Posts

Joshua Schulte’s Three Lawyer Monte

For at least five months, accused Vault 7 leaker Joshua Schulte has been trying one after another ploy to avoid or delay his trial next month. But his latest move isn’t even very clever.

The problem, for Schulte, is that after he submitted a pro se filing attacking the government’s case that included classified information, his lawyers tried to get him to stop by telling him to write his complaints in notebooks instead. He did so and marked the notebooks “Attorney-Client,” but included things that could in no way be considered as such (such as passwords to Proton Mail accounts he used to email people outside of jail). So after the government discovered he had a cell phone in jail and searched his cell, they discovered the notebooks, where he had basically confessed to his past and ongoing crimes. As the government wrote in a later motion, that information includes:

(i) admissions by the defendant relating to his disclosure of classified information to WikiLeaks (such as the identification of information provided to WikiLeaks that has not yet been disclosed by WikiLeaks); (ii) admissions by Schulte with respect to his plan to disseminate additional classified information illegally from the MCC (such as his declaration of a so-called “information war” and notations of plans to, for example, schedule postings on various social media accounts he created from jail); (iii) false exculpatory statements; (iv) evidence connecting Schulte to contraband cellphones and electronic communications accounts (such as notations to install encrypted messaging applications on contraband cellphones or to delete “suspicious emails” from covert accounts used by Schulte while at the MCC); and (v) writings prepared for public dissemination that include classified information (such as draft tweets written by the defendant as one of his alleged former CIA colleagues who claimed to be able to exonerate the defendant and who recounted information about CIA activities to “authenticate” the author).

Since then, he has been trying to make that evidence unavailable for trial.

First, last June, he tried to suppress it (and the Proton Mail emails accessed with the passwords he stored in there) on Fourth Amendment grounds, which Judge Paul Crotty denied last October, in part because the FBI’s use of a wall team to sort out the non-privileged material demonstrated good faith.

Then, in August, Schulte’s lawyers informed the judge they had provided some kind of advice that led him to believe he could write down classified information in his prison notebooks, and asked that the judge sever the charges tied to his attempts to leak classified information from jail from the charges tied to his alleged leak of the Vault 7 documents to WikiLeaks, something that would have made the MCC admissions of guilt unavailable for his main trial. In September, Judge Crotty denied that motion, pointing out that the lawyer who gave the purportedly bad advice is not on Schulte’s trial team and so could testify.

Then, in October, his lawyers asked to be relieved of defending Schulte altogether, or at least asked for the judge to appoint a Curcio counsel to determine whether there is a conflict. On November 6, Judge Crotty appointed a Curcio counsel.

Meanwhile, also in October, Schulte’s lawyers said they were buried preparing for trial and needed help and asked that he appoint another lawyer to help them, James Branden, which Judge Crotty immediately did. That soon looked like a ploy, because Branden — who had said he’d be able to handle the schedule — wrote a letter in November asking for a six month adjournment saying he couldn’t handle the schedule. In the letter, he said he had not, in the interim month, met with Schulte. He also said he couldn’t elaborate on the need for a delay until December 9 because he was on vacation until then. Crotty was none too impressed with that, and denied that motion in December (though extended the trial date by three weeks.

On December 13, Schulte’s public defenders wrote the judge and said they decided their advice to Schulte meant they had to be relieved on ineffective assistance of counsel grounds.

On December 18, they held the Curcio hearing, and Judge Crotty (who had previously described ways to get the exculpatory evidence admitted at trial) denied the request to be relieved.

Last week, Schulte’s public defenders wrote Judge Crotty saying they could no longer defend Schulte because it would mean providing ineffective counsel, and also noting that they may have engaged in misconduct, meaning that Schulte’s decision to present the evidence would reflect badly on his trial lawyers. (Again, the lawyer who gave the bad advice will not be his trial lawyer.)  The next day they wrote against stating that, even though to adopt this ineffective assistance of counsel defense, he’d have to waive privilege on the current set of lawyers, he did not waive privilege.

The government responded to this second letter laying out all the case law that says if you’re going to argue ineffective counsel, you need to share what the bad advice is. In it, they called bullshit on Schulte’s claim that he really relied on his lawyers’ counsel.

For example, the Government has described to the defense how, if the defendant offered his counsel’s testimony, the Government would likely rely on recorded prison calls in which the defendant criticized defense counsel’s advice, including, for example, calls in which the defendant stated that he would “go around” Ms. Shroff to disclose information to the media, despite her objections to this strategy.

They also note that Schulte claims he needs this testimony to prove his innocence but is willing to wait years, under SAMs, to get it.

The Curcio counsel, Sean Maher, wrote as well last week, repeating that he believes the public defenders need to be relieved, because he can’t advise Schulte on whether or not he should call both lawyers to testify, thereby waiving privilege and necessitating getting new lawyers. He argues Schulte needs new lawyers to decide whether he needs to jettison his current lawyers. He ends his letter by explaining that he doesn’t have enough information to advise Schulte on that point.

Only conflict-free counsel who has a full sense of the case — the classified and unclassified discovery, the complicated forensic information, and knowledge of what other witnesses, including rebuttal witnesses, might say — should advise Mr. Schulte on this matter.

What seems to have dropped out of this conversation is that Schulte has another lawyer who can’t fathomably be said to have this conflict, James Branden, who in spite of his December vacation has nevertheless had over two months to get up to speed, the amount of time he originally said it’d take to prepare for trial. Branden is in a position to decide whether Schulte’s claim he got bad advice and so did what he said on recorded jail house conversations that he would ignore he wouldn’t do will hold with a jury.

Schulte is pretending he has two sets of lawyers: the ones he claims gave him shitty advice, which led him to try to record what he must be preparing to claim is just an imaginary Information War entirely within the bounds of his prison notebooks, and the Curcio counsel appointed to tell him — absent any context — whether that means they can’t represent him anymore.

But he’s got a third lawyer who has curiously dropped out of this discussion, Branden, who hasn’t signed his name to a filing since he asked for an adjournment (though he attended the Curcio hearing, so would be competent to provide the kind of advice that Maher says no one is available to provide).

Likely, if asked, Branden would note that claiming his lawyers told him to commit everything to his prison notebooks wouldn’t much help him (even ignoring his Non-Disclosure Agreements that commit him alone to protecting classified information), because Schulte allegedly shared classified information in public documents outside of his prison notebooks, in defiance of the advice the government says he got and ignored from Shroff.

I guess Schulte is hoping if he moves the three cards in his hand around fast enough, Judge Crotty — who he has attacked in a pro se filing Shroff probably told him not to file — won’t see that there are actually three and not two cards in his hand.

Three lawyer monte, with all the lawyers paid for by taxpayers, ostensibly in the name of a fair defense.

The WikiLeaks Conspiracy: The Government Prepares to Argue WikiLeaks Has Always Been an Organized Crime Syndicate

Last June, I ran into some folks who remain very close to Julian Assange. One of them scheduled dinner with me solely to scold me for writing honestly about the things that WikiLeaks had done in the past three years rather than focusing exclusively on the EDVA Espionage indictment charging Assange for things he did almost a decade ago.

The person complained that my factual reporting on 2016 election and — especially — the Vault 7 leak (I think this was the offending post) would undercut whatever unanimity there was among journalists (unanimity that I joined) that the existing charges against Assange were a dangerous precedent for actual journalists. Reporting true details about shitty things Assange had done in recent years on my humble little blog, it was claimed, would dangerously and singlehandedly undercut Assange’s defense.

No, I did not much appreciate the irony of being criticized for accurate reporting by someone purportedly defending journalism.

But I also thought the concerted effort to suppress what Assange had done recently, while perhaps necessary to generate the statements of support from journalists that were forthcoming, was short-sighted, because it misrepresents what Assange is actually facing. The grand jury in EDVA remains (as far as we know) active. The government specifically said, in June, that it needed Chelsea Manning’s testimony for subjects or charges not yet charged and said such charges were not time barred (as would be true of any ongoing conspiracy).

As the government’s ex parte submissions reflect, Manning’s testimony remains relevant and essential to an ongoing investigation into charges or targets that are not included in the superseding indictment. See Gov’t’s Ex Parte Mem. (May 23, 2019). The offenses that remain under investigation are not time barred, see id., and the submission of the government’s extradition request in the Assange case does not preclude future charges based on those offenses, see Gov’t’s Supplement to Ex Parte Mem. (June 14, 2019).

Since then, Jeremy Hammond has joined Manning in believing he can wait out whatever EDVA has in store.

Most of all, Joshua Schulte’s prosecution for the Vault 7 leak — a leak almost no WikiLeaks supporters I know will offer an enthusiastic defense of — kept chugging along. In recent weeks, Schulte has submitted a number of questionable filings claiming the dog ate his homework so he can’t be prepared in time for his trial:

  • The attorney appointed after defense attorneys said they needed one more attorney to prep for trial in time said he couldn’t prep for trial in time, but can’t talk about why not until he’s done with a week-long vacation
  • The government’s (admittedly long) motion in limine repeating details the government disclosed several times before took the defense by surprise
  • The defense can’t make a constitutional challenge to CIPA generally until the judge rules on CIPA specifically (this is the one arguably reasonable request)
  • The defense had no idea the government wasn’t claiming Schulte downloaded a terabyte of data onto a thumb drive that can’t hold that terabyte even though the government told the defense that a year ago and then again in November

But as of now, Schulte’s trial is due to start on January 13, a month and a half before Assange’s first substantive extradition hearing starting on February 25.

And at that trial, the government is preparing to argue that Schulte intended to harm the United States when he leaked these files to WikiLeaks, a stronger level of mens rea than needed to prove guilt under the Espionage Act (normally the government aims to prove someone should have known it could cause harm, relying on their Non-Disclosure Agreements to establish that), and one the government has, in other places, described as the difference between being a leaker and a spy.

To make that argument, the government is preparing to situate Schulte’s leaks in the context of prior WikiLeaks releases, in a move that looks conspicuously like the kind of ongoing conspiracy indictment one might expect to come out of the WikiLeaks grand jury, one that builds off some aspects of the existing Assange indictment.

In a motion opposing Schulte’s effort to disqualify Paul Rosenzweig as an expert witness (see this post for background), the government lays out some of the things it plans to have Rosenzweig explain to the jury. Some of this is dangerous criminalization of security, most notably tying WikiLeaks’ endorsement of Tor and Tails to Schulte’s own use of it.

But some of it fleshes out the scope the government laid out when it first requested to call Rosenzweig.

The Government recognizes the need to avoid undue prejudice, and will therefore limit Mr. Rosenzweig’s testimony to prior WikiLeaks leaks that have a direct relationship with particular aspects of the conduct relevant to this case, for example by linking specific harms caused by WikiLeaks in the past to Schulte’s own statements of his intent to cause similar harms to the United States or conduct. Those leaks include (i) the 2010 disclosure of documents provided to WikiLeaks illegally by Chelsea Manning; (ii) the 2010 disclosure of U.S. diplomatic cables; (iii) the 2012 disclosure of files stolen from the intelligence firm Stratfor; and (iv) the 2016 disclosure of emails stolen from a server operated by the Democratic National Committee.

For example, it will tie WikiLeaks’ failure to redact the identities of US sources in Chelsea Manning’s leaks — something charged in counts 15 through 17 of Assange’s indictment — to Schulte’s behavior. It sounds like Rosenzweig will explain something I’ve alluded to: WikiLeaks apparently left the names of some of Schulte’s colleagues unredacted, which given WikiLeaks’ big show of redacting the files could only have been intentional and would have required coordination with Schulte to do.

