Two Days Before MIT and Cambridge Cops Arrested Aaron Swartz, Secret Service Took Over the Investigation

/83 Comments/in /by

The public story of Aaron Swartz’ now-tragic two year fight with the Federal government usually starts with his July 19, 2011 arrest.

But that’s not when he was first arrested for accessing a closet at MIT in which he had a netbook downloading huge quantities of scholarly journals. He was first arrested on January 6, 2011 by MIT and Cambrige, MA cops.

According to a suppression motion in his case, however two days before Aaron was arrested, the Secret Service took over the investigation.

On the morning of January 4, 2011, at approximately 8:00 am, MIT personnel located the netbook being used for the downloads and decided to leave it in place and institute a packet capture of the network traffic to and from the netbook.4 Timeline at 6. This was accomplished using the laptop of Dave Newman, MIT Senior Network Engineer, which was connected to the netbook and intercepted the communications coming to and from it. Id. Later that day, beginning at 11:00 am, the Secret Service assumed control of the investigation. [my emphasis]

In fact, in one of the most recent developments in discovery in Aaron’s case, the government belatedly turned over an email showing Secret Service agent Michael Pickett offering to take possession of the hardware seized from Aaron “anytime after it has been processed for prints or whenever you [Assistant US Attorney Stephen Heymann] feel it is appropriate.” Another newly disclosed document shows the Pickett accompanied the local cops as they moved the hardware they had seized from Aaron around.

According to the Secret Service, they get involved in investigations with:

  • Significant economic or community impact
  • Participation of organized criminal groups involving multiple districts or transnational organizations
  • Use of schemes involving new technology

Downloading scholarly articles is none of those things.

A lot of people are justifiably furious with US Attorney Carmen Ortiz and AUSA Heymann’s conduct on this case.

But the involvement of the Secret Service just as it evolved from a local breaking and entry case into the excessive charges ultimately charged makes it clear that this was a nationally directed effort to take down Swartz.

MIT’s President Rafael Reif has expressed sadness about Aaron’s death and promised an investigation into the university’s treatment of Aaron. I want to know whether MIT–which is dependent on federal grants for much of its funding–brought in the Secret Service.

Will NYT’s Ombud Encourage a NYT Pre-Sentencing Memo for Bradley Manning, Too?

/9 Comments/in , , , /by

When I first read Scott Shane’s long profile of John Kiriakou, I thought, “how interesting that the NYT is doing a piece that exposes the government’s double standards just in time for the sentencing of Kiriakou, one of their sources.”

That’s not to say I’m not glad to see the piece: the profile did more to raise the scandal of Kiriakou’s prosecution than just about anything short of a 60 Minutes piece might.

And I’m much less interested in Shane’s references to his own role in Kiriakou’s indictment

Mr. Kiriakou first stumbled into the public limelight by speaking out about waterboarding on television in 2007, quickly becoming a source for national security journalists, including this reporter, who turned up in Mr. Kiriakou’s indictment last year as Journalist B.

[snip]

After Mr. Kiriakou first appeared on ABC, talking with Brian Ross in some detail about waterboarding, many Washington reporters sought him out. I was among them. He was the first C.I.A. officer to speak about the procedure, considered a notorious torture method since the Inquisition but declared legal by the Justice Department in secret opinions that were later withdrawn.

Then I am by this passage.

In 2008, when I began working on an article about the interrogation of Khalid Shaikh Mohammed, I asked him about an interrogator whose name I had heard: Deuce Martinez. He said that they had worked together to catch Abu Zubaydah, and that he would be a great source on Mr. Mohammed, the architect of the Sept. 11 attacks.

He was able to dig up the business card Mr. Martinez had given him with contact information at Mitchell Jessen and Associates, the C.I.A. contractor that helped devise the interrogation program and Mr. Martinez’s new employer.

Mr. Martinez, an analyst by training, was retired and had never served under cover; that is, he had never posed as a diplomat or a businessman while overseas. He had placed his home address, his personal e-mail address, his job as an intelligence officer and other personal details on a public Web site for the use of students at his alma mater. Abu Zubaydah had been captured six years earlier, Mr. Mohammed five years earlier; their stories were far from secret. [my emphasis]

As I have mapped out before, the indictment strongly suggests that Kiriakou was Shane’s source for Martinez’ phone number, and with that suggestion, implies that Shane got Martinez’ identity from Kiriakou rather than one of the 23 other sources he had for the article.

