Posts

Sabrina Shroff Really Wants to Meet in Person with Josh Schulte

Something odd happened in the Josh Schulte case yesterday.

He still has to submit his Rule 29 motion for acquittal and Rule 33 motion for a new trial for his trial. Before the government seized his laptop in a search, they were originally due September 23.

But since the FBI allegedly found Child Sexual Abuse Material on his discovery laptop — the FBI suspects he copied it from the materials allegedly on his home computer via a thumb drive brought into the SCIF storing his discovery — he has been restricted to a typewriter, and so will be given more time to write the filings.

On October 6, Judge Jesse Furman ordered the two sides to come up with a new schedule for those motions by Friday to accommodate that restriction.

The FBI is also investigating Schulte for having contraband on his discovery laptop. Back in September, Schulte insisted that “the only material on the laptop was provided by the government or my attorneys.”

So early yesterday, the government filed a letter, effectively pre-empting one they said that Schulte’s attorney, Sabrina Shroff, had written but not yet docketed. They did so, they said, because hers was inaccurate and did not reflect consultation with Schulte, who is representing himself pro se on the last trial.

Counsel’s letter, which asks the Court to order the means by which the parties carry out their obligation to meet-and-confer about a proposed motions schedule, (i) is materially inaccurate, (ii) seeks unnecessarily burdensome and delay-laden restrictions on what should be a straightforward conversation about a schedule, and (iii) inappropriately attempts to speak on the defendant’s behalf with respect to an issue for which the defendant is pro se. Defense counsel’s letter falsely claims, for example, that the Government previously refused to have calls with the defendant while he was in the MDC and has “repudiated” this practice; when, in fact, the Government previously arranged meet-and-confer calls with the defendant during his courthouse SCIF days because doing so was logistically simpler. Here, where the defendant is no longer produced to the SCIF, the Government proposed a telephone call from the MDC, which defense counsel has been invited to join. When counsel objected to the call, the Government noted that the defendant is pro se and entitled to decide for himself whether or not to participate in the call and, if he declined to do so, the Government would attempt to confer through other means. The Government also offered to respond to a proposed schedule from the defendant conveyed by counsel. Rather than pursue either option or allow the defendant to speak for himself on this pro se matter,1 defense counsel submitted today’s letter to the Court.

1 Counsel’s letter does not assert that the defendant is incompetent to act for himself pro se and makes no representation that the defendant was consulted on the letter.

When Shroff’s letter was finally docketed (with two redactions describing Schulte’s current status, apparently something pertaining to having been moved from his prior cell), it became clear that she’s insisting on using the meet-and-confer as an opportunity to meet with him in person, rather than with her on the call, or barring that, ensuring that anything Schulte say not be used against him.

In the past, the government has fulfilled its meet and confer obligations by calling Mr. Schulte in the SCIF, where one or more of his standby counsel could be physically present and beside Mr. Schulte as he spoke with opposing counsel. During the time Mr. Schulte was entirely pro se, the government refused to have calls with him while he was at MDC-Brooklyn, insisting the calls take place while he was at the SCIF. Each call was recorded by the government and an FBI agent was present for the call.

In repudiation of this prior practice, the government now seeks to meet and confer with Mr. Schulte by arranging a telephone call with him at the MDC, meaning no defense counsel would be physically present next to Mr. Schulte during the call.1 Given (i) the hybrid representation in place; (ii) Mr. Schulte [redacted];2 and (iii) such a setup is not necessary, it would not be prudent for defense counsel to agree to such a meet and confer.

In lieu of the government’s proposal, defense counsel has offered to (i) take the government’s proposed briefing schedule to Mr. Schulte to get his sign-off;3 (ii) allow the meet and confer at the MDC, provided the government can arrange for Mr. Schulte’s counsel to be there physically with him in the same room; (iii) have Mr. Schulte produced at the 500 Pearl Street pens on the 4th floor for the meet and confer; or (iv) if the Court allows the meet and confer to take place outside the physical presence of counsel as the government demands, that the government agree not to use any purported spontaneous statements or questions that may come out during the call against Mr. Schulte at any future legal proceeding. The government has rejected each of these four proposals.

Given this impasse, and the importance of defense counsel being physically next to Mr. Schulte when the Government speaks with him, we respectfully ask the Court to Order the government to adopt one of the four proposals, so the meet and confer can proceed in a manner that allows defense counsel to step in and ensure that Mr. Schulte’s right against self-incrimination and right to counsel are protected.

1 Defense counsel has apprised the government of her unavailability on the government’s chosen date and time of October 19, 2022, and asked at the very least, the call be re-scheduled should the Court not grant the requested relief.

2 Neither the government nor the BOP informed counsel for Mr. Schulte [redacted] The BOP did not provide (for three days in row) the requested emergency legal calls. In person visits were also made unavailable. Counsel was told that the in-person visit could not take place as the room in the SAMs unit was occupied by other counsel, when in fact Mr. Schulte was not on his regular unit.

3 I twice offered to go to the MDC and vet with Mr. Schulte the government’s proposed briefing schedule for the Rule 29 and 33 motion. The government declined to provide its proposed timeline/schedule to me.

While Shroff’s letter sounds sketchy in light of Schulte’s own observation that any contraband had to have come from the government or his lawyers, Shroff is too smart to facilitate Schulte’s crimes. That said, the record suggests that he manipulates every single human being he comes into contact with, including his own family. I think the most likely explanation for any contraband is that he made a seemingly reasonable request for something from his lawyers, and then repurposed it.

The government, meanwhile, has used the recent developments to propose a long delay — with briefing to begin two months from now — on Schulte’s pretrial motions. Now they’re proposing he submit his motions on December 16.

I’ve been wondering how Schulte would respond to being accused of reaccessing CSAM material, something that, if proven, would make proving his pending charges on that easier to prove and also dramatically increase his potential sentence. He’s at the point where he has to be contemplating life in prison.

However he has and will respond, Shroff is worried about him speaking with the government without being present.

How Josh Schulte Got Judge Jesse Furman to Open a File in Internet Explorer

Something puzzles me about both Josh Schulte trials (as noted yesterday, the jury found Schulte guilty of al charges against him yesterday).

In both, the government introduced a passage from his prison notebooks advocating the use of the tools he has now been found guilty of sharing with WikiLeaks in an attack similar to NotPetya. [This is the version of this exhibit from his first trial.]

Vault 7 contains numerous zero days and malware that could be [easily] deployed repurposed and released onto the world in a devastating fashion that would make NotPetya look like Child’s play.

Neither time, however, did prosecutors explain the implications of this passage, which proved both knowledge of the non-public files released to WikiLeaks and a desire that they would be used, possibly by Russia, as a weapon.

Here’s how AUSA Sidhardha Kamaraju walked FBI Agent Evan Schlessinger through explaining it on February 26, 2020, in the first trial.

Q. Let’s look at the last paragraph there.

A. “Vault 7 contains numerous zero days and malware that could easily be deployed, repurposed, and released on to the world in a devastating fashion that would make NotPetya look like child’s play.”

Q. Do you know what NotPetya is?

A. Yes, generally.

Q. What is it?

A. It is a version of Russian malware.

Here’s how AUSA David Denton walked Agent Shlessinger through that same exact script this June 30 in the second trial.

Q. And the next paragraph, please.

A. “Vault 7 contains numerous zero days and malware that could easily be deployed,” struck through “repurposed and released onto the world in a devastating fashion that would make NotPetya look like child’s play.”

Q. Sir, do you know what NotPetya is?

A. Yes, generally.

Q. Generally, what is a reference to?

A. Russian malware.

The placid treatment of that passage was all the more striking in this second trial because it came shortly after Schulte had gone on, at length, mocking the claim from jail informant Carlos Betances that Schulte had expressed some desire for Russia’s help to do what he wanted to do, which in context (though Betances wouldn’t know it) would be to launch an information war.

Q. OK. Next, you testified on direct that I told you the Russians would have to help me for the work I was doing, right?

A. Yes, correct.

Q. OK. So the Russians were going to send paratroopers into New York and break me out of MCC?

MR. LOCKARD: Objection.

THE COURT: Sustained.

BY MR. SCHULTE: Q. What is your understanding of how the Russians were going to help?

A. No, I don’t know how they were going to help you. You were the one who knew that.

Q. What work was I doing for Russia?

A. I don’t know what kind of work you were doing for Russia, but I know you were spending long periods of time in your cell with the phones.

Q. OK.

A. With a sheet covering you.

Q. OK. But only Omar ever spoke about Russia, correct?

A. No. You spoke about Russia.

Q. Your testimony is you never learned anything about Omar and Russian oligarchs?

A. No.

Denton could easily have had Schlessinger point out that wanting to get a CIA tool repurposed in Russian malware just like the Russians had integrated stolen NSA tools to use in a malware attack of unprecedented scope would be pretty compelling malicious cooperation with Russia. It would have made Schulte’s mockery with Betances very costly. But Denton did not do that.

In fact, the government entirely left this theory of information war out of Schulte’s trial. In his closing argument for the second trial, for example, Michael Lockard explicitly said that Schulte’s weapon was to leak classified information, not to launch cyberattacks.

Mr. Schulte goes on to make it even more clear. He says essentially it is the same as taking a soldier in the military, handing him a rifle, and then begin beating him senseless to test his loyalty and see if you end up getting shot in the foot or not. It just isn’t smart.

Now, Mr. Schulte is not a soldier in the military, he is a former CIA officer and he doesn’t have a rifle. He has classified information. That is his bullet.

To be sure, that’s dictated by the charges against Schulte. Lockard was trying to prove that Schulte developed malicious plans to leak classified information, not that he developed malicious plans to unleash a global cyberattack that would shut down ports in the United States. But that’s part of my point: The NotPetya reference was superfluous to the charges against Schulte except to prove maliciousness they didn’t use it for.

I may return to this puzzle in a future post. For now, though, I want to use it as background to explain how, that very same day that prosecutors raised Schulte’s alleged plan to get CIA hacking tools used to launch a global malware attack, Schulte got Judge Jesse Furman to open a document in Internet Explorer.

One of the challenges presented when a computer hacker like Schulte represents himself (pro se) is how to equip him to prepare a defense without providing the tools he can use to launch an information war. It’s a real challenge, but also one that Schulte exploited.

In one such instance, in February, Schulte argued the two MDC law library desktops available to him did not allow him to prepare his defense, and so he needed a DVD drive to transfer files including “other binary files,” the kind of thing that might include malware.

Neither of these two computers suffices for writing and printing motions, letters, and other documents. The government proposes no solution — they essentially assert I have no right to access and use a computer to defend myself in this justice system.

I require an electronic transfer system; printing alone will not suffice, because I cannot print video demonstratives I’ve created for use at trial; I cannot print forensics, forensic artifacts, and other binary files that would ultimately be tens of thousands of useless printed pages. I need a way to transfer my notes, documents, motion drafts, demonstrative videos, technical research, analysis, and countless other documents to my standby counsel, forensic expert, and for filing in this court.

