The Julian Assange extradition to Sweden appeal is to be read out / published / streamed live by Sky News on Wednesday morning:

Wednesday 30 May 2012
9:15am
Courtroom 1

http://www.supremecourt.gov.uk/current-cases/CCCaseDetails/case_2011_0264.html

"Whether a European Arrest Warrant ("EAW") issued by a public prosecutor is a valid Part 1 EAW issued by a "judicial authority" for the purpose and within the meaning of sections 2 and 66 of the Extradition Act 2003. "

The Assangistas do not appear to have noticed how the choice of Supreme Court Justices to hear this case, appears to be stacked against Julian Assange,
if you assume that they are not ignorant of the WikiLeaks media hype and allow this to influence them to some extent in this European Arrest Warrant case.

Lord Phillips of Worth Matravers

lord_phillips_thumb.jpg

"Lord Phillips is the first President of The Supreme Court, having been Senior Law Lord from 1 October 2008. He was previously the Lord Chief Justice of England and Wales."

As the President of the Supreme Court, he could decide to make the lead opiion, on the important legal point of the use or abuse of European Arrest Warrants, a system which must be reformed.

Or he could leave it to Lord Brown's last judicial opinion before retirement.

Lord Brown of Eaton-under-Heywood

lord_brown_thumb.jpg

Techically he has retired from the Supreme Court on his 75th birthday on the 9th of April, but the Supreme Court has discretion to appoint recently retired Justices and he had not yet retired when the case was being considered from January onwards.

He produced the lead opinion in the Law Lords (who were re-branded as the Supreme Court) in their rejection of the Appeal by Gary McKinnon extradition to the USA case. Assange is correct to fear that he may be extradited to the USA to face simuilar computer hacking of US military computer charges or worse.

http://www.publications.parliament.uk/pa/ld200708/ldjudgmt/jd080730/mckinn-1.htm

He even managed to sneak in some damaging nonsense implying that the as yet unproven allegations against Gary McKinnon regarding the New Jersey naval base, were somehow akin to creating a danger to navigation i.e. like a Cornish Wrecker or someone who moves marker buoys etc.

"the equivalent domestic offences include an offence under section 12 of the Aviation and Maritime Security Act 1990 for which the maximum sentence is life imprisonment."

even though the US authorities have never alleged this and any Naval Captain should be
court martialled if he relies on unencrypted internet emails, rather than lookputs, radio, radar, sonar, charts, Global Positioning Satellite systems etc. for navigation or the safety of his ship.

Lord Phillips of Worth Matravers was content to agree with Lord Brown over the Gary McKinnon appeal rejection, so he is likely to do so again, if Lord Brownis given the job of writing the lead opinion.

The Assangista conspiracy theorists do not seem to have realised that "Lord Brown also served as President of the Security Service Tribunal from 1989 to 2000, President of the Intelligence Services Tribunal from 1995 to 2000, Intelligence Services Commissioner from 2000 to 2006"

As a Regulation of Investigatory Powers Act 2000 (RIPA) Commissioner, his bland, uninformative Annual (censored) Reports to the Prime Minister are notable for their utter lack of any criticism of the British Intelligence Agencies whatsoever.

He utterly failed to convince anyone that the role of Intelligence Services Commissioner provided a method of "security cleared" protection for the general public against any bureaucratic excesses or malpractice by GCHQ, MI5 the Security Service or MI6 / SIS the Secret Intelligence Service

Lord Brown will be completely familiar with the "special intelligence relationship" i.e. "bend over backwards to the USA" attitude

It will be utterly astonishing if Lord Brown finds in favour of Julian Assange.

Lord Kerr of Tonaghmore

lord_kerr_thumb.jpg

Lord Kerr is a former Crown Prosecutor and then Chief Justice of Northern Ireland i.e. he and his family have been / still are under the threat of assasination and worse by terrorists,
Several of his colleagues will have been threatened or killed during "The Troubles".

He is likely to be very familiar with the need to protect the identities and lives of Covert Human Intelligence Sources.

He is extremely unlikely to be sympathetic to Assange's recklessness / malice in publishing the unredacted names of people mentioned in the WikiLeaks US Diplomatic Cables and the Afghan and Iraq war diaries and even the personal details of the
hated and derided, but still legal British National Party members, some of whom were then harassed.

Lord Wilson of Culworth

lord_wilson_thumb.jpg

A recent appointee to the Supreme Court, he "was a judge of the Family Division of the High Court. From 2005 until May 2011" presumably he will be familiar with "he said / she said" domestic arguments and alleged sexual offences between initially consenting adults.

At a guess he will be the most sympathetic to Assange's "rape trial by media", but he is unlikely to dissent from the lead opinion of his more senior colleagues.

The only thing worse for Julian Assange than a rejection of his Supreme Court Appeal, in which case he will be sent off to Sweden forthwith (assuming that the European Court of Human Rights does not allow an appeal), would be for the Supreme Court to allow his Appeal.

If Julian Assange is not to be extradited to Sweden on the dusbious "invetigation without charge" European Arrest Warrant, then he will be far more likely to be arrested and held in the United Kingdom, if the United States authorities unseal their Grand Jury Indictment of him in relation to the Bradley Manning military case, which appears to have provided WIkiLeakS/org with so much material.

Extradition from the UK to the USA requires no prima facie case, just like the European Arrest Warrant and so it is much more likely to happen from the UK than from Sweden.

The increasingly Julian Assange centered WikiLeakS.org project recieved a media hype and publicity boost before Christmas 2011, when they appear to have been handed some or all of the hacked emails from the pretentious "private intelligence agency" company Stratfor.

Some of the "Anonymous" / "LulzSec" gang of hackers, who were under the influence and perhaps the control of an FBI coerced informant and agent provocateur (Hector Xavier Monsegur supposedly the LulzSec twit "Sabu") have been arrested and charged with this computer crime. They even stored the alleged millions of emails from Stratfor on a server under the control of the FBI.

See The Register: Stratfor email hackers were tricked into using Feds' server

There has been no noticable support for any of them by Julian Assange, even though at least two of them (Ryan Ackroyd "Kayla", Jake Davis "Topiary") have been indicted in the USA and could be facing extradition from the United Kingdom, unlike Assange himself, who is fighting an unjust European Arrest Warrant extradition to Sweden on sexual offences charges.

See Public Intelligence (a website which, unlike WikiLeaks.org anymore, does actually allow comments from the public on the censored or restricted documents it publishes) Anonymous/LulzSec Sabu, Kayla, Topiary, Anarchaos, Palladium, Pwnsauce Indictment and Criminal Complaints

All the above is background information relevant to the question in the title of this blog post: Why has WikiLeakS.org not published any Stratfor email headers ?

WikiLeakS.org has been milking a very small selection of Strafor emails for "maximum publicity", but with almost zero political impact, since 27th February, when they launched a subection of their main website (not, this time, chossing to use a subdomain or a different domain name like they did for collateralmurder.com)

The Stratfor emails are being touted as The Global Intelligence Files, using similar hype to that which the notorious and obviously cyber security inept Texas based private think tank likes to puff itself up with.

