Turkey opted out of the Western sanctions regime after the 2022 invasion of Ukraine. Ankara specifically opposed measures against Russian billionaires, while it takes Russian energy imports from them and coddles them as tourists. That’s why today a Russian yacht in Bodrum benefits from NATO territory, yet cannot be seized, unlike the vessels we have seen detained in Spain, France, Gibraltar and Fiji. Abramovich immediately after invasion moved his Eclipse to Marmaris and Solaris to Bodrum and Turkey has continuously protected him against sanctions.
Vёrstka now reports on Telegram that the superyachts of at least six sanctioned or sanctions-adjacent billionaires are converging within a day’s sail of Putin’s Victoria. The Russian elites are fleeing the war by summering together in the only Mediterranean jurisdiction with superyacht facilities on their side. Renamed vessels, reflagged registrations are how Turkish marinas are sponging up the berthing fees: Deripaska’s Altair arrived as new, although it had sailed these waters in 2022 as Clio, while Makhmudov’s Predator returns.
This week the Ukrainian SBU struck two Russian shadow fleet tankers in daytime attacks off the Russian coast near Novorossiysk and Sochi, with multiple drones ramming the hulls. That is the water the Victoria just vacated in a hurry. Ukraine has been hitting civilian-flagged vessels tied to the war economy, in Russian home waters, in daylight. The stationary 71-meter superyacht of Putin’s family is a lumbering, undefended, maximally symbolic target.
Turkey’s support of Russia has thus doubled. In 2022 it was legal protection against Western seizure. In 2026 it is also physical protection.
I was thinking about doing a Cold War themed conference for cyber security, to infuse more NatSec, but now I’m thinking of starting a conference called Empty Hat, which is focused on examples of integrity breaches.
Based on my earlier post about the BMI I have been asked to turn in an analysis on a recent podcast. It turned out to be a recurring podcast segment, published June 30, 2026, in which two colleagues seem to know each other so well they forgo introductions when they discuss whether signals intelligence agencies should oversee “cyber forces”.
One of the two put forward a thesis, that a collection-first culture subordinates action to access (puts knowledge before execution) and therefore forfeits attack opportunities. The remedy stated is a separate organization, with its own culture and a mandate to act.
On the face of it, the thesis assumes lack of fire discipline (shoot first ask questions later) or relentless bombing has ever worked, which is a tell worth remembering, but I’m getting ahead of my historian self. His authority was presented as “so from my PhD dissertation,” at minute nineteen. That’s the second tell. Self-reference to invisible pants of a soon-to-be emperor. The dissertation is not named, no institution or supervisor is mentioned, and it cannot be located or checked. Then the other person on the podcast spent roughly forty minutes repeatedly asking what this proposed unaccountable organization would do. Perhaps I shouldn’t say unaccountable, but the premise of execution without intelligence gathering is like we used to observe about some people down range: fire, ready, aim!
The format of the podcast struck me as overly casual, as if to fiat the conclusions that had no business being concluded. A conversation between colleagues bypasses adversarial or independent framing, so a self-citation to an unnamed dissertation of unknown status is floated without any resistance. The speaker does identify himself elsewhere, in a social media biography, as a PhD researcher in a war studies department in London. That affiliation is self-attested under a pseudonym, so a supervisor remains unnamed, enrollment unconfirmed, and the draft of a dissertation cannot be retrieved even in principle, since any registration would sit under a legal name disconnected from the presentation of the work. Academic citation exists to let a reader walk a claim back to an examinable document. The podcast citation is constructed as mythical unexamined rhetoric to hold over scholarly work.
The segment timing is notable, and perhaps why I was asked to look at it, because BMI published its 691-page Referentenentwurf five days later, and because the argument made in it is the argument that underlies that huge draft. The podcast essentially presents the same or similar errors without statutory language. Both proceed in the same order: powers are asserted first, while the opportunity for the powers remains unspecified, and assess/audit/review is treated as a messy “inefficient” obstacle rather than a control. I mean literally. People who work in a control industry, arguing that representative controls are a waste of time and money, should perhaps lose their license to “lead” the discussion of controls. To me it rings like a doctor saying a license and board impede their need for aggressive measures on patients. And that’s not an exaggerated metaphor, given how German healthcare workers turn up murdering the people put in their care, using defenses relevant to this topic.
Where the informal format of the podcast fails at reasoning and history is therefore a reasonable guide to where the statutory version fails as well in Germany right now.
The thesis is collapsed
The thesis starts out bold. It is introduced as an organizational claim, that SIGINT is the wrong place. Under questioning it softened into a claim about mindset, and then finally was reduced to the proposition that effects “need to be someone’s job.”