The government had told Schulte on January 21 that he could not have a replacement DVD drive that his standby counsel had provided in January because it had write-capabilities; as they noted in March, not having such a drive was not preventing him from filing a blizzard of court filings. Ultimately, in March, the government got Schulte to let them access the laptop to add a printer driver to his discovery laptop. Schulte renewed his request for a write-capable DVD, though, in April.

Schulte continued to complain about his access to the law library for months, sometimes with merit, and other times (such as when he objected to the meal times associated with his choice to fast during Ramadan) not.

The continued issues, though, and Schulte’s claims of retaliation by prison staffers, are why I was so surprised that when, on June 1, Sabrina Shroff reported that a guard had broken Schulte’s discovery laptop by dropping it just weeks before trial, she didn’t ask for any intervention from Judge Furman. Note, she attributes her understanding of what happened to the laptop to Schulte’s parents (who could only have learned that from Schulte) and the prison attorney (who may have learned of it via Schulte as well). In response, as Shroff had tried to do with the write-capable DVD, she was just going to get him a new laptop.

We write to inform the Court that a guard at the MDC accidently dropped Mr. Schulte’s laptop today, breaking it. Because the computer no longer functions, Mr. Schulte is unable to access or print anything from the laptop, including the legal papers due this week. The defense team was first notified of the incident by Mr. Schulte’s parents early this afternoon. It was later confirmed in an email from BOP staff Attorney Irene Chan, who stated in pertinent part: “I just called the housing unit and can confirm that his laptop is broken. It was an unfortunate incident where it was accidentally dropped.”

Given the June 13, 2022 trial date, we have ordered him a new computer, and the BOP, government, and defense team are working to resolve this matter as quickly as possible. We do not seek any relief from the Court at this time.

Only, as I previously noted, that’s not what happened to the laptop, at all. When DOJ’s tech people examined the laptop, it just needed to be charged. As they were assessing it, though,  they discovered he had a 15GB encrypted partition on the laptop and had been trying to use wireless capabilities.

First, with respect to the defendant’s discovery laptop, which he reported to be inoperable as of June 1, 2022 (D.E. 838), the laptop was operational and returned to Mr. Schulte by the end of the day on June 3, 2022. Mr. Schulte brought the laptop to the courthouse on the morning of June 3 and it was provided to the U.S. Attorney’s Office information technology staff in the early afternoon. It appears that the laptop’s charger was not working and, after being charged with one of the Office’s power cords, the laptop could be turned on and booted. IT staff discovered, however, that the user login for the laptop BIOS1 had been changed. IT staff was able to log in to the laptop using an administrator BIOS account and a Windows login password provided by the defendant. IT staff also discovery an encrypted 15-gigabyte partition on the defendant’s hard drive. The laptop was returned to Mr. Schulte, who confirmed that he was able to log in to the laptop and access his files, along with a replacement power cord. Mr. Schulte was admonished about electronic security requirements, that he is not permitted to enable or use any wireless capabilities on the laptop, and that attempting to do so may result in the laptop being confiscated and other consequences. Mr. Schulte returned to the MDC with the laptop.

1 The BIOS is firmware used to provide runtime services for operating systems and programs and to perform hardware initialization during the booting process. The BIOS settings can determine, for example, whether external ports and wireless capabilities are enabled or disabled.

This had all the markings of a hacker — someone who had once envisioned launching a cyberattack as part of his information war from jail — trying to prepare just such an attack.

Weeks later, during the trial, the government intimated that they might punish Schulte for that stunt, but were just trying to get through trial.

We have not taken any action in response to that, because we’re in the middle of trial and we’re loath to do things that would disrupt the trial at this point.

Along the way, though, Schulte’s laptop access continued to grow — for perfectly justifiable reasons tied to the trial, but which appears to have resulted in the discovery laptop (the one with the encrypted partition that he had apparently tried to access WiFi on) being in the same place as a second exhibit laptop, perhaps the very laptop originally intended to replace the one that wasn’t really broken at all. On June 13, Judge Furman ordered the Marshals to let Schulte keep his laptop at breaks. On June 15, Schulte got Furman to order the Marshals to let him use his second laptop, “just like the discovery laptop.”

MR. SCHULTE: OK. So the first thing is I think the marshals just need permission or authorization from you for me to be able to use the second laptop for my exhibits.

THE COURT: Use in the courtroom?

MR. SCHULTE: Yeah, be able to access and use it likeI use the other. I think there was court order for me to be able to use this laptop so they need authorization from you for me to use the second laptop.

THE COURT: And the second laptop is something that standby counsel procured? What is it?

MR. SCHULTE: Yes.

THE COURT: Any objection, Mr. Denton? Any concerns?

MR. DENTON: I think as long as it is something that’s used just here in the courtroom, that’s fine, your Honor. I think to the extent that it was going with the defendant anywhere else other than the courtroom, we would want to make sure that we applied the same security procedures that were applied to his original laptop.

THE COURT: Is it just to be used in this courtroom?

MR. SCHULTE: Yes. That’s correct. It is being locked, I think, in the FBI marshal’s room by the SCIF.

On June 17, Schulte asked Furman to issue a specific order to MDC to ensure he’d be able to “go to the law library and access the laptop.” Again, these are generally understandable accommodations for a defendant going pro se. But they may have placed his discovery laptop (normally used in MDC in Brooklyn) in close proximity to his exhibit laptop used outside of a SCIF in Manhattan.

With that in the background, on June 24, prosecutors described that just days earlier, Schulte had provided them code he wanted to introduce as an exhibit at trial. There were evidentiary problems — this was a defendant representing himself trying to introduce his own writing without taking the stand — but the real issue was his admission he was writing (very rudimentary) code on his laptop. As part of that explanation, the government also claimed that MDC had found Schulte tampering with the law library computer.

The third, however, and most sort of problematic category are the items that were marked as defense exhibits 1210 and 1211, which is code and then a compiled executable program of that code that appear to have been written by the defendant. That raises an evidentiary concern in the sense that those are essentially his own statements, which he’s not entitled to offer but, separately, to us, raises a substantial security concern of how the defendant was able to, first, write but, more significantly, compile code into an executable program on his laptop.

You know, your Honor, we have accepted a continuing expansion of the defendant’s use of a laptop that was originally provided for the purpose of reviewing discovery, but to us, this is really a bridge too far in terms of security concerns, particularly in light of the issues uncovered during the last issue with his laptop and the concerns that the MDC has raised to us about tampering with the law library computer. We have not taken any action in response to that, because we’re in the middle of trial and we’re loath to do things that would disrupt the trial at this point. The fact that defendant is compiling executable code on his laptop raises a substantial concern for us separate from the evidentiary objections we have to its introduction.

THE COURT: OK. Maybe this is better addressed to Mr. Schulte, but I don’t even understand what the third category would be offered for, how it would be offered, what it would be offered for.

MR. DENTON: As best we can tell, it is a program to change the time stamps on a file, which I suppose would be introduced to show that such a thing is possible. I don’t know. We were only provided with it on Tuesday. Again, we think there are obvious issues with its admissibility separate and apart from its relevance, but like I said, for us, it also raises the security concern that we wanted to bring to the Court’s attention.

[snip]

MR. SCHULTE: But for the code, the government produced lots of source code in discovery, and this specific file is, like, ten, ten lines of source code as well as —

THE COURT: Where does it come from? Did you write it?

MR. SCHULTE: Yes, I wrote it. That’s correct.

Schulte didn’t end up introducing the script he wrote. Instead, he asked forensics expert Patrick Leedom if he knew that Schulte had used the “touch” command in malware to alter file times.

Q. Do you know about the Linux touch command?

A. Yes.

Q. This command can be used to change file times, right?

A. Yes, it can.

Q. That includes access times, right?

A. Yes.

Q. And from reviewing my workstation, you know that I developed Linux malware tools for the CIA, right?

A. I know you worked on a few tools. I don’t know if they were Linux-specific or not, but —

Q. And you knew from that that I wrote malware that specifically used the touch command to change file times, right?

In the end, then, it turned out to be just one of many instances during the trial where Schulte raised the various kinds of malware he had written to hide his tracks, infect laptops, and jump air gaps, instances that appeared amidst testimony — from that same jail informant, Carlos Betonces — that Schulte had planned to launch some kind of key event in his information war from the (MCC) law library.

Q. That we — you testified that we were going to do something really big and needed to go to the law library, right?

A. You were paying $200 to my friend named Flaco to go to the library, yes.

Q. I paid someone money?

A. No. They were paying. And Flaco refused to take it downstairs. And the only option left was that they had to go down and take it themselves.

Q. OK. So Omar offered to pay money for Flaco to take some phone down, right?

A. That’s not how Flaco told me. That’s not the way Flaco described it. He said that both of them were offering him money.

Q. All right. But there were cameras in the law library, correct?

THE INTERPRETER: I’m sorry. Can you repeat the question?

Q. There were cameras in the law library, correct?

A. I don’t know.

Q. OK. But your testimony on direct was that me and Omar needed to send some information from the phone, right?

A. Let me explain it to you again. Not information. It’s that you had to do something in the, in the library. That’s what I testified about.

Q. OK. What did I have to do in the law library, according to you?

A. Well, you’re very smart. You must know the question. There was something down there that you wanted to use that you couldn’t use upstairs.

Q. OK. You also testified something about a USB drive, right?

A. Yes.

Q. You testified, I believe, that me and Omar wanted a USB device, right?

A. Yeah. You asked me all the time when the drive was going to arrive. When was it coming? When was it coming?

Q. OK. But there were already USB hard drives given to prisoners in the prison, right?

A. Not to my understanding.

Q. You don’t — you never received or saw anyone using a USB drive with their discovery on it?

A. No, because I — no, I hardly ever went down to the law library.

Q. All right. And then you said, you testified that you slipped a note under the guard’s door?

A. Yes.

Q. And that was about, you said something was going to happen in the law library, right?

THE INTERPRETER: Could you repeat the question, please?

MR. SCHULTE: Yes.

Q. You said that the note said something was going to happen in the law library, right?

A. Yes.

Which finally brings us to the Internet Explorer reference. During his cross-examination of FBI Agent Schlessinger on June 30, Schulte attempted to introduce the return from the warrant FBI served on WordPress after discovering Schulte was using the platform to blog from jail. The government objected, which led to an evidentiary discussion after the jury left for the weekend. The evidentiary discussion pertained to how to introduce the exhibit — which was basically his narrative attacking the criminal justice system — without also disclosing the child porn charges against Schulte referenced within them.

Schulte won that discussion. On the next trial day, July 6, Furman ruled for Schulte, and Schulte said he’d just put a document that redacted the references to his chid porn and sexual assault charges on a CD to share with the government.

MR. SCHULTE: Yes. I just — if I can get the blank CD from them or something I can just give it to them and they can review it.

