Posted by By Raymond Maingire
HARARE – High Court Judge, Chinembiri Bhunu, has reserved judgement on the application by the State to bring in email evidence allegedly downloaded from the laptop of Peter Michael Hitschmann, a key witness and alleged accomplice in the terrorism case of MDC treasurer general, Roy Bennett.
.
.
.
.
..
.
Editors Note:
Readers should note that ALL emails contain a “Header”. Inside that header is the “Source” IP and the “Destination” IP. Also contained in this “meta Data” are the internet providers who delivered and received the email.
Further “Meta data” describes the routing path, date and times of transmission and receipt.
Bennetts Lawyer needs to ask for this data. If the Emails are genuine, they will prove who was where and who sent them. (Editor)
.
.
.
.
.
.
.
.
After the court had ruled as inadmissible evidence sourced through the so-called confessions from the firearms dealer, the prosecution, led by Attorney General Johannes Tomana now seeks to have the emails messages in question used as evidence of communication between Hitschmann and Bennett.
But the defence has challenged the production of the emails which it says could have been created by State security agents.
The State says the emails contain details of the alleged conspiracy between Bennett and Hitschmann to commit acts of insurgency and banditry.
“The State, My Lord, has been barred from relying on the admissions which were specified in this court, namely handwritten statements by Peter Michael Hitschmann, video evidence and the sworn statement by the witness,” said Tomana.
“For that reason, it has abandoned the use of those three admitted statements.
“These (emails) are documents separate from any admission that Peter Michael Hitschmann placed. These are documents which were found independently and separately from the admission. The objection by the defence counsel is ill-founded and must be dismissed.”
Tomana said the State was producing the printed emails as evidence to prove that there is such evidence.
Tomana was adamant the emails were “verifiable evidence” which must be treated separately from the other pieces of evidence which were ruled as inadmissible by the court.
“The emails contain relevant executive statements between the witness and the accused person and there is no rule of admissibility that bars this court from accepting them,” said Tomana.
The State on Wednesday called one Precious Nyasha Matare, a Central Intelligence Organization (CIO) operative, who works as a typist.
Matare told the court she was summoned by the police in Mutare soon after Hitschmann’s arrest on March 6, 2006, to assist them download the emails from Hitschmann’s laptop. The laptop is among the items which are being held by the State as exhibits.
On her part, Matare said she found Hitschmann in the office of the then Officer Commanding Manicaland Province, Senior Assistant Commissioner Ronald Muderedzwa. She says she was asked to print the emails following directions from Hitschmann, who was in handcuffs and leg irons.
Matare told the court she recognized the documents when they were produced before her through the email addresses which were there.
“My Lord,” said lead defence counsel, Beatrice Mtetwa, in her submissions,” the witness says that she is a typist. I do not believe that gives her the expertise to give evidence as to the origins of the emails.
“From her emails,” she added, “she clearly does not know the addresses of the various parties and she clearly cannot say the emails came from whom going where.
“The witness says she found the laptop on the table but does not tell us how the laptop came to be there.
“What was done by persons from the President’s office without following the proper procedure cannot be ruled admissible. My Lord, there can be nothing independent about emails that were printed in the same unfree circumstances as the other statements.
“This is particularly so, My Lord, as Hitschmann has already said that such emails were shown to him and does not know their origins.”
Mtetwa further contends the police should produce expert evidence to prove the emails were, indeed, an exchange between Hitschmann and Bennett.
“There is nothing, My Lord, which indicates that without a proper foundation and we respectfully submit that they remain prejudicial to the accused,” Said Mtetwa. “We, therefore, remain resolute to their production.”
After both submissions were made, Justice Bhunu reserved his judgement to Wednesday February 3, 2010.
Should Bhunu rule against the production of the emails, the State’s case will further crumble. The emails have become the last piece of evidence at the disposal of the State as it seeks to link Bennett to the offence, which carries a death penalty in the case of a conviction.
After adjournment the previous day, the matter opened Wednesday with Hitschmann telling the court that he was not the owner of all the weapons produced as exhibits in court.
Hitschmann further said the exhibits produced in Bennett’s trial were half of those produced in his own trial. In that case Hitschmann was acquitted on that particular charge but convicted on a lesser one.
