Joshua Schulte
Posted: Fri Nov 02, 2018 2:29 pm
elfismiles » Tue May 15, 2018 2:40 pm wrote:VAULT-7 Leak Update...
US identifies suspect in leak of CIA hacking tools
File photo: Joshua Schulte worked in the CIA’s Engineering Development Group, which produced the computer code, according to sources with knowledge of his employment history as well as the group’s role in developing cyber weapons.
By The Washington Post | PUBLISHED: May 15, 2018 at 12:22 pm | UPDATED: May 15, 2018 at 12:24 pm
By Shane Harris | Washington Post
WASHINGTON – The U.S. government has identified a suspect in the leak last year of a large portion of the CIA’s computer hacking arsenal, the cyber tools the agency had used to conduct espionage operations overseas, according to interviews and public documents.
But despite months of investigation, prosecutors have been unable to bring charges against the man, who is a former CIA employee currently being held in a Manhattan jail on unrelated charges.
Joshua Adam Schulte, who worked for a CIA group that designs computer code to spy on foreign adversaries, is believed to have provided the agency’s top-secret information to WikiLeaks, federal prosecutors acknowledged in a hearing in January. The anti-secrecy group published the code under the label “Vault 7” in March 2017. It was one of the most significant and potentially damaging leaks in the CIA’s history, exposing secret cyber weapons and spying techniques that also might be used against the United States, according to current and former intelligence officials.
Schulte’s connection to the leak investigation hasn’t been previously reported.
Federal authorities searched Schulte’s apartment in New York last year and obtained a personal computer equipment, notebooks, and hand-written notes according to a copy of the search warrant reviewed by The Washington Post. But that failed to provide the evidence that prosecutors needed to indict Schulte with illegally giving the information to WikiLeaks.
“Those search warrants haven’t yielded anything that is consistent with [Schulte’s] involvement in that disclosure,” Matthew Laroche, an assistant U.S. attorney in the Southern District of New York, said at a hearing on Jan. 8, according to a court transcript.
Laroche said at the time that the investigation “is ongoing,” and that Schulte “remains a target of that investigation.”
Part of that investigation, Laroche said, was analyzing whether a technology known as TOR, which allows Internet users to hide their location, “was used in transmitting classified information.”
In other hearings in Schulte’s case, prosecutors have alleged that he used TOR at his New York apartment, but they have provided as yet no evidence that he did so in order to disclose classified information. Schulte’s attorneys have said that TOR is used for all kinds of communications and have maintained that he played no role in the Vault 7 leaks.
Schulte is currently in a Manhattan jail on charges of possessing, receiving, and transporting child pornography, according to an indictment filed last September. He has pleaded not guilty.
A former federal prosecutor, who is not connected to the case, said that it’s not unusual to hold a suspect in one crime on unrelated charges, and that the months Schulte has spent in jail doesn’t necessarily mean the government’s case has hit a wall. The former prosecutor, who spoke on the condition of anonymity to discuss an open investigation, also said that if government lawyers acknowledged in a public hearing that Schulte was a target, they probably believe he acted alone.
In documents, prosecutors allege that they found a large cache of child pornography on a server that was maintained by Schulte. But he has argued that anywhere from 50 to 100 people had access to that server, which Schulte, now 29, designed several years ago in order to share movies and other digital files.
Schulte worked in the CIA’s Engineering Development Group, which produced the computer code, according to sources with knowledge of his employment history as well as the group’s role in developing cyber weapons.
At the time of the leak, people who had worked with that group said that suspicion had mainly focused on contractors, not full-time CIA employees like Schulte. It’s not clear whether the government is pursuing contractors as part of the leak investigation, but prosecutors haven’t mentioned anyone other than Schulte in court proceedings.
Schulte, who also worked for the National Security Agency before joining the CIA, left the intelligence community in 2016 and took a job in the private sector, according to a lengthy statement he wrote that was reviewed by the Post.
The CIA declined to comment.
Schulte said in the statement that he joined the intelligence community to fulfill what he saw as a patriotic duty to respond to the Sept. 11, 2001, attacks.
Schulte also claimed that he reported “incompetent management and bureaucracy” at the CIA to both that agency’s inspector general as well as a congressional oversight committee. That painted him as a disgruntled employee, he said, and when he left the CIA in 2016, suspicion fell upon him as “the only one to have recently departed [the CIA engineering group] on poor terms,” Schulte wrote.
Schulte said he had also been planning a vacation with his brother to Cancun, which may have given the appearance that he was trying to flee the country.
“Due to these unfortunate coincidences the FBI ultimately made the snap judgment that I was guilty of the leaks and targeted me,” Schulte said.
Schulte, who has launched a webpage to raise money for his defense, claims that he initially provided assistance to the FBI’s investigation. Following the search of his apartment in March 2017, prosecutors waited six months to bring the child pornography charges.
The Washington Post’s Ellen Nakashima contributed to this report.
https://www.mercurynews.com/2018/05/15/ ... ing-tools/seemslikeadream » 07 Mar 2017 17:30 wrote:Vault 7: CIA Hacking Tools Revealed
https://wikileaks.org/ciav7p1/
<snip>New Wikileaks Series Details CIA's 'Specialized Unit' Dedicated to Creating iOS Exploits
Tuesday March 7, 2017 8:37 am PST by Mitchel Broussard
In a new series of leaks focusing on the United States Central Intelligence Agency, code named "Vault 7," Wikileaks has revealed 8,761 documents discovered within an isolated network in Langley, Virginia that "amounts to more than several hundred million lines of code." The code contains what Wikileaks referred to as a "hacking arsenal" of malware, viruses, trojans, and weaponized "zero day" exploits for iOS devices, that could give anyone in possession of the code "the entire hacking capacity of the CIA."
