Posts

Joshua Schulte’s Carefully Crafted Plan to (Metaphorically) Blow Up His Trial

/18 Comments/in , /by

There’s an unintentionally ironic footnote in accused Vault 7 leaker Joshua Schulte’s response to the government motion in limine that, among other things, seeks to ensure the government can introduce evidence from Schulte’s prison notebooks to show he had a plan to conduct Information War from his jail cell.

In it, the defense objects to the government plan to use Schulte’s own writings to provide evidence of motive. In the angry tone the motion adopts throughout, the footnote argues that it’s not clear how Schulte’s “messy, ranting” notes could be evidence of a carefully crafted plan, then goes on to argue that the government’s reliance on a ruling in the Chelsea bomber’s case finding that the bombs he had planted in New Jersey reflected motive to bomb New York is inapt.

The government also says that the “MCC Evidence” is admissible of Mr. Schulte’s “motive, intent, preparation, and planning” with respect to the MCC counts. Gov. Mot. 45. The government does not define which pieces of evidence fall under this category, a phrase it uses for the first time at Gov. Mot. 38, and may refer to all information that was collected at MCC without limit. For example, the government says his notebooks are a “carefully crafted plan,” for an “information war.” Gov. Mot. 45. It is far from clear what evidence the government believes is part of this “careful[ ]” plan,” or why the government believes that messy, ranting, handwritten notes in notebooks labeled privileged could be part of any carefully crafted plan. In any event, the cases it cites, about an uncharged bomb threat being introduced to show intent to threaten a victim, and the planting of bombs in one location to be introduced to prove planning to plant bombs in another case, are nothing like this one. Id. This broad request should be denied.

The footnote appears in a filing that is itself messy, making arguments at one point (for example, that the government shouldn’t be able to present evidence Schulte stuck a USB drive that likely had Tails on it into his CIA workstation right before he allegedly stole the CIA’s hacking tools) that contradict arguments made elsewhere (that the government shouldn’t be able to use Paul Rosenzweig as an expert witness to describe the import of WikiLeaks encouraging its sources to use Tails, because the significance of using Tails is clear).

Over and over again, the filing makes arguments that amount to saying, “you can’t argue that our client’s weaponization of CIA hacking tools and disinformation are at all akin to bombs, even though WikiLeaks argued those tools were newsworthy precisely because they pose that same kind of proliferation threat,” and “you can’t argue that WikiLeaks acts like an organized crime outfit,” because if you did it would make the gravity of our client’s alleged crimes clear.

As I read the manic tone of the argument — the most substantive public argument the defense has made in months, amid an extended period of making one after another process argument about why they can’t move to trial next month —  I wondered whether Schulte is driving his attorneys nuts. He is, undoubtedly, among the most confounding defendants I’ve covered — and I’ve covered plenty who exhibited far more signs that extended incarceration on top of underlying mental illness had made them unfit to stand trial.

Schulte may well be exhibiting signs of being jailed for an extended period under Special Administration Measures that limit his communication with outsiders. Though, as the government noted in one of their responses to this extended effort to avoid going to trial, Schulte apparently told Judge Paul Crotty last month he’s willing to undergo the SAMs he has twice challenged for at least another six months to be able to make the process arguments he claims, unconvincingly, he wants to make.

If the defendant’s strategy works, trial in this case would likely not begin until more than two years after the original national security charges in this case were filed, more than three and a half years from the WikiLeaks disclosure that began this investigation, and more than four years from when the Government alleges the defendant stole and transmitted to WikiLeaks the national defense information at issue in this case.

The defendant has claimed that he is willing to remain in prison for this extended period of time—even though he is, according to him, innocent of these charges and the victim of a campaign to frame him conducted by the U.S. Attorney’s Office, the Federal Bureau of Investigation, and the CIA—because Ms. Shroff and Mr. Larsen are “necessary” witnesses who would provide testimony that would help to exonerate him. The defendant has further stated, under oath, that he knows that relying on these witnesses’ testimony would lead to a potentially broad waiver of his attorney-client privilege. But despite acquiescing to even longer detention under special administrative measures, regardless of his purported innocence and the waiver of his privilege, all for the opportunity to present Ms. Shroff’s and Mr. Larsen’s testimony at trial, the defendant still maintains that his decision as to whether he will call either of these attorneys as witnesses remains so amorphous and theoretical that he should not be required to provide the Government even the most meager information about the substance of this purported testimony just weeks before the current trial date.

But ultimately, it’s clear that this is his defense strategy, as messy and stupid and self-destructive as it is.

In another of the government’s responses to this process defense — one that lays out what I did in a post arguing that Schulte is engaged in a con game of three card monte with his legal representation — they take three pages to lay out the timeline of Schulte’s efforts to prevent his virtual confessions in his prison notebooks from being used in the case against him. In my own similar timeline, I had missed that Sabrina Shroff had left the Public Defender’s office in sometime before December 3, rendering one of the claims about an institutional conflict she continues to make moot.

More importantly, there are several new details to that timeline. James Branden, who was appointed in October based on representations he could be ready for trial in January, who then made a request for a six month delay in November because he couldn’t be ready even while admitting he had a week vacation scheduled when he first took on the case, has only met Schulte twice (which must be two court hearings, including the Curcio hearing last month). That’s revealed in both a Schulte request to fire Branden and a Branden response saying he’s happy to be fired, neither of which have been docketed yet.

January 2, 2020: The defendant—despite not having raised any such concerns at the Curcio Hearing—submitted the Schulte Letter to the Court, in which the defendant claimed that he had only seen Mr. Branden twice and that the defendant has “no relationship or confidence in his ability to assist in my defense at trial next month.” The defendant asked that the Court to appoint the defendant a new attorney.

[snip]

January 7, 2019: Mr. Branden submitted a response to the Schulte Letter, in which Mr. Branden confirmed the defendant’s factual representations in the Schulte Letter and stated that Mr. Branden would not oppose being replaced as counsel— notwithstanding his prior representations to the Court regarding his availability to prepare for and participate in the trial as counsel appointed pursuant to the Criminal Justice Act.

I had been wondering whether Schulte’s team asked for Branden to be appointed to make it easier for them to quit, as they’ve tried to do in about three different ways since. I wonder, too, whether Branden hasn’t begun to worry the same thing (not least because he hasn’t signed any of the defense briefs since he was brought on), and he wants off now before — like Wile E. Coyote in virtually every Loony Tunes episode ever — he’s left holding an exploding bomb he set himself.

Basically, what happened over eighteen months ago is that Schulte’s lawyers told him to stop publishing attacks on the government’s case himself, as he kept including classified information that made his situation worse. So instead he wrote plans to publicly rebut the charges against him in a notebook — plans that (according to Schulte’s own recorded jail phone calls) Shroff opposed.

[T]he Government has described to the defense how, if the defendant offered his counsel’s testimony, the Government would likely rely on recorded prison calls in which the defendant criticized defense counsel’s advice, including, for example, calls in which the defendant stated that he would “go around” Ms. Shroff to disclose information to the media, despite her objections to this strategy.

In addition to this evidence that Schulte was ignoring Shroff’s warnings about going public, the stuff in his prison notebooks — including passwords for ProtonMail accounts — is in no way consistent with a public rebuttal that any defense attorney could legally agree to.