Julian Assange / @wikileaks twitter feed has been claiming that the formerly private rumours and speculation by Stratfor employees such as Fred Burton, who used to be employed by the US Government, are somehow actually official US Government policy or the "truth", even when other Stratfor employees have, sensibly, tagged such rumours as "single source" or "unverified".

The claim by WikiLeakS.org is that they are publishing 5 million emails, but they have not actually done so.

They have published 935 extracts in just under a month. At that rate it will be about 96 years before they publish 5 million email extracts. Surely even the second (or third) division media partners listed by WikiLeakS.org, since Julian Assange has lost the trust of The Guardian, the New York Times, Der Spiegel etc. etc., will have moved on to other stories by then ?

Despite claiming to have somehow invented "scientific journalism", whereby the original document sources of information for a story are made available to the public for expert analysis, Julian Assange has not done this with the Strafor emails, since the extracts do not contain any actual email header information, listing email clients, mailservers and IP addresses etc.

Why not ?

  • What is Assange hiding ?

  • Did the FBI controlled "Sabu" make sure that WikiLeakS.org only got a censored version of the Stratfor emails ?

  • Since there is no WikiLeakS.org secure document submission system, or published PGP Public Encryption Key, how did the Anonymous / Lulzsec/ FBI contact Julian Assange / WikiLeakS.org ?

  • Did WikiLeakS.org / Julian Assange actively reach out to the pompous "Sabu" over IRC and or Twitter ?

  • Is the Stratfor email "leak" an attempt to drag Julian Assange and other WikiLeakS.org people into the credit card fraud and computer intrusion criminal cases which are currently in motion regarding Stratfor and other Anonymous/Lulzsec targets ?

Apologies for the hiatus in blogging about the WikiLeakS.org soap opera, there are plenty of better things to do with limited resources.

We cannot be bothered to remember why the WikiLeakS.org front end web server was no longer hosted by PRQ Internet in Stockholm, leading to the use of dodgy Russian "bulletproof hosting" / cyber crime friendly ISP, whilst the main website ended up at WikiLeakS.ch, with the help of the pan-European Pirate Party (a genuine political party representing a minority of IT literate voters).

There were also experiments with Cloud Hosting suppliers like Amazon EC2 in Ireland and OVH in France, but WikiLeakS.org broke their terms of service and / or they succumbed to political pressure.

Whether the actual backend server(s) are still hosted by another Swedish ISP Bahnhof in a former nuclear war shelter is unclear.

However, WikiLeakS.org website and email system now appears to be back with PRQ Internet again, the ISP which hosted them during the dangerous-internet-freedom attack through the US Federal Court system, on their US Domain Name registrar, by the Swiss private bank Bank Julius Baer.

IP address: 88.80.2.31
Host name: wikileaks.org

Alias:
wikileaks.org
88.80.2.31 is from Sweden(SE) in region Scandinavia

[...]

6 138 138 138 209.130.172.178 te-4-4-gblx.sto1.se.portlane.net
7 138 138 138 80.67.0.134 gi-1-15-i2b-demarc.sto1.se.portlane.net
8 249 141 141 193.104.214.94 -
9 139 138 138 178.16.212.34 sth-sln1-crdn-1-po-3-0-810.sitabinfra.se
10 141 141 141 178.16.212.2 cust-prq-nt.i2b.se
11 138 138 138 88.80.2.31 host-88-80-2-31.cust.prq.se

The return to PRQ Internet makes WikiLeakS.org less resistant to attacks on the DNS providers through the legal system or through Denial of Service attacks, since they only currently list the USA based DynaDot name servers:

ns2.dynadot.com [50.112.108.69]
ns1.dynadot.com [50.112.107.96]

Compare this to wikileaks.ch, which sports multiple DNS servers in multiple legal jurisdictions:

v217241437.yourvserver.net
marmotta.brabbel.ch [217.147.219.146]
lou.porcus.ch [46.20.241.57]
ns1.twisted4life.com [202.157.182.142]
ns2.easydns.com [72.52.2.1]
s2.s3cr3t.de
arjeplog.scnr.ch [80.246.50.106]
dns2.easydns.net [72.52.2.1]
dns1.syshack.org
ns1.pcdog.ch [85.124.251.171]
ns1.buzzernet.net


Julian Assange speaking at the Frontline international press club in London, on Tuesday 24th October 2011 claimed that:

On November 28th, the one year anniversary of CableGate, we will launch our new generation submission system.

That includes, not just, a public interface, but also several other mechanisms that are necessary to deal with an attack on the entire internet security system, that has been established over the last few years, by intelligence agencies and criminal groups.

(See the previous WikiLeak.org blog article
Julian Assange promises a new WikiLeakS.org submission system to launch on 28th November 1st December 2011)

However the press conference in London was postponed from Monday 28th November to Thursday 1st December at an unannounced location (which turned out to be the City University), before a pre-registered audience of picked journalists.

None of these picked journalists seemed to ask any technical questions or any questions about Assange's Extradition to Sweden case.

So where were the details of this "new generation submission system." (remember that the old one has been broken for over 2 years now) ?

There was no such launch immediate announcement , nor a date for a future launch.

There were no technical details at all

Neither was there any hint about a "look and feel" prototype or whether or not the source code would be made public to be examined by independent experts or the public

Even so, some media outlets are incorrectly reporting that a new submission system has somehow been launched !

Instead there was the announcement of yet Another Wikileaks Spin Off website which "revealed" some 280 documents, mostly sales brochures and presentations about surveillance industry products, which are used both by legitimate Governments to help track down criminals and terrorists and by illegitimate Governments to suppress political opponents and freedoms (some Governments do both at the same time).

http://wikileaks.org/the-spyfiles.html

The French media partner Owni has produced a snazzy interactive map of from this small dataset:

http://spyfiles.org

All of these documents appear to have been already published on other websites and (until some of them are removed) many are still available on the manufacturer's own corporate websites.

Nobody has so far managed to find any of these documents which was first made public by WikiLeakS.org,

This market research was actually done by by Privacy International (Eric King @e315) and The Bureau of Investigative Journalism and by associates of the German Chaos Computer Club e.g. buggedplanet.info (domain name registered by Andy Mueller-Maguhn @mueller_maguhn) etc.

So what exactly did WikiLeakS.org contribute to this research ? WikiLeakS.org and Tor associate Jacob Appelbaum (@ioerror) has been doing his own research into say, satellite phone / data links for use in "Arab Spring" countries but he probably would have done this even without Julian Assange anyway.

Julian Assange provided a media sound bite, by asking if any of the assembled picked audience of journalists had an iPhone or a BlackBerry (Julian raised his own hand to both of those) or used Gmail. He then vaguely claimed that they were "all screwed",but he provided no specific examples of which of the list of products could actually be used to snoop on journalists or innocent members of the public without their knowledge.

Presumably Privacy International and The Bureau of Investigative Journalism etc. whose representatives spoke briefly on the platform dominated by Julian Assange, are happy with the media coverage generated, something which may not be possible soon if Assange is extradited to Sweden and is held in custody again.

Some of their supporters, this blog included, are not so happy to see Julian Assange claiming all the credit for this research project, none of which actually involved the supposed WikiLeakS.org anonymous whistleblower leak submission and publication system at all.


