The Skating Mistress Affair, Part I

Some people don’t seek trouble, but it finds them. That’s how I viewed fraud cases that came my way. Hired to hunt down computer anomalies, I didn’t enter a contract thinking criminal intent, but occasionally I stumbled upon crimes. This episode outlines my most challenging case, a battle of wits with a very smart adversary.

It started with a phone call.

In a cultured, south-of-Mason-Dixon accent, the man said, “Call me Chase; my daddy’s Mr. Franz. I’m marketing director of a software venture owned by a major Virginia bankshares concern. We own a product, a big one. We need a specialist to figure it out and support it.”

“A banking program?” Visions of Cobol or badly written C++ sprang to mind. “Sorry, I work with operating systems, not applications.”

“No, no, we’re talking systems software, not an app. The bank’s investment division floated the venture capital internally.”

“What’s the name of this product?”

“I can’t reveal that.”

“What does the software do?”

“I can’t tell you that either, not until we have your signature.”

“That’s all you can say? Why the secrecy?”

“Take a bank’s perspective of confidentiality, marketing paranoia, and a technical product we need to get a handle on, you get secrecy.”

“Who developed it? In fact, where is the developer in all this?”

“Well, that’s part of the problem. It was developed by a low-profile dude in North Carolina, really eccentric. He’s difficult to work with and we can’t seem to get his full attention. After selling us the package, he doesn’t want to be bothered with it.”

Only a few dozen independent software designers populated the top of the pyramid and we all knew each other, at least by name and reputation. I didn’t recall anyone in the Carolinas.

“You must not be paying much.”

“We bought the program dirt cheap, figuring he’d gouge us with ongoing support fees, but he’s not done that. He shows no interest in the product.”

“Your startup software group purchases an untried product from an unnamed author? How do you know the product is viable and isn’t trash?”

“Our bank’s systems run this software and no one, not even our lead systems programmer, can comprehend the program– it’s way too advanced. We sold copies to multiple Fortune 1000 companies, companies that use it and like it. But we found bugs. We desperately need enhancements and alterations as systems grow and evolve. We’ve got no one capable of maintaining it.”

“And your bank’s worried someone will wise up and expose your exposure.”

“That’s a huge concern. Spending venture capital is one thing, but discovering critical vulnerabilities implies liability. A number of jobs hang in the balance, mine included.”

“Written in C or what?”

“Assembler. 50,000 lines of machine code for the nucleus. With support utilities maybe hundred thousand lines for the old OS version and double that for the new, plus somewhat more for add-ons and extensions.”

“You’re saying a quarter million lines of code?”

“Uh, not exactly. The old and new versions cover a lot of duplication, so figure maybe one fifty to two hundred thousand unique lines.”

“That no one understands?”

“It’s costing us already. We need to put this right.”

The Plot Thickens

Locally, nothing exciting was happening with current clients. Steady income was nice, but I liked challenges.

Their tech division was named Data Corp. We exchanged non-disclosure agreements, eventually reaching an accord and a paranoia contract that required my cutting ties with other parties.

From Boston Logan, I flew a geriatric jet into Charlotte, Virginia, where I hired a car for a drive deep into the Shenandoah Valley. I passed beautiful horse farms and Mennonites in their buggies before I came to markers of American civilization – McDonald's, KFC, and WalMart.

The bank’s data center dominated a charming downtown in Harrisonburg, Virginia. I gave the receptionist my name and glanced around.

To the left of the lobby extended the glass room where the main computers lived, MICR check readers, networking and transmission units, 6000 square feet, perhaps 550 square metres, nicely laid out. It looked outwardly secure short of a terrorist attack.

From stairs at the right of the lobby descended a man about 5’5 of economical build. My salesman alert Early Warning System sounded. Scientists and engineers regard salesmen barely a step removed from slithering politicians. The two aren’t so much cats and dogs as cobras and mongooses. That mutual distaste would play a key part in the drama about to unfold.

Even so, Chase seemed a decent sort. He cultivated a brooding mien like a mantle of poetic melancholy, the kind that tenderizes feminine hearts and moistens girls’ eyes. Sporting a black, closely trimmed beard, he might have portrayed a weekend Civil War reenactor captain or river boat gambler.

He toured me around the complex, introducing me to bank presidents and vice presidents, those who plump out the top of the pyramid in financial institutions. He chatted up a half dozen girls who seemed in various stages of thrall. His magnetism short-circuited the female EWS.

“The product,” I said. “Let’s take a look.”

Chase offered me a seat in his office. He busied himself sipping coffee, winding his Swiss chronograph, twiddling a pen. I waited. Finally he said, “What we have here is a print spooling subsystem. A good one. Cool, huh!”

I understood why they wanted me. Not only did I work on operating systems, I had contributed code to two competing packages, a key operating system component in the evolution of computers.

Like a priest revealing the Dead Sea Scrolls, Chase reverently set a six-inch thick binder before me. He opened it. “This is our baby.”

My response came out less than reverential. It could be summed up as “WTF?”

No titles. No headings. No comments. No register notation. No meaningful labels. No reference points.

“I told you, Sandman, the developer, doesn’t need all that. He’s an amazing genius. He doesn’t document his work because his eidetic memory remembers everything.”

“Except for those who come after,” I said.

The lack of labels troubled me most of all. Normally programmers use real world identifiers such as Minutes, Seconds, Distance, Height, Weight, Brightness, etc. This had gobbledegook.

“Who does this?” I said.

“I told you, he’s a genius. They mean something to him, but he’s way above our level.”

“This is attempting ancient Egyptian without a Rosetta stone. This is insane,” I said.

Chase beamed. “You confirm what I’ve been saying. Sandman is genius above other geniuses; he’s beyond brilliant, absolutely off the scale. Our own people say his high-level abstract symbolism is far beyond their comprehension.”

“Even Einstein used standard identifiers, e = energy, m = mass. This has, for example, ‘rtgq233x.’”

“Sandman isn’t a merely an Einstein. Your challenge is, are you someone who can come to understand this or are you giving up?”

“Like hell.” Candidly, I wasn’t sure which part of the question I should answer.

Mystification

As a digital detective, I first confirmed the original assembly language matched the binary machine code in the executable module. I looked at a hundred different values scattered throughout the programs. They matched.

I profiled the program, I ran traces. I floated one other idea to Chase.

“Does Sandman speak Arabic or some language that omits vowels? Or Welsh? Polish? Russian? A language with unusual combinations of letters?”

“I imagine not,” said Chase. “He’s short, sandy hair, fair complexion. I doubt he’s visited out of the country. He’s barely travels outside of North Carolina. He’s so fearful of flying, he always takes a train.”

I had seen computer programs written in French and German. The mix of English and other languages looked a little unusual, but they ultimately made sense.

“Perhaps foreign abbreviations…”

“Look, stop going on about labels. Maybe they are in Klingon or Tolkien Elvish. Maybe they’re random or perhaps they’re nothing at all. With an impenetrable genius mind like Sandman’s, the labels themselves appear opaque to us and we simply don’t know.”

I didn’t accept that for a moment, but there was one other avenue to understanding the code– weeks of immersion in it. I packed the programs in my bag and headed back to Boston.