So instead, Schulte has just gotten his lawyers to claim they gave bad advice, have a conflict, and now might face criminal exposure for trying to get their client to stop breaking the law from an MCC jail cell. Which might be true, but only because his lawyers were trying to represent his desires, and ultimately his desire seems to be to blow the CIA up, using means that are illegal.

All this appears to be an effort to forestall being tried, indefinitely, out of a presumed recognition that the government already has what amounts to a written confession, and he’s willing to rot at MCC rather than go to trial with that apparent written confession.

In a filing from last month, the government catalogued thirteen different attorneys who have represented Schulte over the course of this prosecution.

Finally, it is also a case in which the defendant—over the course of those three adjournment requests—has cycled through at least 13 attorneys,1 including the instant defense team, which includes at least three attorneys who have represented the defendant for more than a year and a half.

Those 13 attorneys who have represented the defendant are Sabrina Shroff, Edward Zas, Allegra Glashausser, James Branden (all of whom currently represent the defendant, and three of whom have security clearances), Matthew Larsen, Lauren Dolecki, Jacob Kaplan, Mark Baker, Alex Spiro, Taylor Koss, Kenneth Smith, Sean Maher (who was recently appointed as Curcio counsel), and at least one attorney who has not filed a notice of appearance but who appears to be advising Schulte about constitutional arguments to make with respect to the Classified Information Procedures Act (“CIPA”).

There are a lot of reasons why Schulte has gone through so many lawyers, money and clearance, among others.

But at this point, Schulte’s strategy seems to be avoiding trial by ensuring he has no lawyers.

Schulte seems convinced he can’t win on the merits. So to avoid losing, he’s going to hack the legal system in an effort to ensure he never loses.

Joshua Schulte’s Three Lawyer Monte

/3 Comments/in , , , /by

For at least five months, accused Vault 7 leaker Joshua Schulte has been trying one after another ploy to avoid or delay his trial next month. But his latest move isn’t even very clever.

The problem, for Schulte, is that after he submitted a pro se filing attacking the government’s case that included classified information, his lawyers tried to get him to stop by telling him to write his complaints in notebooks instead. He did so and marked the notebooks “Attorney-Client,” but included things that could in no way be considered as such (such as passwords to Proton Mail accounts he used to email people outside of jail). So after the government discovered he had a cell phone in jail and searched his cell, they discovered the notebooks, where he had basically confessed to his past and ongoing crimes. As the government wrote in a later motion, that information includes:

(i) admissions by the defendant relating to his disclosure of classified information to WikiLeaks (such as the identification of information provided to WikiLeaks that has not yet been disclosed by WikiLeaks); (ii) admissions by Schulte with respect to his plan to disseminate additional classified information illegally from the MCC (such as his declaration of a so-called “information war” and notations of plans to, for example, schedule postings on various social media accounts he created from jail); (iii) false exculpatory statements; (iv) evidence connecting Schulte to contraband cellphones and electronic communications accounts (such as notations to install encrypted messaging applications on contraband cellphones or to delete “suspicious emails” from covert accounts used by Schulte while at the MCC); and (v) writings prepared for public dissemination that include classified information (such as draft tweets written by the defendant as one of his alleged former CIA colleagues who claimed to be able to exonerate the defendant and who recounted information about CIA activities to “authenticate” the author).

Since then, he has been trying to make that evidence unavailable for trial.

First, last June, he tried to suppress it (and the Proton Mail emails accessed with the passwords he stored in there) on Fourth Amendment grounds, which Judge Paul Crotty denied last October, in part because the FBI’s use of a wall team to sort out the non-privileged material demonstrated good faith.

Then, in August, Schulte’s lawyers informed the judge they had provided some kind of advice that led him to believe he could write down classified information in his prison notebooks, and asked that the judge sever the charges tied to his attempts to leak classified information from jail from the charges tied to his alleged leak of the Vault 7 documents to WikiLeaks, something that would have made the MCC admissions of guilt unavailable for his main trial. In September, Judge Crotty denied that motion, pointing out that the lawyer who gave the purportedly bad advice is not on Schulte’s trial team and so could testify.

Then, in October, his lawyers asked to be relieved of defending Schulte altogether, or at least asked for the judge to appoint a Curcio counsel to determine whether there is a conflict. On November 6, Judge Crotty appointed a Curcio counsel.

Meanwhile, also in October, Schulte’s lawyers said they were buried preparing for trial and needed help and asked that he appoint another lawyer to help them, James Branden, which Judge Crotty immediately did. That soon looked like a ploy, because Branden — who had said he’d be able to handle the schedule — wrote a letter in November asking for a six month adjournment saying he couldn’t handle the schedule. In the letter, he said he had not, in the interim month, met with Schulte. He also said he couldn’t elaborate on the need for a delay until December 9 because he was on vacation until then. Crotty was none too impressed with that, and denied that motion in December (though extended the trial date by three weeks.

On December 13, Schulte’s public defenders wrote the judge and said they decided their advice to Schulte meant they had to be relieved on ineffective assistance of counsel grounds.

On December 18, they held the Curcio hearing, and Judge Crotty (who had previously described ways to get the exculpatory evidence admitted at trial) denied the request to be relieved.

Last week, Schulte’s public defenders wrote Judge Crotty saying they could no longer defend Schulte because it would mean providing ineffective counsel, and also noting that they may have engaged in misconduct, meaning that Schulte’s decision to present the evidence would reflect badly on his trial lawyers. (Again, the lawyer who gave the bad advice will not be his trial lawyer.)  The next day they wrote against stating that, even though to adopt this ineffective assistance of counsel defense, he’d have to waive privilege on the current set of lawyers, he did not waive privilege.

The government responded to this second letter laying out all the case law that says if you’re going to argue ineffective counsel, you need to share what the bad advice is. In it, they called bullshit on Schulte’s claim that he really relied on his lawyers’ counsel.

For example, the Government has described to the defense how, if the defendant offered his counsel’s testimony, the Government would likely rely on recorded prison calls in which the defendant criticized defense counsel’s advice, including, for example, calls in which the defendant stated that he would “go around” Ms. Shroff to disclose information to the media, despite her objections to this strategy.

They also note that Schulte claims he needs this testimony to prove his innocence but is willing to wait years, under SAMs, to get it.

The Curcio counsel, Sean Maher, wrote as well last week, repeating that he believes the public defenders need to be relieved, because he can’t advise Schulte on whether or not he should call both lawyers to testify, thereby waiving privilege and necessitating getting new lawyers. He argues Schulte needs new lawyers to decide whether he needs to jettison his current lawyers. He ends his letter by explaining that he doesn’t have enough information to advise Schulte on that point.

Only conflict-free counsel who has a full sense of the case — the classified and unclassified discovery, the complicated forensic information, and knowledge of what other witnesses, including rebuttal witnesses, might say — should advise Mr. Schulte on this matter.

What seems to have dropped out of this conversation is that Schulte has another lawyer who can’t fathomably be said to have this conflict, James Branden, who in spite of his December vacation has nevertheless had over two months to get up to speed, the amount of time he originally said it’d take to prepare for trial. Branden is in a position to decide whether Schulte’s claim he got bad advice and so did what he said on recorded jail house conversations that he would ignore he wouldn’t do will hold with a jury.