The firearms dealer further said he did not know why the State summary in his case was different from that of Bennett, who is being charged of the same offence.
He also told the court that during his own trial in 2006 there was no mention of any email communication and bank deposits allegedly made by Bennett and that police did not seek his assistance in accessing his Mozambican account which he says is for his normal business transactions in the neighbouring country.
Hitschmann told the court he was not present when the emails were being downloaded from his laptop. He said he did not know the origins of a CD or of a desktop computer hard drive that were allegedly recovered from him.
The court also heard that the police did not highlight in their investigation log that they had recovered a laptop from him or that they had downloaded any emails, something that is a requirement during police investigations.
Asked if this was normal, Hitschmann, a former police officer responded, “It is not only abnormal, it is also dangerous, My Lord.”
Hitschmann also told the court he did not consider himself a hostile witness as has already been declared. He said he had tried to cooperate with the state.
Hitschmann further said he was only made aware he was being treated as co-accused with Bennett in October 2009 when he was being sub-poenaed to testify in the MDC official’s trial.
“It was never very clear whether I was the chief conspirator or deputy chief conspirator,” he said. “What I know is that I was not a conspirator.”
Additional Reporting: The Zimbabwe Times
Analyzing e-mail headers and tracking e-mail
The complete headers provide much information on the origin of a message and are a useful tool for tracking and stopping SPAM and virus-laden e-mail. Most e-mail readers only show the To: and From: headers, which can be easily forged. The complete message headers will look something like this:
Return-Path: [fake@address.com]
Received: from server.mymailhost.com (mail.mymailhost.com [126.43.75.123])
by pilot01.cl.msu.edu (8.10.2/8.10.2) with ESMTP id NAA23597;
Fri, 12 Jul 2002 16:11:20 -0400 (EDT)
Received: from aol.com (127-34-56-98.dsl.mybigisp.com [127.34.56.98])
by server.mymailhost.com; Fri, 12 Jul 2002 13:09:38 -0700 (PDT)
Date: Fri, 12 Jul 2002 13:09:38 -0700 (PDT)
From: Hot Summer Deals
To: My.Friends@pilot.msu.edu
Subject: Just what you’ve been waiting for!!
In particular, the header lines beginning with Received: provide a trace of the message from its origin to your mail server. In many cases with spam and virus e-mail, not all of the information in the “Received:” headers can be trusted, but it can still provide many valuable clues as to the message source.
The first step in the analysis process is to find the full e-mail headers. The method for doing so varies depending on your mail reader. Consult the document Finding full e-mail headers for details.
What not to trust in mail headers
The above example is contrived, but illustrates several of the aspects of common forged e-mail headers. Of course, you may be lucky enough to have received a message from a verifiable source; if so, you will find some consistency to the results seen when analyzing the headers.
In the above example, the following headers are contrived by the sender’s system:
To: My.Friends@pilot.msu.edu
The contents of the To: header can be arbitrary. There is no account “My.Friends” at MSU. The true recipients of a message are determined by the e-mail “envelope” address, which is not displayed in these headers.
From: Hot Summer Deals
Likewise, the sender’s name is arbitrary. There may or may not be an account named “hot_deals” at AOL, and the sender may not be the valid owner of the account if it does exist.
Analyzing the “Received:” headers
The most useful clues to a message’s origin come from the headers that begin with Received:. Each mail server which handles an e-mail message adds a Received: header set to the front of the message; the first set is therefore added by your mail server. For this example, we’re assuming you read e-mail delivered to MSU’s Pilot e-mail system.
Let’s start with the first header:
Received: from server.mymailhost.com (mail.mymailhost.com [126.43.75.123])
by pilot01.cl.msu.edu (8.10.2/8.10.2) with ESMTP id NAA23597;
Fri, 12 Jul 2002 16:11:20 -0400 (EDT)
In this header, you see that the message was received by a Pilot mail server (pilot01.cl.msu.edu); the remainder of this line contains version information and the message id assigned by the Pilot mail server. The time stamp shows when the message was delivered to Pilot.
The first line shows three important pieces:
Mail server IP address: 126.43.75.123
This is the Internet IP address from which Pilot received the message.
Mail server domain name: mail.mymailhost.com
This is the domain name (DNS name) which matches the above IP address.
