Saturday 24 April brought a little information cluster bomb in the Washington Post with the promising headline “Minutes before Trump left office, millions of the Pentagon’s dormant IP addresses sprang to life.”
It turned out, on investigation, that the “minutes” were a literal reference. The statutory end of Trump’s term was 12 noon EST on 20 January 2021, and according to computer records, the floodgate on the “dormant IP addresses” opened at 11:57:35 AM EST.
This appears to be the only thing any of this had to do with Trump.
Will this presidential election be the most important in American history?
We’ll look at that below. The long-story background is at the Post story and AP follow-on, which added a few more useful specifics. Using the information from those stories, with some LU research mixed in, we can tell the short-version as follows: In the 1990s, the Pentagon reserved for itself millions of IP addresses out of the universe of possible addresses that use Internet Protocol version 4, or IPv4, to manage Internet connections.
IPv4 addresses are a precious commodity at this point, because the potential universe of them maxed out several years ago. Web infrastructure managers are being encouraged now to migrate to IPv6, to relieve competition for a finite and scarce resource.
The Pentagon’s millions of those older-version IP addresses had lain dormant until 20 January 2021 at 11:57:35 AM, Eastern Standard Time.
At that second, they announced their presence with authority. That’s a thing: an IP address is “announced” to the Net universe, and that’s when you know it’s live and open for business. Read about it at the links.
The weird thing is that a mysterious, no-footprint company incorporated in Delaware and registered in Plantation, Florida is their Net daddy. Its name is Global Resource Systems LLC. Its address is a building in Plantation, Florida where a lot of other businesses have their addresses, and only one traceable name is connected with it: Raymond Saulino. More on that below.
Net watchers were puzzled by this, and tracked the action as the millions of Pentagon-held IP addresses rolled out – being announced by Global Resource Systems – in February and March. Eventually the Pentagon’s Defense Digital Service (DDS) provided a brief explanation. The DDS was running a “pilot program” to, in essence, test the reaction of the infosphere to the announcement of all these Pentagon proprietary IP addresses. (Again, read the linked stories for what that entails: basically, looking for attempts at malicious activity once a whole lot of IP addresses are exposed to it. It has a whiff about it of Robert S. McNamara and his Vietnam-era “exciter” patrols by U.S. warships and aircraft, basically trying to get American military craft shot at.)
The DDS likes to refer to itself in the swashbuckling terms of its first director, Chris Lynch: as “a SWAT team of Nerds.” So we’re to understand that it’s precisely the kind of rat squad that would do a crazy thing like unleash millions of dormant IP addresses on the world, just to see what happens.
And, sure, it would kick this public-spirited enterprise off two minutes and 25 seconds before the new president, Joe Biden, officially took the helm of the USS United States. That’s what you do when you’re the grappling-hooks and cutlasses brigade of the U.S. Digital Service, whose prosaic civilian headquarters is in the Office of Management and Budget.
AP learned a bit more, discovering that the IP transit backbone for Global Resource Systems is a long-established, extensively connected Silicon Valley company, Hurricane Electric. In the last decade Hurricane Electric has been named the largest company of its kind by the number of nodes it operates throughout the world, but I’m not sure if that’s currently the case.
That said, an informative interview with Hurricane Electric’s founder, Mike Leber, sheds some light on why the company may be a good fit for the use it’s being put to with GRS and the Pentagon IP addresses. Leber has stuck to the basics of expanding capacity to do one thing well: provide IP transit throughput. He’s not interested in doing that through partnerships that result in others holding equity in his company and seeking to diversify its service offerings. This makes Hurricane Electric ideal for customers – like DDS – that already know what they’re doing, and just want to buy a whole lot of IP transit from a well-entrenched, global provider.
In a situation like that, neither customer nor seller has to ask the other a lot of questions.
It’s considered unusual that the Department of Defense would announce its massive swarm of IP addresses using a no-footprint front company in Florida (GRS), instead of just announcing the addresses itself. Everyone who understands the IP universe knows the addresses belong to the Pentagon. The Pentagon’s block of them has been known for more than 25 years.
The people piece
That’s our starting point. I suspect the main problem with clearing up this mystery lies in going the wrong direction to solve it. It’s not the technical aspects of this event that are illuminating. It’s who’s involved.
And it took only a few keystrokes to turn up the usual links for most of the main characters.
Brett Goldstein, the current director of the DDS (he succeeded Chris Lynch), was appointed to his position in April of 2019 by then-Acting Secretary of Defense Patrick Shanahan. One media announcement described him as being “recruited” by Shanahan, but the resumes of the two men don’t make a good recruiting story. Shanahan was Acting after James Mattis left; he had no prior Washington or government experience, but had come from a long industry career at Boeing, in which there is no indication he specialized in information systems or infotech. (He was involved with the jetliner programs and missile defense.)
