US v Assange – Superseding Indictment No. 2 Breakdown – Updated

On February 2, 2020, I posted an analysis of the U.S. case against Julian Assange based the existing criminal complaint and indictments.

The publication of the second superseding indictment on June 24, 2020 strengthened my original analysis: that is, that the U.S. case is primarily about hacking a Department of Defense classified network, and that the material charged under the Espionage Act for the collection of that intelligence post-dates Julian Assange’s March 8, 2010 agreement with Chelsea Manning to crack the administrator password on her SIPRNet computer.

Given Dell Cameron’s expertise regarding the Stratfor component of Sup. 2, I urge you to read his analysis and will forgo one here. Dell and I have an upcoming piece that we are jointly working on.



Criminal Theory

The U.S. criminal theory is primarily about a hacking conspiracy that, taken together, are summed up in Counts 1 and 2 of Sup. 2.

The U.S. alleges that Assange conspired to commit espionage with Chelsea Manning, a junior army intelligence analyst, who was deployed in Iraq, when Assange agreed to help her crack the administrator password on her classified Department of Defense computer, so that she could steal national defense information and foreign intelligence without attribution to provide it to WikiLeaks.

All the material that is charged under the Espionage and Computer Fraud and Abuse Acts (Cts. 1 and 2 in parts, 3-14) that deal solely with Assange’s collection of U.S. intelligence, was obtained after their March 8, 2010 agreement.

Legally speaking, the U.S. constructed its case so that the 18 U.S.C. 1030(a)(1) (CFAA Ct. 2, para 1) is used in part to demonstrate Assange’s mens reas (that is, his intent and knowledge) for the 18 U.S.C. 793 (b thru e) offenses related to collection (Espionage Act, Cts. 3-14). That the U.S. dropped one 793(b) offense for classified material stolen a day before the March 8, 2010 agreement in Sup. 2 further illustrates that this is the prosecution’s strategy for Counts 3-14.

The Afghanistan and Iraq Significant Activities reports (SIGACTS), which were stolen and leaked prior to the extant Assange/Manning chat exchanges, are charged solely under Counts 15 and 16, which are narrowly tailored to Assange’s dissemination and then publication of the names of cooperative Afghan and Iraqi military sources.

Sup. 2 also indicates that prosecutors intend to use evidence derived from David House, who was both an associate of Manning and a WikiLeaks volunteer or staff member during the time period before the start date of the existing chats between Assange and Manning (before March 5, 2010), which is also the time period for the theft and leak of the SIGACTS to WikiLeaks.

Moreover, evidence derived from House will likely speak to the period after the end date of the extant chat logs (after March 18, 2010) vis-a-vis the theft and leak of the State Department cables (Cts. 7, 10, 13) as well as when WikiLeaks disseminated and then published the names of U.S. intelligence sources in the SIGACTS and State Department cables (Cts. 15-17).

Evidence derived from House will likely be used to establish both Assange’s relationship with Manning prior to the start date of the existing chats (before March 5, 2010); but also to provide evidence about the Assange’s intent and knowledge for the Espionage Act with regard to the dissemination and then publication of the unredacted names of U.S. intelligence sources (Ct. 15-17).

Sup. 2 also indicates that the U.S. will use evidence derived from another ex-WikiLeaker turned government informant, Sigurdur Thordarson (“Siggi”), to establish the same with regard to WikiLeaks dissemination and then publication of the unredacted names of U.S. foreign intelligence sources in the State Department cables (Ct. 17).

The short version of the U.S. criminal theory is as follows.

WikiLeaks is a non-state aspirant intelligence agency and Assange is a spymaster and hacker. As such, Assange conspired with his recruits to target and hack the computers of the U.S. government and U.S. entities to steal classified intelligence and other information in order to published that restricted material on the organization’s website. It published the information to further the organization’s own strategic objectives. That includes harming the U.S. by exposing U.S. intelligence sources to retaliation, damaging U.S. relationships with those intelligence sources and its allies, and depriving the U.S. government and other U.S. entities of the value of their own intelligence and information.

Count 2 is the only offense in Sup. 2 that touches criminal acts outside the scope of the 2010 Manning disclosures. Sup. 2 pulled focus on the U.S. case, without adding any criminal Counts. The U.S. even dropped one offense, as discussed above. That is another way of pulling the curtain off the U.S. case against the organization.

Count 2, paragraph 2 (CFAA 18 U.S.C. 1030(a)(2)) may include criminal acts related to the collection of thousands of Congressional Research Service reports that WikiLeaks published on February 2, 2009. At a hacker conference in 2009, as cited in Sup. 2, Assange discussed a vulnerability that he admits he exploited in the CRS document distribution system to collect those documents.

As I wrote in January, at the same hacker conference, Assange expounds on the monetary value of both the CRS and CIA Open Source databases. Assange also remarks that releasing the CRS and OSC databases would be beneficial to smaller and poorer governments, which cannot afford a CIA. Assange also discusses the CIA OSC in his chats with Manning, as cited in Sup. 2.

Given that 18 U.S.C. 1030(a)(1) of the CFAA is a predicate offense for prosecutions under the Racketeer Influenced and Corrupt Organizations (RICO) statute, which is used to take down criminal enterprises, I expect future indictments of yet unindicted co-conspirators.