But back on June 30, during the evidentiary discussion, Judge Furman suggested that the 80- or 90-page document that the government was looking at was something different than the file he was looking at.

That was surprising to Furman.

So was the fact that his version of the document opened in Internet Explorer.

MR. DENTON: Your Honor, on Exhibit 410 we recognize the Court has reserved judgment on that. I want to put sort of a fourth version in the hopper. At least in the version we are looking at, it is a 94-page 35000-word document. To the extent that the only thing the Court deems admissible is sort of the fact that there were postings that did not contain NDI, we would think it might be more appropriate to stipulate to that fact rather than put, essentially, a giant manifesto in evidence not for the truth. So I want to put that option out there given the scope of the document.

[snip]

MR. DENTON: Understood, your Honor. I think at that point, even if we get past the hearsay and the not for the truth problems, then there is a sort of looming 403 problem in the sense that it is a massive document that is essentially an manifesto offered for a comparatively small point. I think at that point it is risk of confusing the jury and potentially inflaming them if people decide to sit down and to read his entire screed, it significantly outweighs the fairly limited value it serves. But, we recognize the Court has reserved on this so I don’t need to belabor the point now.

THE COURT: Unless I am looking at something different, what I opened as Defendant’s Exhibit 410 — it opened for me in Internet Explorer, for some reason and I didn’t even think Internet Explorer existed anymore — and it does not appear to be 84 pages. So, I don’t even know if I am looking at what is being offered or not. But, let me add another option, which is if the government identifies any particular content in here that it thinks should be excluded under 403, then you are certainly welcome to make that proposal as well in the event that I do decide that it should come in in more or less its entirety with the child porn redacted. And if you think that there is something else that should be redacted pursuant to 403, I will consider that. All right?

MR. DENTON: We will make sure we are looking at the same thing and take a look at it over the weekend, your Honor.

To be clear: The reason this opened in IE for Furman is almost certainly that the document was old — it would date to October 2018 — and came in a proprietary form that Furman’s computer didn’t recognize. So for some reason, his computer opened it in IE.

That said, it’s not clear that the discrepancy on the page numbers in the file was ever addressed. Schulte just spoke to one of the prosecutors and they agreed on how it would be introduced.

And if a developer who had worked on malware in 2016 wanted an infection vector, IE might be one he’d pick. That’s because Microsoft stopped supporting older versions of IE in 2016, the year Schulte left the CIA. And WordPress itself was a ripe target for hacking in 2018. Schulte himself might relish using a Microsoft vector because the expert in the trial, Leedom, has moved onto Microsoft since working as a consultant to the FBI.

I have no idea how alarmed to be about all this. The opinions from experts I’ve asked have ranged from “dated file” to “he’d have to be lucky” to “unlikely but potentially terrifying” to “no no no no!” And Schulte is the kind of guy who lets grudges fester so badly that avenging the grudge becomes more important than all else.

So I wanted to put this out there so smarter people can access the documents directly — and perhaps so technical staff from the courthouse can try to figure out why that document opened in Internet Explorer.

Note: As it did with the first trial, Calyx Institute made the transcripts available. This time, however, they were funded by Germany’s Wau Holland Foundation. WHF board member Andy Müller-Maguhn has been named in WikiLeaks operations and was in the US during some of the rough period when Schulte is alleged to have leaked these documents. 

On Josh Schulte’s Continued Attempts to Hack the Judicial System

Last June, I argued that accused Vault 7 leaker Josh Schulte’s decision to represent himself involved a plan to “hack” the judicial system, not with computer code, but by introducing commands into the legal system to make it malfunction.

Joshua Schulte attempted to complete a hack of the court system yesterday.

I don’t mean that Schulte used computer code to bring down the court systems. His laptop doesn’t connect to the Internet, and so he does not have those tools available. Rather, over the 3.5 years he has been in jail, he has tested the system, figured out which messages can be used to distract adversaries, and which messages have an effect that will lead the system to perform in unexpected ways. He identified vulnerabilities and opportunities — SDNY arrogance, the pandemic and related court delays, Louis DeJoy’s postal system, and even the SAMs imposed on him — and attempted to exploit them.

[snip]

It is almost without exception an insanely bad idea for a defendant to represent themselves, and this is probably not that exception. Still, there are advantages that Schulte would get by representing himself. He’s brilliant, and clearly has been studying the law in the 3.5 years he has been in prison (though he has made multiple errors of process and judgment in his own filings). He has repeatedly raised the Sixth Amendment problems with Special Administrative Measures, notably describing how delays in receiving his mail make it impossible for him to respond to legal developments in timely fashion. So I imagine he’d prepare a Sixth Amendment challenge to everything going forward. He’d be able to demand access to the image of the server he is alleged to have hacked himself. By proceeding pro se, Schulte could continue to post inflammatory claims to the docket for sympathetic readers to magnify, as happened with a filing he submitted earlier this year. And after the government has made clear it will reverse its disastrous strategy from the first trial of making the trial all about Schulte’s conflicts with the CIA, by questioning witnesses himself, Schulte would be able to make personality conflicts central again, even against the government’s wishes. Plus, by not replacing Bellovin, Schulte would serve as expert himself. In that role, Schulte would present the false counter story he has been telling since he was jailed, but in a way that the government couldn’t cross-examine him. So it would probably be insanely detrimental, but less so than for most defendants that try it. It certainly would provide a way to mount the defense that Schulte clearly wants to pursue.

I also noted the signs that what Schulte really wanted to do was act as co-counsel with his attorneys, something prohibited by precedent in the 2nd Circuit.

Much of this has held up (though not regarding Steve Bellovin, Schulte’s superb expert; Schulte has effectively just waited for Bellovin to become available again). Schulte has engaged in the legal equivalent of a DDOS attack, with dozens of motions in the last year, many serial repeats of the same arguments rejected already, and seventeen appeals of one sort or another.

It appears that Schulte may still be attempting to have hybrid counsel. In a New Yorker profile that came out this week, his attorney, Sabrina Shroff, described how by going pro se, Schulte will not be bound by the legal ethics she is (particularly if he’s willing to face further charges for whatever he does at trial — his potential sentence is already so long any additional contempt or leaking charges might make little difference).

When you consider the powerful forces arrayed against him—and the balance of probabilities that he is guilty—Schulte’s decision to represent himself seems reckless. But, for the C.I.A. and the Justice Department, he remains a formidable adversary, because he is bent on destroying them, he has little to lose, and his head is full of classified information. “Lawyers are bound,” Shroff told me. “There are certain things we can’t argue, certain arguments we can’t make. But if you’re pro se ”—representing yourself—“you can make all the motions you want. You can really try your case.”

Nevertheless, Schulte recently wrote a letter inquiring about whether Shroff could cross-examine some of the witnesses and issue objections for him.

I fully expect Schulte to make his contentious relationship with his colleagues a central feature of the trial (Schulte even attempted, unsuccessfully, to exclude the one CIA witness who remained on good terms with him, which would have made it easy to portray his targeting as a vendetta by colleagues who hate him). I expect Schulte to disclose information about his colleagues — perhaps including that Jeremy Weber, a pseudonym, appears under his real name in the Ashley Madison hack, an allegation Schulte seemed primed to make in 2018. Whatever else Schulte does, he will attempt to raise the costs of this trial on the CIA.

Stipulating stipulations

No doubt he has other stunts planned. Schulte claimed this week that the government is refusing to stipulate to things from official custodians (like Google).

This doesn’t make sense, unless Schulte is trying to undermine the regularity of this evidence with stipulations.

All that said, I think I may have underestimated Schulte when I suggested he only intended to use legal filings as the code with which he would hack the judicial system.

When dropping a laptop alters its BIOS

On June 1, Shroff wrote the court informing Judge Jesse Furman that a guard had accidentally dropped Schulte’s discovery laptop, but asking for no further relief.

We write to inform the Court that a guard at the MDC accidently dropped Mr. Schulte’s laptop today, breaking it. Because the computer no longer functions, Mr. Schulte is unable to access or print anything from the laptop, including the legal papers due this week. The defense team was first notified of the incident by Mr. Schulte’s parents early this afternoon. It was later confirmed in an email from BOP staff Attorney Irene Chan, who stated in pertinent part: “I just called the housing unit and can confirm that his laptop is broken. It was an unfortunate incident where it was accidentally dropped.”

Given the June 13, 2022 trial date, we have ordered him a new computer, and the BOP, government, and defense team are working to resolve this matter as quickly as possible. We do not seek any relief from the Court at this time.

I think Shroff is a formidable defense attorney and she has no patience for the carceral regime that her clients face, particularly someone under strict measures like Schulte. Which is why I find it so odd that she was so blasé about what might be viewed as intentional retaliation against Schulte, just days before trial, especially given Schulte’s recent complaints about his access to the law library. A month earlier, after all, Shroff had described that efforts at détente with the jail had failed.

I’m especially puzzled about Shroff’s response given the discrepancy between her explanation — sourced to Schulte’s parents and the prison attorney, not anyone who could  be held accountable for a false claim — and that of the government.

On June 6, DOJ explained its resolution of the laptop. Their explanation sounds nothing like a dropped laptop, at all. It sounds like an attempted hack.

First, with respect to the defendant’s discovery laptop, which he reported to be inoperable as of June 1, 2022 (D.E. 838), the laptop was operational and returned to Mr. Schulte by the end of the day on June 3, 2022. Mr. Schulte brought the laptop to the courthouse on the morning of June 3 and it was provided to the U.S. Attorney’s Office information technology staff in the early afternoon. It appears that the laptop’s charger was not working and, after being charged with one of the Office’s power cords, the laptop could be turned on and booted. IT staff discovered, however, that the user login for the laptop BIOS1 had been changed. IT staff was able to log in to the laptop using an administrator BIOS account and a Windows login password provided by the defendant. IT staff also discovery [sic] an encrypted 15-gigabyte partition on the defendant’s hard drive. The laptop was returned to Mr. Schulte, who confirmed that he was able to log in to the laptop and access his files, along with a replacement power cord. Mr. Schulte was admonished about electronic security requirements, that he is not permitted to enable or use any wireless capabilities on the laptop, and that attempting to do so may result in the laptop being confiscated and other consequences.

All the more so given one of the new details disclosed in the New Yorker profile: that in his moments of desperation to keep his contraband cell phone charged in jail back in 2018, Schulte figured out how to hot-wire the phone to the light switch.

Schulte figured out a way to hot-wire a light switch in his cell so that it worked as a cell-phone charger. (The person who knew Schulte during this period praised his innovation, saying, “After that, all M.C.C. phones were charged that way.”)

In recent months, Schulte has been making technical requests, such as for his own printer or a write-capable DVD which (he explicitly said) he wanted to use to transfer “other binary files” in addition to trial exhibits, that seemed an attempt to acquire equipment that could be used for other purposes. Here, in the guise of an accident caused by a guard, Schulte got his laptop, with its BIOS alteration, its encrypted compartment, and apparent attempts to use wireless capabilities, into the office of the people prosecuting him, then got it returned with a new power cord.

