Joshua Schulte

Moderators: Elvis, DrVolin, Jeff

Joshua Schulte

Postby seemslikeadream » Fri Nov 02, 2018 2:29 pm

elfismiles » Tue May 15, 2018 2:40 pm wrote:VAULT-7 Leak Update...

US identifies suspect in leak of CIA hacking tools
File photo: Joshua Schulte worked in the CIA’s Engineering Development Group, which produced the computer code, according to sources with knowledge of his employment history as well as the group’s role in developing cyber weapons.
By The Washington Post | PUBLISHED: May 15, 2018 at 12:22 pm | UPDATED: May 15, 2018 at 12:24 pm
By Shane Harris | Washington Post

WASHINGTON – The U.S. government has identified a suspect in the leak last year of a large portion of the CIA’s computer hacking arsenal, the cyber tools the agency had used to conduct espionage operations overseas, according to interviews and public documents.

But despite months of investigation, prosecutors have been unable to bring charges against the man, who is a former CIA employee currently being held in a Manhattan jail on unrelated charges.

Joshua Adam Schulte, who worked for a CIA group that designs computer code to spy on foreign adversaries, is believed to have provided the agency’s top-secret information to WikiLeaks, federal prosecutors acknowledged in a hearing in January. The anti-secrecy group published the code under the label “Vault 7” in March 2017. It was one of the most significant and potentially damaging leaks in the CIA’s history, exposing secret cyber weapons and spying techniques that also might be used against the United States, according to current and former intelligence officials.

Schulte’s connection to the leak investigation hasn’t been previously reported.

Federal authorities searched Schulte’s apartment in New York last year and obtained a personal computer equipment, notebooks, and hand-written notes according to a copy of the search warrant reviewed by The Washington Post. But that failed to provide the evidence that prosecutors needed to indict Schulte with illegally giving the information to WikiLeaks.

“Those search warrants haven’t yielded anything that is consistent with [Schulte’s] involvement in that disclosure,” Matthew Laroche, an assistant U.S. attorney in the Southern District of New York, said at a hearing on Jan. 8, according to a court transcript.

Laroche said at the time that the investigation “is ongoing,” and that Schulte “remains a target of that investigation.”

Part of that investigation, Laroche said, was analyzing whether a technology known as TOR, which allows Internet users to hide their location, “was used in transmitting classified information.”

In other hearings in Schulte’s case, prosecutors have alleged that he used TOR at his New York apartment, but they have provided as yet no evidence that he did so in order to disclose classified information. Schulte’s attorneys have said that TOR is used for all kinds of communications and have maintained that he played no role in the Vault 7 leaks.

Schulte is currently in a Manhattan jail on charges of possessing, receiving, and transporting child pornography, according to an indictment filed last September. He has pleaded not guilty.

A former federal prosecutor, who is not connected to the case, said that it’s not unusual to hold a suspect in one crime on unrelated charges, and that the months Schulte has spent in jail doesn’t necessarily mean the government’s case has hit a wall. The former prosecutor, who spoke on the condition of anonymity to discuss an open investigation, also said that if government lawyers acknowledged in a public hearing that Schulte was a target, they probably believe he acted alone.

In documents, prosecutors allege that they found a large cache of child pornography on a server that was maintained by Schulte. But he has argued that anywhere from 50 to 100 people had access to that server, which Schulte, now 29, designed several years ago in order to share movies and other digital files.

Schulte worked in the CIA’s Engineering Development Group, which produced the computer code, according to sources with knowledge of his employment history as well as the group’s role in developing cyber weapons.

At the time of the leak, people who had worked with that group said that suspicion had mainly focused on contractors, not full-time CIA employees like Schulte. It’s not clear whether the government is pursuing contractors as part of the leak investigation, but prosecutors haven’t mentioned anyone other than Schulte in court proceedings.

Schulte, who also worked for the National Security Agency before joining the CIA, left the intelligence community in 2016 and took a job in the private sector, according to a lengthy statement he wrote that was reviewed by the Post.

The CIA declined to comment.

Schulte said in the statement that he joined the intelligence community to fulfill what he saw as a patriotic duty to respond to the Sept. 11, 2001, attacks.

Schulte also claimed that he reported “incompetent management and bureaucracy” at the CIA to both that agency’s inspector general as well as a congressional oversight committee. That painted him as a disgruntled employee, he said, and when he left the CIA in 2016, suspicion fell upon him as “the only one to have recently departed [the CIA engineering group] on poor terms,” Schulte wrote.

Schulte said he had also been planning a vacation with his brother to Cancun, which may have given the appearance that he was trying to flee the country.

“Due to these unfortunate coincidences the FBI ultimately made the snap judgment that I was guilty of the leaks and targeted me,” Schulte said.

Schulte, who has launched a webpage to raise money for his defense, claims that he initially provided assistance to the FBI’s investigation. Following the search of his apartment in March 2017, prosecutors waited six months to bring the child pornography charges.

The Washington Post’s Ellen Nakashima contributed to this report.

https://www.mercurynews.com/2018/05/15/ ... ing-tools/



seemslikeadream » 07 Mar 2017 17:30 wrote:Vault 7: CIA Hacking Tools Revealed

https://wikileaks.org/ciav7p1/


New Wikileaks Series Details CIA's 'Specialized Unit' Dedicated to Creating iOS Exploits
Tuesday March 7, 2017 8:37 am PST by Mitchel Broussard
In a new series of leaks focusing on the United States Central Intelligence Agency, code named "Vault 7," Wikileaks has revealed 8,761 documents discovered within an isolated network in Langley, Virginia that "amounts to more than several hundred million lines of code." The code contains what Wikileaks referred to as a "hacking arsenal" of malware, viruses, trojans, and weaponized "zero day" exploits for iOS devices, that could give anyone in possession of the code "the entire hacking capacity of the CIA."

This "Year Zero" release is the first in the full Vault 7 series by Wikileaks, and is said to act as an introduction to the capacity and means of the CIA's covert hacking program. The agency's abilities can take aim at a number of popular consumer products from companies like Apple, Google, Samsung, and Microsoft, turning everything from an iPhone to a smart TV into a "covert microphone."
<snip>

https://www.macrumors.com/2017/03/07/wi ... -exploits/


<snip>



seemslikeadream » Wed May 16, 2018 6:32 am wrote:
Joshua Schulte named as suspect in 'Vault 7' leak of CIA tools to Wikileaks, but charged instead over child porn


Federal investigators believe a man who once worked for the U.S. Central Intelligence Agency is responsible for last year's massive leak of Top Secret CIA hacking tools, court documents reveal.

The suspect has been named as Joshua Adam Schulte, 29, who lived in New York, and is now in federal jail in Manhattan--not for the hack, but on child pornography charges.
https://boingboing.net/2018/05/15/joshu ... e-cia.html


FBI Search Of CIA Leak Suspect Turned Up Photos Of Sex Assault On Unconscious Friend
The government suspects that Joshua Adam Schulte gave documents to WikiLeaks, but they’re holding him on child pornography charges.
https://www.huffingtonpost.com/entry/jo ... 3fb50b8e79


seemslikeadream » Wed Jun 20, 2018 10:03 am wrote:TWO DAYS AFTER JULIAN ASSANGE THREATENED DON JR, ACCUSED VAULT 7 LEAKER JOSHUA SCHULTE TOOK TO TOR

June 20, 2018/1 Comment/in 2016 Presidential Election, Cybersecurity, emptywheel, Leak Investigations, WikiLeaks /by empty wheel


Monday, the government rolled out a superseding indictment for former NSA and CIA hacker Joshua Schulte, accusing him (obliquely) of leaking the CIA’s hacking tools that became the Vault 7 release from Wikileaks. The filings in his docket (as would the search warrants his series of defense attorneys would have seen) make it clear that the investigation into him, launched just days after the first CIA release, was always about the CIA leak. But when the government took his computer last spring, they found thousands of child porn pictures dating back to 2009. It took the government over three months and a sexual assault indictment in VA to convince a judge to revoke his bail last December, and then another six months to solidify the leaking charges they had been investigating him from the start.

But the case appears to have taken a key turn on November 16, 2017, when he did something — it’s not clear what — on the Tor network. While there are several things that might explain why he chose to put his release at risk by accessing Tor that day, it’s notable that it occurred two days after Julian Assange tweeted publicly to Donald Trump Jr that he’d still be happy to be Australian Ambassador to the US, implicitly threatening to release more CIA hacking tools.

Schulte was, from days after the initial Vault 7 release, apparently the prime suspect to be the leaker. As such, the government was always interested in what Schulte was doing on Tor. In response to a warrant to Google served in March 2017, the government found him searching, on May 8, 2016, for how to set up a Tor bridge (Schulte has been justifiably mocked for truly abysmal OpSec, and Googling how to set up a bridge is one example). That was right in the middle of the time he was deleting logs from his CIA computer to hide what he was doing on it.

When he was granted bail, he was prohibited from accessing computers. But because the government had arrested him on child porn charges and remained coy (in spite of serial hold-ups with his attorneys regarding clearance to see the small number of classified files the government found on his computer) about the Vault 7 interest, the discussions of how skilled he was with a computer remained fairly oblique. But in their finally successful motion to revoke Schulte’s bail, the government revealed that Schulte had not only accessed his email (via his roommate, Schulte’s lawyer would later claim), but had accessed Tor five times in the previous month, on November 16, 17, 26, and 30, and on December 5, 2017, which appears to be when the government nudged Virginia to get NYPD to arrest him on a sexual assault charge tied to raping a passed out acquaintance at his home in VA in 2015.