With this passage, Shane rebuts what would have been a key point at trial (and may help Kiriakou in his sentencing). At least according to Shane, he not only learned of Martinez’ identity before he asked Kiriakou about it, but was able to find Martinez’ home address and email on an alumni network site. (Note, Shane doesn’t address whether Kiriakou was the source for the “magic box” technology discussed in the article, about which Kiriakou was also alleged to have lied to CIA’s Publication Review Board.)

In short, the whole article serves as a narrative pre-sentencing memo, offering a range of reasons why Kiriakou should get less than the 30 months his plea deal currently recommends.

Read more

No Easy Day, WikiLeaks, and Mitt’s 47%: Three Different Approaches to Illicitly-Released Information

/8 Comments/in , , , , /by

[youtube]nYXXkOLgMqQ[/youtube]

Last week, DOD issued a guidance memo instructing DOD personnel what they are–and are not–permitted to do with the Matt Bissonnettte book, No Easy Day, that they claim has sensitive and maybe even classified information. DOD personnel,

  • are free to purchase NED;
  • are not required to store NED in containers or areas approved for the storage of classified information, unless classified statements in the book have been identified;
  • shall not discuss potentially classified and sensitive unclassified information with persons who do not have an official need to know and an appropriate security clearance;
  • who possess either firsthand knowledge of, or suspect information within NED to be classified or sensitive, shall not publically speculate or discuss potentially classified or sensitive unclassified information outside official U.S. Government channels (e.g., Chain-of-Command, Public Affairs, Security, etc.);
  • are prohibited from using unclassified government computer systems to discuss potentially classified or sensitive contents ofNED, and must not engage in online discussions via social networking or media sites regarding potentially classified or sensitive unclassified information that may be contained in NED.

The memo points to George Little’s earlier flaccid claims that the book contains classified information as the basis for this policy, even though those claims fell far short of an assertion that there was actually classified information in the book.

The strategy behind this policy seems to be to accept the massive release of this information, while prohibiting people from talking about what information in the book is classified or sensitive–or even challenging Little’s half-hearted claim that it is classified. Moreover, few of the people bound by this memo know what the President insta-declassified to be able to tell his own version of the Osama bin Laden raid, so the memo also gags discussions about information that has likely been declassified, not to mention discussions about the few areas where Bissonnette’s version differs from the Administration’s official version.

Still, it does let people access the information and talk about it generally.

Compare that policy with the Administration’s three-prong approach to WikiLeaks information:

  • Government employees cannot discuss–and are not supposed to consult at all–WikiLeaks cables. The treatment of Peter Van Buren for–among other things–linking to some WikiLeaks cables demonstrates the lengths to which the government is willing to go to silence all discussion of the cables. (Though I imagine the surveillance of social media will be similar to enforce the DOD guidance.)
  • Gitmo lawyers not only cannot discuss material–like the dodgy intelligence cable that the government used to imprison Latif until he died of still undisclosed causes or the files that cite tortured confessions to incriminate other detainees–released by WikiLeaks unless the press speaks of them first. But unlike DOD personnel who do not necessarily have a need to know, Gitmo lawyers who do have a need to know couldn’t consult WikiLeaks except in closely controlled secure conditions.
  • The Government will refuse to release cables already released under FOIA. While to some degree, this strategy parallels the DOD approach–whereas the NED policy avoids identifying which is and is not classified information, the WikiLeaks policy avoids admitting that cables everyone knows are authentic are authentic, the policy also serves to improperly hide evidence of illegal activity through improper classification.

Now, one part of the Administration’s logic behind this approach to purportedly classified information (thus far without the legal proof in either case, or even a legal effort to prove in the case of Bissonnette) is to limit discussion of information that was allegedly released via illegal means. Read more

With What Databases Has NCTC Cross-Referenced with FBI’s 12 Million iDevice User IDs?

/29 Comments/in , /by

Update, 6/13/13: For those coming to this via my Twitter link, subverzo reminded me that this turned out to be a false claim. The data came from an Apple developer, not from FBI. 

Sorry for the confusion.

As you may have heard, Anonymous and AntiSec hacked into a database of 12 million Apple Universal Device IDs that were in an FBI officer’s laptop and released 1 million of them, ostensibly so some people could identify if their device was one of those FBI was tracking.