This "Year Zero" release is the first in the full Vault 7 series by Wikileaks, and is said to act as an introduction to the capacity and means of the CIA's covert hacking program. The agency's abilities can take aim at a number of popular consumer products from companies like Apple, Google, Samsung, and Microsoft, turning everything from an iPhone to a smart TV into a "covert microphone."
<snip>
https://www.macrumors.com/2017/03/07/wi ... -exploits/
seemslikeadream » Wed May 16, 2018 6:32 am wrote:Joshua Schulte named as suspect in 'Vault 7' leak of CIA tools to Wikileaks, but charged instead over child porn
Federal investigators believe a man who once worked for the U.S. Central Intelligence Agency is responsible for last year's massive leak of Top Secret CIA hacking tools, court documents reveal.
The suspect has been named as Joshua Adam Schulte, 29, who lived in New York, and is now in federal jail in Manhattan--not for the hack, but on child pornography charges.
https://boingboing.net/2018/05/15/joshu ... e-cia.htmlFBI Search Of CIA Leak Suspect Turned Up Photos Of Sex Assault On Unconscious Friend
The government suspects that Joshua Adam Schulte gave documents to WikiLeaks, but they’re holding him on child pornography charges.
https://www.huffingtonpost.com/entry/jo ... 3fb50b8e79
seemslikeadream » Wed Jun 20, 2018 10:03 am wrote:TWO DAYS AFTER JULIAN ASSANGE THREATENED DON JR, ACCUSED VAULT 7 LEAKER JOSHUA SCHULTE TOOK TO TOR
June 20, 2018/1 Comment/in 2016 Presidential Election, Cybersecurity, emptywheel, Leak Investigations, WikiLeaks /by empty wheel
Monday, the government rolled out a superseding indictment for former NSA and CIA hacker Joshua Schulte, accusing him (obliquely) of leaking the CIA’s hacking tools that became the Vault 7 release from Wikileaks. The filings in his docket (as would the search warrants his series of defense attorneys would have seen) make it clear that the investigation into him, launched just days after the first CIA release, was always about the CIA leak. But when the government took his computer last spring, they found thousands of child porn pictures dating back to 2009. It took the government over three months and a sexual assault indictment in VA to convince a judge to revoke his bail last December, and then another six months to solidify the leaking charges they had been investigating him from the start.
But the case appears to have taken a key turn on November 16, 2017, when he did something — it’s not clear what — on the Tor network. While there are several things that might explain why he chose to put his release at risk by accessing Tor that day, it’s notable that it occurred two days after Julian Assange tweeted publicly to Donald Trump Jr that he’d still be happy to be Australian Ambassador to the US, implicitly threatening to release more CIA hacking tools.
Schulte was, from days after the initial Vault 7 release, apparently the prime suspect to be the leaker. As such, the government was always interested in what Schulte was doing on Tor. In response to a warrant to Google served in March 2017, the government found him searching, on May 8, 2016, for how to set up a Tor bridge (Schulte has been justifiably mocked for truly abysmal OpSec, and Googling how to set up a bridge is one example). That was right in the middle of the time he was deleting logs from his CIA computer to hide what he was doing on it.
When he was granted bail, he was prohibited from accessing computers. But because the government had arrested him on child porn charges and remained coy (in spite of serial hold-ups with his attorneys regarding clearance to see the small number of classified files the government found on his computer) about the Vault 7 interest, the discussions of how skilled he was with a computer remained fairly oblique. But in their finally successful motion to revoke Schulte’s bail, the government revealed that Schulte had not only accessed his email (via his roommate, Schulte’s lawyer would later claim), but had accessed Tor five times in the previous month, on November 16, 17, 26, and 30, and on December 5, 2017, which appears to be when the government nudged Virginia to get NYPD to arrest him on a sexual assault charge tied to raping a passed out acquaintance at his home in VA in 2015.
Perhaps the most obvious explanation for why Schulte accessed Tor starting on November 16, 2017, is that he was trying to learn about the assault charges filed in VA the day before.
But there is a more interesting explanation.
As you recall, back in November 2017, some outlets began to publish a bunch of previously undisclosed DMs between Don Jr and Wikileaks. Most attention focused on Wikileaks providing Don Jr access to an anti-Trump site during the election. But I was most interested in Julian Assange’s December 16, 2016 “offer” to be Australian Ambassador to the US — basically a request for payback for his help getting Trump elected.In the wake of the releases, on November 14, 2017, Assange tweeted out a follow-up.Hi Don. Hope you’re doing well! In relation to Mr. Assange: Obama/Clinton placed pressure on Sweden, UK and Australia (his home country) to illicitly go after Mr. Assange. It would be real easy and helpful for your dad to suggest that Australia appoint Assange ambassador to DC “That’s a really smart tough guy and the most famous australian you have! ” or something similar. They won’t do it, but it will send the right signals to Australia, UK + Sweden to start following the law and stop bending it to ingratiate themselves with the Clintons. 12/16/16 12:38PM
As I noted at the time, the offer included an implicit threat: by referencing “Vault 8,” the name Wikileaks had given to its sole release, on November 9, 2017 of an actual CIA exploit (as opposed to the documentation that Wikileaks had previously released), Assange was threatening to dump more hacking tools, as Shadow Brokers had done before it. Not long after, Ecuador gave Assange its first warning to stop meddling in other countries politics, explicitly pointing to his involvement in the Catalan referendum but also pointing to his tampering with other countries. That warning became an initial ban on visitors and Internet access in March of this year followed by a more formal one on May 10, 2018 that remains in place.
