The WikiLeaks Deterrent Theory, AKA the Arbitrary Official Secrets Act
Three outlets yesterday — first the WaPo, then CNN, then NYT — reported that DOJ is considering charges against Julian Assange and WikiLeaks. The discussion of what charges, and for what leaks, differs between the reports.
While mentioning the Vault 7 leaks, WaPo also focuses on Chelsea Manning’s leaks and Assange’s discussions about how to gain access.
In March, WikiLeaks published thousands of files revealing secret cyber-tools used by the CIA to convert cellphones, televisions and other ordinary devices into implements of espionage. The FBI has made significant progress in the investigation of the leak, narrowing the list of possible suspects, officials said. The officials did not describe WikiLeaks’ exact role in the case beyond publishing the tools.
Prosecutors are also reexamining the leaks from Chelsea Manning, the Army soldier who was convicted in 2013 of revealing sensitive diplomatic cables. Manning chatted with Assange about a technique to crack a password so Manning could log on to a computer anonymously, and that conversation, which came up during Manning’s court-martial, could be used as evidence that WikiLeaks went beyond the role of publisher or journalist.
Alexa O’Brien tweeted out some thoughts and links to what any further prosecution of the Manning leak might entail.
CNN, which is the most certain charges have already been drawn up, explains that DOJ believes WikiLeaks’ actions changed in nature with Edward Snowden.
The US view of WikiLeaks and Assange began to change after investigators found what they believe was proof that WikiLeaks played an active role in helping Edward Snowden, a former NSA analyst, disclose a massive cache of classified documents.
I think that may be demonstrably true of Sarah Harrison, who helped a fugitive escape. But I’m not sure the US has equally compelling evidence against Assange.
Perhaps the most interesting discussion comes from NYT, which discusses the ongoing debate — with “senior Justice Department officials … pressuring prosecutors” over what is realistic and what authorities actually want, which is an Espionage conviction.
The official, speaking on the condition of anonymity because the details of the discussions remain secret, said senior Justice Department officials had been pressuring prosecutors in the Eastern District of Virginia to outline an array of possible charges against Mr. Assange.
But the official said prosecutors remained skeptical that they could pursue the most serious charges, of espionage, with regard to the documents Mr. Assange disclosed years ago with the help of an Army intelligence analyst, Chelsea Manning. Ms. Manning was convicted and sent to prison, but President Barack Obama commuted her sentence in January.
Given how few people Trump has confirmed into positions in government, these outlets should be a bit more descriptive. In that passage, for example, and the following from WaPo, what does “senior justice department official” mean when US Attorney Dana Boente is (as I’ve noted but none of these stories do) also acting DAG and acting AG for any Russia-related charges.
Prosecutors in recent weeks have been drafting a memo that contemplates charges against members of the WikiLeaks organization, possibly including conspiracy, theft of government property or violating the Espionage Act, officials said. The memo, though, is not complete, and any charges against members of WikiLeaks, including founder Julian Assange, would need approval from the highest levels of the Justice Department.
Would Boente be approving charges filed under Boente’s name?
Though that may not matter. Rod Rosenstein, who will become DAG shortly, has himself pursued excessive charges in leak cases, both against Thomas Drake and Hal Martin.
Perhaps the most interesting claim is that the FBI thought indicting Assange — who likely won’t be prosecuted in any case unless Ecuador suddenly changes their mind about their house guest — would provide some kind of deterrent effect.
Officials have said that the F.B.I. supports prosecuting Mr. Assange. Several years ago, the agency sent a series of documents to the Justice Department outlining charges that investigators claimed to have evidence to support. At the time, F.B.I. counterintelligence agents believed that charging Mr. Assange would deter him from posting new troves of American documents.
I think you’d have to be daft to think prosecuting Assange would deter him from posting more, assuming this happened while he was in the Ecuadoran Embassy. Prosecuting him would only mean he’d have less to lose — and, frankly, more reason to post things that might please America’s adversaries, like Russia.
