Posts

Snowden

WikiLeaks’ Intent in Publishing (and Not Publishing) CIA’s Hacking Tools Was To Wreck the Agency

Several things are missing from Yahoo’s clickbait story about the things CIA was not permitted to do in the wake of learning its hacking tools had been stolen. An important one is any mention that WikiLeaks helped Edward Snowden flee Hong Kong with the specific intent of inspiring someone like Joshua Schulte, the alleged Vault 7 leaker, to steal those files with the goal of “wrecking” the CIA.

In Yahoo’s original story, it mentions the first superseding indictment against Assange, but not the second.

The U.S. government unsealed its initial indictment of Assange the same day.

That indictment focused exclusively on allegations that in 2010, Assange offered to help Manning, the Army intelligence analyst, crack a password to break into a classified U.S. government network, an act that would have gone beyond journalism. But in a move that drew howls from press advocates, prosecutors later tacked on Espionage Act charges against Assange for publishing classified information — something that U.S. media outlets do regularly.

That’s not uncommon among those reporting on the Julian Assange case who haven’t followed it closely, as is true of the three journalists on this piece. But the omission is particularly problematic for their story.

Then, in a follow-up reporting Mike Pompeo’s comments that some of the story is true (he implies much is fiction, but he’s also a liar so I don’t put much stock in that), Yahoo quoted Ben Wizner twice, identifying him only as an ACLU lawyer.

“We now know that this unprecedented criminal case was launched in part because of the genuinely dangerous plans that the CIA was considering,” said Ben Wizner, director of the American Civil Liberties Union’s Speech, Privacy and Technology Project. “This provides all the more reason for the Biden Justice Department to find a quiet way to end this case.”

[snip]

Wizner, the ACLU lawyer, said Pompeo’s comments effectively “just verified the truth of the [Yahoo News] story. Because the only reason to prosecute someone is that they revealed legitimate classified information. … This was public interest journalism of the first order and the question is whether the public has a right to know that the government is engaged in this kind of conduct.”

Describing Wizner as an ACLU lawyer here, and not the defense attorney for Ed Snowden, is journalistic malpractice. (Plus, Ben is wrong: the Yahoo story makes it clear that the Russian exfiltration attempt was the precipitating event, not what Pompeo had considered but not pursued six months earlier.)

That’s because Snowden is personally implicated in the Vault 7/Vault 8 leak (and in fact named in the superseding indictment that Yahoo chose not to mention). As Snowden himself described in his book, WikiLeaks helped him flee Hong Kong with the specific intent of ensuring that he had a better outcome than Chelsea Manning did.

It was only once we’d entered Chinese airspace that I realized I wouldn’t be able to get any rest until I asked Sarah [Harrison] this question explicitly: “Why are you helping me?” She flattened out her voice, as if trying to tamp down her passions, and told me that she wanted me to have a better outcome. She never said better than what outcome or whose, and I could only take that answer as a sign of her discretion and respect.

As Bart Gellman described in his book, Snowden attempted to take several steps to achieve the same goal.

After meeting with the Post editors, I remembered that I could do an elementary check of the signature on my own. The result was disappointing. I was slow to grasp what it implied.

gpg –verify PRISM.pptx.sig PRISM.pptx

gpg: Signature made Mon May 20 14:31:57 2013 EDT

using RSA key ID ⬛⬛⬛⬛⬛⬛⬛⬛

gpg: Good signature from “Verax”

Now I knew that Snowden, using his Verax alter ego, had signed the PowerPoint file himself. If I published the signature, all it would prove to a tech-savvy few was that a pseudonymous source had vouched for his own leak. What good would that do anyone?

In the Saturday night email, Snowden spelled it out. He had chosen to risk his freedom, he wrote, but he was not resigned to life in prison or worse. He preferred to set an example for “an entire class of potential whistleblowers” who might follow his lead. Ordinary citizens would not take impossible risks. They had to have some hope for a happy ending.