Schulte is pretending he has two sets of lawyers: the ones he claims gave him shitty advice, which led him to try to record what he must be preparing to claim is just an imaginary Information War entirely within the bounds of his prison notebooks, and the Curcio counsel appointed to tell him — absent any context — whether that means they can’t represent him anymore.

But he’s got a third lawyer who has curiously dropped out of this discussion, Branden, who hasn’t signed his name to a filing since he asked for an adjournment (though he attended the Curcio hearing, so would be competent to provide the kind of advice that Maher says no one is available to provide).

Likely, if asked, Branden would note that claiming his lawyers told him to commit everything to his prison notebooks wouldn’t much help him (even ignoring his Non-Disclosure Agreements that commit him alone to protecting classified information), because Schulte allegedly shared classified information in public documents outside of his prison notebooks, in defiance of the advice the government says he got and ignored from Shroff.

I guess Schulte is hoping if he moves the three cards in his hand around fast enough, Judge Crotty — who he has attacked in a pro se filing Shroff probably told him not to file — won’t see that there are actually three and not two cards in his hand.

Three lawyer monte, with all the lawyers paid for by taxpayers, ostensibly in the name of a fair defense.

Judge Crotty Should Let Joshua Schulte Test His Theory of Defense Forensically

/35 Comments/in , /by

At a hearing on July 25, accused Vault 7 leaker Joshua Schulte’s lawyer, Sabrina Shroff, argued that it’s possible if the government provides some forensic evidence that the CIA maintains is too classified to share, this case might avoid trial, either by identifying alternate culprits or leading her to advise her client to plead.

Mr. Kamaraju says that I would be forced anyway to then make a Section 5 motion to show relevance, etc. Well, maybe not. Maybe if I got the forensics, I would be able to say, hey, I think the government is completely wrong, Mr. Schulte is completely innocent, and you should go back and relook at your charging decisions because of X, Y, and Z in the forensics.

On the flip side, I could look at the forensics and say to my client, you know, maybe this isn’t the strongest case. Maybe we shouldn’t be going to trial. Not all discovery is asked for or relevant because it is only going to be used at trial. We asked for discovery because it is proper Rule 16 information that the defendant should have that would tell him about the charges and help him make proper decisions in the most serious or the most benign of cases.

At issue, per an order Judge Paul Crotty issued days before the hearing (but which got released publicly afterwards) is evidence that would exist if a narrative Schulte seeded before he left the CIA were true. In addition to all the email he wrote at CIA (the government is giving him what he wrote, but not the responses), he wants “a complete forensic copy of the Schulte Workstation and DevLAN, so that his expert can conduct a comprehensive forensic analysis.” Ultimately, Crotty did not grant Schulte’s request, noting that he “has been accused of leaking information he obtained from his employment at CIA both before he was arrested and from his cell at MCC after his arrest.” Instead, he directed the defense to “submit[] a more tailored request [that] provides good reason for further forensic discovery in a motion to compel. In this context, it would also be helpful, for example, if Schulte would communicate his thinking of how others are responsible for the theft.”

Yet that didn’t work, at least not immediately. In the aftermath of that order, Schulte’s team said the Wall Counsel hasn’t responded substantively to a previously written request. That seems to be a justifiable complaint about the difficulties of working with Classified Information Protect Act and Wall Counsel (to say nothing of really complex technical issues which none of the lawyers fully understand). It’s like a giant game of telephone and Schulte’s right to a fair trial is at stake.

Which is why the government should take this offer from Shroff more seriously than they appear to have done: giving Schulte’s expert direct access to the full set of data he seeks.

We have offered to limit the access to either counsel or go even further and limit the access to just the expert. We have even offered that the CIA need not give it to us. We would go to the CIA or the expert would go to the CIA to review the forensics.

Even while it could use CIPA to limit what they give Schulte’s team, it would serve the government to give his expert this access.

I say that, first of all, because of who Schulte’s expert is: Columbia University CompSci professor Steve Bellovin. He’s not just some forensics guy with clearance. He’s someone who has served in governmental positions (most notably as PCLOB’s tech expert for a year). That means he has already seen government spying in action, and what he’d see here would be a server that got replaced, probably before April, and some hacking tools and targets there were in no way exceptional.

Just as importantly, Bellovin is well-respected in the activist community, both on technical matters and judgment. If Bellovin were to test Schulte’s alternative explanation for the leak of the Vault 7 files and Schulte subsequently pled (suggesting that Shroff had counseled that he not take his theories to trial), it would suggest that Schulte’s story didn’t hold up to Bellovin’s scrutiny.

If that happened, it would be a key statement about not just what Schulte has claimed, but about what WikiLeaks did, in releasing the files in 2017.

As the government tells it, Schulte got in a fight with a colleague in December 2015, which led him to sour on the CIA as early as February 2016. When the agency didn’t respond in the way he wanted to Schulte’s claim that the colleague had threatened him, he started to retaliate in April 2016 by first copying the backup server holding all the CIA’s hacking tools, then sending it to WikiLeaks. In short, the government’s story is that Schulte simply burned the CIA’s hacking capabilities to the ground because he felt like they wronged him, a fairly breathtaking claim for one of the most damaging leaks to the government in history.

Schulte’s story is harder to suss out for a number of reasons: the defense has avoided putting this in writing, in part in an attempt to protect their theory of defense, some of what Schulte has argued is classified and still sealed, and other parts consist of rants he has published online or in dockets, not coherent arguments. Plus, some of Schulte’s claims are clearly lies, most demonstrably his claim that, “Federal Terrrorists [sic] had no evidence of plaintiff actually using cell phone” before they got a warrant relying on an affidavit that included pictures of him using the phone he had in MCC.

Schulte’s theory, as available, consists of three parts:

  • More people had access to the backup server from which the files were stolen than the government claims
  • The files were relatively easier to steal from an offsite backup server than the onsite one the government alleges Schulte stole them from
  • The likely culprits used security vulnerabilities he (claims to have) identified to CIA managers to steal the files

Evidence he’s making the first argument appears in his lawsuit against the Attorney General, where he claims the government has lied about the number of people who could access the server with the hacking tools.

AG lies about the number of people who had access to the classified information

Given a passage from the government’s response to his motion to suppress, Schulte must be referring to the claim that 200 people had access to the servers themselves, not the claim that 3-5 people had access to the backup server from which FBI claims the files were stolen. Schulte’s sealed filing appears to have argued that a second CIA group had access to the server.

Schulte does not dispute that the CIA Group was responsible for using and maintaining the LAN, that as of March 2016 fewer than 200 employees were assigned to the CIA Group, or that only these employees had access to the LAN. (See id. ,r 8(b)). Rather, Schulte argues that Agent Donaldson failed to note in the Covert Affidavit that a second CIA group (“CIA Group-2”), [redacted], allegedly also had access to the LAN.

For what it’s worth, the government disputes this claim outright. They introduce and conclude an otherwise redacted discussion by twice asserting this claim is false.

Schulte’s assertions about CIA Group-2’s access to the LAN are untrue [seven lines redacted] In short, Schulte is simply wrong.