---

Over the next two weeks, I pored over 150,000 lines of assembly code. Some days I dissected routines line-by-line, noting, studying, analyzing. Other days I propped my feet up on the sofa and absorbed the gestalt.

Reading a program offers a unique peek into the author’s thought process. This mind meld can provide a strangely disquieting experience. A virtual voyeur can determine a precise mind opposed to a sloppy one, bold versus fearful, brilliant versus not so much, and lucid v losing it. This code contained all these elements and more. Although tightly written, it radiated a surreal aura and umbra, a sense of someone hiding in the shadows.

The Rosetta Stone

“The name of the song is called ’Haddocks’ Eyes.’”

“Oh, that’s the name of the song, is it?” Alice said, trying to feel interested.

“No, you don’t understand,” the Knight said, looking a little vexed. “That’s what the name is called. The name really is ‘The Aged Aged Man.’”

“Then I ought to have said ‘That’s what the song is called?’” Alice corrected herself.

“No, you oughtn’t: that’s quite another thing! The song is called ’Ways And Means’, but that’s only what it’s called, you know!”

“Well, what is the song, then?” said Alice, who was by this time completely bewildered.

“I was coming to that,” the Knight said. “The song really is ’A-sitting On A Gate’, and the tune’s my own invention.”

— Through the Looking-Glass (1871) chapter VIII, Lewis Carroll

I kept coming back to the labels. They held significance, I felt certain. I could sense a pattern as if glimpsing a phantasm from the corner of my eye. Sometimes, I almost grasped a meaning, only to lose it as I shifted to focus on it.

While analyzing the program line by line, I stumbled across the name of a known operating system routine declared in a constant. The name of the routine was $$BEOJ, which stood for ‘Broker End of Job’. Unnecessarily, the program invoked this routine directly. The author had allowed himself a moment of ego. Instead of the standard, run-of-the-mill method available to any programmer, the coder had showed off his knowledge of operating system internals and triggered this segment explicitly.

I understood the inner workings, but the label of the constant, $$XYAU, grabbed my attention. Could this, perhaps, be the name of the name? Could XYAU someway represent BEOJ?

I poked around, trying the David Edgerley Gates’ Sunday Jumble and Crypto-Quote letter swaps on other labels. Sometimes it seemed to work, more often it didn’t. I combed the program in earnest, searching for obvious constants that might zero me in.

The hunt suffered from a paucity of information, but slowly clues accumulated as I harvested two more paired constants and labels, four, and then six out of three thousand six hundred. Patterns, it was all about patterns. I glimpsed the edges of a picture. No label contained more than eight characters, and something peculiar happened to the letters in each label.

Oddly, B often meant X but it also appeared to be F at times. In rare cases, it didn’t seem to be either. I ripped another sheet off a legal pad and tried again.

I phoned and left a message for Chase. He hadn’t called in days. I sensed his dismay.

I sat up that night, the next two nights, devouring Chinese food for nourishment and Coca-Cola caffeine to feed my notorious ADD. I clocked six hours sleep out of seventy-two. My hair matted, my smelly T-shirt could startle bad-tempered water buffalo.

Everything changed. Like a submerged enemy submarine hiding in deep waters, computerdom’s trickiest puzzle broke the surface. I faced the most fascinating computer game of my career.

On the fourth day, I messaged Chase a couple of times in the morning. I made a few more notes, then toppled over and slept until mid-afternoon.

Demystification

“What?” I barked into the phone a bit too sharply. My eyes seemed glued shut.

“Hey, it’s me, Chase. I got your messages. Whatcha got?”

“How much did you pay for this program?”

“Well…” He hesitated.

“You either paid way too much or way too little. Either way, you got screwed.”

Defiance mixed with defensiveness, he mentioned a figure barely larger than a month’s salary, paid for a program that took someone a year or two of 60-90 hour weeks pouring out one’s soul.

“Why do you ask?”

“Like I said, you got screwed. Sabotaged. Someone has encrypted the labels and stripped the meaningful information out of this program.”

“Bullshit. I don’t believe it.”

“Embrace it. You think it’s a coincidence comments are missing? There’s no register notation? Not a single artifact of meaningful evidence?”

“My people asked him about that. He’s one of those super smart guys who never comments his code.”

I grimaced. For that alone, the program should never have been accepted. I no longer believed the legend.

“Look,” I said. “Labels have been encrypted. I’ve got examples of equates in which one is assigned to 5 and five is assigned to 10.”

“It’s his genius level of abstraction. And what do you mean encrypted?”

“’His genius level of abstraction nonsense’ is getting old. I mean encrypted like the cryptogram puzzles in the newspaper, A equals S and B equals M and so on. A substitution cipher they call it, like Sherlock Holmes’ Dancing Men, only a factor far, far more complex. I’m still working it out, extrapolating clue by clue; it appears the bastard’s used at least two translation tables I'm sure of plus a couple of other frills, kind of a mental oubliette.”

“I don’t believe it. Look, we better rethink this contract. This can go one of two ways. Option one, we terminate our relationship. Option two, other than these conspiracy theory labels you go on about, the positive side is you now know more about the software than anyone other than the author. Come on down here, show us what you’ve got, and we’ll move forward.”

Enter Sandman

From DC, again I boarded another deafening jet into Charlotte. Where did USAir salvage these museum pieces? Maybe they explained why Sandman refused to fly.

The girls at the banking complex greeted my return engagement warmly, speculatively. The town librarian had mentioned the region suffered a serious shortage of males.

Chase, a bit aloof, escorted me into his office.

“I phoned Sandman,” he said coolly.

“And?”

“Says your theory– your accusation– is nonsense. Says he never ever uses comments, can’t afford time for them. Says those equates you mentioned, one equates to 5 and so on, just a coding convenience when in a hurry. Told me if we want to make insinuations, his lawyer can tell us to get stuffed. We can’t afford to get on his bad side.”

I snorted. “Coding convenience? How did you approach him? Did you ask if he sabotaged the code?”

“Of course I asked him. What was I supposed to say?”

“When you asked rather than told, he knew he’d bluffed you. I know he sabotaged the code, so I don’t need to ask.”

“He denies your allegations. Look, you’re a guy I hardly know. You make unbelievable accusations about a fellow I’ve known for years who says your notion is ludicrous. You tell me; how am I supposed to believe you?”

“I’ll show you proof.”

At the end of an hour, I’d further confused Chase rather than convinced him. He still believed Sandman. My stacks of tables and colored diagrams decorated with fine-tipped arrows left him unmoved. He couldn’t entertain the slightest possibility he’d been fooled or the other guy committed malfeasance.

I said, “I want to talk to Sandman myself, geek to geek.”

“That’s unwise. If he breaks off contact, we’re done for. He might even sue our asses.”

“You’re already done for– that’s why you hired me. Anyway, I’m not going to ask him if he encrypted the program, I know he did. That gives me an advantage.”

He reluctantly agreed to my calling with the condition he silently listen in. Like me, Sandman worked nights, so Chase and I grabbed dinner at a great restaurant as we waited for Sandman to come alive in the night.

One lichee duck later, we strolled back to the data center. I sat in his office while Chase lounged outside at the secretary’s desk listening in on her phone. He promised not to interrupt no matter what– I made him swear to stay quiet.

I dialed the Greensboro number he gave me. The call connected. Dan Sandman’s voice at the other end sounded pleasantly curious.