To effect this, I intend to apply for asylum (preferably somewhere with strong Internet and press freedoms, e.g. Iceland, though the strength of the reaction will determine how choosy I can be). Given how tightly the U.S. surveils diplomatic outposts (I should know, I used to work in our U.N. spying shop), I cannot risk this until you have already gone to press, as it would immediately tip our hand. It would also be futile without proof of my claims—they’d have me committed—and I have no desire to provide raw source material to a foreign government. Post publication, the source document and cryptographic signature will allow me to immediately substantiate both the truth of my claim and the danger I am in without having to give anything up. . . . Give me the bottom line: when do you expect to go to print?

Alarm gave way to vertigo. I forced myself to reread the passage slowly. Snowden planned to seek the protection of a foreign government. He would canvass diplomatic posts on an island under Chinese sovereign control. He might not have very good choices. The signature’s purpose, its only purpose, was to help him through the gates.

Whether or not the government will argue that this shared goal amounts to entering into a conspiracy, it is unquestionable that both Snowden and WikiLeaks shared the goal of encouraging more leakers.

And as the second superseding indictment that Yahoo omitted from their story lays out, after successfully delivering Snowden to the protection of Russia, Assange publicly called on people to join the CIA as Systems Administrators with the goal of “wrecking or disabling” the organization.

83. In June 2013, media outlets reported that Edward J. Snowden had leaked numerous documents taken from the NSA and was located in Hong Kong. Later that month, an arrest warrant was issued in the United States District Court for the Eastern District of Virginia, for the arrest of Snowden, on charges involving the theft of information from the United States government.

84. To encourage leakers and hackers to provide stolen materials to WikiLeaks in the future, ASSANGE and others at WikiLeaks openly displayed their attempts to assist Snowden in evading arrest.

85. In June 2013, a WikiLeaks association [Sarah Harrison, described as WLA-4 in the indictment] traveled with Snowden from Hong Kong to Moscow.

86. On December 31, 2013, at the annual conference of the Chaos Computer Club (“CCC”) in Germany, ASSANGE, [Jacob Appelbaum] and [Harrison] gave a presentation titled “Sysadmins of the World, Unite! A Call to Resistance.” On its website, the CCC promoted the presentation by writing, “[t]here has never been a higher demand for a politically-engaged hackerdom” and that ASSANGE and [Appelbaum] would “discuss what needs to be done if we re going to win.” ASSANGE told the audience that “the famous leaks that WikiLeaks has done or the recent Edward Snowden revelations” showed that “it was possible now for even a single system administrator to … not merely wreck[] or disabl[e] [organizations] … but rather shift[] information from an information apartheid system … into the knowledge commons.” ASSANGE exhorted the audience to join the CIA in order to steal and provide information to WikiLeaks, stating, “I’m not saying don’t join the CIA; no, go and join the CIA. Go in there, go into the ballpark and get the ball and bring it out.”

87. At the same presentation, in responding to the audience’s question as to what they could do, [Appelbaum] said “Edward Snowden did not save himself. … Specifically for source protection [Harrison] took actions to protect [Snowden] … [i]f we can succeed in saving Edward Snowden’s life and to keep him free, then the next Edward Snowden will have that to look forward to. And if look also to what has happened to Chelsea Manning, we see additionally that Snowden has clearly learned….” [my emphasis]

Less than three years later, someone — allegedly Joshua Schulte, who is accused of repeatedly hacking development servers to restore his administrator privileges over the backup files that were stolen — did just that.

And all the evidence submitted at Schulte’s trial suggests that his goal in sharing both the development notes that WikiLeaks published and the source code that (with just a few exceptions) WikiLeaks did not was to wreck the Agency out of vengeance for what he saw as unfair treatment of him in a personnel dispute.

One can still believe that it is noble to help a former intelligence official flee to Russia with the goal of encouraging more leaks. One can even explicitly share the goal of wrecking the CIA. But to understand the CIA’s reaction to the leak of its hacking tools in 2017, one has to understand that after Julian Assange helped Snowden flee to Russia, he used having done so to explicitly encourage someone like Joshua Schulte to steal files that would wreck the CIA.