There’s a reason I think those Tor accesses may actually be tied to Assange’s implicit threat. In January of this year, when his then lawyer Jacob Kaplan made a bid to renew bail, he offered an excuse for those Tor accesses. He claimed Schulte was using Tor to research the diaries on his experience in the criminal justice system.
Someone posted those diaries to a Facebook account titled “John Galt’s Defense Fund” on April 20, 2018 (in addition to being an accused rapist and child porn fan, Schulte’s public postings show him to be an anti-Obama racist and an Ayn Rand worshiping libertarian).In this case, the reason why TOR was accessed was because Mr. Schulte is writing articles, conducting research and writing articles about the criminal justice system and what he has been through, and he does not want the government looking over his shoulder and seeing what exactly he is searching.
Yesterday, Wikileaks linked those diaries, which strikes me as an attempt to corroborate the alibi Schulte has offered for his access to Tor last November.
The government seems to have let Schulte remain free for much of 2017, perhaps in search of evidence to implicate him in the Vault 7 release. Whether it was a response to a second indictment or to Assange’s implicit threats to Don Jr, Schulte’s use of Tor last year (and, surely, the testimony of the roommate he was using as a go-between) may have been one of the keys to getting the proof the government had been searching for since March 2017.
Whatever it is, both Wikileaks and Schulte would like you to believe he did nothing more nefarious than research due process websites when he put his bail at risk by accessing Tor last year. I find that a dubious claim.
2009: IRC discussions of child porn
2011 and 2012: Google searches for child porn
April 2015: Rapes a woman (possibly partner) who is passed out and takes pictures of it
March to June 2016: Schulte deleting logs of access to CIA computer
May 8, 2016: Schulte Googles how to set up a Tor bridge
November 2016: Leaves CIA, moves to NY, works for Bloomberg
December 16, 2016: Assange DM to Don Jr about becoming Ambassador
February 4, 2017: Wikileaks starts prepping Vault 7Hi Don. Hope you’re doing well! In relation to Mr. Assange: Obama/Clinton placed pressure on Sweden, UK and Australia (his home country) to illicitly go after Mr. Assange. It would be real easy and helpful for your dad to suggest that Australia appoint Assange ambassador to DC “That’s a really smart tough guy and the most famous australian you have! ” or something similar. They won’t do it, but it will send the right signals to Australia, UK + Sweden to start following the law and stop bending it to ingratiate themselves with the Clintons. 12/16/16 12:38PM
March 7, 2017: Wikileaks starts releasing Vault 7
March 13, 2017: Google search warrant
March 20, 2017: Search (including of cell phone, from which passwords to his desktop obtained)
June 2017: Interview
August 17, 2017: Dana Rohrabacher tries to broker deal for Assange with Trump
August 23, 2017: Arrest affidavit
August 24, 2017: Arraignment
October 2, 2017: Bail hearingTHE COURT: Well, it sounds like, based on the interview, that he knew what the government was looking at.
MR. LAROCHE: That wasn’t the basis of the interview, your Honor.
MR. KOSS: I think it was either two or three [interviews]. I think it was three occasions. I was there on all three, including one of which where we handed over the telephone and unblocked the password to the phone, which they did not have, and gave that to them. And as I said, I have been in constant contact with the three assistant U.S. attorneys working on this matter literally on a weekly basis for the last 4, 5, 6 months. And any time Mr. Schulte even thought about traveling, I provided them an itinerary. I cleared it with them first and made sure it was okay. On any occasion that they said they might want him close so that he could speak to them, I cancelled the travel and rescheduled it so that we would be available if they needed him at any given time.
October 11, 2017: Schulte lawyer Spiro withdrawsMR. LAROCHE: Well, I believe there still is a danger because it’s not just computers, your Honor, but electronic devices are all over society and easy to procure and this type of defendant having the type of knowledge he has does in terms of accessing things — so he has expertise and not only just generally computers but using things such as wiping tools that would allow him to access certain website and leave no trace of it. Those can be done from not just a computer but from other electronic devices.
But the child pornography itself is located on the defendant’s desktop computer. They can be accessed irrespective of those servers. So if all the government had was this desktop computer, we could recover the child pornography. So I think this idea that numerous people had access to the serves and potentially could have put it there, is simply a red herring. This was on the defendant’s desktop computer. And the location where it was found, this sub-folder within several layers of encryption, there were other personal information of the defendant in that area. There was his bank accounts. I think there was even a resume for the defendant where he was storing this information. And the passwords that were used to get into that location, those passwords were the same passwords the defendant used to access his bank account, to access various other accounts that are related to him. So this idea that he shared them with other people, the government just strongly disagrees.
October 24, 2017: At Trump’s request Bill Binney meets with Mike Pompeo to offer alternate theory of the DNC hack
November 8, 2017: Status hearing
November 9, 2017: Wikileaks publishes Vault 8 exploitSMITH: I believe the government has told us that there’s more data in this case than in any other like case that they have prosecuted.
MR. STANSBURY: Let me just clarify that part first. We proposed this just in an abundance of caution given the defendant’s former employer and the fact that — and I meant to flag this before. I apologize now for not. There’s a small body of documents that were found in the defendant’s residence that were taken from his former employer that might implicate some classified issues. We have been in the process of having those reviewed and I think we’re going to be in a position to produce those in the next probably few days. But we wanted to just make sure that we were acting out of an abundance of caution in case any SEPA [sic] issues come about in the case. I don’t expect them too at this point but we wanted to do that out of an abundance of caution.