Indeed.
The last formulation requires no reorganization and no new agency, and offers nothing a policymaker could adopt or a critic could refute. What remains constant through the retreat is the attempt to push a foregone conclusion; while the support changes like shifting sands. This is the inversion of how reasoning is supposed to work.
The support even falls into making up a coined vocabulary (“Collection Terminal” against “Actions Terminal”), a single example allegedly in the speaker’s own unnamed dissertation, and two cited authorities, cyber persistence theory and the UK’s responsible-cyber paper. Is “responsible-cyber” really supposed to be referenced in a thesis to reduce responsibility? When his colleague asked what effects would actually deliver, the answer was that this is someone else’s problem. When asked to name the opportunities being forfeited, the answer was that they are unknowable. When asked for a working model, the answer was the UK National Cyber Force, referred to in the segment as the “Notional Cyberforce.”
The history portion of the podcast was even worse. Four references were offered in support, all of which had serious errors. The CIA operation in Iran was called “54” and described as a revolution. Wrong. It was in 1953, a coup against Mossadegh, twenty-six years before the revolution. Darius the Great was messily implied to have “tried to invade”, apparently meaning Persia, yet he ruled Persia and invaded Greece. The parent service of SOE, called out as the “Special Intelligence Service,” was actually the Secret Intelligence Service; the Special Intelligence Service was a completely other thing, an FBI unit covering Latin America from 1940 to 1947. Stuxnet gets described as making Iranian engineers “believe that their equations were wrong,” yet it was feeding them evidence that their equations were right. It drove centrifuges outside a safe operating range while recorded readings were played in the control room. An argument that misstates facts, stuff like this easily checked, invites the question whether claims beyond it are similarly mistaken.
The thesis isn’t new
Two countries are named as having separated cyber from signals intelligence. Hold on to your hat. They are… wait for it… the United States, where Cyber Command grew out of the NSA, and the United Kingdom, where the National Cyber Force was split out of GCHQ. These are known as the two most capable Western cyber powers, which sits very awkwardly with a thesis holding that SIGINT custody is the wrong arrangement. The most capable are the most wrong? The difficulty deepens near the end of the segment, when it is conceded that the NCF has produced nothing visible in years. These two admissions together cannot both help the argument. If the separations were genuine, the silence of the separated organization removes the promised payoff; if they were not, the evidence for separation evaporates. Arguing a logical inconsistency like this should be the kind of thing a podcast interviewer jumps on. You can’t say the thing that works is the proof that it doesn’t work.
The thesis admits success is from collection agencies
And on that note, the operations that are given approval in the podcast were produced inside the collection agencies that it criticizes. Stuxnet came from the NSA and Unit 8200, and the disruption of malware developers that the segment praises was run by the Australian Signals Directorate. Since the claim is that collection-first organizations are structurally incapable of such work, these examples do not merely weaken it; they falsify it.
Stick a fork in this thesis. It’s over. Done. Toast.
A fallback is offered, to be fair, that SIGINT agencies act rarely and never organically. But let’s be honest that a claim about capacity doesn’t get to come out of a claim about frequency. The frequency is a matter of tasking, not organizational design. The rareness might be because ready, aim, fire means wasting fewer bullets?
The ASD case is more damaging still. The colleague observed that the operation was politically directed, a priority arriving from above and an operation built to meet it, and the speaker agreed. The thesis being argued requires effects to emerge organically from cyber-native culture. And yet the one democratic example offered arrived through precisely the requirements process that the thesis describes as inadequate.
The thesis rails on
The dissertation’s thought experiment places Ukraine inside the Russian rail network, where wiping the system would buy roughly eight hours of disruption at the cost of continuing insight into troop movements, a trade the segment describes as plainly bad. That judgment is the collection-first equities calculation, applied correctly, in defense of the position that the thesis opposes. The alternative proposed, subtle misrouting designed to resemble error while preserving access, is patient, deniable, access-preserving tradecraft of the kind a collection culture teaches. The equities calculation also brings us right back to the BMI draft: the human review stops a bad aim before it fires, and it is the step the draft throws away for “efficiency”. Fire, ready, aim being automated is as bad as it sounds, an automated anti-aircraft gun in 2007 emptying its twin 250-round magazines in 30 seconds of friendly fire, faster than humans could stop it from killing them.
Source: My RSA Conference 2023 talk (on the 2007 Lohatla incident)
The claims against the thesis
Each row below is an empty hat claim made to support the thesis, set against the record it contradicts. The segment is public and the recording has a lot of “thought leader” juice generating clicks; it goes unnamed here because the argument is the focus, regardless of the arguer.