Friday News Dump Not Dead Yet: Stephen Kim Guilty Plea

Just when Kevin Drum declared the “Friday News Dump” dead, comes proof news of said death was greatly exaggerated.

As Josh Gerstein and others have reported, the plea will be entered this afternoon:

Under the terms of the agreement, Kim will plead guilty to a single felony count of disclosing classified information to Rosen in June 2009, and serve a 13-month prison sentence. Judge Colleen Kollar-Kotelly would have to accept the sentence or reject it outright?, in which case Kim could withdraw his plea. Kim would also be on supervised release for a year, but would pay no fine.

Judge Kollar-Kotelly is expected to accept the guilty plea at today’s hearing, but will not impose a sentence until sometime later.

Well, that is kind of a big deal dropped out of nowhere on a Friday afternoon.

As you may recall, this is the infamous case where the Obama/Holder DOJ was caught classifying a journalist, James Rosen of Fox News, as an “aider and abettor” of espionage. As the Washington Post reported, the scurrilous allegation was clear as day in a formal warrant application filed as an official court document:

“I believe there is probable cause to conclude that the contents of the wire and electronic communications pertaining to the SUBJECT ACCOUNT [the gmail account of Mr. Rosen] are evidence, fruits and instrumentalities of criminal violations of 18 U.S.C. 793 (Unauthorized Disclosure of National Defense Information), and that there is probable cause to believe that the Reporter has committed or is committing a violation of section 793(d), as an aider and abettor and/or co-conspirator, to which the materials relate,” wrote FBI agent Reginald B. Reyes in a May 28, 2010 application for a search warrant.

The search warrant was issued in the course of an investigation into a suspected leak of classified information allegedly committed by Stephen Jin-Woo Kim, a former State Department contractor, who was indicted in August 2010.

The Reyes affidavit all but eliminates the traditional distinction in classified leak investigations between sources, who are bound by a non-disclosure agreement, and reporters, who are protected by the First Amendment as long as they do not commit a crime.

[snip]

As evidence of Mr. Rosen’s purported culpability, the Reyes affidavit notes that Rosen and Kim used aliases in their communications (Kim was “Leo” and Rosen was “Alex”) and in other ways sought to maintain confidentiality.

“From the beginning of their relationship, the Reporter asked, solicited and encouraged Mr. Kim to disclose sensitive United States internal documents and intelligence information…. The Reporter did so by employing flattery and playing to Mr. Kim’s vanity and ego.”

“Much like an intelligence officer would run an [sic] clandestine intelligence source, the Reporter instructed Mr. Kim on a covert communications plan… to facilitate communication with Mr. Kim and perhaps other sources of information.”

Of course, the fully justifiable uproar over the Rosen treatment by DOJ eventually led to “new guidelines”, being issued by the DOJ. The new guidelines are certainly a half step in the right direction, but wholly unsatisfactory for the breadth and scope of the current Administration’s attack on the American free press.

But now the case undergirding the discussion in the Stephen Kim case will be shut down, and the questions that could play out in an actual trial quashed. All nice and tidy!

Frankly, I have mixed emotions about the reported Kim plea itself. It is, all in all, a pretty good deal for Kim and his attorney, the great Abbe Lowell. The case is done, bad precedent does not get etched into a jury verdict and appeal, and the nightmare has an end in sight for the defendant, Stephen Kim. All things considered, given the seriousness of the espionage and false statement charges in the indictment, 13 months is a good outcome. And it is not a horrible sentence to have as a yardstick for other leakers (were I Ed Snowden and Ben Wizner, I would like this result). By the same token, the damage done by the ridiculous antics and conduct of the DOJ in getting to this point is palpable. It will leave a stain that won’t, and shouldn’t, go away.

That still leaves the matter of Jeffrey Sterling, and reporter James Risen, though. Whither DOJ on that? And it is an important question since the much ballyhooed and vaunted “New Media Policies” announced by DOJ left wide open the ability to force Risen (and others that may some day be similarly situated) to testify about his sources of face jail for contempt.