November 14, 2017: Assange posts Vault 8 Ambassador follow-up
November 14, 2017: Arrest warrant in VA
November 15, 2017: Charged in Loudon County for sexual assault
November 16, 2017: Use of Tor
November 17, 2017: Use of Tor
November 26, 2017: Use of Tor
November 29, 2017: Abundance of caution, attorney should obtain clearance
November 30, 2017: Use of Tor
December 5, 2017: Use of Tor, Smith withdraws
December 7, 2017: NYPD arrests on VA warrant for sexual assault
December 12, 2017: Move for detention, including description of email and Tor access
December 14, 2017: US custody in NYSeparately, since the defendant was released on bail, the Government has obtained evidence that he has been using the Internet. First, the Government has obtained data from the service provider for the defendant’s email account (the “Schulte Email Account”), which shows that the account has regularly been logged into and out of since the defendant was released on bail, most recently on the evening of December 6, 2017. Notably, the IP address used to access the Schulte Email Account is almost always the same IP address associated with the broadband internet account for the defendant’s apartment (the “Broadband Account”)—i.e., the account used by Schulte in the apartment to access the Internet via a Wi-Fi network. Moreover, data from the Broadband Account shows that on November 16, 2017, the Broadband Account was used to access the “TOR” network, that is, a network that allows for anonymous communications on the Internet via a worldwide network of linked computer servers, and multiple layers of data encryption. The Broadband Account shows that additional TOR connections were made again on November 17, 26, 30, and December 5.
[snip]
First, there is clear and convincing evidence that the defendant has violated a release condition—namely, the condition that he shall not use the Internet without express authorization from Pretrial Services to do so. As explained above, data obtained from the Schulte Email Account and the Broadband Account strongly suggests that the defendant has been using the Internet since shortly after his release on bail. Especially troubling is the defendant’s apparent use on five occasions of the TOR network. TOR networks enable anonymous communications over the Internet and could be used to download or view child pornography without detection. Indeed, the defendant has a history of using TOR networks. The defendant’s Google searches obtained in this investigation show that on May 8, 2016, the defendant conducted multiple searches related to the use of TOR to anonymously transfer encrypted data on the Internet. In particular, the defendant had searched for “setup for relay,” “test bridge relay,” and “tor relay vs bridge.” Each of these searches returned information regarding the use of interconnected computers on TOR to convey information, or the use of a computer to serve as the gateway (or bridge) into the TOR network.
January 8, 2018: Bail appeal hearingMR. KAPLAN: Well, your Honor, we’ve obtained the discovery given to prior counsel, and I’ve started to go through that. In addition, there was one other issue which I believe was raised at our prior conference, which was a security clearance for counsel to go through some of the national security evidence that might be present in the case.
While most of the national security stuff does not involve the charges, the actual charges against Mr. Schulte, the basis for the search warrants in this case involve national security.
So I’m starting the process with their office to hopefully get clearance to go through some of the information on that with an eye towards possibly a Franks motion going forward. So I would ask for more time just to get that rolling.
January 17, 2018: Bail appeal deniedMR. KAPLAN: Judge, on the last court date, when we left, the idea was that we had consented to detention with the understanding that Mr. Schulte would be sent down to Virginia to face charges based on a Virginia warrant. None of that happened. Virginia never came to get him. Virginia just didn’t do anything in this case. But before I address the bail issues, I think it’s important that this Court hear the full story of how we actually get here. At one of the previous court appearances, I believe it was the November 8th date, this Court asked why the defense attorney in this case would need security clearance. And the answer that was given by one of the prosecutors, I believe, was that there was some top secret government information that was found in Mr. Schulte’s apartment, and that out of an abundance of caution it would be prudent that the defense attorney get clearance. But I don’t think that’s entirely accurate.
While the current indictment charges Mr. Schulte with child pornography, this case comes out of a much broader perspective. In March of 2017, there was the WikiLeaks leak, where 8,000 CIA documents were leaked on the Internet. The FBI believed that Mr. Schulte was involved in that leak. As part of their investigation, they obtained numerous search warrants for Mr. Schulte’s phone, for his computers, and other items, in order to establish the connection between Mr. Schulte and the WikiLeaks leak.
As we will discuss later in motion practice, we believe that many of the facts relied on to get the search warrants were just flat inaccurate and not true, and part of our belief is because later on, in the third or fourth search warrant applications, they said some of the facts that we mentioned earlier were not accurate. So we will address this in a Franks motion going forward, but what I think is important for the Court is, in April or May of 2017, the government had full access to his computers and his phone, and they found the child pornography in this case, but what they didn’t find was any connection to the WikiLeaks investigation. Since that point, from May going forward, although they later argued he was a danger to the community, they let him out; they let him travel. There was no concern at all. That changed when they arrested him in August on the child pornography case.
[snip]
The second basis that the government had in its letter for detaining Mr. Schulte was the usage of computers. In the government’s letter, they note how, if you search the IP address for Mr. Schulte’s apartment, they found numerous log-ons to his Gmail account, in clear violation of this court’s order. But what the government’s letter doesn’t mention is that Mr. Schulte had a roommate, his cousin, Shane Presnall, and this roommate, who the government and pretrial services knew about, was allowed to have a computer.
And more than that, based on numerous conversations, at least two conversations between pretrial services, John Moscato, Josh Schulte and Shane Presnall, it was Shane’s understanding that pretrial services allowed him to check Mr. Schulte’s e-mail and to do searches for him on the Internet, with the idea that Josh Schulte himself would not have access to the computer.
And the government gave 14 pages of log-on information to establish this point. And, Judge, we have gone through all 14 pages, and every single access and log-in corresponds to a time that Shane Presnall is in the apartment. His computer has facial recognition, it has an alphanumeric code, and there is no point when Josh Schulte is left himself with the computer without Shane being there, and that was their understanding.