Even though Julian Assange could very well be extradited from the UK to Sweden next week, to face non-wikleaks related sexual offences allegations

https://twitter.com/#!/JudiciaryUK/status/129846526171287552

Julian Assange appeal against extradition - the High Court will hand down judgment on Wednesday 2 November.

10:06 AM Oct 28th 2011

he has announced a new, re-engineered WikiLeakS.org submission system to be launched on November 28th 2011.

https://twitter.com/#!/wikileaks/status/128455207490293762

@wikileaks WikiLeaks
Assange: On November 28th WikiLeaks will launch new generation submissions system http://www.ustream.tv/recorded/18082417

1:58 PM Oct 24th 2011

http://www.ustream.tv/recorded/18082417

Julian Assange speaking at the Frontline international press club in London, on Tuesday 24th October 2011

Approx 1 hour 5 minutes near the end of the video clip:

The fallout from that was the we viewed that our submission system could not be trusted any more

So did everyone else with any clues about computer security and anonymity, including Daniel Domscheit-Berg and the "Architect", which is partly why they left in the first place.

As a result we have had to completely re-engineer, from scratch, a new generation submission system.

On November 28th, the one year anniversary of CableGate, we will

Now, wikileaks has never had only the one submission system. We've received information in a wide variety of means, just like intelligence agencies and professional, mainstream media organisations, receive their information from a wide variety of means.

It has been important to us, to always have a wide variety of means, so no one mean becomes the sole, the sole subject of infiltration or investigation.

However, for the last, for the last 12 months, for the last 12 months, you haven't been able to go through the front door to submit wikileaks sensitive, information

You've had to establish, contacts, with the organisation and transmit us the material through other mechanisms.

Is Assange claiming that people have actually been stupid enough to submit sensitive material to him in the last 12 months, through other means ?

Why has he not bothered to publish any of this new, "non-Bradley Manning" sourced stuff then ?

How exactly are these "other means" actually Anonymous or Secure ?

Remember that wikileaks stopped publishing a PGP Public Encryption Key years ago and their incompetence in using PGP as a means of symmetric encryption and then stupidly publishing their CableGate archive online around the world and the re-using the same pass phrase with Guardian journalist David Leigh, was an

Similarly, they stopped publishing a Tor Hidden Service even before they stopped accepting new submissions.

On November 28th, the one year anniversary of CableGate, we will launch our new generation submission system.

That includes, not just, a public interface, but also several other mechanisms that are necessary to deal with an attack on the entire internet security system, that has been established over the last few years, by intelligence agencies and criminal groups.

Right now, it is not possible to trust any https:// connection on the internet.

Utter rubbish !

Even wikileaks.org itself has, at various times, published a Self Signed Digital Certificate and has published the MD5 and SHA-1 cryptographic hash fingerprints, without relying on any built in web browser trust of Certificate Authorities.

It is not possible your banking system, it is not possible to trust any, regular, web based secure encryption system

What about banks which use SSL v3 Client Side Digital Certificates for mutual client / server authentication, without the need for any external Certificate Authority ?

That is because, intelligence agencies have infiltrated , a number of Certificate Authorities. Certificate Authorities are those authorities which
sign the cryptographic keys that are used for secure internet communication.

On November 28th, we will release our alternative to that system, which is independent of all Certificate Authorities

Is the something which Julian and his cult have created from scratch, or will they just steal / borrow the work of Moxie Marlinspike and SSLLabs etc. with Convergence ?

Remember that SSL / TLS encryption only provides Secrecy about most of the contents of an encrypted session, it does not provide any Anonymity, and, may in fact provide less anonymity than a non-SSL connection via a shared proxy server.

A question from the floor:

"I understand that you may be limited in what you can say, but how have you manage to get around the fact, that in your eyes, Certificate Authorities can't be trusted, with this particular submission system ?"

01:08:57

We will give full details here, on a conference, on November 28th

Full details ?? Don't hold your breath.

Will they publish the source code of their system, or even a detailed security architecture of what is is intend to actually do and protect against ?

On past performance, this is extremely unlikely.

I would like to say, that in that, this problem has been brewing over a number of years, and we were aware of it before, back in 2010, and we had a number of mechanisms to ameliorate that, ahh, thousands of robots that went out over the internet, to simulate being sources, to check to see, whether these "men-in-the-middle" or fabricated certificates existed.

So we had a number of different mechanisms to try to ameliorate that problem, but it is our view that the problem has now gone so severe, that even those attempts to ameliorate it, can no longer be trusted to the degree, that our sources expect us, to be able to solve the problem

More nonsense from the deliberately deceptive Julian Assange:

"thousands of robots" ??

At the time they claimed that this was to provide "cover traffic" to help to confuse Communications Traffic Analysis and thereby to improve the Anonymity of the submission system

This could not and would not have tested for any SSL "man-in-the-middle" attacks on the Security / Privacy of submissions.

Neither could it have detected compromised Certificate Authorities around the world, especially in places where the Government also controls international internet access.

Even if it was meant to do so, they obviously failed to detect a single example of such an attack aimed at wikileaks, or if they did, they must have covered it up.

Regardless of the technical merits of this new submission system, any whistleblower with really sensitive, life threatening information to publish, would have to be suicidal to trust Julian Assange and his WikiLeakS.org cult followers with it.


It looks as if WikiLeakS.org / Julian Assange's stupid decision to abandon use of PGP encryption, back in 2007 has come home to roost, with the revelation that they idiotically re-used a symmetric encryption key password and ineptly published a full archive of the controversial US Embassy / State Department Diplomatic Cables on BitTorrent peer to peer file sharing networks

The fact that they published this unredacted archive at all via BitTorrent shows how chaotic and incompetent Julian Assange and his motley crew of inexperienced acolytes had become after Daniel Domscheit-Berg and the "Architect" left them.

The end result is that there are now many people around the world, including all the repressive governments mentioned in the quarter of a million Diplomatic cables who can now simply search for key words like (strictly protect), to find the names of informants and information sources who have been in contact with US Embassy diplomats and who could therefore now be easily persecuted.

See the Cryptome.org for a direct file link to z.gpg or to this torrent link to the same encrypted compressed file via BitTorrent peer to peer filesharing.

John Young's evident glee that WikiLeakS.org have now published the full, unredacted archive of US Diplomatic Cables, is, in its own way, just as reprehensible as Julian Assange's indifference to the fate of vulnerable individual human beings named in the cables.

He of all people should know that the US Government neither has the time, the money , nor the inclination, nor the bureaucratic efficiency to warn or protect the hundreds of named informants or contacts, which have now been betrayed to the world, an action which has been universally condemned by WikiLeakS.org's former mainstream media partners and by human rights organisations.

This is in addition to the names of political dissidents who were in contact with the US Embassy in Belarus which Assange has already handed over to the Lukashenko dictatorship via the holocaust denier Israel Shamir.

Some "open source" / "full disclosure" advocates are making the spurious claim that the publication by WikiLeakS.org of the unredacted cables.csv and onto their searchable web site front end, is somehow better for any political dissidents or confidential sources who had dealings with the US Embassies and whose names are tagged with (strictly protect) and other markers.