Mr. Rosenzweig will testify that WikiLeaks does not typically redact the information that it publicly discloses (even when that information may reveal confidential sources). The Government will introduce evidence, however, that the Classified Information was purportedly redacted when posted online. Mr. Rosenzweig’s testimony will help the jury understand the significance of WikiLeaks’ unique claim to have redacted the Classified Information, including, for example, the period of delay between when Schulte disclosed the Classified Information to WikiLeaks (in or about the spring of 2016) and when WikiLeaks first announced that it would begin to disclose the Classified Information (in or about the spring of 2017). [my emphasis]

One reason Assange made a show of redacting the identities was because he was attempting to extort a pardon at the time, so he had to appear willing to negotiate with DOJ. But it seems likely Rosenzweig will explain that that was just a show and that even as WikiLeaks was making that show it was also ensuring that other CIA SysAdmins might be targeted by foreign governments.

Likewise, Rosenzweig will tie the embarrassment caused by Manning’s releases to Schulte’s own intent to cause damage with his self-described Information War against the US.

The Government intends to introduce evidence (including his statements) of Schulte’s knowledge of Manning’s leak and the need for the U.S. government to maintain secrecy over certain information. Furthermore, the Government also plans to introduce evidence of how Schulte, from the Metropolitan Correctional Center (the “MCC”), declared an “information war” against the United States, pursuant to which he intended to publicly disclose classified information and misinformation, including through WikiLeaks (such as the Fake FBI Document), for the purpose of destroying the United States’ “diplomatic relationships,” and encouraged other U.S. government employees to disclose confidential information to WikiLeaks. Mr. Rosenzweig will explain to the jury generally information other leakers have transmitted to WikiLeaks that the organization published and how foreign governments reacted negatively to WikiLeaks’ disclosure of that information—leading, for example, to the highly-publicized resignation of the U.S. Ambassador to Mexico.

Effectively, the government will argue that if you want to conduct an Information War on the US, you choose to leak to WikiLeaks and ensure it will be as damaging as possible. Whatever the circumstances of Manning’s leaks, this uses Schulte’s stated desire to damage the US to retroactively taint what WikiLeaks has claimed in the past was mere journalistic exposure of wrong-doing. That doesn’t necessarily change the First Amendment danger in charging Assange. But it surely attempts to undercut WikiLeaks’ brand as a journalistic entity.

Most interestingly, the government will point to a claim Schulte made to a journalist while writing from jail (one that is plausible given some of his past public postings, but if true, is an unfathomable indictment of CIA’s vetting process) that he once belonged to Anonymous. Rosenzweig will tie this to Anonymous’ decisions to leak the Stratfor cables to WikiLeaks in 2012.

As described in the Government Motions in Limine, in encrypted communications from one of the Contraband Cellphones, Schulte (posing as a third person) stated that he had previously been a member of Anonymous, a group of online hacker activists. Mr. Rosenzweig will testify about how, in 2012, Anonymous and WikiLeaks worked together to release information from a private U.S. intelligence firm.

Of course, Anonymous didn’t just leak the Stratfor cables to WikiLeaks. They also shared files stolen during the Arab Spring and the Syria files. The latter leak provides one of the earliest indicators where the process by which WikiLeaks obtained files may have involvement of Russia, because somehow a file that would have been very damning for Russia never got published. But both would make the story the US wants to tell more complex (though still potentially consistent).

In any case, the focus on Stratfor may explain why the government is holding Jeremy Hammond in contempt to try to get him to testify in the EDVA grand jury, particularly if the government has reason to believe that Schulte was part of that hack.

Finally, the government will use Rosenzweig to explain how, in the wake of the DNC leak and at a time he was in a huff at his CIA bosses again, Schulte did … something in August 2016.

The Government intends to introduce evidence that Schulte transmitted the Classified Information to WikiLeaks in the spring of 2016, that WikiLeaks did not begin to disclose the Classified Information until March 2017, that Schulte was angry with CIA management in August 2016 over a performance review he received, that Schulte’s protective order against Employee-1 was vacated in August 2016, and that, around that same time (i.e., in August 2016), Schulte began to conduct extensive research online about WikiLeaks. The Government intends to offer evidence relating to those searches, including the specific queries Schulte conducted. Schulte has argued in his writings that his August 2016 research was related to WikiLeaks’ August 2016 disclosure of information stolen from a Democratic National Committee server (the “DNC Leak”). Mr. Rosenzweig will testify about the DNC Leak, including the type of information that WikiLeaks actually disclosed in connection with that leak, which will demonstrate why Schulte’s WikiLeaksrelated searches include queries that had nothing to do with the DNC Leak

Side note: Part of the media blitz Assange did in the wake of the DNC leaks included a claim to Chuck Todd that if WikiLeaks ever received information from US intelligence, they would publish it.

Well, it’s a meta story. If you’re asking would we accept information from U.S. intelligence that we had verified to be completely accurate, and would we publish that, and would we protect our sources in U.S. intelligence, the answer is yes, of course we would.

No one else would have, but Schulte would presumably have recognized this as a nod to him, reassurance provided on heavily watched TV that WikiLeaks was progressing towards releasing the files Schulte had leaked. Which is why the likelihood that Schulte also stole a single file reflecting CIA collecting information on who might win the 2012 French presidential election, which WikiLeaks subsequently falsely portrayed as proof that CIA had infiltrated political parties in France rather than asked well-placed sources for readily available information, is of particular interest.

The government, however, is going to point to other Google searches by Schulte from August 2016 that lump Edward Snowden and Shadow Brokers in with WikiLeaks.

For example, in addition to searching for information about WikiLeaks and Julian Assange, its primary leader, Schulte also conducted searches using the search terms “narcissist snowden,” “wikileaks code,” “wikileaks 2017,” “shadow brokers,” and “shadow broker’s auction bitcoin.” “Snowden” was presumably a reference to Edward Snowden, the former NSA contractor who disclosed information about a purported NSA surveillance program, and “Shadow Brokers” was a reference to a group of hackers who disclosed online computer code that they purportedly obtained from the NSA, beginning in or about August 2016.

I have long wondered whether Vault 7 was not a free-standing leak but instead part of the Shadow Brokers operation.  This seems to suggest the government knows they are. If that’s right, it would suggest that in the period when the government was trying to figure out precisely what Russia had done in 2016, both the NSA and CIA’s ability to spy on Russia (and other countries) would have been been deliberately burnt to the ground. And if Schulte knowingly participated in that — in an effort to ensure that the US would struggle to even learn what Russia had done in 2016 — it would explain why they’re planning on arguing he is more of a spy than a leaker.

Which would, in turn, explain why they took the first steps towards arresting Assange as FBI started putting together the evidence needed to charge Schulte on these leaks in 2017.

Let me be clear: I’m not saying I’m sure they’ll fill all these details in a superseding Assange indictment (though the government said it could not provide Assange the underlying evidence even for the 2010 charges until around Christmas — at which point Schulte will have gone through the CIPA process of declassifying classified information for use in his defense, and they could add charges at least until the February 25 hearing). It may still be that the government won’t want to get into the level of classified detail they’d need to to flesh out that case, particularly if they can’t coerce Manning and Hammond to cooperate.

I’m also not making a normative judgment that this eliminates the very real problems with the way Assange is charged now. Without seeing the government’s case, it’s too soon to tell.

What I’m trying to do is lay out what the government seems to be preparing to argue about WikiLeaks in the Schulte case. No doubt this will get me invited for another stern scolding at dinner, but it’s time to stop pretending Assange is being prosecuted for the understanding of WikiLeaks that existed in 2010. By all means, people can and will still defend Assange for taking on an imperialist America. For much of the world (though presumably not among any Five Eyes governments, including Assange’s home country), that still makes him an important dissident taking on a superpower. There is some merit to that stance, but it also requires arguing that superpowers shouldn’t have democratic elections.

But the government is preparing to argue that, after helping Russia tamper in America’s election, WikiLeaks deliberately burned some of CIA’s collection abilities to the ground, making it harder for the US to figure out how Russia did so. The government is preparing to argue that such actions are consistent with what WikiLeaks has been up to since 2010.

I’ve been expecting we might see an indictment alleging WikiLeaks and its associates were and remain engaged in an ongoing conspiracy (a possibility that, if Manning and Hammond’s lawyers haven’t warned them about, they are being utterly negligent, because the government could well argue that obstructing this investigation by refusing to provide immunized testimony is an overt act furthering the conspiracy).

The citations the government has used to justify Rosenzweig’s testimony are heavily focused on terrorism and mob cases (United States v. Farhane and United States v. Mustafa, which are al Qaeda cases; United States v. El Gammal, which is an ISIL one, and United States v. Rahimi, the self-radicalized Chelsea bomber; United States v. Lombardozzi and United States v. Locascio which are Gambino cases, United States v. Amuso, a Lucchese case), including one RICO case. That’s undoubtedly why Schulte’s lawyers really want Rosenzweig’s testimony excluded, to avoid having WikiLeaks treated like an organized crime syndicate.

But if the government is preparing to claim that WikiLeaks worked with Schulte not only to obtain files it tried to use to extort a pardon but then released them in a way that would hurt America’s efforts to respond to Russia’s 2016 operation, that’s a pretty compelling analogy.

Update: After comments from Stefania Maurizi, I’ve rephrased how I described what happened with the Syria Files. I want to be clear the statement in the post was not based on what I’ve been told by reliable sources about the process by which those files got shared with WikiLeaks.

As I disclosed last year, I provided information to the FBI on issues related to the Mueller investigation, so I’m going to include disclosure statements on Mueller investigation posts from here on out. I will include the disclosure whether or not the stuff I shared with the FBI pertains to the subject of the post. 

Joshua Schulte: The Alleged Vault 7 and CIA Election Spying Leaker?

I’m preparing a post showing that the government is preparing to lay out WikiLeaks as a decade-long ongoing conspiracy (whether or not they’re planning on charging anyone with that).

Before I do, I wanted to correct an error I’ve made throughout my coverage of accused Vault 7 source Joshua Schulte. That’s how I’ve always referred to him, as the guy who stole CIA’s hacking tools and leaked them all to WikiLeaks.

But that’s almost certainly not all the government believes he leaked.

Weeks before the actual Vault 7 leak, remember, WikiLeaks published a one-off file purporting to show CIA “espionage” on the 2012 French election. It purported to show that CIA had conducted both SIGINT and HUMINT on France’s political parties, with an emphasis on the left and the right.

All major French political parties were targeted for infiltration by the CIA’s human (“HUMINT”) and electronic (“SIGINT”) spies in the seven months leading up to France’s 2012 presidential election. The revelations are contained within three CIA tasking orders published today by WikiLeaks as context for its forth coming CIA Vault 7 series. Named specifically as targets are the French Socialist Party (PS), the National Front (FN) and Union for a Popular Movement (UMP) together with current President Francois Hollande, then President Nicolas Sarkozy, current round one presidential front runner Marine Le Pen, and former presidential candidates Martine Aubry and Dominique Strauss-Khan.

But what the document actually showed is analysis of what might happen in the upcoming election, with some questions to ask, but questions that could easily be answered by wandering around the campus of Science Po, and would likely not be answered by infiltrating a campaign.

Nevertheless, in the wake of the Russian hack of the US, critics of America who took note of this thoroughly uninteresting document might misrepresent it as proving that the US still does what Russia did, even to our close allies.

WikiLeaks, significantly, claimed that this document provided context for the upcoming Vault 7 drop, even though it did no such thing.

The document, which as I said, the government likely will argue also came from Schulte, is significant for two reasons.

According to several documents in his case, he stole the Vault 7 files in May 2016, in a fit of anger over not getting his way.

But then, in August 2016, he started searching on WikiLeaks.

Around this time, Schulte also began regularly to search for information about WikiLeaks. In the approximately six years leading to August 2016, Schulte had conducted one Google search for WikiLeaks. Beginning on or about August 4, 2016 (approximately three months after he stole the Classified Information), Schulte conducted numerous Google searches for WikiLeaks and related terms and visited hundreds of pages that appear to have resulted from those searches.

Also in August 2016, he researched how to use throwaway emails and how to use Tails again.

It seems likely the government believes — though may not have proof — that the French election file also came from Schulte, but that he stole it in August, after WikiLeaks had released the DNC emails. If so, it seems that this file was something Schulte stole to help WikiLeaks justify its DNC dump. Perhaps even, as some files charged in the Assange indictment, this was something WikiLeaks requested.