But it might serve as deterrence for other publishing outlets that aren’t holing up in an Embassy. Short of some really distinguishing actions (and Harrison’s might amount to that in the Snowden case), indicting Assange would put everyone else with a SecureDrop on notice that they, too, might be prosecuted. Surely, DOJ would pick and choose who gets prosecuted. They might choose other easily easily targeted people — people who are gay, people who no longer live in this country, people who have too many dogs — to similarly make examples of (though pity the fool that challenges Glenn Greenwald’s First Amendment rights.
DOJ wants to start cutting away at the First Amendment. All the better for them, if in the name of prosecutorial discretion, Jeff Sessions’ DOJ could pick and choose which publishers’ speech gets curtailed.
Sessions is a mortal menace to The Constitution.
[Marcy, the “Alexa O’Brien” link above is incorrect.]
OT?:
Note, like Cogent outage months ago, the pattern is the same, heavy problems between NY and DC.
http://downdetector.com/status/level3/map/
Level3 is notorious for ‘outage issues’ for years now. They have had lots of excuses.
At this point, I believe that after years of these problems, it can no longer be due to incompetence, it must be intentional.
And why would that be?
Intel. Force traffic to different paths. Cell.
(maybe trying to catch another Friday SB dump?)
EW, I assume you’ve seen the list of charges from the 2015 article linked in a recent WL tweet: https://wikileaks.org/google-warrant/press.html
It seems the prosecution intention & strategy might not be so novel as implied by recent reports you cite? (Or, more likely, my grasp of legal matters is too loose?)
OT: The main target of one of the SB tooldump exploits (SMB, port 445) may be you if you are in US. By far.
https://mobile.twitter.com/belowzeroday
P,S. Make sure you upgrade CPanel.
There’s an issue as to how the Espionage Act can extend to a situation where all activities conducted by a non-U.S. citizen all occurred outside U.S. territory.
AFAIK, there’s only one opinion ‘out there’ to the effect that it can – or might: Federal District Court Judge David S. Nelson, a Carter appointee rendered it in 1975, in response to a pre-trial motion for dismissal by an East German physicist named Alfred Zehe.
Some may recall this got dredged up during the Senate confirmation hearing on Robert Mueller’s first nomination to head the FBI: http://www.bostonphoenix.com/boston/news_features/this_just_in/documents/01710021.htm
AOT:
1. that suggests Boente at the very least would have to be considering some sort of creative drafting for a U.S. indictment to extend to Aussie citizen Assange; and
2. I’d be concerned that said ‘creativity’ might well extend to an effort to compel Chelsea Manning into being a witness – which could hold implications for Manning’s release from federal custody.
Indeed, it wouldn’t shock me if #2 turned out the near-term goal.
If you have used Oracle On Windows (or likely Solaris) in the not so recent past, you should assume all critical data has been exfiltrated.
https://blog.comae.io/passfreely-oracle-swift-at-risk-eb6886908227
What happens when you send a zero-day to a bank.
[Apparently, nada. And the donuts are not free. Even if you just visit a webpage.]
https://privacylog.blogspot.fr/2017/04/what-happens-when-you-send-zero-day-to.html?m=1
“If you have made any transaction with ZECCO / Trade King / Penson between 2005 and present you may wish to contact an attorney to understand if that transaction was made without your permission and under the gross negligence of the company’s management.”
@Avattoir, if hack attacks are physically against US-based servers, for example, not sure being outside US makes a difference, but I’m not a lawyer or Espionage Act expert.
Start with this:
A. A foreign national is per se NOT ‘betraying’ or ‘committing treason against’ her or his own country by doing things that are illegal in some country other than her or his own.
Next, consider the fact situation in Zehe, and what the USG alleged in an effort to get ’round it:
B. Zehe was an East German national, residing in Mexico, employed as an adjunct academic by a Mexican university, attending on his own government’s embassy in response to a request by his own government, to review some documents on an area within his technical expertise.
Now add in this:
C. Zehe’s own evidence, never contradicted, was that he reviewed the documents, then told his government’s representatives that they were “outdated”, left the embassy without taking any of the documents with him, and returned to his job at the Mexican university.