He said, “So you’re the guy they hired to develop the app.”

“Yep, I’m the sucker. Brilliant program, by the way.” I kept my voice light, pleasant.

“Thanks. I’ve heard of you by reputation. Boston, right? So how are you making out?”

I chuckled. “Dan, you left me one tricky puzzle. I’m still working it out, but your encryption scheme is brilliant, harder than hell to break.” I shook my head admiringly, not that he could see it. “Thus far I’ve identified two different translation tables. That’s ingenious.”

No hesitation, no prevarication, he broke into laughter. “Three actually.”

Through the window, Chase blanched, then darkened. I put my finger to my lips in case he felt like an outburst.

Danny continued. “You haven’t been working on it long. I’m astounded you got that far.”

“Three translation tables explain why I still have a thousand or so labels to crack.”

He chortled. “God damn, you smart dog. I used the first character of each label as a selector, picking the cryptographic table based upon which third of the alphabet the first character fell in.”

Outside the office, a purplish Chase was working on a serious case of TMJ.

I complimented Sandman. “I’ve never come across that idea before. Man, figuring out those tables can give one fits.”

“I didn’t want anyone to break it. Can’t believe you’re two-thirds of the way there. How did you figure it out?”

“$$BEOJ.”

“What? Oh, yes. I’d debated making a special case for it, but didn’t imagine anyone would ever get that far. What did you think of my equates?”

“Annoying.”

He laughed. “I trust that’s mildly put.”

“Right you are. There’s the obvious question, of course.”

“You mean why? Why screw up my own program?”

“You weren’t seeking job security.”

“I did it because I can’t stand that salesman, Chase. He’s such a bullshitter, all monies for himself, benefit the investors and screw the inventors. Flying around the country like an exec, trying to hustle the package, spending other people’s money, hogging the biggest slice off the top– I got fed up.”

Chase’s blood vessels looked ready to burst in an apoplectic fit. When he opened his mouth, I frantically waved him to silence. I tried to remember what Chase had told me.

Into the phone, I said, “You worked with him before?”

“Yeah, he found out about my package and begged to sell it. He couldn’t bother working the phones, doing sales fundamentals. Figured he was a Steve Jobs executive, jumping on a plane just to give a demo. I sold more copies than he did and I never left Greensboro, never tried to promote it, only word of mouth. Know what Chase did? He took the salesman cut anyway. He spelled that out in the agreement he wrote. Now ask me again why I’m pissed at him.”

Outside the door, Chase turned magenta. He could barely refrain from screaming into the phone.

Sandman continued. “So anyway, Chase was burning through money when he approached that bank in Virginia. He convinced them he had a hot product and urged them to buy out his contract. Chase wouldn’t change his ways, though. He wasn’t going to pay me what it was worth and I knew I’d never see royalties. My girlfriend, she said screw him. So I got this idea and I did. It wasn’t ransom, it was revenge. Sold it for almost nothing, figured he’d do himself in.”

“How much did he pay?”

“I bet you already know that. And he was gleeful at the fire sale price, ecstatic. The greedy bastard couldn’t believe the advantage he’d seized over his so-called partner. The slime-ball acted right proud of himself.”

“Dan, it’s affected other people. Plus other companies depend on the product.”

Sandman sounded almost regretful. “Yeah, I know. That’s why I agreed to partially support it until they found a replacement for me. I didn’t figure they’d bring in you.”

“Thanks, I think.”

He giggled dryly. “It’s tough maintaining it. I made the source code such an abortion, I find it nearly impossible to debug. They send me a trace or a dump and I spend a couple of days pulling my hair out. I provide just the minimum, which hasn’t been good enough, certainly insufficient to support new equipment coming out.”

The full significance of that statement wouldn’t register until much later: By implication, he’d orphaned this program and was developing a parallel version with enhancements.

“Dan, you know I have to tell the investment bank about this.”

“Figured you had already. Did Chase convince them otherwise? I successfully put him off when he called, but I gathered you were on to me. Yeah, talk to them. Maybe we can work something out, something fair and equitable. I’d like that.”

Witness to the Ascension

If Chase wasn’t pleased, the bankers were apoplectic. The vice president called the president. The president called the chairman. The chairman called the board. The board called the holding company and they called a meeting. In the meantime, the president asked me to stand by. “Don’t leave town,” he said.

Chase departed on a trip. He begged me to stay at his house and care for his dog, one with a bad case of separation anxiety. Shenandoah Valley girls were very hospitable. Over the next few days, I accepted kind invitations to luncheons, dinners, a bluegrass festival, a Mennonite market, and a community fair.

On Monday, the chairman called the president who called the vice president who called me. “Go home for a few days while we sort out what to do.”

I departed almost regretfully.

---

A few days became two weeks. I spent the time picking at the listings, painstakingly peeling the masks off characters in this exquisite puzzle. That’s what I liked best about programming, me against the machine, taking its rules and making it do what I wished, bending the beast to my will, solving abstract puzzles others couldn’t see. Usually it was me versus the computer; now I faced a clever human adversary.

Sandman called once to ask what the bank decided. My guess was gnashing their teeth, but I confessed I didn’t know.

People found it easy to talk to me, sometimes revealing personal things that seemed surprising later. He opened up.

We ended up chatting about nothing but learning about each other. Topics included girls, cars, his fear of flying and his enthusiasm for roller skating. We discussed fueling software with good Asian food. Our liquid Ritalin was cola, Coke for me, Pepsi and Moon Pies for him. He revealed a passion for Shostakovich. In the wee hours of the morning, he confessed frustration at his girlfriend’s lack of libido. He hesitantly admitted she was married.

On Friday, the VP called from his scratchy speaker phone. “Leigh, I got Chase and the president here. We want you to hop down to Greensboro and negotiate for the source code. Just you and Sandman– you’re the only one he has rapport with, the only one he respects.”

“What are the guidelines of the negotiations?”

“Obviously try to ransom our source, pay as little as practical for it, low five digits if possible.”

“Cap it at one-twenty, maybe twenty-five,” someone in the background said, probably the bank president.

“If things turn too unreasonable,” continued the vice president, “just walk out and we’ll haul his tail into court.”

“D’accord,” I said. “Shoot me a letter defining the limits.”

The VP said, “Do you anticipate a need to involve the police? Should we hire a private detective, perhaps a non-threatening girl his age?”

Chase spoke up in derision. “He just a little squirt, a pussy, a…”

The VP must have waved him to silence. “Okay. Buy it if you can, walk out if you can’t.”

No one had any notion of the unreal turn negotiations would take.

---

Next week: Part II, Skating Follies

The 2nd Greatest Con Man in America

Neither Democrat nor Republican, I’m an independent. I’m not happy if I can’t equal-opportunity offend all parties. But damn, these days some of the high-profile players egregiously push their way to the front of the ignoble queue. That old saw “Where there’ smoke…” invariably ends with, “…someone’s fanning flames.”

But I’m not here to talk about partisanship, but to address two major theories enjoying unwarranted attention. They gain traction because rumour mongers depend upon an absence of science and technical knowledge. (For the litigious sort, kindly note this is an opinion piece.)

