March 2010 Archives

In a front page editorial, Julian Assange gives some more details of the surveillance and harassment of himself and other WikiLeakS.org people in Iceland and on the way to a conference about investigative journalism Norway.

[...]

We have discovered half a dozen attempts at covert surveillance in Reykjavik both by native English speakers and Icelanders. On the occasions where these individuals were approached, they ran away. One had marked police equipment and the license plates for another suspicious vehicle track back to the Icelandic private VIP bodyguard firm Terr. What does that mean? We don't know. But as you will see, other events are clear.

Perhaps it means that Iceland will not become quite the transparent and publicly accountable "investigative journalism publishing data haven", which WikiLeakS.org and the Icelandic Modern Media Initiative hope for.

U.S. sources told Icelandic state media's deputy head of news, that the State Department was aggressively investigating a leak from the U.S. Embassy in Reykjavik. I was seen at a private U.S Embassy party at the Ambassador's residence, late last year and it is known I had contact with Embassy staff, after.

On Thursday March 18, 2010, I took the 2.15 PM flight out of Reykjavik to Copenhagen--on the way to speak at the SKUP investigative journalism conference in Norway. After receiving a tip, we obtained airline records for the flight concerned. Two individuals, recorded as brandishing diplomatic credentials checked in for my flight at 12:03 and 12:06 under the name of "US State Department". The two are not recorded as having any luggage.

Iceland doesn't have a separate security service. It folds its intelligence function into its police forces, leading to an uneasy overlap of policing and intelligence functions and values.

On Monday 22, March, at approximately 8.30pm, a WikiLeaks volunteer, a minor, was detained by Icelandic police on a wholly insignificant matter. Police then took the opportunity to hold the youth over night, without charge--a highly unusual act in Iceland. The next day, during the course of interrogation, the volunteer was shown covert photos of me outside the Reykjavik restaurant "Icelandic Fish & Chips", where a WikiLeaks production meeting took place on Wednesday March 17--the day before individuals operating under the name of the U.S. State Department boarded my flight to Copenhagen.

Our production meeting used a discreet, closed, backroom, because we were working on the analysis of a classified U.S. military video showing civilian kills by U.S. pilots. During the interrogation, a specific reference was made by police to the video---which could not have been understood from that day's exterior surveillance alone. Another specific reference was made to "important", but unnamed Icelandic figures. References were also made to the names of two senior journalists at the production meeting.

[...]

How many WIkiLeakS.org volunteers are willing or unwilling (e.g. through coercion after having been arrested), agents or informers ("Covert Human Intelligence Sources" in UK legal parlance), for various police, intelligence agencies and private sector interested parties ?

Since WikiLeakS.org continue to refuse to open up their website wiki for comments and discussion, as before, it is hard to be sure whether their unreliable Twitter stream broadcasts are credible or not.

Are Julian Assange and his WikiLeakS.org activists friends being subjected to intelligence agency / police harassment ?

https://twitter.com/wikileaks

  • To those worrying about us--we're fine, and will issue a suitable riposte shortly.

    Wed Mar 24 19:20:04 +0000 2010

  • We have airline records of the State Dep/CIA tails. Don't think you can get away with it. You cannot. This is WikiLeaks.

    Wed Mar 24 04:04:13 +0000 2010

  • We have been shown secret photos of our production meetings and been asked specific questions during detention related to the airstrike.

What were the specific Questions which were asked ? What were WikiLeakS.org Answers ? Were any legal advisors present during this interrogation ?


Will WikiLeakS.org name and shame this "related person" in the name of "transparency" ?

What exactly were they held for and by which Government / agency ?


Will WikiLeakS.org name and shame these alleged surveillance agents ?


Presumably this is the drone / ground attack aeroplane video footage for which an appeal and a thank you appeared on this Twitter stream, for access to supercomputer numbercrunching to de-crypt as mentioned in our previous blog article (Doubts about the claim that "U.S. Intelligence planned to destroy WikiLeaks" - new window">


Is surveillance which is unprofessional or inept enough to be noticed, really just a form of harassment ?