Among the things Schulte worked on at CIA was a tool to jump an air gap and compressing and exfiltrating data.

The expanding Pompeo subpoena

Then there’s the way information has gotten to Schulte, who is under strict Special Administrative Measures that would normally limit news about his own case from getting shared with him (the following is not a commentary about the humanity  or constitutionality of SAMs, which are arguably not either; it is an observation that they may not be working). In a filing purporting to represent Schulte’s views as to why he needs to call Mike Pompeo as a witness, his stand-by attorneys laid out the following justification:

Secretary Pompeo was Director of the CIA in May 2017 when WikiLeaks began disclosing Vault 7 and Vault 8. As noted in prior briefings to the Court, [1] Mr. Pompeo was immediately debriefed about the WikiLeaks disclosure and specifically informed that Mr. Schulte was an early suspect. He was also told that Mr. Schulte had a disciplinary history. Further, less than a week after the disclosure, Secretary Pompeo approved the substance of the first search warrant application, authorizing the FBI to make various statements therein, at least some of which later proved untrue.

As such, Secretary Pompeo took an active role in the investigation against Mr. Schulte and has non-hearsay information that is relevant to the charges. Mr. Schulte also seek to inquire of Secretary Pompeo whether he directed his staff to consider charges against Mr. Schulte to the exclusion of anyone else or contrary to existing exculpatory evidence

Further, while the government has sought to establish the grave harm caused by the leak, just months after it allegedly occurred, [2] Secretary Pompeo championed WikiLeaks’ publication of the stolen DNS [sic] emails on social media. This disconnect, too, is ripe for examination.

Finally, as recently as September 2021, [3] Secretary Pompeo continued to voice his views on the prosecution of leaks from WikiLeaks, see https://nationalpost.com/news/trump-pompeo-and-cia-agents-discussed-kidnappingassassinating-assange-in-revenge-for-vault-7-leak. Secretary Pompeo’s evolving stance on the prosecution of leaks is relevant to the issues at trial. Accordingly, Mr. Schulte asks this Court to deny the government’s application to preclude Secretary Pompeo’s testimony. [my numbering]

In the past, I have argued that calling Pompeo as a witness is a reasonable request, for what I’ve marked as reason 2, above. As House Intelligence Chair, Mike Pompeo cheered WikiLeaks’ release of emails by Russia from the DNC. He did so in July 2016, months after Schulte is alleged to have transmitted the CIA files in early May 2016. That Pompeo’s support of WikiLeaks, even when he had access to intelligence about them, did not prevent him from being confirmed as CIA Director undercuts claims about Schulte’s perception of the particular damage leaking to WikiLeaks might do.

But the other two reasons are more suspect. Reason one, Pompeo’s approval of early steps in the investigation, is only a measure of what he got briefed, and the briefer would be the more direct witness to the substance of that briefing (and given the seniority of some of the witnesses who testified at his first trial, likely already appeared as witnesses. But Pompeo’s presumed briefing of the case to Donald Trump — before Trump almost blew the case by sharing those details with Tucker Carlson on the very day the FBI first searched Schulte — is another issue. I’m acutely interested in Trump’s treatment of the attack on the CIA by a Russian-associated outlet in 2017, but it really doesn’t indicate anything about Schulte’s guilt or innocence.

The last reason — the claim published by Yahoo but never matched by another outlet that Pompeo responded to the initial Vault 7 release by asking about the possibility of assassinating Julian Assange — is a more dubious argument still. Remember: This is Schulte’s standby counsel writing this filing. They’re not under SAMs, Schulte is, but they’re only his standby counsel, and so should only be posting things he can be privy to. The rationale for calling Pompeo is presented as Pompeo’s comments, from September 2021, responding to the Yahoo story. Except the story linked — to a Canadian story on the Yahoo story published a day before Pompeo’s response — doesn’t reflect those 2021 comments from Pompeo at all. If Pompeo were really asked to testify about this, he would debunk parts of it, as his actual public comments about the story did. If the Yahoo story became an issue at trial, it might come out that the story repeats a claim (though nowhere near the most inflammatory claim of the story) made publicly by a WikiLeaks surrogate in 2020, but never (AFAIK) made publicly elsewhere, and that Michael Isikoff had persistently suppressed details from the Stone prosecution that debunk large parts of the Yahoo story. That is, if the Yahoo story became an issue at Schulte’s — or anyone else’s — trial, it could easily be discredited, like several of the other stories used in WikiLeaks’ campaign against Assange’s extradition. But Schulte, who has purportedly read about this in spite of his SAMs, would like to make it an issue at his trial.

A minute note in the docket may indicate that the two sides settled this issue on Friday. So we’re likely to be deprived of Pompeo’s testimony for a second Schulte trial.

The [redacted] discovery

I find reasons one and three particularly interesting given a series of documents that presumably relate to a broader-than-publicly understood investigation into WikiLeaks. Schulte was provided materials from that investigation in discovery on April 6 or 8. Schulte sent Judge Furman a request on April 29 (perhaps not coincidentally, after a UK judge approved Assange’s extradition, though the actual extradition decision remains pending before Priti Patel) asking to obtain all the discovery from that case, have it excluded from the protective order so he could use it at trial, and asking Furman to give Schulte an investigator so he could learn more about that investigation. In response to an order from Furman, the government responded on May 16. All the materials were docketed on May 25.

The materials are so heavily redacted as to offer little illumination to the subject. They do say, however, that the investigation “is neither known to the public nor to all of the targets of the investigation,” suggesting that at least one of those targeted is aware of it, and that DOJ is working with targets, not subjects. DOJ asserts that Schulte’s claims about the utility of the evidence for his trial conflict. It also describes that Schulte wants to argue — falsely, DOJ asserts — that this evidence proves the Vault 7 materials were obtained by hackers. Given the original discovery letter and subsequent treatment, it is unclear to me whether this information is considered classified, or just confidential. But the government, unsurprisingly, argues that the material shouldn’t be released.

[B]ecause the [redacted] Investigation Materials relate to an ongoing criminal investigation, and their disclosure could cause serious harms to that investigation and other law enforcement interests.

The argument for Pompeo’s testimony, above, came after DOJ responded to Schulte’s request for more information. That is, Schulte’s defense stretched beyond a completely legitimate claim that Pompeo’s actions prove that even the CIA did not consider support for WikiLeaks disqualifying at the moment Schulte allegedly leaked the files, to claims that are little more than repetitions of Trumpist and WikiLeaks propaganda.

Meanwhile, Schulte is asking for a two day adjournment of trial after jury selection starting tomorrow, partly on account of the laptop, partly because the government has shifted the order in which they’ll present witnesses, this time starting with Richard Evanchec, one of the FBI Agents who originally investigated the leak, rather than Schulte’s colleagues at the CIA (among other things, doing so will foreground Schulte’s easily debunked cover story, which he plans to tell himself in court).

Sometime this week, Schulte will have his moment in court, this time running his own defense and exploiting whatever hacks — digital or legal — he has succeeded in launching over the last year or four. As Shroff says, Schulte’s not bound by professional ethics in any way that would limit what arguments he makes. Schulte will undoubtedly attempt to feed the jury the kind of code that the legal system normally doesn’t expect. We will then get to see whether such code causes the system to malfunction.

Five Years after WikiLeaks Exposed CIA Identities in Vault 7, UK Moves Closer to Assange Extradition

Last November, in response to an order from Judge Jesse Furman, DOJ said that they were fine with accused Vault 7 leaker Joshua Schulte’s request for a delay before his retrial. In fact, they didn’t think a Schulte retrial could start before March 21.

Although the Government is available for trial at any time in the first or second quarters of 2022, the Government does not believe it would be practical to schedule the trial prior to March 2022. In particular, although the Government believes that the Court’s prior rulings pursuant to Section 6 of CIPA address the vast majority of questions concerning the use of classified information at trial in this matter, it appears likely that the defendant will seek to use additional classified information beyond that previously authorized by the Court. The process for pretrial consideration of that application pursuant to Section 6 is necessarily complex, entailing both briefing and hearings in a classified setting. To the extent the Court authorizes the defendant to use additional classified information, implementation of the Court’s rulings can also take time, such as through either declassification of information or supplemental briefing regarding the application of Section 8 of CIPA (authorizing the admission of classified evidence without change in classification status). The proposed trial date also takes into consideration matters discussed in the Government’s ex parte letter submitted on August 4, 2021. Accordingly, in order to afford sufficient time both for the likely upcoming CIPA litigation and for the parties to prepare for trial with the benefit of any supplemental CIPA rulings, the Government believes that the earliest practical trial date for this matter would be March 21, 2022.

Part of this delay was to revisit the Classified Information Procedures Act decisions from the first trial because, now that he’s defending himself, Schulte likely wanted to use more classified information than Sabrina Shroff had used in the first trial. It turns out March 21 was overly optimistic for CIPA to be done. Because of an extended debate over how to alter the protective order, the government will only file its CIPA motion tomorrow (it just asked to submit a much longer filing than originally permitted, and got permission to file a somewhat longer one).

It’s the other part of the government’s interest in delay — its references to “matters discussed” in a sealed letter from August 4 — that I’ve been tracking with interest, particularly as the Assange extradition proceeded. As I noted earlier, that August 4 letter would have been sent five years to the day after Schulte started searching on WikiLeaks, Edward Snowden, and Shadow Brokers (according to the government theory of the case, Schulte stole and leaked the CIA’s hacking tools earlier, in late April and early May 2016).

Since those mentions of a sealed letter last year, the government has asked for and gotten two meetings to discuss classified information with Judge Fruman under section 2 of CIPA, first for February 8 (after which a sealed document was lodged in Chambers), and the second one for March 9.

Section 2 provides that “[a]t any time after the filing of the indictment or information, any party may move for a pretrial conference to consider matters relating to classified information that may arise in connection with the prosecution.” Following such a motion, the district court “shall promptly hold a pretrial conference to establish the timing of requests for discovery, the provision of notice required by Section 5 of this Act, and the initiation of the procedure established by Section 6 (to determine the use, relevance, or admissibility of classified information) of this Act.”

That second CIPA Section 2 meeting, on March 9, would have taken place days after the five year anniversary for the first Vault 7 publication, and with it the publication of the names or pseudonyms and a picture of several colleagues Schulte had vendettas against.

Schulte acknowledged that publication in a recently-released self-justification he wrote to an associate after the Vault 7 release (it’s unclear when in 2017 or 2018 he wrote it), one he’s making a renewed attempt to suppress.

The names that were allegedly un-redacted were pseudonyms — fake names used internally in case a leak happened. Those of us who were overt never used last names anyway; This was an unwritten rule at the agency — NEVER use/write true last names for anyone. So I was convinced that there was little personal information revealed besides a picture of an old boss of mine that was mistakenly released with the memes.