Mail server identification: server.mymailhost.com
This is what the server claimed its name to be. This may or may not agree with the domain name; a mail server may have more than one identity.
The second header gives more clues:
Received: from aol.com (127-34-56-98.dsl.mybigisp.com [127.34.56.98])
by server.mymailhost.com; Fri, 12 Jul 2002 13:09:38 -0700 (PDT)
In this header, the receiving mail server name (server.mymailhost.com) matches the name shown in the first header (so far so good). The first line of this header reveals the source:
Originating IP address: 127.34.56.98
This is the Internet IP address from which the remote mail server received the message.
Originating domain name: 127-34-56-98.dsl.mybigisp.com
This is the domain name (DNS name) which matches the above IP address. This reveals that the IP address may be owned by an organization known as “mybigisp.com”. This would appear to be a high-speed DSL subscriber to mybigisp.com, but only that organization can tell you for certain.
Originating system identification: aol.com
This is what the originator claimed its name to be. In this case, the sender is claiming to be “aol.com”, but the source IP address and domain name do not fit.
From these headers, the most reliable identification of the message source is the sender’s IP address, 127.34.56.98. A number of tools are available for verifying the owner of an IP address. The authoritative reference for IP addresses is the American Registry of Internet Numbers. Using ARIN’s “Search WHOIS” tool (or one of the other tools), you can find the identification of the IP address owner. In most instances, a message to “abuse@organization” will do the trick; be sure to include the message with its complete headers.
Note that there may be additional Received: headers that were generated by the originator of the “spam” e-mail (or by a mail virus). In general, you can only trust the “Received:” headers as far as you can verify them. If you are uncertain about their authenticity, you should go with the last one which is verifiable.
Thanks for this M Mugabe. Very Informative. (Editor)
Like or Dislike:
0 
0
E mails are not safe at all, there are programs that do some password cracking. For example Geoffrey Nyarota, the Zimbabwetimes editor, had his email invaded. The invaders were saying that Nyarota is stranded and needs some money. Mugabe must have his computer programmers who crack people’s passwords. I remember an editor of the chronicle newspaper whose email was cracked by the CIO. Banks in South Africa discourage internet banking in a cafe because of these spy softwares. Computer programmers and telecommunication engineers can play some dirty tricks.
Like or Dislike:
0 
0
This court proceeding is showing or demonstrating why it is important to perform at the standards by the process set to the best of one’s ability. Even if it was possible for the judge to ere in this case and tilt towards the AG the damage has been exposed bare. If I was Judge Bhunu, I would confess to the poor level of work displayed at this court proceeding.
• Imagine an AG demoting himself to the level of prosecutor;
• Blurred separation of powers between Minister of Home Affairs and Justice;
• Failure to gather evidence
• Use of torture as an acceptable tool to gather information
• The use of torture as an acceptable tool to gather information
Hope I do not add the judge into this class of poor performers in case he were to exonerate all this bizarre case.
Like or Dislike:
0 
0
THis is what ZUMA is telling us to just park and ignore?? The AG is now desperate where was this evidence?? why is it sudenly coming now after their main witness has turned against them?? They can try all they can but they really have northing against this guy. Weather he is guilty or not they went about it the wroung way. they had years to prepare for this how come they are still here. If he was really guilty or if they had enough evidense he would be in jail by now.
So please we have b**** problems and we need to move on as a country.
Like or Dislike:
0 
0
keep on keeping on bennett. they are toothless bulldogs
Like or Dislike:
0 
0
Tomana has degraded himself, just like gono they have spoiled their profession. The both should work for zanu as a lawyer and treasurer respectively, that’s where they belong where there is corruption and madness.
Like or Dislike:
0 
0
Guys, please say a little prayer for our stupid friend Tomana. He is now clutching at straws. Imagine a typist as an expert witness on IT matters! Whaw! Go ahead Johannes, take instructions from Jonathan and end up looking like Sabhuku Chigwedere. And while you are at it, remember e-mails can only be used as supportive evidence after a real IT expert has demonstrated that they truely originated from Bennet or Hitschmann’s computers. Presenting phoney e-mails as the only evidence is a pathetic and shoddy piece of work.
Like or Dislike:
0 
0