Firstly, not all political dissidents in repressive countries have access to the internet at all, let alone to fast, secure, anonymous connections which would allow them to download the massive cables.csv file itself or to use the (insecure) WikileakS.org cable search websites.

None of these websites employ SSL Digital certificates or provide Tor Hidden services etc. to mask the identities of people searching for their own names or those of their family or friends.

Some of the people mentioned in the US Embassy cables several years ago, could in fact be in prison or under investigation for other reasons in 2011, without any or without any safe internet access at all. Being named as having been in contact with the US Embassy, even several years ago, could easily lead to charges of espionage etc. in insane countries like Iran.

Julian Assange's disregard for the Sensitive Personal Data of innocent individuals and his organisation's utter incompetence at handling such data securely, is indistinguishable from that displayed by many of the government bureaucracies you would expect him to be opposed to. Do not to trust him or WikiLeakS.org with any future whistleblower leak material, Find another post WikiLeakS.org website or organisation instead - see the listing and analyses at LeakDirectory.org wiki.

WikiLeakS.org and PGP Public Key Encryption

WikileakS.org abandoned even their limited use of PGP Encryption with the public or with the media, back in 2007, when they let their published PGP key expire.

Why have WikiLeakS.org abandoned the use of PGP Encryption ?

If they had been using Public Key Cryptography last year, to encrypt correspondence or documents or files using their recipients' individual Public Keys, then there would have been no password for the incompetent WikiLeakS.org activists to re-use .

Every copy of the controversial cables.csv file could have been encrypted with a different recipient's Public Key and would have had a different symmetric encryption key (which no human would could have been capable of revealing, even under torture).

Not even WikiLeakS.org / Julian Assange could have decrypted a seized or intercepted or publicly leaked copy of such an encrypted file, only the recipient with access to his or her own private decryption key could have done so.

Either Julian Assange is ignorant of how to use Public Key Cryptography (hardly likely for someone who has tried to write cryptographic software himself) or he and the #wikileaks twitter feed are lying again:

https://twitter.com/#!/wikileaks/status/109134616153169920

Encryption passwords (PGP) are permanent. David Leigh constantly lies, hence even in his own book, "snaky brits".

6.24 AM September 1st 2011

https://twitter.com/#!/wikileaks/status/109136557914603520

@ABCTech It is false that the passphrase was temporary or was ever described as such. That is not how PGP files work. Ask any expert.

6.32 AM September 1st 2011

To decrypt a file encrypted with PGP using a recipient's Public Key, you need to have physical access to the Private De-Cryption key, which is not accessible to anyone who copies or intercepts the encrypted file in transit.

Obviously the password which unlocks the Private De-Cryption Key from your PGP Keyring can be changed.

Symmetric encryption unprotected by Public Key encryption is just an option with PGP, but that is not how PGP is designed to be used to protect files in transit over the internet or on vulnerable USB memory sticks !

There was nothing, except for laziness or incompetence, which prevented Julian Assange or his followers from securely destroying the symmetrically encrypted cables.csv compressed file archive immediately after he gave it to David Leigh and then re-encrypting it from the master copy with a different key and passphrase. This master copy , we assume, given the dispute between Julian Assange and Daniel Domscheit-Berg, would have been held on a separately encrypted computer file system anyway.

The award winning investigative journalist at The Guardian newspaper David Leigh's book:

WikiLeaks: Inside Julian Assange's War on Secrecy by David Leigh and Luke Harding

did reveal on pages 138 to 139 an unnecessary password, which he rightly assumed would only be a temporary one, but which should never have been re-used by Julian Assange in the first place.

Leigh refused. All or nothing, he said. "What happens if you end up in an orange jump-suit enroute to Guantánamo before you can release the full files?" In return he would give Assange a promise to keep the cables secure, and not to publish them until the time came. Assange had always been vague about timing: he generally
indicated, however, that October would be a suitable date. He believed the US army's charges against the imprisoned soldier Bradley Manning would have crystallised by then, and publication could not make his fate any worse. He also said, echoing Leigh's gallows humour: "I'm going to need to be safe in Cuba first!"

Eventually, Assange capitulated. Late at night, after a two-hour debate, he started the process on one of his little netbooks that would enable Leigh to download the entire tranche of cables. The Guardian journalist had to set up the PGP encryption system on his laptop at home across the other side of London. Then he could feed in a password. Assange wrote down on a scrap of paper:ACollectionOfHistorySince_1966_ToThe_PresentDay#. That's the password," he said. "But you have to add one extra word when you type it in. You have to put the word '"Diplomatic' before the word 'History'. Can you remember that?"

"I can remember that."

Leigh set off home, and successfully installed the PGP software. He typed in the lengthy password, and was gratified to be able to download a huge file from Assange's temporary website.

So having given Leigh instructions about downloading and installing PGP software, Julian Assange failed to instruct him to generate a Public / Private key pair and to send him the Public Key, so that Julian could individually encrypt the the cables.csv compressed archive just for David Leigh and nobody else.

At the face to face meeting described in the book, Julian Assange could easily have given David Leigh a copy of a WikiLeakS.org Public Encryryption Key for him to install when he set up the PGP software on his laptop as instructed, or pointed him to an online version.

They could have agreed a pre-shared secret for extra authentication.

David Leigh could then have been instructed to generate his own Public / Private keypair (protected in his PGP Keyring by his own strong passphrase) and to send a Digitally Signed and Encrypted copy of his Public Key back to Jullian Assange via email etc. together with the pre-shared authentication secret, all encrypted with the WikiLeakS.org Public Key. This should have been sufficient cryptographic proof that David Leigh's Public Key was the correct one, since nobody else apart from Julain Assange / WikiLeakS.org could have read the contents of that message.

Julian Assange could then have encrypted the compressed cables.csv file with David Leigh's Public Key and pointed him to the secure website he had set up for the encrypted file to be downloaded from

This encrypted file could only have been de-crypted by someone in possession of both David Leigh's passphrase and the corresponding Private Key in the PGP Keyring on David Leigh's MacBook laptop.

If WikiLeakS.org had been regularly using PGP over the years, even inexperienced members of the cult would have been familiar with these simple, well documented concepts.

If that copy of the encrypted file had somehow been published by the incompetent WikiLeakS.org crew on BitTorrent, then only David Leigh could have decrypted it (assuming he was still in control of his PGP Keyring on his laptop computer) , even if he had published his own pass phrase in his book, rather than Julian's rather pompous one.

7-Zip compression

Then he realised it was zipped up - compressed using a format called 7z which he had never heard of, and couldn't understand.

The .7z file extension is used by 7-Zip . This is freely available over the internet, on various computing platforms and does offer more options for better compression than the standard .zip compression utilities which are built in to modern versions of the Microsoft Windows or Apple OSX operating systems, at the cost of longer compression times and more use of memory.

The 7-Zip Ultra compression option seems to be what the cables.csv file was compressed with down to i.e. only 21 % of its original size.

However to achieve this amount of compression on such a big file could take quite a while, perhaps up to an hour on an average PC. Unzipping is much quicker, a couple of minutes at most.

Compression is also built in to the PGP / GnuPG encryption software, but that produces a compressed file of about 640 MB i.e. about twice that of the of the 7-Zip version, about 41% of the original size of the monolithic cables.csv file.

