Wikileaks source and former CIA worker Joshua Schulte sentenced to 40 years jail Joshua Schulte, a former CIA employee and software engineer accused of sharing material with WikiLeaks, was sentenced to 40 years in prison by the US Southern District of New York on Thursday. Schulte was sent down for crimes including espionage, computer hacking, contempt of court, making false statements to the FBI, and …
"Is it so hard to believe someone so repugnant in other ways is also a kiddie fiddler?"
This guy was using Tails to transfer documents, he scrubbed his hard disk etc, this means that he is at least a modicum of tech knowledge and the capacity to make things difficult for the cops/CIA to find stuff. Why would he not use the same kinds of methods to hide his CSAM material.. This doesn't make sense, why was he so careful in only one of his activities ?.
The CSAM stuff might have been planted in order that his ensuing jail term is as difficult as possible. Stealing CIA secrets wont necessarily be seen as a bad thing in prison.
From another site:
"Prosecutors also said Schulte received thousands of images and videos of child sexual abuse, and that they found the material in Schulte’s New York apartment, in an encrypted container beneath three layers of password protection, during the CIA leaks investigation."
" in an encrypted container beneath three layers of password protection,"
That to me looks like theatrics to get the idiot public to get on their side.
He knew what the CIA was capable of computer wise considering the content of the leak. He would know that password protected folders are not secure against brute force attacks. So adding two more layers is not something they would likely bother doing.
But does it sound like HACKERMAN behaviour? To the average layman yeah.
Love how y'all are making excuses for a convicted paedophile.
Nice.
Maybe take a step or two backwards, use the mirror to see how that looks, then submit your computers for examination yeah?
The password BS was probably just the usual media interpretation of a tech detail free media friendly statement to convey the very basics.
Sure, there's never been any known case of law enforcement being able to bypass or subvert any encryption.
Encrochat.
Crypto AG
If we're to believe the stuff that Snowdon leaked (I do) then the CIA, NSA etc. have been routinely cracking or subverting encryption schemes for decades.
So, you want it both ways? Snowdon leaks about things like were true but law enforcement aren't able to break encryption?
Encrochat.
Law enforcement insider planted in a company.
Crypto AG
Law enforcement owned the company.
Getting around encryption by having somebody with inside knowledge of the keys isn't the same thing as cracking the encryption of unknown data. Of course if law enforcement in this case already knew the encryption keys because they planted the data, this would be in line with what we know about how they operate.
Anyway, based on current technology, how long does it take to brute-force an AES-256 encryption key?
If it's an easy task to break encryption, how come organisations like GCHQ have campaigned to remove end-to-end encryption from messaging apps like WhatsApp? They even rely on the "won't somebody think of the children" appeal to emotion.
edit: El Reg wrote about this too - https://www.theregister.com/2022/07/22/british_encryption_scanning/
Bullrun.
Details leaked by Snowdon.
Oh please. Bulls*it, more like.
From the Wikipedia page you linked to:
Snowden's documents do not contain technical information on exact cryptanalytic capabilities because Snowden did not have clearance access to such information"
Ooh, unspecified capabilities. That's very convenient for the purposes of this discussion.
According to a Bullrun briefing document, the agency had successfully infiltrated both the Secure Sockets Layer as well as some virtual private networks (VPNs).
So what does this have to do with getting into a triple-encrypted file on some guy's disk? I know you Snowden fans are a gullible bunch, but come on...
is there a favourite for paedophiles to keep their CSAM safe?
Why don't you tell me ;) I used AES-256 as an example.
"From the Wikipedia page you linked to:
Snowden's documents do not contain technical information on exact cryptanalytic capabilities because Snowden did not have clearance access to such information"
Ooh, unspecified capabilities. That's very convenient for the purposes of this discussion."
Yeah, obviously I made up all of the Snowden papers on NSA cipher cracking and wrote the Wikipedia page just on the off chance I happened to get into a comments section with a bunch of apologists for a convicted paedophile.
" is there a favourite for paedophiles to keep their CSAM safe?
Why don't you tell me ;) I used AES-256 as an example."
If you're offering up AES256 as an example of your favourite then that rather suggests it's you that has the greater knowledge of encryption used by paedophiles.