Not long after he acknowledged the rule against using people’s names in that self-justification, Schulte used the names of the three colleagues he was most angry at: His boss Karen, his colleague “Jeremy Weber,” and another colleague, Amol, names that were also central to his efforts to leak from jail. If the FBI could ever develop evidence that Weber’s name was deliberately left in WikiLeaks’ Vault 7 publication, both Schulte and anyone else involved would be exposed to legal liability for violating the Intelligence Identities Protection Act, among other crimes.

On Monday, one week short of the day DOJ thought might be a realistic start day for the retrial, the British Supreme Court refused Assange’s bid to appeal a High Court decision accepting (flimsy) US assurances that Assange would not be held under Special Administrative Measures, finding that the appeal “does not raise an arguable point of law.”

Given the timing of the sealed filings in the Schulte case and the way the 2020 superseding indictment accuses Assange of “exhort[ing a Chaos Computer Club] audience to join the CIA in order to steal and provide information to WikiLeaks,” effectively teeing up Schulte’s alleged theft, I would be unsurprised if one of the things DOJ was delaying for weren’t this moment, some resolution to the Assange extradition.

To be sure: the Assange extradition is not over, not by a long shot. As a letter from his attorneys explains, this decision will go back to Vanessa Baraitser, who will then refer the extradition to Home Secretary Priti Patel. Assange will have four weeks to try to persuade Patel not to extradite him.

And, as the same letter notes in classically British use of the passive voice, Assange could still appeal Baraitser’s original ruling.

It will be recollected that Mr Assange succeeded in Westminster Magistrates’ Court on the issue subsequently appealed by the US to the High Court. No appeal to the High Court has yet been filed by him in respect of the other important issues he raised previously in Westminster Magistrates’ Court. That separate process of appeal has, of course, has yet to be initiated.

But an appeal on these issues would be decidedly more difficult now than they would have been two years ago.

That’s true, in part, because the Biden Administration’s continuation of Assange’s prosecution has debunked all the bullshit claims Assange made about being politically targeted by Donald Trump.

I also expect at least one of the purportedly exculpatory stories WikiLeaks has been spamming in recent months to be exposed as a complete set-up by WikiLeaks — basically an enormous hoax on WikiLeaks’ boosters and far too many journalist organizations. WikiLeaks has become little more than a propaganda shop, and I expect that to become clearer in the months ahead.

Finally, if the US supersedes[d] the existing indictment against Assange or obtains[ed] a second one in the last seven months, it will badly undermine any remaining claim Assange has to doing journalism. That’s true for a slew of reasons.

As I laid out here, the part of the Baraitser ruling that distinguished Assange’s actions from journalism based on his solicitation of hacks relied heavily on the language that directly teed up the hack-and-leak Schulte is accused of.

Mr. Assange, it is alleged, had been engaged in recruiting others to obtain information for him for some time. For example, in August 2009 he spoke to an audience of hackers at a “Hacking at Random” conference and told them that unless they were a serving member of the US military they would have no legal liability for stealing classified information and giving it to Wikileaks. At the same conference he told the audience that there was a small vulnerability within the US Congress document distribution system stating, “this is what any one of you would find if you were actually looking”. In October 2009 also to an audience of hackers at the “Hack in the Box Security Conference” he told the audience, “I was a famous teenage hacker in Australia, and I’ve been reading generals’ emails since I was 17” and referred to the Wikileaks list of “flags” that it wanted captured. After Ms. Manning made her disclosures to him he continued to encourage people to take information. For example, in December 2013 he attended a Chaos computer club conference and told the audience to join the CIA in order to steal information stating “I’m not saying don’t join the CIA; no, go and join the CIA. Go in there, go into the ballpark and get the ball and bring it out”. [emphasis Baraitser’s]

If the government proves what is publicly alleged, Schulte’s actions have nothing to do with whistleblowing and everything to do with vindictive hacking to damage the CIA, precisely what Assange was eliciting. Plus, even if such a hypothetical superseding indictment added just Vault 7/Vault 8 charges against Assange, it could put extortion and IIPA on the table (the latter of which would be a direct analogue to the UK’s Official Secrets Act), to say nothing of the still unexplained fate of the CIA source code which — as Schulte himself acknowledged — would have provided an unbelievable benefit had Russia had received it.

And that assumes that Vault 7/Vault 8 would be the only thing the US wanted to supersede with. When Jeremy Hammond asked prosecutors why they hadn’t charged Assange for helping Russia tamper in US elections, they appeared to respond by describing the long time it would take to extradite Assange, implying that they still had time to charge Assange. To be sure, Mueller concluded that he “did not have admissible evidence that was probably sufficient to obtain and sustain a Section 1030 conspiracy conviction of WikiLeaks [or] Assange.” But the implication was that Mueller had evidence, just not stuff that could be submitted at trial. The extradition of Vladislav Klyushin — whose lawyer believed the US was particularly interested in his knowledge of the 2016 operation — might change that. (Like Assange, Klyushin’s extradition was also pending when DOJ submitted that first sealed filing; Klyushin’s case has been continued to share more discovery.)

There are several other operations WikiLeaks was involved in in 2015 and afterwards that would undermine any claim of being a journalistic outlet — and would add to the evidence that Assange had, at least by those years, been working closely to advance the interests of the Russian government.

It would be very hard to argue that Assange was being prosecuted for doing journalism if the US unveiled more credible allegations about the multiple ways Assange did Russia’s bidding in 2016 and 2017, even in normal times. All the more so as Russia is continuing its attack on democracy with its invasion of Ukraine.

And that’s what Assange faces as he attempts to stay out of the US.

More on Joshua Schulte’s Attempted Hack of the Justice System

A few weeks ago, I described what I believed was an attempt by Joshua Schulte to hack the judicial system — not by using computer code, but by exploiting legal code. In a status hearing, he claimed that he had informed prosecutors that he wanted to proceed pro se (representing himself). The sole remaining member of the prosecution team, David Denton, said he hadn’t heard of it.

A letter submitted by Denton and AUSA Michael Lockard today, who has joined the team, explains why: after they reviewed one of many appeals Schulte had filed (this one a demand for the judge in this case to recuse), he actually informed of his purported decision Judge Paul Crotty ex parte, before he sent a contrary filing, also ex parte. Crotty, having gotten no unequivocal indication that Schulte intended to proceed pro se, did nothing, which is part of the basis for Schulte’s mandamus filing.

On June 9, 2021, the defendant filed a pro se petition for a writ of mandamus in the Second Circuit seeking to recuse the District Court, claiming, among other things, that the defendant “petitioned [the Court] to represent himself in multiple letters throughout November 2020,” and that the Court “did not hold a Faretta hearing as required by law.” In Re: Joshua Schulte, 21-1445, Dkt. 1 at 10 (2d Cir. 2021). At the status conference in this matter on June 15, 2021, the Government noted that no such request appeared on the docket for this case, and that the Government was not aware of the defendant expressing “an unequivocal intent to forego the assistance of counsel.” Williams, 44 F.3d at 100. At the conference, defense counsel, at the defendant’s apparent request, stated that this was incorrect, and the defendant did wish to proceed pro se. Following the conference, defense counsel forwarded the Government a copy of a letter dated November 6, 2020, in which the defendant indicated his desire to proceed pro se, and informed the Government that the request had been submitted by the defendant to the Court ex parte. Defense counsel further explained that, in subsequent ex parte communication with the Court following the defendant’s November 2020 letter, defense counsel had advised the Court that the defendant intended to continue with counsel.

Much of the letter submitted today is routine process for when a defendant claims to want to represent himself. Among the precedents the government cites are two (one in this circuit) holding that a defendant cannot be co-counsel with his defense attorney, which is effectively what Schulte has done.

(4) a defendant who elects to proceed pro se “has no constitutional or statutory right to represent himself as co-counsel with his own attorney,” United States v. Tutino, 883 F.2d 1125, 1141 (2d Cir. 1989); see also Schmidt, 105 F.3d at 90 (“[T]here is no constitutional right to hybrid representation.”).

And while at the hearing Sabrina Shroff had suggested she and Deborah Colson serve as stand-by counsel, the government rightly notes that in his mandamus petition, Schulte raised conflicts reviewed before his first trial, which is something amounting to advice from Shroff that Schulte write down everything he wanted to leak in his prison notebook. They’re using that to ask that Crotty appoint someone besides Shroff (though they don’t name her) as standby counsel.

With regard to the appointment of standby counsel, the Government notes that the defendant’s recently filed pro se mandamus petition reiterates his prior claims that he wishes to call as witnesses certain of his prior and current counsel from the Federal Defenders of New York, although that claim is framed in the context of arguing that the Court’s prior rulings on this issue demonstrate bias that requires the Court’s recusal, rather than seeking relief from the Court’s orders themselves. See In Re: Joshua Schulte, 21-1445, Dkt. 1 at 4-9 (2d Cir. 2021). Accordingly, in order to avoid later claims alleging any purported conflict-of-interest, the Government respectfully suggests that it would be prudent for the Court to appoint as standby counsel one of the defendant’s current or former attorneys not implicated in the defendant’s claims asserting conflict or implicating the attorney-witness rule.

So the letter explains what, in a normal court room, is going on. But I maintain that Schulte is (and has been, for some time) attempting to do what he did with CIA’s computer systems: send a bunch of conflicting messages to get the machine to operate in a way entirely unexpected. Indeed, one tactic he’s using is one he used several times at CIA, the same tactic small children use when one parent gives them a response they don’t like: Schulte is bypassing his criminal docket (both through the use of the ex parte letters and the non-associated dockets, to ensure the government didn’t learn of this ploy until all the Speedy Time would, if the ploy is successful, have elapsed).

If I were the government I’d have some good hacking investigators review the docket to try to understand it all from a hacker’s brain. Because, at the very least, I suspect Schulte plans to claim that the government simply forgot to hold his second trial.

Joshua Schulte Attempts to Hack the Court System

Joshua Schulte attempted to complete a hack of the court system yesterday.

I don’t mean that Schulte used computer code to bring down the court systems. His laptop doesn’t connect to the Internet, and so he does not have those tools available. Rather, over the 3.5 years he has been in jail, he has tested the system, figured out which messages can be used to distract adversaries, and which messages have an effect that will lead the system to perform in unexpected ways. He identified vulnerabilities and opportunities — SDNY arrogance, the pandemic and related court delays, Louis DeJoy’s postal system, and even the SAMs imposed on him — and attempted to exploit them.

As a reminder, a jury hung on the most serious charges against Schulte in March 2020. Afterwards, the government moved to retry Schulte quickly, but his defense attorneys said they needed more time, in part because their expert, Steve Bellovin, was for health reasons unwilling to serve as an expert during COVID. Last November, Judge Paul Crotty scheduled a trial to start June 7, 2021, which would have been a week ago Monday. In March, Schulte’s superb attorney, Sabrina Shroff, moved to delay the trial once more, to October, still citing Bellovin’s withdrawal.

