Wired.com: WikiLeaks Defector Slams Assange In Tell-All Book

| | Comments (1)

The Wired.com Danger Room preview article WikiLeaks Defector Slams Assange In Tell-All Book by Kim Zetter, about Daniel Domscheit-Berg's forthcoming book, seems to confirm many of the suspicions and speculations about the apparent internal rifts within the WikiLeakS.org project, which this blog has commented on over the years.

[...]

WikiLeaks founder Julian Assange lost control of his site's submission system in an internal revolt last fall, and has never regained it, according to a tell-all book penned by the organization's top defector, who accuses Assange of routinely exaggerating the security of the secret-spilling website and lying to the public about the size and strength of the organization.

Although WikiLeaks has claimed for months that its submission system is down due to a backlog of documents it has no time to process, Daniel Domscheit-Berg writes in Inside WikiLeaks that he and a top WikiLeaks programmer seized the submission system when they defected from the organization last September, along with documents in the system at the time.

[...]

Last August, in the wake of rape allegations against Assange as well as criticism that the site had mishandled the names of informants in Afghan documents the site published with media partners, Domscheit-Berg and two WikiLeaks programmers fed up with the way things were being run, staged a halfhearted mutiny. They disabled the WikiLeaks wiki and changed the passwords to the Twitter and e-mail accounts. In response, Assange shut down the whole system, causing the mutineers to cave in. But within weeks, Domscheit-Berg and one of the programmers had left WikiLeaks for good and taken the submission system with them.

They seized the system because they had doubts Assange would handle the documents securely, due to lack of care he had allegedly shown for submissions in the past.

"Children shouldn't play with guns," Domscheit-Berg writes. "That was our argument for removing the submission platform from Julian's control ... We will only return the material to Julian if and when he can prove that he can store the material securely and handle it carefully and responsibly."

The submission system had been recrafted by the programmer, whom Domscheit-Berg refers to only as "the Architect", after he became frustrated with the jerry-built infrastructure Assange, and perhaps others, had set up when Wikileaks launched in December 2006, according to the book. WikiLeaks had been running on a single server with sensitive backend components like the submission and e-mail archives connected to the public-facing Wiki page. The Architect separated the platforms and set up a number of servers in various countries.

In a statement Wednesday, WikiLeaks essentially confirmed Domscheit-Berg's version of why the site's submission system is missing. The organization said the system remains down months after Domscheit-Berg left because his "acts of sabotage" forced the organization to "overhaul the entire submission system" and the staff lacks time to do so.

The statement does not explain why Assange had previously claimed the submission system was down by design to stop an already huge backup of documents from growing even larger.

Domscheit-Berg writes that he and the Architect won't release the unpublished documents and will return them to WikiLeaks once Assange builds a secure system. Noting that the current site has no SSL support, Domscheit-Berg warns that anyone who visits the site to read submission instructions could be monitored.

"The current system has become a security risk for everyone involved," he writes.

Domscheit-Berg told Threat Level in an interview on Sunday that the hijacked leaks only include those submitted since the time the system came back online in July following an outage, and the time it went down permanently. Anything submitted before then, or via other methods, would still be in Assange's possession.

[...]


Domscheit-Berg began working with Assange after meeting him at a hacker conference in Germany in December 2007. Although WikiLeaks claimed to have hundreds of volunteers and an untold number of staffers, the organization consisted essentially of Assange and Domscheit-Berg, who pored through submissions, did little more than simple Google searches to verify documents and posed as non-existent staffers in e-mail and other correspondence to make WikiLeaks seem heftier than it was.

The two were later joined by "the Technician" in 2008 and "the Architect" in 2009, both of whom assumed responsibility for the technological infrastructure, while Assange and Domscheit-Berg handled content and media relations. That is, until internal fighting began in 2009. Initially, the fights were over Assange's lack of transparency in handling donated funds, but eventually encompassed everything from the security of sources and submissions, to Assange's lack of trust in Domscheit-Berg, and Assange's relations with women.

[...]

When journalists asked about problems with WikiLeaks' infrastructure, Domscheit-Berg would purposely confuse them with technobabble. He writes that it was amazing how often their obfuscation strategy worked. "To create the impression of unassailability to the outside world, you only had to make the context as complicated and confusing as possible," he writes. "It was the same principle used by terrorists and bureaucrats. The adversary can't attack as long as he has nothing to grab hold of." The truth was, he notes, their "technical infrastructure was a joke and irresponsible. If someone knew where the server was located they could have shut WL down permanently ... We were acting irresponsibly, playing a risky game with our sources' trust and our supporters' donations."