The government is going to show that Schulte was closely involved in the way WikiLeaks released the Vault 7 files. And WikiLeaks and Schulte continued to cooperate closely after that. But it also now seems clear they plan to argue that Schulte stole files precisely to make WikiLeaks’ 2016 cooperation with Russia look less damning.

The Trump-John Solomon Attempts to Blame Others for the Vault 7 Leak

As I noted some weeks ago, there was a detail revealed in the Roger Stone trial that cast Donald Trump’s answers to Robert Mueller in significant new light. It wasn’t the evidence that Trump lied when he said he could not recall talking to his rat-fucker about WikiLeaks; there was already far more compelling evidence that Trump lied under oath to Mueller. Rather, it was the evidence that Trump may have lied when he said he didn’t recall discussing pardoning Julian Assange.

The trial revealed discussions on a pardon involving Stone were more extensive than previously known. Even before the election, Randy Credico interspersed his responses to Stone’s demands for information about Assange’s plans with a push for Trump to give Assange asylum.

It was previously known that Credico and Stone continued to discuss their shared support for an Assange pardon into 2018. The new information on this topic revealed at trial was that Credico introduced Margaret Kunstler to Stone in late December 2016 in pursuit of a pardon.

Given how that makes any pardon for Assange look much more like payoff for help getting elected, I wanted to pull together evidence about how Trump and others responded to the Vault 7 leak in early 2017 and afterwards. What follows is speculative. But the significance of it is bolstered by the fact that Trump’s favorite propagandist, John Solomon, has a role.

Back in early January 2017, the lawyer that Assange shared with Oleg Deripaska and Christopher Steele, Adam Waldman, reached out to DOJ organized crime official Bruce Ohr to broker information from Assange about the CIA hacking files he was preparing to release; Assange never committed to holding the release, but he did offer to make redactions.  Waldman met in person with Ohr on February 3. That same day, Waldman reached out to David Laufman, the head of counterintelligence at the time, presumably off a referral from Ohr. The next day, Assange first pitched Vault 7, effectively giving Waldman more leverage to make a deal with DOJ.

At the same time, Waldman started reaching out to Mark Warner, ultimately discussing possible testimony to SSCI with all his clients — Steele, Deripaska, and Assange. In his discussions about Assange with Warner on February 16, Waldman claimed he was trying to protect Democrats, as if a damaging leak would hurt just one or the other party.

Just two days later, however, Warner broke off that part of discussions with Waldman on instructions from Jim Comey. Ultimately, the frothy right would slam Comey for making this call, complaining that he disrupted, “constructive, principled discussions with DOJ that occurred over nearly two months.” By the time of Comey’s call, however, CIA was already conducting their own internal investigation and  had a pretty good idea that Joshua Schulte had leaked the documents.

On March 7, WikiLeaks released the first of a long series of dumps pertaining to CIA’s hacking tools. While WikiLeaks claimed to have redacted damaging information, within days the FBI and CIA identified that WikiLeaks had actually left damaging information that would have required inside information to know to leave in the files (that is, communications with the source, possibly directly with Schulte).

On March 9, Donald Trump called Jim Comey — the single communication he had with Comey that (at least on the surface) did not relate to the Russian investigation — to ask about ” our, an ongoing intelligence investigation,” per later Comey testimony.

On March 9, 2017, Comey had a secure one-on-one telephone call with President Trump. Comey told the OIG that the secure telephone call was “only business,” and that there was “nothing untoward” about the call, other than it was “unusual for the President to call the Director directly.” Comey said he did not prepare a memo to document this call with the President, but said he had [Jim] Rybicki arrange a secure call to Attorney General Sessions immediately afterwards to inform the Attorney General about the telephone call from the President in an effort “to keep the Attorney General in the chain of command between [Comey] and the President.”

I haven’t confirmed that this pertained to Schulte, though the timing suggests it’s a high likelihood.

Even after the first release, David Laufman made some kind of counteroffer to Waldman in mid-March (these files come from Solomon, so can be assumed to be missing key parts).

But then, days later, the FBI obtained the first warrants targeting Joshua Schulte, obtaining a covert search warrant and a warrant for his Google account on March 13. When the FBI arrived at Schulte’s apartment to search it, however, they discovered so many devices they decided they could not conduct the search covertly (they were under a time crunch, because Schulte had a plane ticket for Mexico on March 16). So overnight on March 14, they obtained an overt search warrant.

Mid-day on what appears to be the same day FBI prepared to search Schulte’s apartment, Tucker Carlson accompanied Trump on a trip to Detroit. During the interview, Tucker challenges Trump, asking why he claimed — 11 days earlier — that Obama had “tapped” Trump Tower without offering proof, Trump blurted out that the CIA was hacked during the Obama Administration.

Tucker: On March 4, 6:35 in the morning, you’re down in Florida, and you tweet, the former Administration wiretapped me, surveilled me, at Trump Tower during the last election. Um, how did you find out? You said, I just found out. How did you learn that?

Trump: I’ve been reading about things. I read in, I think it was January 20th, a NYT article, they were talking about wiretapping. There was an article, I think they used that exact term. I read other things. I watched your friend Bret Baier, the day previous, where he was talking about certain very complex sets of things happening, and wiretapping. I said, wait a minute, there’s a lot of wiretapping being talked about. I’ve been seeing a lot of things. Now, for the most part I’m not going to discuss it because we have it before the committee, and we will be submitting things before the committee very soon, that hasn’t been submitted as of yet. But it’s potentially a very serious situation.

Tucker: So 51,000 people retweeted that, so a lot of people thought that was plausible, they believe you, you’re the president. You’re in charge of the agencies, every intelligence agency reports to you. Why not immediately go to them and gather evidence to support that?

Trump: Because I don’t want to do anything that’s going to violate any strength of an agency. You know we have enough problems. And by the way, with the CIA, I just want people to know, the CIA was hacked and a lot of things taken. That was during the Obama years. That was not during, us, that was during the Obama situation. Mike Pompeo is there now, doing a fantastic job. But we will be submitting certain things, and I will be perhaps speaking about this next week. But it’s right now before the Committee, and I think I want to leave it at that. I have a lot of confidence in the committee.

The search on Schulte did not end until hours after this interview was broadcast. After it was broadcast, but before FBI had confiscated Schulte’s passport, he had gone to his office at Bloomberg to access his computer there. That means, Trump provided non-public information that — because it would have made it clear to Schulte that FBI knew the hacking tools had been stolen under Obama — might have confirmed Schulte’s suspicions that he was the target.

WikiLeaks released a second dump two weeks after the first, on March 23. Then Waldman made a proffer on March 28, offering to discuss Russian infiltration of WikiLeaks and ways to mitigate the damage from Vault 7 for safe passage to the US (and possibly immunity, though that may have been only for that discussion). Laufman couldn’t make sense of the demand for “safe passage,” and asked for clarity, which he appears never to have gotten.

Then on April 7, with the third dump and Mike Pompeo’s subsequent naming of Vault 7 as a hostile non-state actor, the negotiations with Laufman may have ceased. Thus ended what appears to be Assange’s efforts to leverage the CIA’s hacking tools and a false show of reasonableness to obtain a way out of the embassy.

To be fair, Trump didn’t successfully undermine the entire Schulte investigation; he was probably just blabbing his mouth. Unsurprisingly, DOJ refused to grant the expansive concessions Assange was demanding.

But there are a few details of these events of particular interest.

First, Trump’s public comments seem to perfectly parrot what Waldman was saying back in February. Both asserted, ridiculously, that Democrats were uniquely to blame for the theft of CIA’s hacking tools and Trump used that fact almost gleefully, to absolve himself of any concern about the leak.

Similarly, because Jim Comey intervened (presumably to preserve the integrity of at least the investigation into Vault 7 but possibly more), someone teed up John Solomon to blame Comey for the leak the week after Schulte was eventually charged for it. Specifically, Solomon “blames” Comey for not agreeing to free Assange temporarily back in early 2017.

Some of the characters are household names, thanks to the Russia scandal: James Comey, fired FBI director. Sen. Mark Warner (D-Va.), vice chairman of the Senate Intelligence Committee. Department of Justice (DOJ) official Bruce Ohr. Julian Assange, grand master of WikiLeaks. And American attorney Adam Waldman, who has a Forrest Gump-like penchant for showing up in major cases of intrigue.

Each played a role in the early days of the Trump administration to try to get Assange to agree to “risk mitigation” — essentially, limiting some classified CIA information he might release in the future.

The effort resulted in the drafting of a limited immunity deal that might have temporarily freed the WikiLeaks founder from a London embassy where he has been exiled for years, according to interviews and a trove of internal DOJ documents turned over to Senate investigators.

But an unexpected intervention by Comey — relayed through Warner — soured the negotiations, multiple sources tell me. Assange eventually unleashed a series of leaks that U.S. officials say damaged their cyber warfare capabilities for a long time to come.

John Solomon has been the go-to defense propagandist for Trump from the start. This article is an outlier for its topic. Nevertheless, someone loaded Solomon up with documents to selectively release to fit a particular narrative, which attests to the perceived import of it.

Again, some of this is speculative. But tied to the fact that pardon discussions with Trump may have gone further than previously known, it provides a curious pattern, where Trump responded to the most damaging breach in CIA’s history by instead looking for partisan advantage.

Update: According to a Jim Comey 302 newly liberated by BuzzFeed, he diverted into ODNI to call Trump regarding the March 9 call. (PDF 248)

Note that nothing was withheld for classification reasons, though the call was clearly Top Secret when it occurred. That limits the possible topic still further (though by no means confirms that it is Schulte).

Timeline (all dates 2017)

January 12: Bruce Ohr considers Waldman’s offer

February 3: Laufman reaches out to Waldman

February 4: Wikileaks first pitches Vault 7

February 6: Steele tells Ohr that Oleg Deripaska is upset at being treated like a criminal

February 14: Steele probably shares more information on his relationship with Deripaska

February 15: Waldman reaches out to Warner

February 16: Waldman issues extortion threat against Democrats

February 17: Warner says he’s got important call (with Comey), relays stand down order

March 7: Wikileaks releases first Vault 7 documents

March 9: Trump asks Jim Comey about an intelligence investigation

March 13: Covert search warrant on Schulte’s home and Google account

March 14: FBI obtains overt search warrant for Schulte’s home

Mid-March: Waldman contacts Laufman, suggests Assange is interested

March 15, mid-day: During Tucker Carlson interview, Trump reveals non-public information about Vault 7 leak

March 15: FBI interviews Schulte several times as part of first interview

March 15, 9PM: Probable first airing of Carlson interview

March 16: Adam Schiff warns against Trump leaking about Vault 7

March 20, 2017: Search on Schulte (including of cell phone, from which passwords to his desktop obtained)

March 23: Second Vault 7 release

March 28: Safe passage offer not including details about hack

March 31: Third Vault 7 release

April 5: Laufman asks whether Assange wants safe passage into London or to the US

April 7: Wikileaks posts third dump, which Solomon suggests was the precipitating leak for Mike Pompeo’s declaration of Wikileaks as non-state intelligence service (these are weekly dumps by this point)

The Government Prepares to Argue that Transmitting Information *To* WikiLeaks Makes the Vault 7 Leak Different

In a long motion in limine yesterday, the government suggested that if Joshua Schulte had just been given a “prestigious desk with a window,” he might not have leaked all of CIA’s hacking tools in retaliation and caused what the government calls “catastrophic” damage to national security.

Schulte grew angrier at what he perceived was his management’s indifference to his claim that Employee-1 had threatened him. Schulte also began to complain about what, according to him, amounted to favoritism toward Employee-1, claiming, for example, that while the investigation was ongoing, Schulte was moved to an “intern desk,” while Employee-1 had been moved to a “prestigious desk with a window.”

[snip]

The Leaks are the largest illegal disclosure of CIA information in the agency’s history and, as noted above, caused catastrophic damage to national security.