While the statute of limitations for 1030(a)(1) is five years (or longer in the case of terrorism related offenses), a Court may grant an extension if the case involves evidence located in foreign countries or if the defendant is a fugitive and out of the reach of law enforcement. Moreover, as Marcy Wheeler notes, Count 2 itself is 18 U.S.C. 371 or conspiracy to commit computer intrusions. The statute of limitations, therefore, would be based on the last overt act, which, based on the offense time-frame, is 2015. In a prior draft I called Count 2 the “Balloon Count,” because it can incorporate offenses. The criminal violations under Count 2 are for 18 U.S.C. 1030 or the CFAA.



GTMO DABs (Ct. 6, 9, 12) (March 8, 2010)

The Guantanamo Detainee Assessments Briefs (GTMO DABs) were obtained, received, and disclosed to Assange by Manning on March 8, 2010 after their agreement. Representative of the fact that the U.S. is building its case on that agreement and their attempted crack of a classified encrypted password hash for Manning’s SIPRNet computer, the U.S. dropped one Count against Assange for abetting Manning in obtaining the GTMO DABs. In part, this is because Manning approached Assange about the material (as evidenced in their chat exchange), and the material was stolen a day before their agreement (on March 7, 2010).

Notably, on March 2, 2010 Manning downloaded a Linux rescue disk onto her Macintosh laptop, according to forensic evidence at her court-martial, days before her known chats with a WikiLeaks interlocutor.

She subsequently booted her classified computer with that CD containing the Linux operating system to access the FTP user account to conceal her identity and surf SIPRNET anonymously. Booting from the Linux rescue disk, enabled her to obtain a portion of the FTP user accounts LM hash value for that account’s password.

A key question, therefore is if/how Manning came to know how to boot her computer with a Linux disk to obtain the partial hash of the admin password, says Jake Williams, a former member of the National Security Agency’s hacking unit and founder of Rendition InfoSec, who I spoke to in 2019.

While a basic capability, another security expert, who I spoke with on the condition of anonymity, suggested her other behavior–like querying Intelink, the Intelligence Community’s search engine, for rainbow tables and other obfuscating mechanisms–may suggests her technical proficiency was lacking.

Between December 6, 2009 and March 8, 2010, according to Intelink logs, Manning had searched 19 times for terms such as “encryption, rendale,” and “MD5.”



Iraq ROE (Ct. 4, 8, 11, 14) (March 22, 2010)

The four Iraq Rules of Engagement Files (Iraq ROE) that the U.S. alleges Manning stole on March 22, 2010, indicate that prosecutors plan to use evidence previously unknown to the public to establish Manning’s relationship with Assange prior to and after the extant chat excerpts. Those existing chats begin on March 5, 2010 and end on March 18, 2010.

First, as discussed above, the U.S. is alleging that the IRAQ ROE files were stolen and leaked after the March 8, 2010 agreement.

Second, the March 22, 2010 date for the transmission of the IRAQ ROE diverges from Manning’s account at her court-martial.

While Manning was never charged for the IRAQ ROE files, she testified that she transmitted them to WikiLeaks on February 21, 2010 alongside the 2007 Apache airstrike video, which is six days after she transmitted WikiLeaks the 10 Reykjavik 13 cable (on February 15, 2010). She also testified that the February 21, 2010 transmission of the aerial weapons team video and IRAQ ROE files is what precipitated her direct communications with a WikiLeaks interlocutor via Jabber chat. Finally, she testified that she transmitted the IRAQ ROE files via WikiLeaks submission system.

Forensic evidence from the excerpted existing chats for the handle had a duration from February 22, 2010⁠ until May 24, 2010, that is, days before Manning was arrested. The handle for, she testified, was first known to her as office. She eventually changed the name to Julian Assange on May 17, 2010, which occurred three before she contacted Adrian Lamo (and at least one other person), as will be discussed below, to disclose that she was a WikiLeaks source.

Sup. 2 extensively cites the chat exchanges between Assange and Manning, not only about the U.S. diplomatic cable concerning Iceland that she leaked on February 15, 2010, but also the cyber-exploits of Assange’s “intel source,” Sigurdur Thordarson (“Siggi”), a hacker, who reportedly joined WikiLeaks in February 2010, only to become a U.S. government informant in August 2011. Thordarson left the organization in November 2011.

Thordarson was reportedly introduced to Assange by Kristinn Hrafnsson, a former WikiLeaks spokesperson and the organization’s current editor-in-chief, after Thordarson was arrested in January 2010 for hacking 600 GB of data from an Icelandic financial firm, Milestone. Assange obliquely refers to Thordarson and the latter’s exploits in the extant chat logs with Manning.

Thordarson, who is identified in Sup. 2 as “TEENAGER” likely participated in the WikiLeaks IRC channel and perhaps even interacted with Manning in January or February 2010 (that is, prior to the start date of the existing chat logs between Manning and Assange, which start on March 5, 2010).

Manning began searching for classified material regarding Iceland in January 2010. She also testified at her court-martial that she did so because in early to mid-January 2010 she became interested as a result of a conversation about Iceland on the WikiLeaks’ IRC channel.