Time
The claim
The problem
0:49
Housing cyber inside a SIGINT organization is “just not the right place.”
The only two countries named as separators, the US and UK, are the most capable Western cyber powers. The provided evidence favors the thesis being rejected.
3:49
The collection-first secrecy instinct is “the wrong mentality to have for cyber.”
Hard targets are immediately exempted, and hard targets are where most of the intelligence value lies, so the exception covers most of the field.
4:27
The SIGINT mindset “subordinates action to collection.”
The claim is presented as structural incapacity and later reduced to one about frequency, and frequency is set by tasking rather than by organizational design.
8:11
The CIA in Iran, “was it 54,” framed as the Iranian Revolution.
Operation Ajax against Mossadegh took place in 1953 and was a coup; the Iranian Revolution came in 1979.
9:01
“Ever since Darius the Great tried to invade, we’ve always been at war with Persia.”
Darius ruled Persia and invaded Greece; as spoken, the sentence has the Persian king invading his own empire.
14:08
Stuxnet, the “fast 16 malware,” made engineers “believe that their equations were wrong.”
Stuxnet drove centrifuges outside their safe speed range to break the rotors while replaying recorded normal readings to the control room; the machines failed visibly and what was concealed was the cause.
17:51
SOE was born because “the SIS, which is the Special Intelligence Service.”
SIS is the Secret Intelligence Service; the Special Intelligence Service was the FBI’s Latin America arm from 1940 to 1947.
18:41
SOE was aggressive, then “they disbanded in 1946.”
The example demonstrates the pattern being argued against, in which democracies raise such organizations for existential war and dismantle them at peace.
18:58
SOE operated in an “existential war,” conceded, and today’s stakes are lower.
Whether present conditions resemble an existential war closely enough to justify an SOE is the question at issue, and it is settled here by assertion.
20:39
Wiping Russian rail buys only “eight hours on a Wednesday” and burns your access.
This is the equities calculation the thesis was constructed to reject, applied correctly in its support.
25:50
Cyber persistence theory says the domain is “initiative advantaged,” so you must act.
Persistent engagement describes continuous contact across the full spectrum of operations; collection and defend-forward also seize initiative, and the reading collapses initiative into effects.
28:16
“80% of all incidents” start with credential theft, so access is cheap and replaceable.
If access is cheap and replaceable, the equities conflict on which the thesis rests disappears, since a collection organization could reacquire access after acting.
33:07
An effects-requirements process fails because you cannot “prioritize the unknowable.”
The objection applies equally to the thesis itself, since a space that cannot be characterized cannot be asserted to be large and squandered.
35:27
How to build and run all this is “someone else’s problem. I wouldn’t know how to do that.”
Asked four times what the proposed organization would produce, the speaker offers no answer.
38:48
Friends call the National Cyber Force the “Notional Cyberforce.”
The single existing instance of the proposed model has, by this account, no output to show.
The thesis as law
The standard all of these arguments should meet is a triad: named actors, specific mechanisms, and verifiable claims. And yet the segment, trying to glue support to a thesis, meets none of it. The one organization that is operating on the proposed model is described as notional. The actual mechanism is declared to be someone else’s problem. Every claim is built into a disinformation smorgasbord, laid out so that no observation counts against them. The effects produced by SIGINT are declared evidence that it could do more, while effects not produced are declared evidence of suppression.
The Referentenentwurf meets the triad, which is what makes it the more serious document. Its actors are named, the BfV and the BND. Its mechanisms are specific, automated countermeasures under the new § 25 Absatz 6 and a domestic deception charter under § 60 Absatz 2 Nummer 1 Buchstabe c. Its claims sit in the hefty 691 pages of text that anyone can read.
What the papers do not contain is any citation for the model being proposed, just like the thesis in the podcast. Nothing. Not Australia, not the Australian Signals Directorate, not the National Cyber Force, not GCHQ, not Cyber Command, not persistent engagement, not even the responsible-cyber paper. There are exactly zero occurrences in 691 pages.
The draft does look at other countries, but only when it wants to loosen the rules. When the authors want to weaken the wall between spying and police action, they point out that Austria, Sweden, and the American FBI run combined agencies. When they want less independent checking of collected data, they cite a survey of nine European states showing none require it in full. When the topic is the oversight body’s public report, a harmless transparency exercise, they cite the Netherlands and the United Kingdom as models. Every foreign example in the draft argues for fewer controls. Not one argues for the new powers.