Along the way, the motion provides the most detailed description to date about how the government believes Schulte stole the Vault 7 files from CIA. It portrays him as an arrogant racist at the beginning of this process, and describes how he got increasingly belligerent with this colleagues at CIA leading up to his alleged theft of the CIA’s hacking files, leading his supervisors to recognize the threat he might pose, only to bollox up their efforts to restrict his access to CIA’s servers.

The motion, along with several other submitted yesterday, suggests that the government would like to argue that leaking to WikiLeaks heightens the damage that might be expected to the United States.

Along with laying out that it intends to argue that the CIA charges (stealing the files and leaking them to WikiLeaks) are intertwined with the MCC charges (conducting “information war” against the government from a jail cell in the Metropolitan Correction Center; I explained why the government wants to do so here), the government makes the case that cybersecurity expert Paul Rosenzweig should testify as a witness about WikiLeaks.

Rosenzweig will testify about (i) WikiLeaks’s history, technical and organizational structure, goals, and objectives; (ii) in general terms, prior leaks through WikiLeaks, in order to explain WikiLeaks’s typical practices with regard to receiving leaked classified information, its practices or lack thereof regarding the review and redaction of sensitive information contained in classified leaks, and certain well-publicized harms to the United States that have occurred as a result of disclosures by WikiLeaks; and (iii) certain public statements by WikiLeaks regarding the Classified Information at issue in this case.

Rosenzweig’s testimony would come in addition to that of classification experts (probably for both sides) and forensic experts (again, for both sides; Steve Bellovin is Schulte’s expert).

The expert witnesses were allowed to testify as to the background of the organization Wikileaks; how the U.S. Government uses certain markings and designations to identify information that requires special protection in the interests of national security; the meaning of certain computer commands and what they would do; how various computers, servers, and networks work; how data is stored and transferred by various computer programs and commands; and the examination of data that is stored on computers and other electronics.

The only motion in limine Schulte submitted yesterday objected to Rosenzweig’s testimony. Schulte argues that the government’s expert notice neither provides sufficient explanation about Rosenzweig’s intended testimony nor proves he’s an expert on WikiLeaks. More interesting is Schulte’s  argument that Rosenzweig’s testimony would be prejudicial. It insinuates that Rosenzweig’s testimony would serve to substitute for a lack of proof about how Schulte sent the CIA files to WikiLeaks (Schulte is alleged to have used Tor and Tails to transmit the files, which would leave no forensic trace).

In Mr. Schulte’s case, the government has no reliable evidence of how much information was taken from the CIA, how it was taken, or when it was provided to WikiLeaks. The government cannot overcome a lack of relevant evidence by introducing evidence from other cases about how much information was leaked or how information was leaked in unrelated contexts. The practices of WikiLeaks in other contexts and any testimony about alleged damage from other entirely unrelated leaks is completely irrelevant.

Schulte’s claimed lack of evidence regarding transfer notwithstanding, that’s not how the government says they want to use Rosenzweig’s testimony. They say they want to use his testimony to help prove that Schulte intended to injure the US.

The Government is entitled to argue that Schulte intended to harm the United States, by transmitting the stolen information to WikiLeaks, because he knew or had reason to know what WikiLeaks would do with the information. The fact that WikiLeaks’ prior conduct has harmed the United States and has been widely publicized is powerful evidence that Schulte intended or had reason to believe that “injury [to] the United States” was the likely result of his actions—particularly given that the Government will introduce evidence that demonstrates Schulte’s knowledge of earlier WikiLeaks disclosures, including his own statements.

It does so by invoking WikiLeaks’ past leaks and the damage those leaks have done.

Accordingly, proof that it was foreseeable to Schulte that disclosure of classified information to WikiLeaks could cause “injury [to] the United States” is a critical element in this case. Indeed, the Senate Select Committee on Intelligence has explicitly stated “that WikiLeaks and its senior leadership resemble a non-state hostile intelligence service.” S. Rep. 115-151 p. 10. In order to evaluate evidence related to this topic, the jury will need to understand what WikiLeaks is, how it operates, and the fact that WikiLeaks’ previous disclosures have caused injury to the United States. The Government is entitled to argue that Schulte intended to harm the United States, by transmitting the stolen information to WikiLeaks, because he knew or had reason to know what WikiLeaks would do with the information.

Notably, the government motion invokes the Senate’s recognition that WikiLeaks resembles “a non-state hostile intelligence service.” That may well backfire in spectacular fashion. That statement didn’t come until over a year after Schulte is alleged to have stolen the files. And the statement was a follow-up to Mike Pompeo’s similar claim, which was a direct response to Schulte’s leak. If I were Schulte, I’d be preparing a subpoena to call Pompeo to testify about why, after the date when Schulte allegedly stole the CIA files, on July 24, 2016, he was still hailing the purported value of WikiLeaks’ releases.

The thing is, showing that the specific nature of the intended recipient of a leak is an element of the offense has never been required in Espionage leak cases before. Indeed, the government’s proposed jury instructions are based off the instruction in the Jeffrey Sterling case. While the government flirted with naming James Risen an unindicted co-conspirator in that case, they did not make any case that leaking to Risen posed unique harm.

Moreover, even before getting into Schulte’s statements about WikiLeaks (most of which have not yet been made public, as far as I’m aware), by arguing the CIA and MCC charges together, the government will have significant evidence not just about Schulte’s understanding of WikiLeaks, but his belief and that they would lie to harm the US. The government also has evidence that Schulte knew that WikiLeaks’ pretense to minimizing harm with the Vault 7 files was false, and that instead WikiLeaks did selective harm in its releases, though it doesn’t want to introduce that evidence at trial.

In other words, this seems unnecessary, superfluous to what the government has done in past Espionage cases, and a dangerous precedent (particularly given the way the government suggested that leaking to The Intercept was especially suspect in the Terry Albury and Reality Winner cases).

That’s effectively what Schulte argues: that the government is trying to argue that leaking to WikiLeaks is particularly harmful, and that if such testimony goes in, it would be forced to call its own witnesses to testify about how past WikiLeaks releases have shown government malfeasance.

This testimony could also suggest that the mere fact that information was released by WikiLeaks necessarily means that it was intended to—and did—cause harm to the United States. These are not valid evidentiary objectives. Instead, this type of testimony would create confusion and force a trial within a trial on the morality of WikiLeaks and the extent of damage caused by prior leaks. If the government is allowed to introduce this evidence, the defense will necessarily have to respond with testimony about how WikiLeaks is a non-profit news organization, that it has previously released information from government whistle-blowers that was vital to the public understanding of government malfeasance, and that any assertion of damages in the press is not reliable evidence.

The government, in a show of reasonableness, anticipates Schulte’s argument about the prejudice this will cause by stating that it will limit its discussion of prior WikiLeaks releases to a select few.

The Government recognizes the need to avoid undue prejudice, and will therefore limit Mr. Rosenzweig’s testimony to prior WikiLeaks leaks that have a direct relationship with particular aspects of the conduct relevant to this case, for example by linking specific harms caused by WikiLeaks in the past to Schulte’s own statements of his intent to cause similar harms to the United States or conduct. Those leaks include (i) the 2010 disclosure of documents provided to WikiLeaks illegally by Chelsea Manning; (ii) the 2010 disclosure of U.S. diplomatic cables; (iii) the 2012 disclosure of files stolen from the intelligence firm Stratfor; and (iv) the 2016 disclosure of emails stolen from a server operated by the Democratic National Committee.

The selected cases are notable, as all of them (with Manning’s leaks seemingly listed twice) involve cases the government either certainly (with the EDVA grand jury seeking Manning and Jeremy Hammond’s testimony) or likely (with ongoing investigations into Roger Stone) currently has ongoing investigations into.

As a reminder: absent an unforeseen delay, this trial will start January 13, 2020 and presumably finish in the weeks leading up to the beginning of Julian Assange’s formal extradition process on February 25. The government has maintained it can add charges up until that point, and US prosecutors told British courts it won’t provide the evidence against Assange until two months before the hearing (so around Christmas).

Schulte’s trial, then, appears to be the opening act for that extradition, an opening act that will undermine the claims WikiLeaks supporters have been making about the journalistic integrity of the organization in an attempt to block Assange’s extradition. Rosenzweig’s testimony seems designed, in part, to heighten that effect.

Which may be why this instruction appears among the government’s proposed instructions.

Some of the people who may have been involved in the events leading to this trial are not on trial. This does not matter. There is no requirement that everyone involved in a crime be charged and prosecuted, or tried together, in the same proceeding.

You may not draw any inference, favorable or unfavorable, towards the Government or the defendant from the fact that certain persons, other than the defendant, were not named as defendants in the Indictment. Do not speculate as to the reasons why other persons were not named. Those matters are wholly outside your concern and have no bearing on your function as jurors.

Whether a person should be named as a co-conspirator, or indicted as a defendant in this case or another separate case, is a matter within the sole discretion of the United States Attorney and the Grand Jury.

As noted, a number of different WikiLeaks supporters have admitted to me that they’re grateful Assange has not (yet) been charged in conjunction with the Vault 7 case, because even before you get to his attempt to extort a pardon with the files, there’s little journalistic justification for what it did, and even more reason to criticize WikiLeaks’ actions as the case against Schulte proceeded.

Yet the obscure proceedings before the EDVA grand jury suggests the government may be pursuing a conspiracy case that starts in 2010 and continues through the Vault 7 releases, with the same variety of Espionage and CFAA charges continuing through that period.

By arguing the CIA and MCC charges in tandem, the government can pretty compellingly make the case that WikiLeaks’ activities went well beyond journalism in this case. But it seems to want to use Rosenzweig’s testimony to make the case more broadly.

Government Confirms that WikiLeaks Didn’t Release All the Vault 7 Files

Accused Vault 7 hacker Joshua Schulte’s lawyers seem really intent on preventing the government from using evidence obtained while he was using a contraband phone at MCC in his trial for the main leak of CIA’s hacking tools to WikiLeaks.

They’ve already challenged warrants obtained using evidence found in notebooks marked as attorney-client privileged information but then released after a wall team review; in my NAL opinion, that challenge is the most likely of any of his motions to succeed. Last week, they also moved to sever the two MCC charges from the main Espionage ones (they’ve already severed the child porn and copyright violation charges from the Espionage ones), explaining that two of his attorneys, including his lead attorney Sabrina Shroff, would testify to something about discussions from May and June 2018 that would address his state of mind when he leaked and tried to leak CIA materials later in 2018.

To defend against the government’s allegations, Mr. Schulte would call two of his attorneys—Matthew B. Larsen and Sabrina P. Shroff—to present favorable testimony bearing on his state of mind.

This pertains, in some way, to the government’s claim that Schulte wrote classified information in his prison notebooks as part of a plan to leak it.

The government has indicated that its evidence on the MCC Counts will include portions of notebooks seized from Mr. Schulte’s cell, in which he allegedly documented his plans to transmit classified information.

[snip]

Defense counsel expects that at trial, the government will seek to introduce excerpts of Mr. Schulte’s writings in his notebooks as evidence of his specific intent to violate the law.

If they succeed at severing count four from the main Espionage charges, it might make it harder to link what Schulte was doing in jail with what he was allegedly doing over two years earlier. As I noted when Schulte’s team first challenged the MCC warrants, it’s clear why they’re doing this: the MCC evidence indicates he had an ongoing relationship with WikiLeaks.

The FBI investigation proceeded from those notebooks to the WordPress site showing him claiming something identical to disinformation he was packaging up to share with WikiLeaks. They also got from those notebooks to ProtonMail accounts where Schulte offered to share what may or may not be classified information with a journalist. The reason why the defense is pushing to suppress this — one of the only challenges they’re making in his prosecution thus far — is because the stuff Schulte did in prison is utterly damning and seems to confirm both his familiarity with WikiLeaks and his belief that he needed to create disinformation to claim to be innocent.