Thordarson would also be privy to details regarding the pre-publication of the video, entitled Collateral Murder by the organization and published on April 5, 2010 alongside the Iraq ROE files. The latter files (and not the video)[3] are charged against Assange in Counts 4, 8, 11, and 14.

Thordarson also reportedly handed U.S. prosecutors eight hard drives and “thousands of pages of chat logs from his time at WikiLeaks,” which reportedly spanned from February 2010 to November 2011, accounting for his tenure at WikiLeaks.

That U.S. prosecutors possessed computer forensic evidence is key, because Assange’s defense team will seek (and have already sought) to discredit Thordason’s credibility as a witness. Thordarson is a diagnosed sociopath, which is almost stereotypical to FBI informants, who, nevertheless, successfully take down criminal enterprises. Take, for example Salvatore Gravano, who took down John Gotti and the Gambino crime family.



U.S. Diplomatic Cables (Cts. 2*, 3, 7, 10, 13 and 17) (March 28 to April 10, 2010)

Approximately 250,000 U.S. State Department Cables were stolen by Manning between March 28 and April 9, 2010; and uploaded to WikiLeaks on April 10, 2010, according to her testimony at her court-martial. The documents were, like the GTMO DABs and the IRAQ ROE files, stolen and leaked after the March 8, 2010 agreement between Manning and Assange, described above.

Sup. 2 does not offer precise dates for the theft and unauthorized disclosure of the diplomatic cables. Sup. 2 only describes their initial publication by WikiLeaks on March 29, 2010. In this respect, the omission and emphasis on the publication date by WikiLeaks, indicates where the U.S. criminal theory is heading: namely that Manning’s bulk theft and leak of U.S. State Department cables was a integral and complicit part of Assange’s cyber- and information-operations against the U.S. vis-a-vis Iceland. (see the specific language of Count 2 and the Espionage Act generally).

As stated above, Manning began searching for classified material regarding Iceland in January 2010. She testified at her court-martial that she did so, because in early to mid-January 2010, she became interested in conversations about Iceland on WikiLeaks’ IRC channel. She also testified that she was not in communication with her WikiLeaks interlocutor, who the U.S. alleges is Assange, until February 22, 2010.

The language that prosecutors use in Sup. 2 for Manning’s contact with Assange via her Jabber chat client changes dramatically from Sup. 1 to Sup. 2.

In Sup.1 the U.S. vaguely states that “[during] large portions…between November 2009…through her arrest on or about May 27, 2010…Manning was in direct contact with Assange.”

In Sup. 2 prosecutors explicitly state, “No later than January 2010, Manning repeatedly used an online chat service,, to chat with ASSANGE, who used multiple monikers attributable to him” [underline added].

On February 2, 2010, a spying computer was found within Iceland’s Althingi parliament in a room adjacent to an ex-WikiLeaker and member of Icelandic Parliment, Birgitta Jonsdottir. The spy computer had been operational for five-weeks before it was found, according to public reporting. It was first connected on December 28, 2009. At the time of this writing, it is unclear if the Althingi spy computer case remains open, but the event implicates Thordarson. Moreover, the Althingi spy computer operation (discovered February 2, 2010) is alluded to by Assange in his chat exchanges with Manning a month later (March 8, 2010) and cited in Sup. 2.

As stated above, Manning stole the first diplomatic cable, 10 Reykjavik 13, concerning Iceland on February 14, 2010. Manning disclosed it on February 15, 2010, and WikiLeaks published it on February 18, 2010.

At her court-martial, military prosecutors accepted Manning’s plea to a lesser included offense for the one-off cable, 10 Reykjavik 13, because Manning had not used Wget to downloaded it. Wget is free software that automates bulk downloads of content from web servers. Installing the unauthorized software on her classified Department of Defense SIPRNet computer was a failure to obey a lawful general order, namely U.S. Army regulations.

Military prosecutors used that regulation to demonstrate Manning had exceeded authorized access, or the statutory language of the CFAA (18 U.S.C. 1030(a)(1)), which prohibits accessing and obtaining classified material without authorization from information systems. The classified information at issue in this case resided on the State Department’s NetCentric diplomacy database, which was accessible via SIPRNet and Manning’s Department of Defense computer. Given that Manning had not used Wget to access and obtain the 10 Reykjavik 13 cable, military prosecutors, instead, accepted her plea to knowingly accessing it.

That Sup. 2 also mentions WikiLeaks’ second publication of State Department cables on March 29, 2010 is notable, because that disclosure also concerned Iceland. Moreover, WikiLeaks published it one day after Manning testified that she began bulk downloading over 250,000 diplomatic cables from the NetCentric diplomacy database (on March 28, 2010).

That the March 29, 2010 publication by WikiLeaks of State Department profiles of Icelandic officials appears in Sup. 2 indicates that the U.S. criminal theory is based on a direct Assange and Manning’s conspiracy for bulk theft and disclosure of U.S. State Department cables for the purpose of effecting Assange and WikiLeaks’ cyber- and information-operations against the U.S. vis-a-vis Iceland (see the specific language of Count 2 and the Espionage Act generally).

