DOJ's First Attempt To Prosecute Accused Vault 7 Leaker Ends In A Mistrial

from the if-at-first-you-fuck-things-up... dept

The DOJ has taken an open-and-shut espionage case and managed to somehow misplace the back cover. Does this say something about the unintended consequences of charge-stacking? Maybe. Whatever it is, it isn't pretty.

The case against alleged Vault 7 leaker Joshua Schulte seemed pretty air tight, especially when Schulte continued to leak sensitive documents while behind bars, as well as attempting to rope his family into committing contempt of court violations on his behalf.

He also, as Marcy Wheeler pointed out, gave the government pretty much everything it wanted or needed, but the DOJ's prosecutors failed to present evidence in a coherent way, resulting in a whole lot of juror confusion.

According to InnerCity Press (virtually the only press covering the Schulte verdict watch), by end of day today the jurors had sent out 25 notes, most questions but also problems with two of the jurors. At the end of the day they told the Court they “aligned” on two of the charges, but were at an impasse on the other. Given that there’s slam dunk evidence that he committed the least serious crimes (false statements and contempt), that suggests at least some members of the jury have reasonable doubt that the guy who wrote a virtual signed confession to committing the most damaging leak in CIA history actually did so.

The verdict is now in, what there is of it. The case initially involved charges ranging from false statements to CFAA violations to copyright infringement (!) to child porn possession (!!!). Barely any of those charges have survived. A mistrial has been declared with jurors only finding Schulte guilty on the two least serious charges: false statements and contempt. Those won't be enough to keep him in jail since he'll likely be credited with time served. Schulte has been in jail since December of 2018.

This doesn't mean it's over. Marcy Wheeler says the government will very likely take another stab at presenting a coherent case.

The two sides will have a conference on March 26 to decide what to do. The government will certainly push to retry Schulte; Sabrina Shroff [Schulte's lawyer] asked for an extended deadline to file motions. She may try to do something further about the government’s late notice that Michael, a key witness, got put on paid leave last August (though the government has argued compellingly that Michael’s underlying lack of candor has been noticed to the defense throughout). She also may make yet another bid to get more access to the forensics, something I’ve argued that the government should have permitted in the first place.

The mistrial declaration is a credit to Shroff, who performed the unenviable task of shepherding an extremely unhelpful client through a federal espionage prosecution. Facing espionage charges drastically reduces a defendant's options. Drawing additional judicial scrutiny by attempting to leak sensitive material while incarcerated and spending your free time openly insulting the FBI and federal prosecutors isn't a course of action recommended by anyone.

Prosecutors needed to present a case containing a wealth of technical detail to jurors with clarity and conciseness. The twenty questions given to the judge by jurors a few days before the mistrial declaration showed the jury still remained confused about the facts of the case and, in a couple of instances, focused on information that had little to do with the criminal charges they were deliberating.

The government may get more charges to stick the second time around. But this initial failure is an indictment of the prosecution and its apparently misplaced confidence that the evidence spoke for itself. When you have to prove something beyond a reasonable doubt, quantity is no replacement for quality. As for Schulte, he's still at the DOJ's mercy until it exhausts its prosecutorial options. This isn't going to work out well for Schulte who's shown he's unable to quietly bide his time and capitalize on the government's missteps. He seems compelled to make things worse for himself during his unfortunately ample downtime.

Filed Under: doj, espionage, hacking tools, joshua schulte, leaks, mistrial, vault 7

Letter To Judge Details Vault 7 Leaker's Post-Incarceration Leaking

from the sticking-it-to-the-CIA-by-burning-yourself-to-the-ground dept

The accused leaker of CIA phone hacking tools -- the "Vault 7" collection released by Wikileaks in early 2017 -- is still awaiting trial. To pass the time, alleged leaker Joshua Schulte is suing the government for $50 billion and, apparently, generating a whole lot of evidence against himself.

The criminal complaint against Schulte contained far more than accusations of leaking sensitive material. Searches performed on Schulte's devices also turned up 10,000 child porn images and a lot of copyrighted content Schulte was sharing from his own server. Stealing government secrets + child porn + copy infringement: that's the weirdness this case is.

Schulte continues to make the worst case for himself. While some leakers have acted more like whistleblowers, making the public aware of hidden misconduct or civil rights abuses, Schulte has presented himself as a martyr for his own cause. This isn't helping his criminal case (or the civil lawsuit he's filed). After being jailed, Schulte continued to leak classified info from his jail cell, using contraband phones and his access to the evidence the government planned to use against him.