They claimed to have tapped into a Dell laptop owned by Special Agent Christopher K. Stangl, an FBI cyber security expert. They downloaded several files, including one that contained “12,367,232 Apple iOS devices including Unique Device Identifiers (UDID)” and other personal information, they wrote in a text file published online. “[The] personal details fields referring to people appears many times empty leaving the whole list incompleted [sic] on many parts. no other file on the same folder makes mention about this list or its purpose.”

While it’s not immediately clear what the FBI is doing with the Apple UDIDs and detailed information on device owners, Gizmodo pointed out that the acronym “NCFTA” could stand for the National Cyber-Forensics & Training Alliance, a nonprofit that acts as an information-sharing gateway between private industry and law enforcement.

These are unique identifiers for things like iPhones and iPads that have long presented the risk of tying someone’s identity to an individual device.

There are multiple ways FBI could have collected this information–either using an NSL or Section 215 request or an insecure transmissions to an ad or game server. And no one knows how the FBI was using it. Whatever you think about Anonymous, we may finally learn more about how the government is tracking geolocation.

But here’s one other concern. Assuming that’s an official FBI database, not only the FBI has it, but also the National Counterterrorism Center. And they’ve got access to whatever federal databases they want to cross-check with existing counterterrorism databases. And one of the few checks we have on the use of our data in this way is a Privacy Act SCOTUS just watered down.

This is a massive amount of data the government likely has no good excuse for having collected, much less used. But it’s likely just one tip of a very big iceberg.

DOD to Give Penguin the WikiLeaks Treatment?

/22 Comments/in , , , , /by

As a number of outlets have reported, DOD has written a threatening letter to Matt Bissonnette, the Navy SEAL whose memoir comes out next week.

But I think they’re misunderstanding part of the nature of the threat (though Mark Zaid, a lawyer who has represented a lot of spooks in cases like this one, alludes to it here, which I’ll return to). Here are, in my opinion, the two most important parts of the letter. First, DOD’s General Counsel Jeh Johnson addressed it to Penguin’s General Counsel as the custodian for the pseudonymous writer he makes clear he knows the real identity of elsewhere in the letter.

Mr. “Mark Owen”

c/o Alexander Gigante, Esquire

General Counsel

Penguin Putnam, Inc.

That, by itself, is not a big deal. But it does mean Johnson knows Penguin’s GC will read this letter.

More importantly, here’s how Johnson ended the letter:

I write to formally advise you of your material breach and violation of your agreements, and to inform you that the Department is considering pursuing against you, and all those acting in concert with you, all remedies legally available to us in light of this situation. [my emphasis]

That is, DOD is also considering legal remedies against “those acting in concert” with Bissonnette.

As far as we know, the only people acting in concert with Bissonnette are at Penguin’s imprint of Dutton. Thus, as much as this is a threat to Bissonnette, it’s also a threat to Penguin.

Which would make sense because–as Zaid points out–the government has been trying to push the application of the Espionage Act to those sharing classified information since the AIPAC trial.

Mark Zaid, a lawyer who has represented a variety of former military and intelligence officials in disclosure and leak cases, said the Johnson letter looked like a signal that the Pentagon was “contemplating a test case against the publisher or media for disclosing classified information.”

Read more

The Assange Diplomatic Standoff Exposes Precisely the Same Side of US/UK as WikiLeaks Cables

/38 Comments/in , , /by

everywhere there’s a US post… there’s a diplomatic scandal that will be revealed —Bradley Manning

Yesterday, in anticipation of Ecuador’s imminent (and now announced) official decision to offer Julian Assange, the British sent this letter to the Ecuadorans.

You should be aware that there is a legal basis in the U.K. the Diplomatic and Consular Premises Act which would allow us to take action to arrest Mr. Assange in the current premises of the Embassy.

We very much hope not to get this point, but if you cannot resolve the issue of Mr. Assange’s presence on your premises, this route is open to us.
We understand the importance to you of the issues raised by Mr. Assange, and the strong public pressure in country. But we still have to resolve the situation on the ground, here in the U.K., in line with our legal obligations. We have endeavored to develop a joint text, which helps both meet your concerns, and presentational needs.

Then they sent several vans of police to the Ecuadoran embassy.

In short, the British are threatening to enter the Ecuadoran embassy, purportedly to carry out an extradition for a crime that Assange has not yet been charged with. Actually entering the mission would violate the Vienna diplomatic convention that holds that “The premises of the mission shall be inviolable. The agents of the receiving State may not enter them, except with the consent of the head of the mission.” Craig Murray reports [mirror] that the Brits have decided to do so, in response to American pressure.