Perhaps the most obvious explanation for why Schulte accessed Tor starting on November 16, 2017, is that he was trying to learn about the assault charges filed in VA the day before.

But there is a more interesting explanation.

As you recall, back in November 2017, some outlets began to publish a bunch of previously undisclosed DMs between Don Jr and Wikileaks. Most attention focused on Wikileaks providing Don Jr access to an anti-Trump site during the election. But I was most interested in Julian Assange’s December 16, 2016 “offer” to be Australian Ambassador to the US — basically a request for payback for his help getting Trump elected.
Hi Don. Hope you’re doing well! In relation to Mr. Assange: Obama/Clinton placed pressure on Sweden, UK and Australia (his home country) to illicitly go after Mr. Assange. It would be real easy and helpful for your dad to suggest that Australia appoint Assange ambassador to DC “That’s a really smart tough guy and the most famous australian you have! ” or something similar. They won’t do it, but it will send the right signals to Australia, UK + Sweden to start following the law and stop bending it to ingratiate themselves with the Clintons. 12/16/16 12:38PM


In the wake of the releases, on November 14, 2017, Assange tweeted out a follow-up.

Image

As I noted at the time, the offer included an implicit threat: by referencing “Vault 8,” the name Wikileaks had given to its sole release, on November 9, 2017 of an actual CIA exploit (as opposed to the documentation that Wikileaks had previously released), Assange was threatening to dump more hacking tools, as Shadow Brokers had done before it. Not long after, Ecuador gave Assange its first warning to stop meddling in other countries politics, explicitly pointing to his involvement in the Catalan referendum but also pointing to his tampering with other countries. That warning became an initial ban on visitors and Internet access in March of this year followed by a more formal one on May 10, 2018 that remains in place.

There’s a reason I think those Tor accesses may actually be tied to Assange’s implicit threat. In January of this year, when his then lawyer Jacob Kaplan made a bid to renew bail, he offered an excuse for those Tor accesses. He claimed Schulte was using Tor to research the diaries on his experience in the criminal justice system.

In this case, the reason why TOR was accessed was because Mr. Schulte is writing articles, conducting research and writing articles about the criminal justice system and what he has been through, and he does not want the government looking over his shoulder and seeing what exactly he is searching.


Someone posted those diaries to a Facebook account titled “John Galt’s Defense Fund” on April 20, 2018 (in addition to being an accused rapist and child porn fan, Schulte’s public postings show him to be an anti-Obama racist and an Ayn Rand worshiping libertarian).

Yesterday, Wikileaks linked those diaries, which strikes me as an attempt to corroborate the alibi Schulte has offered for his access to Tor last November.

Image

The government seems to have let Schulte remain free for much of 2017, perhaps in search of evidence to implicate him in the Vault 7 release. Whether it was a response to a second indictment or to Assange’s implicit threats to Don Jr, Schulte’s use of Tor last year (and, surely, the testimony of the roommate he was using as a go-between) may have been one of the keys to getting the proof the government had been searching for since March 2017.

Whatever it is, both Wikileaks and Schulte would like you to believe he did nothing more nefarious than research due process websites when he put his bail at risk by accessing Tor last year. I find that a dubious claim.

2009: IRC discussions of child porn

2011 and 2012: Google searches for child porn

April 2015: Rapes a woman (possibly partner) who is passed out and takes pictures of it

March to June 2016: Schulte deleting logs of access to CIA computer

May 8, 2016: Schulte Googles how to set up a Tor bridge

November 2016: Leaves CIA, moves to NY, works for Bloomberg

December 16, 2016: Assange DM to Don Jr about becoming Ambassador

Hi Don. Hope you’re doing well! In relation to Mr. Assange: Obama/Clinton placed pressure on Sweden, UK and Australia (his home country) to illicitly go after Mr. Assange. It would be real easy and helpful for your dad to suggest that Australia appoint Assange ambassador to DC “That’s a really smart tough guy and the most famous australian you have! ” or something similar. They won’t do it, but it will send the right signals to Australia, UK + Sweden to start following the law and stop bending it to ingratiate themselves with the Clintons. 12/16/16 12:38PM


February 4, 2017: Wikileaks starts prepping Vault 7

March 7, 2017: Wikileaks starts releasing Vault 7

March 13, 2017: Google search warrant

March 20, 2017: Search (including of cell phone, from which passwords to his desktop obtained)

June 2017: Interview

August 17, 2017: Dana Rohrabacher tries to broker deal for Assange with Trump

August 23, 2017: Arrest affidavit

August 24, 2017: Arraignment

THE COURT: Well, it sounds like, based on the interview, that he knew what the government was looking at.

MR. LAROCHE: That wasn’t the basis of the interview, your Honor.



MR. KOSS: I think it was either two or three [interviews]. I think it was three occasions. I was there on all three, including one of which where we handed over the telephone and unblocked the password to the phone, which they did not have, and gave that to them. And as I said, I have been in constant contact with the three assistant U.S. attorneys working on this matter literally on a weekly basis for the last 4, 5, 6 months. And any time Mr. Schulte even thought about traveling, I provided them an itinerary. I cleared it with them first and made sure it was okay. On any occasion that they said they might want him close so that he could speak to them, I cancelled the travel and rescheduled it so that we would be available if they needed him at any given time.


October 2, 2017: Bail hearing

MR. LAROCHE: Well, I believe there still is a danger because it’s not just computers, your Honor, but electronic devices are all over society and easy to procure and this type of defendant having the type of knowledge he has does in terms of accessing things — so he has expertise and not only just generally computers but using things such as wiping tools that would allow him to access certain website and leave no trace of it. Those can be done from not just a computer but from other electronic devices.

But the child pornography itself is located on the defendant’s desktop computer. They can be accessed irrespective of those servers. So if all the government had was this desktop computer, we could recover the child pornography. So I think this idea that numerous people had access to the serves and potentially could have put it there, is simply a red herring. This was on the defendant’s desktop computer. And the location where it was found, this sub-folder within several layers of encryption, there were other personal information of the defendant in that area. There was his bank accounts. I think there was even a resume for the defendant where he was storing this information. And the passwords that were used to get into that location, those passwords were the same passwords the defendant used to access his bank account, to access various other accounts that are related to him. So this idea that he shared them with other people, the government just strongly disagrees.

October 11, 2017: Schulte lawyer Spiro withdraws

October 24, 2017: At Trump’s request Bill Binney meets with Mike Pompeo to offer alternate theory of the DNC hack

November 8, 2017: Status hearing

SMITH: I believe the government has told us that there’s more data in this case than in any other like case that they have prosecuted.

MR. STANSBURY: Let me just clarify that part first. We proposed this just in an abundance of caution given the defendant’s former employer and the fact that — and I meant to flag this before. I apologize now for not. There’s a small body of documents that were found in the defendant’s residence that were taken from his former employer that might implicate some classified issues. We have been in the process of having those reviewed and I think we’re going to be in a position to produce those in the next probably few days. But we wanted to just make sure that we were acting out of an abundance of caution in case any SEPA [sic] issues come about in the case. I don’t expect them too at this point but we wanted to do that out of an abundance of caution.


November 9, 2017: Wikileaks publishes Vault 8 exploit

November 14, 2017: Assange posts Vault 8 Ambassador follow-up

Image

November 14, 2017: Arrest warrant in VA

November 15, 2017: Charged in Loudon County for sexual assault

November 16, 2017: Use of Tor

November 17, 2017: Use of Tor

November 26, 2017: Use of Tor

November 29, 2017: Abundance of caution, attorney should obtain clearance

November 30, 2017: Use of Tor

December 5, 2017: Use of Tor, Smith withdraws

December 7, 2017: NYPD arrests on VA warrant for sexual assault

December 12, 2017: Move for detention, including description of email and Tor access

Separately, since the defendant was released on bail, the Government has obtained evidence that he has been using the Internet. First, the Government has obtained data from the service provider for the defendant’s email account (the “Schulte Email Account”), which shows that the account has regularly been logged into and out of since the defendant was released on bail, most recently on the evening of December 6, 2017. Notably, the IP address used to access the Schulte Email Account is almost always the same IP address associated with the broadband internet account for the defendant’s apartment (the “Broadband Account”)—i.e., the account used by Schulte in the apartment to access the Internet via a Wi-Fi network. Moreover, data from the Broadband Account shows that on November 16, 2017, the Broadband Account was used to access the “TOR” network, that is, a network that allows for anonymous communications on the Internet via a worldwide network of linked computer servers, and multiple layers of data encryption. The Broadband Account shows that additional TOR connections were made again on November 17, 26, 30, and December 5.

[snip]

First, there is clear and convincing evidence that the defendant has violated a release condition—namely, the condition that he shall not use the Internet without express authorization from Pretrial Services to do so. As explained above, data obtained from the Schulte Email Account and the Broadband Account strongly suggests that the defendant has been using the Internet since shortly after his release on bail. Especially troubling is the defendant’s apparent use on five occasions of the TOR network. TOR networks enable anonymous communications over the Internet and could be used to download or view child pornography without detection. Indeed, the defendant has a history of using TOR networks. The defendant’s Google searches obtained in this investigation show that on May 8, 2016, the defendant conducted multiple searches related to the use of TOR to anonymously transfer encrypted data on the Internet. In particular, the defendant had searched for “setup for relay,” “test bridge relay,” and “tor relay vs bridge.” Each of these searches returned information regarding the use of interconnected computers on TOR to convey information, or the use of a computer to serve as the gateway (or bridge) into the TOR network.

