Does the U.S. have a case against Julian Assange?

UPDATE November 8, 2018: This mayo615 post from October 2016, discusses the legal complexities of a potential espionage or conspiracy charge against Julian Assange by the United States. As of now, November 2018, the indictment and extradition of Julian Assange to the United States seems highly likely. My reading that such a charge was likely and possibly imminent, is now probably becoming fact. Ecuador’s newly elected government is tired of providing Assange with diplomatic protection. Ecuador is likely to happily give up Assange and cause his extradition to the United States by Great Britain. The increased likelihood of moving against Assange was originally heightened by numerous factors: Obama’s announcement on October 7th 2016 that the United States officially holds Russia responsible for the cyber theft of the Democratic National Committee documents released by Wikileaks, and Assange’s own statements of his intent to harm the United States, most recently in a video interview on Real Time With Bill Maher, which are now coming back to haunt him.

Reblogged from Agence France Press

Source: Does the US have a case against Julian Assange? | Alternet

Agence France Presse

Does the U.S. have a case against Julian Assange?

If WikiLeaks founder Julian Assange ever ends up in a US courtroom, prosecutors could face an uphill struggle trying to convict him, given America’s legal safeguards for publishers, analysts say. On the other hand, over the course of Robert Mueller’s investigation, it has become much clearer that Assange was working directly with Guccifer 2.0 and probably Roger Stone, which alters the equation on his culpability.

Citing fears of prosecution in the United States, Assange remains holed up at Ecuador’s embassy in London on Saturday, defying a British police order to turn himself in for extradition to Sweden.

Assange faces sexual assault allegations in Sweden but has refused to set foot there, saying he runs the risk of extradition to the United States, which he insists is intent on charging him with espionage or other serious crimes for releasing troves of once-secret files to the public.

Assange’s lawyers and supporters say his concerns are justified and not driven by paranoia.

They cite tough statements from senior US officials, interrogations of Assange’s colleagues and a grand jury investigation that has reportedly questioned associates of Bradley Manning, the soldier accused of passing hundreds of classified documents to WikiLeaks.

“The grand jury is a serious business,” said Michael Ratner, a human rights lawyer advising Assange. referring to the discussions to determine whether a criminal indictment will be issued.

Some with links to Assange have reportedly faced questioning when trying to travel outside the United States and federal authorities at one point demanded Twitter open the accounts of WikiLeaks figures.

“They’re all over this case,” Ratner told AFP.

The US Justice Department will not comment on the grand jury probe and says it has no role in the extradition proceedings in London. But spokesman Dean Boyd said: “There continues to be an investigation into the WikiLeaks matter.”

Some US lawmakers and commentators have called for Assange to be charged with espionage or for conspiracy to obtain secret documents, arguing that he intended to sabotage America’s foreign policy and endangered lives by revealing the identities of informants.

Charging Assange under the Espionage Act — a vaguely worded World War I-era law — would be a difficult challenge, as it requires the government to show the accused intended to harm the US government or aid a foreign power, analysts said.

Without knowing the evidence held by US investigators, it’s difficult to predict how the government will pursue Assange’s case, said Charles Stimson, a former federal prosecutor.

“It’s a very open question as to whether you could try him for espionage,” said Stimson, a legal fellow at The Heritage Foundation think-tank who oversaw detainee policies at the Pentagon under ex-president George W. Bush.

A better option for prosecutors may be “to see whether or not they could charge him with something like conspiracy to disclose classified documents,” he said.

A protester wearing a Guy Fawkes mask holds a poster reading “I’m Julian” as he demonstrates outside the Ecuadorian embassy in London on June 23, where Wikileaks founder Julian Assange is seeking political asylum. If Assange ever ends up in a US courtroom, prosecutors could face an uphill struggle trying to convict him, given America’s legal safeguards for publishers, analysts say.

But such an approach would be breaking new legal ground, experts said.

Unlike Manning, charged with handing over a massive cache of secret State Department cables and military intelligence logs to WikiLeaks, Assange is not a US government employee obliged to withhold classified documents.