The government pointed this out to the court in November 2018. A recent filing by the government (h/t Emptywheel) details Schulte's post-arrest efforts to continue leaking classified info to journalists -- including the use of his family members to contact journalists and set up new encrypted communications channels for him.

Unfortunately for Schulte, the seizure of contraband from his cell has given the government a lot more evidence to work with, especially when it comes to proving his criminal intent. Schulte really wanted a white knight, but none arrived. Taking matters into his own hands (and ignoring the advice of his lawyer), Schulte appears to have engaged in one-man war against the federal government, armed with nothing but shovels.

The letter [PDF] to the court details the contents of notebooks seized from Schulte's cell, as well as communications made to his family and members of the press. While under a protective order forbidding him from discussing the government's search warrants publicly, Schulte sent the warrant (along with several articles he had written) to a reporter. His desire to wage an "information war" against the government while behind bars was stymied by his inability to draft fellow combatants.

Because he was incarcerated, the defendant enlisted his family to communicate with reporters and to post the defendant’s articles online, including on a public Facebook page (the “John Galt Facebook Page”). While the defendant’s family was able to post a version of the defendant’s articles on the John Galt Facebook Page, the articles apparently did not result in the swell of press attention for which the defendant hoped. Over the summer and into the fall of 2018, the defendant grew angrier at his detention, but also his family’s inability, and eventually unwillingness, to publish all of the defendant’s articles and the media’s apparent lack of interest in the defendant’s case.

From there, Schulte went on to attempt to scrub his Gmail accounts of incriminating communications, and to create a number of new accounts for ProtonMail, Twitter, and Facebook so he could continue distributing classified info he knew or had access to. The letter describes four separate occasions Schulte revealed classified info to family members or the public. In total, the letter describes a pretty comprehensive case Schulte has built against himself, detailing everything from the deletion of evidence to the continuous generation of new evidence via Schulte's handwritten "information war" plans.

There's also stuff in there that undermines the whistleblower narrative Schulte has tried to craft.

On this page in the Red Notebook, the defendant states: “If govt doesnt pay me $50 billion in restitution & prosecute the criminals who lied to the judge and presented this bs case then I will visit every country in the world and bear witness to the treachery that is the USG. I will look to breakup diplomatic relationships, close embassies, and U.S. occupation across the world & finally reverse U.S. jingoism. If this is the way the U.S. govt treats one of their own, how do you think they treat allies?” This statement is obviously Intent Evidence—it shows not only that the defendant is growing increasingly frustrated, but, more importantly, that his frustration has risen to the point that he now—according to his own words—plans to destroy the United States’ relationships with its allies, leading to, for example, the shuttering of U.S. embassies in other nations.

The "intent evidence" here sounds more like a personal vendetta than the dissemination of classified info for the good of the public.

[T]he defendant recommends to U.S. intelligence agency employees to “send all your govt’s secrets here: WikiLeaks” until the U.S. government “honors” their service.

There are also things like this, that show even more hubris than the above examples suggest. Here's Schulte stating he feels his family should be willing to put themselves at legal risk for him.

The defendant states: “I text my dad from whatsapp & signal incessantly & finally got a response @ 1% battery. I said please put articles on drafts in gmail. Response: My lawyer advised me not to. Fucking incredible. Fucking. Incredible.”

And here he is mocking the FBI.

[T]he defendant also goes on to write that he designed his “own crypto – how better to fool bafoons like forensic examiners and the FBI then to have custom software that doesn’t fit into their 2-week class where they become forensic ‘experts.’” The defendant then provides classified details of specifics of his work at the CIA.

The government's letter tells the court there's plenty of evidence it wishes to use against Schulte, a lot of it gleaned from the "information war" he tried to wage from the Metropolitan Correctional Center in Manhattan.

[T]he MCC Notebooks and the Malware Article help to demonstrate a pattern of conduct that is highly probative of Schulte’s guilt of the WikiLeaks charges. In both instances, the defendant (1) grew infuriated with components of the U.S. government; (2) threatened to expose allegedly damaging information about the CIA to coerce the agency into acting as Schulte wished; and (3) used technologically sophisticated means to conceal his actions, using encrypted accounts and cellphones, and IP-masking techniques at the MCC and deleting logs and securely wiping removable media at the CIA.