December 14, 2017: US custody in NY

MR. KAPLAN: Well, your Honor, we’ve obtained the discovery given to prior counsel, and I’ve started to go through that. In addition, there was one other issue which I believe was raised at our prior conference, which was a security clearance for counsel to go through some of the national security evidence that might be present in the case.

While most of the national security stuff does not involve the charges, the actual charges against Mr. Schulte, the basis for the search warrants in this case involve national security.

So I’m starting the process with their office to hopefully get clearance to go through some of the information on that with an eye towards possibly a Franks motion going forward. So I would ask for more time just to get that rolling.


January 8, 2018: Bail appeal hearing

MR. KAPLAN: Judge, on the last court date, when we left, the idea was that we had consented to detention with the understanding that Mr. Schulte would be sent down to Virginia to face charges based on a Virginia warrant. None of that happened. Virginia never came to get him. Virginia just didn’t do anything in this case. But before I address the bail issues, I think it’s important that this Court hear the full story of how we actually get here. At one of the previous court appearances, I believe it was the November 8th date, this Court asked why the defense attorney in this case would need security clearance. And the answer that was given by one of the prosecutors, I believe, was that there was some top secret government information that was found in Mr. Schulte’s apartment, and that out of an abundance of caution it would be prudent that the defense attorney get clearance. But I don’t think that’s entirely accurate.

While the current indictment charges Mr. Schulte with child pornography, this case comes out of a much broader perspective. In March of 2017, there was the WikiLeaks leak, where 8,000 CIA documents were leaked on the Internet. The FBI believed that Mr. Schulte was involved in that leak. As part of their investigation, they obtained numerous search warrants for Mr. Schulte’s phone, for his computers, and other items, in order to establish the connection between Mr. Schulte and the WikiLeaks leak.

As we will discuss later in motion practice, we believe that many of the facts relied on to get the search warrants were just flat inaccurate and not true, and part of our belief is because later on, in the third or fourth search warrant applications, they said some of the facts that we mentioned earlier were not accurate. So we will address this in a Franks motion going forward, but what I think is important for the Court is, in April or May of 2017, the government had full access to his computers and his phone, and they found the child pornography in this case, but what they didn’t find was any connection to the WikiLeaks investigation. Since that point, from May going forward, although they later argued he was a danger to the community, they let him out; they let him travel. There was no concern at all. That changed when they arrested him in August on the child pornography case.

[snip]

The second basis that the government had in its letter for detaining Mr. Schulte was the usage of computers. In the government’s letter, they note how, if you search the IP address for Mr. Schulte’s apartment, they found numerous log-ons to his Gmail account, in clear violation of this court’s order. But what the government’s letter doesn’t mention is that Mr. Schulte had a roommate, his cousin, Shane Presnall, and this roommate, who the government and pretrial services knew about, was allowed to have a computer.

And more than that, based on numerous conversations, at least two conversations between pretrial services, John Moscato, Josh Schulte and Shane Presnall, it was Shane’s understanding that pretrial services allowed him to check Mr. Schulte’s e-mail and to do searches for him on the Internet, with the idea that Josh Schulte himself would not have access to the computer.

And the government gave 14 pages of log-on information to establish this point. And, Judge, we have gone through all 14 pages, and every single access and log-in corresponds to a time that Shane Presnall is in the apartment. His computer has facial recognition, it has an alphanumeric code, and there is no point when Josh Schulte is left himself with the computer without Shane being there, and that was their understanding.

LAROCHE: And part of that investigation is analyzing whether and to what extent TOR was used in transmitting classified information. So the fact that the defendant is now, while on pretrial release, using TOR from his apartment, when he was explicitly told not to use the Internet, is extremely troubling and suggests that he did willfully violate his bail conditions.



KAPLAN: In this case, the reason why TOR was accessed was because Mr. Schulte is writing articles, conducting research and writing articles about the criminal justice system and what he has been through, and he does not want the government looking over his shoulder and seeing what exactly he is searching.



LAROCHE: Because there is a classified document that is located on the defendant’s computer, it is extremely difficult, and we have determined not possible, to remove that document forensically and still provide an accurate copy of the desktop computer to the defendant.

So in those circumstances, defense counsel is going to require a top secret clearance in order to view these materials. It’s my understanding that that process is ongoing, and we have asked them to expedite it. As soon as the defendant’s application is in, we believe he will get an interim classification to review this material within approximately two to three weeks. Unfortunately, that hasn’t occurred yet. So the defendant still does not have access to that particular aspect of discovery. So we are working through that as quickly as we can.

January 17, 2018: Bail appeal denied

March 15, 2018: Sabrina Shroff appointed

March 28, 2018: Initial ban of Internet access and visitors for Assange

April 20, 2018: Schulte’s diaries (ostensibly the purpose of using Tor) posted

Image

May 10, 2018: Ecuador bans visitors for Assange

May 16, 18, 2018: Documents placed in vault

May 16, 2018: Schulte Facebook site starts legal defense fund

June 18, 2018: Schulte superseding indictment

June 19, 2018: Wikileaks posts links to diary

https://www.emptywheel.net/2018/06/20/t ... ok-to-tor/


------------------------------------

US lobbyist for Russian oligarch visited Julian Assange nine times last year
It is unclear whether Adam Waldman’s 2017 visits had connection to Oleg Deripaska


Stephanie Kirchgaessner and Luke Harding
Wed 20 Jun 2018 06.08 EDT Last modified on Wed 20 Jun 2018 08.32 EDT

Adam Waldman, left, and Oleg Deripaska at the Oktoberfest in Munich in 2015.

A longtime US lobbyist for the Russian oligarch Oleg Deripaska visited Julian Assange nine times at the Ecuadorian embassy in London last year, according to visitor logs seen by the Guardian.

Adam Waldman, who has worked as a Washington lobbyist for the metals tycoon since 2009, had more meetings with Assange in 2017 than almost anyone else, the records show.

It is not clear why Waldman went to the WikiLeaks founder or whether the meetings had any connection to the Russian billionaire, who is now subject to US sanctions. But the disclosure is likely to raise further questions about the extent and nature of Assange’s alleged ties to Russia.

US intelligence agencies concluded with “high confidence” last year, in an unclassified intelligence assessment, that the Kremlin shared hacked emails with WikiLeaks that undermined Hillary Clinton’s presidential campaign as part of its effort to sway the 2016 election in favour of Donald Trump.

Waldman is a lawyer and consultant in Washington and Deripaska’s primary lobbyist. He also represents other clients including Hollywood stars. Last year Deripaska paid Waldman about $562,000. According to filings to the Department of Justice (DoJ) by Waldman’s firm, the Endeavor Group, his work for Deripaska focused on advising the oligarch’s company UC Rusal on legal issues.

When Deripaska first hired him, in 2009, Waldman’s firm was on a $40,000-per-month retainer. The Russian magnate was having problems obtaining a visa because of alleged connections to organised crime, which Deripaska denies. Waldman lobbied the US government to get Deripaska a visa.

Waldman also served as a counsel for Russia’s foreign minister, Sergei Lavrov. A 2010 DoJ filing showed that the Endeavor Group was hired by Lavrov to help ease the “persistent state of limbo” that Deripaska faced as a result of his being refused entry into the US. In a letter to Waldman, Lavrov hailed Deripaska as one of Russia’s “prominent business leaders”.

Waldman declined to answer questions from the Guardian about his meetings with Assange or whether they were connected to the Russian billionaire.

Waldman has not registered himself as a lobbyist for the WikiLeaks founder.

A report last year by Fox News, which obtained leaked text messages between Waldman and the US senator Mark Warner, the top Democrat on the Senate intelligence committee, suggested Waldman tried to broker a deal between Assange and the DoJ and that the negotiations were fruitless. It is not clear whether Waldman was brokering the deal on Assange’s behalf or someone else’s.

One text sent by Waldman in April 2017 said: “I convinced him [Assange] to make serious and important concessions and am discussing those [with] DoJ.”

The logs, obtained by the Guardian and Focus Ecuador, reveal details of Assange’s life inside the Ecuadorian embassy, where he has been staying since June 2012. Waldman allegedly visited Assange twice on 12 and 13 January 2017, days before Trump’s inauguration as president, and again immediately after the ceremony, on 27 January.

The Guardian has separately corroborated that Waldman was in London in late March, when he saw Assange twice more. He visited the embassy three times in April and made two more visits at the end of November 2017.

Trump escalates attacks on FBI as he fights back against Russia inquiry
Read more
Deripaska is a key person in the investigation by the special counsel Robert Mueller into alleged collusion between the Trump campaign and Moscow.

According to the Associated Press, Trump’s future campaign manager Paul Manafort began work for Deripaska in 2005 and pitched a plan that would “greatly benefit [Vladimir] Putin’s government.” In 2006 Manafort signed a $10m annual contract with Deripaska, a close ally of Russia’s president.

In summer 2016, when he was Trump’s campaign chief, Manafort offered Deripaska a confidential briefing, emails turned over to Congress and Mueller show. The briefing never happened, Manafort says. Deripaska was filmed soon afterwards on his luxury yacht discussing the forthcoming US election with Russia’s deputy prime minister, Sergei Prikhodko.

Deripaska was subjected to more US sanctions in April. They were imposed on close associates of Putin’s in retaliation for alleged Kremlin meddling in the US vote. Meanwhile, Manafort faces multiple charges of money laundering arising from his work in Ukraine, and accusations of tampering with potential witnesses. He denies all charges. His bail was revoked last week and he is now awaiting trial in prison.