Until WikiLeaks began working with media partners in 2010, it did little vetting of submissions beyond simple Google searches to see if documents seemed legitimate. This proved to be a problem when someone identified in a Julius Baer document as having a secret Swiss bank account claimed he'd been misidentified. Domscheit-Berg says the source who gave them the documents had also "included some background information he had researched about the bank's clients." But the source had apparently confused a Swiss account holder with a German man who had a similar name. When the German threatened to sue for slander, Assange and Domscheit-Berg added a caveat to the document saying, "according to three independent sources" the information might be false or misleading. The three independent sources, however, didn't exist. Domscheit-Berg says they made them up.

[...]

Will WikiLeakS.org ever resume operations for new whistleblower leak submissions ?

So will OpenLeakS.org really be any better than the WikILeakS.org smoke and mirrors confidence trick which this article portrays ?

N.B. OpenLeakS.org currently appears to have lost its https://OpenLeakS.org capability, despite, quite wisely, publishing the Digital Certificate details on

http://openleaks.org/content/contact.shtml

The SSL certificate we use for this website has the following fingerprints:

* SHA-1: 2F:A8:72:54:8F:CB:06:F1:02:39:D2:8C:1F:6B:FF:0A:22:1F:EB:36
* SHA-256: 5B:DE:F3:19:70:E7:D7:68:41:AE:75:20:C2:20:CB:78:1D:DE:81:A7:FE:8D:7D:0F:64:BD:69:E6:3E:AC:FE:47

The serial of the certificate is 01:00:00:00:00:01:2C:F1:12:3A:99.

1 Comments

Cryptome have a few more extracts from this book

http://cryptome.org/0003/ddb-book/ddb-book.htm

About this blog

This blog here at WikiLeak.org (no "S") discusses the ethical and technical issues raised by the WikiLeakS.org project, which is trying to be a resource for whistleblower leaks, by providing "untraceable mass document leaking and analysis".

These are bold and controversial aims and claims, with both pros and cons, especially for something which crosses international boundaries and legal jurisdictions.

This blog is not part of the WikiLeakS.org project, and there really are no copies of leaked documents or files being mirrored here.

Email Contact

Please feel free to email us your views about this website or news about the issues it tries to comment on:

email: blog@WikiLeak[dot]org

Before you send an email to this address, remember that this blog is independent of the WikiLeakS.org project.

If you have confidential information that you want to share with us, please make use of our PGP public encryption key or an email account based overseas e.g. Hushmail

LeakDirectory.org

Now that the WikiLeakS.org project is defunct, so far as new whistleblower are concerned, what are the alternatives ?

The LeakDirectory.org wiki page lists links and anonymity analyses of some of the many post-wikileaks projects.

There are also links to better funded "official" whistlblowing crime or national security reporting tip off websites or mainstream media websites. These should, in theory, be even better at protecting the anonymity and security of their informants, than wikileaks, but that is not always so.

New whistleblower website operators or new potential whistleblowers should carefully evaluate the best techniques (or common mistakes) from around the world and make their personal risk assessments accordingly.

Hints and Tips for Whistleblowers and Political Dissidents

The WikiLeakS.org Submissions web page provides some methods for sending them leaked documents, with varying degrees of anonymity and security. Anybody planning to do this for real, should also read some of the other guides and advice to political activists and dissidents:

Please take the appropriate precautions if you are planning to blow the whistle on shadowy and powerful people in Government or commerce, and their dubious policies. The mainstream media and bloggers also need to take simple precautions to help preserve the anonymity of their sources e.g. see Spy Blog's Hints and Tips for Whistleblowers - or use this easier to remember link: http://ht4w.co.uk

BlogSafer - wiki with multilingual guides to anonymous blogging

Digital Security & Privacy for Human Rights Defenders manual, by Irish NGO Frontline Defenders.

Everyone’s Guide to By-Passing Internet Censorship for Citizens Worldwide (.pdf - 31 pages), by the Citizenlab at the University of Toronto.

Handbook for Bloggers and Cyber-Dissidents - March 2008 version - (2.2 Mb - 80 pages .pdf) by Reporters Without Borders

Reporters Guide to Covering the Beijing Olympics by Human Rights Watch.

A Practical Security Handbook for Activists and Campaigns (v 2.6) (.doc - 62 pages), by experienced UK direct action political activists

Anonymous Blogging with Wordpress & Tor - useful step by step guide with software configuration screenshots by Ethan Zuckerman at Global Voices Advocacy. (updated March 10th 2009 with the latest Tor / Vidalia bundle details)

WikiLeakS Links

The WikiLeakS.org Frequently Asked Questions (FAQ) page.