The United States has “never really successfully prosecuted a non-government official for taking documents that were classified,” Ratner said.

His defense attorneys portray him as a publisher, who merely came into possession of sensitive information. But US investigators would likely try to paint Assange as a plotter who helped Manning spill secrets, with the aim of tarnishing Washington.

Assange’s supporters can take comfort from a recent case against two pro-Israel lobbyists accused of passing on classified information to Israel, the first time civilians were charged under the Espionage Act.

After a long legal battle, prosecutors eventually dropped the charges in 2009.

The seminal case that proved the limits of government authority over publishing secrets came in 1971 over the Pentagon Papers, when President Richard Nixon tried to stop The New York Times from publishing classified documents on the Vietnam War.

The bid failed, with the courts citing the free speech rights enshrined in the First Amendment of the US Constitution.

Renowned First Amendment lawyer Floyd Abrams, who worked on the Pentagon Papers case, said Assange’s website raises questions about the limits of freedom of expression, including the publishing of names of Afghans cooperating with the US government.

Some of Assange’s public comments have seemed to suggest a desire to undermine US foreign policy, comments that could backfire on him in court, Abrams said.

“WikiLeaks has a First Amendment argument, and it is a serious First Amendment argument if it is ever charged,” Abrams said on C-Span television in 2010.

“At the same time, the government has a genuine and serious national security argument to be made with respect to the behavior, often the misbehavior, of WikiLeaks.”

Yesterday’s Internet Outage In Parts of U.S. and Canada You Didn’t Hear About

A year ago, a DDoS attack caused internet outages around the US by targeting the internet-infrastructure company Dyn, which provides Domain Name System services to look up web servers. Monday saw a nationwide series of outages as well, but with a more pedestrian cause: a misconfiguration at Level 3, an internet backbone company—and enterprise ISP—that underpins other big networks. Network analysts say that the misconfiguration was a routing issue that created a ripple effect, causing problems for companies like Comcast, Spectrum, Verizon, Cox, and RCN across the country.

How a Tiny Error Shut Off the Internet for Parts of the US and Canada

Reposted from Wired

Lily Hay Newman13 hrs ago

a group of computer equipment

Level 3, whose acquisition by CenturyLink closed recently, said in a statement to WIRED that it resolved the issue in about 90 minutes. “Our network experienced a service disruption affecting some customers with IP-based services,” the company said. “The disruption was caused by a configuration error.” Comcast users started reporting internet outages around the time of the Level 3 outages on Monday, but the company said that it was monitoring “an external network issue” and not a problem with its own infrastructure. RCN confirmed that it had some network problems on Monday because of Level 3. The company said it had restored RCN service by rerouting traffic to a different backbone.

a close up of a map

The misconfiguration was a “route leak,” according to Roland Dobbins, a principal engineer at the DDoS and network-security firm Arbor Networks, which monitors global internet operations. ISPs use “Autonomous Systems,” also known as ASes, to keep track of what IP addresses are on which networks, and route packets of data between them. They use the Border Gateway Protocol (BGP) to establish and communicate routes. For example, packets can route between networks A and B, but network A can also route packets to network C through network B, and so on. This is how internet service providers interoperate to let you browse the whole internet, not just the IP addresses on their own networks.

In a “route leak,” an AS, or multiple ASes, issue incorrect information about the IP addresses on their network, which causes inefficient routing and failures for both the originating ISP and other ISPs trying to route traffic through. Think of it like a series of street signs that help keep traffic flowing in the right directions. If some of them are mislabeled or point the wrong way, assorted chaos can ensue.

Route leaks can be malicious, sometimes called “route hijacks” or “BGP hijacks,” but Monday’s incident seems to have been caused by a simple mistake that ballooned to have national impact. Large outages caused by accidental route leaks have cropped up before.

