October 2008 Archives

More downtime for WikiLeakS.org

| | Comments (2)

WikiLeakS.org appears not be serving web requests at the moment, although the domain name resolution of this and of the main Cover Names seems to be ok, and the 88.80.13.160 IP address appears to be still online.

No doubt someone will get around to re-starting the web server or reverse proxy server / load balancer front end at some point in the near future.

The usual warnings apply:

Do not search here on the independent WikiLeak.org (no "s") blog for any leaked documents etc. - there are none !

If you want a more reliable service, then donate some money to the WIkiLeakS.org project.


The lack of any published high level security architecture for the WikiLeakS.org project
has been an ongoing failure, which reduces the level of trust and confidence which people can have in it.

Not all of the technical details of how they are trying to achieve the best mix of anonymity, security , scalability and usability techniques need to be made public, however a formal statement of what exactly they are trying to do, would help people outside the project to point out potential problems, or improvements, or to see that these have already been recognised and are work in progress.

In the absence of anything but the most hand waving salespeak from WikiLeakS.org, observers of the project have to critically examine the writings of their central politburo, and read between the lines,

The recently published Wikileaks:Investigator's guide page has some vaguely reassuring legal warnings about journalist / source legal protection in Sweden and Belgium and the USA.

Wikileaks:Investigator's guide

From Wikileaks

This document is for judges, investigating magistrates, judicial officers and investigators. It explains issues and evidence that you may see in an investigation relating to Wikileaks.

This is not, therefore, a discussion document, soliciting ideas or feedback on proposed future project features, it appears to be a fait accompli.

However, the Investigator's Guide also contains some technical inaccuracies or, perhaps, deliberate misinformation, and a description of a very worrying "phone home" spyware "feature".

The WikiLeakS.org "uncensorable anonymous whistleblower website" domain name appears to have expired at Dynadot.com

  • Is this part of the process transferring it away to another Domain Name Registrar ?

  • Is this administrative incompetence by the Wikileaks team in not paying the annual fee of $9.25 on time ?

  • Is this incompetence or malice by the Dynadot.com domain name registrar company in not allowing Wikileaks to renew the domain name ?

  • Or does this means that another Court injunction has been served (see the Bank Julius Baer court case) ?

Domain ID:D130035267-LROR
Domain Name:WIKILEAKS.ORG
Created On:04-Oct-2006 05:54:19 UTC
Last Updated On:04-Oct-2008 13:13:34 UTC
Expiration Date:04-Oct-2008 05:54:19 UTC
Sponsoring Registrar:Dynadot, LLC (R1266-LROR)
Status:CLIENT TRANSFER PROHIBITED
Registrant ID:CE-13000
Registrant Name:Pending Renewal or Deletion
Registrant Street1:PO Box 701
Registrant Street2:
Registrant Street3:
Registrant City:San Mateo
Registrant State/Province:CA
Registrant Postal Code:94401
Registrant Country:US
Registrant Phone:+1.6505851961
Registrant Phone Ext.:
Registrant FAX:
Registrant FAX Ext.:
Registrant Email:expired@dynadot.com
Admin ID:CE-13000
Admin Name:Pending Renewal or Deletion
Admin Street1:PO Box 701
Admin Street2:
Admin Street3:
Admin City:San Mateo
Admin State/Province:CA
Admin Postal Code:94401
Admin Country:US
Admin Phone:+1.6505851961
Admin Phone Ext.:
Admin FAX:
Admin FAX Ext.:
Admin Email:expired@dynadot.com
Tech ID:CE-13000
Tech Name:Pending Renewal or Deletion
Tech Street1:PO Box 701
Tech Street2:
Tech Street3:
Tech City:San Mateo
Tech State/Province:CA
Tech Postal Code:94401
Tech Country:US
Tech Phone:+1.6505851961
Tech Phone Ext.:
Tech FAX:
Tech FAX Ext.:
Tech Email:expired@dynadot.com
Name Server:NS1.DYNADOT.COM
Name Server:NS2.DYNADOT.COM

Obviously WikiLeaks.org is no longer pointing at the reverse web proxy server front end in Sweden at http://88.80.13.160 or https://88.80.13.160

You should try some of the other "Cover Name" domain names

Remember that there are no leaked documents on this technical and ethical issues discussion blog here at WikiLeak.org (with the "S")., which is not part of the WikiLeakS.org project, and is not one of their "Cover Names" either.

Update:

The WikiLeakS.org domain name seems to be coming back to again, slowly, but until the DNS propagation is complete, it will still not point to IP address 88.80.13.160 for everybody.