For example, my friend Sharon forwarded an email acclaiming Chinese-designed dancing robots in Shanghai Disneyland. Although these were clearly not automatons, many, many people willingly suspended disbelief.^[1]

Blowing Smoke

Same with politics. As Alice’s Red Queen might say, we’re asked to believe six impossible things before breakfast. Psychologists have noted the biggest lies can be the easiest to accept.

As the above-mentioned smoke about massive voter fraud begins to clear (with a portion of the credit going to the incumbent’s attorneys), conspiracy oriented talk hosts have turned their attention to data manipulation. The first brings to life two decades of concerns about voting machines. The other centers around government computers reassigning millions of votes.

Hypothesis 1, Voting Machines

Grab a coffee. I can’t believe I’m defending Dominion, née Diebold, aka another half dozen company names. I’ve been highly critical of their technology and its lack of transparency. I’ve also proposed a solution, open-source code. That way anyone can peek at its internals searching for flaws.

Twelve to twenty years ago, Democrats worried problematic voting machines at best lost votes and at worst, threw elections. Part of their concern was the company’s Republican CEO, a good friend of George W Bush. According to sources, the CEO ill-advisedly told Bush he’d help win his election. Some stretched that to mean he might use his product, voting machines, to disfavor Democrats.

When Florida’s Secretary of State Glenda Hood ordered error-prone Diebold machines, Senator Bill Nelson questioned the wisdom. She told him to mind his own business… which of course he was. If memory serves, Sarasota County that year lost 20,000 votes. The county’s seemingly baffled Supervisor of Elections said 20,000 people had obviously shown up and chosen not to vote.

Diebold’s reputation was so checkered, they underwent a series of name changes: Diebold ➡︎ Premier Election Solutions ➡︎ Election Systems Services ➡︎ Sequoia Voting Services ➡︎ Dominion Voting Systems.

Over time, they have improved, but one thing is clear. Neither individual machines or networked clusters are capable of diverting anywhere in the range of numbers hinted at: a half million to a suggested two-point-seven million or even seven million votes. Some accusers hinted at machine glitches in Michigan and Georgia, while Q-Anon outright claimed hundreds of thousands of votes were deliberately deleted. Apparently audit trails aren’t widely studied on 4-Chan.

One might wonder the motive of a company board to lose this election, a corporation considered reliably Republican, historically regarded with caution and even suspicion by Democrats. Hey, don’t ask me… I raise the question, but I don’t know. (See? I told you I’d offend both sides.)

Hypothesis 2, The Giant CIA Supercomputer Conspiracy

This is a two-coffee problem, so pour another cup as you’re asked to take an ever bigger leap from the improbable to the nearly impossible.

The short version claims that the CIA (and possibly CISA) deployed a Bush era supercomputer originally used by the despot Obama to surveil and enslave Americans. Called HAMR,^[2] affectionately nicknamed The Hammer by techno-savvy, Marvel-reading politicos, it was seized by Biden’s nefarious agents to subvert the election by diverting Trump votes to Biden. A Bannon-Breitbart correctional recount proved Mr Trump won 98% of the popular vote, nearly 140-million total, the largest in history.

(How Mr Trump wrested this antique computer from Hillary’s election hands in 2016 isn’t clear.)

This vote-rigging supercomputer was engineered by a genius superprogrammer, Dennis Montgomery– both this amazing computer and the accompanying conspiracy theory. Already, I see you have questions.

I left my own amazing computer career a few years ago and haven’t consulted for the DoD even longer, but that name, Dennis Montgomery, rings no bell. I checked with colleagues, all with the same answer: Who? Actually that’s a question.

LinkedIn lists a Montgomery Dennis, which may or may not be a hit, but I suspect it is. This entry describes a guy with amazing computer, management, and top secret intelligence skills, who has the Director of the CIA, Secretary of the Air Force, and the US President on speed dial. He claims to have given intelligence briefings to the white house… yup, lower case. We shouldn’t judge him. Maybe he meant something like a white clapboard house in Terre Haute.

If that is his résumé, he’s awfully modest. Certainly he’s much better known in scam and conspiracy theory circles. Since his curriculum vitae is weak and poorly worded, I whipped up a supplement for him. Mr Montgomery may pick and choose as needed, no charge.

Dennis Montgomery (aka Montgomery Dennis?)

Superduper all around computer expert and geopolitical action figure.
($29.95 on AliExpress) Pinocchio nose sold separately.

Education

• Studied under Michael Milken at Drexel Burnham Lambert.

Career

• Operated American Report web site specializing in conspiracies of the day.™
• Investigated tunnels under a Washington daycare pizzeria. Conclusively proved pepperoni contained meat byproducts.
• Demonstrated, using advanced computer analysis of birther certificate, Ted Cruz not born in USA.
• Invented catchy names like Scorecard and The Hammer for programs that, uh, don’t actually exist.
• Scammed Bush administration into paying several million dollars for pretend programs to decode secret al-Qaeda radio messages that, uh, didn’t really exist.
• Conducted anti-terrorist scam. Fake security alerts caused the US to ground some flights and reportedly caused the Bush administration to nearly shoot down airliners. That was a rush.
• Falsified emails to implicate gubernatorial candidate and Congressman Jim Gibbons in bribery scandal that, uh, didn’t exist.
• Conned Maricopa County Sheriff Joe Arpaio into forking over more than $100,000 of taxpayer money so he could reveal a conspiracy plot against Sheriff Joe… which, uh, didn’t actually exist.
• Faked federal wiretapping evidence that, um, didn’t exist.

Hobbies

• Dabbles in presidential elections for fun and profit. Like the emperor’s clothes, evidence doesn’t exist.

In my personal opinion, I believe Mr Dennis Montgomery enjoys conning important people and, with the 2020 election, he’s hit the jackpot with the coteries of the candidates, and the attention of the two most powerful men in America.

Footnotes

1. The claim is that the performers are Chinese designed robots, a leap ahead of US, European, and Japanese robotics. As it turns out, Snopes has done the leg work, determining it’s a clip from the British television show “Strictly Come Dancing” that aired on BBC One in 2013
2. Seagate, the hard drive manufacturer, has coined the acronym HAMR, meaning heat-assisted magnetic recording.

The Digital Detective: Pay Your Debtors

This continues a series of earlier articles about computer fraud.^† Originally I practiced a career of systems software design and computer consulting, but I sometimes came upon a more shadowy world, that of computer crime. I seldom sought out fraud but I sometimes stumbled upon it, picking up undetected clues others missed.

This episode doesn’t deal with crime, per se, but it includes a banking con, minor as it is. The scheme required a little ‘social engineering’ and, though the word might be Yiddish, no one can schmooze like Southerners.

The story came to my attention while consulting for banks, this one deep in Virginia’s Shenandoah Valley. My landlord for part of the stay was an eccentric but colorful codger. He talked about a neighbor who leased farm land from him but failed to pay his rent. Outsiders might expect he pulled on a jug of rye whiskey as he talked, but all he did was lean back in his recliner, sip beer, and twirl a never-lit cigarette while a cheerful woman less than half his age clattered in the kitchen. I jotted down his story long before I became a writer, so kindly forgive error and stylistic issues as I strove to capture his dialogue.