And the new powers get almost nothing. The automated hackback authority cites a single source: a European regulation on artificial intelligence, from which the draft borrows some quality language while stating, in the same breath, that the regulation does not apply here. The power to spread false information cites nothing at all. So Germany has written itself an offensive cyber doctrine without referencing a single country that has actually run one, and those countries are the only place the hard answers could have come from: how often automated systems hit the wrong target, and what happens to bystanders when they do.
The draft is missing the same answers the podcast was missing, and reading both side by side suggests why: there was never a source behind either.
The podcast speaker could not say what these operations achieve. A German draft grants the power to run them anyway, with no analysis of how often they would fail. The speaker called the opportunities unknowable. The draft lets a machine act on them automatically, with a human checking only afterward, when damage is done and the action cannot be taken back. This violates the one source the draft cites: the same European regulation it borrows quality language from requires, in its human-oversight article, that a person be able to intervene in or interrupt an automated system. The draft quotes the regulation’s standards and deletes its stop button.
The podcast kept treating representation and review as an obstacle to executive powers. The German draft shrinks three independent watchdogs into one, and lets an agency chief postpone even that one’s approval simply by declaring the matter urgent. To put self-certification in proper context, alongside state-level political mythology, here is the current head of the BMI handling a single checkable number in public.
Presenting the 2024 Verfassungsschutzbericht in June 2025, Dobrindt claimed “violent left-wing extremists are rising significantly to 11,200.” The report he was presenting said the number was unchanged from the prior year, flat at exactly 11,200, which is visible on the chart he is holding.
Every hole in the podcast’s argument shows up again as the same hole in this nation’s draft law.
Coincidence of timing, probably. Convergence of thinking, demonstrably.
The one good moment in the podcast, when a human looked at a proposed attack and said the trade is not worth it, is precisely the step the draft deletes.
An argument that could never describe what it was for is now on its way to becoming law, and enacting it without the analysis it never contained is what I would argue is a grave mistake on the road to regret.
In William K. Clifford’s “The Ethics of Belief” (1877) he argues it is wrong (morally, not just intellectually) “always, everywhere, and for anyone, to believe anything upon insufficient evidence.” His example is a shipowner who talks himself into believing his ship seaworthy without inspecting it and sends emigrants to sea; the ship sinks, and Clifford’s verdict is that the sincerity of the belief excuses nothing, because he had no right to believe on the evidence before him.
Map that onto § 25 Absatz 6: a state acting automatically on unexamined conviction, with the inspection step deleted by statute. And the shipowner is not only a parable. American law codified him long ago as seaman’s manslaughter, which convicts on simple negligence, and its most recent famous conviction turned on a captain who failed to post the night watch, so a fire spread undetected while thirty-four people slept.
Dozens died trapped inside a burning vessel less than 100ft from the California shore, after the captain failed to post the required night watch. Nobody was watching, so nobody could stop it.
The deleted human watch was the crime.
Germany’s draft proposes it as policy.
The podcast and the draft law are Clifford’s infamous shipowner as cyber, at machine speed.
Believing without evidence is malpractice, if you will, especially in the country where yet another healthcare worker has just been sentenced for serial murder of patients.
He told the court he had convinced himself that he was doing the right thing, sparing them “suffering and infirmity”.
“Throughout it all, I thought this was the best thing for everyone,” he said.
That is Clifford’s shipowner speaking: sincere, convinced, and guilty of murder. The sincerity of a belief excuses nothing when there was no right to hold it. Clifford’s shipowner skipped the inspection; the German draft writes the skipped inspection into law after the podcast advocated for exactly that.
Welcome to the first declaration of Empty Hat. Hope to see you there.
A luxury yacht of Putin’s, exposed by Alexei Navalny’s team six months before he was poisoned to death in an Arctic prison, is being evacuated.
The apparent decision to move the yacht north [to the Northern Fleet’s main naval base at Severomorsk in the Kola Bay] is believed to be driven by concerns that Ukrainian drones could target the vessel while it is berthed either in Kaliningrad or near St Petersburg. Ukrainian drones have in recent weeks struck the strategically important Russian naval base at Kronstadt and several oil terminals in the area.
As it sailed along the Norwegian coast, Kosatka (or Graceful) was escorted by the Northern Fleet’s anti-submarine destroyer Severomorsk and the newly commissioned special patrol vessel Voevoda, whose name translates as “warlord”.
Graceful is the second Putin-linked yacht to leave European waters, given the Victoria departed the Black Sea for Bodrum on June 30. The Graceful transited Danish straits with anti-drone netting covering its decks, revealing the fear Putin’s “luxury” floats on now while his country burns around him.