The government, in a fairly scathing response to Schulte’s motion to sever the trials, confirms that it believes the MCC charges include evidence that help support the main charges on leaking the files to WikiLeaks (what the government calls CIA counts). The government had a “reverse proffer” on December 18, 2018 and laid out all the evidence against Schulte, including pointing out that (as I described) the material seized from MCC helped prove the CIA charges.

About six weeks later, on December 18, 2018, the Government met with defense counsel (the “Reverse Attorney Proffer”). At this meeting, the Government described for defense counsel the theory of the Government’s case with respect to the charges in the Second Superseding Indictment, and answered defense counsel’s questions about the charged counts, including the new counts. The Government also explicitly noted during the Reverse Attorney Proffer that it believed that the material recovered pursuant to the MCC Warrants was relevant evidence with respect to not only the MCC Counts, but also the CIA Counts.

Having laid out the interconnectedness of these charges, the government then explains at some length why having different attorneys defend Schulte in the CIA and MCC counts would cause delays in both, because replacement counsel would need to familiarize themselves with both sets of charges. Now, as I noted, there’s unclassified information that Schulte clearly shared with WikiLeaks both before and while he was in jail. But right there in the middle of this passage is the revelation that Schulte identified classified information in his prison notebooks that he shared with WikiLeaks but that WikiLeaks has not yet published.

Regardless, Schulte’s proposal—further severed trials and new counsel for the MCC Counts—would neither prevent trial delay nor resolve the ethical issue. Rather, it is likely to exacerbate both. First, appointing new counsel on the MCC Counts is likely to cause, rather than prevent, further trial delay and would complicate Schulte’s defense across all counts. Because of the interconnectedness of the MCC Counts and the CIA Counts, as well as the child pornography and copyright counts, new counsel would need to become familiar with the evidence as to all counts in order to appropriately advise and defend Schulte. Indeed, new counsel might determine that the best course with respect to the MCC Counts would be to seek to negotiate a plea that resolves those charges along with some combination of the CIA Counts, child pornography counts, and/or copyright count. Those negotiations could not occur until new counsel was fully familiar with all aspects of the case. This would take a substantial amount of time given that new counsel would have to be cleared and that a substantial portion of the evidence is classified and, thus, must be reviewed in sensitive compartmented information facilities. Moreover, even after new counsel became familiar with the case, it is possible that new counsel might have different views than current counsel concerning a variety of trial strategy decisions, including, among others, the desirability of Schulte testifying, which could impact one or all of the severed trials and would need to be coordinated among all of Schulte’s attorneys. As a result, trial on the CIA Counts could not proceed until new counsel for the MCC Counts was familiar with the entire case. In short, the appointment of new counsel would likely further complicate this case and lead to substantial delays.

Second, severing the CIA Counts from the MCC Counts also would not resolve the purported ethical issue. Even if the trials were severed, evidence of Schulte’s prison conduct, including the Schulte Cell Documents, would still be admissible at the trial addressing the CIA Counts as both direct evidence and Rule 404(b) evidence of those crimes. For example, in the Schulte Cell Documents, Schulte specifically identifies certain classified information that was provided to WikiLeaks but which WikiLeaks has not yet published, which is direct evidence that Schulte transmitted classified information to WikiLeaks as charged in the WikiLeaks Counts. Similarly, Schulte’s prison conduct is also admissible as to the WikiLeaks Counts for a variety of Rule 404(b) purposes including to show, among other things, consciousness of guilt, motive, opportunity, intent, absence of mistake, and modus operandi.5

5 Similarly, during a trial addressing the MCC Counts, the Government would introduce evidence relating to the CIA Counts as direct evidence to complete the story of the crime and, in the alternative, as Rule 404(b) evidence. For example, evidence related to the CIA Counts would establish Schulte’s motive for committing and ability to commit the MCC Counts, as well as his knowledge that the information he unlawfully transmitted was classified national defense information. As a result, even a trial on the MCC Counts would entail introduction of much of the evidence from the Espionage Trial. [my emphasis]

The government doesn’t say whether it knows that WikiLeaks received this information because it found it after seizing Julian Assange’s computers or some other way.

The detail that Schulte referred to information that the government apparently knows WikiLeaks received — but that WikiLeaks has never published — is interesting for an entirely different reason.

On top of asking to sever two more charges, Schulte is also asking for a delay in trial, from November to January. The government says it’s cool with that delay, so long as there won’t be any further delay.

The Government understands that the defendant is seeking to adjourn the Espionage Trial until January 13, 2020. Although the Government is prepared to start trial as scheduled on November 4, 2019, the Government does not oppose the defendant’s adjournment request with the understanding that the defendant will not seek another adjournment of the Espionage Trial absent exceptional and unforeseen circumstances[.]

This story on Jeremy Hammond’s subpoena in EDVA clarifies something about which there has been a great deal of confusion. The US can still add charges against Julian Assange at least until his extradition hearing, which starts on February 25.

Nick Vamos, former head of extradition at the Crown Prosecution Service in England, said the treaty between the two countries still allows for the U.S. to add charges to the Assange case, but that will become more difficult and problematic for the American prosecutors as they get closer to the scheduled extradition hearing in February.

The discussion today has focused on the Stratfor hacks that Hammond is serving time for. Because the five year statute of limitations for CFAA would normally have tolled by now, they are likely pursuing some kind of conspiracy charges, for a conspiracy that continued past 2012.

But given the seeming cooperation while Schulte was in jail and the knowledge that WikiLeaks sat on — or used — one of the other files provided by Schulte, if the government is planning on more conspiracy charges, chances are good that Vault 7 will eventually be included in them.

The Classified Conversation Trump Had with Comey Was Two Days after the Vault 7 Leak

The other day, I did a long post showing that Trump blabbed details about the FBI’s investigation into the theft of CIA’s hacking tools the same day that the FBI was preparing to take the first step that would alert Joshua Schulte he was FBI’s suspect, a search of his apartment. While in fact, Trump’s comments probably were broadcast after the search had commenced, he made the comments at a time when they could have tipped off Schulte.

In the post, I noted that Jim Comey had had one classified conversation about an intelligence investigation with Trump. “I had one conversation with the president that was classified where he asked about our, an ongoing intelligence investigation, it was brief and entirely professional,” Comey testified to the Senate Intelligence Committee.

The DOJ IG Report on Comey’s memos released today (which I’ll cover at length later) reveals that that conversation took place on March 9, 2017.

On March 9, 2017, Comey had a secure one-on-one telephone call with President Trump. Comey told the OIG that the secure telephone call was “only business,” and that there was “nothing untoward” about the call, other than it was “unusual for the President to call the Director directly.” Comey said he did not prepare a memo to document this call with the President, but said he had [Jim] Rybicki arrange a secure call to Attorney General Sessions immediately afterwards to inform the Attorney General about the telephone call from the President in an effort “to keep the Attorney General in the chain of command between [Comey] and the President.”

That means the conversation took place just two days after the March 7 initial release of the Vault 7 files. The timing makes it far more likely that that’s what they two men spoke about.

More crazy, however, is the detail that Trump initiated that call.

If Trump were calling the FBI Director for information about an investigation into a leak to WikiLeaks (at a time a long effort to get Julian Assange a pardon had already begun), that would change the import of the call significantly.

Revisiting the First Time President Trump Blabbed Out Classified Information for Political Gain

I’d like to revisit what might be the first time in his presidency that Donald Trump blabbed out highly classified information for political gain. Trump appears to have endangered the investigation into CIA’s stolen hacking tools, all to blame Obama for the leak.

It happened on March 15, 2017, during an interview with Tucker Carlson.

Amid a long exchange where Tucker challenges Trump, asking why he claimed — 11 days earlier — that Obama had “tapped” Trump Tower without offering proof, Trump blurted out that the CIA was hacked during the Obama Administration.

Tucker: On March 4, 6:35 in the morning, you’re down in Florida, and you tweet, the former Administration wiretapped me, surveilled me, at Trump Tower during the last election. Um, how did you find out? You said, I just found out. How did you learn that?

Trump: I’ve been reading about things. I read in, I think it was January 20th, a NYT article, they were talking about wiretapping. There was an article, I think they used that exact term. I read other things. I watched your friend Bret Baier, the day previous, where he was talking about certain very complex sets of things happening, and wiretapping. I said, wait a minute, there’s a lot of wiretapping being talked about. I’ve been seeing a lot of things. Now, for the most part I’m not going to discuss it because we have it before the committee, and we will be submitting things before the committee very soon, that hasn’t been submitted as of yet. But it’s potentially a very serious situation.

Tucker: So 51,000 people retweeted that, so a lot of people thought that was plausible, they believe you, you’re the president. You’re in charge of the agencies, every intelligence agency reports to you. Why not immediately go to them and gather evidence to support that?

Trump: Because I don’t want to do anything that’s going to violate any strength of an agency. You know we have enough problems. And by the way, with the CIA, I just want people to know, the CIA was hacked and a lot of things taken. That was during the Obama years. That was not during, us, that was during the Obama situation. Mike Pompeo is there now, doing a fantastic job. But we will be submitting certain things, and I will be perhaps speaking about this next week. But it’s right now before the Committee, and I think I want to leave it at that. I have a lot of confidence in the committee.

Tucker: Why not wait to tweet about it until you can prove it? Does it devalue your words when you can’t provide evidence?

Trump: Well because the NYT wrote about it. You know, not that I respect the NYT. I call it the failing NYT. They did write on January 20 using the word wiretap. Other people have come out with —

Tucker: Right, but you’re the President. You have the ability to gather all the evidence you want.

Trump: I do, I do. But I think that frankly we have a lot right now and I think if you watch, uh, if you watched the Brett Baier and what he was saying and what he was talking about and how he mentioned the word wiretap, you would feel very confident that you could mention the name. He mentioned it and other people have mentioned it. But if you take a look at some of the things written about wiretapping and eavesdropping, and don’t forget when I say wiretap, those words were in quotes, that really covers, because wiretapping is pretty old fashioned stuff. But that really covers surveillance and many other things. And nobody ever talks about the fact that it was in quotes but that’s a very important thing. But wiretap covers a lot of different things. I think you’re going to find some very interesting items over the next two weeks. [my emphasis]

It was clear even at the time that it was a reference to the Vault 7 files, now alleged to have been leaked to WikiLeaks by Joshua Schulte; the first installment of files were released eight days earlier.

The next day, Adam Schiff, who as the then-Ranking HPSCI member, likely had been briefed on the leak, responded to Trump’s comments and suggested that, while Trump couldn’t have broken the law for revealing classified information, he should nevertheless try to avoid releasing it like this, without any kind of consideration of the impact of it.

Last night, the President stated on Fox News that “I just wanted people to know, the CIA was hacked, and a lot of things taken–that was during the Obama years.” In his effort to once again blame Obama, the President appears to have discussed something that, if true and accurate, would otherwise be considered classified information,

It would be one thing if the President’s statement were the product of intelligence community discussion and a purposeful decision to disclose information to the public, but that is unlikely to be the case. The President has the power to declassify whatever he wants, but this should be done as the product of thoughtful consideration and with intense input from any agency affected. For anyone else to do what the President may have done, would constitute what he deplores as “leaks.”

Trump did reveal information the CIA still considered classified. At the very least, by saying that CIA got hacked, he confirmed the Vault 7 documents were authentic files from the CIA, something the government was not otherwise confirming publicly at that time. (Compare Mike Pompeo’s oblique comments about the leak from a month later.)

His reference to the volume of stolen files may have been based on what the CIA had learned from reviewing the initial dump; court filings make it clear the CIA still did not know precisely what had been stolen.

His reference to a hack, rather than a leak, is an interesting word choice, as the compromise has usually been called a leak. But Schulte’s initial search warrants listed both Espionage and the Computer Fraud and Abuse Act, meaning the government was treating it as (partly) a hacking investigation. And some of the techniques he allegedly used to steal the files are the same that hackers use to obfuscate their tracks (which is unsurprising, given that Schulte wrote some of the CIA’s obfuscation tools).