LAROCHE: And part of that investigation is analyzing whether and to what extent TOR was used in transmitting classified information. So the fact that the defendant is now, while on pretrial release, using TOR from his apartment, when he was explicitly told not to use the Internet, is extremely troubling and suggests that he did willfully violate his bail conditions.
KAPLAN: In this case, the reason why TOR was accessed was because Mr. Schulte is writing articles, conducting research and writing articles about the criminal justice system and what he has been through, and he does not want the government looking over his shoulder and seeing what exactly he is searching.
LAROCHE: Because there is a classified document that is located on the defendant’s computer, it is extremely difficult, and we have determined not possible, to remove that document forensically and still provide an accurate copy of the desktop computer to the defendant.
So in those circumstances, defense counsel is going to require a top secret clearance in order to view these materials. It’s my understanding that that process is ongoing, and we have asked them to expedite it. As soon as the defendant’s application is in, we believe he will get an interim classification to review this material within approximately two to three weeks. Unfortunately, that hasn’t occurred yet. So the defendant still does not have access to that particular aspect of discovery. So we are working through that as quickly as we can.
March 15, 2018: Sabrina Shroff appointed
March 28, 2018: Initial ban of Internet access and visitors for Assange
April 20, 2018: Schulte’s diaries (ostensibly the purpose of using Tor) posted
May 10, 2018: Ecuador bans visitors for Assange
May 16, 18, 2018: Documents placed in vault
May 16, 2018: Schulte Facebook site starts legal defense fund
June 18, 2018: Schulte superseding indictment
June 19, 2018: Wikileaks posts links to diary
https://www.emptywheel.net/2018/06/20/t ... ok-to-tor/
------------------------------------
US lobbyist for Russian oligarch visited Julian Assange nine times last year
It is unclear whether Adam Waldman’s 2017 visits had connection to Oleg Deripaska
Stephanie Kirchgaessner and Luke Harding
Wed 20 Jun 2018 06.08 EDT Last modified on Wed 20 Jun 2018 08.32 EDT
Adam Waldman, left, and Oleg Deripaska at the Oktoberfest in Munich in 2015.
A longtime US lobbyist for the Russian oligarch Oleg Deripaska visited Julian Assange nine times at the Ecuadorian embassy in London last year, according to visitor logs seen by the Guardian.
Adam Waldman, who has worked as a Washington lobbyist for the metals tycoon since 2009, had more meetings with Assange in 2017 than almost anyone else, the records show.
It is not clear why Waldman went to the WikiLeaks founder or whether the meetings had any connection to the Russian billionaire, who is now subject to US sanctions. But the disclosure is likely to raise further questions about the extent and nature of Assange’s alleged ties to Russia.
US intelligence agencies concluded with “high confidence” last year, in an unclassified intelligence assessment, that the Kremlin shared hacked emails with WikiLeaks that undermined Hillary Clinton’s presidential campaign as part of its effort to sway the 2016 election in favour of Donald Trump.
Waldman is a lawyer and consultant in Washington and Deripaska’s primary lobbyist. He also represents other clients including Hollywood stars. Last year Deripaska paid Waldman about $562,000. According to filings to the Department of Justice (DoJ) by Waldman’s firm, the Endeavor Group, his work for Deripaska focused on advising the oligarch’s company UC Rusal on legal issues.
When Deripaska first hired him, in 2009, Waldman’s firm was on a $40,000-per-month retainer. The Russian magnate was having problems obtaining a visa because of alleged connections to organised crime, which Deripaska denies. Waldman lobbied the US government to get Deripaska a visa.
Waldman also served as a counsel for Russia’s foreign minister, Sergei Lavrov. A 2010 DoJ filing showed that the Endeavor Group was hired by Lavrov to help ease the “persistent state of limbo” that Deripaska faced as a result of his being refused entry into the US. In a letter to Waldman, Lavrov hailed Deripaska as one of Russia’s “prominent business leaders”.
Waldman declined to answer questions from the Guardian about his meetings with Assange or whether they were connected to the Russian billionaire.
Waldman has not registered himself as a lobbyist for the WikiLeaks founder.
A report last year by Fox News, which obtained leaked text messages between Waldman and the US senator Mark Warner, the top Democrat on the Senate intelligence committee, suggested Waldman tried to broker a deal between Assange and the DoJ and that the negotiations were fruitless. It is not clear whether Waldman was brokering the deal on Assange’s behalf or someone else’s.
One text sent by Waldman in April 2017 said: “I convinced him [Assange] to make serious and important concessions and am discussing those [with] DoJ.”
The logs, obtained by the Guardian and Focus Ecuador, reveal details of Assange’s life inside the Ecuadorian embassy, where he has been staying since June 2012. Waldman allegedly visited Assange twice on 12 and 13 January 2017, days before Trump’s inauguration as president, and again immediately after the ceremony, on 27 January.
The Guardian has separately corroborated that Waldman was in London in late March, when he saw Assange twice more. He visited the embassy three times in April and made two more visits at the end of November 2017.
Trump escalates attacks on FBI as he fights back against Russia inquiry
Read more
Deripaska is a key person in the investigation by the special counsel Robert Mueller into alleged collusion between the Trump campaign and Moscow.
According to the Associated Press, Trump’s future campaign manager Paul Manafort began work for Deripaska in 2005 and pitched a plan that would “greatly benefit [Vladimir] Putin’s government.” In 2006 Manafort signed a $10m annual contract with Deripaska, a close ally of Russia’s president.