Like most .zip compression software these days, 7-Zip also offers encryption, using the same AES 256 bit algorithm used by default by GnuPG / PGP, but Assange et al did not bother to make use of that.

He got back in his car and drove through the deserted London streets in the small hours, to Assange's headquarters in Southwick Mews

Assange was staying at Vaughan Smith's Frontline Club for investigative / foreign / war correspondent journalists, owned by Vaughan Smith, in whose Norfolk country estate has bedrooms at numbers 7 and 9 Southwick Mews

http://www.frontlineclub.com/club/bedrooms-1.php

He is now on bail and electronically tagged living at Vaughan Smith's country estate in Norfolk, where his supporters invent state surveillance fantasies for the credulous mainstream media - see "CCTV ANPR" or just "radar activated speed signs" monitoring Julian Assange at Ellingham Hall in Norfolk ?

Assange smiled a little pityingly, and unzipped it for him.

Now, isolated up in the Highlands, with hares and buzzards for company, Leigh felt safe enough to work steadily through the dangerous contents of the memory stick.

So, in the end, Julian Assange in fact actually handed over an unencrypted copy of the file to David Leigh, on an easily lost or stolen USB memory stick. If Assange really cared about protecting innocent people from evil governments, then he would not have allowed this to happen.

It is astonishing how the WikiLeakS.org cult propaganda machine has deluded itself that somehow it was David Leigh and The Guardian which was responsible for this cryptographic and internet publication incompetence, rather than the alleged technological privacy and anonymity expert Julian Assange and his supposedly expert helpers.

TextWrangler keyword search

Obviously there was no way that he, or any other human, could read through a quarter of a million cables. Cut off from the Guardian's own network, he was unable to call up such a monolithic file on his laptop and search through it in the normal simple-minded journalistic way, as a word processor document or something similar: it was just too big. Harold Frayman, the Guardian's technical expert, was there to rescue him. before Leigh left town, he sawed the material into 87 chunks, each just about
small enough to call up and read separately.

Probably 19 Megabytes for each of 86 chunks with a little bit left over in the 87th chunk.

Then he explained how Leigh could use a simple program called TextWrangler

TextWrangler is the "little brother" of BBEdit and is only available for the Apple Macintosh platform. David Leigh's laptop computer.is stated to have been a MacBook elsewhere in the book.

to search for key words or phrases through all the separate files simultaneously, and present the results in a user-friendly form.

So why had Julian Assange or his WikiLeaks acolytes not already broken the 1.6 Gigabyte file down into usable chunks and zipped them up into, ideally, several archive files for their mainstream media partners ?

This WikiLeak.org blog has criticised them in the past for not offering (multiple) floppy disk or even CD-ROM sized versions of their whistleblower leaks documents, as well as just large monolithic files.

Not everybody, especially people in third world countries under repressive governments, or even people using mobile internet devices, has access to fast broadband internet connections.

Is this the end of WikiLeakS.org ?

Now that WikiLeakS.org have no more secrets left to publish, will they actually get around to re-inventing themselves and re-launching a secure anonymous system without the destructive influence of Julian Assange ?

Or will the cult continue regardless and just get dragged into long legal cases ?

More evidence that Wikileaks' abuse of Twitter, instead of issuing proper, detailed Press Releases on their official website, gives the impression of either incompetent "investigative journalism" or just plain anti-US Government hate propaganda.

5.06 PM August 27th 2011
https://twitter.com/#!/wikileaks/status/107484074477760512

US marine kills Romanian rockstar. President promises to US embassy won't "serve a single day in prison" http://wikileaks.cabledrum.net/cable/2005/03/05BUCHAREST742.html


When did this happen ? Is that the then US President or the Romanian President doing the promising ? What sort of "killing" ?

It turns out to be the newly elected Romanian President, back in 2005 (over 6 years ago). The "killing" turns out to have the result of a traffic accident, probably involving drink driving by the US Marine who had diplomatic immunity as part of the US Embassy staff.

If you take this selective misquote from the diplomatic cable at face value you get the impression that the US Marine was to get off scot free due to some sort of political deal.

However if you actually bother to read the diplomatic cable which Wikileaks have published, in their current, "we don't care about anybody's personal information" data dump:

http://wikileaks.cabledrum.net/cable/2005/03/05BUCHAREST742.html

25.(C) Finally, the December 2004 accident involving the U.S. Embassy Marine Security Guard detachment commander that led to the death of Romanian rock star Teo Peter received wide press coverage and created public outcry. Basescu and his government are under considerable political pressure to make sure justice is done in a Romanian Court. Naturally, given that Marine Corps legal proceedings against the former detachment commander have not even begun, the question of extradition and lifting of the Marine's immunity cannot even be addressed at the present time. Nevertheless, PM Tariceanu and FM Ungureanu may ask for the Marine's return, possibly repeating a promise made earlier to our Ambassador by Basescu that the former detachment commander would receive a fair trial and, regardless of outcome, would not serve a single day in prison in Romania.

The deliberate omission of the words "in Romania" completely changes the meaning of the Tweet.

The democratically elected government of Romania is promising a fair trial and repatriation to the USA to serve any prison sentence , if the US Marine was to be found guilty of any charges. This is the normal, civilised state of affairs with most Extradition treaties around the world.

The wikipedia entry for Teo Peter has links to a few of the case.

If this deliberately misleading Tweet was from the army of Wikileaks cult hangers on, that would be bad enough. Wikileaks could, if pushed, issue an apology, and disassociate themselves from such alleged "supporters".

However this distortion of the truth is from the "official" Julian Assange controlled

https://twitter.com/wikileaks feed.

Any post-Wikileaks whistleblower websites should learn the lessons from Wikileaks and Julian Assange's increasingly inept handling of the mainstream media and social media.

The levels of disinformation, hype and spin which Wikileaks now relies on make them at least as untrustworthy as any Government or big business public relations spin doctors and propagandists.

The mainstream media have plenty of other, more current, more newsworthy stories to report on, so the effect of the publication of these diplomatic cables is now increasingly marginal and they are only of academic interest to future historians and to the world's intelligence agencies.

Why is there still no functioning WikiLeakS.org document submission system ?

It is puzzling why WikiLeakS.org, with all its army of cult followers and vastly more money than many other whistleblowing websites, has not re-launches itself with a secure, anonymous whistleblower leak submission system, so many months after it shut down.

See LeakDirectory.org for links to many of these and some analysis of the anonymity and security strengths and weaknesses of several of them.

The answer must be that Julian Assange does not want to relinquish any control or to be democratically accountable or transparent.


N.B. to be clear this WikilLeak.org blog is very often critical of Julian Assange for his control freakery, deceit, and disregard for other people's private personal data, but we do not think that he should be extradited to the USA to face espionage or other charges.

The European Arrest Warrant should not be allowed to be used to extradite Assange to Sweden from the United Kingdom for "investigation" purposes, without cross examination in a UK Court of prima facie evidence against him in the sordid sex allegations case.


Various German language online media are reporting that Daniel Domscheit-Berg has been expelled from the Chaos Communication Club after his presentation of the state of play of his OpenLeaks.org project at the 5 day Chaos Computer Camp at an ex-soviet airfield / military aircraft museum north of Berlin this week.