Waldman’s relationship with Deripaska goes beyond consultancy. According to filings, in 2008 he travelled to Moscow, Amsterdam and Siberia with the oligarch for the purpose of “friendship”. In 2015 Waldman and his German second wife, Barbara Sturm, posed for photos with Deripaska at Munich’s Oktoberfest. Sturm, a dermatologist and beauty expert, has a major business presence in Russia.

In April Waldman placed an article by Deripaska with the conservative Daily Caller news website, sources say. The oligarch called allegations of collusion “invented” and said he and the Russian government were victims of a “deep state” Washington plot.

Waldman has cultivated connections with senior Democratic politicians and spent summers with many of them in Martha’s Vineyard.

According to filings, Deripaska has paid Waldman via a series of offshore firms, with cash routed via shell companies in the British Virgin Islands, Belize and Jersey. At least one of Deripaska’s companies, Sea Chaika Corporation, appears in the Panama Papers. In 2010 it transferred at least $85,000 to Waldman’s accounts. Sea Chaika is connected to anonymous firms registered in Cyprus.

Deripaska and UC Rusal did not comment. Assange has denied the hacked Democratic party emails released by WikiLeaks in 2016 came from Moscow.

Last month Lenín Moreno, the president of Ecuador, said Assange could continue to live in the embassy as long as he complied with the conditions of his stay and avoided voicing political opinions on Twitter. In March, Moreno restricted Assange’s visitors, cut his internet access and shelved a $5m (£3.7m) secret spy operation to protect him, called “Operation Hotel”.
https://www.theguardian.com/media/2018/ ... are_btn_tw


emptywheel


emptywheel Retweeted Courage Foundation
The claims of Assange's isolation often turn out to be overstated. But limits on legal visits would be new--and it comes as Joshua Schulte faces new charges for leaking and trying to leak classified information using the multiple contraband cellphones in his jail cell.
https://twitter.com/emptywheel



Courage Foundation


Julian Assange legally challenged Ecuador's efforts to isolate and censor him: background on and amicus filings from this week's hearing: https://couragefound.org/2018/10/protec ... n-hearing/

Support: https://www.iamwikileaks.org/donate/

Image

The judge refused to rule on the constitutionality of the govt’s actions against Assange and said it was a matter for the Constitutional Court.

The case has now been appealed to the provincial court.



New: the Ecuadorian Embassy in London has forbidden access to all visitors to Julian Assange, including lawyers (amid an urgent lawsuit), until Monday

https://twitter.com/couragefound/status ... 2520750080



US GOVERNMENT REVEALS IT HAS VIDEO EVIDENCE OF JOSHUA SCHULTE SHARING CLASSIFIED INFORMATION AS ECUADOR RESTRICTS ASSANGE’S LEGAL VISITS
November 2, 2018/0 Comments/in 2016 Presidential Election, emptywheel, Mueller Probe, WikiLeaks /by emptywheel
In a letter sent Thursday to Paul Crotty, the judge in the case of alleged Vault 7 WikiLeaks source, Joshua Schulte, prosecutors described the investigation conducted when, “in or about early October 2018,” they discovered he had been communicating clandestinely with third parties outside of the Metropolitan Corrections Center, where he has been held since December. They described discovering a truly stupendous amount of communications gear to store in a jail cell, amounting to multiple cell phones and other devices, from which Schulte was running 13 email and social media accounts.

In or about early October 2018, the Government learned that Schulte was using one or more smuggled contraband cellphones to communicate clandestinely with third parties outside of the MCC. The Government and the FBI immediately commenced an investigation into Schulte’s conduct at the MCC. That investigation involved, among other things, the execution of six search warrants and the issuance of dozens of grand jury subpoenas and pen register orders. Pursuant to this legal process, in the weeks following the Government’s discovery of Schulte’s conduct at the MCC, the FBI has searched, among other things, the housing unit at the MCC in which Schulte was detained; multiple contraband cellphones (including at least one cellphone used by Schulte that is protected with significant encryption); approximately 13 email and social media accounts (including encrypted email accounts); and other electronic devices.


Now, the prosecutors use that word “encrypted” twice, as if it means extra spooky, but these days, a cellphone with significant encryption could mean an iPhone (though in jail Schulte might be able to get state of the art spook or crook phones) and “encrypted email accounts” often means ProtonMail.

In any case, that’s a whole lot of legal process for a one month investigation of someone sitting in a jail cell (Schulte was moved to solitary when the investigation started on October 1), but then Schulte allegedly had a shit-ton of hardware. The 6 search warrants were presumably used for Schulte’s devices, and the “dozens of grand jury subpoenas and pen registers” would probably have been used for those email and social media accounts, perhaps with both used for each account (I have a working theory that for encrypted comms it may take more than one pen register to get the data).

Schulte was using all this hardware and software, according to the prosecutors, to — among other things — do two things: send details about the search warrants to investigate him, as well as yet more classified information, to third parties.

As a result of these searches and other investigative steps, the Government discovered that Schulte had, among other things, (i) transmitted classified information to third parties, including by using an encrypted email account, and (ii) transmitted the Protected Search Warrant Materials to third parties in direct contravention of the Court’s Protective Order and the Court’s statements at the May 21 conference.


The prosecutors included a superseding indictment with their letter, adding two extra counts to his already life sentence-threatening indictment:a new Count Eleven, which is contempt of court for blowing off the protective order covering his search warrant starting in April, and a new Count Four, which is another count of transmitting and attempting to transmit unlawfully possessed national defense information (793(e)0 during the period he has been in MCC.

With regards to Count Eleven, on Monday a letter Schulte sent to Judge Crotty that was uploaded briefly to PACER (I believe this is the third time Schulte has succeeded in getting such letters briefly uploaded to the docket), revealing that he had been moved to solitary, but also complaining about corrections the government had made to his original search warrant:

I beg you Judge Crotty to read the first search warrant affidavit and the government’s Brady letter; the FBI outright lied in that affidavit and now acknowledge [sic] roughly half of these lies. Literally, they [sic] “error} on seeing dates of 3/7 where there were only 3/2 dates and developing their entire predicate based on fallacious reasoning and lies. They “error” in seeing three administrators where there were “at least 5” (ie. 10). They [sic] “error” in where the C.I. was stolen who had access, and how it could be taken — literally everything.


While I absolutely don’t rule out the government either focused on Schulte back in March 2017 for reasons not disclosed in the search warrant application, or that they parallel constructed the real reasons badly (both of which would be of significant interest, but both of which his very competent public defender can deal with), the docket suggests the Vault 7 case against him got fully substantiated after the porn case, perhaps because of the stuff he did last year on Tor that got him jailed in the first place. As I noted, that Tor activity closely followed one of Julian Assange’s more pubic extortion attempts using the Vault 8 material Schulte is accused of sharing, though Assange has made multiple private extortion attempts both before and since.

Which brings me to the second new charge, transmitting and attempting to transmit national defense information to a third party, with a time span of December 2017 to October 2018. Effectively, the government claims that even after Schulte was jailed last December, he continued to share classified information.

I’m particularly interested in the government’s use of “attempted” in that charge, not used elsewhere. The time period they lay out, after all, includes a period when Ecuador restricted Julian Assange’s communication. Effectively, the government revealed on Wednesday that they have video evidence of Schulte sharing classified information with … someone.

Meanwhile, in the Ecuadoran embassy in London, things have been heating up between Assange and his hosts.

About halfway through the period after which Schulte had been put into solitary so the government could investigate a bunch of communications devices they claim they didn’t know about before around October 1, Ecuador announced what seemed to be a relaxation of restrictions on Assange, but actually was more of an ultimatum. He could have visitors, but first they’d have to apply 3 days in advance and supply their social media handles and identifying details for any devices they wanted to bring with them. Assange, too, has to register all his devices, and only use Ecuador’s wifi. If anyone uses unapproved devices, they’ll be deemed a security threat to Ecuador under the protection of the UK, basically giving the UK reason to prosecute them to protect Ecuador. Assange has to have regular medical exams; if he has a medical emergency, he’ll be treated off site. Starting on December 1, he has to start paying for food and other supplies. He has to start cleaning up the joint. He has to start taking care of his cat.

Assange immediately sued over the new rules. But he lost that suit on Monday. But even as he appeals that verdict, according to Courage Foundation, Ecuador has restricted even legal visits, something that hadn’t been the case before. Those restrictions appear to have been put in place on Wednesday, the same day the new Schulte charges were rolled out. They’ll remain in place until Monday.

A piece by Ryan Goodman and Bob Bauer renewed discussion this morning about the First Amendment limits on suing or prosecuting WikiLeaks for conspiring with Russia to swing the 2016 election; I hope to respond to it later, but wrote about the same lawsuit in this post. I think their view dangerously risks political journalism.

But I also think that you don’t necessarily need to charge WikiLeaks in the conspiracy to sustain a conspiracy charge; you can make them unindicted co-conspirators, just like Trump would be. I have long noted that you could charge Assange, instead, for his serial attempts to extort the United States, an effort that has gone on for well over 18 months using the very same files that Schulte is alleged to have leaked to WikiLeaks (extortion attempts which may also involve Roger Stone). Assange has accomplished those extortion attempts, in part, with the assistance of his lawyers, who up until this week (as far as I understand from people close to Assange) were still permitted access to him.

Say. Have I observed yet that these events are taking place in the last days before Mueller’s election season restrictions end?