In summer 2016, when he was Trump’s campaign chief, Manafort offered Deripaska a confidential briefing, emails turned over to Congress and Mueller show. The briefing never happened, Manafort says. Deripaska was filmed soon afterwards on his luxury yacht discussing the forthcoming US election with Russia’s deputy prime minister, Sergei Prikhodko.
Deripaska was subjected to more US sanctions in April. They were imposed on close associates of Putin’s in retaliation for alleged Kremlin meddling in the US vote. Meanwhile, Manafort faces multiple charges of money laundering arising from his work in Ukraine, and accusations of tampering with potential witnesses. He denies all charges. His bail was revoked last week and he is now awaiting trial in prison.
Waldman’s relationship with Deripaska goes beyond consultancy. According to filings, in 2008 he travelled to Moscow, Amsterdam and Siberia with the oligarch for the purpose of “friendship”. In 2015 Waldman and his German second wife, Barbara Sturm, posed for photos with Deripaska at Munich’s Oktoberfest. Sturm, a dermatologist and beauty expert, has a major business presence in Russia.
In April Waldman placed an article by Deripaska with the conservative Daily Caller news website, sources say. The oligarch called allegations of collusion “invented” and said he and the Russian government were victims of a “deep state” Washington plot.
Waldman has cultivated connections with senior Democratic politicians and spent summers with many of them in Martha’s Vineyard.
According to filings, Deripaska has paid Waldman via a series of offshore firms, with cash routed via shell companies in the British Virgin Islands, Belize and Jersey. At least one of Deripaska’s companies, Sea Chaika Corporation, appears in the Panama Papers. In 2010 it transferred at least $85,000 to Waldman’s accounts. Sea Chaika is connected to anonymous firms registered in Cyprus.
Deripaska and UC Rusal did not comment. Assange has denied the hacked Democratic party emails released by WikiLeaks in 2016 came from Moscow.
Last month Lenín Moreno, the president of Ecuador, said Assange could continue to live in the embassy as long as he complied with the conditions of his stay and avoided voicing political opinions on Twitter. In March, Moreno restricted Assange’s visitors, cut his internet access and shelved a $5m (£3.7m) secret spy operation to protect him, called “Operation Hotel”.
https://www.theguardian.com/media/2018/ ... are_btn_tw
emptywheel
emptywheel Retweeted Courage Foundation
The claims of Assange's isolation often turn out to be overstated. But limits on legal visits would be new--and it comes as Joshua Schulte faces new charges for leaking and trying to leak classified information using the multiple contraband cellphones in his jail cell.
https://twitter.com/emptywheel
Courage Foundation
Julian Assange legally challenged Ecuador's efforts to isolate and censor him: background on and amicus filings from this week's hearing: https://couragefound.org/2018/10/protec ... n-hearing/ …
Support: https://www.iamwikileaks.org/donate/
The judge refused to rule on the constitutionality of the govt’s actions against Assange and said it was a matter for the Constitutional Court.
The case has now been appealed to the provincial court.
New: the Ecuadorian Embassy in London has forbidden access to all visitors to Julian Assange, including lawyers (amid an urgent lawsuit), until Monday
https://twitter.com/couragefound/status ... 2520750080
US GOVERNMENT REVEALS IT HAS VIDEO EVIDENCE OF JOSHUA SCHULTE SHARING CLASSIFIED INFORMATION AS ECUADOR RESTRICTS ASSANGE’S LEGAL VISITS
November 2, 2018/0 Comments/in 2016 Presidential Election, emptywheel, Mueller Probe, WikiLeaks /by emptywheel
In a letter sent Thursday to Paul Crotty, the judge in the case of alleged Vault 7 WikiLeaks source, Joshua Schulte, prosecutors described the investigation conducted when, “in or about early October 2018,” they discovered he had been communicating clandestinely with third parties outside of the Metropolitan Corrections Center, where he has been held since December. They described discovering a truly stupendous amount of communications gear to store in a jail cell, amounting to multiple cell phones and other devices, from which Schulte was running 13 email and social media accounts.
Now, the prosecutors use that word “encrypted” twice, as if it means extra spooky, but these days, a cellphone with significant encryption could mean an iPhone (though in jail Schulte might be able to get state of the art spook or crook phones) and “encrypted email accounts” often means ProtonMail.In or about early October 2018, the Government learned that Schulte was using one or more smuggled contraband cellphones to communicate clandestinely with third parties outside of the MCC. The Government and the FBI immediately commenced an investigation into Schulte’s conduct at the MCC. That investigation involved, among other things, the execution of six search warrants and the issuance of dozens of grand jury subpoenas and pen register orders. Pursuant to this legal process, in the weeks following the Government’s discovery of Schulte’s conduct at the MCC, the FBI has searched, among other things, the housing unit at the MCC in which Schulte was detained; multiple contraband cellphones (including at least one cellphone used by Schulte that is protected with significant encryption); approximately 13 email and social media accounts (including encrypted email accounts); and other electronic devices.
In any case, that’s a whole lot of legal process for a one month investigation of someone sitting in a jail cell (Schulte was moved to solitary when the investigation started on October 1), but then Schulte allegedly had a shit-ton of hardware. The 6 search warrants were presumably used for Schulte’s devices, and the “dozens of grand jury subpoenas and pen registers” would probably have been used for those email and social media accounts, perhaps with both used for each account (I have a working theory that for encrypted comms it may take more than one pen register to get the data).
Schulte was using all this hardware and software, according to the prosecutors, to — among other things — do two things: send details about the search warrants to investigate him, as well as yet more classified information, to third parties.