"If it's an easy task to break encryption, how come organisations like GCHQ have campaigned to remove end-to-end encryption from messaging apps like WhatsApp? They even rely on the "won't somebody think of the children" appeal to emotion."
Because it takes time to crack stuff and is computationally intensive/damned expensive, they want mass surveillance capabilities and to be able to monitor if not in real time then in near real time.
"If it's an easy task to break encryption, how come organisations like GCHQ have campaigned to remove end-to-end encryption from messaging apps like WhatsApp?"
That can't be a serious question; no one is that ignorant.
There is a huge difference between devoting resources to cracking one specific encrypted message, file container etc and routinely cracking messages, i.e. snooping, on mass messages apps like WhatsApp.
Until this article on El Reg, I had completely forgotten I'd read about this Schulte character back in 2022. From that article:
"The F.B.I. seized his computer hardware, for forensic analysis. When computer scientists at the Bureau examined Schulte’s desktop, they discovered a “virtual machine”—an entire operating system nested within the computer’s standard operating system. The virtual machine was locked with strong encryption, meaning that, unless they could break the code or get the key from Schulte—both of which seemed unlikely—they couldn’t access it. But they also had Schulte’s cell phone, and when they checked it they discovered another startling lapse in operational security: he had stored a bunch of passwords on his phone.
One of the passwords let the investigators bypass the encryption on the virtual machine. Inside, they found a home directory—also encrypted. They consulted Schulte’s phone again, and, sure enough, another stored password unlocked the directory. Next, they found an encrypted digital lockbox—a third line of defense. But, using encryption software and the same password that had unlocked the virtual machine, they managed to access the contents. Inside was a series of folders. When the investigators opened them, they found an enormous trove of child pornography."
From here: https://www.newyorker.com/magazine/2022/06/13/the-surreal-case-of-a-cia-hackers-revenge
Make of it what you will, of course; I don't find it dispositive, but I've known enough suffering geniuses who, for reasons of arrogance or expediency, exhibit a lapse in judgment from time-to-time. This story strikes me as being at please plausible.
Yes. It's far, far more likely that Schulte had poor OPSEC than that the CIA were able to crack any encryption he used. Encryption is easy; OPSEC is hard. And this fits with historical trends.
As you say, this story isn't proof of anything one way or the other. Neither is the conviction for possessing CSAM; anyone who thinks a conviction is proof (like the ranting AC in this thread) is a moron.
Personally, I don't think the information that's been made public allows much of an update either way. I certainly don't trust the police state in their rather frequent claims to have found Bad Stuff, particularly since we have confirmed cases of forensics labs in multiple US states planting evidence to secure convictions. I also have no trouble crediting the idea that there are many consumers of CSAM, given the popularity of other forms of pornography and what we know about human sexuality.
Not to mention, the wikileak case was apparently not the strongest, only circumstantial evidence and some unexplainable stuff, and the government failed to get a conviction first time round (see linked articles). So certainly convenient for them to have a “strong” CSAM case in their back pocket.
Do keep in mind the the FBI took over, maintained, hosted and operated a fully functional CSAM website/forum for more than a year "to catch more criminals"
The FBI served and supplied CSAM willingly.
So apart from the FBI being a literal CSAM producing entity... They clearly have access to as much of it as they like for what ever reason. Wouldn't be a huge should to get some buddies in contact to make some files appear where they would be convenient if found.
He was charged with "receipt, possession and transmission of child pornography" because he allowed people to host whatever they wanted on his servers, and knew they were hosting child pornography. His response: “The crime I am charged with is in fact a non-violent, victimless crime".
Anyone who knowingly aids sharing of child pornography and tries to claim it is "victimless", deserves to be locked up for life. Not sure what the deal is with all the downvotes people stating the obvious are getting in this thread. Is The Reg attracting child predators, or just this article?
https://www.newyorker.com/magazine/2022/06/13/the-surreal-case-of-a-cia-hackers-revenge
"In a recent court filing, Schulte asserted that he has been “falsely accused” of acquiring child pornography."
The FBI has a history of fabricating evidence when they can't get their way. He may be guilty of this but if he was as lax as they claim then why could they find zero concrete evidence he was the leak?
Not sure what the deal is with all the downvotes people stating the obvious are getting in this thread.