It seems to be a stupid and counterproductive way to conduct any sort of "whistleblower leak" investigation.

What counter-surveillance techniques do WikiLeakS.org activists employ ?

See http://ht4w.co.uk - Technical Hints and Tips for protecting the anonymity of sources for Whistleblowers, Investigative Journalists, Campaign Activists and Political Bloggers etc.

WikiLeakS.org, are still "on strike", awaiting more financial donations, but they do continue to publish a few headline grabbing "leaks", without the full wiki system which used to allow readers to analyse and comment on them on the website itself.

They are claiming that:

U.S. Intelligence planned to destroy WikiLeaks

http://file.wikileaks.org/files/us-intel-wikileaks.pdf

We cannot see much evidence of any actual "plan", only a statement of the obvious, that if US Military whistleblowers are tracked down and disciplined or prosecuted, this may have a deterrent effect on future leaks, in general and to Wikileaks in particular.

WikiLeakS.org point out that none of that has happened, as yet, in the couple of years since this intelligence report was compiled.

There is mention of foreign i.e. non-USA potential Computer Network Exploitation (CNE) and / or Computer Network Attacks (CNA) on wikileaks, but with no mention of any US military capabilities or policies in these areas.

This document appears to be:

SECRET//NOFORN

ACIC Home

(U) Wikileaks.org--An Online Reference to Foreign Intelligence Services, Insurgents, or Terrorist Groups?

NGIC-2381-0617-08

Information Cutoff Date: 28 February 2008
Publication Date: 18 March 2008


[...]


Prepared by:

Michael D. Horvath


Cyber Counterintelligence Assessments Branch
Army Counterintelligence Center

External Coordination: National Ground Intelligence Center[1]

This product responds to HQ, Department of Army, production requirement C764-97-0005.

ACIC Product Identification Number is RB08-0617.

[...]

(U) This special report assesses the counterintelligence threat posed to the US Army by the Wikileaks.org Web site.

Julian Assange, one of the main WikiLeakS.org activists, uses this paragraph (marked as Secret / Not for Foreigners), at the end of the Executive Summary on page 3 of 32 (also as the start of the Conclusions on page 21 of 32) , to make the "claim that "U.S.Intelligence planned to destroy WikiLeaks"

(S//NF) Wikileaks.org uses trust as a center of gravity by assuring insiders, leakers, and whistleblowers who pass information to Wikileaks.org personnel or who post information to the Web site that they will remain anonymous. The identification, exposure, or termination of employment of or legal actions against current or former insiders, leakers, or whistleblowers could damage or destroy this center of gravity and deter others from using Wikileaks.org to make such information public.

All of that also applies to most other organisations or companies, whose confidential documents end up on WikiLeakS.org, not just those belonging to the US Army.

This one paragraph out of a 32 page report does not seem to be any sort of "plan", just a statement of the obvious.

(S/NF) stands for "Secret / Not for Foreigners", a marking which is used on many of the paragraphs in this report, which also contains (U) unclassified paragraphs as well.

Interestingly Julian does not mention this paragraph (pages 5 and 6):

(S//NF) The obscurification technology[9] used by Wikileaks.org has exploitable vulnerabilities. Organizations with properly trained cyber technicians, the proper equipment, and the proper technical software could most likely conduct computer network exploitation (CNE) operations or use cyber tradecraft to obtain access to Wikileaks.org's Web site, information systems, or networks that may assist in identifying those persons supplying the data and the means by which they transmitted the data to Wikileaks.org. Forensic analysis of DoD unclassified and classified networks may reveal the location of the information systems used to download the leaked documents. The metadata, MD5 hash marks, and other unique identifying information within digital documents may assist in identifying the parties responsible for leaking the information. In addition, patterns involving the types of leaked information, classification levels of the leaked information, development of psychological profiles, and inadvertent attribution of an insider through poor OPSEC could also assist in the identification of insiders.

