HeMemAlephTawTaw(Hebrew is read from right to left). In Hebrew, each letter of the alphabet has an associated numeric value and the value of X (or ת value in post sixth century BCE Hebrew typography) is 400.  So XX could be read as 400+400=800 amah or 472 feet.  Even if we read the first two letters XX as the spelling of the letter Teth Teth which equals 9, it would make the staff about 13 feet. This doesn’t make any sense as we can see clearly from the movie that the staff is about 7 foot tall.

Length Measurements Used
Amah  = 48 cm. (18 in.)
Kadam = 29 cm. (11.5 in.)

So in the case of problem 2, either there is a special way to read the XX value as 69” or the value in the inscription is wrong and should have been written as HeMemAlephDaleth, i.e. 4 amah.

Problem 3
The seared imprint on Major Toht’s right hand is actually the obverse side of the inscription. This means that contrary to Indy’s statement, Belloq had no way of getting the base staff height because the reference is located on the reverse side. On the other hand, if Belloq managed to get the base height somehow, he than had all of the missing information to construct the right height staff and in fact his staff was not too long.

Yaacov Apelbaum Major Arnold Ernst Toht-

So how long is the staff or Ra? It’s impossible to tell using the inscription. One thing is for sure, just like in anything else in life, G-d is in the details. Creating a plausible fiction that relies on an actual ancient language, epigraphy, biblical scholarship, historical facts, and math, and then wrapping the whole thing up in a dramatic screenplay seems to be just too complex of an undertaking. To paraphrase Mark Twain “It’s no wonder that truth is stranger than fiction. Fiction has to make sense”.

Movie Script
Imam: Come, come, look. Look here… look. Sit down. Come, sit down.
Indy:   What is it?
Imam: This is a warning not to disturb the Ark of the Covenant.
Indy: What about the height of the staff, though? Did Belloq get it off of here?
Imam: Yes. It is here. This was the old way,
this mean six kadam high.
Sallah: About 72 inches.
Imam: Wait! And take back one kadam to honor the Hebrew God whose Ark this is
Indy: You said their headpiece only had markings on one side. Are you absolutely sure?
Indy: Belloq’s staff is too long. They’re digging in the wrong place.
Indy and Sallah: They’re digging in the wrong place!!

Yaacov Apelbaum - ROLA Script

© Copyright 2017 Yaacov Apelbaum, All Rights Reserved.

Pack of Asses in Shangri-La

Yaacov Apelbaum - Asses in Shangri-La

A donkey pack in Shangri-La: The first dumb ass on left is the laziest, he slows down the pack because he is always looking for something to eat. The group of jackasses in the middle just stand there contemplating the concept that death is a cosmic opportunity. The big ass on the right is their enlightened guru. He imparts to the pack the consciousness that forms the foundation of their spirituality and growth.

In September 2011, while on photography assignment for a nature show called Frozen Planet to Wood Buffalo National Park in Alberta, Canada, Chadden Hunter and his team captured some imagery of a wolf pack hunting bison. Hunter provided the following description of the image:

Yaacov Apelbaum - Pack of Wolves 1

Chadden Hunter’s Original Wolf Pack Photograph

“A massive pack of 25 timberwolves hunting bison on the Arctic circle in northern Canada. In mid-winter in Wood Buffalo National Park temperatures hover around -40°C. The wolf pack, led by the alpha female, travel single-file through the deep snow to save energy. The size of the pack is a sign of how rich their prey base is during winter when the bison are more restricted by poor feeding and deep snow. The wolf packs in this National Park are the only wolves in the world that specialize in hunting bison ten times their size. They have grown to be the largest and most powerful wolves on earth.”

Now, forward the clock by 4 years to December 17, 2015, a user named Cesare Brai publishes a post on an Italian-language FB page. He uses Hunter’s original image but provides this alternate verbiage:

"Un pacco di lupi: i primi 3 sono i vecchi o gli ammalati, danno il passo all’intero pacco. Se fosse l’altro, essi sarebbero stati lasciati indietro, perdendo il contatto con il pacco. Essere sacrificati, poi vengono 5 forti, la prima linea, al centro sono i restanti membri del paccho, poi i 5 più forti seguendo: l’ultimo è solo, l’alfa, controlla tutto dal retro, in quella posizione può vedere tutto, decide la direzione, vede tutto il pacco, il paccho si muove secondo i tempi più anziani e si aiuta reciprocamente, si guardano a vicenda ".

