Robert Mueller’s Deflective Force Field

Robert Mueller and His Deflective Forcefield

On July 24th at 8:32 AM EST, all eyes and ears were turned to the former special counsel, the honorable Robert Mueller. Going into the hearings, the Republicans hoped to expose multiple structural cracks in the report. The Democrats, on the other hand, tried to get just one conclusive evidence of collusion and election tampering to justify impeachment.

Just like other interested citizens, I have been following the Russian collusion and DNC email hacking saga since 2016, so naturally, I expected that Mueller would address some of the key findings in the report, but alas, my hopes for insight and clarity were dashed. What promised to be simple Q&A session turned out to be a painful, 454 minute game of charades where you never get to figure out any of the answers.

At 8:54 AM, 48 minutes and 18 seconds into his sworn testimony, Robert Mueller–the consummate DC political bureaucrat–activated his industrial strength fog machine and deployed a force field deflector shield. This set in motion a reoccurring pattern of ducking, dodging, and sidestepping direct and specific questions about his pet project report.

Despite the lack of clarity in his answers and his alarming unfamiliarity with his own work (e.g. not knowing who Fusion GPS was), I found the session to be insightful and a veritable treasure trove in terms of body language, image artifacts, and audio content worthy of analysis. Mueller spoke for about 7 hours and provided a rare opportunity to capture his conversational patterns, facial characteristics, and behavioral fingerprint when under duress while in a single continual homogeneous session–and all of this in a well lit environment in front of high resolution cameras. For video analytics, It don’t get no better than this!

A Note About Lie Detection
Nonverbal queues or AKA body language is a form of communication. It is similar to verbal communications expect that it’s done through facial expressions, gestures, touching, physical movements, posture, bling, tone, timbre, and various speech and voice characteristics. Nonverbal behavior comprises a large percent of all interpersonal communication and can provided insight into a person’s thoughts and feelings.

The theory behind the ability to detect lies from body language is that most people who are lying find it difficult to maintain physical and mental comfort under ongoing questioning. The result is observable distress in their speech and appearance. This is because disguising the truth requires significant amount of left brain creative processing, that in turn, increases cognitive load as the person struggles to ‘make up’ answers to what would otherwise be fast memory recollection responses.

That said, there is no such thing as an accurate lie detector. Polygraphs or professional body language readers can only spot person’s discomfort and stress as they relate to certain topics of conversation and then focus on these areas for further analysis. If the annals of polygraph testing teach us anything, it is that professional liars like Aldrich Ames, Robert Hanssen, and Kim Philby (who ironically wrote the chapter about catching double agents), were resistant to lie detection.

It is also relevant to note that criminal courts usually don’t accept polygraph tests or body language reading as evidence because they are considered unreliable by academic psychologists (Christine Blasey Ford may disagree with this finding) and by reputable scientists. In addition, the person who administers and assesses the test has a great deal of control over how the test is conducted and its outcome. This, by itself, can completely skew or invalidate the test.

An Experienced Counter Intelligence Officer
When evaluating Mueller’s testimony, it is important to remember that he is a professional with years of experience in debriefings (over 80 congressional testimonies), legal depositions, interrogations, and counter intelligence work. This was evident in his testimony. With a few exceptions, he avoided taking the bait from hostile questioners’ and utilized common counter-interrogation techniques such as draining the clock by asking for questions to be repeated (18 times), requesting the speaker to cite and point to the specific references in his copy of the documents (9 times), endlessly paging though his folder without finding or reading any of the referenced content (7 times), and answering at length about unrelated issues.

Mueller’s most frequent deflection tactic was to to use I-phrases such as “I can’t get into…” or “I’m not going to…”. The former special special counsel declined to answer all relevant questions about topics such as the Steele Dossier, Fusion GPS, the usage of paid informants, and the genealogy of the FISA applications. As can be seen in Table 1, out of about 230 total questions, Mueller dodged about 198 and only provided vague non-committal responses to 10 others. This amounted to failing to answer about 87% of all questions. 

This was quite a performance for the shining knight of justice, especially if you consider the DOJ mission statement of:

“To enforce the law and defend the interests of the United States according to the law; to ensure public safety against threats foreign and domestic; to provide federal leadership in preventing and controlling crime; to seek just punishment for those guilty of unlawful behavior; and to ensure fair and impartial administration of justice for all Americans.

The key operative word here is “ensure”, not try, attempt, or do your best, but to verify and confirm.

Mueller Deflection Timeline
Chart 1: The distribution of Mueller’s instances of dodging or refusing to answer questions during his testimony

Mueller’s Response Algorithm
Mueller was selective in what questions he deflected. To the casual observer, it may have seemed that he was laconic across the board, but that wasn’t’ the case. In multiple non–sequential instances, he provided elaborate and definitive responses to questions but these were almost exclusively from Democratic Congress and Intelligence Oversight Committee members. With a few exceptions, most of his verbose responses could be categorized as being damaging to President Trump.

Mueller Keyword Cloud
Image 1
: Mueller’s Tag Cloud of the types of words and phrases that he used to avoid answering the questions. The operative sentence that proceeded most of these words was ”I’m not going to…

As can be seen in Table 1, the taxonomy of his answers contains a large variation of the first person “I”, “I’m”, and “my”. This suggests that Mueller felt a strong affinity to the document. He never used the form “we”, “our”, or “the team” which would have been more appropriate considering his repeated assertions that the report was a large team effort and that no single individual has mastered its content.

