
New Charges in Huge C.I.A. Breach Known as Vault 7 - Jerry2
https://www.nytimes.com/2018/06/18/us/politics/charges-cia-breach-vault-7.html
======
salimmadjd
_Mr. Schulte had been charged last year in New York with possession of child
pornography_

Very interesting! It almost seems like the pornography charges against him was
a way to punish him but without prosecuting him for the actual leakage.
Perhaps the government wanted to still point the fingers at someone else or
avoid embarrassment?

~~~
TomMckenny
States, even relatively benevolent ones, take any steps necessary to secure
national secrets, even extra legal ones.

Take the likelihood that a leaky contractor coincidently is a pedophile. One
who works in security yet encrypts stuff with the same cellphone password
everywhere.

Balance that with the possibility that a motivated state actor could plant
such files on a pc or alter logs on a server they are monitoring.

Coincidentally also, it is very much sufficient for a jury to convict yet the
accusation is ambiguous/obvious enough to deter other would be leakers.

I have no idea whether this is a good way to do things but it's a pretty
widespread set of coincidences that would also happen to have a particular
effect.

~~~
anonymous5133
Completely agree. The narrative being presented is simply not logical to
believe. Based on the narrative, this guy works for the cia, highly likely he
knows cp is illegal, obtains cp, knows how to use encryption but then uses a
weak password.

Not using a weak password is like security 101 first 5 minutes of the first
class type of knowledge.

Im sure im not the only one buying this story.

~~~
Cacti
You’re making an assumption, that it was weak. What we know is that they found
the password on his phone. It could have been quite strong.

~~~
bb88
I think the question I have is did the guy have a password manager on his
phone?

~~~
DINKDINK
The question we need to answer is: Was the incriminating data planted or not.
Having a password manager on his phone is tangental to answer that question.
After the computer and phone left his custody, either device _could_ have had
data modified. Unless he's got his data pinned into the Bitcoin blockchain,
it's a pretty hard to show that it was planted. If it wasn't planted then it's
really just about how the key was revealed.

P.S. The description does seem to describe a password manager: "Specifically,
the Cellphone Examination identified various passwords that had been input by
the user of the Cellphone to, for example, access the phone, applications on
the phone, and/or certain websites."

~~~
jumper_F00BA2
I think the level of security provided by passwords or password managers is
probably of little import, when confronted by a nation-state actor, and indeed
a _top tier_ nation-state actor, with nigh unlimited resources, and an axe to
grind over a serious grudge.

We have wi-fi routers being used to passively see through walls, with enough
fidelity to read lips and record finger movement.

Put someone under a microscope long enough, and every single password they use
will reveal itself. Whether locked behind a manager app (sooner or later
you'll snag the master password for it) or directly entered.

~~~
ben_w
> We have wi-fi routers being used to passively see through walls, with enough
> fidelity to read lips and record finger movement.

That’s terrifying. I had no idea that was possible despite it being published
years ago and trying to keep track of technology like that:
[https://ieeexplore.ieee.org/document/7384744/](https://ieeexplore.ieee.org/document/7384744/)

------
rando444
While I won't justify anything this person allegedly did.. it seems open to
speculation whether the child pornography stuff was actually legitimate, or
some sort of targeted attack. (whether to destroy his character/career or keep
him under judicial watch / within the country)

~~~
influx
I read the IRC logs, and I'm skeptical that anyone not deeply versed in the
lingo, tone, and character of that scene could fake them.

It's not impossible, but it was pretty convincing to me.

~~~
cortesoft
You don't think the CIA would be able to fake the lingo, tone, and character
of the scene? I mean, they certainly have access to a ton of real IRC logs
about the subject, would probably be pretty easy to swap out some usernames.

~~~
Cacti
The IRC logs are minor pieces of evidence. It’s the VM that is hard to explain
away.

~~~
ruskerdax
There is nothing about the use of a VM that is "hard to explain away." You
know what a VM is, right? You know anyone could plant things on a VM just like
any other computer, right? You know there are many ways someone like the CIA
could obtain a password used to encrypt a VM, right? Perhaps it was not always
encrypted? Perhaps his host machine was infected with a key logger? Perhaps
they used an exploit in the software he used to encrypt the VM, or a
proprietary exploit designed to do exactly this, produced in conjunction with
any number of software companies. There are many, many ways this could have
happened, and the existence of a VM means literally nothing.

Why are you convinced the presence of a VM in this is significant?

