Claims by Joy Reids Cybersecurity Expert Fall Apart

MSNBC host Joy Reid claims that recently unearthed homophobic articles attributed to her are fakes. And she says a cybersecurity consultant has proof that her old blog has been hacked.

But that consultant, Jonathan Nichols, had trouble producing the promised evidence. And what he did produce failed to withstand scrutiny, according to a Daily Beast analysis. Blog posts that Nichols claimed do not appear on the Internet Archive are, in fact, there. The indicators of hacked posts dont bear out.

Last year, the AM Joy host apologized for a 2007 blog post in which she had mocked Floridas then-Republican Gov. Charlie Crist by referring to him as Miss Charlie and suggested that while on honeymoon with his wife, he secretly wanted to sleep with men.

Reid apologized on-air, suggesting she had evolved over a decade from those insensitive, tone-deaf and dumb remarks.

But Monday, media-news site Mediaite publishedusing screenshots taken from The Wayback Machines cached versions of Reids blogmore homophobic blog posts from the late aughts. In them, Reid appeared to crassly mock gay celebrities like Anderson Cooper and Clay Aiken, defend homophobia as intrinsic to straight people, declare that she wouldnt see Brokeback Mountain because of the gay sex scenes, and imply that gay advocacy groups prey upon impressionable teens. On Thursday, the Washington Free Beacon followed up by revealing another set of homophobic posts not previously reported by Mediaite.

Reida Daily Beast columnistdid not apologize this time around. Instead, she released a statement saying that In December I learned that an unknown, external party accessed and manipulated material from my now-defunct blog to include offensive and hateful references that are fabricated and run counter to my personal beliefs and ideology.

On Wednesday evening, Reids attorney announced that the FBI had opened an investigation into potential criminal activities surrounding several online accounts, including personal email and blog accounts, belonging to Joy-Ann Reid.

Reid said she hired Nichols, the cyber-security consultant, to investigate the alleged hacking of her compromised old blog. In a letter distributed by MSNBC, Nichols claimed he found significant evidence that a hacker breached Reids blog and planted the offensive posts. Some of the posts in question were made while Ms. Reid was on the radio hosting her show, Nichols wrote. Text and visual styling was inconsistent with her original entries. Additionally, he claimed that at least some of the screenshots distributed by the @Jamie_Maz Twitter account, where the posts were first surfaced this week, had been faked and never appeared on the blog at allsuggesting a two-pronged attack on Reids reputation.

We have both evidence of fraudulent posts and evidence of screenshot manipulation, Nichols told The Daily Beast on Wednesday.

Except, that wasnt quite so.

To support the screenshot forgery allegation, Nichols pointed to six images in the @Jamie_Maz Twitter timeline that he said were definitely not written by Reid nor posted by a hacker, but instead were outright fabricated images of posts that never appeared on the site. "The most obvious one was an instance whereits an easy one, it'll stick in your head [@Jamie_Maz] says Joy made statements about Eddie Murphy. It's obviously false, she never made that claim."

Nichols said those six posts are nowhere to be found in the Internet Archive. But that is not true.

Further searching on the Internet Archive turned up the posts for all six of the screenshots Nichols described as fakes, including the one about Eddie Murphy. The Internet Archives records indicate they were retrieved and stored between 2006 and 2009. And all six are exactly as they appear in the screenshots. A random check of other screenshots attributed to the blog produced the same result: none of the images are faked or doctored.

A closer look at the archived blog by The Daily Beast revealed an error in Nichols methodology. Nichols examined the content tags visible in the screenshots and compared them to an archived list of all the labels that were actually used on the blog. He found that the tags Gallup, gay and lesbian and Dan Abrams in three of the six screenshots did not appear in the catalog of labels.

Based on that evidence, Nichols had concluded that the screenshots could not be genuine. But in fact the tags in question were not Blogger.com labels, but rather tags linking to Technorati.com, a long-defunct blog-tracking site completely external to Reids blog publishing host site. Reid made an apples-to-oranges comparison and concluded that because the apples were not oranges, they must be fake.

Presented with that information on Thursday, Nichols acknowledged his error. Yeah I've become aware of some methodology issues, he wrote in an online chat. We are looking to resolve the discrepancy.

If, as it appears, the approximately 50 newly surfaced posts indeed appeared on Reids blog, that leaves Reids claim that they were posted by an imposter. To that point, Nichols said passwords used by Reid had been found in the wild on the dark web, where a hacker with a grudge against the MSNBC host might have found them.

A search on the breach-notification site Have I Been Pwned confirmed this: Reids email address, like millions of others, has turned up in batches of hacked and phished accounts over the yearseight batches in all, some of which contain user passwords. While six of the leaks postdate the disputed blog posts, the remaining two are of uncertain origin and timing. If Reid used the same password on Blogger and one of the websites that suffered a password leak, its conceivable that someone found it and used it to log into her blog back in 2005.

But Nichols could not provide any evidence suggesting this had occurred.

As described by Nichols, the conclusion that a hacker was posting on Reids blog rests primarily on two types of forensic clues within the disputed posts. First, he said, some of the allegedly planted posts contain punctuation choices and markup sharply different from Reids other posts. The Daily Beast compared scores of disputed and undisputed posts and could not discern any such anomalies. Pressed for specificswhich posts, which artifactsNichols said Wednesday that he did not have ready access to that information, but would provide it. Reached again on Thursday, he said he did not have any details to offer. I thought I did, he said We're kind of reevaluating as of yesterday."