Corn picker © John Deere

Damn Ernie. I hounded that man all summer long for the rent. Finally last fall, I hooked up my corn picker and started up the corn rows. Now a corn picker ain’t a quiet machine, and lo and behold, neighbor Ernie come dashin’ out of his farmhouse yellin’ and cursin’ that I’m stealing his corn.

I said to him I couldn’t possibly be stealing corn off my own land, unrented land at that. He steamed and stormed and said the seed and planting labor had been his, and anyway he was just a little late with the rent, three or four months, maybe four or five, weren’t nuthin.

I told him that I was just going to keep picking corn for myself until someone showed up with rent money. He dashed off like banshees themselves chased him. Pretty soon he comes back waving his checkbook.

I said, “Ernie, are you sure there’s money in that account?” Oh yes. He told me twice there was, so I said there’d better be, and he said he wanted the corn I’d picked. I told him to consider the already picked corn interest and collection fees. Fact is, I finished the rest of that row, which he just hated.

So the skinflint S.O.B. hustled off to hitch up his combine and wagon, and I find myself a few bushels better off than I was before. I cleaned up and headed in town to the bank, right past Ernie who’s racing his machinery through the fields.

At the bank, I always get in Molly’s line. She’s a sweet, buxom lass, and I’d been thinking about asking her out.^‡

Anyway, I get up to her teller window and she said the account’s a bit short to cover the check. I asked her exactly how short, and she said she wasn’t allowed to tell me that.

So darlin’, I cajoled, is this check completely worthless, or did Ernie at least come close? Looking at her computer, she said he was purty close.

Well, I says to her kind of reflectively, I want to tell my neighbor Ernie how much he needs to cover my check. Like would he have to deposit only $10? No, she said, ten dollars wouldn’t cover it.

Well, says I, would $20 or $30 do? No, she smiled at me, it’s not quite enough.

Hmm, says I, I wonder if $40 or $50 would suffice? Um, she said to me, that first amount ought to cover it.

Thank you, I says, I’ll tell that rascal he needs to put $40 in the bank. By the way, sweet thing, can I have a deposit slip? And you think maybe I can call you up? For, uh, you know, maybe dinner Saturday?

So I walked out of there with a bounce in my step, a deposit slip and her phone number. I was feelin’ purty good. What I did was get in my car and circle around through the bank’s drive-thru. I already had Ernie’s account number on the check, so I just filled out the slip and shot it through the air tube with two $20 bills. Sure enough, the receipt came back showing $1002.39. Good on Molly.

But wait, I say, I almost forgot to cash a check. This time I send over Ernie’s $1000 check and this time I get back a thousand dollars.

Fair enough. I probably had $40 in shelled corn and a lesson I ain’t gonna rent to Ernie no more.

Ernie got stupid, though, and instead of being grateful I didn’t bounce his worthless ass along with his worthless check and turn both over to the sheriff for collection, he raised holy hell at the bank yelling someone manipulated his account.

I took Molly to the horse show that Saturday. Now I tell you personal like, you want to get a lady in a receptive mood, bein’ around horses will do it. Something about women and horseflesh– can’t explain it– just a word to the wise.

Anyway, Molly, she confided the bank said it was apparent someone had taken liberties, but they couldn’t blame the teller who took the deposit and they couldn’t blame the girl that cashed the check. They just gave everybody a stern reminder warning.

Molly said Ernie wanted to call the authorities, but the branch manager told Ernie he’d be the one in trouble for writing bad checks. He didn’t mention Molly could have fallen in the soup too if they’d figured out her role.

Molly said she knew I’d manipulated her and wanted to know if I’d asked her out from obligation or guilt. I said I didn’t want to sully a relationship thinking I used her. She needed a lot of reassurance about that, and so Friday nights and Saturday nights we just get romantic and I give her plenty of reassuring. Been about a year now. Figure we can go on with this for a long, long time.

And he winked at the cheerful lass in the kitchen doorway.

Cornbine © John Deere & Farming Sim Mods

† This essay had originally appeared 19 May 2013 on SleuthSayers for a matter of hours, when a magazine editor asked me to unpost it with an eye toward publishing. A check never arrived, so I now return the article for your enjoyment.
‡ Commonly in Virginia’s Shenandoah Valley, ‘out’ sounds are pronounced like a Scottish ‘oot’. Thus he really said, “I’d been thinking aboot asking her oot.”

Chasing Pennies

I've written about exploits in banking and brokerage fraud with further articles to follow. Bad banking practices don’t feature well in my write-ups. Institutions change only when they’re forced to.

Recently my fraud expertise touched upon the personal. A good friend fell victim to gaping holes in one of New York’s largest financial institutions, J.P. Morgan Chase & Co.

Lily is smart, pretty, and unattached. Two out of three is pretty good, but she means to win the trifecta. She doesn’t advertise, but merely hopes to attract the right kind of guy. She appears on social media: Facebook, Pinterist, and a singles’ site that’s been around some thirteen years, MeetMe.com, where she met an interesting fellow.

Telling the good from the bad isn’t always easy. By the time our malefactor (male factor or dirtbag are also suitable) stepped into the light, he already knew critical pieces of information about Lily: her real name (thanks to odious Facebook requirements), where she’s lived, family relationships, and importantly– her birthday.

For a few weeks, ‘Antonio Sanchez’ from ‘New Jersey’ wooed our lass on MeetMe. He didn’t do anything crass like ask her bank account number or credit card information; thanks to Chase’s security ‘features’, he didn’t need to.

As Thanksgiving approached, Lily traveled across the country, stopping to visit relatives in Greenfield, Indiana, home of another Lilly, the famed pharmaceuticals company. Our heroine happened to check her bank account and found it unexpectedly fourteen hundred fifty dollars richer.

Lily, not only smart but honest, sought clarification at the Greenfield branch of Chase. Greenfield couldn’t fathom the problem.

check 1 of 6 #808869

“You put money into your account in the early hours of the morning. Looks like you needed it. What’s the problem?”

“I didn’t deposit anything.”

“But you did.” Greenfield regarded her suspiciously. “You’re saying you didn’t?”

“Exactly. I didn’t do any such thing.”

“Well, lucky you. Someone likes you well enough to put coins in your account.”

*click* Instantly Lily knew who’d made the deposit.

A couple of hours later, the situation reached me. By then, other deposits had appeared. Curiously, monies were rapidly shifting among Lily’s three accounts. My fraud alert alarms clanged.

“If you make a withdrawal,” I advised, “calculate only what you own to the penny and not a cent more.”

“What’s the problem?” friends asked. “A handsome guy sending Lily money? Does he have any brothers?”

I spoke adamantly. “There is no money, no boyfriend in New Jersey, no gold at the end of the rainbow.” When I explained the con, Lily agreed to join me for a visit to the Indiana State Police.

The man manning the reception desk told us all detectives were out of the office and wouldn’t return until the next day. Lily asked if she could file a report.

The grizzled trooper brought forms out to us in the lobby. He stood by as Lily tried to explain the situation.

He interrupted her. “A guy giving you money is no crime. No crime, you can’t file a report.”

I said, “There is no money. It’s a con…”

The trooper threw up his palm in a ‘Talk to the hand’ gesture. Cops are trained to seize and maintain control, even when counterproductive. He went on to lecture Lily, not so much accusing her of wasting police time, but of being silly.

“May I explain?” I said as levelly as I could. “There is no money, only fake deposits. He will use that false balance to pay himself.”