As I disclosed in July, I provided information to the FBI on issues related to the Mueller investigation, so I’m going to include disclosure statements on Mueller investigation posts from here on out. I will include the disclosure whether or not the stuff I shared with the FBI pertains to the subject of the post.
https://www.emptywheel.net/2018/11/02/u ... al-visits/



Why the First Amendment Does Not Protect Trump Campaign Collusion with Wikileaks and Russia

Despite the president’s signature hostility toward the press, the Trump campaign is strenuously trying to wrap itself and Wikileaks in the protective garb of the First Amendment in defending against a lawsuit involving the hacking and dissemination of Democratic National Committee emails in 2016.

The case involves a civil suit brought by a DNC employee and two Democratic donors whose private financial and personal information was disclosed by Wikileaks as part of the DNC hack. The legal maneuvers in this case are being closely watched for what they suggest about how the Trump lawyers may approach any allegations of collusion with the Kremlin and Wikileaks that come directly out of the Mueller investigation.

The campaign’s lawyers told a judge that even if the president and his lieutenants worked with Russians and Wikileaks to disseminate emails to influence the outcome of the presidential election, only the act of stealing those emails would be prohibited. The campaign and Wikileaks, on this view, acted like the news media in simply passing on the stolen information.

This line of argument is a striking distortion of the core principles of freedom of the press. It also relies on a demonstrable falsehood—that the Trump campaign had no involvement in the Kremlin and Wikileaks’ conspiracy to violate U.S. election law in acquiring and distributing the emails.

The very Supreme Court case that the campaign cites in its defense—Bartnicki v. Vopper—offers a clear roadmap for showing why its position is wrong. In that 2001 opinion, the Court upheld First Amendment protections for a radio host who had received from an unknown source, and later aired, the contents of an illegally intercepted cell phone conversation between two union officials discussing the use of violent tactics in a labor-management dispute. The Trump campaign asserts that it is no different from the broadcaster: its hands are legally clean, and it was just exercising its free speech rights.

That assertion of blamelessness is the critical flaw in the Trump campaign’s case, because the Bartnicki court was careful to note that the radio host had not solicited the illegal recording or been otherwise involved in the original plan for illegal interception and distribution.

The court stressed the significance of these facts: It was not laying down the ironclad protection that Trump campaign is claiming. It noted in particular its “repeated refusal to answer categorically whether truthful publication may ever be punished consistent with the First Amendment.” Rather,

“[O]ur cases have carefully eschewed reaching this ultimate question, mindful that the future may bring scenarios which prudence counsels our not resolving anticipatorily. . . . We continue to believe that the sensitivity and significance of the interests presented in clashes between [the] First Amendment and privacy rights counsel relying on limited principles that sweep no more broadly than the appropriate context of the instant case.” Florida Star, 491 U. S., at 532–533.

It is on fundamental factual distinctions between Bartnicki and the Trump case that the campaign’s First Amendment theory founders. Unlike Bartnicki’s radio host, the campaign is not free of involvement in illegal activity. It did not merely comment on what the Russians and WikiLeaks conspired to make public. It willfully engaged with both the Russians and WikiLeaks in both the pursuit and the publication of the stolen emails—actions that bump up against clear prohibitions in federal campaign finance law. Foreign nationals may not contribute or spend funds to influence an American election, and, crucially, a U.S. political campaign cannot assist or act in coordination with foreign electoral intervention.

We know that the Russians were peddling assistance to a receptive campaign, that the campaign learned as early as April 2016 that Russians possessed stolen emails, that the campaign via the president’s son Donald Jr. advised the Russians on when to release derogatory information (“later in the summer”), that the Russian hacking operation continued long after the Russians first made contact with and were greeted receptively by the campaign, that the president himself publicly encouraged the Russian government to locate the so-called “missing“ Clinton emails, and that Russian spies quickly followed by trying to hack Clinton’s personal email. There are also reports that the Russians may have previewed the plan to disseminate the emails before ever doing so. For the purposes of the ongoing civil suit, those allegations alone rob the campaign of its current defense.

Still more about this coordinated activity may come to light as the special counsel reportedly investigates early contacts between WikiLeaks and Trump associate and campaign surrogate Roger Stone. Only this week, the New York Times disclosed emails between Stone and senior Trump campaign aide that show a campaign alerted in advance to the WikiLeaks’ possession of the stolen emails and pressing for their public release.

The Bartnicki court stressed that that the radio host was a passive recipient of the cell phone recording who did not even know who had made it. In contrast, the Trump campaign was in no way passive, and it knew exactly who had done the hacking and who was providing the platform for publication.

These are not the only differences that work against the Trump campaign’s propositions. The Court in Bartnicki singled out the public significance of the conversation captured in the illegal recording. The labor dispute was protracted and bitter, very much a matter of public debate before the cell phone conversation was exposed. It was on the basis of that context that the court found that the material issue had distinctive public importance that carried great weight in the constitutional analysis.

The Trump campaign’s pursuit of the stolen emails was not focused on any such particular issue of public significance. It was the Russians’ and WikiLeaks’ goal, shared by the campaign, to steal and release private material that would be simply embarrassing and disruptive to the Democrats. And, indeed, that turned out to include such things as internal personal squabbles, donors’ private information, credit card and social security numbers.

The campaign lawyers endeavor to put the best possible face on this campaign dirty trick. They argue that the material uncovered by the hacking exposed important facts about the DNC’s tilt toward Hillary Clinton over Bernie Sanders and conduct toward donors and the press. But whatever the “public significance” of these matters, the campaign did not have any advance reason to believe that exposure of the emails would uncover them. Its aim, the Russians’ and WikiLeaks’ were the same: exploit the illegal hacking to whatever electoral advantage could be gained.

There is misplaced concern that a defeat for this First Amendment defense puts media protections at risk. Federal campaign finance regulation supplies useful guidance here: It exempts standard journalistic activity, but denies those protections to conduct outside the “legitimate press function.” It is clear from disclosures by an internal WikiLeaks critic and other materials that Julian Assange targeted Hillary Clinton and sought to work with the Trump campaign and the Russians to secure her defeat. This is not a “legitimate press function.” And the conflation of Wikileaks’ plan of campaign attack with standard journalistic activity undermines important distinctions critical to the protection of the free press.

The danger presented by a Trump campaign victory on this First Amendment issue is that, if successful, it will rely on this case to assert a broader constitutional defense of the alliance it struck with Russia in the 2016 election. This is a direct threat to special counsel Robert Mueller investigation’s efforts to achieve accountability under the law for foreign interference in the 2016 election.

In effect, the Trump campaign’s lawyers are preparing to pivot from the claim that there was “no collusion” to the claim that collusion is constitutionally protected. The ongoing litigation is a testing ground for this novel constitutional theory, and it should be the place where that theory quickly dies.
https://www.justsecurity.org/61327/amen ... ks-russia/
Mazars and Deutsche Bank could have ended this nightmare before it started.
They could still get him out of office.
But instead, they want mass death.
Don’t forget that.
User avatar
seemslikeadream
 
Posts: 32090
Joined: Wed Apr 27, 2005 11:28 pm
Location: into the black
Blog: View Blog (83)

Re: Joshua Schulte

Postby seemslikeadream » Fri Nov 16, 2018 6:13 pm

emptywheel

As I note, what Assange did w/Schulte and the CIA hacking files goes well beyond journalism, particularly w/repeated threats to release them if the USG didn't give him immunity.

I will and have defended Assange against prosecution and suit for stuff other journalists do. I'll even defend him preferring to publish stuff to attack one side (like, say, Fox).

But we don't know all he has done.



BUT WE DON’T KNOW ALL HE HAS DONE


emptywheel

2h2 hours ago

Also, note I've said REPEATEDLY that I think Assange may have things that go beyond publishing wrt the Vault 7 releases. That case has venue in EDVA (which Schulte waived). Mueller does not.


Dear all, especially those who claim to be liberals in the Big L or little l sense:

Our legal system is built on precedents formed in the prosecutions of assholes. Please don't applaud treatment of Assange you'd find improper with others.
https://twitter.com/emptywheel



US GOVERNMENT REVEALS IT HAS VIDEO EVIDENCE OF JOSHUA SCHULTE SHARING CLASSIFIED INFORMATION AS ECUADOR RESTRICTS ASSANGE’S LEGAL VISITS

November 2, 2018/36 Comments/in 2016 Presidential Election, emptywheel, Mueller Probe, WikiLeaks /by emptywheel
In a letter sent Thursday to Paul Crotty, the judge in the case of alleged Vault 7 WikiLeaks source, Joshua Schulte, prosecutors described the investigation conducted when, “in or about early October 2018,” they discovered he had been communicating clandestinely with third parties outside of the Metropolitan Corrections Center, where he has been held since December. They described discovering a truly stupendous amount of communications gear to store in a jail cell, amounting to multiple cell phones and other devices, from which Schulte was running 13 email and social media accounts.

In or about early October 2018, the Government learned that Schulte was using one or more smuggled contraband cellphones to communicate clandestinely with third parties outside of the MCC. The Government and the FBI immediately commenced an investigation into Schulte’s conduct at the MCC. That investigation involved, among other things, the execution of six search warrants and the issuance of dozens of grand jury subpoenas and pen register orders. Pursuant to this legal process, in the weeks following the Government’s discovery of Schulte’s conduct at the MCC, the FBI has searched, among other things, the housing unit at the MCC in which Schulte was detained; multiple contraband cellphones (including at least one cellphone used by Schulte that is protected with significant encryption); approximately 13 email and social media accounts (including encrypted email accounts); and other electronic devices.