Reference [9] is :

[9] (U) Obscurification technology: the science of obscuring or hiding objects and information.

The report carefully does not say that United States military, intelligence or law enforcement organisations could or should be involved in "computer network exploitation (CNE) operations or use cyber tradecraft" using these old vulnerabilities in, for example, Tor , instead suggesting that it could be Foreign organisations (FISS = Foreign Intelligence and Security Services) instead (page ):

(U) The OPSEC measures used in the submission of leaked information to Wikileaks using the Internet are designed to protect the identity and personal security of the persons or entities sending or posting information to the Web site. Wikileaks.org claims that any attempt at trace routing of IP addresses, MAC addresses, and other identifying information of a home computer submissions (as opposed to cyber café submissions) through Wikileaks.org's Internet submission system would require a knowledge of information available only to Wikileaks.org programmers and to a rights organization serving the electronic community, or would require specialized ubiquitous traffic analysis of Internet messages and routing systems. Nevertheless, it remains technically feasible for FISS, law enforcement organizations, and foreign businesses that have the motivation, intentions, capability, and opportunity to gain online access or physical access to Wikileaks.org information systems to identify and trace whistleblowers through cyber investigations, advanced cyber tools, and forensics.[11]

Reference [11]

[11] (U) School of Computer Science, Carleton University, Ottawa, Canada. ―Internet
Geolocation and Evasion.‖ URL: http://cs.smu.ca/~jamuir/papers/TR-06-05.pdf. Accessed 5
January 2008.
(U) Geocities. ―Exposing Tor Users' IPs‖ URL:
http//uk.geocities.com/osin1941/exposingtor.html. Accessed on 28 December 2007.
(U) Secunia. ―Multiple Security Vulnerabilities for Tor.‖ CVE-2006-3407, CVE-2006-3408, CVE-2006-3409, CVE-2006-3410, CVE-2006-0414, CVE-2006-3165, CVE-2006-4508, CVE-2007-4096, CVE-2007-4097, CVE-2007-4098, CVE-2007-4099, CVE-2007-4174, CVE-2007-4508, CVE-2007-4099. URL: http://archives.seul.org. Accessed on 8 January 2008.

This WikiLeak.org blog has written about the "Peryton" whistleblower code name, which is specifically discussed in the US military intelligence report:

Does linking "Peryton" to several leaks partially betray the WikiLeakS.org promise of anonymity ? (February 13, 2008 2:11 AM)

It is worth repeating the Questions raised in the Intelligence Gaps section of this document (pages 20 and 21)

(U) Intelligence Gaps

  • (S//NF) What individual persons or entities are leaking DoD sensitive or classified information to Wikileaks.org, and are they working on behalf of a foreign agent or power? What are the reasons, intentions, and motivations of the current or former insider?
  • (S//NF) Is the potential insider leaking the information to Wikileaks.org a former employee of the US government or a mole still working for the US government? How is the insider sending digital information to Wikileaks.org? What cyber or other tradecraft is the perpetrator using?
  • (S//NF) Will the Wikileaks.org Web site be used by FISS, foreign military services, foreign insurgents, or terrorist groups to collect sensitive or classified US Army information posted to the Wikileaks.org Web site?
  • (S//NF) Will the Wikileaks.org Web site be used by FISS, foreign military services, or foreign terrorist groups to spread propaganda, misinformation, or disinformation or to conduct perception or influence operations to discredit the US Army?
  • (S//NF) Will the Wikileaks.org Web site be used for operational or cyber tradecraft to pass information to or from foreign entities?
  • (S/NF) Will the Wikileaks.org Web site developers obtain new software for Web site development, management, security, encryption of messages or files, or posting anonymous information to the Web site?
  • (S//NF) Will foreign entities attempt to conduct CNE or CNA to obtain information on the posters of information or block content on the Wikileaks.org Web site?
  • (S//NF) What software, tactics, techniques, and procedures would be used by a foreign actor to conduct CNE or CNA against the Web site?