WikiLeakS Twitter feeds

The WikiLeakS.org website does not stay online all of the time, especially when there is a surge of traffic caused by mainstream media coverage of a particularly newsworthy leak.

Recently, they have been using their new Twitter feeds, to selectively publicise leaked documents to the media, and also to report on the status of routing or traffic congestion problems affecting the main website in Stockholm, Sweden.

N.B.the words "security" or "anonymity" and "Twitter" are mutually exclusive:

WikiLeakS.org Twitter feed via SSL encrypted session: https://twitter.com/wikileaks

WikiLeakS.org unencrypted Twitter feed http://twitter.com/wikileaks

Internet Censorship

OpenNet Initiative - researches and measures the extent of actual state level censorship of the internet. Features a blocked web URL checker and censorship map.

Temporary Autonomous Zone

Temporary Autonomous Zones (TAZ) by Hakim Bey (Peter Lambourn Wilson)

Cyberpunk author William Gibson

Campaign Button Links

Watching Them, Watching Us, UK Public CCTV Surveillance Regulation Campaign
UK Public CCTV Surveillance Regulation Campaign

NO2ID Campaign - cross party opposition to the NuLabour Compulsory Biometric ID Card
NO2ID Campaign - cross party opposition to the NuLabour Compulsory Biometric ID Card and National Identity Register centralised database.

Gary McKinnon is facing extradition to the USA under the controversial Extradition Act 2003, without any prima facie evidence or charges brought against him in a UK court. Try him here in the UK, under UK law.
Gary McKinnon is facing extradition to the USA under the controversial Extradition Act 2003, without any prima facie evidence or charges brought against him in a UK court. Try him here in the UK, under UK law.

FreeFarid_150.jpg
FreeFarid.com - Kafkaesque extradition of Farid Hilali under the European Arrest Warrant to Spain

Peaceful resistance to the curtailment of our rights to Free Assembly and Free Speech in the SOCPA Designated Area around Parliament Square and beyond

Parliament Protest blog - resistance to the Designated Area restricting peaceful demonstrations or lobbying in the vicinity of Parliament.

Petition to the European Commission and European Parliament against their vague Data Retention plans
Data Retention is No Solution Petition to the European Commission and European Parliament against their vague Data Retention plans.

Save Parliament: Legislative and Regulatory Reform Bill (and other issues)
Save Parliament - Legislative and Regulatory Reform Bill (and other issues)

Open_Rights_Group.png
Open Rights Group

The Big Opt Out Campaign - opt out of having your NHS Care Record medical records and personal details stored insecurely on a massive national centralised database.

Tor - the onion routing network
Tor - the onion routing network - "Tor aims to defend against traffic analysis, a form of network surveillance that threatens personal anonymity and privacy, confidential business activities and relationships, and state security. Communications are bounced around a distributed network of servers called onion routers, protecting you from websites that build profiles of your interests, local eavesdroppers that read your data or learn what sites you visit, and even the onion routers themselves."

Tor - the onion routing network
Anonymous Blogging with Wordpress and Tor - useful Guide published by Global Voices Advocacy with step by step software configuration screenshots (updated March 10th 2009).

irrepressible_banner_03.gif
Amnesty International's irrepressible.info campaign

anoniblog_150.png
BlogSafer - wiki with multilingual guides to anonymous blogging

ngoiab_150.png
NGO in a box - Security Edition privacy and security software tools

homeofficewatch_150.jpg
Home Office Watch blog, "a single repository of all the shambolic errors and mistakes made by the British Home Office compiled from Parliamentary Questions, news reports, and tip-offs by the Liberal Democrat Home Affairs team."

rsf_logo_150.gif
Reporters Without Borders - Reporters Sans Frontières - campaign for journalists 'and bloggers' freedom in repressive countries and war zones.

committee_to_protect_bloggers_150.gif
Committee to Protect Bloggers - "devoted to the protection of bloggers worldwide with a focus on highlighting the plight of bloggers threatened and imprisoned by their government."

wikileaks_logo_low.jpg
Wikileaks.org - the controversial "uncensorable, anonymous whistleblowing" website based currently in Sweden.

Syndicate this site (XML):

Recent Comments

  • wikileak: Cryptome have a few more extracts from this book http://cryptome.org/0003/ddb-book/ddb-book.htm read more

November 2018

Sun Mon Tue Wed Thu Fri Sat
        1 2 3
4 5 6 7 8 9 10
11 12 13 14 15 16 17
18 19 20 21 22 23 24
25 26 27 28 29 30