~~~
Cacti
My other comment is below. Have you read the complaint? The government is
claiming that there is essentially 8 years of evidence on that VM, that in
addition to the actual CP, there is a long trail of metadata and inode data
that would be fairly difficult to fake.

I mean, think about it: if you were the defendant, all you'd have to do is
have someone examine it and find inode activity when you had a clear alibi
that the government didn't know about (which would be easy, given we're
talking 8 years here, he'd just have to find when he was on a date or out to
dinner or something, the government isn't going to know his entire life
history for 8 years), and you'd be well on your way to creating enough doubt
with a jury.

Now, it's possible the government is lying, but if they're not, it strains
credulity to think that they'd go to the effort, cost, and risk to fake that
VM in such elaborate detail. If they wanted to ruin his life, there are
hundreds of easier ways to do it than such an elaborate fraud.

~~~
ruskerdax
You didn't answer my question. There is nothing about the existence of a VM
that makes it "difficult to explain away" and you did not establish why the
fact that there is a VM being used is relevant.

What you are now saying is that it's implausible that the CIA would be able to
fake logs (and that's what we're talking about with inode data) on a VM for
some reason. It would absolutely _not_ be as simple as "have someone examine
it and find inode activity when you had a clear alibi" because it is very
likely the guy was actually using a VM legitimately. All the CIA has to do is
establish that he was in possession of child pornography. Hell, they don't
even need to prove it beyond a reasonable doubt if A) the jury, defense,
prosecution and / or judge is not tech savvy to understand some of these
concepts, and B) if their goal is to trash this guy's life and have it be a
warning to other leakers. You don't even need a conviction for that.

It does not strain credulity at all to think that the CIA would go to the
effort to fake a small set of data on a VM. The "elaborate detail" is not any
more elaborate than in any other instance -- it would be trivially easy to
forge. If they wanted to ruin his life, this is a perfect, practical way for
them to do it.

The fact that they would forge this data on a VM makes it seem even more
plausible to people who don't even understand what VMs are, or how one might
fabricate logs like that. It's apparently working on you right now, and you're
savvy enough to know about the existence of inode data. You're apparently
ready to condemn this guy _despite_ the ludicrous amount of circumstantial
evidence that maybe this guy is being set up by an organization _literally
dedicated to covert operations of this nature, who have even go so far as to
detail exactly how they would undertake this exact kind of operation._

------
staunch
> _Mr. Schulte had been charged last year in New York with possession of child
> pornography._

The fact that they found child porn on his computer is the scariest part.
Almost any technical person could frame almost anyone else with CP possession.
It's just a matter of putting some files on a computer and/or faking some
logs, browser history, etc.

It would be incredibly trivial for the CIA to put CP on his computer and then
use that as a method of getting him into custody. A rogue agent could do it
without anyone else knowing.

The frightening aspect of CP possession is that there's basically no one
willing to even hear out a person charged with the crime. It's the perfect
thing to frame someone with precisely because it's so revolting and hard to
_disprove_.

CP possession laws should be changed to put much more onus on the state. It
possibly should not even be a felony to merely posses simply because of how
hard it is to prove beyond a reasonable doubt. Production of CP is clearly the
main problem and far easier to be confident in prosecuting.

~~~
Cacti
The indictment goes into some detail on this:
[https://www.scribd.com/document/379346745/Joshua-Adam-
Schult...](https://www.scribd.com/document/379346745/Joshua-Adam-Schulte)

The guy is clearly guilty.

~~~
mikec3010
I arrive at the opposite conclusion from reading that. Someone smart enough to
work in black hat security should know how fucking illegal CP is, how
aggressively its investigated, and know not to flagrantly talk about it on an
irc channel and host it to randos online. At the very least they would use tor
and figure it out for themselves.

~~~
pbhjpbhj
You certainly wouldn't want that guy in charge of doing anything covert! Is it
trying to say he used his real name in IRC too (or is that interpretation for
the file)!?

~~~
retsibsi
The indictment says he used the username 'Josh'.

------
jscipione
"Government investigators suspect that he provided WikiLeaks, the anti-secrecy
organization, with a stolen archive of documents detailing the C.I.A.’s
hacking operations, but they had not initially charged him in that crime."

Wikileaks is a news organization, not an anti-secrecy organization who's First
Amendment Right to Freedom of the Press has been illegally infringed upon by
the US Government.

~~~
wyldfire
Or option C: a propaganda arm of the Russian Government.