The cop paused, considering. “Wouldn’t work,” he said. “If I deposit a check, I have to wait a few days to withdraw funds.”

“That’s why he’s moving money around her accounts. Some banks, perhaps including Chase, lose track of new deposits as they’re moved around. The technique is called seasoning, losing the new deposit tag and making the money look like it’s aged on account.”

“I’m a road warrior,” said the trooper. “I’m not up on these things. Yeah, I’ll have a detective phone you.”

Virtually next door to State Police Headquarters, we’d noticed a Chase branch. Lily made the wisest decision of the day, visiting the bank for an update.

The young woman listened attentively. She quickly grasped the situation. “Oh my God,” she said. “I received a notice exactly like yours of a deposit early in the morning. I need to check my own account before I go home today.”

Together, the three of us discovered additional deposits and further shifting around of money. By then, funds had been used to buy the first Western Union money order made out to an unknown and very foreign name.

“Let me guess,” I said. “The money’s sent to Nigeria?”

“If Lily didn’t give this jerk her personal information,” the young lady said, “how did he get into her account?”

I explained one hypothesis. I’m a vocal critic of the so-called security questions routinely forced upon on-line customers. “What city were you born in?” “What was the name of your first pet?” “What’s your favorite team?” “What’s your favorite color?”

With the slightest information, bad guys find it ludicrously easy to guess the answers. The favorite color question often includes a helpful drop-down menu of eight colors. No one chooses black or white, so a malefactor can guess the answer in six tries or less.

The young branch manager rang the fraud department. She posed the same question to them, who replied “There are so many ways to breach an account…”

check 2 of 6 #808870

The bank gave us copies of the checks. One peculiarity came to light. Chase said it appeared the Nigerian repeatedly deposited the same two checks over and over, fooling Chase and highlighting another flaw in their security, a defective filter for detecting duplicate deposits.

Chase froze Lily’s accounts, leaving her stranded without travel money in the midst of a cross-country trip. But wait, we’re not done.

Lily awoke the next morning, finding her accounts unlocked and a half dozen or so deposits burgeoning her balances.

Lily phoned Chase to let them know further monkey business was afoot in her reactivated accounts. They quickly closed the window and her accounts, again cutting off her funds.

---

Big banks and little people, comes now the pathetic part. Instead of expressing gratitude for Lily’s quick action of notifying them of fraud, Chase blames Lily for the leaking of money from the bank. Their stance is that Lily either worked with the malfeasant Nigerian to defraud Chase, or at the very least handed over her account information to the bad guy. As you now know, that doesn’t have to happen. All it takes is sloppy banking.

Besides seizing Lily’s bank balance, Chase now demands another $600 in compensation for their losses. Good move, Chase: encourage honest citizens to rush in to report fraud made possible by your own shortcomings.

It’s a great day for banking. Have you had similar experiences?

You, Identity Theft Victim

Today’s article outlines the massive Equifax identity theft that’s still surfacing today. For the first steps in protecting yourself, you can jump to the distant section on discovering whether you have been targeted and obtaining security features that have been made free for you.

Monetizing Your Body

Commercial law can be a peculiar thing, who owns what and why companies have certain rights you don’t. For example, you enter a hospital for surgery. Doctors snip out some piece of you. Likely, you never question who owns that removed bit of flesh or bone and you’re happy just to get rid of it.

Suppose doctors discover something unique and potentially highly profitable in that tonsil or toenail, your appendix or gall bladder. Your DNA might save millions of lives around the planet and earn billions of dollars… none of which you’re entitled to. Unless you signed an agreement otherwise, the physician or hospital owns that biological bit of you including the rights to exploit it. One woman actually applied for a patent on her own body for such a circumstance.

Monetizing Your Life

Financially successful corporations make tidy profits collecting information about you, not merely your earning and spending habits, but where you live, work, school, shop (or shoplift), if you’ve been to court and why. The peculiarity is you don’t own that data. Huge companies do and often their information is wrong and sometimes misused.

A few years ago, credit bureaus were finally forced to hand out credit reports to those who demanded them (a) no more than once a year or (b) if you were turned down for credit. But… odds are high you’ve never seen your full report, because it can contain information the bureaus don’t want you to know. When a mortgagee or a banker or employer receives your credit report, a line at the top might instruct them not to show the report to the subject (you or me), followed by information or opinions they don’t want shared with the… well, victim.

For example, the redacted secret part on my own credit report read “suspected of using false address.” This came about in two ways. First, I had been buying property, a dozen addresses were associated with my name, so I relied on a post office box, much as my grandmother had done. Second, the US Postal Service allows post box renters to use the post office’s physical address, quite handy for imprinting on checks. Such an address looks like:

Chandler Hammett
1201 Post Industrial Drive #107707
Los Angeles, Ca 90210-7707

In my case, the comment didn’t particularly affect me, but imagine someone applying for a sensitive job. The HR department reads the line “suspected of using false address,” and suddenly the potential employee is rejected with no reason given. The applicant should have a right to know about that careless assessment, but has no way of learning of or correcting the report. Why? The bureaus own the reports, you and I don’t.

Monetizing Miscreants

In a past article, I pointed out that curious hackers– the benign exploring kind– can receive severe prison sentences for merely poking around in data warehouses and behind the scenes in web databases. I argued that bankers and merchants who fail to secure vaults, leave doors unlocked, and don’t hire a watchman should be punished as well. If any major office didn’t lock its doors, could you blame kids for wandering in and looking around?

Let’s discuss Equifax, which has suffered an extraordinary data loss to a ‘state actor’… presumably China, North Korea, or Russia. Stolen is your name, social security number, credit card numbers, drivers licence, address, and all the minutia that makes you you. With this kind of data, thieves can lie low for years before springing into action.

I say that as fact, because thieves (state actors) stole the records of the vast majority of working and retired citizens in two separate breaches. The second theft (the first was acknowledged only after the second came to light) affects between ¾ and ⅞ of American adults. Equifax admissions have edged upwards from 153-million stolen files to 182-million; outside assessments estimate as high as 200-million or more.

Note: Canadian and British records have been stolen in the same breach. Equifax says they’re “working with UK regulators,” whatever that means.

Monetizing Misfortune

Equifax executives cashed in stock before the breach became public, attempting to option their knowledge for their personal profit. Then after the big reveal, the company offered to help protect user accounts through a subsidiary— for a fee. Equifax and their security pet since had their arms twisted into providing the services free.

Political response has been as antithetical as you might expect. Congressional members of one political party sent a demand letter to Equifax with a deadline for explaining details and corrective actions. Contrarily, in defense of Equifax and in fear of impacting deregulation, the other major party is working a bill through Congress to limit the liability of credit bureaus and other companies.

Have You Been Hit?   866-447-7559

Here Equifax estimates whether or not your data has been sucked overseas. Be cautious of similar links, because identity thieves are working those, trying to snatch whatever data they can. Use this link:

☞  Has my data been stolen?

Note that updates may still be made, so it’s possible an all-clear this week might turn into a false negative next week. Tap that link to see if you’ve become a victim:

Once you receive an indication, you can decide what to do next. Equifax can take several days to email you about options (now free) that they provide. The FTC offers suggestions and guidelines.