The second giveaway, Nichols said, was in the date and time stamps of some of the posts. They indicated that the entries were posted in the middle of Reids live radio show. No one writes long soliloquies while they're on the radio, he said . It just doesn't happen." Reids lawyer made the same claim in a letter written last December that was made public this week. It would have been physically impossible for Ms. Reid to have made many of the posts. Some have dates and times when Ms. Reid was doing her radio show and could not have been blogging.

The Daily Beast asked Nichols to provide those posts on Wednesday, and the cyber-security consultant replied: I dont have that on hand. On Thursday Nichols passed on what he now says is the only example he has available. Dated Thursday, August 30, 2007, the post titled Is you is, or is you ain't gonna impeach? reads in its entirety: John Conyers talks a good game in front of a hometown crowd, but is he serious about keeping impeachment on the table?

The timestamp indicates the entry was posted at 7:14 a.m. Eastern time. The Daily Beast confirmed that the radio show Reid co-hosted in 2006 and 2007, Wake Up South Florida, aired weekdays from 6:00 to 10:00 a.m. No archive of the shows broadcasts from that era could be found online.

The contested post was followed by a longer blog post titled that went up at 8:10 a.m., also during the shows normal airing time. That posttitled The next war?contains 330 words of original writing discussing the prospect of war with Iran. Neither Reid, Nichols nor Reids attorney have so far contested its authenticity.

The presence of the second post seems to admit only two possibilities: the blog was hacked by someone with a well-considered view on US conflict with Iran, or Reid, whether on the air or not, was able to blog that morning.

Reid declined to comment for this story.

The only other specific evidence offered by Reids team came from attorney John Reichmann. In letters sent to Google and the Internet Archive last December, which MSNBC distributed to journalists this week, Reichmann claimed that the timestamps on many of the posts on Reids blog are too close together to be the work of a single blogger. The letters provide as the only example Reids 2006 live blogging of Samuel Alitos Supreme Court confirmation hearing, noting that Reid pushed short updates to the post at 10:18 a.m., 11:34 a.m. and 11:41 a.m.

The Blog, however, also shows a lengthy, fraudulent entry, 'Things people say when they're on the Fox News Channel,' supposedly posted right in the midst of this, at 11:28 a.m., wrote Reichmann. Ms. Reid did not have the superhuman blogging skills needed to do all of these posts simultaneously."

But the lengthy, fraudulent entry about Fox News Reichmann is referring to consisted of just two lines of original text, plus a copy-pasted quote. A check of CSPANs archive also shows that the post was made shortly after a fifteen-minute break in the hearing.

If there was a hack, it would have taken place years ago. The Internet Archives records show the disputed posts were mirrored by the Wayback Machine no later than 2009, and many of them were archived much earlier, some within hours of appearing on Reids blog. Reichmann, Reids attorney, explored the possibility last year that the posts were crafted more recently, and that someone inserted them into the Internet Archive with false dates. Reichmann contacted the non-profit in December to "demand that you provide us with the information needed to determine how the fraudulent posts came to be included in the archived posts.

But at least one of the entries was contemporaneously referenced on a completely different website. A February 6, 2007 post containing the line most straight guys (and women) do react with winces at the sight of two men kissing on the lips drew a comment on the Democratic Underground forum the same day: Oh, Reidblog… why, why why

Today Nichols says Reid and her team no longer believe the archive was hacked, and the Internet Archive has denied any such manipulation could have occurred. We found nothing to indicate tampering or hacking of the Wayback Machine versions, an archiver for the site said in a statement.

That means the supposed hacker was posting alongside Reid for years. According to Reichmann, that even included inserting updates in Reids live blog of the Alito hearing in January 2006. Reichmann claimed that the hacker was responsible for two consecutive updates sandwiched between Reids legitimate ones. The updates report that Republican Sen. Orrin Hatch was using his questioning time to metaphorically fellate the judge. Oh, look, Orrin Hatch is putting on his Supreme Court knee pads to save Alito, one line read. The posts title, which Reichmann says the hacker changed, was Brokeback Committee Room, another reference to the film about gay lovers. All the contested material in the post is present in the earliest archived copy, which was captured the day after the hearing.

All of this alleged hacking apparently went unnoticed at the time by Reid.

Thats an extraordinary claim, and so far the bits and pieces of evidence offered for it have not stood up to scrutiny when theyve been specific enough to test. If she wasnt hacked, it doesn't necessarily follow that Reid is lying. Her decision to hire a security consultant to investigate the posts, and a lawyer to demand the access logs for her blog account, suggests she genuinely believes at least some of the posts were planted. After twelve years and tens of thousands of written words, Reid simply may not remember.

Its possible that in the end Reid will discover her adversary isnt a determined hacker, but a far more dogged foe: The Joy-Ann Reid of years past, writing in a voice she can no longer recognize as her own.

with additional reporting by Andrew Kirell and Maxwell Tani.

Read more: https://www.thedailybeast.com/claims-by-joy-reids-cybersecurity-expert-fall-apart