Not much of this sounds like whistleblowing. If there is something honorable or altruistic in Schulte's actions, it can't be found here. That's not saying it doesn't exist. The government is a notoriously unreliable narrator and this filing only covers the stuff prosecutors think will help prove their case. But Schulte's narration isn't that reliable either. And he still doesn't appear to realize that acting in your own interest isn't always the same thing as acting in your best interest.

Filed Under: cia, copyright, joshua schulte, leaks, vault 7

Accused CIA Leaker Files Complaint Against The Government Seeking $50 Billion In Damages

from the good-points-terribly-made dept

Some CIA phone hacking tools made their way into the wild back in 2017. It didn't take long for the DOJ to find a suspect to charge. Joshua Schulte, a former NSA and CIA operative, was hit with a long list of charges, including espionage, child porn possession, and (at least momentarily) copyright infringement -- the last one on the list being the result of feds discovering a bunch of pirated movies and music on Schulte's server.

As this prosecution has slowly moved forward, it has gotten wilder. The DOJ claimed Schulte was continuing to leak classified info, even after being jailed while awaiting his trial. According to the DOJ's filing, Schulte was using a number of smuggled-in phones to smuggle out classified documents turned over to him by the DOJ in response to discovery requests. The government's filing also made mention of "significant encryption" stymieing its attempts to break into Schulte's contraband phone but left the definition of that term open to discussion.

Marcy Wheeler (of Emptywheel) was the first to come across Josh Schulte's latest filing in his case. And it's… something. Schulte has been openly critical of his incarceration and the US prison-industrial complex generally. Now, he's attempting to nail down the specifics by filing a complaint [PDF] against the US government for depriving him of a number of his rights and demanding, in a Dr. Evil-esque move, 50 BILLION DOLLARS.

The 88-page [!] complaint opens with Schulte's handwritten claim the government has ended a career headed for Bill Gates/Jeff Bezos-level personal fortune. The "Relief" section says:

Section 6: Monetary damages associated with illegal Federal Terrorist actions including torture and the loss of income (p. 65-69)

Total loss of income: $50,000,347,000
Total punitive damages: 5,359,270,693

Among the "illegal Federal Terrorist actions" leading to this $55 billion prayer for relief are a long list of things the government routinely subjects prisoners to, including solitary confinement, 24/7 exposure to bright lights, prison library bans, prison commissary bans, television-viewing bans, shackling, use of certain criminal charges (child porn possession) to leverage plea deals on other charges (espionage), a lack of access to hot water, indefinite pre-trial detention, and so on.

Schulte isn't wrong. A lot of what happens in federal prisons is inhumane. Whether or not it's worth $55 billion is up to the court and I'm pretty sure this complaint will be greeted with a swift dismissal. Construed liberally, it alleges a host of Constitutional violations that could meet the bar needed to move forward. On the other hand, it demands the good faith exception to the Fourth Amendment be declared unconstitutional, along with plea deals, mandatory minimum sentences, and the Classified Information Procedures Act. As a bonus, it asks for the "disbandment of the Fascist Police State including the FBI."

At best, this all seems unlikely to find a judge willing to entertain while presiding over Schulte's criminal trial. Many of Schulte's complaints are legitimate, but they're also things courts have not found to violate anyone's rights while they're incarcerated. Limited contact, extortionate phone call rates, constant surveillance, vetted mail, etc. are part of the prison experience. Many agree these things go above what's needed to keep prisons secure, but few courts (or legislators) are doing anything about it.

But along with the legitimate complaints about prison life, there's other stuff. It's not just the $50 billion Schulte thinks he could have earned if he hadn't been arrested and jailed. It's his comparing his experience to Jews during the Holocaust and insisting that his Second Amendment rights are being violated because they won't let him have a gun in jail.

But perhaps the nadir of the complaint is Schulte claiming possessing child porn is a "victimless crime."

The plaintiff was charged with a non-violent, victimless crime and subject to the presumption of detention. Even though the plaintiff has never been charged before with ANY crime and had worked for the government at the Central Intelligence Agency, the government knowingly lied and claimed the plaintiff was a danger to society.

Schulte's underlying point is solid -- that the government hasn't properly demonstrated why he should not be released to await his trial -- but it's made so badly it almost manages to negate itself.