I returned to the UK today to be astonished by private confirmation from within the FCO that the UK government has indeed decided – after immense pressure from the Obama administration – to enter the Ecuadorean Embassy and seize Julian Assange.

[snip]

The government’s calculation is that, unlike Ecuador, Britain is a strong enough power to deter such intrusions. This is yet another symptom of the “might is right” principle in international relations, in the era of the neo-conservative abandonment of the idea of the rule of international law.

Read more

Using Pensions to “Punish” “Leaks” Will Subject Clearance Holders to Arbitrary Power

/4 Comments/in , , , , /by

The Senate Intelligence Committee’s new anti-leak laws are the part of the Intelligence Authorization that will generate the most attention. Greg Miller already got Dianne Feinstein to admit there’s no reason to think one of the new provisions–permitting only the most senior intelligence officials to do background briefings–will limit leaks.

Feinstein acknowledged that she knew of no evidence tying those leaks or others to background sessions, which generally deal broadly with analysts’ interpretations of developments overseas and avoid discussions of the operations of the CIA or other spy services.

Another of the provisions–requiring intelligence committee heads to ensure that every sanctioned leak be recorded–ought to be named the Judy Miller and Bob Woodward Insta-Leak Recording Act.

(a) RECORD REQUIREMENT.—The head of each element of the intelligence community shall ensure that such element creates and maintains a record of all authorized disclosures of classified information to media personnel, including any person or entity under contract or other binding agreement with the media to provide analysis or commentary, or to any person or entity if the disclosure is made with the intent or knowledge that such information will be made publicly available.

I’m sure someone can think of some downside to this provision, but I can’t think of it at the moment (which is why Obama will probably find some way to eliminate it). It will end some of the asymmetry and abuse of classification as it currently exists.

In addition, there are a bunch of provisions that are just dumb bureaucracy.

But it’s this one that is deeply troubling. Among the other provisions making nondisclosure agreements more rigorous is a provision that would allow an intelligence community head to take away a person’s pension if they “determine” that an individual violated her nondisclosure agreement.

Read more

What Was the Evidence Supporting the First Strike on Anwar al-Awlaki?

/8 Comments/in , , , /by

According to the William Webster report, the FBI’s understanding about Anwar al-Awlaki’s operational role developed only after the UndieBomb attack.

As of January 7 and June 16, 2009, the FBI knew anwar al-Aulaqi was an anti-American, radical Islamic cleric and the subject of a Tier <redacted> FBI counterterrorism investigation. San Diego believed [<redacted> that Aulaqi was [developing ambitions beyond radicalization] <redacted>. WFO viewed him at that time as merely inspirational. The FBI’s full understanding of Aulaqi’s operational ambitions developed only after the attempted bombing of Northwest Airlines Flight 253 on Christmas Day 2009. [72; emphasis mine]

On December 24, 2009–the day before FBI began to understand Awlaki’s operational ambitions–a JSOC strike in Yemen missed Anwar al-Awlaki.

Dana Priest’s report revealing Awlaki was subsequently added to a JSOC kill list, published three days before Umar Farouk Abdulmutallab started cooperating again with the FBI, claims Awlaki was not the target of that December 24, 2009 strike.

As part of the operations, Obama approved a Dec. 24 strike against a compound where a U.S. citizen, Anwar al-Aulaqi, was thought to be meeting with other regional al-Qaeda leaders. Although he was not the focus of the strike and was not killed, he has since been added to a shortlist of U.S. citizens specifically targeted for killing or capture by the JSOC, military officials said. The officials, like others interviewed for this article, spoke on the condition of anonymity because of the sensitivity of the operations. [my emphasis]

But Ali Abdullah Saleh, speaking with David Petraeus three weeks before Priest’s report, sure seemed to treat Awlaki as one of two targets of the strike.

Saleh praised the December 17 and 24 strikes against AQAP but said that “mistakes were made” in the killing of civilians in Abyan. The General responded that the only civilians killed were the wife and two children of an AQAP operative at the site, prompting Saleh to plunge into a lengthy and confusing aside with Deputy Prime Minister Alimi and Minister of Defense Ali regarding the number of terrorists versus civilians killed in the strike. (Comment: Saleh’s conversation on the civilian casualties suggests he has not been well briefed by his advisors on the strike in Abyan, a site that the ROYG has been unable to access to determine with any certainty the level of collateral damage. End Comment.) AQAP leader Nassr al-Wahishi and extremist cleric Anwar al-Awlaki may still be alive, Saleh said, but the December strikes had already caused al-Qaeda operatives to turn themselves in to authorities and residents in affected areas to deny refuge to al-Qaeda. [my emphasis]

Given that we blamed Saleh for the strike, you have to assume he knew who the targets were. And he seems to suggest that both Wuhayshi and Awlaki were the intended targets.