In 2013, Thordarson told reporter Ryan Gallagher that Lulzsec hackers, who are also cited in Sup. 2 and with whom Thordarson interfaced and recruited at the direction of Assange, gave WikiLeaks during a period after Manning’s disclosures, “confidential Icelandic state police document related to the security of the U.S. Embassy in Reykjavik.”

Moreover, that Manning installed Wget on her classified Department of Defense SIPRNet computer around the same time that Assange and his organization, including Thordarson, were gearing up to publish the 2007 Apache airstrike video as well as the Iraq ROE files (the latter charged against Assange) suggests that the U.S. may alleged at trial that Manning was counseled by Assange to install the software. Paragraph 1 of Count 2, for example, includes the statutory language for 18 U.S.C. 1030(a)(5)(A) of the CFAA. for knowingly cause the transmission of a program.

Furthermore, on March 24, 2010, WikiLeaks tweeted that the organization was under an “aggressive US and Icelandic surveillance operation.” These tweets came four days before Manning started bulk downloading diplomatic cables, based to her testimony (that is, on March 28, 2010). The tweets occurred five days before WikiLeaks published the first release from that bulk theft, which, as just described, consisted of State Department profiles of Icelandic officials (on March 29, 2010).

In the week prior to Manning’s bulk theft and transmission of U.S. State Department cables to WikiLeaks (beginning March 28 until April 10, 2010), Assange made much of a WikiLeaks volunteer being allegedly detained by Icelandic police (alleged to have occurred on March 22, 2010). Although not confirmed, Icelandic police’s interest in Thordarson for the above described exploits indicate that the detained volunteer may have been Thordarson.

During the week prior to Manning’s bulk download of U.S. State Department cables, Assange also alleged that he was surveilled on a March 18, 2010 flight out of Reykjavik to Copenhagen by U.S. diplomatic security agents. March 18, 2010 is incidentally also the end date of the existing exchanges between Manning and Assange. Indeed, U.S. diplomatic security service had been investigating the leak of 10 Reykjavik 13, since at least its publication by WikiLeaks on February 18, 2010, according to an official at Manning’s court-martial.

Sup. 2 also cites Assange’s exchanges with Manning (on March 5, 2010) about the former’s receipt of bank information from Thordarson. It cites Assange’s exchanges with Manning (on March 8, 2010 and March 10, 2010) about the former’s receipt of four months of audio to all the phones of the Icelandic parliament, which Assange says occurred after Assange provided his “intel source,” Thordarson, with a list of material that WikiLeaks wanted.

Sup. 2 states explicitly that in early 2010, Assange had “asked Teenager to commit computer intrusions and steal additional information, including audio recordings of phone conversations between high-ranking officials of the government of [Iceland], including members of the Parliament of [Iceland].”

By dovetailing Thordarson into the Assange/Manning conspiracy, U.S. prosecutors have expanded their existing case against the WikiLeaks founder and changed the Manning narrative.

It also remains unclear, at the time of this writing, whether Icelandic authorities are working with the U.S. in its prosecution of Assange.

In 2019, William M. Arkin reported that the U.S. case against Assange was supported by the intelligence community and governments of Australia. the U.K., and later Sweden, Germany, and the Netherlands. That support included collecting evidence for U.S. prosecutors for trial.

NATO security regulations outline requirements for its members’ handling of espionage, sabotage, terrorism, and deliberate compromises of NATO classified information.

Manning’s leak of the Secret Afghanistan SIGACTS include NATO classified information. The Iraq SIGACTS contained classified information from coalition forces, including the U.K. and Australia. For these reasons and others, the Obama administration requested that the U.K., Australia, Germany, as well as other U.S. allies investigate Assange in 2010.

NATO members also have prosecuted traditional espionage for other member-states.

Germany prosecuted a U.S. citizen, Clyde Lee Conrad, who sold NATO war plans to Hungary between 1974 and 1983. Conrad was convicted of treason in Germany and sentenced to life in prison. Conrad had been recruited by U.S. Army Sergeant First Class Zoltan Szabo, who had been investigated by the FBI in connection with the Conrad case in a joint U.S./German investigation. The U.S. wanted to lure Conrad back to the U.S., but opted to have Germany prosecute him, in part to minimize the exposure of more classified information at trial in the U.S.. Szabo was convicted of espionage in Austria in 1989. The spy ring included at least three more enlisted U.S. army service members.



Is the theft and publication of classified intelligence by hackers or spies protected by First Amendment?

That question is another way of framing the U.S. case against Assange.

Some commentators will inevitably remark that, as a foreign national or journalist, Assange cannot be charged with espionage under U.S. law. Overlooked in the analysis is that foreigners (including state and non-state hackers) commit espionage against the U.S. and U.S. entities, including by conducting cyber- and info-operations.

Journalists have also committed espionage against the U.S. Take Robert Allen, an American journalist, who began spying for the U.S.S.R. in 1933.

While traditional espionage by nation-states remains the norm in international affairs, globalization and information technology have made espionage decentralized, cheaper, and more accessible to a larger number of actors.