Domain ID:D130035267-LROR
Domain Name:WIKILEAKS.ORG
Created On:04-Oct-2006 05:54:19 UTC
Last Updated On:04-Oct-2008 18:37:51 UTC
Expiration Date:04-Oct-2018 05:54:19 UTC

Sponsoring Registrar:Dynadot, LLC (R1266-LROR)
Status:CLIENT TRANSFER PROHIBITED
Status:RENEWPERIOD
Registrant ID:CP-13000
Registrant Name:John Shipton c/o Dynadot Privacy
Registrant Street1:PO Box 701
Registrant Street2:
Registrant Street3:
Registrant City:San Mateo
Registrant State/Province:CA
Registrant Postal Code:94401
Registrant Country:US
Registrant Phone:+1.6505851961
Registrant Phone Ext.:
Registrant FAX:
Registrant FAX Ext.:
Registrant Email:privacy@dynadot.com
Admin ID:CP-13000
Admin Name:John Shipton c/o Dynadot Privacy
Admin Street1:PO Box 701
Admin Street2:
Admin Street3:
Admin City:San Mateo
Admin State/Province:CA
Admin Postal Code:94401
Admin Country:US
Admin Phone:+1.6505851961
Admin Phone Ext.:
Admin FAX:
Admin FAX Ext.:
Admin Email:privacy@dynadot.com
Tech ID:CP-13000
Tech Name:John Shipton c/o Dynadot Privacy
Tech Street1:PO Box 701
Tech Street2:
Tech Street3:
Tech City:San Mateo
Tech State/Province:CA
Tech Postal Code:94401
Tech Country:US
Tech Phone:+1.6505851961
Tech Phone Ext.:
Tech FAX:
Tech FAX Ext.:
Tech Email:privacy@dynadot.com
Name Server:NS1.EVERYDNS.NET
Name Server:NS2.EVERYDNS.NET
Name Server:NS3.EVERYDNS.NET
Name Server:NS4.EVERYDNS.NET

WikiLeakS.org seems to have recently changed the templates for their leaked document download pages.

These used to provide both an unencrypted http:// download URL and an SSL / TLS encrypted session https:// one.

However, now you are presented with what looks tt first glance to be several Download Mirror URLs, in several different countries.

This is, unfortunately, rather misleading, as with one exception, all the URLS actually still point to the same Single Point of Failure webserver IP address in Stockholm, Sweden: 88.80.13.160

i.e. you are given the apparent choice of downloading the document from the ./leaks/ directory at the following URLs:

  • Sweden http://wikileaks.se
  • US http://88.80.13.160.nyud.net
  • Sweden2 http://file.sunshinepress.org:54445
  • Latvia http://riga.ax.lt
  • Slovakia http://bratislava.iypt.sk
  • UK http://wikileaks.org.uk
  • Finland http://wikileaks.fi
  • Netherlands http://wikileaks.nl

The http://file.sunshinepress.org:54445 URL has been used regularly before, although it is hard to believe that there are likely to be many locations which have firewall or other policies which block access via http:// port 80 or https:// port 443, but still allow port 54445 connections.

The diversity of the domain names, provides redundancy against the legalistic court order attacks against the main wikileaks.org domain name, as per the court case in the USA case brought by Bank Julius Baer and their shyster lawyers Lavely & Singer back in February 2008.

The US download URL ending in ".nyud.net" is actually making use of the Coral Content Distribution Network project. This is a collaborative volunteer project, run by the Stanford Secure Computer Systems group at Stanford University in Palo Alto, California, USA, which creates an international distributed cache and content distribution service, with servers in several different countries.

This Coral CDN project is independent of WikiLeakS.org, but they, and many other people make use of it, especially when they have popular, newsworthy content which overloads their own servers and bandwidth. The recent Sarah Palin email screenshots were, for example, available for a time, via this system, even though WikiLeakS.org could not cope with the demand.

It is unclear if the WikiLeakS.org publishing workflow scripts actually click on the Coral CDN URL e.g. http://88.80.13.160.nyud.net/leaks/;eaked-document.pdf, thereby pulling it into the Croal CDN server cache network, and making it available if WikiLeakS.org server in Stockholm is offline. Perhaps the workfow process simply published the URL, and hopes that someone else will seed the Coral CDN with copies of the leaked document.

It is still possible to download a leaked document via SSL, but this involves manually replacing, for example

http://wikileaks.se/leak/leaked-document.pdf

with

https://wikileaks.se/leak/leaked-document.pdf

and then noting, and dealing with any warnings and requests for permanent or temporary exceptions, when your web browser software detects that the Digital Certificate belongs to secure.wikileaks.org, and not to the domain name in the "cover name" URLs listed above (with the exception of the Coral Content Distribution Network URL, which does not accept SSL connections).