If you can make your way past some of the heated -- but not helpful -- language, you'll find a depressing depiction of everyday prison life. It makes no difference to the government whether or not it's secured a conviction. If it can, it will lock you up until you finally are able to defend yourself against its charges. Until then, your life is over. It belongs to the government and it is willing to treat the presumptively-innocent just as terribly as it treats the guilty.

Filed Under: cia, joshua schulte, leaker, leaks, nsa, prison conditions

Gov't Says Accused CIA Hacking Tools Leaker Leaking Even More Classified Info From Behind Bars

from the I-guess-he's-just-on-a-roll... dept

The DOJ is still waiting for accused Vault 7 leaker Joshua Shulte's trial to begin, but that's not stopping it from adding to the long list of charges he already faces. The former NSA/CIA operative's house was raided last year by the feds who were looking for evidence of Shulte's leak of CIA hacking tools to Wikileaks. It found some of that, but also found 10,000 child porn images in the 5+ terabytes of data seized.

The child porn alone will likely see Shulte put away for a long time if the prosecution can secure a conviction. Leaking top secret tools isn't likely to be greeted with a wrist slap -- not with the forever War on Leakers still in progress. For some reason, the government felt compelled to add copyright infringement to the list of charges after discovering a few pieces of pirated content on Shulte's personal server.

Shulte -- who is locked up in a New York detention facility until he goes to trial -- must figure he has nothing to lose. That's one conclusion that can be drawn from the latest set of charges being brought by the DOJ. (via Slashdot)

According to new court documents filed late Wednesday, October 31, US prosecutors plan to file three new charges against Joshua Schulte for allegedly leaking more classified data while in detention at the New York Metropolitan Correctional Center (MCC).

The filing [PDF] is quite the read. According to the allegations, Shulte had access to multiple smuggled cellphones and was using them to disseminate classified info to "third parties" outside the prison walls. It appears the info Shulte smuggled out of the prison came from classified documents released to him as part of his pre-trial discovery. The DOJ has now stripped him of access to classified documents, restricting him to unclassified info released by the FBI.

A flurry of paperwork and a search of Shulte's housing unit turned up a number of things, including a new form of encryption.

In or about early October 2018, the Government learned that Schulte was using one or more smuggled contraband cellphones to communicate clandestinely with third parties outside of the MCC. The Government and the FBI immediately commenced an investigation into Schulte’s conduct at the MCC. That investigation involved, among other things, the execution of six search warrants and the issuance of dozens of grand jury subpoenas and pen register orders. Pursuant to this legal process, in the weeks following the Government’s discovery of Schulte’s conduct at the MCC, the FBI has searched, among other things, the housing unit at the MCC in which Schulte was detained; multiple contraband cellphones (including at least one cellphone used by Schulte that is protected with significant encryption); approximately 13 email and social media accounts (including encrypted email accounts); and other electronic devices.

Given the FBI's recent history, it probably should be more careful when it discusses encryption. A few years of "going dark" narrative was upended by the agency itself, which revealed it could not competently count physical devices in its possession. The ever-inflating number of impenetrable devices was suddenly, and embarrassingly, converted to an asterisk on multiple FBI/DOJ webpages with footnotes stating an updated number would be provided at the agency's convenience.

Now, there's this: a DOJ prosecutor relaying the FBI's message about "significant" encryption -- whatever the hell that is -- to the federal judge presiding over the case. What makes this particular encryption "significant" isn't explained, but it does seem to make this encryption appear far more nefarious than the regular, insignificant encryption used by citizens not currently under federal indictment.

Three more charges are headed Shulte's way, all of them related to unlawful disclosure of classified documents. This isn't charge stacking -- not if the government's allegations are true -- but it could definitely nudge Shulte towards a plea deal that will save the DOJ a lot of time, energy, and arguments over presenting sensitive information in open court.

Then again, Shulte appears to be anything but cooperative. Leaking classified documents directly under the fed's nose while in supervised detention is a bold move that bears a lot of resemblance to a middle finger extended in the direction of the government. This may end up being a very fun trial to watch.