WikiLeaks’ aspirant claim to become an “intelligence agency of the people,” which Assange discusses with Manning in their existing chats (on March 10, 2010) is problematic. Intelligence agencies under Just War Theory require legitimate authority.

The most prominent discourse is that Assange’s prosecution by the U.S. is a threat to the press and society. And, that may be true. However, an intelligence agency posing as journalistic outfit is also a threat to the press and society. Indeed, the first individual to call WikiLeaks a spy outfit, wasn’t an authoritarian dictator or a U.S. prosecutor. It was Assange himself in 2007 on the organization’s website.

That Assange refers to WikiLeaks as an “intelligence agency of the people,” right before he follows up on his March 8, 2010 agreement with Manning to crack the administrator password on her classified Department of Defense computer is no small moment. After discussing WikiLeaks as an “intelligence agency for the people,” Assange asks Manning for “more hints” about the encrypted hash.

Given that intelligence professionals and journalists both deal with information (including classified intelligence), commentators sometimes mistakenly conflate the two disciplines. Journalism, however, as a profession, does not exist in a special or exigent condition, even when media professionals are covering armed conflict or war. Journalists are neither combatants, nor spies. They are civilian non-combatants. The Geneva Conventions, for example, provide civilian journalists special protection in the context of (or related) to armed conflict as long as they do not participate directly in hostilities.

Intelligence agencies, on the other hand, conduct espionage, That is, they steal secret information from adversaries (as well as from allies with which they compete). They do this by both traditional means and by conducting cyber- or information-operations.

​Whatever Assange tells others about himself, be he aspirant spymaster, Internet librarian, publisher, hacker, and journalist (all at the same time); he is ostensibly a civilian. Both he and his organization do not exist in an information state of nature (or war) outside the bounds of international norms.

Prosecutors in Sup. 2 quote the organization’s own language to describe the purpose of its Most Wanted Leaks. Nominations for the list of targets, according to WikiLeaks, must be “‘plausibly obtainable to a well-motivated insider or outsider” and “‘described in enough detail so that..a visiting outsider not already familiar with the material or its subject matter may be able to quickly locate it, and will be motivated to do so‘” [underline added].

Outsiders are hackers.

Moreover, Sup. 2 changes the language of Assange’s overt acts. “Sources” in Sup. 1 becomes “recruits” in Sup. 2.

The Sup. 1 language of “encourage the disclosure of protected information, including classified information,” which would be expressive and protected speech, even for terrorist sympathizers, is changed in Sup. 2 to “recruit individuals to hack into computers and/or illegally obtain and disclose classified information to WikiLeaks.

Sup. 2 also quotes a number of public statements by Assange that equate the purpose of the Most Wanted List to targets for hackers. At a computer programmer conference in 2009, for example, Assange likens the list to “flags” that are captured in hacking competitions.

Finally, prosecutors cite Assange’s talk at the Chaos Computer Club in 2013 in Hamburg, Germany, where he calls on outsiders to infiltrate U.S. intelligence entities for the sole purpose of ex-filtrating intelligence and providing it to WikiLeaks. The history of espionage is replete with accounts of outsiders infiltrating the intelligence entities of adversaries (or allies) to ex-filtrate secret information for their own strategic ends. Take for example, Ali Mohamed, who infiltrated the CIA and the U.S. Army to collect intelligence on the U.S. for Al Qaeda.

In Sup. 2, prosecutors dovetail the Most Wanted List with other evidence derived from Assange’s hacker recruits (who became government informants) about Assange’s counsel to them concerning targets. Those include the U.S. government, law enforcement, U.S. allies, as well as the enemies of WikiLeaks, be they ex-staffers or other media organizations.

In this respect, prosecutors are employing the CFAA (18 U.S.C. 1030) and the Espionage Act (18 U.S.C. 793) to punish criminal acts conducted by foreign or domestic actors (be they spies or hackers, who may or may not be state supported), who hack the computer systems of the U.S. government (including the military) for the purpose of obtaining national defense information and foreign intelligence; as well as other information from protected computers of U.S. entities.



Mens rea for the Espionage Act

The U.S. Supreme Court has largely settled that for federal employees “national security is a vital interest sufficient to justify some intrusion into activities that would otherwise be protected by the First Amendment.”

Whether the collection or publication of such materials by civilians or the media is protected under the First Amendment of the U.S. Constitution or prohibited under criminal or civil statutes, some activities associated with this question are matters of unsettled or untested law. Who is a journalist is also less material to every consideration, because not all publishers, who are protected under the First Amendment, are journalists. Take for example, pornographers.

The legislative history of the Espionage Act demonstrates that “[c]oncerns about the dissemination of important national security information to the enemy through the newspapers was squarely in the minds of those advocating for these broad powers,” according to legal scholars. Experts, who take issue with the statute, often focus on how it is written:

“The legislative history indicates that Congress attempted to limit the government’s ability to prosecute well-meaning individuals through mens rea standards. Unfortunately, the culpability standard appearing most frequently in these statutes is that the defendant acted with the ‘intent’ or ‘reason to believe’ that the national security information ‘is to be used’ or ‘could be used’ to harm the United States or benefit a foreign nation. It is unclear whether this standard requires the government to prove that the defendant acted with the purpose of harming the United States — a standard that would protect those with benign motives — or whether the ‘reason to believe’ standard permits prosecutions based on recklessness or even negligence [underline and emphasis added]”

according to Mary-Rose Papandrea in the William & Mary Law Review.