Cesare Brai’s post is interesting, for the following reasons:

– From the post’s grammar it is clear that he is not a native Italian speaker
– Shortly after publication the post was taken down and Brai disables his FB account
– Cesare Brai has no internet presence beyond the wrong photo credit attribution

Three days later, on December 20, 2015, the Italian Facebook posting is translated into English and is posted again on FB by Barbara Hermel Bach. The translation appeared as follows:

"A wolf pack: the first 3 are the old or sick, they give the pace to the entire pack. If it was the other way round, they would be left behind, losing contact with the pack. In case of an ambush they would be sacrificed. Then come 5 strong ones, the front line. In the center are the rest of the pack members, then the 5 strongest following. Last is alone, the alpha. He controls everything from the rear. In that position he can see everything, decide the direction. He sees all of the pack. The pack moves according to the elders pace and help each other, watch each other."
Cesare Brai’s photo. — with Deb Barnes.

Ignoring for a moment the actual content of Bach’s posting, it is interesting to note that her verbiage is a reverse English translation of Cesare Bria’s Italian text which means that the text was most likely first written in English, then subsequently translated and posted in Italian under Brai’s name, and finally reposted in English under her name. 

In her post, she attributed the photo credits to the mysterious Cesare Brai. It is a noteworthy mistake because her collaborator on this post is one Deborah Barnes, a professional animal photographer who judging from her multiple website notices is very sensitive to issues of copyright infringements.

Yaacov Apelbaum - Deborah Barnes

Deborah Barnes’s About Webpage

Barbara Hermel Bach - Pack of Wolves

Barbara Hermel Bach Facebook Post

In terms of memetic engineering, the post was a hit! Within a few weeks, it went viral and has since garnered close to 486K views and over 237K shares. As you can see from just a few of the comments below, Bach’s new age wolf pack narrative clearly struck a chord with her audience:

Yaacov Apelbaum - Wolf Pack Comments

Content Adaptation by Management Consultants and Corporate Trainers 
By 2016, the wolf pack leadership concept in Bach’s FB post took the recruiters, management coaches, and efficiency consultants world by storm. Many of them embraced the idea and were thenceforth using the bogus narrative in their online publications.

Of special interest is the marking algorithm used by each of the republishes to re-brand the image and idea as theirs. As you can see from the few variations below, each one alters the original image by using a simple variation on color, geometric shape, and/or arrow orientation.

Yaacov Apelbaum - Pack of Wolves 2

Yaacov Apelbaum - Pack of Wolves 3

Yaacov Apelbaum - Pack of Wolves 4

Yaacov Apelbaum - Pack of Wolves 5

Yaacov Apelbaum - Pack of Wolves 6

Copycat variations on Bach’s Posting

So why all of the subterfuge, stratagems, and ruses? Why go through all of the trouble to hide Hunter’s name as the original photographer? Why alter the real location of the shot and go through all of the trouble of creating a sock puppet called Caesar Brai? And even now, why not just come out and either remove the original posting (which is a blatant copyright violation) or just state for the record that the narrative is false? After all, even Hunter, the photographer who took the original shot publically posted on his Twitter account that he was being ripped off by Bach:

Yaacov Apelbaum - Pack of Wolves 7

Hunter’s Image Piracy Tweet

It’s hard to answer these questions with certainty. We know from the posting that both Barnes and Bach contributed to it. Using writing style analysis (I’ve used (JStylo-Anonymouth) suggests that Bach wrote the verbiage. If that was the case then what was Barnes’ share? It is possible that as a professional animal photographer, she stumbled on Hunter’s original image and felt that she could repurpose it by attributing it to the fictitious Cesare Brai. As the “animal expert”, she could have also provided the “new age” insight into the wolf pack behavior.

By 2015, four years have passed since this image was originally seen on Frozen Planet and the chance that anyone would remember it would be slim. So the rational must have been that changing the name of the photographer and withholding the location of the shot would help add two additional layers of obscurity to the image.

What I find the most interesting about this and her other posts is that it required a significant amount of effort in terms of planning and execution and that her network produces large amounts of these type of materials on regular basis.

Considering that Bach is a liberal activist with an aggressive political agenda and a member of a large community of similar minded individuals who distribute such high grade social propaganda, it’s plausible that these publications are part of some kind of an organized political media production line.