As a life-long sailor, with extensive open water experience, let me try to explain why the Russian sabotage of sea cables is obvious. This is a story about large ships that “accidentally” drag an anchor across undersea cables, in the same way a large truck could “accidentally” run over a Volkswagen and drag it 100 miles.
On 11 May 1898, crews from the cruiser Marblehead and gunboat Nashville set out in two steam launches and two working launches to drag for and sever two telegraph cables running out of Cienfuegos.
The story today comes from a particular tanker called the Eagle S, taken to court over dragging its anchor. On a tanker of its size, anchor and chain together weigh roughly 100 metric tons. Dragging that load demands extra sustained engine power and generates continuous noise through the chain into the hull. The anchor mass and leverage, even swinging free undersea, works erratically against the rudder control and bleeds speed. Prosecutors in court argued that the Eagle S had all these signatures: they experienced falling speed and engine RPM. The crew came up with no plausible excuse to miss these factors. Even more to the point, fuel consumption is an unavoidable concern and anchor drag raises fuel consumption dramatically. On a shadow-fleet voyage that loss is a dominant variable always monitored.
The Eagle S ran one defense in court: the crew never knew the anchor was down, blamed it on winch failure made worse by weather. Basic physics make their claim impossible to believe, and the court did not let it float.
The more annoying line did not come from the ship at all. It came from a European official giving a strange excuse to The Record why drags like this could be an accident: an incompetent master knows the anchor is dragging and will not send crew onto an exposed foredeck in a storm to weigh it. A life-saving heroic decision. On a shadow fleet oil tanker. With disposable crew.
Are you f$%R#%ng kidding me?
The danger of the official European line is what it tries to drop on the unsuspecting reader. It concedes damage was noticed on board, concedes damage was unwanted, and then blames it all on a concern for human safety. They are weaponizing crew welfare on the least maintained, least caring vessels in the world. A tanker arguing they had an accident “because of how much we care about life” is a cynical joke.
Look at it like this: Swedish investigators have reconstructed an incident from the Vezhen ship’s voyage recorder and onboard video. They reported how three independent securing devices held an anchor, with two inoperative for some time. When the last one failed from a wave strike during a storm, the physics described above started to impact the ship. The Swedes say the autopilot compensated for the heavy yaw, and no alarm sounded. Sweden called it an accident of weather, mechanical failure, and poor seamanship. The accident was linked to a lack of care, where safeguards were failing and then gone, buried by ongoing negligence. That’s at least plausible.
The “we cared so much we didn’t care” is absurd on its face.
Now look at it like this: Dragged anchors account for about 30 percent of cable faults worldwide. It’s a thing we have a lot of data on already. A 2008 incident saw a ship drag anchor 180 miles across six cables. That sucked. A single long accidental drag is plausible, but it’s outside the norm because it’s negligent and counter to the variables the captain’s care about like fuel consumption (drag and direction). That’s why five cable drags in just eighteen months in one very particular sea of interest to Moscow is not plausible.
There is an expected baseline near 0.6 per year. One analyst put the observed cluster of five incidents at a once-in-108,000-years coincidence. Any attempt to look at these clustered anchor drags as isolated accidents is ignoring that they are collectively impossible. That’s what makes the “we cared about crew” so much worse as a defense. The high rate cluster isn’t an accident, and neither is “we cared”.
The legal record explains why cause becomes somewhat irrelevant to the undersea cable threat. The Helsinki court did not find the Eagle S crew innocent. It classified the event as an incident of navigation under UNCLOS Article 97 and assigned jurisdiction to the ship’s flag state. The damage fell inside Finland’s exclusive economic zone but outside its territorial sea, which stopped prosecution. Anchor-dragging is indistinguishable from negligence by official accounts, and the coastal-state had to admit incidents are outside their reach.
The Fitburg case gives us a comparison to weigh, because it was caught in the act and inside territorial waters. Their anchor was already damaged before the 130-kilometer drag. Prosecutors allege eight further cables were targeted before the ship was stopped. The coast guard intercepted it in the act, anchor still down, moving from the Estonian into the Finnish zone. Its case proceeds because it had two technical legal conditions the Eagle S did not.
The bottom line is that sailors could understand how incompetence such as lack of care accounts for any one ship in a storm. What does not add up is the regular sequence that indicates someone cares.
The persistence of the accident framing is the thing that dismisses the accident framing. Leaving these cases as unresolved only serves Moscow, which runs its flimsy deniability. European governments apparently want to avoid calling out that there has been a sustained campaign against their infrastructure, and it’s unclear why.
a blog about the poetry of information security, since 1995