Filed Under: cia, doj, encryption, hacking tools, joshua schulte, leaks, vault 7
Companies: wikileaks

Alleged Vault 7 Leaker Charged With Stealing Gov't Secrets, Child Porn Possession, And Copyright Infringement?

from the kitchen-sink-prosecution dept

The US government has taken down another alleged leaker. Joshua Schulte, a former NSA and CIA operative, had his apartment raided by the feds last March. The raid targeted documents showing Schulte had leaked CIA hacking tools to Wikileaks (the "Vault 7" collection). But it uncovered a whole lot of child porn -- 10,000 images on Schulte's personal computer and his file-sharing server that held another 5 terabytes of data.

The first criminal complaint [PDF] by the DOJ contained nothing but child porn charges. It suggests the former government spook didn't practice much opsec when not on the clock. One IRC chat shows Schulte's aware encryption is sometimes only a temporary deterrent if the government really wants to find out what's been sent or shared. But then he apparently went on to provide the government with some easily-accessible evidence.

Based on my review of those Google Searches, I have learned, among other things, that on a number of occasions in or about 2011 and in or about 2012, SCHULTE appeared to search the Internet for child pornography. For example: (i) on or about April 9, 2011, SCHULTE conducted a Google Search for "child pornography" on at least three occasions; (ii) on or about October 15, 2011, SCHULTE conducted Google Searches for "movie where father videos daughter and friend sex" and "movie where father videos child porn"; and (iii) on or about May 15, 2012, SCHULTE conducted a Google Search for "female teenage body by year."

The recently-released superseding indictment [PDF] really starts stacking the charges. In addition to the child porn charges carried over from the original complaint, the government adds charges related to the leaked hacking tools, including unauthorized access with the intent of gathering classified info and theft of government property.

Then the charges get interesting. Schulte is charged with "causing transmission of a harmful computer program" for allegedly altering an intelligence agency "computer system" to give himself access to restricted areas of the system and cover up any evidence he had accessed these files. Apparently, this alteration resulted in other users being denied access.

There's the expected "lying to the feds" charges (making false statements, obstruction of justice) which show Schulte was very cooperative when being questioned about the child porn but apparently not so much when asked about purloined CIA data.

Rolling past the copy-pasted child porn charges, one reaches the most unexpected charge in the indictment: criminal copyright infringement.

From at least in or about September 2015, up to and including at least in or about August 2017, in the Southern District of New York and elsewhere, JOSHUA ADAM SCHULTE, the defendant, unlawfully, willfully, and knowingly did infringe copyrights by the reproduction and distribution, including by electronic means and by making it available on a computer network accessible to members of the public, during a 180-day period, of ten and more copies and phonorecords, of one and more copyrighted works, which had a total retail value of more than $2,500, to wit, without authorization, SCHULTE maintained a computer server that housed thousands of copyrighted movies, television shows, and audio recordings, which SCHULTE shared with others by electronic means and using the Internet.

This appears to refer to the server Schulte set up for IRC chat buddies. It's mentioned in a couple of chat transcripts and was, until 2017, accessible at cryptm.org. There's plenty archived at the Wayback Machine [click at your own risk, I suppose] but this server seems to be the source of the copyright infringement charge. Whether or not any of these files were actually downloaded isn't clear, but they were uploaded and accessible to site visitors. This short list of a small portion of the files hosted by Schulte on his server was put together by Jason Koebler and Lorenzo Franceschi-Bicchierai of Motherboard.

An archived version of his page there shows that he had files related to chess, an episode of South Park, a copy of The 40 Year Old Virgin, textbooks, C Programming textbooks, and a folder called “Facebook Convos.”

Speaking of Facebook, Schulte was apparently maintaining a diary of his criminal justice system experience. (Spoiler alert: it's unpleasant and broken.) The documents are worth reading for a firsthand look at the federal arraignment process and the unpleasant realities of being sentenced to house arrest (with no internet access privileges) while still supposedly an "innocent" person in the eyes of the Constitution. It does get a little weird when he claims he's only been charged with "victimless" crimes given what he's been charged with (leaking CIA hacking tools, child porn). But nothing's been proven beyond a reasonable doubt at this point, so maybe only the copyright infringement charge that will make the final cut.

As Parker Higgins points out on Twitter, this supremely weird addition should be viewed with apprehension. Copyright infringement happens all the time. Much of it has zero profit motive, but the government is apparently more than willing to selectively enforce this law if it seems it might push someone towards a plea deal and save it the trouble of having to prove its case.

Filed Under: child porn, cia, copyright, hacking tools, joshua schulte, leaks, nsa, vault 7