Schulte’s claim that the files were more easily stolen from an offsite backup server may be more of a throwaway, based on what the government provided in discovery, reflecting what a contractor said almost a year into the investigation. (Remember that the government is not meaning to restate Schulte’s theories here, but instead to refute his claim that the initial affidavit against him included reckless errors.)

Schulte does not challenge that the Classified Information was taken from a back-up file, but instead argues that the back-up files were also stored at an offsite location (the “Offsite Server”), based on a network diagram of the LAN, and that, in one CIA Group contractor’s opinion, the “easiest” way to steal those back-up files was from the Offsite Server. None of this information, however, renders Agent Donaldson’s assessment misleading. Initially, while it is true that the back-up files were also stored in an Offsite Server, Agent Donaldson never suggested that the only place that the back-up files existed was the Back-up Server. Nor did Agent Donaldson opine in the abstract on the easiest method of exfiltrating the Classified Information from the LAN. Rather, he merely stated that it was “likely” that the Classified Information had come from the Back-Up Server, an eminently reasonable conclusion, given that the Back-Up Server contained the back-up files that mirrored the Classified Information, and Schulte–whom the FBI properly identified as a likely perpetrator of the theft–had access to it. Gates, 462 U.S. at 230-31 (courts do not isolate each factor of suspicion but look at the totality of the circumstances). The opinion of the contractor–who did not have access to all of the information and who had no relevant investigatory experience–in no way undermines that assessment, particularly when (i) that opinion is contradicted by [redacted], a LAN system administrator and a witness upon whom Schulte relies in his motion, who stated that “the easiest way to steal the data leaked by WikiLeaks” was for someone with administrative access to the LAN to “simply remov[e] the backup file from the network application” (i.e., the Back-Up Server) (Shroff C. Decl., Ex. I); and (ii) even if the contractor’s opinion was relevant, it was not conveyed to the FBI until February 2018, nearly a year after the date of the Covert Affidavit, see Garrison, 480 U.S. at 85.

Significantly, the government bases its claim that Schulte leaked classified information from jail in part on him sharing a “Network Structure Document” with someone (probably a reporter); given that some of the other information he is alleged to have leaked in violation of classification or protective orders was meant to sustain his claims of innocence, this probably does too. If so, that would suggest he was floating this theory about a year ago.

Finally, in his Presumption of Innocence blog, Schulte maintains that the CIA network was vulnerable in ways that he claims he raised with the CIA before he left.

I reported numerous security vulnerabilities that I discovered within our network and particularly issues with system administration, backup, and protection of some of our prominent tool sets. I was continually met with pushback and retaliatory responses that ultimately forced me to resign. My final acts were to file complaints with the OIG and the House Select Committee on Intelligence to hopefully prevent future retaliatory actions against others.

So while the government claims that Schulte retaliated by leaking the CIA’s hacking tools because the CIA wasn’t treating him with the respect he thought he deserved, Schulte appears to be claiming that possibly members of CIA’s Group-2 or perhaps even outsiders stole the files via vulnerabilities he identified before he left.

While not exactly the same, WikiLeaks made related claims when they released the files, in part as rationale for publishing them.

Compare what we can make out of Schulte’s defense with what WikiLeaks published in its “press release” accompanying the first Vault 7 release. WikiLeaks describes CIA “losing control” of its hacking tools, not someone leaking them.

Recently, the CIA lost control of the majority of its hacking arsenal including malware, viruses, trojans, weaponized “zero day” exploits, malware remote control systems and associated documentation. This extraordinary collection, which amounts to more than several hundred million lines of code, gives its possessor the entire hacking capacity of the CIA. The archive appears to have been circulated among former U.S. government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive.

While it mentions former US government hackers (which could include Schulte), it also invokes contractors (the press release elsewhere mentions Hal Martin), and contractors were the presumed source for Vault 7 files at the time. While WikiLeaks acknowledges that the files came from “an isolated, high-security network situated inside the CIA’s Center for Cyber Intelligence in Langley, Virgina [sic]” the description of the archive circulating in unauthorized fashion suggests that WikiLeaks is claiming the files were more broadly accessible.

The “press release” also suggests CIA’s hacking division had 5,000 users, implying all were involved in the production of hacking tools.

By the end of 2016, the CIA’s hacking division, which formally falls under the agency’s Center for Cyber Intelligence (CCI), had over 5000 registered users and had produced more than a thousand hacking systems, trojans, viruses, and other “weaponized” malware.

While that may or may not be the CIA Group-2 Schulte claims had access to the servers, it certainly suggests a far larger universe of potential sources for the stolen files than the 200 the government claims, much less the around 5 SysAdmins who had privileges to the backup server.

The purported motive for releasing these tools — both that of the source and of Assange — is partly the insecurity of having such tools lying around.

In a statement to WikiLeaks the source details policy questions that they say urgently need to be debated in public, including whether the CIA’s hacking capabilities exceed its mandated powers and the problem of public oversight of the agency. The source wishes to initiate a public debate about the security, creation, use, proliferation and democratic control of cyberweapons.

Once a single cyber ‘weapon’ is ‘loose’ it can spread around the world in seconds, to be used by rival states, cyber mafia and teenage hackers alike.

Julian Assange, WikiLeaks editor stated that “There is an extreme proliferation risk in the development of cyber ‘weapons’.

[snip]

Securing such ‘weapons’ is particularly difficult since the same people who develop and use them have the skills to exfiltrate copies without leaving traces — sometimes by using the very same ‘weapons’ against the organizations that contain them.

[snip]

Once a single cyber ‘weapon’ is ‘loose’ it can spread around the world in seconds, to be used by peer states, cyber mafia and teenage hackers alike.

In other words, WikiLeaks justified posting development notes for a significant portion of CIA’s hacking tools — and ultimately the source code for one — to prevent “teenage hackers” from obtaining such weapons and using them. (By this February, a security researcher had made his own hacking module based off what WikiLeaks had released.) A key part of that claim is the risk that CIA itself had not sufficiently secured its own tools, that they were “circulat[ing] … in an unauthorized manner.” That is, WikiLeaks purports to be the fulfillment of and remedy for precisely the risk Schulte claims — in his Presumption of Innocence blog — he warned the CIA about.

Except the government claims that’s not true.

It is true, as the affidavit in dispute in Schulte’s motion to suppress lays out, that Schulte wrote a “draft resignation letter” purporting to warn about these dangers and, on his last day, sent the CIA’s Inspector General a letter raising the same issues. The government reviews what he did at length in their response to his motion to suppress.