CNE = computer network exploitation
CNA = computer network attack

  • (S//NF) Will foreign persons, businesses, or countries attempt civil lawsuits or criminally prosecute whistleblowers, Wikileaks.org staff, and members who posted comments on the Web site?
  • (S//NF) Will Wikileaks.org and various users expand the data fields in the TOE SQL database to include equipment capabilities, equipment limitations and vulnerabilities, known unit locations, links to geospatial information services, or known unit personnel to develop ―battle books for targeting packages?
  • (S//NF) What other leaked DoD sensitive or classified information has been obtained by Wikileaks.org?
  • (S//NF) Will foreign organizations such as FISS, foreign military services, foreign insurgents, or terrorist groups provide funding or material support to Wikileaks.org?

It is interesting that this SECRET / NOFORN (NOFORN = Not releasable to Foreign Nationals, equivalent to "UK Eyes Only") document cites this Spy Blog article 3 times cited 3 times as references [39, 40 and 41]
e.g.

(U) Spy Blog. ―Is Wikileaks.org the Right Idea for a Whistleblowing Website? 5 January 2007.
URL: http://p10.hostingprod.com@spyblog.org.uk/blog/2007/01/is_wikileaks.org_the_right_idea_for_a_ whistleblowing_website/html. Moved from URL: www.spy.org.uk/spyblog. Accessed on 17 December 2007.

This URL has got mangled somewhat, so interested readers should go to:

Spy Blog, January 5, 2007 2:09 PM:
Is WikiLeaks.org the right idea for a whistleblowing website ?

It is worth comparing the "Intelligence Gaps" questions with the original Spy Blog questions about the whole WikiLeakS.org project, which are cited 3 times as a reference [39, 40 and 41]

Perhaps "U.S. Intelligence planned to destroy WikiLeaks", but this leaked document does not provide hard evidence of that rather sensational claim.

The intelligence report rightly pays respect to the technical work involving SQL database cross referencing of the Iraq war equipment register by WikileakS.org activists and others. The September 11th 2001 pager messages project was also impressive.

However the intelligence report is not sceptical enough about some of the unproven claims made by WikiLeakS.org e.g. where exactly are the more than a million leaked Chinese documents ? They were not available via the wiki, when it was running.

Similarly, the claim to use PGP encryption to protect whistleblowers is false and the "easy to use" encryption software for CDs and DVDs sent via postal mail, has also never materialised.

Any future revision of this intelligence report on WikiLeakS.org should perhaps look at how the core activists are not actually content with waiting for other people to send them "Leaked" documents,, but are actively trying to create new documents etc. which have never been "leaked" by anyone in the first place.

If the US Army was worried about WIkiLeakS.org a couple of years ago, then some of the recent developments might cause them further anxiety.

See these recent Tweets:

http://twitter.com/wikileaks/status/7530875613

Have encrypted videos of US bomb strikes on civilians http://bit.ly/wlafghan2 we need super computer time http://ljsf.org/

8:10 PM Jan 8th 2010

and

http://twitter.com/wikileaks/status/9412020034

Finally cracked the encryption to US military video in which journalists, among others, are shot. Thanks to all who donated $/CPUs.

3:18 AM Feb 21st 2010

To whom have they made this allegedly de-crypted video (presumably intercepted from missile carrying drones or other attack aircraft) available ?

About this blog

This blog here at WikiLeak.org (no "S") discusses the ethical and technical issues raised by the WikiLeakS.org project, which is trying to be a resource for whistleblower leaks, by providing "untraceable mass document leaking and analysis".

These are bold and controversial aims and claims, with both pros and cons, especially for something which crosses international boundaries and legal jurisdictions.