Yaacov Apelbaum - Resistance   Yaacov Apelbaum - Resistance

Yaacov Apelbaum - Resistance   Yaacov Apelbaum - Resistance

Samples of Bach’s Social Action Content

Out of courtesy and to give Bach and Barnes the benefit of the doubt, I reached out to both of them to inquire about their sources of the image and verbiage. Alas, I have not received a response.

As far as the spiritual and uplifting content of Bach’s posting is concerned, there’s good news. Now you too can generate similar materials, and no, you don’t have to spend 7 lost years in Tibet on a soul searching journey. You can do so effortlessly with a few mouse clicks!

Just do as I did it with the “Pack of Asses in Shangri-La”. Pick a random animal pack image, go to the the inspirational BS Generator or Corporate BS Generator and in no time, you will be the leading ass who manages the pack from behind. Or as the BS generator would put it:

"You would be seamlessly innovating new backend leadership paradigms".

© Copyright 2017 Yaacov Apelbaum, All Rights Reserved.

The Mystery of US sUAS Airspace

Yaacov Apelbaum - sUAS FAA Regulations

If you feel like you are in thick fog and are struggling to decipher the mysteries of FAA Airspace regulations as they apply to sUAS operations, you are not alone.  

The following is a simplified poster version f the current FAA Airspace chart with some additional operational flight information and rules (click on image for full size).


As for the operational part, here are my top 10 pointers:

1. Don’t fly over people (§ 107.39)
2. Stay below 400’
3. Maintain a visual line of sight to the aircraft (§ 107.31), unless you have a BVLOS waiver 
4. Don’t fly after sunset (§ 107.29) unless you have an night waiver
6. Don’t fly in inclement weather
6. Be mindful of privacy and the invasive nature of sUAS based photography
7. Get permission before flying over public, private, or commercial spaces
8. Obey the “8 hours bottle to throttle” law
9. Consult and study your area sectional chart before flying
10. Always perform a site survey and physical risk assessment before taking to the air

Safe flying!

© Copyright 2017 Yaacov Apelbaum, All Rights Reserved.

Poor Little Bobby Tables

Yaacov Apelbaum - Little Bobby Tables Crying

We are in the midst of a security review for one of our platforms and have been discussing data input sanitation, so I’ve used the “Little Bobby Tables” cartoon to liven up the text in the SQL Injection chapter. I love this illustration because it is so poignant but when I read it this time, I realized that it was missing something. 

Bobby Tables

The problem is that Mrs. Roberts only tells the school representative about the data sanitation issue. The far bigger problem here is that the school DBA only seems to back up their DB once a year!

© Copyright 2017 Yaacov Apelbaum, All Rights Reserved.

Good day to you!

Khoroshiy den' dlya tebya!

The other day, I got this cryptic email. It read:

From: Wayne Millbrand <>
Date: 03/27/2017 2:23 PM (GMT-05:00)
To: ***
Subject: ***

Good day to you!

I have a rather delicate issue, which touches directly to you. Don’t be surprised how do I learned about you! The fact is that I have got already a second letter from the person, I do not know which asserts that you are fraud involved. He insists, that you forced him transfer funds on your PayPal account under fictional reason. However,with this information he pointed out your private data up to address:

First Last Name
Street Address
State (with capitalization error)
Zip Code

Now he is collecting information and planing to contact the police. I advise you to view the information that he sent to me. I have attached Fine.doc with a copy of all of his messages.

Document was password-protected – 4299
Please explain to me what’s happening.  I hope that all of this is a silly misunderstanding.

Best regards,

Wayne Millbrand

Based on the fake email address and the tell-tale Anguished English, I concluded that this was just another phish. 

I usually delete these emails promptly, but this one had an interesting component to it: it came with a password protected MS Word document. This is somewhat unusual because they typically expect you to just launch the attachment and activate the payload immediately. 

So it appears that the attack strategy was to:

  • Send a threatening email
  • Add some publicly available information about the recipient to make it look genuine
  • Encrypt the document in order to hide the payload from an anti-virus scanner
  • Provide the password in the email to allow the user to open and decrypt the file
  • Activate the payload in the MS Word document and infect the user’s machine

Inside the encrypted Word document, I found the following API declarations, variable names, and this code:

Shell32.dll   ShellExecuteA
Kernel32     GetTempPathA
Kernel32     GetTempFileNameA
URLMon"     URLDownloadToFileA

Dim wyqud As String
Dim zdwie As Long
Dim rufhd As Long
Dim bldos As Integer
Dim mufid () As Byte
Dim kmvbf As Long
Dim dfety As Long
Dim bvjwi As Long
Dim wbdys As Long
Dim dvywi (256) As Byte
Dim wdals As Long
Dim dwiqh As Long

API Declarations and Variables
Yaacov Apelbaum-Document OpenYaacov Apelbaum-Functions

This seems to be a variation on an old theme where as soon as the user opens the file, the routine executes a URL file download from one of these two backup sources: 

h t t p://
h t t p://

The macro is quite sophisticated, it can even prompt the user to disable their firewall if the download fails. Both GIFs—despite having an appropriate header block and some image content bytes—actually carry the encoded malware.