“Folks are looking to tweak routing policies, and make mistakes,” Arbor Networks’ Dobbins says. The problem could have come as CenturyLink works to integrate the Level 3 network or could have stemmed from typical traffic engineering and efficiency work.

Internet outages of all sizes caused by route leaks have occurred occasionally, but consistently, for decades. ISPs attempt to minimize them using “route filters” that check the IP routes their peers and customers intend to use to send and receive packets and attempt to catch any problematic plans. But these filters are difficult to maintain on the scale of the modern internet and can have their own mistakes.

Monday’s outages reinforce how precarious connectivity really is, and how certain aspects of the internet’s architecture—offering flexibility and ease-of-use—can introduce instability into what has become a vital service.

Kaspersky Lab Security Software Implicated in Russian NSA Breach

Many know the name Kaspersky well. Others may only dimly recognize the brand name. Its anti-virus and Internet security software has been around for years in computer stores and OEM’d with computer systems. More than a year ago, I became concerned about what I was learning about Kaspersky Lab and its headquarters in Moscow, I began asking myself hypothetical rhetorical questions. What if Kaspersky was quietly working with the Russian FSB? What if Kaspersky had installed a sleeping Trojan Horse in millions of copies of its consumer computer security software? I was a user of Kaspersky Lab cybersecurity software myself. I knew that it was rated very highly by the tech journals. I liked its elegance and simplicity compared with other competitor products from U.S. based companies like Symantec and McAffee. Nevertheless, as the Russian hacking of the 2016 election became an ever-larger issue, I decided to pull the plug on Kaspersky because of my fears, though there was no direct evidence of collusion between Kaspersky and the Kremlin at that time, wiped my system clean, and installed another competitor product.

UPDATE, October 11:

Israel hack uncovered Russian spies’ use of Kaspersky in 2015 – The Guardian

An Israeli security agency hacked into Russian antivirus firm Kaspersky Lab in 2015, providing the crucial evidence required to ban the company from providing services to the US government, according to a report.

While the Israeli spies were inside Kaspersky’s systems, they observed Russian spies, in turn, using the company’s tools to spy on American spies, the New York Times reports. That information, handed to the US, led to the decision in September to end the use of the company’s software across the federal government by December.

Kaspersky Anti-Virus Software Includes a Feature That Copies Files And Provides A Backdoor for Russian Hackers – WSJ

Many know the name Kaspersky well. Others may only dimly recognize the brand name. Its anti-virus and Internet security software has been around for years in computer stores and OEM’d with computer systems. More than a year ago, I became concerned about what I was learning about Kaspersky Lab and its headquarters in Moscow, I began asking myself hypothetical rhetorical questions. What if Kaspersky was quietly working with the Russian FSB? What if Kaspersky had installed a sleeping Trojan Horse in millions of copies of its consumer computer security software? I was a user of Kaspersky Lab cybersecurity software myself. I knew that it was rated very highly by the tech journals. I liked its elegance and simplicity compared with other competitor products from U.S. based companies like Symantec and McAfee. Nevertheless, as the Russian hacking of the 2016 election became an ever-larger issue, I decided to pull the plug on Kaspersky because of my fears, though there was no direct evidence of collusion between Kaspersky and the Kremlin at that time, wiped my system clean, and installed another competitor product.

Today, the Wall Street Journal has reported that Kaspersky software is implicated in the most serious breach of NSA security in years, validating my gut instinct decision more than a year ago. My first hint of the serious nature of the Kaspersky/Kremlin connection came in a murky story related to the earliest public report on the Russian hacking stating with very high confidence that specific FSB officers and Kremlin officials had ordered and orchestrated the hacking. One of those individuals was also a senior engineer at Kaspersky Lab. U.S. Senator Jeanne Shaheen, (D., N.H.) said in a statement: “This development should serve as a stark warning, not just to the federal government but to states, local governments, and the American public, of the serious dangers of using Kaspersky software.” She added: “The strong ties between Kaspersky Lab and the Kremlin are extremely alarming and have been well-documented for some time. It’s astounding and deeply disturbing that the Russian government continues to have this tool at their disposal to harm the United States.”