The prosecutors included a superseding indictment with their letter, adding two extra counts to his already life sentence-threatening indictment:a new Count Eleven, which is contempt of court for blowing off the protective order covering his search warrant starting in April, and a new Count Four, which is another count of transmitting and attempting to transmit unlawfully possessed national defense information (793(e)0 during the period he has been in MCC.As a result of these searches and other investigative steps, the Government discovered that Schulte had, among other things, (i) transmitted classified information to third parties, including by using an encrypted email account, and (ii) transmitted the Protected Search Warrant Materials to third parties in direct contravention of the Court’s Protective Order and the Court’s statements at the May 21 conference.
With regards to Count Eleven, on Monday a letter Schulte sent to Judge Crotty that was uploaded briefly to PACER (I believe this is the third time Schulte has succeeded in getting such letters briefly uploaded to the docket), revealing that he had been moved to solitary, but also complaining about corrections the government had made to his original search warrant:
While I absolutely don’t rule out the government either focused on Schulte back in March 2017 for reasons not disclosed in the search warrant application, or that they parallel constructed the real reasons badly (both of which would be of significant interest, but both of which his very competent public defender can deal with), the docket suggests the Vault 7 case against him got fully substantiated after the porn case, perhaps because of the stuff he did last year on Tor that got him jailed in the first place. As I noted, that Tor activity closely followed one of Julian Assange’s more pubic extortion attempts using the Vault 8 material Schulte is accused of sharing, though Assange has made multiple private extortion attempts both before and since.I beg you Judge Crotty to read the first search warrant affidavit and the government’s Brady letter; the FBI outright lied in that affidavit and now acknowledge [sic] roughly half of these lies. Literally, they [sic] “error} on seeing dates of 3/7 where there were only 3/2 dates and developing their entire predicate based on fallacious reasoning and lies. They “error” in seeing three administrators where there were “at least 5” (ie. 10). They [sic] “error” in where the C.I. was stolen who had access, and how it could be taken — literally everything.
Which brings me to the second new charge, transmitting and attempting to transmit national defense information to a third party, with a time span of December 2017 to October 2018. Effectively, the government claims that even after Schulte was jailed last December, he continued to share classified information.
I’m particularly interested in the government’s use of “attempted” in that charge, not used elsewhere. The time period they lay out, after all, includes a period when Ecuador restricted Julian Assange’s communication. Effectively, the government revealed on Wednesday that they have video evidence of Schulte sharing classified information with … someone.
Meanwhile, in the Ecuadoran embassy in London, things have been heating up between Assange and his hosts.
About halfway through the period after which Schulte had been put into solitary so the government could investigate a bunch of communications devices they claim they didn’t know about before around October 1, Ecuador announced what seemed to be a relaxation of restrictions on Assange, but actually was more of an ultimatum. He could have visitors, but first they’d have to apply 3 days in advance and supply their social media handles and identifying details for any devices they wanted to bring with them. Assange, too, has to register all his devices, and only use Ecuador’s wifi. If anyone uses unapproved devices, they’ll be deemed a security threat to Ecuador under the protection of the UK, basically giving the UK reason to prosecute them to protect Ecuador. Assange has to have regular medical exams; if he has a medical emergency, he’ll be treated off site. Starting on December 1, he has to start paying for food and other supplies. He has to start cleaning up the joint. He has to start taking care of his cat.
Assange immediately sued over the new rules. But he lost that suit on Monday. But even as he appeals that verdict, according to Courage Foundation, Ecuador has restricted even legal visits, something that hadn’t been the case before. Those restrictions appear to have been put in place on Wednesday, the same day the new Schulte charges were rolled out. They’ll remain in place until Monday.
A piece by Ryan Goodman and Bob Bauer renewed discussion this morning about the First Amendment limits on suing or prosecuting WikiLeaks for conspiring with Russia to swing the 2016 election; I hope to respond to it later, but wrote about the same lawsuit in this post. I think their view dangerously risks political journalism.
But I also think that you don’t necessarily need to charge WikiLeaks in the conspiracy to sustain a conspiracy charge; you can make them unindicted co-conspirators, just like Trump would be. I have long noted that you could charge Assange, instead, for his serial attempts to extort the United States, an effort that has gone on for well over 18 months using the very same files that Schulte is alleged to have leaked to WikiLeaks (extortion attempts which may also involve Roger Stone). Assange has accomplished those extortion attempts, in part, with the assistance of his lawyers, who up until this week (as far as I understand from people close to Assange) were still permitted access to him.
Say. Have I observed yet that these events are taking place in the last days before Mueller’s election season restrictions end?
As I disclosed in July, I provided information to the FBI on issues related to the Mueller investigation, so I’m going to include disclosure statements on Mueller investigation posts from here on out. I will include the disclosure whether or not the stuff I shared with the FBI pertains to the subject of the post.
https://www.emptywheel.net/2018/11/02/u ... al-visits/
Why the First Amendment Does Not Protect Trump Campaign Collusion with Wikileaks and Russia
Despite the president’s signature hostility toward the press, the Trump campaign is strenuously trying to wrap itself and Wikileaks in the protective garb of the First Amendment in defending against a lawsuit involving the hacking and dissemination of Democratic National Committee emails in 2016.
The case involves a civil suit brought by a DNC employee and two Democratic donors whose private financial and personal information was disclosed by Wikileaks as part of the DNC hack. The legal maneuvers in this case are being closely watched for what they suggest about how the Trump lawyers may approach any allegations of collusion with the Kremlin and Wikileaks that come directly out of the Mueller investigation.
The campaign’s lawyers told a judge that even if the president and his lieutenants worked with Russians and Wikileaks to disseminate emails to influence the outcome of the presidential election, only the act of stealing those emails would be prohibited. The campaign and Wikileaks, on this view, acted like the news media in simply passing on the stolen information.