#

Time

Response to Question

1

8:54

I stick with the language that is in front of you

2

9:00

I will leave the answer to our report

3

9:02

I’m not going to discuss other matters

4

9:04

I’ll refer to the report

5

9:05

Pass

6

9:06

I can’t say I understand the statistics

7

9:15

I direct you to the report for how its characterized

8

9:16

I rely on the language in the report

9

9:21

This is one of those area which I decline to discuss and will direct you to the report

10

9:23

Again, I send you to the report

11

9:26

I have to pass on that

12

9:27

I rely on the report

13

9:30

This is outside my purview

14

9:30

That is outside my purview

15

9:31

Outside my purview

16

9:32

I refer you to the report

17

9:33

This is still outside my purview

18

9:34

I will refer you to the report on that episode

19

9:36

I’m going to ask you rely on what we wrote about that incident

20

9:38

I’m again would refer you to the report and the way its characterized in the report

21

9:38

I’m not going to get into that

22

9:40

I can’t get into that. That’s internal deliberation of the justice department

23

9:45

I direct you again to the report

24

9:46

Whatever was said will be in the report

25

9:47

I can’t answer that questions

26

9:50

That’s not in my purview

27

9:51

I can’t get into that

28

9:53

I can’t get into that

29

9:54

I am not going to get into it

30

9:55

I would refer you to the coverage of this in the report

31

9:56

I would refer you to the report

32

9:57

I send you back to the report

33

9:58

I refer you to the write-up of this in the report

34

9:58

I can’t beyond what’s in the report

35

10:00

I can’t get into internal deliberations

36

10:01

I can’t get into the evidentiary findings

37

10:02

Can’t get into that

38

10:19

I will leave it as it appears in the report

39

10:20

I’m just going to have to refer you to the report if I could

40

10:21

I don’t want to speculate

41

10:22

I rely on the wording of the report

42

10:24

With regards to Steele, that beyond my purview

43

10:25

It’s not within my purview

44

10:26

As I said before and said again, it’s not within my purview

45

10:28

I refer you to the report on that

46

10:29

That’s an area in which I cannot get into

47

10:40

I’m not going to get into what we may or may not have included in our investigation

48

10:41

I’m not going to get into subsidiary details. I refer you again to the page 91-92

49

10:46

I can’t speak to that

50

10:47

I am under orders that don’t allow me to give you an answer to that particular question

51

10:48

I can’t get into the discussion on that

52

10:53

I’m not going to be involved in the discussion on that…

53

10:56

I’m not going to go further in terms of discussion…

54

10:57

I can’t get into our investigative moves

55

10:57

I’m not going to get into that any further than I already have

56

11:02

I can’t speak to that

57

11:02

I would say I rely on what’s in the report

58

11:07

That letter speaks for itself

59

11:10

I’m not going to go beyond that

60

11:11

I refer you to the court proceedings on that issue

61

11:15

I’m not going to get into that

62

11:16

I can’t speak to that

63

11:18

I’m not going to talk to that

64

11:20

I’m not going to speak that

65

11:22

I’m not going to get into what was in Mr. Comey’s mind

66

11:23

I’m not going to delve more into the details of what happened

67

11:25

I’ll leave that to the attorney General

68

11:26

I’m not going to get into ta discussion on that

69

11:27

Again, I refer you to the report

70

11:28

I refer you to the lengthy dissertation on exactly whose issues that appears in the report

71

11:33

I can’t speak to that

72

11:34

That was outside out purview

73

11:34

I’m not going to speak to that

74

11:35

And I am not going to answer that question, sir

75

11:35

I’m not going to speak anymore to that

76

11:36

I’m not going to answer that

77

11:36

I have nothing to add

78

11:37

I’m not going to add to what I have stated before

79

11:39

I feel uncomfortable discussing anything to do with the Stone indictment

80

11:40

I’m not going to speculate

81

11:41

I’m not going top discuss that

82

11:43

Not going to talk about that

83

11:46

I’m not going to answer that

84

11:53

I’m not going to talk about that issue

85

11:58

I’m not going to get into that. It’s a little of track

86

12:00

I have to say the letter itself speaks for itself

87

12:01

I go back to the latter. The letter speaks for itself

88

12:02

I can’t answer that question in a vacuum

89

12:03

We have not specified the persons mentioned

90

12:04

I’m not going to speculate

91

12:05

I’m going to pass on that

92

12:08

I’m not going to comment

93

13:17

I’m not going to go into details of the report

94

13:20

Those areas, I’m going to stay away from

95

13:20

I’m not going to get into those matters to which you refer

96

13:24

I’m not going to speak to the series of happenings as you explained them

97

13:26

I’d have to refer you to the reports on that one

98

13:26

I’m not going to speculate

99

13:28

I can speak to the half of the half of your question that’s on the screen being accurate

100

13:28

I’m not going to speak to that

101

13:32

Again, I’m not going to discuss the issues related to Mr. Steele

102

13:34

Again, I pass on answering that question

103

13:37

That’s about all I’ll say on this aspect of it

104

13:41

I’m going to pass on that

105

13:42

I take your question

106

13:46

I’m not going to speculate along those lines

107

13:48

I’m not going to opine on that. I don’t have the expertise in that arena to opine

108

13:48

I cannot agree with that. Not that it’s not true, but hat I can’t agree with it…

109

13:50

That portion or that matter does not fall within our jurisdiction

110

13:51

I direct you to the report for how its characterized

111

13:53

I’m not going to discuss any other alternatives

112

13:57

I can’t speak to that. That would be in levels of classification

113

13:59

I’m going to stay away from one particular or two particular situations

114

14:01

I’m not going to talk about specifics

115

14:02

I’m not going to speak to that

116

14:10

I’m not going to get into that. It goes into internal deliberations

117

14:12

Again, I’m going to pass on that

118

14:13

As I said before, this is an area that I cannot speak to

119

14:14

Again, I’m not going to speak to that issue

120

14:14

Questions such as that should go to the FBI

121

14:31

And I’m not going to discuss that

122

14:32

I’m not going to get into that

123

14:33

And again, I’m not going to respond to that

124

14:34

Again, I can’t respond

125

14:35

Again, I can’t speak to it

126

14:35

Again, I can’t answer that

127

14:36

Again, I’m not going to go there

128

14:37

I think you understand I cannot get into either classified or law enforcement information

129

14:37

I can’t respond to that question, it’s outside my jurisdiction

130

14:42

Again, I can’t speak to that

131

14:43

I can’t go into it

132

14:45

I’m no longer in the Federal government, so I’ll pass

133

14:46

I don’t want to wade into those waters

134

14:51

I defer to the report on that

135

14:54

I can’t get into a discussion on it

136

14:55

I can’t answer that

137

14:56

I can’t get into that

138

14:56

Again, it’s the same territory that I’m loath to get into

139

15:06

I’m not going to talk to that

140

15:06

I’m not going to talk to that

141

15:09

That I can’t get into

142

15:12

And I can’t get into that area

143

15:13

I can’t answer that question

144

15:16

I’m not going to get into that

145

15:17

I cannot get into that

146

15:21

I will not get into that

147

15:23

I leave that to you

148

15:24

Again, speculation

Table 1: Sampling of reasons from about 200 instances for Mueller’s refusal to answer questions

The Evaluation Process
Mueller’s testimony consisted of over 750,000 video frames. Evan a trained interrogator could only process a small percentage of this data. Add to this the observer’s distraction, blinking, and fatigue and it becomes virtually impossible for a human to be able to accurately capture the fine nuances of all of these these frames or sequences for content. At best, a person would be able to provide a summarized ‘gut feeling’ about the overall session and reference some vague (and often inaccurate) actions such as ‘he touched his nose’ which could suggest that he was lying.