Russian Hackers Stole NSA Data on U.S. Cyber Defense

The breach, considered the most serious in years, could enable Russia to evade NSA surveillance and more easily infiltrate U.S. networks

Gordon Lubold and

Shane Harris

The Wall Street Journal

Oct. 5, 2017 12:48 p.m. ET

WASHINGTON—Hackers working for the Russian government stole details of how the U.S. penetrates foreign computer networks and defends against cyber attacks after a National Security Agency contractor removed the highly classified material and put it on his home computer, according to multiple people with knowledge of the matter.

The hackers appear to have targeted the contractor after identifying the files through the contractor’s use of a popular antivirus software made by Russia-based Kaspersky Lab, these people said.

The theft, which hasn’t been disclosed, is considered by experts to be one of the most significant security breaches in recent years. It offers a rare glimpse into how the intelligence community thinks Russian intelligence exploits a widely available commercial software product to spy on the U.S.

The incident occurred in 2015 but wasn’t discovered until spring of last year, said the people familiar with the matter.

The stolen material included details about how the NSA penetrates foreign computer networks, the computer code it uses for such spying and how it defends networks inside the U.S., these people said.

Having such information could give the Russian government information on how to protect its own networks, making it more difficult for the NSA to conduct its work. It also could give the Russians methods to infiltrate the networks of the U.S. and other nations, these people said.

The breach is the first known incident in which Kaspersky software is believed to have been exploited by Russian hackers to conduct espionage against the U.S. government. The company, which sells its antivirus products in the U.S., had revenue of more than half a billion dollars in Western Europe and the Americas in 2016, according to International Data Corp. By Kaspersky’s own account it has more than 400 million users world-wide.

The revelation comes as concern over Russian infiltration of American computer networks and social media platforms is growing amid a U.S. special counsel’s investigation into whether Donald Trump’s presidential campaign sought or received assistance from the Russian government. Mr. Trump denies any impropriety and has called the matter a “witch hunt.”

Intelligence officials have concluded that a campaign authorized by the highest levels of the Russian government hacked into state election-board systems and the email networks of political organizations to damage the candidacy of Democratic presidential nominee Hillary Clinton.

A spokesman for the NSA didn’t comment on the security breach. “Whether the information is credible or not, NSA’s policy is never to comment on affiliate or personnel matters,” he said. He noted that the Defense Department, of which the NSA is a part, has a contract for antivirus software with another company, not Kaspersky.

In a statement, Kaspersky Lab said it “has not been provided any information or evidence substantiating this alleged incident, and as a result, we must assume that this is another example of a false accusation.”

Kremlin spokesman Dmitry Peskov in a statement didn’t address whether the Russian government stole materials from the NSA using Kaspersky software. But he criticized the U.S. government’s decision to ban the software from use by U.S. agencies as “undermining the competitive positions of Russian companies on the world arena.”

The Kaspersky incident is the third publicly known breach at the NSA involving a contractor’s access to a huge trove of highly classified materials. It prompted an official letter of reprimand to the agency’s director, Adm. Michael Rogers, by his superiors, people familiar with the situation said.

National Security Agency Director Michael Rogers. PHOTO: SAUL LOEB/AGENCE FRANCE-PRESSE/GETTY IMAGES

Adm. Rogers came into his post in 2014 promising to staunch leaks after the disclosure that NSA contractor Edward Snowden the year before gave classified documents to journalists that revealed surveillance programs run by the U.S. and allied nations.

The Kaspersky-linked incident predates the arrest last year of another NSA contractor, Harold Martin, who allegedly removed massive amounts of classified information from the agency’s headquarters and kept it at his home, but wasn’t thought to have shared the data.

Mr. Martin pleaded not guilty to charges that include stealing classified information. His lawyer has said he took the information home only to get better at his job and never intended to reveal secrets.