This line of argument is a striking distortion of the core principles of freedom of the press. It also relies on a demonstrable falsehood—that the Trump campaign had no involvement in the Kremlin and Wikileaks’ conspiracy to violate U.S. election law in acquiring and distributing the emails.
The very Supreme Court case that the campaign cites in its defense—Bartnicki v. Vopper—offers a clear roadmap for showing why its position is wrong. In that 2001 opinion, the Court upheld First Amendment protections for a radio host who had received from an unknown source, and later aired, the contents of an illegally intercepted cell phone conversation between two union officials discussing the use of violent tactics in a labor-management dispute. The Trump campaign asserts that it is no different from the broadcaster: its hands are legally clean, and it was just exercising its free speech rights.
That assertion of blamelessness is the critical flaw in the Trump campaign’s case, because the Bartnicki court was careful to note that the radio host had not solicited the illegal recording or been otherwise involved in the original plan for illegal interception and distribution.
The court stressed the significance of these facts: It was not laying down the ironclad protection that Trump campaign is claiming. It noted in particular its “repeated refusal to answer categorically whether truthful publication may ever be punished consistent with the First Amendment.” Rather,
“[O]ur cases have carefully eschewed reaching this ultimate question, mindful that the future may bring scenarios which prudence counsels our not resolving anticipatorily. . . . We continue to believe that the sensitivity and significance of the interests presented in clashes between [the] First Amendment and privacy rights counsel relying on limited principles that sweep no more broadly than the appropriate context of the instant case.” Florida Star, 491 U. S., at 532–533.
It is on fundamental factual distinctions between Bartnicki and the Trump case that the campaign’s First Amendment theory founders. Unlike Bartnicki’s radio host, the campaign is not free of involvement in illegal activity. It did not merely comment on what the Russians and WikiLeaks conspired to make public. It willfully engaged with both the Russians and WikiLeaks in both the pursuit and the publication of the stolen emails—actions that bump up against clear prohibitions in federal campaign finance law. Foreign nationals may not contribute or spend funds to influence an American election, and, crucially, a U.S. political campaign cannot assist or act in coordination with foreign electoral intervention.
We know that the Russians were peddling assistance to a receptive campaign, that the campaign learned as early as April 2016 that Russians possessed stolen emails, that the campaign via the president’s son Donald Jr. advised the Russians on when to release derogatory information (“later in the summer”), that the Russian hacking operation continued long after the Russians first made contact with and were greeted receptively by the campaign, that the president himself publicly encouraged the Russian government to locate the so-called “missing“ Clinton emails, and that Russian spies quickly followed by trying to hack Clinton’s personal email. There are also reports that the Russians may have previewed the plan to disseminate the emails before ever doing so. For the purposes of the ongoing civil suit, those allegations alone rob the campaign of its current defense.
Still more about this coordinated activity may come to light as the special counsel reportedly investigates early contacts between WikiLeaks and Trump associate and campaign surrogate Roger Stone. Only this week, the New York Times disclosed emails between Stone and senior Trump campaign aide that show a campaign alerted in advance to the WikiLeaks’ possession of the stolen emails and pressing for their public release.
The Bartnicki court stressed that that the radio host was a passive recipient of the cell phone recording who did not even know who had made it. In contrast, the Trump campaign was in no way passive, and it knew exactly who had done the hacking and who was providing the platform for publication.
These are not the only differences that work against the Trump campaign’s propositions. The Court in Bartnicki singled out the public significance of the conversation captured in the illegal recording. The labor dispute was protracted and bitter, very much a matter of public debate before the cell phone conversation was exposed. It was on the basis of that context that the court found that the material issue had distinctive public importance that carried great weight in the constitutional analysis.
The Trump campaign’s pursuit of the stolen emails was not focused on any such particular issue of public significance. It was the Russians’ and WikiLeaks’ goal, shared by the campaign, to steal and release private material that would be simply embarrassing and disruptive to the Democrats. And, indeed, that turned out to include such things as internal personal squabbles, donors’ private information, credit card and social security numbers.
The campaign lawyers endeavor to put the best possible face on this campaign dirty trick. They argue that the material uncovered by the hacking exposed important facts about the DNC’s tilt toward Hillary Clinton over Bernie Sanders and conduct toward donors and the press. But whatever the “public significance” of these matters, the campaign did not have any advance reason to believe that exposure of the emails would uncover them. Its aim, the Russians’ and WikiLeaks’ were the same: exploit the illegal hacking to whatever electoral advantage could be gained.
There is misplaced concern that a defeat for this First Amendment defense puts media protections at risk. Federal campaign finance regulation supplies useful guidance here: It exempts standard journalistic activity, but denies those protections to conduct outside the “legitimate press function.” It is clear from disclosures by an internal WikiLeaks critic and other materials that Julian Assange targeted Hillary Clinton and sought to work with the Trump campaign and the Russians to secure her defeat. This is not a “legitimate press function.” And the conflation of Wikileaks’ plan of campaign attack with standard journalistic activity undermines important distinctions critical to the protection of the free press.
The danger presented by a Trump campaign victory on this First Amendment issue is that, if successful, it will rely on this case to assert a broader constitutional defense of the alliance it struck with Russia in the 2016 election. This is a direct threat to special counsel Robert Mueller investigation’s efforts to achieve accountability under the law for foreign interference in the 2016 election.
In effect, the Trump campaign’s lawyers are preparing to pivot from the claim that there was “no collusion” to the claim that collusion is constitutionally protected. The ongoing litigation is a testing ground for this novel constitutional theory, and it should be the place where that theory quickly dies.
https://www.justsecurity.org/61327/amen ... ks-russia/