Now, the prosecutors use that word “encrypted” twice, as if it means extra spooky, but these days, a cellphone with significant encryption could mean an iPhone (though in jail Schulte might be able to get state of the art spook or crook phones) and “encrypted email accounts” often means ProtonMail.

In any case, that’s a whole lot of legal process for a one month investigation of someone sitting in a jail cell (Schulte was moved to solitary when the investigation started on October 1), but then Schulte allegedly had a shit-ton of hardware. The 6 search warrants were presumably used for Schulte’s devices, and the “dozens of grand jury subpoenas and pen registers” would probably have been used for those email and social media accounts, perhaps with both used for each account (I have a working theory that for encrypted comms it may take more than one pen register to get the data).

Schulte was using all this hardware and software, according to the prosecutors, to — among other things — do two things: send details about the search warrants to investigate him, as well as yet more classified information, to third parties.

As a result of these searches and other investigative steps, the Government discovered that Schulte had, among other things, (i) transmitted classified information to third parties, including by using an encrypted email account, and (ii) transmitted the Protected Search Warrant Materials to third parties in direct contravention of the Court’s Protective Order and the Court’s statements at the May 21 conference.


The prosecutors included a superseding indictment with their letter, adding two extra counts to his already life sentence-threatening indictment: a new Count Eleven, which is contempt of court for blowing off the protective order covering his search warrant starting in April, and a new Count Four, which is another count of transmitting and attempting to transmit unlawfully possessed national defense information (793(e)) during the period he has been in MCC.

With regards to Count Eleven, on Monday a letter Schulte sent to Judge Crotty that was uploaded briefly to PACER (I believe this is the third time Schulte has succeeded in getting such letters briefly uploaded to the docket), revealing that he had been moved to solitary, but also complaining about corrections the government had made to his original search warrant:

I beg you Judge Crotty to read the first search warrant affidavit and the government’s Brady letter; the FBI outright lied in that affidavit and now acknowledge roughly half of these lies. Literally, they [sic] “error” on seeing dates of 3/7 where there were only 3/2 dates and developing their entire predicate based on fallacious reasoning and lies. They “error” in seeing three administrators where there were “at least 5” (ie. 10). They [sic] “error” in where the C.I. was stolen who had access, and how it could be taken — literally everything.


While I absolutely don’t rule out the government either focused on Schulte back in March 2017 for reasons not disclosed in the search warrant application, or that they parallel constructed the real reasons badly (both of which would be of significant interest, but both of which his very competent public defender can deal with), the docket suggests the Vault 7 case against him got fully substantiated after the porn case, perhaps because of the stuff he did last year on Tor that got him jailed in the first place. As I noted, that Tor activity closely followed one of Julian Assange’s more pubic extortion attempts using the Vault 8 material Schulte is accused of sharing, though Assange has made multiple private extortion attempts both before and since.

Which brings me to the second new charge, transmitting and attempting to transmit national defense information to a third party, with a time span of December 2017 to October 2018. Effectively, the government claims that even after Schulte was jailed last December, he continued to share classified information.

I’m particularly interested in the government’s use of “attempted” in that charge, not used elsewhere. The time period they lay out, after all, includes a period when Ecuador restricted Julian Assange’s communication. Effectively, the government revealed on Wednesday that they have video evidence of Schulte sharing classified information with … someone.

Meanwhile, in the Ecuadoran embassy in London, things have been heating up between Assange and his hosts.

About halfway through the period after which Schulte had been put into solitary so the government could investigate a bunch of communications devices they claim they didn’t know about before around October 1, Ecuador announced what seemed to be a relaxation of restrictions on Assange, but actually was more of an ultimatum. He could have visitors, but first they’d have to apply 3 days in advance and supply their social media handles and identifying details for any devices they wanted to bring with them. Assange, too, has to register all his devices, and only use Ecuador’s wifi. If anyone uses unapproved devices, they’ll be deemed a security threat to Ecuador under the protection of the UK, basically giving the UK reason to prosecute them to protect Ecuador. Assange has to have regular medical exams; if he has a medical emergency, he’ll be treated off site. Starting on December 1, he has to start paying for food and other supplies. He has to start cleaning up the joint. He has to start taking care of his cat.

Assange immediately sued over the new rules. But he lost that suit on Monday. But even as he appeals that verdict, according to Courage Foundation, Ecuador has restricted even legal visits, something that hadn’t been the case before. Those restrictions appear to have been put in place on Wednesday, the same day the new Schulte charges were rolled out. They’ll remain in place until Monday.

A piece by Ryan Goodman and Bob Bauer renewed discussion this morning about the First Amendment limits on suing or prosecuting WikiLeaks for conspiring with Russia to swing the 2016 election; I hope to respond to it later, but wrote about the same lawsuit in this post. I think their view dangerously risks political journalism.

But I also think that you don’t necessarily need to charge WikiLeaks in the conspiracy to sustain a conspiracy charge; you can make them unindicted co-conspirators, just like Trump would be. I have long noted that you could charge Assange, instead, for his serial attempts to extort the United States, an effort that has gone on for well over 18 months using the very same files that Schulte is alleged to have leaked to WikiLeaks (extortion attempts which may also involve Roger Stone). Assange has accomplished those extortion attempts, in part, with the assistance of his lawyers, who up until this week (as far as I understand from people close to Assange) were still permitted access to him.

Say. Have I observed yet that these events are taking place in the last days before Mueller’s election season restrictions end?
https://www.emptywheel.net/2018/11/02/u ... al-visits/




Effectively, the government revealed on Wednesday that they have video evidence of Schulte sharing classified information with … someone.
Mazars and Deutsche Bank could have ended this nightmare before it started.
They could still get him out of office.
But instead, they want mass death.
Don’t forget that.
User avatar
seemslikeadream
 
Posts: 32090
Joined: Wed Apr 27, 2005 11:28 pm
Location: into the black
Blog: View Blog (83)

Re: Joshua Schulte

Postby seemslikeadream » Fri Dec 14, 2018 11:22 am


GOVERNMENT REQUESTS HARSH NEW CONDITIONS GOVERNING JOSHUA SCHULTE’S ACCESS TO CLASSIFIED DISCOVERY


December 12, 2018/5 Comments/in Cybersecurity, Leak Investigations, WikiLeaks /by emptywheel
When we last heard from Joshua Schulte, he had been thrown in solitary in response to FBI’s discovery that he had a cellphone in his jail cell at Metropolitan Correctional Center, after which FBI discovered he had other devices and 13 email and social media accounts.
In or about early October 2018, the Government learned that Schulte was using one or more smuggled contraband cellphones to communicate clandestinely with third parties outside of the MCC. The Government and the FBI immediately commenced an investigation into Schulte’s conduct at the MCC. That investigation involved, among other things, the execution of six search warrants and the issuance of dozens of grand jury subpoenas and pen register orders. Pursuant to this legal process, in the weeks following the Government’s discovery of Schulte’s conduct at the MCC, the FBI has searched, among other things, the housing unit at the MCC in which Schulte was detained; multiple contraband cellphones (including at least one cellphone used by Schulte that is protected with significant encryption); approximately 13 email and social media accounts (including encrypted email accounts); and other electronic devices.


Today, the government asked for supplemental protective order governing Schulte’s access to a special secure facility from which he can review classified discovery. Among other things, it requires his attorney to be searched for devices upon entering the facility, it requires him to remain in manacles throughout the time he is there, and sets up a clean team to monitor both what happens in the room and the computer the defense uses to review discovery.
The defense council will be screened for electronic devices prior to entering the SCIF when she meets with her client. Once inside the Secure Area, the defendant will be allowed to meet with cleared counsel during normal business hours. The Secure Area contains equipment (the “Computer Equipment”) to allow the defendant and cleared defense counsel to review the Classified Information produced by the Government. The Computer Equipment shall be used only for purposes of preparing the defense, and is enabled to log computer activity occurring on the equipment and is equipped with security measures. These logs may be reviewed by law enforcement agents or personnel who are not involved in the prosecution of the defendant (the “Wall Team”). In the event the Wall Team determines the Computer Equipment has been used in an unauthorized manner, including by attempting to circumvent any security measures or logging features, the Wall Agent will report that information to the CISO, who will notify the Court for further action.

When the defendant is present in the Secure Area, the Secure Area will be monitored for security purposes through closed circuit television (“CCTV”) by the Marshals and an authorized FBI agent for all scheduled productions. The CCTV will allow only for visual monitoring of the defendant and cleared defense counsel, and will not include audio. The CCTV will not be recorded. Should any Marshal or member of the Wall Team hear any conversation between the defendant and any of his counsel, those conversations will not be communicated to any member of the government prosecution team, including, but not limited to attorneys, agents, and support staff.

The Defendant will be in full restraints during the time he is in the SCIF and secured to a bolt in the floor. The Defendant will be stripped searched after departing the SCIF at the conclusion of each session. The Defense attorney will sign a waiver of liability due to the fact she will be alone and in close proximity to the defendant. The USMS reserves the right to terminate these meetings if security issues arise during any session.

While there’s no hint that one of Schulte’s defense attorneys was responsible for the past acquisition of contraband, the FBI sure seems intent on making sure that avenue isn’t possible going forward.