Perhaps the most damning part of Trump’s statement, however, was the main one: that the theft had taken place under Obama. WikiLeaks’ initial release was totally noncommittal about when they obtained the files, but said it had been “recent[].” By making it clear that the government knew the theft had taken place in 2016 and not more “recently,” Trump revealed a detail that would have made it more likely Schulte would realize they believed he was the culprit (though he knew from the start he’d be a suspect), given that he’d left the agency just days after Trump was elected.

The most damning part of all of this, though, is the timing. Trump made these comments at an unbelievably sensitive time in the investigation.

Tucker did the interview while accompanying Trump to Detroit on March 15, 2017, which means the interview took place sometime between 10:50 AM and 3:30 PM (Tucker said the interview happened at Willow Run Airport, but this schedule says he flew into DTW). Unless it was given special billing, it would have aired at 9PM on March 15.

That means Trump probably made the comments as the FBI was preparing a search of Schulte’s apartment, the first step the FBI took that would confirm for Schulte that he was the main suspect in the leak. Trump’s comments likely aired during the search, before the moment Schulte left his apartment with two passports while the search was ongoing.

CIA had had a bit of advanced warning about the leak. In the lead-up to the leaks (at least by February 3), a lawyer representing Julian Assange, Adam Waldman, was trying to use the Vault 7 files to make a deal with the US government, at first offering to mitigate the damage of the release for some vaguely defined safe passage for Assange. The next day, WikiLeaks first hyped the release, presumably as part of an attempt to apply pressure on the US. Shortly thereafter, Waldman started pitching Mark Warner (who, with Richard Burr, could have granted Assange immunity in conjunction with SSCI’s investigation). On February 17, Jim Comey told Warner to stop his negotiations, though Waldman would continue to discuss the issue to David Laufman at DOJ even after the initial release. Weeks later, WikiLeaks released the initial dump of files on March 7.

An early WaPo report on the leak (which Schulte googled for its information about what the CIA knew before WikiLeaks published) claimed that CIA’s Internal Security had started conducting its own investigation without alerting FBI to the leak (though obviously Comey knew of it by mid-February). The same report quoted a CIA spox downplaying the impact of a leak it now calls “catastrophic.”

By March 13, the day the FBI got its first warrant on Schulte, the FBI had focused on Schulte as the primary target of the investigation. They based that focus on the following evidence, which appears to incorporate information from the CIA’s own internal investigation, an assessment of the first document dump, and some FBI interviews with his colleagues in the wake of the first release:

  • The FBI believed (and still maintains) that the files were stolen from the onsite backup server
  • Schulte was one of a small group of SysAdmins who had privileges to that server (in the initial warrant they said just three people did but have since revised the number to five)
  • The FBI believed (mistakenly) that the files were copied on March 7, 2016, a time when one of the other two known SysAdmins was offsite
  • Schulte had had a blow-up with a colleague that led to him souring on his bosses
  • During the period the CIA was investigating that blow-up, Schulte had reset his administrative privileges to restore his access to the backup server and one project he was working on
  • As part of his August security clearance renewal, some of Schulte’s colleagues said they thought he could be subject to coercion and was not adhering to rules on removable media
  • Just before he left, Schulte created two documents claiming to have raised concerns about the security of the CIA’s servers that (the government claims) he didn’t actually raise
  • Names identifying the two other SysAdmins who had access to the backup server, but not Schulte’s, were included in the initial release
  • In six days since the initial Vault 7 release, Schulte had contacted colleagues and told them he thought he’d be a suspect but was not the leaker

Having obtained a warrant based off that probable cause, on the afternoon of March 13, FBI agents went to conduct a covert search of Schulte’s apartment. The FBI was trying to conduct the search before a trip to Mexico Schulte was scheduled to take on March 16, which (as the affidavit noted) would have been only his second trip outside the US reflected in DHS records. But when the FBI got to Schulte’s apartment, they found a slew of computer devices (listed at PDF 116), making the covert search impractical. So overnight, they obtained a second warrant for an overt search; the FBI obtained that warrant at 1:36 AM on March 14. During that same overnight trip to the magistrate, the FBI also obtained warrants for Schulte’s Google, Reddit, and GitHub accounts.

There’s a lack of clarity about this detail in the public record: the warrant is dated March 14, but it is described as the “March 15 warrant.” The overt search continued through the night in question, so it could either be March 14-15 or March 15-16. The government’s response to Schulte’s motion to suppress the search says, “The Overt Warrant was signed during the early morning hours of March 14, 2017, and the FBI executed the warrant the same day.” But a May 5, 2017 affidavit (starting at PDF 129) says the overt search of Schulte’s apartment took place on March 15.

Whatever day the search happened, it appears that the search started when the lead agent approached Schulte in the lobby of Bloomberg, perhaps as he was leaving work, and asked if he had a role in the leak, which Schulte denied. (This conversation is one basis for Schulte’s false statements charge; the Bill of Particulars describing the interview says it took place on March 15.) The agent got Schulte to confirm he was traveling to Mexico on March 16, then got Schulte to let them into his apartment (Bloomberg is at 120 Park Avenue; Schulte lived at 200 E 39th Street, five blocks away). The search of Schulte’s apartment went through the night. Sometime between 10 and 11 PM, Schulte left his apartment, telling the FBI Agents he’d return around 11:30 PM. By 12:15 AM he hadn’t returned, so the lead FBI Agent went and found him leaving Bloomberg. They told him they had found classified information in his apartment, and asked for his passports. He went back to his workstation to retrieve them, and voluntarily handed them over. The affidavit describes Schulte being put on leave by Bloomberg on March 16, the last day he reported to work at Bloomberg (which would be consistent with the search taking place on the night of March 15-16).

If the search took place overnight on March 14-15, Trump’s statements might have reflected knowledge the search had occurred (and that FBI had found classified information in Schulte’s apartment that would sustain an arrest on false statements and mishandling classified information charges, if need be). If the search took place overnight on March 15-16 (which seems to be what the record implies), it would mean Trump made the comments before the search and they would have been aired on Fox News during it.

In other words, Trump may well have made the comments at a time when FBI was trying to avoid giving Schulte any advance notice because they were afraid he might destroy evidence.

In addition, Trump undoubtedly made the comments (and Schiff highlighted the significance of them) before Schulte had follow-up interviews on March 20 and 21, at which he denied, among other things, ever making CIA’s servers more vulnerable to compromise. If Schulte had read Trump’s comment he’d be more worried about anything akin to hacking.

The question is, how much of what Trump said reflected real knowledge of the investigation, and to what degree should he have known that blurting this out could be unbelievably damaging to the investigation?

Given Trump’s imprecision in speech, his comments could derive entirely from the Vault 7 release itself, or at least a really high level briefing (with pictures!) of the compromise and CIA’s efforts to mitigate it.

But there are two pieces of evidence that suggest Trump may have been briefed in more detail about Schulte as a target.

Jim Comey testified on June 8, 2017 that, in addition to asking him to, “let this [Flynn thing] go,” Trump had asked him about a classified investigation, but that conversation was entirely professional.

WARNER: Tens of thousands. Did the president ever ask about any other ongoing investigation?

COMEY: No.

WARNER: Did he ever ask about you trying to interfere on any other investigation?

COMEY: No.

WARNER: I think, again, this speaks volumes. This doesn’t even get to the questions around the phone calls about lifting the cloud. I know other members will get to that, but I really appreciate your testimony, and appreciate your service to our nation.

COMEY: Thank you, Senator Warner. I’m sitting here going through my contacts with him. I had one conversation with the president that was classified where he asked about our, an ongoing intelligence investigation, it was brief and entirely professional.

Obviously there were a ton of investigations and this conversation could have taken place after Trump made the public comments. But the Vault 7 investigation would have been one of the most pressing investigations in the months before Comey got fired.

More directly on point, in his Presumption of Innocence blog, Schulte describes the interactions with the FBI during the search — which are consistent with them taking place on March 15 — this way (he has not sought to suppress the statements he made that night, which suggests his claims of coercion aren’t strong enough to impress his attorneys):

The FBI set an artificial and misguided deadline on the night before I was to depart NYC for Cancun to prevent me from leaving the country. Despite my insistence with them that the notion someone would flee the country AFTER the publication literally made no sense—if it were me communicating with WikiLeaks then obviously I would have made damn sure to leave BEFORE it happened—they were persistent in their belief that I was guilty. The FBI literally told me that everyone ”up to the top” knew we were having this conversation and that “they” could not afford to let me leave the country. “They” could not afford another national embarrassment like Snowden. “They” would not, under any circumstances, allow me to leave the country. The FBI were prepared and willing to do anything and everything to prevent me from leaving the country including threaten my immediate arrest arrest unless I surrendered my passport. I did NOT initially consent, but the FBI held me against my will without any arrest warrant and even actively disrupted my attempts to contact an attorney. Intimidated, fearful, and without counsel, I eventually consented. I was immediately suspended from work

Schulte’s an egotist and has told obvious lies, especially in his public statements attempting to claim innocence. But if it’s true that the FBI agents told him everyone “up to the top” knew they were having the conversation with him on March 15, it might reflect knowledge that people at least as senior as Comey or Sessions or Pompeo knew the FBI was going to conduct an overt search with one goal being to prevent Schulte from leaving the country. And given the purported reference to Snowden and the way the entire government pursued him, it is not impossible that Trump had been asked to authorize Schulte’s arrest if he didn’t surrender his passports.

In other words, it is certainly possible that when Trump boasted that the CIA’s hacking tools had been stolen under Obama and not under his Administration (an interesting claim to begin with, given the delay in CIA alerting the FBI that WaPo reported), he had been briefed about Schulte within the last 48 hours or even that morning.

To be clear, I’m not suggesting that this comment was a deliberate attempt to sabotage the FBI investigation. Trump has a habit of mindlessly repeating whatever he has heard most recently, so if Trump were briefed on the investigative steps against Schulte on the 14th or 15th, it’s not surprising he brought it up when sitting with Tucker mid-day on the 15th, particularly given that they were discussing surveillance.

But imagine how this would look to the FBI as Trump started engaging in outright obstruction of the Russian investigation, particularly by firing Comey. There’s nothing in the public record that suggests a tie between Schulte’s leaks and Russia. But Schulte’s leaks (most notably the Marble Framework he authored) not only would have made it easier for Russia to identify CIA’s Russian targets, but they would have forced CIA to rebuild during a period it was trying to figure out what had happened in 2016 (and NSA would be in the same position, post Shadow Brokers). When the FBI was trying to keep their focus on Schulte secret for one more day so they could get to his apartment before he started destroying things, Trump sat before a TV camera and made a comment that might have alerted Schulte the FBI did, indeed, believe he was the culprit.

And Trump did so all to blame Obama for a catastrophic leak rather than himself.

Judge Crotty Should Let Joshua Schulte Test His Theory of Defense Forensically

At a hearing on July 25, accused Vault 7 leaker Joshua Schulte’s lawyer, Sabrina Shroff, argued that it’s possible if the government provides some forensic evidence that the CIA maintains is too classified to share, this case might avoid trial, either by identifying alternate culprits or leading her to advise her client to plead.

Mr. Kamaraju says that I would be forced anyway to then make a Section 5 motion to show relevance, etc. Well, maybe not. Maybe if I got the forensics, I would be able to say, hey, I think the government is completely wrong, Mr. Schulte is completely innocent, and you should go back and relook at your charging decisions because of X, Y, and Z in the forensics.

On the flip side, I could look at the forensics and say to my client, you know, maybe this isn’t the strongest case. Maybe we shouldn’t be going to trial. Not all discovery is asked for or relevant because it is only going to be used at trial. We asked for discovery because it is proper Rule 16 information that the defendant should have that would tell him about the charges and help him make proper decisions in the most serious or the most benign of cases.