Shanahan probably acted on the recommendations of people with more specialized expertise, in bringing Goldstein onboard. Goldstein is the co-founder of a venture capital firm where he was working at the time, Chicago-based Ekistic Ventures. He and co-founder David Spielfogel started it in September of 2016.
But prior to that, Goldstein was the chief data officer, and then the chief information officer, for the city of Chicago. He held these positions under Rahm Emanuel from 2011 to 2013. Prior to becoming the nation’s first city-government CDO, Goldstein’s big portfolio was as a Chicago Police employee, working a predictive analytics project for policing applications. That’s the one where programs survey and analyze people’s online profiles, including social media activity, to predict things like whether they’ll commit crimes, riot, or be uncooperative with law enforcement.
Goldstein can be described as an activist and leading light of advocacy for “civic tech”; i.e., information tech deployed for the purpose of embedding government as seamlessly and comfortably as possible in the daily lives of the people.
Spielfogel’s career has been in politics. He was Mayor Rahm Emanuel’s chief of policy and strategic planning; before that, he worked in the Clinton White House, for Howard Dean, and for the Senate campaigns of Barack Obama and Alexi Giannoulias. Since Goldstein moved to the DDS job in 2019, Spielfogel has become the chief policy officer at the smart-cities company Lime, with a focus on the “last mile of transportation” for urban residents.
Using tech to bring ideas for urban policy and urban government to fruition is thus the environment both partners came from and have been passionate about.
Ekistic Ventures, notably, shares key board members with another of Goldstein’s gigs, the 501(c)(3) group Code for America. Code for America, or CfA, was founded in 2009, and the similarity of its name to the Obama campaign organization, Obama for America, is presumably not accidental. Certainly CfA’s profile, which includes local “brigades” in cities across the country, is very much on the community-organizing model. The vision of CfA is – my wording – to use tech to embed the spirit of government in people’s daily lives.
In concrete terms, that means things like automating and easing people’s access to EBT cards and other government services. One way to think of it — again, me speaking — is as “what ACORN would have done,” if the current, highly-agile generation of tech had been available during ACORN’s heyday.
For a flavor of the company CfA runs in, consider one of its signal successes: partnering with the former D.A. of San Francisco, George Gascón (who is now the notoriously Soros-backed D.A. of Los Angeles, embarking on a career of gutting the criminal justice system). The joint CfA- Gascón effort in San Francisco involved automating the search for marijuana possession records to expunge for thousands of Californians.
Goldstein is on CfA’s board along with the former mayor of Philadelphia, Michael Nutter, and tech advocate Tim O’Reilly, who are also both on the board of Ekistic Ventures. Nutter, a long-time supporter of Hillary Clinton, was a natural fit for making joint appearances with Obama during the latter’s presidency.
Also on Ekistic Venture’s board is Anne Milgram, formerly the (Democratic) attorney general of New Jersey and now Joe Biden’s nominee to head the Drug Enforcement Agency. Milgram is prominent, among other things, for her involvement in advocating “policy equity.”
Investment firm head Michael Sacks, another Chicago-based player, is a board member of Ekistic Ventures. He has donated millions over the years to Democratic candidates and PACs, including Obama’s and Hillary Clinton’s.
CfA, meanwhile, is funded by the usual sources, including the Open Society Foundation and the Omidyar Network. Google has been another major funder.
CfA’s current CEO is, believe it or not, Amanda Renteria. She was Hillary’s national campaign director in 2016, and figured as well in the Spygate drama (as the person Loretta Lynch allegedly wanted to reassure that the DOJ probe of Hillary’s email “matter” wouldn’t “go too far”), and the Democrats’ anti-Kavanaugh assault in 2018.
But CfA’s original founder circles us back, as the saying goes, to a few years earlier, and not only to the founder herself, Jennifer Pahlka, but to the first director of the Defense Digital Service, Chris Lynch.
That’s because Pahlka and Lynch were both among the early recruits for Obama’s U.S. Digital Service, formed in 2014. The USDS’s best-known exploit was its emergency surgery on the cataclysmically non-performing Healthcare.gov website, which nearly stalled Obamacare out of the starting gate.
But we’ve met the USDS at LU before, in a treatment of Obama’s project to upgrade the entire White House information systems structure, an enterprise that began in 2014. The Obama vision for the USDS was as a raiding party that would jumpstart IT redesign and the implementation of fixes, coming in from outside the stovepiped, formally-funded and chartered entities provided by the plodding budgets written in Congress.
Thus, the USDS ended up being headquartered just under the radar at OMB, in the Executive Office of the President, but having a presence as well in the General Services Administration and a handful of others, including the DDS at the Pentagon.
Jennifer Pahlka, who had founded Code for America in 2009, came in as a short-tour “fellow” with the Obama EOP and ended up driving the architecture and concept of the USDS. Chris Lynch, meanwhile, also came in (a bit later) on a “tour” from the commercial tech world (as part of the effort to fix Healthcare.gov), and was moved from the USDS niche in the EOP to become the first director of the Defense Digital Service, in – think about this – November 2015.