The macro uses a subroutine to extract the executable binary from the downloaded GIF. It stores the binary in a temp file, appends an “exe” extension to it, and then using the Explorer function ShellExecuteA, executes it in order to install additional malware. In this case, it was ransomware that encrypted the Documents folder. 

Yaacov Apelbaum-Ransomware e

The installed ransomware in action

Interestingly, the first compromised URL used by the malware was website that belongs to, a Swiss accounting and corporate services firm that ironically advertises itself as providing “Privacy and secure Data storage” and:

  Accounting services

  Secure financial services

  Data entry from paper to digital

  Scanning paper data to digital

  Archiving data anonymously 2


The before and after the breach websites


Mafia Scripts

The website

Another noteworthy strategy is that both, the repurposed Swiss financial site as well as the second German gaming site required a login. This provides an additional layer of security by preventing internet security scanners from tracking down the payload by trying to follow a link to the malware.

From the variable naming convention and the language of the email itself, it seems that the writer is non native English speaker. The metadata from the Word document further supports this and suggest a strong link to a Russian origin. First, the author’s name was preserved as виньда (Vinda) and the company name came up as: SPecialiST RePack. 

SPecialiST RePack Metadata

SPecialiST RePack is a Russian digital publisher that is used for repackaging software.  According to Emsisoft malware database, they are a source of a large number of infected files and products.

SPecialiST RePack

SPecialiST RePack infected content

As far as the unfortunate site, it seems that it was breached in the past few months as the Wayback Machine still shows them operational on October 4, 2016.

I’ve tried to contact Adenzia and give them heads up that they need to have a look at their network. As of this date, I haven’t heard back from them. This could be an indication that either the site was a front for malware distribution from the get go or else it is no longer in business and has been abandoned.   

© Copyright 2017 Yaacov Apelbaum, All Rights Reserved.

Coincidence or Not?

Coincidence or not

You may have seen this motivational masterpiece. It’s a favorite among performance consultants. 

It goes as follows:


1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26


11 14 15 23 12 5 4 7 5 96%


8 1 18 4 23 15 18 11 98%

Both are important, but fall just short of 100%


1 20 20 9 20 21 4 5 100%

So the moral of the story is that if you have the right attitude, you will achieve 100 percent of your potential. 

It sure looks great on paper. To test the mystical value of this proposition, I’ve written a short script to first create words that are between 2-12 character long that add up to the value of 100 and then find which of these is found in a dictionary. 

As might be expected, the script generated hundreds of valid words (see the short sample below just for the letter A). It turns out that many of them are not very motivational.

1 20 20 9 20 21 4 5 100%
B O Y C O T T  
1 20 20 9 20 21 4   100%

The problem with all of these leadership gimmicks is that they fail to understand the fundamentals of human performance, chiefly that nothing in nature functions at 100% efficiency. In actuality, anything that’s operational at the 70 percentile range is outstanding. 

Anyone with doubts should consult Frederick Brooks’ Mythical Man-Month.


Letter Values



1 + 2 + 18 + 15 + 7 + 1 + 20 + 9 + 22 + 5



1 + 3 + 18 + 15 + 13 + 5 + 7 + 1 + 12 + 25



1 + 6 + 6 + 5 + 3 + 20 + 1 + 20 + 9 + 15 + 14



1 + 12 + 9 + 14 + 5 + 1 + 20 + 9 + 15 + 14



1 + 14 + 3 + 8 + 15 + 18 + 9 + 20 + 9 + 3



1 + 14 + 7 + 12 + 15 + 16 + 8 + 15 + 2 + 9 + 1



1 + 14 + 15 + 18 + 3 + 8 + 9 + 19 + 13



1 + 18 + 25 + 1 + 14 + 9 + 19 + 13



1 + 19 + 2 + 5 + 19 + 20 + 15 + 19



© Copyright 2017 Yaacov Apelbaum, All Rights Reserved.