EDIT: downvoters aren't offering a response, so I'll just hope or assume that
they want evidence:

[1] [https://foreignpolicy.com/2017/08/17/wikileaks-turned-
down-l...](https://foreignpolicy.com/2017/08/17/wikileaks-turned-down-leaks-
on-russian-government-during-u-s-presidential-campaign/)

[2] [https://www.theguardian.com/news/2016/apr/07/putin-
dismisses...](https://www.theguardian.com/news/2016/apr/07/putin-dismisses-
panama-papers-as-an-attempt-to-destabilise-russia)

[3] [http://www.haaretz.com/us-news/1.771716](http://www.haaretz.com/us-
news/1.771716)

[4] [http://edition.cnn.com/2017/10/25/politics/cambridge-
analyti...](http://edition.cnn.com/2017/10/25/politics/cambridge-analytica-
julian-assange-wikileaks-clinton-emails/index.html)

[5] [https://sunlightfoundation.com/2016/07/28/on-weaponized-
tran...](https://sunlightfoundation.com/2016/07/28/on-weaponized-
transparency/)

[6] [https://www.theatlantic.com/politics/archive/2017/11/the-
sec...](https://www.theatlantic.com/politics/archive/2017/11/the-secret-
correspondence-between-donald-trump-jr-and-wikileaks/545738/)

~~~
colordrops
Calling wikileaks a propaganda arm of the Russian Government is just US
propaganda. 1984 double-speak here. Can you point to ANYTHING that wikileaks
has reported or released that is untrue?

~~~
alpha_squared
You can tell the truth and still be deceitful. Claiming to have had evidence
on Russian corruption and publicly declaring an intent to release followed by
silence and unwillingness to do so indicate two things, to me anyway.

1\. The original claim is a lie. There is no evidence of Russian corruption
and the claim was made for attention or some other purpose. Remind me, again,
how many lies it takes to make someone untrustworthy?

2\. The original claim is true, but something or someone prevents information
from being released. This is the more insidious reason. It means that the
organization will only release "the truth" that jibes with the messages/agenda
they want to push, which is propaganda. Regardless of whether or not Russia
has a direct influence of the release is unknown, but it becomes propaganda
nonetheless.

My personal opinion is that Assange is virtually inseparable from Wikileaks
and appears to have a god complex, using the platform as his mouthpiece on his
view of the state of things while enjoying the comforts of avoiding
consequence.

~~~
colordrops
By that measure, the New York Times, Fox News, Washington Post, CNN, and Wall
Street Journal are all propaganda.

~~~
abiox
they have their moments. they all tend to be good at cheerleading war, for
example. msnbc fired phil donohue for being against the iraq war. last
election, the washington post (in)famously ran a glut of anti-sanders material
in a short time span (16 articles in 16 hours, i believe it was).

------
notveryrational
I remember getting in trouble for hacking with friends in High School. When a
friend got in trouble for stealing and publishing data from our school, the
state police went around scaring all of the parents and media with accusations
of suspected child porn (completely made up, and never part of any actual
investigation). Just uttering the words turned parents who had been closed
lipped into law abiding, pre-judgemental, and supportive accolades.

In his case, there was never any plant (thank god), but honestly - I've
watched this tactic used again and again to destroy reputations. If the State
Police feel empowered to use it at will, it's entirely believable for me to
believe the _CIA_ would go so far as to plant - especially given the extra-
legal authority of impunity they are empowered by.

~~~
austinheap
I remember getting in trouble for hacking with friends in High School. I don't
remember the part where the police -- who were involved -- manufactured or
planted child pornography accusations.

As you pointed out, that also isn't the case here either. Hat tip for the
accurate username though.

~~~
notveryrational
Chip on your shoulder?

So the State Police (NY State for me) did manufacture child pornography
allegations. I am glad your experience was different.

I believe that in this case, the CIA planted this evidence.

I love my username, one could even say irrationally so.

------
pietroglyph
> In a previous statement, WikiLeaks said the source of the damaging
> disclosure had hoped to “initiate a public debate about the security,
> creation, use, proliferation and democratic control of cyberweapons.”

That didn't really work out... I wonder if that was the real motivation; it
seems a little naive.

~~~
jessaustin
For one thing, it completely hollowed out a previously common claim of
attribution for the alleged DNC "hack": "We have some evidence of tools that
only Russian state employees use!" "These CIA documents indicate that CIA and
other parties also use those tools..." "Why do you hate America?"

------
mindslight
Prosecute the messenger; leave the criminal conspiracy untouched.