Equifax will provide ninety days of ‘fraud alert’ (notification of identity theft) and a year of monitoring, which can be renewed indefinitely. You may also choose to lock or freeze your account and ‘thaw’ it only when you apply for a loan or other use.

Use the phone number (866-447-7559) above if you have questions or need help you can’t find elsewhere. Contact the other credit bureaus to notify them your identity and data has been compromised.

Equifax Inc. P. O. Box 740241 Atlanta, GA 30374-0241 800-685-1111 800-525-6285 1150 Lake Hearn Drive Atlanta, GA 30342 fraud: 800-525-6285 web site

Experian P. O. Box 2002 Allen, TX 75013-2002 888-397-3742 888-243-6951 701 Experian Parkway Allen, TX 75013 fraud: 800-397-3742 web site

Trans Union Corp. P. O. Box 1000 Chester, PA 19022-1000 800-916-8800 800-888-4213 2 Baldwin Place Chester, PA 19022 fraud: 800-680-7289 web site

Let us know if you’ve been hit. In the meantime, be safe out there– state actors abound!

Yet Another Computer Scam

 WARNING A scam involving Google and clever programming sleight-of-hand has hit the scene. It’s not entirely new– a prototype showed up in 2014– but it fools many professionals. Apologies in advance for the technical parts below.

A new month, a new scam, this one brought to our attention by a reader. Although widely reported, this scam hasn’t shown up in the ACM Risks Digest yet. Surprise– the scheme starts with your GMail where a note from a friend or colleague contains a link to another page or document. You click and receive a message you must log in again. Happens every so often, annoying but sign in again for security.

A Google log-in page shows up– the URL field (web page address) contains google.com. Enter your name, enter your password. Click. The document your compatriot sent now appears.

You may not know it, but you just lost exclusive control of your Google account. Your pal didn’t send that email and the link was plucked out of your emails.

Let’s look at the sign-on dialogue boxes again. Which one is counterfeit? Hover your mouse over them for the answer, but the fact is, they’re indistinguishable.


The insidious part is that email web sites– Yahoo and AOL included– train us by periodically forcing us to relog in. Hold on… didn’t the URL box contain google.com?

Yes. Over the years we’ve seen clever fraudsters incorporate target domain names similar to this:

http://w5.to/google.com

The trick here is that the real domain, web address of the bad guys, is w5.to. The google.com is only a web page set up to fool you. Other examples might look like the following:

http://citibank.net.w5.to/index.html

This is a variation of the bad guy’s domain, w5.to, above.

http://citybank.net

Here the bad guys registered a variation of the real name made a little easier by CitiBank using a non-standard spelling. These three examples are reasonably clever and some scammers don’t take that much trouble. However, this new one can catch even professionals by surprise:

data:text/html,https://accounts.google.com/ServiceLogin

The clue something is very wrong lies in the first three words, data:text/html – you shouldn't see that at all. The opening letters of an URL don’t have to be http – they can be file, data, help, about, chrome, gopher or possibly another protocol, but ‘data’ is the only hint the page is abnormal.

Browsers have become more sophisticated over the years, so web pages might include additional capabilities such as setting preferences. The ‘data’ keyword allows HTML to be embedded in the URL field, but more insidiously, it allows JavaScript, and that’s how this particular exploit fools us. Following the ServiceLogin part of the URL are dozens upon dozens of spaces so you can’t see what comes next. Far beyond the right side of that URL field is where the real sorcery begins with <script…>. This malware program throws up a fake Google sign-in page to capture your ID and password.

Expect Google to quickly mount an update, but beware, look ever more critically at URLs when you’re asked to type in your credentials. It might save your on-line life.

If Only We Had LAWS Against This Stuff...

"If only we had LAWS against this stuff..." and other crazy statements:
Okay, a few reminders just to catch everyone up.

Joop Bollen and then-Governor,
current SD Senator, Mike Rounds,
in happier days

• Back in 2009, Joop Bollen was appointed to run EB-5 – which was a federal program designed to trade green cards to foreign investors for $500,000 a whack - by our former governor, current Senator Mike Rounds, who, when questioned recently about all of this, said, "The state of South Dakota would use different federal programs on a regular basis and you always assume that if the federal program is in place that they have a control process in place. We’re finding in some cases that that is not the case " (Mike Rounds interview).  Like when you put Joop Bollen in charge of that federal program, allowed him to privatize it in SDRC Inc., and told everyone what a great job he was doing?  (I swear to God, you can't make this stuff up... Sadly...)  

• There's still as much as $120 million missing from the EB-5 program. 

• For two years, the only person held responsible for any missing funds was Richard Benda, who according to our fearless AG shot himself in the stomach with a shotgun in a field because he'd embezzled $500,000.  

AND NOW FOR THE LATEST !!!  HEADLINE NEWS !!!

First of all, our own Attorney General, Marty ("I'm going to be running for governor in 2018, so I need to get something on paper") Jackley has FINALLY indicted Joop Bollen on five felony counts of violating SDCL 44-1-2, “unauthorized disposal of personal property subject to security interest.” In other words, Bollen used EB-5 money, transferred to his own private corporation, SDRC Inc., for his own personal purchases.   $300,000 here, $96,000 there, to a total of about $1.2 million. He sent some to Pyush Patel of Griffin, Georgia (who owns gas stations and has been participating in Bollen's corporation creationism since 2005), some Bollen just pocketed, and some (and this is my favorite part) Bollen spent on Egyptian artifacts from Christie's and the Harer Family Trust.

NOTE: Bollen, through his lawyers, claims he's being scapegoated.  Mr. Bollen is also free on an unsecured $2,500 bond. (That should make you spit your coffee out in shock:  let's face facts, you'd have to post a lot more money than that if you'd just robbed a casino and gotten only $200 bucks.)

NOTE WITH FACEPALM:  Nor has the Dutch born and raised Bollen been asked to surrender his passport.  Jackley said that “at this point” he “did not have concern” about the passport, “as long as we’re made aware of certain travel,” since Bollen has “significant ties financially to this community.” (Bollen Initial Appearance - dakotafreepress.com - once again, thanks Cory Heidelberger for GREAT coverage!)  Again, you'd have a rougher time of it if you'd robbed a casino and gotten only $200 bucks...

And here's the best part: Right now our fearless AG Jackley - who, as I said, for 2 years has blamed Richard Benda for any and all EB-5 problems - is now blaming the whole mess on (drum roll, please!) a lack of tough laws making conflict of interest a felony! Personally, I would have thought that our laws making embezzlement, fraud, etc., felonies would have been enough, but apparently not.  We need more.  So it's really all the South Dakota legislature's fault...

Oh, and one quick note about the Gear Up! scandal (6 people dead and counting) and the missing Westerhuis safe (The Chinese Are Coming). “I don’t know where that safe is at,” Jackley said. “I don’t know if it burned in the fire or if Scott Westerhuis took it out and threw it in the Missouri River.” (Jackley Conspiracy Theories, Argus Leader)  Feel free to insert obvious questions here:

 __________________________________________________________________________

Marty Jackley

Meanwhile, Mr. Jackley, having apparently solved everything about EB-5 and Gear Up! (except that pesky $118.5 million in EB-5 money, the pesky $4 million in Gear Up! money, and the pesky missing Westerhuis safe), is far more interested in investigating the destruction of the Flandreau Santee Sioux Tribe's marijuana crop in November (some of the burning was shown on television) after the tribe suspended plans to legalize marijuana on its reservation.