Chaos Computer Club schließt Domscheit-Berg aus

CCC feuert gegen OpenLeaks

This is only the second expulsion of a member in the 30 year history of the Chaos Computer Club - the previous one was, apparently some neo-nazi who had been abusing their infrastructure.

There is no mention of this bickering on either the official https://ccc.de or https://openleaks.org web pages, the participants have, instead decided to give interviews to the media, without bothering to inform their supporters directly (a couple of thousand of whom were gathered at the campsite).

leaks_taz_de_screenshot_450.jpg
(click for a larger screenshot image of https://leaks.taz.de in a new window)

https://leaks.taz.de

The test setup

From 12th to 14th of August 2011 this public platform is offered by German daily taz die tageszeitung, German weekly der Freitag, Portuguese weekly Expresso, Danish daily Dagbladet Information as well as the consumer protection organization Foodwatch; in cooperation with OpenLeaks. During this time you can upload documents, which will be worked on by the involved parties.

The goal of this setup is to invite you to do a security evaluation of the system during the Chaos Communication Camp 2011.

Surely nobody in the rest of the world, who is interested in the anonymity and security of whistleblowing website projects, ever considered that the temporary test server, set up in a in a tent on the outskirts of the main camp site infrastructure, was actually somehow being "officially" tested and "approved" by the CCC ?

Obviously, most of the people at the CC campsite were busy with the many other projects and causes, but some of the people with expertise and experience of whistleblowing website anonymity and security infrastructure, and relations with the mainstream media, were present and may have contributed to the discussions and the preview "testing".

As anybody who has attended these sort of hacker conventions should know, the mere act of putting up a webs server on the campsite network, will mean that it will be "stress tested" in a very hostile network environment, with lots of port scans and probes and attempts to hack into it and run denial of service attacks, but these would also happen if it was hosted at a major data centre.

But that should not be the only proper testing that the system gets before going live, a point on which here we agree with the CCC and which Daniel Domscheit-Berg also probably agrees with.

Endorsement by mainstream media brand names mentioned above provide far more public trust and credibility, whatever that is actually worth regarding a currently non-operational system, than any (non-existent) "CCC" branding or approval.

The CCC have never been known for having any kind of "approved by the CCC" branding or "approval" of computer or telecommunications projects and they are deluding themselves if they think they would ever be trusted internationally if they did so.

The CCC leaders' action (it is a properly registered legal entity with a board of directors, a constitution etc.) now gives the impression of siding with Julian Assange (who was never a member) against Daniel Domscheit-Berg.

As mentioned in his book, Daniel Domscheit-Berg and the other former WikiLeakS.org technical staff defector "the Architect", took away their own intellectual property and thereby disabled the "improved" WikileakS.org submission system

Julian Assange and his cult of supporters have never bothered to replicate even the shaky anonymity and security infrastructure which they were left with or re-launch a different, better, whistleblower leak submission and publication system, despite having plenty of volunteers and money to do so.

The president of the CCC Andy Müller-Maguhn, who some of us once elected to the board of the ICANN which regulates internet domain name registration and appeals procedures, seems to have been trying to mediate between Julian Assange and Daniel Domscheit-Berg for nearly a year over the return of this encrypted data to Julian Assange.

Since there is no evidence that the current WikiLeakS.org team is capable of handling the data securely (their current website does not even bother to use an SSL / TLS Digital certificate any more) they cannot be trusted any more than Daniel Domscheit-Berg can be.

The current OpenLeaks.org project may not yet have published its software as an Open Source project, which is what the purists at the CCC would like, but then neither has WikiLeakS.org nor any other whistleblower website.

Even if they did so, there is no guarantee that the specific computer and networking configuration settings and infrastructure used by a particular website are not actually counteracting any anonymity or security functions built in to the Open Source software.

All that the CCC board needed to do was to issue a press release making it clear that there was no official CCC endorsement of the OpenLeaks.org project.

The breakdown in mediation attempts the CCC may have tried between Julian Assange and Daniel Domscheit-Berg are not proper grounds for expelling the latter from the Club.

Some of the wrongdoers who have something to hide from public scrutiny and might therefore fear the OpenLeaks.org project, will be smiling to themselves at this display of disunity amongst the German section of the tiny minority of people around the world with the technical skills and attitude to make a difference.

Expelling Daniel Domscheit-Berg, without also criticising the current WikiLeakS.org cult, has damaged the reputation of the Chaos Computer Club internationally.

What about the Wau Holland Foundation and OpenLeaks.org ?

The registered charity the Wau Holland Foundation, which is controlled by CCC sympathisers, may not now be available the Openleaks.org project, as a channel for receiving financial donations from supporters, a service it currently performs for WikiLeakS.org.

If OpenLeaks.org gets some money from its media partners, this may not matter too much, but until there is a virtuous circle of whistleblower trust and actual mainstream media publication of leaks via OpenLeaks.org, they will always be short of money.

OpenLeaks.org may still be able to make use of PayPal etc., to receive financial donations from individuals, something which WikiLeakS.org no longer can do, as they have managed to annoy and get banned over the years, due to their lack of financial transparency and their perceived anti-American political bias.


Julian Assange does not seem to be waiting for any alleged US government plot against WikiLeakS.org to succeed - he is managing to destroy any public trust or credibility which the WikiLeakS.org project used to have, all on his own.

The "Confidentiality Agreement" with which he has bullied his gullible staff of "young activist" in the UK looks like the evil scheme of a bureaucratic control freak, who could easily be working for a repressive dictatorship.

Julian Assange's attempt to gag his cult followers, even against revealing the existence of the Confidentiality Agreement itself, makes it impossible to trust him when he hypocritically utters words like "transparency" or "public accountability".

WikiLeaks, get out of the gagging game

I refused to sign Julian Assange's confidentiality agreement because it would have been not just ironic, but dangerous

James Ball
guardian.co.uk, Thursday 12 May 2011 17.43 BST

Yesterday, media lawyer and legal blogger David Allen Green published the full text of the gagging order signed by almost all WikiLeaks employees earlier this year.

It's an extraordinary document. WikiLeaks staffers face a £12m penalty if they reveal any information about WikiLeaks' day-to-day operations, let alone any documents given to the whistleblowing organisation.

In a move reminiscent of the UK's reviled superinjunctions, even revealing the existence of the gagging order is itself a breach.

[...]

Yes, it was my copy of the agreement that was published.

[...]

But this document deserves to be in the public domain. Having worked for several media organisations, both print and broadcast, I'm used to confidentiality provisions.

The WikiLeaks document is by orders of magnitude the most restrictive I have ever encountered. Legal experts consulted about the document agree.

[...]

WikiLeaks is not democratically accountable. Julian's argument that it is accountable because it is funded by donations could just as equally be made of KKK, or the BNP. It has no board, or no oversight. If any organisation in the world relies on whistleblowers to keep it honest, it is WikiLeaks.

In such circumstances, silencing dissent is not just ironic, it's dangerous. WikiLeaks needs to get out of the gagging game.