This blog is not part of the WikiLeakS.org project, and there really are no copies of leaked documents or files being mirrored here.

Email Contact

Please feel free to email us your views about this website or news about the issues it tries to comment on:

email: blog@WikiLeak[dot]org

Before you send an email to this address, remember that this blog is independent of the WikiLeakS.org project.

If you have confidential information that you want to share with us, please make use of our PGP public encryption key or an email account based overseas e.g. Hushmail

LeakDirectory.org

Now that the WikiLeakS.org project is defunct, so far as new whistleblower are concerned, what are the alternatives ?

The LeakDirectory.org wiki page lists links and anonymity analyses of some of the many post-wikileaks projects.

There are also links to better funded "official" whistlblowing crime or national security reporting tip off websites or mainstream media websites. These should, in theory, be even better at protecting the anonymity and security of their informants, than wikileaks, but that is not always so.

New whistleblower website operators or new potential whistleblowers should carefully evaluate the best techniques (or common mistakes) from around the world and make their personal risk assessments accordingly.

Hints and Tips for Whistleblowers and Political Dissidents

The WikiLeakS.org Submissions web page provides some methods for sending them leaked documents, with varying degrees of anonymity and security. Anybody planning to do this for real, should also read some of the other guides and advice to political activists and dissidents:

Please take the appropriate precautions if you are planning to blow the whistle on shadowy and powerful people in Government or commerce, and their dubious policies. The mainstream media and bloggers also need to take simple precautions to help preserve the anonymity of their sources e.g. see Spy Blog's Hints and Tips for Whistleblowers - or use this easier to remember link: http://ht4w.co.uk

BlogSafer - wiki with multilingual guides to anonymous blogging

Digital Security & Privacy for Human Rights Defenders manual, by Irish NGO Frontline Defenders.

Everyone’s Guide to By-Passing Internet Censorship for Citizens Worldwide (.pdf - 31 pages), by the Citizenlab at the University of Toronto.

Handbook for Bloggers and Cyber-Dissidents - March 2008 version - (2.2 Mb - 80 pages .pdf) by Reporters Without Borders

Reporters Guide to Covering the Beijing Olympics by Human Rights Watch.

A Practical Security Handbook for Activists and Campaigns (v 2.6) (.doc - 62 pages), by experienced UK direct action political activists

Anonymous Blogging with Wordpress & Tor - useful step by step guide with software configuration screenshots by Ethan Zuckerman at Global Voices Advocacy. (updated March 10th 2009 with the latest Tor / Vidalia bundle details)

WikiLeakS Links

The WikiLeakS.org Frequently Asked Questions (FAQ) page.

WikiLeakS Twitter feeds

The WikiLeakS.org website does not stay online all of the time, especially when there is a surge of traffic caused by mainstream media coverage of a particularly newsworthy leak.

Recently, they have been using their new Twitter feeds, to selectively publicise leaked documents to the media, and also to report on the status of routing or traffic congestion problems affecting the main website in Stockholm, Sweden.

N.B.the words "security" or "anonymity" and "Twitter" are mutually exclusive:

WikiLeakS.org Twitter feed via SSL encrypted session: https://twitter.com/wikileaks

WikiLeakS.org unencrypted Twitter feed http://twitter.com/wikileaks

Internet Censorship

OpenNet Initiative - researches and measures the extent of actual state level censorship of the internet. Features a blocked web URL checker and censorship map.

Temporary Autonomous Zone

Temporary Autonomous Zones (TAZ) by Hakim Bey (Peter Lambourn Wilson)

Cyberpunk author William Gibson

Campaign Button Links

Watching Them, Watching Us, UK Public CCTV Surveillance Regulation Campaign
UK Public CCTV Surveillance Regulation Campaign

NO2ID Campaign - cross party opposition to the NuLabour Compulsory Biometric ID Card
NO2ID Campaign - cross party opposition to the NuLabour Compulsory Biometric ID Card and National Identity Register centralised database.