Whether or not the the March 8 and March 10, 2010 attempted hack by Assange and Manning was successful is irrelevant to U.S. prosecutors, because it demonstrates Assange’s intent to ex-filtrate classified information in an illegal manner.

When Assange agreed to help Manning crack the administrator password on her SIPRNet computer on March 8 (Ct. 2 paragraphs 1 and 2) Manning provided Assange with the classified encrypted password hash (Ct. 5). Assange faces ten years in prison if he is convicted on Count 5 alone, evidence of which is contained in the chats.

That Sup. 2 changed the language of Count 5 from “portion of the password hash” in Sup. 1 to “encrypted password hash” demonstrates how strategic U.S. prosecutors are being with this Indictment.

Press advocates will argue that encryption is a means by which journalists protect sources (and themselves) from retaliation by state or malicious non-state actors. But, they will be making the prosecution’s case for them for Assange’s intent and knowledge for the Espionage Act for Counts 15-17, which deal solely with the publication of the names of intelligence sources of the U.S. government.

Counts 15-17 relate specifically to acts of publication narrowly tailored to the names of cooperative Afghan and Iraqi military and foreign intelligence sources of the U.S. In Sup. 2, the U.S. added the language of distribution to publication: that is, “distributing them and then by publishing them and causing them to be published on the Internet.”

These three Counts are reminiscent of a 2019 attempt to expand provisions of the 1982 Intelligence Identities Protection Act, which makes it a federal crime to reveal the identities of agents, who are civilian and military officers who reside abroad and whose identities are classified; or U.S. citizens or foreign nationals, who reside abroad and whose relationship with the U.S. government is classified.[2]

In Sup. 2 prosecutors highlight Manning’s caution to Assange that there is a username, her own, in the GTMO DABs that she uploaded to WikiLeaks, and that “any usernames should probably be filtered, period.” Prosecutors set this against Assange’s own disregard for the harm that might befall U.S. intelligence sources. In an August 2010 interview, cited in Sup. 2, Assange called it

“‘regrettable’ that sources disclosed by WikiLeaks ‘may face some threat as a result.’ But, in the same interview, ASSANGE insisted that ‘we are not obligated to protect other people’s sources, military sources or spy organization sources, except from unjust retribution,’ adding that in general ‘there are numerous cases where people sell information…or frame others or are engaged in genuinely traitorous behavior and actually that is something for the public to know about'” [underline added].

Evidence like the username that Manning mentions also goes to the knowledge or reason to believe element of the Espionage Act offenses for collection (Cts. 3-14): namely that Assange was aware who his recruits were and that what they were doing was illegal before conspiring with them to hack the U.S. government or protected computers of U.S. entities.

Moreover, whatever the organization’s representations about its mission to protect sources by not knowing their identities and by means of encryption, WikiLeaks did not have a publicly facing, purportedly anonymous submission system in and around June 2010 to May 2015 (that is, for most of the period relevant to the charged offenses). I expect evidence from government witnesses to impeach these assertions to get at the knowledge element of the Espionage Act against Assange for Counts 3-14.

Indeed, Sup. 2 is a detailed catalog of expected evidence about Assange’s knowledge about his hacker recruits, and his intentions to conspire with them willingly in illegal acts. Assange, for example, had planned upcoming releases prior to the proceeds of hacks ever having been conducted against targets that Assange himself suggested to his recruits. As cited in Jeremy Hammond’s exchange with Hector Xavier Monsegur (“Sabu”), Hammond complains that:

“the incompetence of his fellow hackers was causing [Hammond] to fail to meet estimates he had given to [Assange] for the volume of hacked information that Hammond expected to provide WikiLeaks, writing, ‘can’t sit on all these targets. dicking around when the booty is sitting there…especially when we are asked to make it happen with WL. We repeated a 2TB number to JA.'”

Sup. 2 also references the negligence of Assange and his organization with regard to the manner with which unredacted names from the the SIGACTS and the State Department cables made their way onto the Internet in 2011.

Finally, evidence derived from Thordarson will likely go to the U.S. case for knowledge or intent for the Espionage Act relating specifically to the dissemination and then publication of the names of foreign intelligence sources from the State Department cables (Ct. 17). Assange reportedly used Thordarson to vet publishers for the release of those documents.



SIGACTS (Ct. 15-16) (Late December to February 3, 2010)

In a similar vein, Manning’s ex-friend, who was a WikiLeaks associate at the time of the charged offense for Counts 15-16 will be central to Assange’s mens rea for the dissemination and then publication of the names of cooperative Afghan and Iraqi military sources in the SIGACTS.

The U.S. can prove attribution for Assange in the chat exchanges with Manning with both circumstantial and direct evidence, including Assange’s sworn affidavit.[4] Two human sources (US Person 1 & 2) have corroborated Assange’s Jabber account information for the U.S. government.