AI based video analytics on the other hand, can easily process each video frame in a consistent, repeatable manner, and with no observer bios. The objective of my evaluation of Mueller’s testimony was not to determine if he was lying with certainty, but rather to identify recurring patterns of stress that are associated with deception and correlate them to the topics of conversation.

Mueller did a great job obfuscating the report details but the large high quality volume of video and audio in his testimony made it possible to analyze the session and find anomalies and various patterns that could provide insight into his mindset

In this project just as in several of my previous posts (1, 2, 3), I used AI based video analytics, text, and speech analysis platforms. These included:

For the text/speech, I used a hybrid approach to word and phrase speech pattern analysis. The textual analysis evaluated these types of speech categories:

  • I-words (I, Me, My, I’m)
  • Social words
  • Positive emotions
  • Negative emotions
  • Cognitive processes
  • Analytic reasoning
  • Clout
  • Authenticity
  • Emotional tone

For the video analytics, I established Mueller’s facial and other video objects baseline using several on-line sources and the main testimony video. The baseline cataloging included his unique facial expressions such as Microexpressions and other visually detectable actions like use of hand gesture, hand related activities, head motion, mouth movement, gaze, etc.

Microexpressions
Image 2: Sampling of Mueller’s Microexpressions such as (L-R): loathing/anger, surprise, fear, happiness

Sampling of Mueller’s Body Mechanics
Image 3: Sampling of Mueller’s’ body dynamics as related to left hand usage

Following the creation of a facial baseline catalog, I proceeded with the ML training using his unique data sets for non-facial activity such as paging through the report folder, eye blink rate, gaze, etc.

Sample of Training Sets for Paging Detection
Image 4: Sampling of image set used to train the machine learning (ML) to identify Mueller flipping pages through his report folders 

After the training was completed, I ran the first 15 minutes of Mueller’s testimony through the engine and performed a search for known classified objects such as him ‘reading the report’.

Mueller Reading the Report
Imager 5
: Sample search results of instances of Mueller looking at the report

I noted the detections and examined several thousand video frames prior, during, and after the detections to capture the actual ground truth. The visual search results of the 15 minute video segment correlated to within a 83% match rate against the baseline catalog created with the ML training set. I then used the missed detections to re-train the ML again and repeated this cycle several times on random video segments of his testimony until the match rate stabilized at about 94%.

In addition to creating a catalog of Mueller’s microexpressions I also created a library of sequences of his composite facial expressions. These sequences were close consecutively spaced combinations of microexpressions and other body activity that were 0.5-3.5 seconds long. One example for these types of composite expressions was eye flutter combined with ‘lip twitching’ or some other mouth movement.

In this sequence, Mueller typically stared at the speaker while his bottom lip would involuntary twitch or quiver several times or his lips would tighten; he would then break eye contact with the speaker and rotate his head downwards, recompose, then bring his head upwards and re-establish eye contact with the speaker.  

Mueller-Hard-Break
Image 6: Sample of a typical Mueller sequence showing mouth activity and breaking eye contact with the speaker. The context here is Rep Jim Jordan’s asking Mueller to confirm if Joseph Mifsud was interviewed, did he lie, and is he Russian or Western Intelligence

Once I completed calibrating Mueller’s video object catalog and the library of sequential expressions, I conducted searches for facial anomalies. Anomalies are defined as any variations from his standard single image or sequence patterns such as unusual cycle of head, eye, or mouth movements. 

For example, based on his standard detection for “blinking”, Mueller’s blinking interval baseline was established to be 3–7 seconds with a blinking duration of approximately 1/10th-1/3rd of a second (see Image 7-8). 

Mueller’s Natural Blink Cycle
Image 7: Sample of one baseline feature in Mueller’s visual object catalog showing his normal blink pattern.

Sample of Training Sets for Blinking Detection
Image 8: Sample detections of Mueller normal blinking pattern throughout his testimony. Mueller blinking follows a pattern of a full single closure of the eyelid at a 3-7 second interval

Any blinking variation form this base line generated an anomaly that was then evaluated manually before becoming certified as a new pattern of interest. This exception was then further evaluated in the context of the topic of conversation and the microexpressions involved. 

One such anomaly was associated with Mueller’s unusual blinking pattern. On closer examination, it turned out that what on the surface appeared to be unusual blinking was in fact a reoccurring cycle of rapid flutter of the eyelids. This unusual sequence was also at times accompanied by certain head, tongue, and lip movements.

After mapping this ‘Flutter Cycle” to the topic that was being discussed at the time of the event, it became clear that this was some sort of an involuntary display of distress and/or fear. It was so prevalent that it could even be used to predict what questions were being discussed.

Some of the subjects that triggered this ‘Flutter Cycle’ were: 

  • DOJ and FBI media leaks
  • Christopher Steele, the dossier and its funding sources
  • Fusion GPS and its work with the DNC, HRC, and foreign governments
  • Glen Simpson and Natalia Veselnitskaya
  • The meeting at the Trump Tower
  • Informants and surveillance (i.e. Mifsud, Downer, Halper, etc.)
  • The FISA warrants
  • DOJ and FBI leaks

Mueller Seizer Cycle
Image 9
: An illustration of Mueller’s typical Flutter Cycle.

The Flutter Cycle sequence was characterized by 2-5 rapid flutters of the eyelids and an upward eye roll, head, mouth, and accompanying tongue movements. This Flutter Cycle sequence seen in the left side of the collection in Image 10 (also, see 1:26:00 in the video) corresponds to questions by Rep Steve Chabot of Mueller’s investigation of the relationship between Glen Simpson, Natalia Veselnitskaya, and the latter’s visit to Trump Tower.