~~~
jonhendry18
What criminality? Unless the CIA was using the tools against targets in the
US, there's no US law broken.

Every country does it.

~~~
anonymous5133
Yup which is one reason why trump is pushing so hard on tariffs. The chinese
have an army of hackers committing war fare against the usa and its trade
secrets. Governments should not be hacking each other. They should be engaging
in diplomacy like any civilized country.

~~~
rhizome
War by another name, it seems like an admission that it's a war we are losing,
or perhaps have already lost. It's also a bit rich to imply the USA is
engaging in (or has any reason to expect) civilized diplomacy in any way.

------
hsienmaneja
Didn’t Snowden encourage people to leak? At least on the surface it seems like
he may have been role model for this particular actor.

~~~
anonymous5133
The american people have a right to know what its government is doing.

~~~
mmjaa
Not any more they don't.

------
bearofgod
Instead of saying searched, perhaps we should say "planted." These are the
same people who told us Trump was conspiring with the Russians, who used a
doctored dossier to get a FISA. Until we know a lot more it should take it
with a grain of salt, but if he is a pedophile I hope he rots in hell.

------
empath75
It’s amazing how many people on hacker news jump to the defense of a traitor,
let alone someone that’s involved in child abuse.

~~~
nkurz
Perhaps they put greater emphasis than you on the difference between "is" and
"is accused of being"? At least on the child abuse side, I'm pretty sure that
most defenders are doubting the evidence rather than condoning the behavior.

------
StanislavPetrov
Crickets from all of the "news" outlets that pointed to this incident as more
"proof" of a Russia-Wikileaks partership. Very much like the Sony hack, which
was widely attributed to North Korea (again, without a shred of evidence), you
can be sure that there will be very few, if any, mea-culpas issued by those
media organizations that uncritically swallowed DC/CIA misinformation and
reported that misinformation as fact. Hopefully this episode will serve as an
important reminder to everyone that they should always remains skeptical, of
everything, until presented with proof they can independently verify, instead
of mindlessly accepting basless claims that happen to agree with popular
narratives.

~~~
rubbingalcohol
I researched your claim. For the Sony hack, no actual evidence was ever
provided implicating North Korea - just unsupported allegations. [Independent
researchers]([https://www.theguardian.com/film/2014/dec/30/sony-hack-
resea...](https://www.theguardian.com/film/2014/dec/30/sony-hack-researchers-
claim-sacked-employees-could-be-to-blame)) found it was much more likely to
have been disgruntled employees.

However, for the Vault 7 leak, almost no major news organizations cited Russia
as a likely culprit for this.

I agree with your sentiment that basically any official information that comes
out of the IC is suspect, but in this case, unless you can cite specific
examples, I'm pretty sure the IC never publicly blamed Russia.

~~~
StanislavPetrov
[https://www.theguardian.com/media/2017/mar/07/wikileaks-
cia-...](https://www.theguardian.com/media/2017/mar/07/wikileaks-cia-
documents-us-russia-conflict)

>no actual evidence was ever provided implicating North Korea - just
unsupported allegations.

No actual evidence has been provided implicating Wikileaks received anything
from Russia either - just unsupported allegations. If you disagree, I welcome
you to link below actual evidence that has been provided. Despite the
exhorations of many, claims made by spooks, spies, employees of think tanks
and 3-letter agencies is not proof of anything, in any context, ever. Its
extremely troubling, and very revealing, that this simple fact is an anathema
to so many.

~~~
notveryrational
That's because Wikileaks is not in any way a Russian operation.

Wikileaks is globally important as a whistleblowing operation. If you go back
to the 1990s you can find the US government applauding Wikileaks'
publications.

When Wikileaks distributed several large caches of US documents, and would not
negotiate with the US Justice Department on disclosure, censorship and
propaganda agreements common with most other news providers - this more
friendly relationship curdled.

The US became increasingly hostile with Wikileaks, tried to get its operators
extradited, even shopped around for internet sock puppets and social media
campaigns to damage their reputations.

Wikileaks in turn became distasteful of the US, and happily publishes damaging
materials on the United States. These documents also happen to cover many of
the details associated with unsavory activity of the world's sole superpower,
which makes the reporting rather important.

US media characterizations of Wikileaks as a Russian operation are, and have
been, a (successful?) domestic propaganda campaign. The way the IG talks in
internal documents (go find them) about Wikileaks is that it is an independent
information organization that "punches above its weight" and has geopolitical
capabilities as a non-state actor. That's much closer to the truth.