US Person 2 is Adrian Lamo (deceased). The criminal complaint cites Manning’s comments to Lamo in the widely known chat logs from May 2010 about Assange’s Jabber usage, her having developed a relationship with Assange, and her confessing to being a WikiLeaks source.

In a sworn statement at her court-martial, Manning stated that she did not know, who her Jabber interlocutor was (suggesting that it could have been Daniel Domscheit-Berg or Assange). But, Manning herself changed the Jabber moniker for to Julian Assange on May 17, 2010.

The criminal complaint also states that U.S. Person 1, who had met Assange in Berlin in 2009, communicated with him until the summer of 2010 via the same Jabber chat moniker that Manning did. US1 also states that Assange used that moniker until the summer of 2010.

While the existing chat excerpts date between March 5 to March 18, 2010, Sup. 2 explicitly states: “No later than January 2010, Manning repeatedly used an online chat service,, to chat with ASSANGE, who used multiple monikers attributable to him.” The cogency of the amended language of Sup. 2 is notable, as previously discussed. Computer forensic evidence used at her court-martial evidences a creation for her Adium contact list, which included Assange’s moniker, as January 25, 2010.

Two days after Manning’s Adium contact list was created (January 25, 2010) she attended an open-software event in Boston (January 27, 2010) where she met, David House, who the The New York Times reported in 2019 was a WikiLeaks volunteer between 2009 and 2013.

With the renewed criminal investigation into Assange in 2017, prosecutors subsequently granted House immunity, and he testified at a grand jury empaneled in Alexandria, Virginia. Prosecutors reportedly showed House chats between himself and Assange documenting an argument between the two concerning the publication of unredacted names in unidentified material, according a 2019 report by Kevin Poulsen.

Given that Manning was otherwise deployed in Iraq (except for a short stint on leave to Boston and Maryland between January 23 and February 11, 2010), the field of possible choices for the unnamed US person, who was “an acquaintance of Manning since early 2010,” and who in 2011 and 2012 “became a paid employee of WikiLeaks, and reported to ASSANGE and [Sigurdur “Siggi” Thordarson],” who Siggi also later tasked to “decrypt a file stolen from an Iceland bank” is narrow.

In the week after Manning met House face-to-face in Boston, she announced to unidentified parties on WL IRC that she possessed “information would help document the true cost of the wars in Iraq and Afghanistan,” and, more importantly, she uploaded the SIGACTS to WikiLeaks (February 3, 2010). Manning was able to do this on leave, because she had already transferred them from the secured intelligence shop, where she worked in Iraq, to her laptop (on January 8, 2010). The next day is when she drafted the text file to accompany her leak:”This is possibly one of the more significant documents of our time, removing the fog of war, and revealing the true nature of 21st century asymmetric warfare” (January 9, 2010).

Bear in mind too that Manning testified that she only began following WL IRC in January 2010. Yet, within a week, she had already downloaded the SIGACTS and penned that text file.

On January 23, 2010, she traveled state-side on leave from Iraq.

In addition to House, also in attendance at the January 27, 2010 open-software event in Boston was their mutual friend, Danny Clark. Incidentally, House told Democracy Now in 2011 that a mutual friend informed him of Manning’s arrest, the week it happened. Manning later testified that, that friend was Clark.

Three days before Manning uploaded the SIGACTS to WikiLeaks (on February 3, 2010) Clark and Manning communicated by encrypted emails (and indications are by encrypted chat) (on January 29, 2010). Manning also wiped her computer two days later (January 31, 2019).

Manning stated that she also began downloading the SIGACTS in late December (the process took her two weeks). That is the time frame for the beginning of her encrypted chats with Danny Clark. Clark also set Manning up with PGP on January 29, 2010 days before she wiped her computer before uploading the SIGACTS to WikiLeaks.

Manning remained in communication with House and Clark afterward the leak of the SIGACTS. Manning, Clark, House, and others were on a group email on May 19 and 20, 2010. Clark told Manning he would contact her via encrypted chat in the evening of May 19, 2010.

Over these two days, Manning would tell multiple parties, who did not already know, that she was a WikiLeaks’ source.

On May 20, 2010, Manning emailed Eric Schmiedl, who had also been in attendance at the January 27, 2010 open-software event, and revealed to him: “I was the source of the 12 JUL 07 video from the Apache Weapons Team.” The same day Manning reached out to Adrian Lamo (May 20, 2010), a mutual friend of his and House, emailing him multiple times that day before the infamous chat, later published by Wired.

Lamo testified that he didn’t decrypt Manning’s emails, but turned them over to law enforcement. Lamo also testified that the chats with Manning began the same day as those emails (May 20, 2010).[1] By the next day, Lamo had already reached out to a former U.S. Army counter-intelligence agent (on May 21, 2010).

As a result, Manning was taken into military custody (May 27, 2010).

In addition, Lamo gave law enforcement logs of his July 21, 2010 chat with Danny Clark, which likely precipitated the FBI officially joining the multi-agency probe into the 2010 leaks. The FBI did so specifically to investigate civilians (that occurred on July 28, 2010).