Read more

DOD’s New Anti-Leak Plan: Turn Michael Vickers into a Blogger

/8 Comments/in , /by

DOD just rolled out its new plan to combat national security leaks. (h/t Jason Leopold) At its core is a “top-down” approach: to have the Under Secretary for Defense of Intelligence, Mike Vickers, to review all major reporting to look for leaks.

To ensure greater accountability and tracking of unauthorized disclosures, Secretary Panetta is directing a new “top down” approach as well.  The Undersecretary of Defense for Intelligence, in consultation with the Assistant Secretary for Public Affairs, will monitor all major, national level media reporting for unauthorized disclosures of defense department classified information.

One one level this seems like a good idea. I mean, I’m a blogger, and I usually have a better idea of who’s leaking than the people overseeing Executive Branch agencies. But hey, I don’t want to shortchange journalists; Walter Pincus performs a nice bit of leak debunkery with this piece, for example.

But there does seem to be one problem with the plan to have Mike Vickers watch for any security breaches. Doesn’t he have a day job? Isn’t he supposed to be watching the Taliban and China and cyberattacks? Have we gotten so paranoid that one of our top intelligence people is going to spend his time watching journalists than watching our military enemies?

On another issue, though, DOD is to be congratulated. Today’s release also revealed that, within the last few months, it has put in place the no-brainer security fixes that it promised in response to the WikiLeaks breach.

Lockdown of removable storage device use on the Defense Secure Network (SIPRNET).  The department has deployed a host-based security system (HBSS) tool to virtually monitor every defense department computer.  HBSS prevents the downloading of information onto removable storage like DVDs, CDs, and memory sticks, with very limited exceptions.  The tool also sends an alarm any time someone tries to write classified information to such removable storage.  For authorized exceptions, the tool audits any downloads of information.

Improved monitoring of DoD networks.  The department issued a cyber identity credential (Public Key Infrastructure certificate) to every person operating on the department unclassified network.  That process is underway for the classified network as well. Department personnel are working with other federal departments and agencies to help them issue the same cyber identity credential to all employees who need to access any of the government’s secret networks.

Improving the auditing of information accesses so as to spot anomalous behavior.  Department information officers are assessing the use of HBSS and other tools to collect and centralize data about information accesses to more quickly improve detection of malicious insiders.

Though of course, DOD promised to impose some controls on removable media in 2008, when someone introduced malware into DOD’s networks via a thumb drive. So after 4 years, DOD should be congratulated for finally closing the Lady Gaga security hole.

Did NYPD Manufacture a Murder Tie to Occupy Wall Street because Its Terror Myth Is Dying?

/22 Comments/in , /by

Let’s start with this. NYPD got its ass handed to it yesterday.

Specifically, Justin Elliott provided the definitive debunking of Mike Bloomberg and Ray Kelly’s repeated claims that their multimillion dollar Muslim profiling program has done anything to thwart the 14–or rather 3–terrorist attacks on NY since 9/11.

That wasn’t the end of the ass-handing, though. After Elliott’s piece, NYPD’s spokesperson Paul Browne started trolling Elliott’s comments, pretending the NYPD hadn’t repeatedly claimed to have stopped 14–or rather 3–terrorist attacks with their vast counterterrroism apparatus.

Elliott debunked that, too.

Mayor Mike, meanwhile, was backtracking–or perhaps forwardtracking–wildly, in another attempt to pretend the NYPD’s core terror myth wasn’t a carefully crafted myth.

And Ray Kelly? He hasn’t been seen to ask him about this ass-handing; maybe he was crying in a bar somewhere?

Meanwhile, last night, during the All Star Game, a new myth started.

Murder! DNA! Occupy Wall Street!

Starting with NBC, followed by a slew of other predominantly NY outlets, the press reported a flimsy story–sourced to law enforcement–claiming that DNA found on a chain left at an Occupy-related protest earlier this year matched DNA found at the site of a murder of a Pretty White Woman. Read more