Meanwhile, starting in January, Schulte started submitting pro se filings, some filed through Shroff, and some sent directly. The government responded to a motion for habeas corpus (basically, to point out he needs to file suit against the Warden of MCC, not the prosecution), but did not respond to his motion to suppress evidence seized from the MCC jail. When Schulte filed to request direct access to Lexus Nexis, the government responded, in part, by asking Judge Crotty to force Schulte to decide whether he was representing himself, pro se, or, if not, then to solely allow Shroff and her team to make filings on his behalf.

The defendant’s request appears to be an attempt to further his pattern of engaging in inappropriate, quasi-pro se litigation. The Court should not consider the defendant’s instant letter for that reason. “A defendant has a right either to counsel or to proceed pro se, but has no right to ‘hybrid’ representation, in which he is represented by counsel from time to time, but may slip into pro se mode for selected presentations.” United States v. Rivernider, 828 F.3d 91, 108 (2d Cir. 2016). Although the Court has “discretion to hear from a represented defendant personally,” id. at 108 n.5, “the interests of justice will only rarely be served by a defendant’s supplementation of the legal services provided by his . . . counsel,” United States v. Swinton, 400 F. Supp. 805, 806 (S.D.N.Y. 1975). To the extent the defendant has any colorable claims for relief, his attorneys can present them to the Court, and the Court should reject the defendant’s attempts to “slip into pro se mode,” Rivernider, 828 F.3d at 108, whenever it suits him. See, e.g., United States v. Crumble, No. 18 Cr. 32 (ARR), 2018 WL 3112041, at *4 (E.D.N.Y. June 25, 2018) (“As Markus has not elected to represent himself, he does not have a right to make a motion on his own behalf, nor does he have a right to insist that the district court hear his applications. While I have previously exercised my discretion to entertain Markus’s pro se submissions, I will do so no longer. If Markus wishes to file any further motions, he is directed to ask his trial counsel—or appellate counsel— to adopt this motion. I trust that assigned counsel will file any motions that they do not view as frivolous on Markus’s behalf. Any pro se motions made by Markus, however, will be summarily denied.” (cleaned up)).

In any event, even if the Court considers the defendant’s submission, it is without merit. As his letter acknowledges, he has access to legal databases (a fact confirmed by the volume of his recent pro se filings), but additionally he demands special access to “filings, briefs, modern search, and the ability to print.” The defendant’s claims about the purported deficiencies of the databases to which he does in fact have access do not support such demands or establish a basis for relief. “[A]n inmate cannot establish relevant actual injury simply by establishing that his prison’s law library or legal assistance program is subpar in some theoretical sense.” Lewis v. Casey, 518 U.S. 343, 351 (1996). The defendant identifies no reason he should be afforded special access beyond that which the facility provides in the normal course, and at bottom, he is represented by counsel who have the ability to make well-researched and thoroughly prepared legal claims on his behalf.

Crotty denied Schulte’s request for Lexus Nexis, but didn’t address the pro se request.

Meanwhile, two of the three prosecutors on the team, Matthew LaRoche and Sidhardha Kamaraju, withdrew from the case, both because they’ve left government. LaRoche was involved in a prosecution that collapsed because the government committed a Brady violation, but Kamaraju was not. Kamaraju, however, probably has the most computer expertise of the original three.

Yesterday there was a remarkable status hearing. Crotty started by asking the remaining prosecutor, David Denton, when replacement prosecutors will file an appearance. Imminently, Denton said, though it sounded like he didn’t believe that.

Crotty asked whether Shroff has found an expert. Curiously, she explained that Bellovin still can’t do it, even with the waning risk of COVID, because of his schedule at Columbia University. Crotty noted that it is her responsibility to find an expert (she had said in a November status conference that it would amount to ineffective assistance not to have one).

But the real stunner came at the end, when Shroff said that Schulte wanted her to tell the court that he had told the government back in November that he was proceeding pro se. Denton responded that this was the first he had heard of such a thing, and Shroff responded that he was incorrect; Schulte had informed the government in November.

The hearing ended with a commitment to brief whether Schulte can proceed pro se.

It is almost without exception an insanely bad idea for a defendant to represent themselves, and this is probably not that exception. Still, there are advantages that Schulte would get by representing himself. He’s brilliant, and clearly has been studying the law in the 3.5 years he has been in prison (though he has made multiple errors of process and judgment in his own filings). He has repeatedly raised the Sixth Amendment problems with Special Administrative Measures, notably describing how delays in receiving his mail make it impossible for him to respond to legal developments in timely fashion. So I imagine he’d prepare a Sixth Amendment challenge to everything going forward. He’d be able to demand access to the image of the server he is alleged to have hacked himself. By proceeding pro se, Schulte could continue to post inflammatory claims to the docket for sympathetic readers to magnify, as happened with a filing he submitted earlier this year. And after the government has made clear it will reverse its disastrous strategy from the first trial of making the trial all about Schulte’s conflicts with the CIA, by questioning witnesses himself, Schulte would be able to make personality conflicts central again, even against the government’s wishes. Plus, by not replacing Bellovin, Schulte would serve as expert himself. In that role, Schulte would present the false counter story he has been telling since he was jailed, but in a way that the government couldn’t cross-examine him. So it would probably be insanely detrimental, but less so than for most defendants that try it. It certainly would provide a way to mount the defense that Schulte clearly wants to pursue.

But I think that’s just Schulte’s fall-back plan.

I think his current plan is to argue that, because anything his attorneys did in his name after he purportedly informed prosecutors he was proceeding pro se would be a legal nullity, then two things have happened since that allegedly occurred that will permit him to demand immediate release. First, if his attorneys’ agreements to exclude time from the Speedy Trial clock were not valid, then it would mean the government has run out of time to prosecute Schulte. Additionally, if a request that Shroff made in March to reschedule the trial was not valid, then the trial would have still been scheduled for last week. I suspect Schulte will try to argue that the government forgot to hold their trial and so must be released.

Mind you, there’s no evidence in the docket that Schulte informed prosecutors, much less the court, that he was proceeding pro se. There’s a filing he made in April 2020 that claimed he had no lawyers and made requests as if he was proceeding pro se, one that everyone ignored. But according to Shroff, that’s not the notice; the notice took place in November. Still, given how Schulte has carefully tested how the mail system works with SAMs and COVID, I don’t rule out him sending a letter directly to prosecutors.

The other problem with his claim to be proceeding pro se is that in a May filing, Schulte referred to the October trial (meaning, he recognizes the validity of both that request and Shroff’s exclusion of time under the Speedy Trial Act) and complained that his attorney-client mail was being opened. If he were proceeding pro se without Crotty formally appointing Shroff as standby counsel, their communications would have no privilege. So he has said two things in a pro se filing that are inconsistent with really proceeding pro se.

Certainly, Shroff has said things — in multiple venues — that indicate she believed she remained Schulte’s lawyer.

Given that Schulte claims everything his legal team has done since November was done without his sanction, though, the government would seem to have cause to ask Crotty to assign entirely different lawyers to serve as Schulte’s stand-by counsel, if indeed he does proceed pro se going forward. Which would make his plan for the actual trial, if it ever happens, untenable.

To be sure, I’m not saying this is going to work. But the government — what’s left of the prosecution team, anyway — had better understand that Schulte has been treating the court system with the same adversarial approach as he allegedly did the CIA’s servers. Schulte is claiming to have entered a command into his prosecution back in November that hacked the system, effectively changed the effect of everything that has happened since. Just trusting that such a possibility cannot happen under the legal system is probably a bad idea given where the CIA’s trust that Schulte wouldn’t hack the system turned out.

Update: Via InnerCity Press, there’s the transcript of the hearing.


April 12, 2020: Schulte claims he has no attorneys, claims only a few months remain on Speedy Trial

May 31, 2020: Shroff asks for a week extension to respond to government scheduling motion

June 8, 2020: Schroff requests a status conference for August or September 2020, acting as if Schulte’s request did not exist

June 15, 2020: Shroff initiates White Plains grand jury challenge

June 19, 2020: SDNY extends Speedy Trial to July 1, 2020

July 16, 2020: Shroff informs Judge Crotty Schulte will not reply to Rule 29 motion

July 27, 2020: Shroff asks for extension on grand jury challenge

July 28, 2020: Shroff asks for ESXi server (basically a repeat of Schulte’s April request)

July 30, 2020: Shroff asks for two week delay on status hearing citing (in part) Steve Bellovin’s withdrawal

August 14, 2020: Shroff asks for two week extension on reply to request for ESXi server

September 15, 2020: Shroff reply on ESXi laptop

September 16, 2020: SDNY proposes schedule, with January 2021 trial date

September 21, 2020: SDNY responds to Bellovin submission of ex parte declaration

October 14, 2020: SDNY asks for 30 day exclusion

October 30, 2020: Shroff requests Schulte appear remotely

November 4, 2020: Status conference, trial set for June 7, 2021, with time excluded; Shroff maintains it would be ineffective counsel to go to trial without expert

THE COURT: Are you entitled to an expert?

MS. SHROFF: In a case like this, yes. I’m quite certain I’m entitled to an expert. I think it would be clear error and ineffective assistance of counsel to try this case without an expert, without a doubt.

November 16, 2020: Shroff-submitted motion to dismiss on White Plains grand jury

November 19, 2020: Shroff submits request for VTC meeting with Schulte’s family

January 1, 2021: Schulte motion to suppress MCC evidence (docketed February 24)

January 7, 2021: Shroff requests 2 week extension on White Plains grand jury reply

January 19, 2021: Shroff files Schulte pro se motion for writ of habeas corpus regarding SAMs, dated December 25, 2020

January 22, 2021: Shroff requests two week extension on January 21 deadline for reply on White Plains grand jury reply

January 22, 2021: Shroff requests funds for new laptop for Schulte

January 27, 2021: Civil Division AUSA asks Crotty to dismiss motion for writ so it can be refiled naming Warden as defendant

February 22, 2021: Shroff submits reply on White Plains grand jury challenge

February 24, 2021: Schulte files motion to reconsider decision on habeas (docketed March 4)

March 19, 2021: Schulte calls on Crotty to decide his motion to suppress on the merits, given government non-response (docketed April 5)

March 22, 2021: Shroff moves, with consent of Schulte, to reschedule trial to last quarter of 2021

March 24, 2021: Crotty denies motion to dismiss; Crotty reschedules trial for October 25, excludes time

April 12, 2021: Schulte asks for Lexus Nexis (docketed April 29)

May 5, 2021: Schulte complains about mail delays (docketed May 19); among other things it reflects an October trial date and references attorney-client mail

May 7, 2021: Matthew LaRoche withdraws

May 11, 2021: SDNY submits opposition to Lexus Nexis request, including request for order that Schulte not submit pro se

June 3, 2021: Sidhardha Kamaraju withdraws

June 7, 2021: Date of trial scheduled in November 2020

June 15, 2021: Status hearing at which Schulte claims to have been representing himself pro se since November

Grits: The Difference between Joshua Schulte’s Complaints about SAMs and Those of His Attorneys

Accused Vault 7 leaker Joshua Schulte got himself back in the news with a challenge to the Special Administrative Measures he has been under since he tried to leak information from jail in October 2018.