Agent Donaldson discussed the circumstances of Schulte’s resignation from the CIA in November 2016, including a letter and email he wrote complaining about his treatment. (Id. ,i,i 19-20). On October 12, 2016, Schulte sent an email to another CIA Group employee with the subject line “ROUGH DRAFT of Resignation Letter *EYES ONLY*,” which attached a three-page, single-spaced letter (the “Letter”). (Id. ,i 19(a)). In the Letter, Schulte stated that the CIA Group management had unfairly “veiled” CIA leadership from various of Schulte’s “concerns about the network security of the CIA Group’s LAN” and that “[t]hat ends now. From this moment forward you can no longer claim ignorance; you can no longer pretend that you were not involved.” (Id. ~ 19(a)(ii)). The Letter also stated that Schulte was resigning because management had “‘ignored'” issues he had raised about ‘”security concerns,”‘ including that the LAN was ‘”incredibly vulnerable’ to the theft of sensitive data.” (Id. ~ 19(a)(iii)). In particular, Schulte stated that the “inadequate CIA security measures had ‘left [the CIA Group’s LAN] open and easy for anyone to gain access and easily download [from the LAN] and upload [sensitive CIA Group computer code] in its entirety to the [public] internet.”‘ (Id.~ 19(a)(iv)).

[snip]

However, on November 10, 2016, Schulte’s last day at the CIA, Schulte sent an internal email to the CIA’s Office of Inspector General (“OIG”), which Schulte marked “Unclassified,” advising that he had been in contact with the U.S. House of Representatives’ Permanent Select Committee on Intelligence regarding his complaints about the CIA (the “OIG Email”). (Id ~ 19(c)). The OIG Email raised many of the same complaints in the Letter, including “the CIA’s treatment of him and its failure to address the ‘security concerns’ he had repeatedly raised in the past.” (Id ~ 19(c)(i)). Although Schulte had labeled the OIG Email “Unclassified,” the CIA determined that the OIG Email did in fact contain classified information. (Id.~ 19(c)(iii)). Schulte nevertheless printed and removed the email from the CIA when he left that day. (Id ~ 19( c )(ii)).

As the government response notes, the affidavit describes that Schulte never actually sent the resignation letter.

Agent Donaldson noted that Schulte did not appear to send the Letter. (Id. ~ 19(b)).

A later discussion of the resignation letter as part of a summary of the probable cause against Schulte goes still further, claiming that there is no record that Schulte raised security concerns with CIA management (which is presumably one reason he asked for all his emails).

(iv) drafted a purported “resignation email,” in which he claimed essentially that he had warned CIA management about security concerns with the LAN7 that were so significant that the LAN’s contents could be posted online–precisely what happened four months later (see id. ,r 19);

7 There is no record of Schulte reporting any such security concerns to CIA management.

The government makes Schulte’s allegedly false claim to have raised concerns about the security of the CIA tools a key part of its short summary of the probable cause against Schulte, insinuating that Schulte wrote both the resignation letter and the letter to the IG (which he wrote five and six months, respectively, after the government alleges he stole the files) as a way to create a cover story for the leaked documents.

Thus, even if the Covert Affidavit was rewritten to Schulte’s (incorrect) specifications, it would still establish probable cause by showing that Schulte was a CIA employee with a grudge against the CIA and a track record of improperly accessing and taking classified information, who left the CIA claiming that classified information from the LAN would one day be sprayed across the Internet and who worried about the investigation when his “prophecy” came to pass.

Of course, the government — especially intelligence agencies like the NSA and CIA — always dismiss the claims to be whistleblowers of leakers. The CIA claimed Jeffrey Sterling only leaked details of the Merlin operation because he was disgruntled about an EEOC complaint they had denied. NSA denied that Edward Snowden had raised concerns — first at CIA about its security, then at NSA about the boundaries of EO 12333 and Section 702. In the former case, however, the government knows of at least three other people who thought Sterling’s concerns had merit, and the actual details around Merlin’s own activities were a clusterfuck. In the latter, even a really problematic HPSCI report acknowledges that both incidents occurred, and NSA ultimately released enough of the backup to show that the NSA undersold the latter instance (though Snowden’s claims were not as substantive as he claimed).

Thus far, Schulte has presented no such counterevidence (indeed, the docket does not show his team submitted a reply to the government’s response before their August 16 deadline, though a reply could be held up in classification review). [Update: This letter asking to sever the MCC charges from the WikiLeaks charges says they’re still working on their replies.]

There may be a very good reason why Schulte’s defense didn’t go there: because one of the lies the government claims he told to FBI Agents on March 20 and 21, 2017 involves making CIA systems more vulnerable to the theft of data.

On or about March 20 and 21, 2017, Schulte … denied ever making CIA systems vulnerable to the theft of data.

Aside from this mention, this allegation doesn’t otherwise appear in public documents I’m aware of. But the implication is that before Schulte wrote two documents that — the government claims — served to establish a cover story claiming he leaked the documents because CIA’s server was vulnerable to theft, he tampered with the CIA’s server to make it more vulnerable to theft.

There actually is evidence that the server was vulnerable to theft. In Crotty’s opinion, he overruled the government’s effort to withhold some internal reports on the leak under CIPA. He explained,

These documents [redacted] might help Schulte advance a theory that DevLAN’s vulnerabilities could have allowed someone else to have taken the leaked data. They also support the defense’s theory that Schulte’s behavior while an employee of the CIA was consistent with someone who was trying to help the agency address security flaws, rather than someone who was a disgruntled employee.

That’s why it’d be worthwhile for Bellovin to have access to the server directly: to test not just how vulnerable the servers really were (I bet he’d be willing to help improve their security along the way!), but also to test himself whether there’s any evidence that someone besides Schulte exploited those vulnerabilities.

The government’s reliance on CIPA in this case is an attempt to try Schulte for an unbelievably sensitive leak without (as Crotty laid out) giving him opportunity to leak some more.

But the case goes beyond Schulte’s actions, to implicate WikiLeaks’ actions (court filings make it clear that WikiLeak’s claims around this leak were false in another manner, one which I’m not describing at the government’s request). And while details of CIA’s unexceptional hacking program are useful for researchers to have, it would matter if the stated rationale for releasing them was bullshit manufactured after the fact. That’s all the more true if WikiLeaks — which used to boast its perfect record on verification — knew the claim to be false, particularly given how and when it released these files, with an attempt to extort the US government and in the wake of the Russian hacks, at a time CIA would have needed these tools to prevent follow-ups.

Three months after Schulte’s trial (if this does go to trial), the government will be embroiled in attempting to extradite Julian Assange under charges that are rightly being attacked as an assault on the press. The government is never going to reveal all it knows about Assange (including, pertinent to this case, whether there’s any evidence Assange used some of the CIA’s own tools for his own benefit). Bellovin, if he were permitted to review the CIA server, would never be in a position to reveal what he learned; but his role in this case provides a rare opportunity for a trusted outsider to weigh in on a controversial case.

Effectively, a guy who authored CIA’s obfuscation tool and purportedly planned an information war from jail — complete with fake FBI and CIA personas — may have created the vulnerability he claimed to be exposing by leaking the files. If Bellovin were able to test that possibility, it would go a long way to shift an understanding about WikiLeaks recent intentions with the US government.

DOJ Says It Never Offered Accused Vault 7 Leaker Joshua Schulte a Plea Deal

/7 Comments/in , /by

As the Joshua Schulte prosecution has inched along against the backdrop of the Julian Assange indictment, I’ve heard chatter about his plans: that the two sides might prosecute the child porn charges and leave the leak untried; that the government was trying to get him to cooperate against Assange.