The New Statesman article:

The £12m question: how WikiLeaks gags its own staff

Posted by David Allen Green - 11 May 2011 15:31

Clause 5 of this "Confidentiality Agreement" (PDF) imposes a penalty of "£12,000,000 - twelve million pounds sterling" on anyone who breaches this legal gag.

[...]

Other parts of the legal gag are just as extraordinary. The second recital paragraph, "B", provides that - like a superinjunction - the fact of the legal gag itself is subject to the gag.

So is "all newsworthy information relating to the workings of WikiLeaks". On the face of it, even revealing one is under this agreement could result in a £12m penalty, as would sharing information on how the directors conduct the organisation.

The fifth recital paragraph, "E", is just as astonishing. It purports to extend what WikiLeaks can sue for beyond any direct loss that it might suffer if the gag is breached. WikiLeaks says it can sue for both "loss of opportunity to sell the information to other news broadcasters and publishers" and "loss of value of the information".

[...]

However, for some time it has been apparent that WikiLeaks and its founder Julian Assange have had a "pick'n'mix" attitude to legal obligations. They seem to feel free from any restrictions in respect of confidentiality and official secrecy; but on the other hand they make routine legal threats, especially against the Guardian, so as to uphold their perceived rights to their supposed commercial "property" - leaked, sensitive information. Abidance by the law is, it would seem, something for other people.

The document can be downloaded from the New Statesman website:

http://images.newstatesman.com/wikileaks.pdf


The confidentiality Agreement is headed: Wikileaks ITC Ltd.

  • Who, apart from Julian Assange, are the directors and shareholders of this company ?
  • Where is it actually legally registered ? (not in the United Kingdom, according to Companies House)
  • What financial assets does it have ?
  • What intellectual property is it claiming to own ?
Inside_Wikileaks_front_cover_450.jpg
Inside Wikileaks: My Time with Julian Assange at the World's Most Dangerous Website, by Daniel Domscheit-Berg

* Paperback: 304 pages
* Publisher: Jonathan Cape (15 Feb 2011)
* Language English
* ISBN-10: 0224094017
* ISBN-13: 978-0224094016

Whether you love or hate WikiLeakS.org, this book is essential reading, especially if you are writing your own book or documentary about this project.

This book does at last confirm our fears about some of the deceptions, exaggerations, media spin and hype which Julian Assange and his willing helper Daniel Domscheit-Berg spun around WikiLeakS.org

In it, Julian Assange appears to be a charismatic Cult leader and paranoid Control Freak.

Our previous observations that the "maximum political impact" attitude of the core WikiLeakS.org team (which appears now to have been just Julian and Daniel) is confirmed i..e they are indistinguishable from the fanatics who support totalitarian dictatorships, where "the ends justify the means".

Given the scale of the lies which Daniel Domscheit-Berg and Julian Assange told to the media and the public about the robustness and security of the WIkileaks computer infrastructure it is hard to trust either of them with the time of day, let alone a potentially life or career threatening whistleblower disclosure.

Of the two, Daniel Domscheit-Berg appears to be the more contrite, - at least he has apologised for his unethical behaviour, something which Julian Assange, like all fanatics, probably never will do.

Some interesting points, which any imitators of Wikileaks should avoid emulating:

  • The deliberately deceptive use of multiple "sock puppet" personalities by Julian Assange (e.g. "Jay Lim"), to pretend that there were more Wikileaks activists and experts than there really were .
  • The lies about "1.2 million Chinese government documents" and the lack of involvement of any Chinese political dissidents at all.
  • The Single Point of Failure, with the wikileaks emails and submissions and wiki all on the same server. There is now supposedly a more robust infrastructure, apparently, but details of that are still being kept secret.
  • The "technobabble" used to confuse some journalists who enquired about the failures of the WikiLeakS.org infrastructure.
  • Reliance on a Chat Room as the main method of communication even between "staff" members.
  • The purchase of expensive Cryptophones by Daniel's former girlfriend, who was not financially compensated, even after the cash started rolling in.
  • The inept use of email by Julian Assange, which revealed a list of early WikiLeakS.org financial contributors.
  • The inept use of email by some of the Icelandic Wikileaks spokesmen and volunteers who forwarded their wikileaks.org emails to Google gmail accounts, thereby making it easy for the US Government to analyse the Communications Traffic Data and to legally force Google to hand over the contents.
  • Julian Assange's characterisation of some of his media luvvy supporters, even those who have who have stumped up lots of money as surety for his bail as "idiots".
  • The internal rifts between Julian Assange and Daniel Domscheit-Berg together with the unnamed "Architect" of the infrastructure re-vamp which happened in 2010 (without any viable new Submissions system).
  • The idiotic legal threats issued by Julian Assange against his former colleagues and against former mainstream media partners.

N.B. this blog does not think that Julian Assange should be extradited to Sweden from the UK on the inappropriate European Arrest Warrant, without any of the prima facie evidence of the sexual offences allegations having been cross examined in a UK Court.

There is still an obvious need and demand for whistleblower protecting online publishers of last resort.

However, that does not mean that Julian Assange or whatever the current WikiLeakS.org crew now comprises of, should ever be trusted by any whistleblowers in the future.

Whether Daniel Domscheit-Berg should be trusted with his new OpenLeaks.org venture is also in doubt.

Their initial website said many good things about transparency and security, but history appears to be repeating itself, since, despite publishing a Contact Page

with

SSL infos The SSL certificate we use for this website has the following fingerprints:

* SHA-1: 2F:A8:72:54:8F:CB:06:F1:02:39:D2:8C:1F:6B:FF:0A:22:1F:EB:36
* SHA-256: 5B:DE:F3:19:70:E7:D7:68:41:AE:75:20:C2:20:CB:78:1D:DE:81:A7:FE:8D:7D:0F:64:BD:69:E6:3E:AC:FE:47

The serial of the certificate is 01:00:00:00:00:01:2C:F1:12:3A:99.

Why then is the website httpsopenleaks.org no longer allowing SSL/TLS encrypted sessions ?

The scandalous lack of SSL/TLS encryption on the current WikiLeakS.ch website and its clones has also still not been fixed , despite the web forms which demand lots of personal data from journalists or mirror website volunteers - it should never have been launched without this already in place.


T

About this blog

This blog here at WikiLeak.org (no "S") discusses the ethical and technical issues raised by the WikiLeakS.org project, which is trying to be a resource for whistleblower leaks, by providing "untraceable mass document leaking and analysis".

These are bold and controversial aims and claims, with both pros and cons, especially for something which crosses international boundaries and legal jurisdictions.

This blog is not part of the WikiLeakS.org project, and there really are no copies of leaked documents or files being mirrored here.

Email Contact

Please feel free to email us your views about this website or news about the issues it tries to comment on:

email: blog@WikiLeak[dot]org

Before you send an email to this address, remember that this blog is independent of the WikiLeakS.org project.

If you have confidential information that you want to share with us, please make use of our PGP public encryption key or an email account based overseas e.g. Hushmail

LeakDirectory.org

Now that the WikiLeakS.org project is defunct, so far as new whistleblower are concerned, what are the alternatives ?

The LeakDirectory.org wiki page lists links and anonymity analyses of some of the many post-wikileaks projects.