At issue, per an order Judge Paul Crotty issued days before the hearing (but which got released publicly afterwards) is evidence that would exist if a narrative Schulte seeded before he left the CIA were true. In addition to all the email he wrote at CIA (the government is giving him what he wrote, but not the responses), he wants “a complete forensic copy of the Schulte Workstation and DevLAN, so that his expert can conduct a comprehensive forensic analysis.” Ultimately, Crotty did not grant Schulte’s request, noting that he “has been accused of leaking information he obtained from his employment at CIA both before he was arrested and from his cell at MCC after his arrest.” Instead, he directed the defense to “submit[] a more tailored request [that] provides good reason for further forensic discovery in a motion to compel. In this context, it would also be helpful, for example, if Schulte would communicate his thinking of how others are responsible for the theft.”

Yet that didn’t work, at least not immediately. In the aftermath of that order, Schulte’s team said the Wall Counsel hasn’t responded substantively to a previously written request. That seems to be a justifiable complaint about the difficulties of working with Classified Information Protect Act and Wall Counsel (to say nothing of really complex technical issues which none of the lawyers fully understand). It’s like a giant game of telephone and Schulte’s right to a fair trial is at stake.

Which is why the government should take this offer from Shroff more seriously than they appear to have done: giving Schulte’s expert direct access to the full set of data he seeks.

We have offered to limit the access to either counsel or go even further and limit the access to just the expert. We have even offered that the CIA need not give it to us. We would go to the CIA or the expert would go to the CIA to review the forensics.

Even while it could use CIPA to limit what they give Schulte’s team, it would serve the government to give his expert this access.

I say that, first of all, because of who Schulte’s expert is: Columbia University CompSci professor Steve Bellovin. He’s not just some forensics guy with clearance. He’s someone who has served in governmental positions (most notably as PCLOB’s tech expert for a year). That means he has already seen government spying in action, and what he’d see here would be a server that got replaced, probably before April, and some hacking tools and targets there were in no way exceptional.

Just as importantly, Bellovin is well-respected in the activist community, both on technical matters and judgment. If Bellovin were to test Schulte’s alternative explanation for the leak of the Vault 7 files and Schulte subsequently pled (suggesting that Shroff had counseled that he not take his theories to trial), it would suggest that Schulte’s story didn’t hold up to Bellovin’s scrutiny.

If that happened, it would be a key statement about not just what Schulte has claimed, but about what WikiLeaks did, in releasing the files in 2017.

As the government tells it, Schulte got in a fight with a colleague in December 2015, which led him to sour on the CIA as early as February 2016. When the agency didn’t respond in the way he wanted to Schulte’s claim that the colleague had threatened him, he started to retaliate in April 2016 by first copying the backup server holding all the CIA’s hacking tools, then sending it to WikiLeaks. In short, the government’s story is that Schulte simply burned the CIA’s hacking capabilities to the ground because he felt like they wronged him, a fairly breathtaking claim for one of the most damaging leaks to the government in history.

Schulte’s story is harder to suss out for a number of reasons: the defense has avoided putting this in writing, in part in an attempt to protect their theory of defense, some of what Schulte has argued is classified and still sealed, and other parts consist of rants he has published online or in dockets, not coherent arguments. Plus, some of Schulte’s claims are clearly lies, most demonstrably his claim that, “Federal Terrrorists [sic] had no evidence of plaintiff actually using cell phone” before they got a warrant relying on an affidavit that included pictures of him using the phone he had in MCC.

Schulte’s theory, as available, consists of three parts:

  • More people had access to the backup server from which the files were stolen than the government claims
  • The files were relatively easier to steal from an offsite backup server than the onsite one the government alleges Schulte stole them from
  • The likely culprits used security vulnerabilities he (claims to have) identified to CIA managers to steal the files

Evidence he’s making the first argument appears in his lawsuit against the Attorney General, where he claims the government has lied about the number of people who could access the server with the hacking tools.

AG lies about the number of people who had access to the classified information

Given a passage from the government’s response to his motion to suppress, Schulte must be referring to the claim that 200 people had access to the servers themselves, not the claim that 3-5 people had access to the backup server from which FBI claims the files were stolen. Schulte’s sealed filing appears to have argued that a second CIA group had access to the server.

Schulte does not dispute that the CIA Group was responsible for using and maintaining the LAN, that as of March 2016 fewer than 200 employees were assigned to the CIA Group, or that only these employees had access to the LAN. (See id. ,r 8(b)). Rather, Schulte argues that Agent Donaldson failed to note in the Covert Affidavit that a second CIA group (“CIA Group-2”), [redacted], allegedly also had access to the LAN.

For what it’s worth, the government disputes this claim outright. They introduce and conclude an otherwise redacted discussion by twice asserting this claim is false.

Schulte’s assertions about CIA Group-2’s access to the LAN are untrue [seven lines redacted] In short, Schulte is simply wrong.

Schulte’s claim that the files were more easily stolen from an offsite backup server may be more of a throwaway, based on what the government provided in discovery, reflecting what a contractor said almost a year into the investigation. (Remember that the government is not meaning to restate Schulte’s theories here, but instead to refute his claim that the initial affidavit against him included reckless errors.)

Schulte does not challenge that the Classified Information was taken from a back-up file, but instead argues that the back-up files were also stored at an offsite location (the “Offsite Server”), based on a network diagram of the LAN, and that, in one CIA Group contractor’s opinion, the “easiest” way to steal those back-up files was from the Offsite Server. None of this information, however, renders Agent Donaldson’s assessment misleading. Initially, while it is true that the back-up files were also stored in an Offsite Server, Agent Donaldson never suggested that the only place that the back-up files existed was the Back-up Server. Nor did Agent Donaldson opine in the abstract on the easiest method of exfiltrating the Classified Information from the LAN. Rather, he merely stated that it was “likely” that the Classified Information had come from the Back-Up Server, an eminently reasonable conclusion, given that the Back-Up Server contained the back-up files that mirrored the Classified Information, and Schulte–whom the FBI properly identified as a likely perpetrator of the theft–had access to it. Gates, 462 U.S. at 230-31 (courts do not isolate each factor of suspicion but look at the totality of the circumstances). The opinion of the contractor–who did not have access to all of the information and who had no relevant investigatory experience–in no way undermines that assessment, particularly when (i) that opinion is contradicted by [redacted], a LAN system administrator and a witness upon whom Schulte relies in his motion, who stated that “the easiest way to steal the data leaked by WikiLeaks” was for someone with administrative access to the LAN to “simply remov[e] the backup file from the network application” (i.e., the Back-Up Server) (Shroff C. Decl., Ex. I); and (ii) even if the contractor’s opinion was relevant, it was not conveyed to the FBI until February 2018, nearly a year after the date of the Covert Affidavit, see Garrison, 480 U.S. at 85.

Significantly, the government bases its claim that Schulte leaked classified information from jail in part on him sharing a “Network Structure Document” with someone (probably a reporter); given that some of the other information he is alleged to have leaked in violation of classification or protective orders was meant to sustain his claims of innocence, this probably does too. If so, that would suggest he was floating this theory about a year ago.

Finally, in his Presumption of Innocence blog, Schulte maintains that the CIA network was vulnerable in ways that he claims he raised with the CIA before he left.

I reported numerous security vulnerabilities that I discovered within our network and particularly issues with system administration, backup, and protection of some of our prominent tool sets. I was continually met with pushback and retaliatory responses that ultimately forced me to resign. My final acts were to file complaints with the OIG and the House Select Committee on Intelligence to hopefully prevent future retaliatory actions against others.

So while the government claims that Schulte retaliated by leaking the CIA’s hacking tools because the CIA wasn’t treating him with the respect he thought he deserved, Schulte appears to be claiming that possibly members of CIA’s Group-2 or perhaps even outsiders stole the files via vulnerabilities he identified before he left.

While not exactly the same, WikiLeaks made related claims when they released the files, in part as rationale for publishing them.

Compare what we can make out of Schulte’s defense with what WikiLeaks published in its “press release” accompanying the first Vault 7 release. WikiLeaks describes CIA “losing control” of its hacking tools, not someone leaking them.

Recently, the CIA lost control of the majority of its hacking arsenal including malware, viruses, trojans, weaponized “zero day” exploits, malware remote control systems and associated documentation. This extraordinary collection, which amounts to more than several hundred million lines of code, gives its possessor the entire hacking capacity of the CIA. The archive appears to have been circulated among former U.S. government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive.

While it mentions former US government hackers (which could include Schulte), it also invokes contractors (the press release elsewhere mentions Hal Martin), and contractors were the presumed source for Vault 7 files at the time. While WikiLeaks acknowledges that the files came from “an isolated, high-security network situated inside the CIA’s Center for Cyber Intelligence in Langley, Virgina [sic]” the description of the archive circulating in unauthorized fashion suggests that WikiLeaks is claiming the files were more broadly accessible.

The “press release” also suggests CIA’s hacking division had 5,000 users, implying all were involved in the production of hacking tools.

By the end of 2016, the CIA’s hacking division, which formally falls under the agency’s Center for Cyber Intelligence (CCI), had over 5000 registered users and had produced more than a thousand hacking systems, trojans, viruses, and other “weaponized” malware.

While that may or may not be the CIA Group-2 Schulte claims had access to the servers, it certainly suggests a far larger universe of potential sources for the stolen files than the 200 the government claims, much less the around 5 SysAdmins who had privileges to the backup server.

The purported motive for releasing these tools — both that of the source and of Assange — is partly the insecurity of having such tools lying around.

In a statement to WikiLeaks the source details policy questions that they say urgently need to be debated in public, including whether the CIA’s hacking capabilities exceed its mandated powers and the problem of public oversight of the agency. The source wishes to initiate a public debate about the security, creation, use, proliferation and democratic control of cyberweapons.

Once a single cyber ‘weapon’ is ‘loose’ it can spread around the world in seconds, to be used by rival states, cyber mafia and teenage hackers alike.

Julian Assange, WikiLeaks editor stated that “There is an extreme proliferation risk in the development of cyber ‘weapons’.

[snip]

Securing such ‘weapons’ is particularly difficult since the same people who develop and use them have the skills to exfiltrate copies without leaving traces — sometimes by using the very same ‘weapons’ against the organizations that contain them.

[snip]

Once a single cyber ‘weapon’ is ‘loose’ it can spread around the world in seconds, to be used by peer states, cyber mafia and teenage hackers alike.

In other words, WikiLeaks justified posting development notes for a significant portion of CIA’s hacking tools — and ultimately the source code for one — to prevent “teenage hackers” from obtaining such weapons and using them. (By this February, a security researcher had made his own hacking module based off what WikiLeaks had released.) A key part of that claim is the risk that CIA itself had not sufficiently secured its own tools, that they were “circulat[ing] … in an unauthorized manner.” That is, WikiLeaks purports to be the fulfillment of and remedy for precisely the risk Schulte claims — in his Presumption of Innocence blog — he warned the CIA about.

Except the government claims that’s not true.

It is true, as the affidavit in dispute in Schulte’s motion to suppress lays out, that Schulte wrote a “draft resignation letter” purporting to warn about these dangers and, on his last day, sent the CIA’s Inspector General a letter raising the same issues. The government reviews what he did at length in their response to his motion to suppress.

Agent Donaldson discussed the circumstances of Schulte’s resignation from the CIA in November 2016, including a letter and email he wrote complaining about his treatment. (Id. ,i,i 19-20). On October 12, 2016, Schulte sent an email to another CIA Group employee with the subject line “ROUGH DRAFT of Resignation Letter *EYES ONLY*,” which attached a three-page, single-spaced letter (the “Letter”). (Id. ,i 19(a)). In the Letter, Schulte stated that the CIA Group management had unfairly “veiled” CIA leadership from various of Schulte’s “concerns about the network security of the CIA Group’s LAN” and that “[t]hat ends now. From this moment forward you can no longer claim ignorance; you can no longer pretend that you were not involved.” (Id. ~ 19(a)(ii)). The Letter also stated that Schulte was resigning because management had “‘ignored'” issues he had raised about ‘”security concerns,”‘ including that the LAN was ‘”incredibly vulnerable’ to the theft of sensitive data.” (Id. ~ 19(a)(iii)). In particular, Schulte stated that the “inadequate CIA security measures had ‘left [the CIA Group’s LAN] open and easy for anyone to gain access and easily download [from the LAN] and upload [sensitive CIA Group computer code] in its entirety to the [public] internet.”‘ (Id.~ 19(a)(iv)).