Most people visiting the WikiLeakS.org leaked document download pages will not be aware of this, and will, potentially, betray the fact that they have downloaded a particular document, something which the WikiLeakS.org project does not clearly warn them about.

However, even SSL / TLS encryption does not necessarily protect the anonymity of the people who choose to download censored documents from WikiLeakS.org.

With any particular leaked document file, which eventhough it is SSL / TLS session encrypted securely, there is a very good chance that the actual or approximate size of the file i.e. the number of bytes downloaded, is enough information with which to characterise, with a high degree of probability, which of the files being published by WikiLeakS.org has been downloaded by a particular computer IP address, at a certain time, on a particular date.

This may well be enough to provide legal proof, or at least investigative leads or suspicions, about who the people are who have downloaded that leaked document, especially when their local Internet Service Provider is under pressure to hand over log files to lawyers or law enforcement or intelligence agencies, who are hunting down a leaked document, possession of which may have copyright or national security implications.

Alternatively, users of Tor. The Onion Router project, , can still protect (to a high degree, but not with absolute certainty) the anonymity of their plaintext http:// or encrypted SSL / TLS https:// session download.

It is completely unclear, as to whether the WikiLeakS.org project team have ever considered or rejected ideas such as padding out leaked documents to one of several standard file lengths, so as to provide more "plausible deniability" against Communications Data Traffic Analysis, for readers and downloaders who use the WikiLeakS.org website.

About this blog

This blog here at WikiLeak.org (no "S") discusses the ethical and technical issues raised by the WikiLeakS.org project, which is trying to be a resource for whistleblower leaks, by providing "untraceable mass document leaking and analysis".

These are bold and controversial aims and claims, with both pros and cons, especially for something which crosses international boundaries and legal jurisdictions.

This blog is not part of the WikiLeakS.org project, and there really are no copies of leaked documents or files being mirrored here.

Email Contact

Please feel free to email us your views about this website or news about the issues it tries to comment on:

email: blog@WikiLeak[dot]org

Before you send an email to this address, remember that this blog is independent of the WikiLeakS.org project.

If you have confidential information that you want to share with us, please make use of our PGP public encryption key or an email account based overseas e.g. Hushmail

LeakDirectory.org

Now that the WikiLeakS.org project is defunct, so far as new whistleblower are concerned, what are the alternatives ?

The LeakDirectory.org wiki page lists links and anonymity analyses of some of the many post-wikileaks projects.

There are also links to better funded "official" whistlblowing crime or national security reporting tip off websites or mainstream media websites. These should, in theory, be even better at protecting the anonymity and security of their informants, than wikileaks, but that is not always so.

New whistleblower website operators or new potential whistleblowers should carefully evaluate the best techniques (or common mistakes) from around the world and make their personal risk assessments accordingly.

Hints and Tips for Whistleblowers and Political Dissidents

The WikiLeakS.org Submissions web page provides some methods for sending them leaked documents, with varying degrees of anonymity and security. Anybody planning to do this for real, should also read some of the other guides and advice to political activists and dissidents:

Please take the appropriate precautions if you are planning to blow the whistle on shadowy and powerful people in Government or commerce, and their dubious policies. The mainstream media and bloggers also need to take simple precautions to help preserve the anonymity of their sources e.g. see Spy Blog's Hints and Tips for Whistleblowers - or use this easier to remember link: http://ht4w.co.uk

BlogSafer - wiki with multilingual guides to anonymous blogging

Digital Security & Privacy for Human Rights Defenders manual, by Irish NGO Frontline Defenders.

Everyone’s Guide to By-Passing Internet Censorship for Citizens Worldwide (.pdf - 31 pages), by the Citizenlab at the University of Toronto.

Handbook for Bloggers and Cyber-Dissidents - March 2008 version - (2.2 Mb - 80 pages .pdf) by Reporters Without Borders

Reporters Guide to Covering the Beijing Olympics by Human Rights Watch.

A Practical Security Handbook for Activists and Campaigns (v 2.6) (.doc - 62 pages), by experienced UK direct action political activists

Anonymous Blogging with Wordpress & Tor - useful step by step guide with software configuration screenshots by Ethan Zuckerman at Global Voices Advocacy. (updated March 10th 2009 with the latest Tor / Vidalia bundle details)

WikiLeakS Links

The WikiLeakS.org Frequently Asked Questions (FAQ) page.

WikiLeakS Twitter feeds

The WikiLeakS.org website does not stay online all of the time, especially when there is a surge of traffic caused by mainstream media coverage of a particularly newsworthy leak.

Recently, they have been using their new Twitter feeds, to selectively publicise leaked documents to the media, and also to report on the status of routing or traffic congestion problems affecting the main website in Stockholm, Sweden.