The name of the NSA contractor in the Kaspersky-related incident and the company he worked for aren’t publicly known. People familiar with the matter said he is thought to have purposely taken home numerous documents and other materials from NSA headquarters, possibly to continue working beyond his normal office hours.

The man isn’t believed to have wittingly aided a foreign government, but knew that removing classified information without authorization is a violation of NSA policies and potentially a criminal act, said people with knowledge of the breach.

It is unclear whether he has been dismissed from his job or faces charges. The incident remains under federal investigation, said people familiar with the matter.

Kaspersky software once was authorized for use by nearly two dozen U.S. government agencies, including the Army, Navy and Air Force, and the departments of Defense, State, Homeland Security, Energy, Veterans Affairs, Justice and Treasury.

The headquarters of the Russian cybersecurity company Kaspersky Lab. PHOTO: SAVOSTYANOV SERGEI/TASS/ZUMA PRESS

NSA employees and contractors never had been authorized to use Kaspersky software at work. While there was no prohibition against these employees or contractors using it at home, they were advised not to before the 2015 incident, said people with knowledge of the guidance the agency gave.

For years, U.S. national security officials have suspected that Kaspersky Lab, founded by a computer scientist who was trained at a KGB-sponsored technical school, is a proxy of the Russian government, which under Russian law can compel the company’s assistance in intercepting communications as they move through Russian computer networks.

Kaspersky said in its statement: “As a private company, Kaspersky Lab does not have inappropriate ties to any government, including Russia, and the company has never helped, nor will help, any government in the world with its cyberespionage efforts.”

Suspicions about the company prompted the Department of Homeland Security last month to take the extraordinary step of banning all U.S. government departments and agencies from using Kaspersky products and services. Officials determined that “malicious cyber actors” could use the company’s antivirus software to gain access to a computer’s files, said people familiar with the matter.

The government’s decision came after months of intensive discussions inside the intelligence community, as well as a study of how the software works and the company’s suspected connections to the Russian government, said people familiar with the events. They said intelligence officials also were concerned that given the prevalence of Kaspersky on the commercial market, countless people could be targeted, including family members of senior government officials, or that Russia could use the software to steal information for competitive economic advantage.

“The risk that the Russian government, whether acting on its own or in collaboration with Kaspersky, could capitalize on access provided by Kaspersky products to compromise federal information and information systems directly implicates U.S. national security,” the DHS said Sept. 13 in announcing the government ban.

All antivirus software scans computers looking for malicious code, comparing what is on the machine to a master list housed at the software company. But that scanning also gives makers of the software an inventory of what is on the computer, experts say.

“It’s basically the equivalent of digital dumpster diving,” said Blake Darché, a former NSA employee who worked in the agency’s elite hacking group that targets foreign computer systems.

Kaspersky is “aggressive” in its methods of hunting for malware, Mr. Darché said, “in that they will make copies of files on a computer, anything that they think is interesting.” He said the product’s user license agreement, which few customers probably read, allows this.

“You’re basically surrendering your right to privacy by using Kaspersky software,” said Mr. Darché, who is chief security officer for Area 1, a computer security company.

“We aggressively detect and mitigate malware infections no matter the source and we have been proudly doing it for 20 years,” the company said in its statement. “We make no apologies for being aggressive in the battle against malware and cybercriminals.”

U.S. investigators believe the contractor’s use of the software alerted Russian hackers to the presence of files that may have been taken from the NSA, according to people with knowledge of the investigation. Experts said the software, in searching for malicious code, may have found samples of it in the data the contractor removed from the NSA.

But how the antivirus system made that determination is unclear, such as whether Kaspersky technicians programed the software to look for specific parameters that indicated NSA material. Also unclear is whether Kaspersky employees alerted the Russian government to the finding.

Kaspersky Lab Chief Executive Eugene Kaspersky. The company said it never would help ‘any government in the world with its cyberespionage efforts.’ PHOTO: SHARIFULIN VALERY/TASS/ZUMA PRESS

Investigators did determine that, armed with the knowledge that Kaspersky’s software provided of what files were suspected on the contractor’s computer, hackers working for Russia homed in on the machine and obtained a large amount of information, according to the people familiar with the matter.