Gary McKinnon is facing extradition to the USA under the controversial Extradition Act 2003, without any prima facie evidence or charges brought against him in a UK court. Try him here in the UK, under UK law.
Gary McKinnon is facing extradition to the USA under the controversial Extradition Act 2003, without any prima facie evidence or charges brought against him in a UK court. Try him here in the UK, under UK law.

FreeFarid_150.jpg
FreeFarid.com - Kafkaesque extradition of Farid Hilali under the European Arrest Warrant to Spain

Peaceful resistance to the curtailment of our rights to Free Assembly and Free Speech in the SOCPA Designated Area around Parliament Square and beyond

Parliament Protest blog - resistance to the Designated Area restricting peaceful demonstrations or lobbying in the vicinity of Parliament.

Petition to the European Commission and European Parliament against their vague Data Retention plans
Data Retention is No Solution Petition to the European Commission and European Parliament against their vague Data Retention plans.

Save Parliament: Legislative and Regulatory Reform Bill (and other issues)
Save Parliament - Legislative and Regulatory Reform Bill (and other issues)

Open_Rights_Group.png
Open Rights Group

The Big Opt Out Campaign - opt out of having your NHS Care Record medical records and personal details stored insecurely on a massive national centralised database.

Tor - the onion routing network
Tor - the onion routing network - "Tor aims to defend against traffic analysis, a form of network surveillance that threatens personal anonymity and privacy, confidential business activities and relationships, and state security. Communications are bounced around a distributed network of servers called onion routers, protecting you from websites that build profiles of your interests, local eavesdroppers that read your data or learn what sites you visit, and even the onion routers themselves."

Tor - the onion routing network
Anonymous Blogging with Wordpress and Tor - useful Guide published by Global Voices Advocacy with step by step software configuration screenshots (updated March 10th 2009).

irrepressible_banner_03.gif
Amnesty International's irrepressible.info campaign

anoniblog_150.png
BlogSafer - wiki with multilingual guides to anonymous blogging

ngoiab_150.png
NGO in a box - Security Edition privacy and security software tools

homeofficewatch_150.jpg
Home Office Watch blog, "a single repository of all the shambolic errors and mistakes made by the British Home Office compiled from Parliamentary Questions, news reports, and tip-offs by the Liberal Democrat Home Affairs team."

rsf_logo_150.gif
Reporters Without Borders - Reporters Sans Frontières - campaign for journalists 'and bloggers' freedom in repressive countries and war zones.

committee_to_protect_bloggers_150.gif
Committee to Protect Bloggers - "devoted to the protection of bloggers worldwide with a focus on highlighting the plight of bloggers threatened and imprisoned by their government."

wikileaks_logo_low.jpg
Wikileaks.org - the controversial "uncensorable, anonymous whistleblowing" website based currently in Sweden.

Syndicate this site (XML):

Recent Comments

  • James Hyams: I'm writing a thesis on Public Trust in WikiLeaks, the read more
  • rich kaplan: Hello Wikeleaks vrew. In Turkey , the islamist goverment just read more
  • wikileak: Cryptome have a few more extracts from this book http://cryptome.org/0003/ddb-book/ddb-book.htm read more
  • wikileak: OpenLeaks.org have now launched their website with some details of read more
  • wikileak: Bahnhof Internet seem to be hosting two Wikileaks servers in read more
  • teresa: I THANK THEY JUST TO SHUT HIM UP. THEY THINK read more
  • wikileak: Clay Shirky has posted a rough transcript of Daniel Domscheit-Berg's read more
  • wikileak: @ N - you can still see the "1.2 million read more
  • N: @wikileak - Exactly, these cables are _from_ the United States, read more
  • wikileak: Openleaks.org is now displaying this meassage: Coming soon! While we read more

December 2014

Sun Mon Tue Wed Thu Fri Sat
  1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30 31