The same type of events were observed during other pointed inquires such as Rep Louie Gohmert’s challenging Mueller’s credibility due to his refusal to answer basic questions (see 1:33:30 in the video).

Mueller-Flutter-Cycle Mueller-Mouth quivering Mueller-Flutter-Cycle-2
Image 10
: (L-R) A sampling of three anomalies a complex facial flutter, lip twitching, and simple eye flutter sequences

Several other interesting anomalies that turned out to be repeating patterns in Mueller’s facial expression and composite sequences were:

  • Lip Twitching – Associated with microexpressions such as fear and surprise
  • Downward Head Nodding – Associated with other defensive posture the was triggered by breaking eye contact with the speaker
  • Flattened Mouth or Lips –  Associated with signs of frustration as in ‘I want to answer this question, but I really shouldn’t’
  • Prolonged Blinkless Stare Associated with angry and combative response to some question

Sampling of Mueller’s “Flutter Cycle” Events
Imager 11
: Samples of Mueller’s dozens of “flutter cycle” episodes during the Q&A

The Jolly Affable Mueller
Not all of Mueller’s testimony was marked by doom and gloom. On a number of occasions (mostly when talking to Democratic representatives), he showed himself to be charming, in high spirits, engaged, and animated. Mueller had no inhibitions about making remarks regarding the report’s failure to exonerate Trump and the possibility of persecuting Trump after he left office. He freely cited legal sources and DOJ procedures and protocols and provided detailed rationale for his team’s action and conclusions.

Mueller Fun and Jokes
Image 12: The suave, charming, engaged, and animated Mueller in action

Mueller’s predictable patterns of distress were almost always associated with ‘difficult’ questions on topics such as the role of Fusion GPS, spying on Trump, and Christopher Steele. Images 13 and 14 show a typical triggering events of a Flutter Cycles.

Mueller and Martha Roby-2
Image 13: Samples of Mueller’s Flutter Cycle episodes during Q&A session dealing with him leaking report details to the media

Mueller and Martha Roby
Image 14
: Sample of Mueller’s Flutter Cycle episodes during Q&A session dealing with separating the grand jury materials from the report

Analysis Results
Mueller’s body language and facial sentiment analysis shows high levels of discomfort and tension when discussing certain parts of the report. He exhibited many facial signs of distress that included:

  • Multiple Flutter cycles
  • Mouth quivering cycles
  • Self shooting and fidgeting behavior
  • Sudden breaking of eye contact
  • Rapid downward head movement
  • Hard swallowing
  • Tightening of the mouth and lips

I didn’t have a baseline for incidents where Mueller was being untruthful so I can’t explicitly call out potential incidents of lying during his testimony. However, the baseline of his normal conversational dynamics vs. the ones he exhibited show signs of clear distress which strongly suggest that at least from Mueller’s perspective, not all questions were equal and not all of his answers were factual.

Mueller distress patterns consistently overlapped with certain trigger topics and his verbal response to almost all of these interactions was a variation on the “I’m not going to…”.  He deviated from this pattern only a handful of times and actively engaged the questioner. One of these back alley knife fight sessions involved Rep Ben Cline’s stating that Andrew Weissmann was running a rogue investigation that was based on flawed legal theory that was overturned unanimously by the Supreme Court.

As the question was being asked, Mueller became defensive; he shifted uncomfortably in his chair, exhibited his Flutter Cycle, and replaced his poker face and laconic I-word response pattern with a passionate and verbose defense of Weissmann (see 3:19:40 in the video or sound file below). 

Mueller-Hard-Shifting
Image 15: Sample of one of Mueller’s distress patterns that includes his Flutter Cycle and uneasy shifting in his seat

Recording 1: Exchange between Rep Cline and Mueller about Weismann’s legal foundation of his obstruction of justice investigation

During this segment which lasted about two minutes, Mueller argued, spoke over Cline, and attempted several times to repeat his assertions about Weismann. This continued even after the subject of the questions changed to Obama’s culpability in Obstruction of Justice when he announced publicly that the HRC private email server did not pose any threat to national security. Mueller, without much difficulty, exhibited a decent mastery of the report’s content, cited specific areas in it that included the “lengthy discussion” and “lengthy dissertation”, and in general tried to rehabilitate himself and his team.

Conclusion
The overwhelming majority of Mueller’s testimony failed to illuminate any of the big questions about the DNC email hack, the genesis of the Steele Dossier, the DNC/Fusion GPS relationship with Russian state actors, and the 2016 surveillance on the Trump campaign. In fact, his answers raised even more questions about the real power behind the throne and R&R within the special counsel team.

If it is indeed the case, as Mueller confirmed in multiple answers, that no single individual on his vast team had intimate familiarly with the whole report, then who compiled the final version of the document?  Was this just a collation of multiple taskforce reports that were later combined into a single master? And if that is the case, who was the person that harmonized all the individual versions in order to make sure that the index, format, dates, people, places, reductions, and events were in sync?

Aaron Zebley
Image 16
: The Special Counsel Team and testimony attendees

It is noteworthy that Mueller continued to play the I-phrase card and refused to address any of the procedural questions about the compilation of the report. Even though, this information had little bearing on the report’s content and that there is nothing classified or proprietary about the way the DOJ writes and edits their documents.

Robert Mueller shows his card
Image 17: Mueller’s Trump Card

Even though Mueller attempted to obfuscate the report’s composition methods and authors, the writing style, document layout, context, and several other administrative clues strongly suggest that Andrew Weismann was the architect and Aaron Zebley was chief editor of the document. This is also likely the reason why Mueller insisted that Zebley be present by his side and be sworn in.

The evidence from the video analytics, speech dynamics, and the decision tree Mueller used to answer the questions (i.e. question objective vs. answer strategy) shows a decent mental agility and the ability to alternate between complete ‘radio silence’ and ‘singing like a canary’ on demand.