In the former case, the opposite now seems more likely. Last week, Judge Paul Crotty granted Schulte’s motion to sever his child porn and copyright charges from his Espionage ones. But the minute order states that the Espionage charges will be tried first, in November, with the child porn charges tried some time after that. That’s true, even though the Espionage charges are far more complex to try than the child porn ones. If the government wanted to use the child porn charges to put Schulte away indefinitely and avoid the difficulties of an Espionage trial, they’d try those first. (Update: at the hearing where this was decided, the defense said they wanted the Espionage trial to go first, and all other parties agreed.)

As to the latter, Schulte himself has sown the belief he was being offered a plea deal. In one version of his “Presumption of Innocence” blog, for example, he claimed (falsely, given the warrants he himself released) the government never obtained any evidence implicating him in the leak, and was just pursuing the child pornography charges to “break” him so he’ll cooperate against WikiLeaks.

I’m arrested and charged with a crime that had nothing to do with the initial search warrant and that I was completely innocent. The U.S. Attorney unethically and immorally misleads the court regarding what the initial investigation was about, when they found the illicit materials, and the fact that they did not think I was involved for 5 months until their initial investigation came up empty. I’m denied bail and thrown into prison immediately and they use the situation as leverage telling my attorney every day that he can make this huge embarrassment and misunderstanding all go away if only I would agree to cooperate on the WikiLeaks investigation and admit to it. They admit, unabashedly that these entire charges are nothing more than a ruse, an attempt at leverage to break me.

A version of this claim was repeated in a piece the Intercept did yesterday claiming to track how (a select group of) leakers got identified by the FBI.

Of the four Espionage Act cases based on alleged leaks in the Trump era, the most unusual concerned Joshua Schulte, a former CIA software developer accused of leaking CIA documents and hacking tools known as the Vault 7 disclosures to WikiLeaks. Schulte’s case is different from the others because, after the FBI confiscated his desktop computer, phone, and other devices in a March 2017 raid, the government allegedly discovered over 10,000 images depicting child sexual abuse on his computer, as well as a file and chat server he ran that included logs of him discussing child sexual abuse images and screenshots of him using racist slurs. Prosecutors initially charged Schulte with several counts related to child pornography and later with sexual assault in a separate case, based on evidence from his phone. Only in June 2018, in a superseding indictment, did the government finally charge him under the Espionage Act for leaking the hacking tools. He has pleaded not guilty to all charges.

Schulte was identified as the suspect just like all the other people profiled in the story were: because he was one of the few people who had access to the files that got leaked and his Google searches mapped out a damning pattern of research involving the leak, among other things. In his case, WikiLeaks itself did several things to add to the evidence he was the source. It is true that Schulte was charged with the porn charges first and that it took 15 months for the government to ultimately charge the leak, but the theory of Schulte’s role in the leak has remained largely unchanged since a week after the first files were dropped.

Schulte again suggested he might get a plea deal in his lawsuit against then Attorney General Jeff Sessions for imposing Special Administrative Measures against him when he raised 5K1 letters that might allow someone to avoid mandatory minimum sentencing.

But in last week’s opposition to Schulte’s motion to suppress most of the warrants against him — including some on the grounds that they relied on poisonous fruit of attorney-client privileged material — the government denies ever offering a plea deal.

Schulte claims that the FBI read his thoughts on severance (which the Government has consented to) or a plea offer (which the Government has not made), but none of those “thoughts” are referenced in any subsequent search warrant.

The claim that the government left unredacted a reference to Schulte’s views on a plea deal does not appear in the unredacted version of Schulte’s motion to suppress, but given his lawyers’ claim that his journals were intended to be a discussion of his legal remedies, it may be an attempt to suppress the Presumption of Innocence notes cited above (even though Schulte made the same notes public).

Mr. Schulte’s narrative writings and diary entries contain information he “considered to be relevant to his potential legal remedies.”

There’s lot of room for a discussion short of a plea offer that might be true even given the government claim that “the Government has not made” any offer (such as that one of the series of attorneys who have represented Schulte has recommended that he seek a deal).

But the detail is particularly interesting given the timing of his trial and something the government claimed the last time Chelsea Manning and her lawyers tried to get her out of jail. It insisted they want Manning’s testimony for subjects and charges not included in Assange’s current indictment, and said the submission of the extradition request against Assange does not preclude future charges based on those offenses.

As the government’s ex parte submissions reflect, Manning’s testimony remains relevant and essential to an ongoing investigation into charges or targets that are not included in the superseding indictment. See Gov’t’s Ex Parte Mem. (May 23, 2019). The offenses that remain under investigation are not time barred, see id., and the submission of the government’s extradition request in the Assange case does not preclude future charges based on those offenses, see Gov’t’s Supplement to Ex Parte Mem. (June 14, 2019).

Barring a delay because of Classified Intelligence Protect Act proceedings, Schulte will face trial on the Espionage charges in November, three months before the next hearing in Assange’s extradition. And while there’s no hint in Schulte’s case that WikiLeaks played a role in the front end of Schulte’s alleged leak, there’s abundant evidence that they continued to cooperate with him in the aftermath and even in the initial release itself. Indeed, that’s some of the most damning evidence against Schulte.

Schulte seems to think he could cooperate against Assange and face lesser charges. If the government told the truth last week, he may have little prospect to diminish what would amount to a life sentence if he’s found guilty.

Joshua Schulte Keeps Digging: His Defensible Legal Defense Continues to Make a Public Case He’s Guilty

/5 Comments/in , , /by

To defend him against charges of leaking the CIA’s hacking tools to WikiLeaks, Sabrina Shroff has made it clear that Joshua Schulte is the author of the CIA’s lies about its own hacking.

In a motion to suppress all the earliest warrants against Schulte submitted yesterday, Shroff makes an unintentionally ironic argument. In general, Shroff (unpersuasively) argues some things the government admitted in a Brady letter sent last September are evidence of recklessness on the part of the affiant on those earliest warrants, FBI Agent Jeff Donaldson. She includes most of the items corrected in the Brady letter, including an assertion Donaldson made, on March 13, 2017, that Schulte’s name did not appear among those published by WikiLeaks: “The username used by the defendant was published by WikiLeaks,” the prosecutors corrected the record in September 2018. To support a claim of recklessness, Schroff asserted in the motion that someone would just have to search on that username on the WikiLeaks site to disprove the initial claim.

Finally, the Brady letter explained that a key aspect of the affidavit’s narrative—that Mr. Schulte was the likely culprit because WikiLeaks suspiciously did not publicly disclose his identity—was false. Mr. Schulte’s identity (specifically, his computer username “SchulJo”) was mentioned numerous times by WikiLeaks, as a simple word-search of the WikiLeaks publication would have shown. See Shroff Decl. Exh. F at 7

If you do that search on his username — SchulJo — it only readily shows up in one file, the Marble Framework source code.

That file was not released until March 31, 2017. So the claim that Schulte’s name did not appear in the WikiLeaks releases was correct when Donaldson made it on March 13. That claim — like most of the ones in the Brady letter — reflect the incomplete knowledge of an ongoing investigation, not recklessness or incompetence (Schulte has written elsewhere that he believed the FBI acted rashly to prevent him from traveling to Mexico, which given other details of this case — including that he hadn’t returned his CIA diplomatic passport and snuck it out of his apartment when the FBI searched his place, they were right to do).