N.B.the words "security" or "anonymity" and "Twitter" are mutually exclusive:

WikiLeakS.org Twitter feed via SSL encrypted session: https://twitter.com/wikileaks

WikiLeakS.org unencrypted Twitter feed http://twitter.com/wikileaks

Internet Censorship

OpenNet Initiative - researches and measures the extent of actual state level censorship of the internet. Features a blocked web URL checker and censorship map.

Temporary Autonomous Zone

Temporary Autonomous Zones (TAZ) by Hakim Bey (Peter Lambourn Wilson)

Cyberpunk author William Gibson

Campaign Button Links

Watching Them, Watching Us, UK Public CCTV Surveillance Regulation Campaign
UK Public CCTV Surveillance Regulation Campaign

NO2ID Campaign - cross party opposition to the NuLabour Compulsory Biometric ID Card
NO2ID Campaign - cross party opposition to the NuLabour Compulsory Biometric ID Card and National Identity Register centralised database.

Gary McKinnon is facing extradition to the USA under the controversial Extradition Act 2003, without any prima facie evidence or charges brought against him in a UK court. Try him here in the UK, under UK law.
Gary McKinnon is facing extradition to the USA under the controversial Extradition Act 2003, without any prima facie evidence or charges brought against him in a UK court. Try him here in the UK, under UK law.

FreeFarid_150.jpg
FreeFarid.com - Kafkaesque extradition of Farid Hilali under the European Arrest Warrant to Spain

Peaceful resistance to the curtailment of our rights to Free Assembly and Free Speech in the SOCPA Designated Area around Parliament Square and beyond

Parliament Protest blog - resistance to the Designated Area restricting peaceful demonstrations or lobbying in the vicinity of Parliament.

Petition to the European Commission and European Parliament against their vague Data Retention plans
Data Retention is No Solution Petition to the European Commission and European Parliament against their vague Data Retention plans.

Save Parliament: Legislative and Regulatory Reform Bill (and other issues)
Save Parliament - Legislative and Regulatory Reform Bill (and other issues)

Open_Rights_Group.png
Open Rights Group

The Big Opt Out Campaign - opt out of having your NHS Care Record medical records and personal details stored insecurely on a massive national centralised database.

Tor - the onion routing network
Tor - the onion routing network - "Tor aims to defend against traffic analysis, a form of network surveillance that threatens personal anonymity and privacy, confidential business activities and relationships, and state security. Communications are bounced around a distributed network of servers called onion routers, protecting you from websites that build profiles of your interests, local eavesdroppers that read your data or learn what sites you visit, and even the onion routers themselves."

Tor - the onion routing network
Anonymous Blogging with Wordpress and Tor - useful Guide published by Global Voices Advocacy with step by step software configuration screenshots (updated March 10th 2009).

irrepressible_banner_03.gif
Amnesty International's irrepressible.info campaign

anoniblog_150.png
BlogSafer - wiki with multilingual guides to anonymous blogging

ngoiab_150.png
NGO in a box - Security Edition privacy and security software tools

homeofficewatch_150.jpg
Home Office Watch blog, "a single repository of all the shambolic errors and mistakes made by the British Home Office compiled from Parliamentary Questions, news reports, and tip-offs by the Liberal Democrat Home Affairs team."

rsf_logo_150.gif
Reporters Without Borders - Reporters Sans Frontières - campaign for journalists 'and bloggers' freedom in repressive countries and war zones.

committee_to_protect_bloggers_150.gif
Committee to Protect Bloggers - "devoted to the protection of bloggers worldwide with a focus on highlighting the plight of bloggers threatened and imprisoned by their government."

wikileaks_logo_low.jpg
Wikileaks.org - the controversial "uncensorable, anonymous whistleblowing" website based currently in Sweden.

Syndicate this site (XML):

Recent Comments

  • James Hyams: I'm writing a thesis on Public Trust in WikiLeaks, the read more
  • rich kaplan: Hello Wikeleaks vrew. In Turkey , the islamist goverment just read more
  • wikileak: Cryptome have a few more extracts from this book http://cryptome.org/0003/ddb-book/ddb-book.htm read more
  • wikileak: OpenLeaks.org have now launched their website with some details of read more
  • wikileak: Bahnhof Internet seem to be hosting two Wikileaks servers in read more
  • teresa: I THANK THEY JUST TO SHUT HIM UP. THEY THINK read more
  • wikileak: Clay Shirky has posted a rough transcript of Daniel Domscheit-Berg's read more
  • wikileak: @ N - you can still see the "1.2 million read more
  • N: @wikileak - Exactly, these cables are _from_ the United States, read more
  • wikileak: Openleaks.org is now displaying this meassage: Coming soon! While we read more

December 2014

Sun Mon Tue Wed Thu Fri Sat
  1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30 31