"I don’t think for a minute that they destroyed $1 million worth of marijuana. I don’t know where that went and it’s an open case. We never shut that case," Jackley said in an interview with Argus Leader Media. “We never got an opportunity to check what was destroyed." (Up in Smoke?)  

Priorities, priorities...

And now, repeat after me: "Life is always going to be stranger than fiction, because fiction has to be convincing, and life doesn't." Author Neil Gaiman.

Will keep you posted, from South Dakota, where we talk like Mayberry, act like Goodfellas, and the crazy just keeps on coming.

 

Barney Got a Gun

by Eve Fisher

I hope everyone had a Happy Easter, Good Passover, and other appropriate holiday.  Up here, one of our Easter Eggs held indictments - at last - for three in one of our South Dakota scandals - Gear Up!

(Wouldn't you know it, the cheap one, only a few million missing, whereas EB-5, with $120 million missing taxpayer dollars, is still blamed on the guy who supposedly shot himself in the stomach in a field while hunting...)  

But let us rejoice in small favors.  What happened was that our own Attorney General, Marty ("I'm going to be running for governor in 2018, so I need to get something on paper") Jackley held a press conference and announced that three, count 'em THREE people were responsible for aiding and abetting Scott and Nicole Westerhuis in their embezzlement and fraud.

Quick reprise:  Early in the morning of September 17, 2015, a fire destroyed the home of Scott and Nicole Westerhuis and their four children in Platte, South Dakota.  It was later declared ed by AG Marty Jackley that Scott Westerhuis shot his entire family, torched the house, and then shot himself. There is still the ongoing mystery of who called Nicole's cell phone in the middle of the night, right before the fire, and what happened to the safe that apparently got up on its hind legs and trotted out of the house before the carnage.

36705 279th Street, Platte, SD.
screen cap from Google Maps,
2015.09.22.

Further reprise:  Scott Westerhuis was the business manager of MCEC, the Mid Central Educational Cooperative, which is, among other things, a hub for distributing federal grand monies to other non-profit organizations, including Gear Up.  Nicole also worked there.  Scott Westerhuis set up as many as 7 non-profit corporations related to Indian education, including - but not limited to! -  the American Indian Institute for Innovation, a/ka AIII.  Scott Westerhuis was incorporator of all of these, CFO of some, including AIII, and his wife Nicole was business manager of at least some of them.  And the Westerhuis family lived on a $1.3 million rural Platte property that included a 7,600 square foot house, a $900,000 gym complete with basketball court, weight-lifting area, and computers, and a loft with a meeting room, rooms for guests, and a kitchen.  This was on an official combined MCEC salary of $130,549.82.

Okay, back to the news conference!  On March 16, 2016, Marty Jackley announced that he filed charges against and arrested: 

Daniel Mark Guericke, MCEC Executive: 2 counts of falsification of evidence, class 6 felony, punishable by up to 2 years imprisonment in the state penitentiary and/or $4,000 fine, 4 counts of conspiracy to offer forged or fraudulent evidence, class 5 felony, punishable as a Class 6 felony, with a maximum sentence of 2 years imprisonment and/or $4,000 fine.  Full transcript of complaint here: (PDF of Complaint filed)

Stephanie A. Hubers, Former MCEC interim business manager: 1 count of grand theft, class 4 felony, punishable by up to 10 years in the state penitentiary and/or $20,000 fine, 2 counts of grand theft by deception, class 4 felony, punishable by up to 10 years in the state penitentiary and/or $20,000 fine, 3 alternative counts of receiving stolen property, class 4 felony, punishable by up to 10 years in the state penitentiary and/or $20,000 fine.

Stacy Lee Phelps, Former AIII (see above)/GEAR UP operator: 2 counts of falsification of evidence, class 6 felony, punishable by up to 2 years imprisonment and/or $4,000 fine, 2 counts of conspiracy to offer forged or fraudulent evidence, class 5 felony, punishable as a Class 6 felony, with a maximum sentence of 2 years imprisonment and/or $4,000 fine.

NOTE:  Mr. Phelps' lawyer is mounting a vigorous defense, based on the idea that Mr. Phelps is a scapegoat.  Perhaps he is.  (If so, he should be thanking his lucky stars that he isn't lying in a field somewhere...)  

Among other things, Guericke, Phelps, the Westerhuises and “other unknown co-conspirators" were all accused of falsifying and backdating contracts, including those of 

• Dr. Rick Melmer, the Dean of Education of the University of South Dakota, who (memorably) couldn't remember nine $1,000 in payments live on South Dakota television, and 
• Keith Moore, Governor Mike Rounds' director of Indian education. 

So far, neither Dr. Melmer (who as Secretary of Education under Governor Mike Rounds, moved supervision of Gear Up from the DOE in Pierre to MCEC in Platte), nor Mr. Moore (who also received a good chunk of change), nor former Mid-Central board chairman Lloyd Persson (who actually signed the bogus contracts) have been indicted, and Jackley has indicated that they won't be.

Nor has anyone asked Secretary of Education Melody Schopp to resign, even though she let MCEC continue their interesting approach to funding for three years after she noticed that something smelled a little funny.  Apparently, they are still looking into at least two other MCEC staffers who (according to Hubers) blackmailed some money out of Westerhuis.  Cory Heidelberger suggests that Mr. Jackley look into the board members of the American Indian Institute for Innovation, which was, apparently, the hub of moving stolen money around.  And no one has mentioned my favorite, Dr. Joseph Graves, Mitchell, SD School Superintendent, who received money from the MCEC for teaching "Teaching American History" in a state that has made it optional.  

Also, we're down to only $1 million missing, instead of $14 million, but hey, it's still better than the EB-5 mess.  Right?  

Angela Kennecke, KELO-TV

Well, right now, we're all waiting for the other shoe to drop.

"Sources who have first-hand knowledge within the Department of Education tell KELO-LAND News there were questionable expenses involving GEAR UP grant money as early as 2006 that were brought to the attention of department officials."  Angela Kennecke, 3/23/16

What this means, in South Dakota speak, where no one ever admits anything is actually WRONG, is that there's something else coming.  Possibilities:

(1) People ('sources') know that more hell is about to break loose and are getting ready to get out from under it.

(2) It's possible that someone ('sources') in the higher-ups is authorizing a leak, which is the first step to a flood.

(3) They found the safe.  

Okay, the last one's HIGHLY unlikely.  And if they do find it, it'll probably just be full of pork.

And there's the recent news that "There have been several million dollars diverted out of school funding at Lower Brule [reservation] and as a result they had to go into restructuring which is a federal requirement when you have really low school performance. And so they hired AIII Stacey Phelps, which at the time was the head of AIII, and Scott Westerhuis was the COO. So they (Lower Brule) brought in AIII to manage Lower Brule schools and that had been going on for about two years."  (Thanks again, Cory Heidelberger and the Dakota Free Press!)  And people wonder why the Reservations up here are still in a world of financial hurt...

Anyway, that's the latest update from South Dakota, where we talk like Mayberry, act like Goodfellas, and the crazy just keeps on coming.