By sending her reader to discover that Schulte’s name appears as the author of the Marble Framework, she makes his “signature” that of obfuscation — hiding who actually did a hack.

Marble is used to hamper forensic investigators and anti-virus companies from attributing viruses, trojans and hacking attacks to the CIA.

Marble does this by hiding (“obfuscating”) text fragments used in CIA malware from visual inspection.

[snip]

The source code shows that Marble has test examples not just in English but also in Chinese, Russian, Korean, Arabic and Farsi. This would permit a forensic attribution double game, for example by pretending that the spoken language of the malware creator was not American English, but Chinese, but then showing attempts to conceal the use of Chinese, drawing forensic investigators even more strongly to the wrong conclusion, — but there are other possibilities, such as hiding fake error messages.

Marble was one of the files WikiLeaks — and DNC hack denialists — would point to to suggest that CIA had done hacks (including the DNC one) and then blamed them on Russia. In other words, in her attempt (again, it is unpersuasive) to claim that FBI’s initial suspicions did not reach probable cause, she identifies Schulte publicly not just with obfuscation about a breach’s true culprits, but with the way in which the Vault 7 leak — ostensibly done out of a whistleblower’s concern for CIA’s proliferation of weapons — instead has served as one prong of the propaganda covering Russia’s role in the election year hack.

That’s just an ironic effect of Shroff’s argument, not one of the details in yesterday’s releases that — while they may legally serve to undermine parts of the case against her client — nevertheless add to the public evidence that he’s not only very likely indeed the Vault 7 culprit, but not a terribly sympathetic one at that.

Back when FBI first got a warrant on Schulte on March 13, 2017, they had — based on whatever advanced notice they got from Julian Assange’s efforts to use the files to extort a pardon from the US government and the week of time since WikiLeaks had released the first and to that date only set of files on March 7 — developed a theory that he was the culprit. The government still maintains these core details of that theory to be true (this Bill of Particulars Schulte’s team released yesterday gives a summary of the government’s theory of the case as of April 29):

  • The files shared with WikiLeaks likely came from the server backing up the CIA’s hacking tools, given that the files included multiple versions, by date, of the files WikiLeaks released
  • Not that many people had access to that server
  • Schulte did have access
  • Not only had Schulte left the CIA in a huff six months before the WikiLeaks release — the only  person known to have had access to the backup server at the time who had since left — but he had been caught during the period the files were likely stolen restoring his own administrator privileges to part of the server after they had been removed

But, after it conducted further investigation and WikiLeaks published more stolen files, the government came to understand that several other things that incriminated Schulte were not true.

[T]he government appears to have abandoned the central themes of the March 13 affidavit: namely, that the CIA information was likely stolen on March 7–8, 2016, that Mr. Schulte was essentially “one of only three people” across the entire CIA who could have taken it, and that WikiLeaks’s supposed effort to conceal his identity was telltale evidence of his culpability

There’s no indication, however, that Donaldson was wrong to believe what he did when he first obtained the affidavit; Shroff claims recklessness, but never deals with the fact that the FBI obtained new evidence. Moreover, for two of the allegations that the government later corrected — the date the files were stolen and the number of people who had access to the server, Donaldson admitted those were preliminary conclusions in his initial affidavit (which Shroff doesn’t acknowledge):

It is of course possible that the Classified Information was copied later than March 8, 2016, even though the creation/modification dates associated with it appear to end on March 7, 2016.

[snip]

Because the most recent timestamp on the Classified Information reflects a date of March 7, 2016, preliminary analysis indicates that the Classified Information was likely copied between the end of the day on March 7 and the end of the day on March 8.

[snip]

It is, of course, possible that an employee who was not a designated Systems Administrator could find a way to gain access to the Back-Up Server. For example, such an employee could steal and use–without legitimate authorization–the username and password of a designated Systems Administrator. Or an employee lacking Systems Administrator access could, at least theoretically, gain access to the Back-Up Server by finding a “back- door” into the Back-Up Server.

Between the two corrections, the revised information increases the number of possible suspects from two to five, out of 200 people who would have regular access to the files. A footnote to a later affidavit (PDF 138) describes that on April 5, 2017, FBI received information that suggested the number might be higher or lower. (I suspect Schulte argued in a classified filing submitted yesterday that even more people could have accessed it, not least because he has been arguing that in his various writings posted to dockets and other things,)

But, even though the Brady letter corrects the dates on which Schulte reinstated his administrator privileges for the Back-Up server slightly (he restored his own access on April 11, not April 14, which is when his managers discovered he had done so), Shroff only addresses his loss of privileges as innocent, without addressing that he got that access back on his own improperly.

More importantly, the motion doesn’t address, at all, that Schulte kicked everyone else off one of his programs, the Brutal Kangaroo tool used to hack air gapped networks using thumb drives. Nor does it address allegations against Schulte made in August 2016 as part of his clearance review, including that his demeanor changed for the worse around February 2016, he might be “subject to outside coercion,” and he tended not to abide by “guidelines concerning when and what kinds of media or data (such as external drives) could be connected or uploaded to CIA computer systems.” There are other details in the affidavit — such as Schulte’s attempt to learn what his former colleagues knew of the investigation — that support probable cause too (these may be among the things Shroff addresses in a classified filing).

That is, the probable cause that Schulte was the culprit was pretty strong even with the errors in the original affidavit, and none of the errors suggests malice or incompetence or even the recklessness Shroff alleges.

Shroff is right that the March 13 affidavit doesn’t offer as much probable cause to tie Schulte’s home to the crime; but that’s the magistrate’s fault and fairly standard for computer crimes, not the FBI’s. Shroff obscures the effect of FBI obtaining a second warrant to actually search the 150 storage media and computer devices they found in his home (a list of what they seized starts on PDF 116), as well as a second warrant to obtain child porn.

It is also true, as the defense argues, that the evidence to search for child porn was thin. But given that the government had a warrant to search the computer in question, and given precedents about child porn, that may not matter (though I think it is more likely to succeed than the rest of this). In any case, by the time of the main searches on child porn, three different magistrates had signed off on these searches.

This is a totally understandable attempt to get some of this evidence suppressed. But along the way the affidavits released yesterday provide a slew of damaging new details such as:

  • Schulte conducted a ton of searches on Google in April 2016 about detecting USB insertion, copying big files, deleting files, preventing other admins from seeing what someone was doing on a LAN
  • Schulte made a snapshot of (part of?) the LAN on April 20, 2016
  • In early May, Schulte researched how to use Tor and Tails, which the government alleges he used to send the files
  • On August 4, 2016 — the day after Snowden sent this tweet — Schulte did a Google search for WikiLeaks for the first time ever (note, I believe the Snowden tweet may have been preparation for the misleading IG report on him released the following month)

  • Between then and March 7, Schulte searched on WikiLeaks over 20 more times, reading hundreds of articles on it; but he didn’t visit WikiLeaks for the first time until March 7, 2017, the first day the files posted; he also searched for that Snowden tweet

In short, just Schulte’s Google searches alone provide very strong evidence that he’s the Vault 7 leaker. Which explains why his attorneys are making what will probably be an unsuccessful attempt to claim the Google searches were overly broad and lacked probable cause (something Schulte wrote elsewhere seems to reflect that he has been told this will be treated under a Good Faith exception).