His latest complaints closely mirror those he made in a separate lawsuit in April 2019 (though in the earlier one, Schulte claimed that Chapo Guzmán was one of the few people on the same floor, not like that should have mattered).

You can tell this one is self-indulgent from Schulte’s claim that there’s no legitimate reason to require his meetings with his family be monitored.

There is no “legitimate governmental objective” to denying a pre-trial detainee the ability to see both his parents at once, to have a contact visit with them, to visit with them in private, or to contact them as often as other inmates. The government has never charged Mr. Schulte with disclosure of classified information through social visits or phone calls. Regardless, the government cannot take a preventative measure of limiting free speech to stop future potential crimes.

Not only did Schulte share protected information via his family in the past, but he was caught sharing information he recognized was protected (which the government suggests may have been classified) on a phone with someone appearing to be a journalist. Sure, he wasn’t charged for that. The government waited until he did it again, this time using ProtonMail, before charging him.

Plus, some of his complaints really address the sheer arbitrariness of prison life, not SAMs per se.

The MCC bans 10S inmates from equal commissary. These randomly banned items include mouthwash, vitamin E, a book light, a bowl, a radio, earbuds, composition notebooks, reading glasses, honey, A&D ointment, artificial tears, gas relief tabs, prilosec tabs, Tylenol, mirrors, dish soap, pens, albums, Sudoku puzzles, mugs, socks, shorts, V05 body soap, suave lotion, herbal essence shampoo, bagels, BBQ sauce, grits, salt and pepper, honey buns, jolly ranchers, shabangs, combs, sharp cheddar cheese, crackers, soy sauce, wheat thins, assorted tea, and coffee, among many, many more items. It’s so random that “raisin brand” cereal is allowed, but “cheerios” cereal is banned (sold in same bag).

One can best measure of the merit of Schulte’s claim, however, by comparing that April 2019 complaint with what his attorneys submitted in a formal challenge to his SAMs shortly thereafter.

B. The SAMs are unconstitutional.

i. The SAMs unconstitutionally punish Mr. Schulte because they are not rationally related to the legitimate governmental interests underlying 28 C.F.R. § 501.

ii. The SAMs impose restrictions on Mr. Schulte’s defense counsel and attorney-client communications in violation of the Sixth Amendment.

C. Limitation on the “dissemination” of communications.

a. Restrictions on third-party communications.

D. Overall chilling effect on defense counsel.

E. The SAMs violate Mr. Schulte’s First Amendment rights by prohibiting non-legal contact with anyone who is not an immediate family member.

That filing, written by experienced defense attorneys who understand the real difference between Schulte’s treatment and that of other defendants, focused on his ability to defend himself and maintain as much contact with his family as possible.

Judge Paul Crotty, in an August 2019 response to Schulte’s lawyers’ motion, upheld most of the SAMs but modified both his contact with lawyers and his family slightly. There’s no reason to believe Crotty will be more amenable to changing the SAMs now, not least given another Schulte filing that suggests his cell may have been raided back on March 8, on a day he would have had contact with the public at his trial. The government claims the officers in question did no more than deliver him to and from the loading dock that day. A separate judge instructed him to refile the complaint by December 23, but any response has yet to appear on the docket.

SAMs are undoubtedly onerous and some of Schulte’s complaints go to the core of whether such restrictions are humane.

But he also has demonstrated repeatedly that he’s a shameless liar aiming to try his case in public.

Joshua Schulte Undermines the WikiLeaks Claim to Publish “Whistleblowers”

In this post, I noted that The Intercept — including Micah Lee — had fairly systematically ignored the most recent superseding indictment against Julian Assange, and as such had ignored the overt acts in it tied to helping Edward Snowden flee. I think the outlet has real ethical responsibility to actually report the truth of that detail — which they should do in any case to address the legally suspect aspects of some of the claims made about Snowden.

I’d like to look at an earlier Micah Lee post, not because of anything it (necessarily) says about The Intercept, but as background for a larger post about WikiLeaks I hope to move towards. In an article subtitled, “The Trump Administration Is Using the Full Power of the U.S. Surveillance State Against Whistleblowers,” Micah laid out how (according to his read of what he claimed were the court filings) the government had found a bunch of “whistleblowers.” Before he gets there, though, he describes the subjects of his post to be “government whistleblowers” who, only after they see something wrong, do they reach out to journalists and share information.

GOVERNMENT WHISTLEBLOWERS ARE increasingly being charged under laws such as the Espionage Act, but they aren’t spies.

They’re ordinary Americans and, like most of us, they carry smartphones that automatically get backed up to the cloud. When they want to talk to someone, they send them a text or call them on the phone. They use Gmail and share memes and talk politics on Facebook. Sometimes they even log in to these accounts from their work computers.

Then, during the course of their work, they see something disturbing. Maybe it’s that the government often has no idea if the people it kills in drone strikes are civilians. Or that the NSA witnessed a cyberattack against local election officials in 2016 that U.S. intelligence believes was orchestrated by Russia, even though the president is always on TV saying the opposite. Or that the FBI uses hidden loopholes to bypass its own rules against infiltrating political and religious groups. Or that Donald Trump’s associates are implicated in sketchy financial transactions.

So they search government databases for more information and maybe print some of the documents they find. They search for related information using Google. Maybe they even send a text message to a friend about how insane this is while they consider possible next steps. Should they contact a journalist? They look up the tips pages of news organizations they like and start researching how to use Tor Browser. All of this happens before they’ve reached out to a journalist for the first time.

Having laid out certain assumptions not just that all these people are whistleblowers, but also about what whistleblowing entails (and made certain claims about motive that don’t necessarily match the claimed motive of some of the subjects of the story, though some of that has become public since Micah wrote this), Micah explains that Joshua Schulte is an exception with regards to how he was caught.

Of the four Espionage Act cases based on alleged leaks in the Trump era, the most unusual concerned Joshua Schulte, a former CIA software developer accused of leaking CIA documents and hacking tools known as the Vault 7 disclosures to WikiLeaks. Schulte’s case is different from the others because, after the FBI confiscated his desktop computer, phone, and other devices in a March 2017 raid, the government allegedly discovered over 10,000 images depicting child sexual abuse on his computer, as well as a file and chat server he ran that included logs of him discussing child sexual abuse images and screenshots of him using racist slurs. Prosecutors initially charged Schulte with several counts related to child pornography and later with sexual assault in a separate case, based on evidence from his phone. Only in June 2018, in a superseding indictment, did the government finally charge him under the Espionage Act for leaking the hacking tools. He has pleaded not guilty to all charges.

He doesn’t return to Schulte’s case for the rest of the piece.

About the rest of the subjects of the story, Micah describes how, whether the subject took some measure to protect himself (such as with Terry Albury and James Wolfe) or did not (such as Reality Winner), they all got caught. What they all have in common is that they were among a very limited circle of people who had access to the stuff that got leaked, and therefore could be ultimately identified with more investigation.

I think Micah’s comment was meant to suggest that Schulte wasn’t identified that same way, but was instead identified only after he was busted for child porn. I texted Micah at the time and let him know that’s not what the court records reflect (he had not, in fact, reviewed the affidavits in the court docket). By that point, a slew of the warrants in the case had been revealed, including the first ones, which showed that Schulte was identified as a suspect almost immediately, in part the same way the others were — because he was one of three people who had access to the files believed to have been leaked. (It would later become clear that at least a few more people had access to the server and that the files were copied on a different, more incriminating date than FBI originally suspected.)

Micah never corrected his post.

Of note, however, even that initial warrant raised real questions about any claim that Schulte was a whistleblower — a claim WikiLeaks made it its first Vault 7 post.

In a statement to WikiLeaks the source details policy questions that they say urgently need to be debated in public, including whether the CIA’s hacking capabilities exceed its mandated powers and the problem of public oversight of the agency. The source wishes to initiate a public debate about the security, creation, use, proliferation and democratic control of cyberweapons.

That first warrant revealed that Schulte,

  • Had already restored his access to the exact files in question without authorization once (FBI would later discover he did this at least two more times)
  • Was pissy about something that had nothing to do with the hacking CIA did with the tools that Schulte wrote, basically a juvenile work dispute with a colleague
  • Had laid a paper trail in the weeks before he left CIA, making a claim to be a whistleblower, but the claim was not backed by any prior record of concern (per the FBI agent who admittedly should not be trusted on face value)

That is, even that first affidavit suggested that Schulte had used the claim to be a whistleblower as cover.

Schulte declined to present much of a defense at his first trial, a decision that (given the hung jury) absolutely was the right decision. So we can’t claim to have fully assessed all his claims to be a whistleblower, claims he made in pro se filings and deceitful Tweets he intended to post from jail. He chose not to make that case personally and he didn’t need to make the case to avoid a guilty verdict.

That said, all the evidence presented at trial strongly backs the initial FBI assessment that he was just an angry shithole who thought he was god, aiming to get back at people at the CIA he thought had dissed him. Indeed, two pieces of evidence submitted seriously undermine his claim to be a whistleblower, because they show he acted in ways that would be inconsistent from someone who genuinely had the concerns Schulte claimed to have — both a concern about the role of contractors and about security.

First, at one point when he was pissy because the CIA had contracted with a consultant to finish off a project that had been taking too long under him, Schulte actually considered become a contractor. Yes, he was pissy that a contractor could take away his project. But considering a job as a contractor is inconsistent with his claims about the use of them. It makes the claims translated into the WikiLeaks statement yet another cover for Schulte’s own resentment.

Then, at trial, the government showed that Schulte himself was responsible for setting up a root password that he allegedly used to steal the files. That is, to the extent the files were totally insecure from someone like Schulte, they were insecure because Schulte set them up to be. So not only was he not complaining to anyone else about the insecurity of these files, he was the one making them insecure.

Again, maybe Schulte could make a persuasive case he leaked these files to expose wrong-doing. But thus far, every piece of evidence suggests not only that Schulte was not a whistleblower, that every time he wrote up a claim to be one he otherwise told identifiable lies, and that he’s mostly just a rage-driven dude who decided to burn the CIA to the ground for spite.

Now, if WikiLeaks is a publisher, as it claims, that doesn’t necessarily matter. Journalists get information from sources operating out of a variety of motives, and personal pique is a common one. Except it raises the stakes on the newsworthiness of the files published. And on that front, WikiLeaks (on Twitter especially) vastly oversold the newsworthiness of the CIA files it published. Yes, it was useful for security firms to have CIA’s files identified publicly. But there was never anything published showing that CIA was operating outside of its mandate, and much of what was published showed tools that would be narrowly targeted. Just as importantly, CIA wasn’t actually doing anything particularly exotic with its hacking files. Spies were spying, news at 11.