To those who still believe that Mueller was just a senile old man with little familiarity with the content of the report, consider the fact that his verbose answers show that he had a pretty good grasp of  the document. He also artfully navigated the many minefields in the report without blowing up a leg in the process. Some experts in the MSM have been suggesting that Mueller’s poor verbal performance and optics can be attributed to some form of cognitive impairment but this argument is inconsistent with his ability to effectively deliver the following:

  • Selectively discuss specific topics, most of which were prejudicial towards Trump
  • Answer questions that almost exclusively supported the impeachment narrative with certainty and conviction
  • Justify and emphasize specific areas in the report that exonerated his team from claims of bias towards Trump and instances of hostile conduct by FBI senior management and its agents (i.e. Comey, Strzok, Page, agent 2, and others)
  • Utilize the “I’m not going to…” strategy to answer any questions about the “insurance policy”
  • Refuse to address the media leaks that either came from him personally, his direct reports, or his team
  • Exhibited great mental agility and dexterity during the May 29th, 2019 Mueller news conference
  • Come up with over 198 different ways of not answering a direct question

The patterns identified by the analytics strongly suggest that all of Mueller’s behavioral stress patterns matched the typical anxiety profiles and signs of internal struggle that are exhibited by a deceptive suspect during an integration. For the first time in his long bureaucratic career, he found himself at the wrong side of the table with the bright lights in his face and a real possibility of being charged with perjury. For several hours, the fearless hunter became the pray and he clearly didn’t like the experience.

Contextually, the majority of his testimony turned out to be an underhanded attempt to use the Q&A session to justify, promote, and surreptitiously inject political narrative into the public hearing. None of this should come as a surprise as it is the same circular “impeach Trump” agenda that launched this investigation in the first place. At the end of the day, despite Mueller’s big title and god-like pedigree, he turned out to be just another DC power broker who apparently placed his bets on the losing presidential candidate.

Sample Report Pages
Image 18: Two pages (a total of 856 words) form the Mueller report dealing with George Papadopoulos being told by Joseph Mifsud about the Russian having “Dirt” on HRC.

Mueller’s elaborate 448 page report that took close to two years to complete, cost over 25 million dollars (that’s about $51K per page), involved 19 lawyers, 23 legal researchers, 40 FBI agents, 10 intelligence analysts, 7 forensic accountants, 25 other professional staff, and the unlimited resources of the DOJ, the State department, NSA, and the intelligence community, delivered an indefensible dud.

Reading the reports, you can’t but stop and appreciate the authors’ Kafkaesque sense of humor. In the example pages shown in Image 18, the report discusses the chain of transmission of the Russian “Dirt” from Joseph Mifsud, to Papadopoulos, to a mysteries western diplomat (Alexander Downer) who then informed the FBI, who naturally became alarmed and started this massive investigation. On the face of it, the document looks solid. It has all of the right trimmings, detailed claims, massive amount of footnotes, intelligence lingo, hush hush sources, and strategic reductions with alarming labels like “Harm to ongoing matter”. It is as convincing as a quality levitation magic act.

But, magic acts of levitating people are always predicated on the audience viewing the scene from a distance and through a carefully controlled field of view–which is exactly what the Mueller report and testimony turned out to be. It doesn’t work if you get a glimpse of the crane and the wires supporting the magician. Once you understand the mechanics of the magic, the awe gives way to a letdown.

You can test this premise by substituting any good magic act with the report and Mueller with any successful magician. Any question you ask the magician about the inner workings of his trick would be deflected using the exact same techniques Mueller used during his testimony. The most important rule in magic is NEVER tell the secret of the trick, just let the magic speak for itself.

The Mueller Levitation Magic
Image 19
: The incredible levitating magic act

What is ostensibly missing from these two magical pages in Image 18 is that the source of the “Dirt” was none other than Stefan Halper, a paid FBI informant who billed (using DUNS # 078459148) the Federal Government about $656,535 for his services. By the time you factor Halper and his harem of young female assistants, Mifsud and his life of luxury at his safe house, Downer’s expenses, and at least 11 other IC, CI, and State Department assets that supported Halper in fattening Papadopoulos before he was shish-ka-bobbed by bob, the cost of these two pages to the US taxpayer was probably upwards of a million dollars. So, to those of you who still think that majoring in contemporary English fiction won’t pay the bills, it clearly can! After all, what other line of work pays $1168 per word?

Stefan Halper Payment
Image 20: Stefan Halper’s government payment record for service provided to the DoD and DOJ from 2016-2018

Summum bonum
I have difficulty finding solace in Mueller’s bragging about the higher good from his recovery of about $40 million from the Paul Manafort persecution. I’m also not sure if we should laugh or cry about the concept of the DOJ becoming a profit center. The problem with the DOJ acting as a collection agency that recovers the cost of prosecution from its targets is the political nature of selecting their next victim. Each one of us including the Honorable Mr. Mueller has something in his past, present, or future that warrants jail time and property seizure. With over 3000 federal and thousands more state laws on the books, we are all guilty of some misdemeanor or a felony. Who in the DOJ then, gets to make the decisions about who/why to persecute and the ultimate greater good? Is it going to be one of the dozens of high power attorneys that regularly walk through the DOJ revolving doors to personally enrich themselves by constantly hopping between government gigs and private practice?

The problem with the whole Manafort affair is that if he was so thoroughly corrupt in 2007, then why didn’t Mueller investigate him earlier during his 11 year tenure as the director of the FBI. Why did he wait until 2018 to bring these charges?:

“…crimes arising out of payments he received from the Ukrainian government before and during the tenure of President Viktor Yanukovych.”

After all, the DOJ, FBI, and the IC had a supersized file on Manafort going back to 2007, so why wait for all these years?

Yanukovych Mueller and Manafort
Image 21
: The Triumvirate or Threesome (depending on your view)

Mark Twain once wrote that:

“Anybody can tell lies: there is no merit in a mere lie, [for a good deceit] it must possess art, it must exhibit a splendid & plausible & convincing probability; that is to say, it must be powerfully calculated to deceive.” 

Mueller’s report doesn’t come close to Twain’s definition of deceptive genius, but it does have a certain kitschy synthetic Disneyland feel to it. In many ways its similar to another secretive report, the Protocols of the Elders of Zion. Both, share the same conspiratorial elements, treachery, mysterious meetings, made-up events and agendas, secret societies, informants, and intrigue.