Now add in this:
D. The documents were bogus to start with: part of an entrapment scam. The scheme was to have undercover USG agents put out for sale some supposed “classified secret” USG technical information, in hopes of entrapping foreign spies. Part of the scheme involved using as bait information that was much too technical to be accurately appreciated by anyone without a particular level of expertise. The information chosen to this end was not even classified, just dense.
Then this:
E. Having nabbed Zehe on his attending a conference in Boston, they indicted him on an “attempt” to commit conspiracy to breach the Espionage Act.
And finally:
F. Zehe’s attorney described his client being in indefinite custody, and Mueller for the USG proceeding to sweeten the pot by claiming that if Zehe were denounce his East German citizenship in favor of American citizenship, he’d be granted that speedily and then the charge that had Zehe in limbo would be dealt with expeditiously by a plea reduction deal to a perfunctory charge for a basically nominal period of time.
Now do you see the concern?
What you’ve raised is an example of exactly the sort of bogusity I raised in my first comment: a creative way to jump the shark.
I’m surprised that some people still don’t seem to understand that WikiLeaks is a publisher not a hacker organization.
This whole series of events and reports about WikiLeaks and Assange seem to be mostly boilerplate and rhetoric produced to sooth the beast in many powerful people who cannot stand the fact that Assange has done nothing illegal and his published leaks are protected in the US and by the US Constitution. They need to appear to be doing something, anything to close the giant hole in their security that continues to look like a library checkout desk.
Use LibreOffice if possible. Avoid those twisty roads. Insecure by design.
https://labs.mwrinfosecurity.com/blog/add-in-opportunities-for-office-persistence/
The described persistence techniques were tested with Office 2013 running on Windows 7, 8.1 and 10.
Key to the work by Kostas and others on persistence using Office templates was the concept of “Trusted Locations”. Files located here containing VBA code are not subject to the standard restrictions imposed by the macro settings, and the code will be executed without warning even if macros are disabled. Further research, however, found that certain trusted locations to which a typical standard user has write privileges could also be used to host DLL-based add-ins.
Windows Insecure by design for two decades.
(Memo to researchers of SB dump – look for WLL)
From the link above:
Further investigation of this “StartUp” trusted location found that it could host “Word Add-Ins” of a “*.wll” extension. This is an archaic extension dating back to the days of Word 97 but appears to still be supported, and there’s little documentation on how to actually create such a file. After some research it was identified that a “*.wll” file is essentially a DLL with additional “Office-specific extensions”. This means it supports basic DLL functionality, and therefore you can just rename a “*.dll” to a “*.wll”, put it in the “StartUp” trusted location which defaults to a location within the user’s home directory, and get arbitrary code execution when Word starts, all from a low privileged user.
[Combine with recent SB tooldump]
[Rename works both ways]
Some dots: FinFisher and FlexiSpy
https://motherboard.vice.com/en_us/article/meet-flexispy-the-company-getting-rich-selling-stalkerware-to-jealous-lovers
>>”DOJ is considering charges”<<
“Considering Charges” means nothing. “Considering Charges” in Media means “RED HERRING”, and another Media flap, flutter and flurry of blah-blah and blathering.
In Law, until actual charges are actually put forward, in an indictment or legal allegation and summons, there is nothing. Courts do not (or, today we may need to say, ‘may not legally’) deal in speculations. Courts require concrete allegations in written forms to be filed to provide the court actual matter to address as an actual case and matter at law. Without that thee is nothing before the court, or in the court, which means there is nothing. In cases like the “Assange Indictment” matter (as of April 22, 2017) there is nothing but moving air and electronic-signal ‘snow’.
It is not unlikely that ones with interest to accelerate the conversion of the current Commercial United States to a full corporatocratic dictatorship (to complete conversion of Trump to a 21st century ‘Reichskansellor’ and Sessions to a Ribbentrop to him) have set the Media to stirring air and signal to feel out the mood of the century, to determine if it may not be too soon to engage in a ‘next step’ to increase control and forward the conversion.