In July 2010, Lamo told The New York Times:

“Mr. Lamo said that he believed that a person with ties to WikiLeaks had helped Private Manning set up encryption software that would have allowed him to e-mail small bits of classified data outside the military computer system without detection. According to Mr. Lamo, the small bits were meant to attract the notice of Mr. Assange. [] Mr. Lamo acknowledged that he had no direct evidence that Private Manning had help. He said he based his belief on information from people who knew Private Manning, not on his contact with the soldier himself. Asked if Private Manning had ever told him of any WikiLeaks assistance, Mr. Lamo replied, ‘Not explicitly, no’ [underline added]”

Lamo also told The Washington Post the same month:

“Manning lacked the technical expertise to obtain and transmit all the data and received help from people who worked with WikiLeaks. ‘There was overlap between people who were his friends and people working with WikiLeaks.’ […] [Manning’s unidentified friends] made [Manning] feel real cool by putting him in touch with Assange,’ he said. ‘They were WikiLeaks’ “shopper” for classified information. There are at least two people in his social circle who are in contact with WikiLeaks.‘ [underline added]”

Although, Lamo himself did not know “how Manning’s friends came to know or work with WikiLeaks.” Those two friends were David House and Danny Clark.

Moreover, law enforcement obtained the server that hosted the IRC network for the 2600 hacker community for the period relevant to the charges against Assange related to Manning (November 2009 to May 2010).

Prosecutors, therefore, could have forensic evidence related to the WikiLeaks IRC channel from at least November 2009 to March 5, 2010, the start date of the existing chat excerpts between Manning and Assange.



[1] The chat logs between Lamo and Manning are classified SECRET by cyber-command. Therefore, there is no way to compare the ones obtained by law enforcement with the one’s published by Wired. But, as a matter of curiosity, I wrote in 2011 that there appears to be two days missing from the published Lamo/Manning chats.

First, Lamo testified that the chats with Manning began on May 20, 2010 and ended on May 26, 2010. The only extant published exchange between Lamo and Manning are believed to be between May 21 and May 25, 2010. Second, despite Lamo’s sometimes contradictory public statements, according to his sworn testimony, he contacted a former U.S. army counterintelligence agent (May 21, 2010) the day after the chats began (May 20, 2010).

The only published exchange between Lamo and Manning between May 20, 2010 and May 21, 2010, occurred on what is believed to be May 21, 2010, the day Lamo contacted law enforcement through his intermediary (Timothy D. Webster), according to Lamo’s sworn testimony. It consists of the following message from Manning to Lamo:

(1:40:51 PM) bradass87 has not been authenticated yet. You should authenticate this buddy.
(1:40:51 PM) Unverified conversation with bradass87 started.
(1:41:12 PM) bradass87:
(1:44:04 PM) bradass87: how are you?
(1:47:01 PM) bradass87: im an army intelligence analyst, deployed to eastern baghdad, pending discharge for “adjustment disorder” […]in lieu of “gender identity disorder”
(1:56:24 PM) bradass87: im sure you’re pretty busy…
(1:58:31 PM) bradass87: if you had unprecedented access to classified networks 14 hours a day 7 days a week for 8+ months, what would you do?
(1:58:31 PM) < AUTO-REPLY >: Tired of being tired
(2:17:29 PM) bradass87: ?

Classified information remains so, even after a leak. The published Lamo/Manning chats contain classified information, even if alleged excerpts were permitted for use at trial. For the purpose of criminal trials, however, classified information cannot be discussed openly in court. The chat logs may be classified, because Manning discussed closely held information, for example, foreign intelligence collection by the NSA.

[2] The CIA had pushed to expand the time period from five years to perpetual. It also sought to expand liability for the identification of “American citizens who serve as classified agents or informants for intelligence agencies, or otherwise help them. Currently, the identities law covers only classified informants who reside and act abroad.” according to The New York Times.

[3] Commentators often remark concerning the U.S. prosecution of Julian Assange, that he should not be persecuted for WikiLeaks most famous Manning publication, a video of the 2007 Apache airstrike in Iraq that killed two Reuters journalists, which the organization entitled Collateral Murder. This video has not been charged against Assange. Further, the U.S. accepted Manning’s plea to a lesser included offense for the video. In other words, Manning was not convicted of espionage (18 U.S.C. 793(e)) for disclosing the video to Assange and WikiLeaks. The video was unclassified. A transcript of the pilots in the video had been already published in David Finkel’s book The Good Soldiers. So the material was not closely held.

[4] Assange arrived in Iceland in November 2009, according to Daniel Domscheit Berg. Assange was also located in Iceland in February 2010 and working on the Icelandic Modern Media Initiative, which the two discussed; and Manning knew about the New Yorker profile on Assange, according to his chats with Adrian Lamo. That is, prior to publication.

Disclaimer: In addition to the following disclaimer for posts about WikiLeaks, I was a guest on an episode of Assange’s Russia Today TV show with others, described in paragraph 72(c) of the Sup. 2 Indictment as “participants in the Occupy Movement.” Additionally, a May 6, 2014 question and answer with Sarah Harrison, who is described as WL Associate-4 in paragraph 88, that I conducted with her on stage at the re:publica conference in Berlin, Germany, is referenced, and Harrison’s response to a question that I posed is quoted in the Sup. 2 indictment.