All of this hush-hush secret agent man stuff in the report seems very mysterious, but at its core, it’s really a simple criminal matter. If you’ve ever been a juror on a criminal trial, you should be familiar with the routine. If you haven’t, it goes a s follows:

  • The prosecution and the defense present their case with an opening statement
  • Both show evidence and present witnesses
  • Both cross-examine witnesses 
  • Each side delivers their closing arguments
  • The jury goes into deliberation and comes up with a verdict

In any normal criminal trial in the US, they typically follow the Federal Rules of Evidence, there is no such thing as secret testimony that can’t be verified or evidence that can’t be shown to the jury. If the DA doesn’t want to expose his sources/methods then they get excluded from trial. If witnesses can’t be cross-examined, their testimony is inadmissible. It’s as simple as that. And all of this procedural stuff doesn’t even address the issues with Mueller whitewashing the existence of several rogue and biased agents/attorneys on his own team.

Gowdy vs. FBI
Image 22
: Rep Gowdy and DOJ IG Horowitz Q&A session regarding Peter Strzok’s and Lisa Page’s involvement in the Mueller and HRC Email investigations

So, no, I wouldn’t classify Mueller’s report as a deceptive masterpiece, I would rather categorize it as more of a ‘true story’ type of a tale, blunderingly delivered by a DC swamp-raised shrimp.

The Little Shrimp from DC

The True Story
It’s true…
It’s true and the other thing is                
my sister had a baby
and I took it over because she passed away.             

and then the baby lost its legs and its arms                  
and now it’s nothing but a stump
but I still take care of it with my wife
and it’s growing and it’s fairly happy.               

But it’s difficult ’cause I’ve been working
a second shift at the factory to put food on the table,                
but all the love I see in that little
guy’s face makes it worth it in the end.

True story!

References:
The Mueller Testimony – Full Transcript
The Mueller Report – Full Report
Human Resource Exploitation Training – Interrogation Manual

Toris, C., & DePaulo, B. M. (1984) – Effects of actual deception and suspiciousness of deception on interpersonal perceptions 

MG Frank – ‎1997 – The ability to detect deceit 

Analytical thinking – The analytical thinking algorithm was based on the results from a series of studies by: Pennebaker, Chung, Frazee, Lavergne, and Beaver (2014.

Clout – Clout refers to the relative social status, confidence, or leadership that people display through their writing or talking. The algorithm was based on the results from a series of studies by: Kacewicz, Pennebaker, Davis, Jeon, & Graesser, 2013.

Authenticity – The algorithm for authenticity detection was based on a series of studies where people were induced to be honest and deceptive. See Newman, Pennebaker, Berry, & Richards, 2003 and Textual Models of Deception to Interrogation Settings.

Emotional tone – The positive emotion and negative emotion tone algorithms were based on the results from a study by: Cohn, Mehl, & Pennebaker, 2004. See Linguistic Markers of Psychological State throughMedia Interviews: John Kerry and John Edwardsin 2004, Al Gore in 2000

Copyright 2019 Yaacov Apelbaum, All Rights Reserved.

Social Networks vs. the Enterprise

Yaacov Apelbaum-My Mama

Cicero decreed “fame is the thirst of youth”. Nowhere is this mantra more pronounced than in Hollywood’s superlebrity industry.  It may come as a surprise but this same thirst is also the main force behind social network’s rapid rise to stardom.

In a similar fashion to the celebrity business, many of the leading social platforms have developed a following totaling hundred of millions of users (more than all the traditional commercial on-line services combined!).  But contrary to the entertainment industry that only parades the rich and famous in static fashion, the social networks provide an effective array of tools to help users realize and enhance their on-line digital personas.  Some of the current sampling includes effective mechanisms for self promotion (such as LinkedIn and Facebook) and platforms that foster collaborative efforts on an unprecedented scale (such as Wikipedia).  To all but a few New-Luddites, these applications are ushering in the age of technological utopia.

But alas, every garden has its resident snake, and such is the grade A serpent found in Social Network’s Garden of Eden.  What many of us don’t realize is that the same characteristics that make the social networks so attractive are also their greatest limitations.  As the size and proliferation of these applications continue to increase, so will the pressures on traditional technology organizations to incorporate similar functionality into their line of business enterprise products. So where is the problem you say? Well, incorporating this technology into the old enterprise will most likely be done via acquisition of existing products (like the News Corp purchase of MySpace) which ultimately results in the conversion of free and cool applications to full fledged (and dull!) commercial advertising platforms.  Either way it will have certain predictable side effects on the user population not dissimilar to mixing alcohol with sleeping pills. Flanders and Swann have captured the essence of this conflict in their famous song “Have Some Madeira, M’Dear“:

She was young,

she was pure, she was new, she was nice,
She was fair, she was sweet seventeen.
He was old, he was vile and no stranger to vice,
He was base, he was bad, he was mean.
He had slyly inveigled her up to his flat,
To view his collection of stamps.
And he said as he hastened to put out the cat,
The wine, his cigar and the lamps,

Have some Madeira, M’Dear!”

If you are wondering what this witty Edwardian ditty has to do with the subject of social networks vs. the enterprise, wonder no more.

Over the last decade we have become accustomed to the sweet tasting fruits of strict SLAs, strong security and customer service.  Most users now instinctively expect a high degree of 24x7x365 enterprise software availability (which includes corporate email systems). Unfortunately, this is exactly what the social networks cannot deliver (recall Gmail outages). Very much like red carpet celebrities, they look great but when it comes to actual long term commitment and performance they’ll break your heart.

A quick glance at the most common error messages found on any social network (1-6 below) reveals that availability and up-time are their Achilles heel.  This in itself is a clear indication that these platforms are not enterprise ready. Their business models are based on casual and non-contractual usage and their applications should not be relied upon to provide any sort of SLA.  The error messages we get from our favorite social networks may be adorable, but the causes for these messages are hardly cute and cuddly.

Yaacov Apelbaum-Errors
Social Errors

Any enterprise architect worth his weight in salt would immediately identify such error messages as show stoppers for the enterprise product. Big commercial software—suffering from no shortage of good software architects—is fully aware of such system limitations.  The real paradox is that even though big soft and media companies would love to exploit the cool and trendy social networks (for commercial purposes of course), they can’t because for the last 20 years they have been preaching the message that any product that cannot be governed by a strict SLA has no place in an enterprise data center.