I believe when Schulte was arraigned on the new charge of leaking from jail, the government said that CIA hadn’t continued to give Schulte access to classified information after he left. Which suggests the stuff he tried to leak from jail included information he saw in discovery (presumably including how the FBI figured out he was the one leaking CIA’s tools).
https://www.emptywheel.net/2018/12/12/g ... discovery/
Mazars and Deutsche Bank could have ended this nightmare before it started.
They could still get him out of office.
But instead, they want mass death.
Don’t forget that.
User avatar
seemslikeadream
 
Posts: 32090
Joined: Wed Apr 27, 2005 11:28 pm
Location: into the black
Blog: View Blog (83)

Re: Joshua Schulte

Postby seemslikeadream » Mon Apr 15, 2019 5:19 pm

This is significant because most recent charges involve one count of contempt involving Schulte leaking the warrants to journalists.

The govt wants to sever the charges, prolly bc the contempt and one attempted leaking charge can be done w/o (much) classified info.


Adam Klasfeld

NEW: Federal judge won't release the search warrants against suspected WikiLeaker Joshua Schulte, believed to have leaked the CIA files labeled Vault 7.

"Surely this impacts the national security interests of the country," the judge found.

Doc here: https://www.documentcloud.org/documents ... -4-15.html

Image


Moments later, a letter from Schulte's attorneys reply to prosecutors on their motion to lift the protective order as to the warrants' disclosure hits the docket.

Unclear why it got onto the Pacer after Judge Crotty's order.

In any event, apparently moot--at least for now.

https://twitter.com/KlasfeldReports/sta ... 0984261633



Judge slapped Schulte's hands: who are YOU to say an investigation is over?
Image
Mazars and Deutsche Bank could have ended this nightmare before it started.
They could still get him out of office.
But instead, they want mass death.
Don’t forget that.
User avatar
seemslikeadream
 
Posts: 32090
Joined: Wed Apr 27, 2005 11:28 pm
Location: into the black
Blog: View Blog (83)

Re: Joshua Schulte

Postby seemslikeadream » Tue Apr 16, 2019 3:11 pm

emptywheel

emptywheel Retweeted Big Cases Bot
While everyone is focusing on the Assange case, worth noting that Schulte and his lawyers have now tried legal (2X) and illegal, allegedly (2X) means to publicize these warrants (rather than just trying to suppress search)

Big Cases Bot


New filing in United States v. Joshua Schulte: Order

Image
posting.php?mode=reply&f=33&t=41398
Mazars and Deutsche Bank could have ended this nightmare before it started.
They could still get him out of office.
But instead, they want mass death.
Don’t forget that.
User avatar
seemslikeadream
 
Posts: 32090
Joined: Wed Apr 27, 2005 11:28 pm
Location: into the black
Blog: View Blog (83)

Re: Joshua Schulte

Postby seemslikeadream » Wed Aug 28, 2019 6:13 am

REVISITING THE FIRST TIME PRESIDENT TRUMP BLABBED OUT CLASSIFIED INFORMATION FOR POLITICAL GAIN

August 27, 2019/1 Comment/in 2016 Presidential Election, Cybersecurity, emptywheel, Mueller Probe, WikiLeaks /by emptywheel


https://www.youtube.com/watch?time_continue=619&v=RYGH6ejacN0

I’d like to revisit what might be the first time in his presidency that Donald Trump blabbed out highly classified information for political gain. Trump appears to have endangered the investigation into CIA’s stolen hacking tools, all to blame Obama for the leak.

It happened on March 15, 2017, during an interview with Tucker Carlson.

Amid a long exchange where Tucker challenges Trump, asking why he claimed — 11 days earlier — that Obama had “tapped” Trump Tower without offering proof, Trump blurted out that the CIA was hacked during the Obama Administration.

Tucker: On March 4, 6:35 in the morning, you’re down in Florida, and you tweet, the former Administration wiretapped me, surveilled me, at Trump Tower during the last election. Um, how did you find out? You said, I just found out. How did you learn that?

Trump: I’ve been reading about things. I read in, I think it was January 20th, a NYT article, they were talking about wiretapping. There was an article, I think they used that exact term. I read other things. I watched your friend Bret Baier, the day previous, where he was talking about certain very complex sets of things happening, and wiretapping. I said, wait a minute, there’s a lot of wiretapping being talked about. I’ve been seeing a lot of things. Now, for the most part I’m not going to discuss it because we have it before the committee, and we will be submitting things before the committee very soon, that hasn’t been submitted as of yet. But it’s potentially a very serious situation.

Tucker: So 51,000 people retweeted that, so a lot of people thought that was plausible, they believe you, you’re the president. You’re in charge of the agencies, every intelligence agency reports to you. Why not immediately go to them and gather evidence to support that?

Trump: Because I don’t want to do anything that’s going to violate any strength of an agency. You know we have enough problems. And by the way, with the CIA, I just want people to know, the CIA was hacked and a lot of things taken. That was during the Obama years. That was not during, us, that was during the Obama situation. Mike Pompeo is there now, doing a fantastic job. But we will be submitting certain things, and I will be perhaps speaking about this next week. But it’s right now before the Committee, and I think I want to leave it at that. I have a lot of confidence in the committee.

Tucker: Why not wait to tweet about it until you can prove it? Does it devalue your words when you can’t provide evidence?

Trump: Well because the NYT wrote about it. You know, not that I respect the NYT. I call it the failing NYT. They did write on January 20 using the word wiretap. Other people have come out with —

Tucker: Right, but you’re the President. You have the ability to gather all the evidence you want.

Trump: I do, I do. But I think that frankly we have a lot right now and I think if you watch, uh, if you watched the Brett Baier and what he was saying and what he was talking about and how he mentioned the word wiretap, you would feel very confident that you could mention the name. He mentioned it and other people have mentioned it. But if you take a look at some of the things written about wiretapping and eavesdropping, and don’t forget when I say wiretap, those words were in quotes, that really covers, because wiretapping is pretty old fashioned stuff. But that really covers surveillance and many other things. And nobody ever talks about the fact that it was in quotes but that’s a very important thing. But wiretap covers a lot of different things. I think you’re going to find some very interesting items over the next two weeks. [my emphasis]

It was clear even at the time that it was a reference to the Vault 7 files, now alleged to have been leaked to WikiLeaks by Joshua Schulte; the first installment of files were released eight days earlier.

The next day, Adam Schiff, who as the then-Ranking HPSCI member, likely had been briefed on the leak, responded to Trump’s comments and suggested that, while Trump couldn’t have broken the law for revealing classified information, he should nevertheless try to avoid releasing it like this, without any kind of consideration of the impact of it.

Last night, the President stated on Fox News that “I just wanted people to know, the CIA was hacked, and a lot of things taken–that was during the Obama years.” In his effort to once again blame Obama, the President appears to have discussed something that, if true and accurate, would otherwise be considered classified information,

It would be one thing if the President’s statement were the product of intelligence community discussion and a purposeful decision to disclose information to the public, but that is unlikely to be the case. The President has the power to declassify whatever he wants, but this should be done as the product of thoughtful consideration and with intense input from any agency affected. For anyone else to do what the President may have done, would constitute what he deplores as “leaks.”

Trump did reveal information the CIA still considered classified. At the very least, by saying that CIA got hacked, he confirmed the Vault 7 documents were authentic files from the CIA, something the government was not otherwise confirming publicly at that time. (Compare Mike Pompeo’s oblique comments about the leak from a month later.)

His reference to the volume of stolen files may have been based on what the CIA had learned from reviewing the initial dump; court filings make it clear the CIA still did not know precisely what had been stolen.

His reference to a hack, rather than a leak, is an interesting word choice, as the compromise has usually been called a leak. But Schulte’s initial search warrants listed both Espionage and the Computer Fraud and Abuse Act, meaning the government was treating it as (partly) a hacking investigation. And some of the techniques he allegedly used to steal the files are the same that hackers use to obfuscate their tracks (which is unsurprising, given that Schulte wrote some of the CIA’s obfuscation tools).

Perhaps the most damning part of Trump’s statement, however, was the main one: that the theft had taken place under Obama. WikiLeaks’ initial release was totally noncommittal about when they obtained the files, but said it had been “recent[].” By making it clear that the government knew the theft had taken place in 2016 and not more “recently,” Trump revealed a detail that would have made it more likely Schulte would realize they believed he was the culprit (though he knew from the start he’d be a suspect), given that he’d left the agency just days after Trump was elected.

The most damning part of all of this, though, is the timing. Trump made these comments at an unbelievably sensitive time in the investigation.

Tucker did the interview while accompanying Trump to Detroit on March 15, 2017, which means the interview took place sometime between 10:50 AM and 3:30 PM (Tucker said the interview happened at Willow Run Airport, but this schedule says he flew into DTW). Unless it was given special billing, it would have aired at 9PM on March 15.

That means Trump probably made the comments as the FBI was preparing a search of Schulte’s apartment, the first step the FBI took that would confirm for Schulte that he was the main suspect in the leak. Trump’s comments likely aired during the search, before the moment Schulte left his apartment with two passports while the search was ongoing.

CIA had had a bit of advanced warning about the leak. In the lead-up to the leaks (at least by February 3), a lawyer representing Julian Assange, Adam Waldman, was trying to use the Vault 7 files to make a deal with the US government, at first offering to mitigate the damage of the release for some vaguely defined safe passage for Assange. The next day, WikiLeaks first hyped the release, presumably as part of an attempt to apply pressure on the US. Shortly thereafter, Waldman started pitching Mark Warner (who, with Richard Burr, could have granted Assange immunity in conjunction with SSCI’s investigation). On February 17, Jim Comey told Warner to stop his negotiations, though Waldman would continue to discuss the issue to David Laufman at DOJ even after the initial release. Weeks later, WikiLeaks released the initial dump of files on March 7.