I’ve written before about how a close associate of Assange’s sternly asked me to downplay Schulte because he hurt the public case for Julian Assange. I think that’s partly the allegations of child porn, racism, and sexual assault against him. People associated with WikiLeaks also knew before it was public that there was evidence involving Schulte implicating Russia (though the record on what the import of various pieces of evidence about Schulte pertaining to Russia mean is very mixed; Sabrina Shroff argued fairly convincingly that some of what is there stems from work Schulte was doing for his cellmate). Still, that may be another reason WikiLeaks boosters don’t want anyone to talk seriously about Schulte, because in the wake of Julian Assange working with Russia to get harm Hillary, their next big source also had some tie, of uncertain nature, to Russia.

But the existing record on Schulte, at least, not only undermines WikiLeaks’ claim to facilitate whistleblowers. On the contrary, WikiLeaks gave a disgruntled spook an easy way to burn the place down. More importantly, somewhere along the way, Schulte decided to cloak his bitter revenge plot inside a false claim to be a whistleblower.

People can certainly still defend WikiLeaks as an outlet permitting disgruntled spooks to burn their agencies to the ground out of spite. Certainly, if you believe the CIA is inherently, uniquely evil, you might still champion this leak. But on the Vault 7 leak, WikiLeaks boosters should be clear that’s what they’re doing.

Prosecutors Have Discovered the Joshua Schulte Is a Hack-and-Leak Case, Not a Personnel Dispute

While I’ve been buried in the Mike Flynn beat, on Monday, there was a status hearing in the Joshua Schulte case.

There were three main news items in the hearing.

First, prosecutors revealed unsurprisingly that they’re going retry Schulte. More interesting, they said they planned to supersede the indictment against Schulte, alleging the same charges, but providing more information on them. They cited the notes from jurors, which made it crystal clear that the jurors were confused by the forensic testimony and how the charges related to that testimony. What the limits of Schulte’s legal access were seemed to be particularly confusing (something that is not sufficiently clear in the law anyway). At the time of both the initial Espionage indictment and the superseding one, the CIA was still trying to keep secret specifically what had been stolen when and how, but now that that’s public. I expect the superseding indictment to explain more clearly what was stolen and how Schulte allegedly exceeded his legal accesses to do that.

In discussions around that superseding indictment, prosecutor David Denton said something to the effect that grand juries are only available in emergencies. As far as the public record goes, however, grand juries aren’t available at all, so Denton’s disclosure was news. That only matters in the Schulte case insofar as he’s going to refuse most Speedy Trial exclusions (meaning prosecutors may be forced to find some way to start a new trial before COVID lockdowns end). But it’s an interesting admission more generally.

Finally, prosecutors said they didn’t think the retrial will take as long as his initial trial. In my summary of why the prosecution was in a remarkably weak position as the last trial went to the jury, I described how prosecutors had made it look like the Vault 7 breach was just a really nasty personnel dispute to which burning the CIA’s hacking abilities to the ground was just a side dispute.

Add that to the pace of the trial, which feels like a nasty employment dispute to which the massive breach of the CIA’s hacking tools became just a side-dispute. That’s often true of CIA trials — it certainly was for Jeffrey Sterling. But the long parade of CIA witnesses — Schulte’s buddy, two other colleagues, his boss, his boss’s boss, his boss’s boss’s boss, her boss, and then yet another boss, plus a CIA SysAdmin and a security guy — all describing a series of disputes escalating from a nerf gun fight to WikiLeaks burning the CIA’s hacking capabilities to the ground refocused the trial onto whether Schulte’s complaints had merit and not on what the forensic evidence showed.

And Sabrina Shroff did a superb job of defending not the forensic case (indeed, defense expert Steve Bellovin did not take the stand to float any of the alternate theories that Schulte has been offering for two years, and in so doing will leave Shroff to claim Michael could have accessed the backup without prosecutors having gotten him to admit that wouldn’t have worked), but instead arguing that her client was maligned by the entire CIA. The boss, the boss’s boss, the boss’s boss’s boss, the boss’s boss’s boss’s boss, and then the senior-most boss are all lined up against Schulte for being an asshole. She even defused utterly damning notes about working with Russia (which I’ll return to). From the transcripts, it seemed like Shroff rattled a good many government witnesses, too, and a number of them (one of the FBI agents and the classification expert, especially) seemed to come off as unresponsive as a result.

I expect prosecutors will shorten the trial by limiting this testimony to just the four or so people who have first-hand knowledge of Schulte’s actions (and in the retrial, the government won’t have to backpedal as they try to fix their late disclosure that Schulte’s buddy Michael had been put on paid leave by the CIA). If so, that should make it easier for prosecutors to focus on why the circumstantial forensic evidence strongly supports Schulte’s involvement.

All that said, prosecutors also seemed to be fighting jury nullification in Schulte’s trial, with at least two jurors who were determined to acquit Schulte no matter what other jurors said. That may be a WikiLeaks thing (one that would be far less likely to happen if this were tried in EDVA, which is why Julian Assange says he can’t get a fair trial in EDVA). But it also may be the case that CIA’s hacking department doesn’t make a very sympathetic hacking victim.

King Josh in Jail, Part One: The Informant

The testimony on accused Vault 7 leaker Joshua Schulte’s conduct in MCC raised more questions than answers. So I want to do a series of three or four posts to look more closely at it (I’m using the term “King Josh” because it was one of his passwords at the CIA).

In this post I want to look at the jail house informant who is the publicly acknowledged basis by which prosecutors discovered that Schulte had a phone in jail, Carlos Bentances Luna Mera.

Betances is a 41 year old citizen of the Dominican Republic who twice migrated to the US without documentation, the first time in 1996 (he was deported in 2001), and then again around 2008. At some point, Betances married and had children. During both periods, he began to work as a low level cog in narcotics trafficking.

Betances was arrested on March 15, 2018 in conjunction with the trafficking. The only federal complaint unsealed in the docket is for illegal reentry, and in that magistrates docket, proceedings were continued in both April and May 2018, something that would happen if Betances were forgoing indictment and moving directly to a plea. Given his testimony, there must be a sealed criminal docket showing a guilty plea on nine counts covering multiple narcotics trafficking and conspiracy counts, illegal reentry, identity fraud, mail fraud, and taking a phone into jail.

That suggests that Betances flipped almost immediately, perhaps, at first, to cooperate against his network of suppliers. That’s consistent with an answer Betances gave when Schulte’s lawyer, Sabrina Shroff, suggested that cooperation on using a phone in jail, “was the most valuable to the government,” more than on all his narcotics charges. Betances responded, “Well, may I remind you that I had been cooperating before I talked to them?”

According to the testimony, Betances didn’t start spying on Schulte until sometime in summer 2018, at least four months after he was jailed, and didn’t first meet with prosecutors until September 2018. So the public story is that Betances got busted and flipped, managed to play a role in smuggling and hiding phones in jail that put him in a key spot to interact with Schulte and his cellmate, Omar Amanat (I’ll look at Amanat and his brother in the next post), and only after that happened witnessed something that led him to start taking pictures and videos of Schulte’s phone use. That went on for maybe a month before — aware that something big was going to go down in the library — Betances sent a note to the guards, who thwarted it. Some days later, Schulte was thrown in the SHU and a big hunt started for the phones and Schulte’s other activities in jail.

That thing that led Betances to prepare to inform on Schulte (again, per the testimony) is that one day sometime in the summer, Schulte said he wanted Russia’s help.

[W]e were in Chino’s cell [Chino was also part of the cell phone smuggling and sharing network] and I heard Josh saying that Russia had to help in in the things that he was doing.

Here’s how Betances described it on cross (through a translator) to a very dubious Sabrina Shroff:

Shroff: So anyway, it’s you who walks in when Mr. Schulte and Omar are talking, correct?

Betances: Yes, correct.

Shroff: And you walk in to give them a heads-up that somebody’s coming, correct?

Betances: Yes, correct.

Shroff: And just as you walk in, you hear him say the word “Russia,” correct?

Betances: That’s correct, yes.

Shroff: And that’s what prompts fear into you to go cooperate with the United States Attorney’s Office?

Betances: It sounded interesting to me.

Shroff: Right.

Hearing Schulte mention Russia led Betances to do a remarkable amount of surveillance on Schulte’s phones, which he stored for him behind his cell locker.

He took two pictures of the apps Schulte loaded onto the phone, and — per his testimony — got Schulte and Amanat to explain the function of WhatsApp, Signal, Proton Mail, Orbot, Turbo VPN, and Secure Delete. Betances also got pictures of the things Schulte was writing on his phone, including the initial emails to Shane Harris that would form part of the basis for the Espionage Act charges on which the jury was hung.

He took several videos of Schulte using his phone.

After having taken these pictures on September 1, Betances waited around three weeks before he alerted the guards that something big was going down in the library, and then was removed from MCC when guards found at least some of these phones in his cell.

Shroff: And before you decided to cooperate, you simply decided to take photos, is that your testimony?

Betances: Just to be clear with the defense attorney’s question in deciding to cooperate, when they were working on sending whatever they were going to send from the library, that’s when I decided to cooperate.

Shroff: My only question was when did you take this photograph?

Betances: In the summer of 2018.

Shroff: Right. Months before you’re now saying that you decided to cooperate, right?

Betances: Could you repeat that question? You confused me.

Shroff: You took the photo before you decided to cooperate, according to you, correct?

Betances: Yes, yes.

Shroff: Right. And you’re saying you just decided to take these photos for no reason at all, right?

Betances: May I remind you that the reason I took it was because I head the conversation that I heard?

According to his testimony on redirect, Betances did all this without government instruction.

Karamarju: Now, all of the photographs that you testified about, did the government tell you to take any of those photographs?

Betances: No.

The remarkable coincidence that a jailhouse informant would end up first smuggling in and then guarding her client’s illegal phones and then taking pictures from them is not the only thing Shroff was skeptical about. She also doubted the circumstances by which Betances exposed his wife to the risk of smuggling phones into jail as well as his ability — with little English — to figure out what Schulte was doing, to the extent he did.

Still, all that is explicable if Betances’ attorney negotiated a plea deal with narcotics prosecutors and the attorney coached Betances through how to dramatically increase the value of his cooperation by catching Joshua Schulte attempting to leak classified information from his jail cell.

Betances’ surveillance was critical to obtaining the jail warrants that would lead to the discovery of Schulte’s very damning prison notebooks, several phones, three of the Proton Mail accounts he was using, and his Signal traffic. And that’s just what prosecutors revealed in this case.

Betances met with prosecutors in Schulte’s case a bunch of times: first in September 2018, then October and December 2018, several times in 2019, and then perhaps five times in 2019.

None of that means Betances made this stuff up. He certainly doesn’t have the English skills to write those emails to Shane Harris. And while the evidence regarding Schulte’s comments about Russia are contradictory, there is corroboration for it.

But it does present a number of remarkable coincidences that just ended up providing Schulte the means to communicate “securely” from his jail cell, only to have that activity thwarted at the moment he attempted to act.