Schulte has been trying to disclose all these materials for over a year. But they really don’t help his case.

US Government Reveals It Has Video Evidence of Joshua Schulte Sharing Classified Information as Ecuador Restricts Assange’s Legal Visits

/36 Comments/in , , , /by

In a letter sent Thursday to Paul Crotty, the judge in the case of alleged Vault 7 WikiLeaks source, Joshua Schulte, prosecutors described the investigation conducted when, “in or about early October 2018,” they discovered he had been communicating clandestinely with third parties outside of the Metropolitan Corrections Center, where he has been held since December. They described discovering a truly stupendous amount of communications gear to store in a jail cell, amounting to multiple cell phones and other devices, from which Schulte was running 13 email and social media accounts.

In or about early October 2018, the Government learned that Schulte was using one or more smuggled contraband cellphones to communicate clandestinely with third parties outside of the MCC. The Government and the FBI immediately commenced an investigation into Schulte’s conduct at the MCC. That investigation involved, among other things, the execution of six search warrants and the issuance of dozens of grand jury subpoenas and pen register orders. Pursuant to this legal process, in the weeks following the Government’s discovery of Schulte’s conduct at the MCC, the FBI has searched, among other things, the housing unit at the MCC in which Schulte was detained; multiple contraband cellphones (including at least one cellphone used by Schulte that is protected with significant encryption); approximately 13 email and social media accounts (including encrypted email accounts); and other electronic devices.

Now, the prosecutors use that word “encrypted” twice, as if it means extra spooky, but these days, a cellphone with significant encryption could mean an iPhone (though in jail Schulte might be able to get state of the art spook or crook phones) and “encrypted email accounts” often means ProtonMail.

In any case, that’s a whole lot of legal process for a one month investigation of someone sitting in a jail cell (Schulte was moved to solitary when the investigation started on October 1), but then Schulte allegedly had a shit-ton of hardware. The 6 search warrants were presumably used for Schulte’s devices, and the “dozens of grand jury subpoenas and pen registers” would probably have been used for those email and social media accounts, perhaps with both used for each account (I have a working theory that for encrypted comms it may take more than one pen register to get the data).

Schulte was using all this hardware and software, according to the prosecutors, to — among other things — do two things: send details about the search warrants to investigate him, as well as yet more classified information, to third parties.

As a result of these searches and other investigative steps, the Government discovered that Schulte had, among other things, (i) transmitted classified information to third parties, including by using an encrypted email account, and (ii) transmitted the Protected Search Warrant Materials to third parties in direct contravention of the Court’s Protective Order and the Court’s statements at the May 21 conference.

The prosecutors included a superseding indictment with their letter, adding two extra counts to his already life sentence-threatening indictment: a new Count Eleven, which is contempt of court for blowing off the protective order covering his search warrant starting in April, and a new Count Four, which is another count of transmitting and attempting to transmit unlawfully possessed national defense information (793(e)) during the period he has been in MCC.

With regards to Count Eleven, on Monday a letter Schulte sent to Judge Crotty that was uploaded briefly to PACER (I believe this is the third time Schulte has succeeded in getting such letters briefly uploaded to the docket), revealing that he had been moved to solitary, but also complaining about corrections the government had made to his original search warrant:

I beg you Judge Crotty to read the first search warrant affidavit and the government’s Brady letter; the FBI outright lied in that affidavit and now acknowledge roughly half of these lies. Literally, they [sic] “error” on seeing dates of 3/7 where there were only 3/2 dates and developing their entire predicate based on fallacious reasoning and lies. They “error” in seeing three administrators where there were “at least 5” (ie. 10). They [sic] “error” in where the C.I. was stolen who had access, and how it could be taken — literally everything.

While I absolutely don’t rule out the government either focused on Schulte back in March 2017 for reasons not disclosed in the search warrant application, or that they parallel constructed the real reasons badly (both of which would be of significant interest, but both of which his very competent public defender can deal with), the docket suggests the Vault 7 case against him got fully substantiated after the porn case, perhaps because of the stuff he did last year on Tor that got him jailed in the first place. As I noted, that Tor activity closely followed one of Julian Assange’s more pubic extortion attempts using the Vault 8 material Schulte is accused of sharing, though Assange has made multiple private extortion attempts both before and since.

Which brings me to the second new charge, transmitting and attempting to transmit national defense information to a third party, with a time span of December 2017 to October 2018. Effectively, the government claims that even after Schulte was jailed last December, he continued to share classified information.

I’m particularly interested in the government’s use of “attempted” in that charge, not used elsewhere. The time period they lay out, after all, includes a period when Ecuador restricted Julian Assange’s communication. Effectively, the government revealed on Wednesday that they have video evidence of Schulte sharing classified information with … someone.

Meanwhile, in the Ecuadoran embassy in London, things have been heating up between Assange and his hosts.

About halfway through the period after which Schulte had been put into solitary so the government could investigate a bunch of communications devices they claim they didn’t know about before around October 1, Ecuador announced what seemed to be a relaxation of restrictions on Assange, but actually was more of an ultimatum. He could have visitors, but first they’d have to apply 3 days in advance and supply their social media handles and identifying details for any devices they wanted to bring with them. Assange, too, has to register all his devices, and only use Ecuador’s wifi. If anyone uses unapproved devices, they’ll be deemed a security threat to Ecuador under the protection of the UK, basically giving the UK reason to prosecute them to protect Ecuador. Assange has to have regular medical exams; if he has a medical emergency, he’ll be treated off site. Starting on December 1, he has to start paying for food and other supplies. He has to start cleaning up the joint. He has to start taking care of his cat.

Assange immediately sued over the new rules. But he lost that suit on Monday. But even as he appeals that verdict, according to Courage Foundation, Ecuador has restricted even legal visits, something that hadn’t been the case before. Those restrictions appear to have been put in place on Wednesday, the same day the new Schulte charges were rolled out. They’ll remain in place until Monday.

A piece by Ryan Goodman and Bob Bauer renewed discussion this morning about the First Amendment limits on suing or prosecuting WikiLeaks for conspiring with Russia to swing the 2016 election; I hope to respond to it later, but wrote about the same lawsuit in this post. I think their view dangerously risks political journalism.

But I also think that you don’t necessarily need to charge WikiLeaks in the conspiracy to sustain a conspiracy charge; you can make them unindicted co-conspirators, just like Trump would be. I have long noted that you could charge Assange, instead, for his serial attempts to extort the United States, an effort that has gone on for well over 18 months using the very same files that Schulte is alleged to have leaked to WikiLeaks (extortion attempts which may also involve Roger Stone). Assange has accomplished those extortion attempts, in part, with the assistance of his lawyers, who up until this week (as far as I understand from people close to Assange) were still permitted access to him.

Say. Have I observed yet that these events are taking place in the last days before Mueller’s election season restrictions end?

As I disclosed in July, I provided information to the FBI on issues related to the Mueller investigation, so I’m going to include disclosure statements on Mueller investigation posts from here on out. I will include the disclosure whether or not the stuff I shared with the FBI pertains to the subject of the post.