An early WaPo report on the leak (which Schulte googled for its information about what the CIA knew before WikiLeaks published) claimed that CIA’s Internal Security had started conducting its own investigation without alerting FBI to the leak (though obviously Comey knew of it by mid-February). The same report quoted a CIA spox downplaying the impact of a leak it now calls “catastrophic.”

By March 13, the day the FBI got its first warrant on Schulte, the FBI had focused on Schulte as the primary target of the investigation. They based that focus on the following evidence, which appears to incorporate information from the CIA’s own internal investigation, an assessment of the first document dump, and some FBI interviews with his colleagues in the wake of the first release:

The FBI believed (and still maintains) that the files were stolen from the onsite backup server
Schulte was one of a small group of SysAdmins who had privileges to that server (in the initial warrant they said just three people did but have since revised the number to five)
The FBI believed (mistakenly) that the files were copied on March 7, 2016, a time when one of the other two known SysAdmins was offsite
Schulte had had a blow-up with a colleague that led to him souring on his bosses
During the period the CIA was investigating that blow-up, Schulte had reset his administrative privileges to restore his access to the backup server and one project he was working on
As part of his August security clearance renewal, some of Schulte’s colleagues said they thought he could be subject to coercion and was not adhering to rules on removable media
Just before he left, Schulte created two documents claiming to have raised concerns about the security of the CIA’s servers that (the government claims) he didn’t actually raise
Names identifying the two other SysAdmins who had access to the backup server, but not Schulte’s, were included in the initial release
In six days since the initial Vault 7 release, Schulte had contacted colleagues and told them he thought he’d be a suspect but was not the leaker
Having obtained a warrant based off that probable cause, on the afternoon of March 13, FBI agents went to conduct a covert search of Schulte’s apartment. The FBI was trying to conduct the search before a trip to Mexico Schulte was scheduled to take on March 16, which (as the affidavit noted) would have been only his second trip outside the US reflected in DHS records. But when the FBI got to Schulte’s apartment, they found a slew of computer devices (listed at PDF 116), making the covert search impractical. So overnight, they obtained a second warrant for an overt search; the FBI obtained that warrant at 1:36 AM on March 14. During that same overnight trip to the magistrate, the FBI also obtained warrants for Schulte’s Google, Reddit, and GitHub accounts.

There’s a lack of clarity about this detail in the public record: the warrant is dated March 14, but it is described as the “March 15 warrant.” The overt search continued through the night in question, so it could either be March 14-15 or March 15-16. The government’s response to Schulte’s motion to suppress the search says, “The Overt Warrant was signed during the early morning hours of March 14, 2017, and the FBI executed the warrant the same day.” But a May 5, 2017 affidavit (starting at PDF 129) says the overt search of Schulte’s apartment took place on March 15.

Whatever day the search happened, it appears that the search started when the lead agent approached Schulte in the lobby of Bloomberg, perhaps as he was leaving work, and asked if he had a role in the leak, which Schulte denied. (This conversation is one basis for Schulte’s false statements charge; the Bill of Particulars describing the interview says it took place on March 15.) The agent got Schulte to confirm he was traveling to Mexico on March 16, then got Schulte to let them into his apartment (Bloomberg is at 120 Park Avenue; Schulte lived at 200 E 39th Street, five blocks away). The search of Schulte’s apartment went through the night. Sometime between 10 and 11 PM, Schulte left his apartment, telling the FBI Agents he’d return around 11:30 PM. By 12:15 AM he hadn’t returned, so the lead FBI Agent went and found him leaving Bloomberg. They told him they had found classified information in his apartment, and asked for his passports. He went back to his workstation to retrieve them, and voluntarily handed them over. The affidavit describes Schulte being put on leave by Bloomberg on March 16, the last day he reported to work at Bloomberg (which would be consistent with the search taking place on the night of March 15-16).

If the search took place overnight on March 14-15, Trump’s statements might have reflected knowledge the search had occurred (and that FBI had found classified information in Schulte’s apartment that would sustain an arrest on false statements and mishandling classified information charges, if need be). If the search took place overnight on March 15-16 (which seems to be what the record implies), it would mean Trump made the comments before the search and they would have been aired on Fox News during it.

In other words, Trump may well have made the comments at a time when FBI was trying to avoid giving Schulte any advance notice because they were afraid he might destroy evidence.

In addition, Trump undoubtedly made the comments (and Schiff highlighted the significance of them) before Schulte had follow-up interviews on March 20 and 21, at which he denied, among other things, ever making CIA’s servers more vulnerable to compromise. If Schulte had read Trump’s comment he’d be more worried about anything akin to hacking.

The question is, how much of what Trump said reflected real knowledge of the investigation, and to what degree should he have known that blurting this out could be unbelievably damaging to the investigation?

Given Trump’s imprecision in speech, his comments could derive entirely from the Vault 7 release itself, or at least a really high level briefing (with pictures!) of the compromise and CIA’s efforts to mitigate it.

But there are two pieces of evidence that suggest Trump may have been briefed in more detail about Schulte as a target.

Jim Comey testified on June 8, 2017 that, in addition to asking him to, “let this [Flynn thing] go,” Trump had asked him about a classified investigation, but that conversation was entirely professional.

WARNER: Tens of thousands. Did the president ever ask about any other ongoing investigation?

COMEY: No.

WARNER: Did he ever ask about you trying to interfere on any other investigation?

COMEY: No.

WARNER: I think, again, this speaks volumes. This doesn’t even get to the questions around the phone calls about lifting the cloud. I know other members will get to that, but I really appreciate your testimony, and appreciate your service to our nation.

COMEY: Thank you, Senator Warner. I’m sitting here going through my contacts with him. I had one conversation with the president that was classified where he asked about our, an ongoing intelligence investigation, it was brief and entirely professional.


Obviously there were a ton of investigations and this conversation could have taken place after Trump made the public comments. But the Vault 7 investigation would have been one of the most pressing investigations in the months before Comey got fired.

More directly on point, in his Presumption of Innocence blog, Schulte describes the interactions with the FBI during the search — which are consistent with them taking place on March 15 — this way (he has not sought to suppress the statements he made that night, which suggests his claims of coercion aren’t strong enough to impress his attorneys):

The FBI set an artificial and misguided deadline on the night before I was to depart NYC for Cancun to prevent me from leaving the country. Despite my insistence with them that the notion someone would flee the country AFTER the publication literally made no sense—if it were me communicating with WikiLeaks then obviously I would have made damn sure to leave BEFORE it happened—they were persistent in their belief that I was guilty. The FBI literally told me that everyone ”up to the top” knew we were having this conversation and that “they” could not afford to let me leave the country. “They” could not afford another national embarrassment like Snowden. “They” would not, under any circumstances, allow me to leave the country. The FBI were prepared and willing to do anything and everything to prevent me from leaving the country including threaten my immediate arrest arrest unless I surrendered my passport. I did NOT initially consent, but the FBI held me against my will without any arrest warrant and even actively disrupted my attempts to contact an attorney. Intimidated, fearful, and without counsel, I eventually consented. I was immediately suspended from work


Schulte’s an egotist and has told obvious lies, especially in his public statements attempting to claim innocence. But if it’s true that the FBI agents told him everyone “up to the top” knew they were having the conversation with him on March 15, it might reflect knowledge that people at least as senior as Comey or Sessions or Pompeo knew the FBI was going to conduct an overt search with one goal being to prevent Schulte from leaving the country. And given the purported reference to Snowden and the way the entire government pursued him, it is not impossible that Trump had been asked to authorize Schulte’s arrest if he didn’t surrender his passports.

In other words, it is certainly possible that when Trump boasted that the CIA’s hacking tools had been stolen under Obama and not under his Administration (an interesting claim to begin with, given the delay in CIA alerting the FBI that WaPo reported), he had been briefed about Schulte within the last 48 hours or even that morning.

To be clear, I’m not suggesting that this comment was a deliberate attempt to sabotage the FBI investigation. Trump has a habit of mindlessly repeating whatever he has heard most recently, so if Trump were briefed on the investigative steps against Schulte on the 14th or 15th, it’s not surprising he brought it up when sitting with Tucker mid-day on the 15th, particularly given that they were discussing surveillance.

But imagine how this would look to the FBI as Trump started engaging in outright obstruction of the Russian investigation, particularly by firing Comey. There’s nothing in the public record that suggests a tie between Schulte’s leaks and Russia. But Schulte’s leaks (most notably the Marble Framework he authored) not only would have made it easier for Russia to identify CIA’s Russian targets, but they would have forced CIA to rebuild during a period it was trying to figure out what had happened in 2016 (and NSA would be in the same position, post Shadow Brokers). When the FBI was trying to keep their focus on Schulte secret for one more day so they could get to his apartment before he started destroying things, Trump sat before a TV camera and made a comment that might have alerted Schulte the FBI did, indeed, believe he was the culprit.

And Trump did so all to blame Obama for a catastrophic leak rather than himself.
https://www.emptywheel.net/2019/08/27/r ... ical-gain/
Mazars and Deutsche Bank could have ended this nightmare before it started.
They could still get him out of office.
But instead, they want mass death.
Don’t forget that.
User avatar
seemslikeadream
 
Posts: 32090
Joined: Wed Apr 27, 2005 11:28 pm
Location: into the black
Blog: View Blog (83)


Return to SLAD Newswire

Who is online

Users browsing this forum: No registered users and 5 guests