The breach illustrates the chronic problem the NSA has had with keeping highly classified secrets from spilling out, former intelligence personnel say. They say they were rarely searched while entering or leaving their workplaces to see if they were carrying classified documents or removable storage media, such as a thumb drive.

The incident was considered so serious that it was given a classified code name and set off alarms among top national security officials because it demonstrated how the software could be used for spying. Members of Congress also were informed, said people familiar with the matter.

Then-Defense Secretary Ash Carter and then-Director of National Intelligence James Clapper pushed President Barack Obama to remove Adm. Rogers as NSA head, due in part to the number of data breaches on his watch, according to several officials familiar with the matter.

The NSA director had fallen out of White House favor when he traveled to Bedminster, N.J., last November to meet with president-elect Donald Trump about taking a job in his administration, said people familiar with the matter. Adm. Rogers didn’t notify his superiors, an extraordinary step for a senior military officer, U.S. officials said.

Adm. Rogers wasn’t fired for a number of reasons, including a pending restructuring of the NSA that would have been further complicated by his departure, according to people with knowledge of internal deliberations. An NSA spokesman didn’t comment on efforts to remove Adm. Rogers.

Sen. Jeanne Shaheen, (D., N.H.) said in a statement: “This development should serve as a stark warning, not just to the federal government but to states, local governments and the American public, of the serious dangers of using Kaspersky software.”

She added: “The strong ties between Kaspersky Lab and the Kremlin are extremely alarming and have been well-documented for some time. It’s astounding and deeply disturbing that the Russian government continues to have this tool at their disposal to harm the United States.”

Write to Gordon Lubold at Gordon.Lubold@wsj.com and Shane Harris at shane.harris@wsj.com

Does the U.S. have a case against Julian Assange?

UPDATE: This mayo615 post from October 2016, discusses the legal complexities of a potential espionage or conspiracy charge against Julian Assange by the United States. My reading that such a charge was likely and possibly imminent, is now fact. Ecuador’s newly elected government insistence that it will continue to provide Assange with diplomatic protection is becoming very thin. It is more likely that time and diplomatic pressure will force Ecuador to give up Assange and cause his extradition to the United States by Great Britain. The increased likelihood of moving against Assange has been heightened in my opinion, by two factors: Obama’s announcement on October 7th that the United States officially holds Russia responsible for the cyber theft of the Democratic National Committee documents released by Wikileaks, and Assange’s own statements of his intent to harm the United States, most recently in a video interview with Bill Maher, which are now coming back to haunt him.

UPDATE: This mayo615 post from October 2016, discusses the legal complexities of a potential espionage or conspiracy charge against Julian Assange by the United States. My reading that such a charge was likely and possibly imminent, is now fact. Ecuador’s newly elected government insistence that it will continue to provide Assange with diplomatic protection is becoming very thin. It is more likely that time and diplomatic pressure will force Ecuador to give up Assange and cause his extradition to the United States by Great Britain. The increased likelihood of moving against Assange was originally heightened by two factors: Obama’s announcement on October 7th that the United States officially holds Russia responsible for the cyber theft of the Democratic National Committee documents released by Wikileaks, and Assange’s own statements of his intent to harm the United States, most recently in a video interview with Bill Maher, which are now coming back to haunt him. It now appears that the technicalities of the indictment may be more complex.

Reblogged from Agence France Press

Source: Does the US have a case against Julian Assange? | Alternet

Agence France Presse

Does the U.S. have a case against Julian Assange?

If WikiLeaks founder Julian Assange ever ends up in a US courtroom, prosecutors could face an uphill struggle trying to convict him, given America’s legal safeguards for publishers, analysts say.

Citing fears of prosecution in the United States, Assange remained holed up at Ecuador’s embassy in London on Saturday, defying a British police order to turn himself in for extradition to Sweden.