Such is the sting of irony.

© Copyright 2009 Yaacov Apelbaum All Rights Reserved.

The Anti Socials

Yaacov Apelbaum-Anti Socials

I recently had an opportunity to discuss the question of social networks vs. commercial software at great length with a fellow airplane passenger who happened to be a SVP of technology in a fortune 500 company (which will remain unnamed here).

As we were preparing for takeoff on a cramped CRJ50, I took out my current reading assignment: The Emerging Science of Spontaneous Order. My neighbor sitting in 1D inquired about the subject of my book and during the course of the bumpy flight and the conversation that ensued, he bemoaned his inability to understand how relatively young startups the likes of Facebook, Twitter and Linkedin were so rapidly able to develop so much rich functionality and capture such a large market share, while other much more mature organizations with much bigger budgets and talent pools were failing to make any such inroads.

His frustration is by no means unique. It is a shared by many large technology companies such as IBM and Microsoft which at present are still scratching their head trying to figure out if this social networks thing is for real and does providing a communication platform for income-challenged teenagers makes any commercial sense. To see just how hesitant the traditional software cartels are to dip their toe in the chilly and profitless waters of the social media, examine the social network landscape. I challenge you to identify even one significant, viral product developed by any of the major software vendors.

One example that illustrates this failure to improvise, adapt and overcome is Microsoft’s difficulty in harnessing the emergence of blogging and SMS as commercially viable services. In 2004, after some soul searching, they concluded that it was unlikely that products like LinkedIn would be commercially viable because—they guessed—few professionals would agree to pay a monthly subscription for them. In 2005 even after it became clear that users were indeed moving en masse to open and free social platforms, Microsoft continued to insist that this was just a fad and what these users really needed in terms of social networking were minor improvements to the MSN subscription service, Office Live, and Windows live platforms.

For Microsoft and other leading commercial software vendors, social networking has to be a subscription based because their entire operating model is based on reoccurring revenue (either via subscription or licensing).

Yes siree, for big soft, it’s one of those ‘damned if you do and damned if you don’t’ scenarios. You may find it hard to believe, but the same organizations that made their fortunes outdoing each other with applications like the spreadsheet are now missing the train big time on what is clearly the next killer platform. In what appears to be a blockbuster sequel to Oedipus Rex, they are powerless to leverage this newfangled phenomenon to make any money or capture market share.

Microsoft is certainly not unique with regard to this model. AOL with its Messenger product is another good example of how to squander your entire user base. Following a slightly different tactic, they offered a “free messaging service” with the small caveat that the user would need to install a fat and intrusive client that would quickly pay for itself by monitoring all of your Internet (and network) traffic all the while serving up unwanted advertisements.

If you think that this form of myopathy affects the big software companies, think again. Traditional communications organizations Nortel which should know better (because of their proximity to the social segments) are still trying to survive the proverbial 7 lean years in the hopes that the public social network phenomenon is just a fleeting narcissistic fad fueled solely by generation X’s and Y’s fascination with exhibitionism. In their vision of market paradise, all future social networks will once again go back to being routed and controlled through their proprietary appliances and just like in the good old days they will once again skim the fat profits on a per-server\user license basis.

Whether you like it or not, the social networks are here to stay. They provide meaningful social interaction, are fun to use, and ultimately do what good software is supposed to do: connect people and give them more control over their lives.

My advice to big software is to heed Dylan’s words: “The Times They Are a-Changin”. Don’t wait any longer; jump in now and contribute to the social networks development effort by providing free and open source applications (Seadragon and Wave would be two great candidates). As contrary as it may seem to your operational philosophy, disregard the immediate profitability question and do it because of the tremendous social benefit these products could offer. I have no doubt that in due time, the money, champagne, and caviar will follow as well.

© Copyright 2009 Yaacov Apelbaum All Rights Reserved.

An Afternoon with a Fraudster

Yaacov Apelbaum-The Fraudster

Your Friends at “Account Services”

Having spent a significant amount of time developing fraud detection algorithms and security applications, I have become accustomed to envisioning the common would-be cyber attacker as an inanimate abstract entity completely devoid of human traits; a mere abstraction, a stick figure in my UML and Test Cases. This sterile view of mine however, changed recently when I actually got a chance to spend some time one-on-one with a flesh and blood fraudster.

It started with a seemingly innocuous automated call from “Account Services”. The message informed me that I qualified for a limited time offer to lower my monthly credit card payments. I ignored that first call but shortly afterwards I received a second one. This time I opted to accept the call and was routed to a live representative. I told her that I was not interested in their services and did not want to be contact by them again.

At the tail end of the conversation as I was about to hang up, I inquired about how they got my phone number (it’s both unlisted and on the DNC registry) and to my surprise, the representative said that it came from my bank. When I asked which one, she became evasive, telling me that her company serviced all major banks. That was the moment I realized that I was the target of Credit Card fraud actively in progress.

Suddenly, my stick figure cyber attacker was no longer virtual. Instead, it became a living and breathing human being, an arm’s reach away on the other side of the line. This, I realized, was a rare opportunity to interview an attacker. I asked the individual to call me back on another line and when the phone rang a few seconds later, I raised my foreign accent by a notch, plugged the phone into my MP3 player and hit the Record button.

The representative identified herself as “Michelle. She sounded young, in her twenties. She spoke in a monotonous but confident voice, clearly a veteran of many exploits. The sales pitch was entirely script-based. She inquired about my current balance and asked if I had any interest in lowering my monthly payments. When I said, “I sure do,” she asked me for my bank and credit card information in order to “qualify” me. At that point we began a stubborn cat and mouse game where I was trying to get more information about her whereabouts and identity (real-phone number, e-mail, web address) while she was trying to get my bank and account information. This lasted for approximately 10 minutes all told.

It was only after I played back the recording and listened to it several times that I realized how sophisticated the operation was (you can hear the recording below).

