September 25, 2020
- See previous daily reports here and a video recap of last week’s proceedings here
- See an overview of USA v. Julian Assange here
- See a thread of live-tweets of today’s hearing here
Judge admits political nature of Assange’s case
Before testimony began today, Judge Baraitser acknowledged the political dimensions in the case against Julian Assange for the first time. Amid discussion of when closing arguments will be submitted, and how much time is needed to prepare them after testimony concludes next week, the judge asked the defense whether the U.S. presidential election would impact the defense’s case.
Lawyer Ed Fitzgerald said, “Much of what we say about Mr. Trump personally goes to why this was initiated, that will all remain good,” and, “Much of what we say about the fate which awaits Mr. Assange remains good because it’s about systemic faults in the prisons and his underlying conditions.” But “the situation would be all the worse” if Trump were to win re-election, he said.
The judge said that she had hoped to give her ruling or at least have closing arguments in before the U.S. election on November 3rd. But in granting the defense four weeks to submit closing arguments after testimony and the government a further two weeks to respond, she said her ruling will have to come in the new year.
WikiLeaks editor-in-chief Kristinn Hrafnsson reacted to these comments immediately:
In asking the defense how the outcome of the U.S. presidential election would affect its case and indicating that she had hoped to issue a ruling before election day, District Judge Vanessa Baraitser has acknowledged what has been clear since even before the first indictment against Julian Assange was unsealed, that this is a politically motivated prosecution.
Article 4 of the U.S.-U.K. Extradition Treaty says, “Extradition shall not be granted if the offense for which extradition is requested is a political offense.”
Jakob Augstein: Assange “feared for the safety of informants”
The defense then read a brief witness statement from Jakob Augstein, editor of the German weekly Der Freitag, which in 2011 published an article indicating that the book by Guardian journalists Luke Harding and David Leigh had revealed a password that could be used to decrypt files containing the unredacted State Department cables. The article was titled “Leak at WikiLeaks,” referring to former WikiLeaks staffer Daniel Domscheit-berg, who fell out with Assange in 2010 and took files with him to attempt to start a new leak site.
Augstein’s statement alludes to the fact that it was a mirror created or controlled by Domscheit-berg that contained the file that could be decrypted with this password.
It also confirms that Julian Assange had contacted Augstein in advance of the article’s publication to express that he “feared for the safety of informants.” As we’ve reported, the government’s publishing charges are only for the unredacted State Department cable publications and they hinge on their claim that Assange didn’t care about the release of sources’ names.
Patrick Eller debunks Manning/Assange “conspiracy”
Today’s first live witness was digital forensic expert Patrick Eller, who served in the US Army for 20 years as a criminal investigator. Ellis is now president of Metadata Forensics, which provides digital investigation and forensic examination in both civil and criminal cases.
Eller reviewed the indictments against Assange and the transcripts from Chelsea Manning’s court martial in 2013 to analyze the allegation that Assange and Manning engaged in a conspiracy to conceal Manning’s identity and steal more documents. The argument goes that when Manning chatted over Jabber with a user ‘Nathaniel Frank’ (who the government alleges but hasn’t proven is Julian Assange) and asked for help cracking a “hash”, which is an encrypted portion of a password, she was attempting to gain increased access to government databases and to disguise her identity in doing so.
Eller’s testimony establishes several key points:
The attempted cracking of the password hash was not technologically possible in 2010, when the conversation happened
First, some background on how encrypting a password works: an algorithm turns plaintext (a regular password with numbers, letters, and special characters) into a “hash value” (a unique jumble of characters written in a hexadecimal, a numbering system that uses 16 characters) and stored in a Security Accounts Manager (SAM) database, and then encrypted with a key, which itself is stored in both the SAM file and a System file. This means one needs both the SAM file and System file to crack a password. Ellis explains:
“Manning only retrieved the encrypted hash value from the SAM file. She did not have the System file or the portions of the SAM file that are required to reconstruct the decryption key for the hash. This decryption step is necessary before the hash can be cracked and it is a separate process from cracking the hash by guessing difference password values with rainbow tables. At the time, it would not have been possible to crack an encrypted password hash such as the one Manning obtained.”
Even if it were feasible, the purpose would not have been to conceal Manning’s identity
“The government allegation that there was an attempt to gain anonymity is greatly undermined by the tracking system which identified users.” The government says that Manning wanted to crack the password to be able to log in to a ‘ftpuser’ account, which it says would make her look like an administrator, rather than her Bradley.manning account she was given as an intelligence analyst. But the military tracked computers based on IP addresses, not account details, so even if she were to login with the admin account, it would still be traced back to her identifiable computer.
Even if it were feasible, it would not have given Manning any increased access to government databases
The March 2010 jabber chat about hash cracking came after Manning had already leaked the Guantanamo Bay Detainee Assessment Briefs, the Iraq and Afghan war logs, and the Rules of Engagement, so the only documents left are the State Department cables, which are stored in a government-wide intranet (an internal version of an internet) called SIPRNet. Accessing this network does not require login information, so she already had access to it well beforehand. Furthermore, Eller testified, everyone tasked with using secret government documents would have had access to this database. Asked to give an estimate as to how many people had SIPRNet access, Eller said it was “in the millions.”
What is far more likely, Eller testified, is that Manning wanted to use the admin account in order to download movies, music, and computer games onto her computer. The type of account to which Manning would have gained access would have had administrative privileges making it much easier to access the T-Drive, a shared database where other users uploaded these kinds of files.
Eller’s testimony also established that he and the U.S. government both have no way of proving that ‘Nathaniel Frank’ was actually Julian Assange.
Proceedings resume on Monday at 10:00am London time.