I dare say it's because what you are claiming is "obvious" prima facie is not. It is possible for someone to have a loathsome opinion about a crime, and yet not be guilty of that crime.
It is certainly possible that Schulte let people host CSAM on his servers. It is certainly possible he knew that they were doing so. It is certainly possible that he consumed it himself, for that matter. He was convicted of possessing it. But a conviction is de jure proof; it is not de facto proof, and it is also possible the material was planted.
I have no interest in defending Schulte. I'm rather interested, however, in the utter inability of some people in this thread to admit to the possibility that evidence used against him was fabricated. That's a degree of faith in the state which we don't normally see very much in comments here, and indicates a rather severe deficit in critical thinking when certain subjects are raised.
I'd like to know how many of those 40 years were for him bringing to light the shady illegal shit the CIA were doing, and how much were for the possession of that awful material?
I try not to be cynical, but I have a feeling they couldn't give two shits about the pornography and were more angry at him confirming what the world already knew about the CIA.
《Il est dangereux d'avoir raison dans des choses où des hommes accrédités ont tort.》
"It is dangerous to be right in matters where established men are wrong."
Quoted from Wkiquotes
"Catalogue pour la plupart des écrivains français qui ont paru dans Le Siècle de Louis XIV, pour servir à l'histoire littéraire de ce temps," Le Siècle de Louis XIV (1752)
Voltaire also wasn't overly impressed by the treatment of admiral Byng.
One of ? You mean there were others ?
How many, and how large ?
I did a quick search and I only found two : the Sterling case, and the Kiriakou case.
Both of these cases seem minor to me as far as volume is concerned. A catastrophe for the people whose identities were revealed, to be sure, but we're not talking about thousands of documents.
I can't seem to find any other case that even begins to approach the damage Schulte did. That he's an asshole just makes it all the better that he's going away for a long time.
And I don't think there'll be much "good behavior" to get him out sooner.
Perhaps the state should stop carrying out crimes against the people as well. The US state is corrupt from the top right down to lowest levels of local police. There are numerous cases of police planting evidence, entrapment, coercion, intimidation... there was a recent case of a newspaper being raided as they wrote an unfavourable article about someone using public records as a source. While they can cover this sort of thing up they will continue to do it and one day it might be you on the wrong end of it.
The only crime here was the exposure of American crimes against the world. If Schulte had been Russian or Iranian or Cuban or North Korean or pickyourenemy, the USA would be lauding him as a great symbol of justice.
Welcome to 1984, where justice is imprisoning those who expose wrongdoing.
Whenever the USA 'justice system' gets its teeth into a high profile case, it, more than many other such state apparatus elsewhere, goes for broke when sentencing.
On the assumption of Schulte truly having undermined security along with all other things fine about the USA, and placed children in harms way, one nevertheless is puzzled about how the sentencing tariff is arrived at. Presumably, the applicable law is framed in a broad manner, such as ten years to life. That leaves the matter of how judges (and appeal courts) arrive at figures like 40 years instead of, say, 47 years or 22 years.
Schulte's sentence offers negligible prospect (assuming early parole is disallowed) of later taking account of genuine repentance and good behaviour. Similarly, if deterring others from committing these crimes is an intention, many would consider very long sentences, those going beyond the need to protect the public by physically isolating the felon, to be devoid of effect; after all, the USA abounds with murder despite having the death penalty; also, in a past century, a British hangman was himself hanged for theft. It's often asserted that the chance of being caught outweighs a potential custodial sentence in the calculations of a would-be felon.
The above considerations leave one with the impression of sentencing in high profile cases containing a considerable element of political theatre.
The system works by extorting guilty pleas, by threatening insane judgements, from legislation enacted to please the proportion of the population who went to the colosseum to see christians and other criminals tortured, and flocked to public hangings in London.
Joshua Schulte didn't plead out, so he got the vengeful entertainment sentence.
Yet the leaked hunter laptop data has those types of images and the FBI protects him.
The FBI has so discredited itself that even when they arrest people for what I would call crimes against humanity - they are suspected of falsifying information by so many.
it's time to fire everyone in the FBI and ban them from working any security related work in the word. Hire new people that are to honest for their own good and let them play FBI until they turn bad too.