The timing of the DDS stand-up can’t help being interesting. Besides its proximity to the early moves of Spygate and Russiagate, the whole USDS enterprise, especially in light of its expeditionary fix-and-dash profile, has a curious feel, for the latter half of a final presidential term.
And anything that has a curious feel has it doubly so when it involves causing jerky motions at the Pentagon.
These aren’t random tech folks at work. They come from the Obama network legacy. And the one who’s the DDS director today has been overseeing the announcement of Pentagon-held IP addresses, in their fabled 1990s-era millions, since 11:57:35 AM EST on 20 January 2021.
Interesting side plots
There are other arresting features of the baseline story. Let’s look at a couple.
Two relate to the minor saga of the provenance of Global Resource Systems LLC. The first is about a predecessor company, in the sense of the company having the exact same name.
The current GRS was registered in Florida in October 2020. AP reports that it was created (i.e., by incorporation in Delaware) in September 2020. So it has only existed for six or seven months. Note: there’s nothing to be read into the incorporation in Delaware. Incorporating in Delaware is a popular practice due to the friendly legal structure there, so that mere fact almost certainly has nothing to do with Joe Biden.
But there was previously a Global Resource Systems LLC doing business at the same street address in Plantation, Florida (which is near Fort Lauderdale), but headquartered at the address of investment firm Lake Capital Ventures in Chicago. Two founders of that previous GRS were listed in the Florida registry: Terrance Graunke (misspelled Granke in the Florida documents) and Paul Yovovich. They are the co-founders of Lake Capital Management.
It’s not clear from this remove in time why they registered their GRS in Florida in 2006. Its registration lapsed sometime before 2009, when they reinstated it with Florida. But the GRS company merged in 2006 with an email marketing company called MediaWhiz (which was headquartered in New York, according to Lake Capital’s historical account). In January 2013, GRS-MediaWhiz was bought out by an Israeli company, Matomy, and the GRS entity was dissolved in Florida.
Resurrecting a company in 2020 with the exact same name, at the same address (although a different suite number), looks odd. It looks like trying to throw up a baffle, create ambiguity – something along those lines. There is no indication I’ve discovered that the 2020 GRS has anything to do with Lake Capital Partners, although it’s conceivable for that to come out at some point, given the extensive links to Chicago through Brett Goldstein, who’s running this IP-address show from the Pentagon.
As mentioned above, meanwhile, the one name that is on the 2020 version of Global Resource Systems is that of Raymond Saulino. AP’s reporting about him suggests that what I turned up separately is related to the same Raymond Saulino. AP’s summary speaks of defense contracts within the last decade; a company called Tidewater Laskin in Virginia Beach, from which a one-time co-worker believes Saulino is now retired; and an earlier connection with the firm Packet Forensics (at the same Virginia Beach address as the Tidewater Laskin company), which reportedly sold a capability to “government agencies and law enforcement that let them spy on people’s web browsing using forged security certificates.” (This capability was explained at the time to be a legitimate exploitation of application operations.)
My research led me to a Raymond Saulino of retirement age who is the proprietor of a consulting firm named RAS Associates LLC in Sterling, Virginia, just outside Washington. D.C. Mr. Saulino and the business have the same address; we don’t dox here at LU, so I will only say that it is a residential address, suggesting contract work that could well include setting up a structure for a single-focus IT front company, such as one like GRS that exists only to announce and receive IP-address traffic for a designated group of addresses.
Saulino’s involvement is a curiosity, but there isn’t enough information about it to draw conclusions from.
One more feature of the story merits highlighting. The Defense Digital Service has a “satellite” presence in another state (i.e., besides Virginia, where the Pentagon is located). The DDS satellite, cleverly called Tatooine, was formally set up at the end of 2019, after preparations began for the field location in the latter half of 2018.
“Tatooine” is in Augusta, Georgia, the state’s capital. It’s hosted by the Georgia Cyber Center, and is partnered with the Georgia Bureau of Investigation, the DDS (its parent), and the U.S. Army Cyber Command (at Fort Gordon, near Augusta).
It’s interesting (that word again) that Tatooine would be in Georgia. It may come to be more so; at the moment, with less than a day’s research completed, there isn’t enough to support responsible speculation.
But looking at the Obama-centric tale of how the Defense Digital Service came to be, at how a current chief plugged directly into the progressive-left Chicago network was appointed by a political-outsider Acting SECDEF during the Trump administration, and at the usual-suspect linkage cropping up across the surrounding landscape – plus the CfA brigades model, with hundreds of “civic tech” activists being groomed in readiness to minister government to the masses – the feel of this thing shifts.
It doesn’t look like millions of precious IPv4 IP addresses are being unleashed, tantalizingly out of reach, just to excite a response from the Web’s malicious-exploits marauders.
It looks like someone wants to do something with those IP addresses. What it is, people with other expert backgrounds will probably have to divine.