The perpetrators of this scam had thought of the minutest details and prepared for every scenario. Some of the more interesting elements of the call included:

  1. Psychological Usage of Ambient Sound—During the duration of the call, I could hear incoming phone calls and chatter in the background. This recording simulating a response hotline was designed to create the illusion that I was talking to a busy call center. The objective of this subliminal messaging is similar to that used during TV fundraisers where operators are filmed sitting behind desks of ringing phones. All of it is meant to convince us that many others have already taken the plunge and that the water is “fine”.
  2. Call Traceability and Legitimacy—When I asked the rep where her call center was located she successfully identified the state that corresponded to the area code that appeared on my caller ID. I decided to test the number from my cell phone. The phone rang several times but when it was finally answered, I was routed to voicemail and encouraged to leave a message. The fact that the number yielded a response at all certainly made it appear legitimate.
  3. Well Scripted Dialogs—During the conversation, the rep responded in a consistent manner to my questions, reminding me (4 times) that I was being given the opportunity to lower my monthly interest payments. When I voiced my concern about the possibility that this call could be fraudulent, she responded calmly by stating (4 times) that even if this was the case, I would be covered for any losses by my credit card issuer as well as the Federal Consumer Protection Act.
  4. Plausibility—When I asked if I could call her back on another line to verify her number, she explained that hers was an outbound only call center. She also insisted that this was merely a screening call and that I was only a step away from being transferred to an account executive who would be happy to provide me with complete contact information.
  5. Professional Composure and Manners—Even though I asked her the same questions a number of times, she remained polite and composed, always maintaining a businesslike demeanor and projecting a image of a legitimate customer service representative.
  6. Effective Use of Higher Authority—When I insisted that not getting a manned phone number for the representative would be a deal breaker for me, she finally offered to transfer me to her manager. I was placed on hold (listening to Beethoven’s Für Elise) and was soon connected to another individual who identified herself as “LaFonda”, the floor supervisor. She sounded a bit older and more mature. She reiterated the previous sales pitch. When I finally told her that without being able to validate their authenticity I would not be able to give her my credit card number, she gave me the impression that they might deviate from their ‘account information first’ protocol. I was placed on hold again but shortly afterwards my original sales associate was back pitching the same story all over again. Finally, after one last failed sales attempt she quickly wrapped up the call and hung up.

Even though the call only lasted a relatively short time, I could not have wished for a better and more illuminating lesson. My mental image of the on-line fraudster has changed irrevocably. Whereas before I viewed fraud as an opportunistic low tech effort executed by crafty individuals, I now view it as a commercial enterprise, in many ways similar to a legitimate telemarketing niche industry. It employs a well trained workforce, cutting edge BI, telecom technology and a large database of would-be “customers”.

In retrospect, the whole experience was both sobering and frustrating. It was sobering because I finally realized that at its core, fraud is propagated via subtle means and recognizing it requires the aggregation of many nuances which individually may appear inconsequential (note that until its collapse, each individual component of Bernard Madoff’s asset management operation appeared to be entirely legitimate). In my case, the red flag went up because of my experience in the financial industry. As a rule, the association between a specific “Credit Card Service” organization and all commercial banks is unlikely. For another individual however, this certainly could have been a plausible explanation and this applies to everything else that was said during the conversation.

The frustration, on the other hand, comes from the realization that my current toolbox of risk analysis and fraud detection routines (which are primarily based on triggers like transaction frequency, amount, location and history) cannot independently identify this type of fraud and will require for at least the foreseeable future some supplemental human supervision.

© Copyright 2009 Yaacov Apelbaum All Rights Reserved.

It’s All About Trust

Yaacov Apelbaum-Trust me

Mata Hari and her bridesmaids (Robert Hanssen and Aldrich Ames)

Over the years, I’ve had this recurring conversation\argument with security technologists regarding the trust lifecycle. The crux of it revolves around how you go about effectively assigning, monitoring and adjusting individual trust levels. Most of us when questioned about trust will tell you that it’s made up of behavioral elements like:

Indeed, these are all distinct and recognizable traits, but how can we use them to design complex security solutions? After all, how do you code a function that checks if a user has a hidden agenda.

In order for these social concepts to be of any use, we need to understand the nature of trust; we must go “Beyond good and evil”. Under the microscope, trust exhibits the following four characteristics:

  1. It’s transferable—We assign a higher degree of trust to individuals who come recommended by people we already trust
  2. It’s inheritable—we tend to trust a relative of a trusted friend
  3. It’s socially derived—We tend to trust individuals who share our cultural heritage and network
  4. It’s cumulative—We tend to increase our trust levels in individuals who previously have proved themselves trustworthy

These evaluation principals (which are essentially deterministic Turing tests) work very well in social relationships, but frequently fail in complex security environments. The source of the problem is that most of us instinctively tend to classify the world into a “friend”, “foe” or “unclassified TBD” categories. We also like to believe that once categorized, the subject in question will continue indefinitely to conform to our classifications and expectations. This tendency is hard wired into our evolutionary decision making process and to a large degree also forms the basis for many irrational behaviors like anti-Semitism.

After conducting quite a few security sweeps, pen tests, and post mortems on breaches, I have come to conclude that most individuals—given the right opportunity and motive—could spontaneously flip the color of their hat.

The concept of credential-based security (that is, non-expiring clearance) is reminiscent of cheese, especially the cheap Swiss variety, the one with too many holes. Now, don’t get me wrong, I have the same tolerance for curious mice as the next guy, but the text books are full of big rats that were—paradoxically—supposed to guard the cheesy comestibles, not eat or sell them! Recall that Aldrich Ames, Robert Hanssen and Kim Philby, just to name a few, each had the highest top-secret clearance and all the right personal and social attributes. Philby, actually wrote the chapter dedicated to Counter Espionage Methods in the SOE spy training manual used at Camp X.

So ultimately, it’s not the rogue, external, blood thirsty anarchists or money hungry crackers one needs to worry about. Rather they are the trusted senior employees responsible for the daily maintenance, administration and security of the corporate resources. This could run the gamut from as high as the CISO who spies on the CEO’s e-mail all the way down to DBA who is running Select statements on the HR compensation database.

The lesson that I have learned from all of this is that most people regardless of how trustworthy they seem, cannot be completely trusted at all times.

And you can trust me on this one.

© Copyright 2008 Yaacov Apelbaum All Rights Reserved.