Yet the leaked hunter laptop data has those types of images and the FBI protects him.
lol
https://en.wikipedia.org/wiki/Hunter_Biden_laptop_controversy
The owner of a Delaware computer shop, John Paul Mac Isaac, said that the laptop had been left by a man who identified himself as Hunter Biden. Mac Isaac also stated that he is legally blind and could not be sure whether the man was actually Hunter Biden.
...
The drive analyzed for The Washington Post lacked a clear chain of custody, and was considered "a mess" and "a disaster" from a forensic standpoint by the two analysts.
And yet one of Hunter Bidens Lawyers did this following :
"On March 17, Hunter Biden filed a countersuit against Mac Issac in U.S. District Court in Delaware. The 42-page suit accuses Mac Isaac of invading Hunter Biden’s privacy and being part of a conspiracy to obtain and distribute data. In the suit, Hunter Biden says the computer repair shop owner didn’t have a legal right to copy data from Biden’s laptop and pass it to others."
Hunter Biden says the computer repair shop owner didn’t have a legal right to copy data from Biden’s laptop and pass it to others.
See my previous comment. The repair guy couldn't identify the person who brought in the laptop as Biden on account of his being blind.
The drive analyzed for The Washington Post lacked a clear chain of custody, and was considered "a mess" and "a disaster" from a forensic standpoint by the two analysts.
A chain of custody is necessary to ensure that the drive wasn't tampered with by the repair guy, the unidentified person who brought in the laptop, or anyone else with an axe to grind. Basically it can't be proven that any dodgy material was put there by the owner of the laptop.
If you read The Washington Post article it's experts consider that it is unlikely that much of the content was planted, especially the emails
https://www.washingtonpost.com/technology/2022/03/30/hunter-biden-laptop-data-examined/.
Emails have the advantage that they can be analysed/verified on the SMTP servers, thereby providing 2 independent.
If you believe that the information was planted there then you also have to understand that whoever planted it actually had access to his emails and therefore all the leverage that they could ever want.. If such was the case then there was no need to plant the emails on a broken laptop, they could have easily distributed them on a multitude of varying platforms.
Didn't the WaPo walk back their original conclusions about the laptop?
https://www.washingtonpost.com/opinions/2022/12/09/hunter-biden-laptop-suppression-twitter-fbi-social-media/
"Joe Biden dismissed it as a “Russian plant,” citing “five former heads of the CIA” who say it’s “a bunch of garbage.” We now know this was patently untrue. The laptop was authentic"
They admit 'the laptop was authentic'.
Replying to a previous poster "Hunter Biden says the computer repair shop owner didn’t have a legal right to copy data from Biden’s laptop and pass it to others"
Slightly grey area as generally when you use a repair place like that there is a contract that says 'you no pay, stuff becomes ours'. The laptop owner didn't pay and didn't collect so contractually the ownership of the laptop switched to the repair place.
As to the ownership of the data... well... that is another question with no real legal precedent. If you go by the US laws on asset forfeiture, cos the cops and FBI just love to take your money and stuff, I'm sure they'd say the data now belongs to them as well. The whole cloud thing will probably decide this at some point. Who really owns the data on those cloud servers?
the thousands of images of him, his emails, this laptop is what exposed his finances that he IS in court for right now. they just chose the lightest crimes to prosecute so far.
Keep on protecting those type if you want, All these scum need removed from society. those images of him smoking crack all came from the laptop to, even all his involvement with the gun came from the laptop, so keep dreaming up that its fake - the courts have delt with some of it, and its not fake - the trials are real - because of the laptop.
Cue the comments from the intellectually challenged for whom everything is a conspiracy and for whom the US is the worst regime in the world. You are clueless as to the threats we face from truly oppressive regimes.
In one thread we see people attacking fellow citizens who purchase products from slave-labor-using China but in the next China, Russia et al are not the threat, the US is. Either you're stupid or Chinese agents commenting on this article.
There's no need to fake CSAM evidence. Schulte is going away for the rest of his life. If the US were truly the oppressive regime that the idiots posting here say it is, he would have just disappeared.
If you want to release covert stuff into the wild, make sure they cannot trace it back to you.
How long inside are the HR folk who hired him, and the security folk who should have been monitoring him getting?
Surely anyone who releases information about a foreign government spying on your government, is a national hero of your spied-upon nation.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