[snip]

However, on November 10, 2016, Schulte’s last day at the CIA, Schulte sent an internal email to the CIA’s Office of Inspector General (“OIG”), which Schulte marked “Unclassified,” advising that he had been in contact with the U.S. House of Representatives’ Permanent Select Committee on Intelligence regarding his complaints about the CIA (the “OIG Email”). (Id ~ 19(c)). The OIG Email raised many of the same complaints in the Letter, including “the CIA’s treatment of him and its failure to address the ‘security concerns’ he had repeatedly raised in the past.” (Id ~ 19(c)(i)). Although Schulte had labeled the OIG Email “Unclassified,” the CIA determined that the OIG Email did in fact contain classified information. (Id.~ 19(c)(iii)). Schulte nevertheless printed and removed the email from the CIA when he left that day. (Id ~ 19( c )(ii)).

As the government response notes, the affidavit describes that Schulte never actually sent the resignation letter.

Agent Donaldson noted that Schulte did not appear to send the Letter. (Id. ~ 19(b)).

A later discussion of the resignation letter as part of a summary of the probable cause against Schulte goes still further, claiming that there is no record that Schulte raised security concerns with CIA management (which is presumably one reason he asked for all his emails).

(iv) drafted a purported “resignation email,” in which he claimed essentially that he had warned CIA management about security concerns with the LAN7 that were so significant that the LAN’s contents could be posted online–precisely what happened four months later (see id. ,r 19);

7 There is no record of Schulte reporting any such security concerns to CIA management.

The government makes Schulte’s allegedly false claim to have raised concerns about the security of the CIA tools a key part of its short summary of the probable cause against Schulte, insinuating that Schulte wrote both the resignation letter and the letter to the IG (which he wrote five and six months, respectively, after the government alleges he stole the files) as a way to create a cover story for the leaked documents.

Thus, even if the Covert Affidavit was rewritten to Schulte’s (incorrect) specifications, it would still establish probable cause by showing that Schulte was a CIA employee with a grudge against the CIA and a track record of improperly accessing and taking classified information, who left the CIA claiming that classified information from the LAN would one day be sprayed across the Internet and who worried about the investigation when his “prophecy” came to pass.

Of course, the government — especially intelligence agencies like the NSA and CIA — always dismiss the claims to be whistleblowers of leakers. The CIA claimed Jeffrey Sterling only leaked details of the Merlin operation because he was disgruntled about an EEOC complaint they had denied. NSA denied that Edward Snowden had raised concerns — first at CIA about its security, then at NSA about the boundaries of EO 12333 and Section 702. In the former case, however, the government knows of at least three other people who thought Sterling’s concerns had merit, and the actual details around Merlin’s own activities were a clusterfuck. In the latter, even a really problematic HPSCI report acknowledges that both incidents occurred, and NSA ultimately released enough of the backup to show that the NSA undersold the latter instance (though Snowden’s claims were not as substantive as he claimed).

Thus far, Schulte has presented no such counterevidence (indeed, the docket does not show his team submitted a reply to the government’s response before their August 16 deadline, though a reply could be held up in classification review). [Update: This letter asking to sever the MCC charges from the WikiLeaks charges says they’re still working on their replies.]

There may be a very good reason why Schulte’s defense didn’t go there: because one of the lies the government claims he told to FBI Agents on March 20 and 21, 2017 involves making CIA systems more vulnerable to the theft of data.

On or about March 20 and 21, 2017, Schulte … denied ever making CIA systems vulnerable to the theft of data.

Aside from this mention, this allegation doesn’t otherwise appear in public documents I’m aware of. But the implication is that before Schulte wrote two documents that — the government claims — served to establish a cover story claiming he leaked the documents because CIA’s server was vulnerable to theft, he tampered with the CIA’s server to make it more vulnerable to theft.

There actually is evidence that the server was vulnerable to theft. In Crotty’s opinion, he overruled the government’s effort to withhold some internal reports on the leak under CIPA. He explained,

These documents [redacted] might help Schulte advance a theory that DevLAN’s vulnerabilities could have allowed someone else to have taken the leaked data. They also support the defense’s theory that Schulte’s behavior while an employee of the CIA was consistent with someone who was trying to help the agency address security flaws, rather than someone who was a disgruntled employee.

That’s why it’d be worthwhile for Bellovin to have access to the server directly: to test not just how vulnerable the servers really were (I bet he’d be willing to help improve their security along the way!), but also to test himself whether there’s any evidence that someone besides Schulte exploited those vulnerabilities.

The government’s reliance on CIPA in this case is an attempt to try Schulte for an unbelievably sensitive leak without (as Crotty laid out) giving him opportunity to leak some more.

But the case goes beyond Schulte’s actions, to implicate WikiLeaks’ actions (court filings make it clear that WikiLeak’s claims around this leak were false in another manner, one which I’m not describing at the government’s request). And while details of CIA’s unexceptional hacking program are useful for researchers to have, it would matter if the stated rationale for releasing them was bullshit manufactured after the fact. That’s all the more true if WikiLeaks — which used to boast its perfect record on verification — knew the claim to be false, particularly given how and when it released these files, with an attempt to extort the US government and in the wake of the Russian hacks, at a time CIA would have needed these tools to prevent follow-ups.

Three months after Schulte’s trial (if this does go to trial), the government will be embroiled in attempting to extradite Julian Assange under charges that are rightly being attacked as an assault on the press. The government is never going to reveal all it knows about Assange (including, pertinent to this case, whether there’s any evidence Assange used some of the CIA’s own tools for his own benefit). Bellovin, if he were permitted to review the CIA server, would never be in a position to reveal what he learned; but his role in this case provides a rare opportunity for a trusted outsider to weigh in on a controversial case.

Effectively, a guy who authored CIA’s obfuscation tool and purportedly planned an information war from jail — complete with fake FBI and CIA personas — may have created the vulnerability he claimed to be exposing by leaking the files. If Bellovin were able to test that possibility, it would go a long way to shift an understanding about WikiLeaks recent intentions with the US government.

DOJ Says It Never Offered Accused Vault 7 Leaker Joshua Schulte a Plea Deal

As the Joshua Schulte prosecution has inched along against the backdrop of the Julian Assange indictment, I’ve heard chatter about his plans: that the two sides might prosecute the child porn charges and leave the leak untried; that the government was trying to get him to cooperate against Assange.

In the former case, the opposite now seems more likely. Last week, Judge Paul Crotty granted Schulte’s motion to sever his child porn and copyright charges from his Espionage ones. But the minute order states that the Espionage charges will be tried first, in November, with the child porn charges tried some time after that. That’s true, even though the Espionage charges are far more complex to try than the child porn ones. If the government wanted to use the child porn charges to put Schulte away indefinitely and avoid the difficulties of an Espionage trial, they’d try those first. (Update: at the hearing where this was decided, the defense said they wanted the Espionage trial to go first, and all other parties agreed.)

As to the latter, Schulte himself has sown the belief he was being offered a plea deal. In one version of his “Presumption of Innocence” blog, for example, he claimed (falsely, given the warrants he himself released) the government never obtained any evidence implicating him in the leak, and was just pursuing the child pornography charges to “break” him so he’ll cooperate against WikiLeaks.

I’m arrested and charged with a crime that had nothing to do with the initial search warrant and that I was completely innocent. The U.S. Attorney unethically and immorally misleads the court regarding what the initial investigation was about, when they found the illicit materials, and the fact that they did not think I was involved for 5 months until their initial investigation came up empty. I’m denied bail and thrown into prison immediately and they use the situation as leverage telling my attorney every day that he can make this huge embarrassment and misunderstanding all go away if only I would agree to cooperate on the WikiLeaks investigation and admit to it. They admit, unabashedly that these entire charges are nothing more than a ruse, an attempt at leverage to break me.

A version of this claim was repeated in a piece the Intercept did yesterday claiming to track how (a select group of) leakers got identified by the FBI.

Of the four Espionage Act cases based on alleged leaks in the Trump era, the most unusual concerned Joshua Schulte, a former CIA software developer accused of leaking CIA documents and hacking tools known as the Vault 7 disclosures to WikiLeaks. Schulte’s case is different from the others because, after the FBI confiscated his desktop computer, phone, and other devices in a March 2017 raid, the government allegedly discovered over 10,000 images depicting child sexual abuse on his computer, as well as a file and chat server he ran that included logs of him discussing child sexual abuse images and screenshots of him using racist slurs. Prosecutors initially charged Schulte with several counts related to child pornography and later with sexual assault in a separate case, based on evidence from his phone. Only in June 2018, in a superseding indictment, did the government finally charge him under the Espionage Act for leaking the hacking tools. He has pleaded not guilty to all charges.

Schulte was identified as the suspect just like all the other people profiled in the story were: because he was one of the few people who had access to the files that got leaked and his Google searches mapped out a damning pattern of research involving the leak, among other things. In his case, WikiLeaks itself did several things to add to the evidence he was the source. It is true that Schulte was charged with the porn charges first and that it took 15 months for the government to ultimately charge the leak, but the theory of Schulte’s role in the leak has remained largely unchanged since a week after the first files were dropped.

Schulte again suggested he might get a plea deal in his lawsuit against then Attorney General Jeff Sessions for imposing Special Administrative Measures against him when he raised 5K1 letters that might allow someone to avoid mandatory minimum sentencing.

But in last week’s opposition to Schulte’s motion to suppress most of the warrants against him — including some on the grounds that they relied on poisonous fruit of attorney-client privileged material — the government denies ever offering a plea deal.

Schulte claims that the FBI read his thoughts on severance (which the Government has consented to) or a plea offer (which the Government has not made), but none of those “thoughts” are referenced in any subsequent search warrant.

The claim that the government left unredacted a reference to Schulte’s views on a plea deal does not appear in the unredacted version of Schulte’s motion to suppress, but given his lawyers’ claim that his journals were intended to be a discussion of his legal remedies, it may be an attempt to suppress the Presumption of Innocence notes cited above (even though Schulte made the same notes public).

Mr. Schulte’s narrative writings and diary entries contain information he “considered to be relevant to his potential legal remedies.”

There’s lot of room for a discussion short of a plea offer that might be true even given the government claim that “the Government has not made” any offer (such as that one of the series of attorneys who have represented Schulte has recommended that he seek a deal).

But the detail is particularly interesting given the timing of his trial and something the government claimed the last time Chelsea Manning and her lawyers tried to get her out of jail. It insisted they want Manning’s testimony for subjects and charges not included in Assange’s current indictment, and said the submission of the extradition request against Assange does not preclude future charges based on those offenses.

As the government’s ex parte submissions reflect, Manning’s testimony remains relevant and essential to an ongoing investigation into charges or targets that are not included in the superseding indictment. See Gov’t’s Ex Parte Mem. (May 23, 2019). The offenses that remain under investigation are not time barred, see id., and the submission of the government’s extradition request in the Assange case does not preclude future charges based on those offenses, see Gov’t’s Supplement to Ex Parte Mem. (June 14, 2019).

Barring a delay because of Classified Intelligence Protect Act proceedings, Schulte will face trial on the Espionage charges in November, three months before the next hearing in Assange’s extradition. And while there’s no hint in Schulte’s case that WikiLeaks played a role in the front end of Schulte’s alleged leak, there’s abundant evidence that they continued to cooperate with him in the aftermath and even in the initial release itself. Indeed, that’s some of the most damning evidence against Schulte.

Schulte seems to think he could cooperate against Assange and face lesser charges. If the government told the truth last week, he may have little prospect to diminish what would amount to a life sentence if he’s found guilty.