There are also links to better funded "official" whistlblowing crime or national security reporting tip off websites or mainstream media websites. These should, in theory, be even better at protecting the anonymity and security of their informants, than wikileaks, but that is not always so.

New whistleblower website operators or new potential whistleblowers should carefully evaluate the best techniques (or common mistakes) from around the world and make their personal risk assessments accordingly.

Hints and Tips for Whistleblowers and Political Dissidents

The WikiLeakS.org Submissions web page provides some methods for sending them leaked documents, with varying degrees of anonymity and security. Anybody planning to do this for real, should also read some of the other guides and advice to political activists and dissidents:

Please take the appropriate precautions if you are planning to blow the whistle on shadowy and powerful people in Government or commerce, and their dubious policies. The mainstream media and bloggers also need to take simple precautions to help preserve the anonymity of their sources e.g. see Spy Blog's Hints and Tips for Whistleblowers - or use this easier to remember link: http://ht4w.co.uk

BlogSafer - wiki with multilingual guides to anonymous blogging

Digital Security & Privacy for Human Rights Defenders manual, by Irish NGO Frontline Defenders.

Everyone’s Guide to By-Passing Internet Censorship for Citizens Worldwide (.pdf - 31 pages), by the Citizenlab at the University of Toronto.

Handbook for Bloggers and Cyber-Dissidents - March 2008 version - (2.2 Mb - 80 pages .pdf) by Reporters Without Borders

Reporters Guide to Covering the Beijing Olympics by Human Rights Watch.

A Practical Security Handbook for Activists and Campaigns (v 2.6) (.doc - 62 pages), by experienced UK direct action political activists

Anonymous Blogging with Wordpress & Tor - useful step by step guide with software configuration screenshots by Ethan Zuckerman at Global Voices Advocacy. (updated March 10th 2009 with the latest Tor / Vidalia bundle details)

WikiLeakS Links

The WikiLeakS.org Frequently Asked Questions (FAQ) page.

WikiLeakS Twitter feeds

The WikiLeakS.org website does not stay online all of the time, especially when there is a surge of traffic caused by mainstream media coverage of a particularly newsworthy leak.

Recently, they have been using their new Twitter feeds, to selectively publicise leaked documents to the media, and also to report on the status of routing or traffic congestion problems affecting the main website in Stockholm, Sweden.

N.B.the words "security" or "anonymity" and "Twitter" are mutually exclusive:

WikiLeakS.org Twitter feed via SSL encrypted session: https://twitter.com/wikileaks

WikiLeakS.org unencrypted Twitter feed http://twitter.com/wikileaks

Internet Censorship

OpenNet Initiative - researches and measures the extent of actual state level censorship of the internet. Features a blocked web URL checker and censorship map.

Temporary Autonomous Zone

Temporary Autonomous Zones (TAZ) by Hakim Bey (Peter Lambourn Wilson)

Cyberpunk author William Gibson

Campaign Button Links

Watching Them, Watching Us, UK Public CCTV Surveillance Regulation Campaign
UK Public CCTV Surveillance Regulation Campaign

NO2ID Campaign - cross party opposition to the NuLabour Compulsory Biometric ID Card
NO2ID Campaign - cross party opposition to the NuLabour Compulsory Biometric ID Card and National Identity Register centralised database.

Gary McKinnon is facing extradition to the USA under the controversial Extradition Act 2003, without any prima facie evidence or charges brought against him in a UK court. Try him here in the UK, under UK law.
Gary McKinnon is facing extradition to the USA under the controversial Extradition Act 2003, without any prima facie evidence or charges brought against him in a UK court. Try him here in the UK, under UK law.

FreeFarid_150.jpg
FreeFarid.com - Kafkaesque extradition of Farid Hilali under the European Arrest Warrant to Spain

Peaceful resistance to the curtailment of our rights to Free Assembly and Free Speech in the SOCPA Designated Area around Parliament Square and beyond

Parliament Protest blog - resistance to the Designated Area restricting peaceful demonstrations or lobbying in the vicinity of Parliament.

Petition to the European Commission and European Parliament against their vague Data Retention plans
Data Retention is No Solution Petition to the European Commission and European Parliament against their vague Data Retention plans.

Save Parliament: Legislative and Regulatory Reform Bill (and other issues)
Save Parliament - Legislative and Regulatory Reform Bill (and other issues)

Open_Rights_Group.png
Open Rights Group

The Big Opt Out Campaign - opt out of having your NHS Care Record medical records and personal details stored insecurely on a massive national centralised database.

Tor - the onion routing network
Tor - the onion routing network - "Tor aims to defend against traffic analysis, a form of network surveillance that threatens personal anonymity and privacy, confidential business activities and relationships, and state security. Communications are bounced around a distributed network of servers called onion routers, protecting you from websites that build profiles of your interests, local eavesdroppers that read your data or learn what sites you visit, and even the onion routers themselves."

Tor - the onion routing network
Anonymous Blogging with Wordpress and Tor - useful Guide published by Global Voices Advocacy with step by step software configuration screenshots (updated March 10th 2009).

irrepressible_banner_03.gif
Amnesty International's irrepressible.info campaign

anoniblog_150.png
BlogSafer - wiki with multilingual guides to anonymous blogging

ngoiab_150.png
NGO in a box - Security Edition privacy and security software tools

homeofficewatch_150.jpg
Home Office Watch blog, "a single repository of all the shambolic errors and mistakes made by the British Home Office compiled from Parliamentary Questions, news reports, and tip-offs by the Liberal Democrat Home Affairs team."

rsf_logo_150.gif
Reporters Without Borders - Reporters Sans Frontières - campaign for journalists 'and bloggers' freedom in repressive countries and war zones.

committee_to_protect_bloggers_150.gif
Committee to Protect Bloggers - "devoted to the protection of bloggers worldwide with a focus on highlighting the plight of bloggers threatened and imprisoned by their government."

wikileaks_logo_low.jpg
Wikileaks.org - the controversial "uncensorable, anonymous whistleblowing" website based currently in Sweden.

Syndicate this site (XML):

Recent Comments

  • James Hyams: I'm writing a thesis on Public Trust in WikiLeaks, the read more
  • rich kaplan: Hello Wikeleaks vrew. In Turkey , the islamist goverment just read more
  • wikileak: Cryptome have a few more extracts from this book http://cryptome.org/0003/ddb-book/ddb-book.htm read more
  • wikileak: OpenLeaks.org have now launched their website with some details of read more
  • wikileak: Bahnhof Internet seem to be hosting two Wikileaks servers in read more
  • teresa: I THANK THEY JUST TO SHUT HIM UP. THEY THINK read more
  • wikileak: Clay Shirky has posted a rough transcript of Daniel Domscheit-Berg's read more
  • wikileak: @ N - you can still see the "1.2 million read more
  • N: @wikileak - Exactly, these cables are _from_ the United States, read more
  • wikileak: Openleaks.org is now displaying this meassage: Coming soon! While we read more

May 2012

Sun Mon Tue Wed Thu Fri Sat
    1 2 3 4 5
6 7 8 9 10 11 12
13 14 15 16 17 18 19
20 21 22 23 24 25 26
27 28 29 30 31