This IDG interview of Julian Assange should worry potential whistleblowers:
The mainstream media ignored some of the other material Wikileaks published, says Julian Assange
By Jeremy Kirk, IDG News Service
July 12, 2010 12:22 PM ET
Assange spoke on Friday at the Center for Investigative Journalism at City University in London,
The second half of the article contains this extraordinary claim:
Assange said about one in six people affiliated with the U.S. military who enter Wikileaks' secure chat room end up passing information to the Web site. He said those who come to the chat room often possess evidence of something that is making them angry.
"At that point, they come to us, and maybe we can help them," Assange said.
But turning those visitors into sources is delicate, and different approaches have to be used. "You really have to establish a connection at that moment," Assange said.
Is the WikiLeakS.org "secure chat" system effectively a honey pot trap for US Military whistleblowers ?
It is unclear just how many "people affiliated with the U.S. military who enter Wikileaks' secure chat room" there have been.
Why would any real whistleblowers "affiliated with the U.S. military " or not, be stupid enough to contact WIkiLeakS.org , or anybody else, via Internet Relay Chat ?
WIkiLeakS.org Chat web page gives instructions on how to connect to their Internet Relay Chat (IRC) chat system.
There are no warnings and no advice about how to use this Internet Relay Chat system anonymously, even though that web page claims
Whistleblower? Journalist? Citizen journalist? WikiLeaks writer, volunteer, supporter or techie? Get advice and talk with people like you on the WikiLeaks secure chat (also good for safe interviews with anonymous sources).
"also good for safe interviews with anonymous sources" ???
Not if they expect to remain anonymous for long if there is any sort of "leak investigation" !
It is irrelevant whether or not the chat system is "encrypted" using SSL - that does not protect the Communications Traffic Data i.e. IP address, time, date and how much data has been transferred in a session.
The SSL encryption certificate for secure.wikileaks.org:9999 is a self signed one, apparently issued by WIkiLeakS.org itself, but there is no explanation of why this should be trusted on the website.
There is no mention of how , for example, to use Tor to connect to this IRC system to try to protect your Communications Traffic Data from snoopers.
The IDG article continues
Assange said Wikileaks is currently re-engineering its submissions engine, an important security tool that can help protect sources who are passing sensitive information to the site. The submissions engine has been described as having military-grade encryption.
Assange contested a Wired magazine story from June 30 titled "With World Watching, Wikileaks Falls Into Disrepair." The story said that the submission engine has been degraded for months and that its SSL (Secure Sockets Layer) certificate had expired. Assange contended he told Wired magazine that it was being redesigned but that article said that he declined comment.
So why have neither Julian Assange nor any of the other WikiLeakS.org activists bothered to update any of their website pages with this news ? Even now the website still gives the impression that there is a working "secure" submission service.
Is that incompetence or deliberate deceit ?