The Wired.com Danger Room preview article WikiLeaks Defector Slams Assange In Tell-All Book by Kim Zetter, about Daniel Domscheit-Berg's forthcoming book, seems to confirm many of the suspicions and speculations about the apparent internal rifts within the WikiLeakS.org project, which this blog has commented on over the years.
[...]
WikiLeaks founder Julian Assange lost control of his site's submission system in an internal revolt last fall, and has never regained it, according to a tell-all book penned by the organization's top defector, who accuses Assange of routinely exaggerating the security of the secret-spilling website and lying to the public about the size and strength of the organization.
Although WikiLeaks has claimed for months that its submission system is down due to a backlog of documents it has no time to process, Daniel Domscheit-Berg writes in Inside WikiLeaks that he and a top WikiLeaks programmer seized the submission system when they defected from the organization last September, along with documents in the system at the time.
[...]
Last August, in the wake of rape allegations against Assange as well as criticism that the site had mishandled the names of informants in Afghan documents the site published with media partners, Domscheit-Berg and two WikiLeaks programmers fed up with the way things were being run, staged a halfhearted mutiny. They disabled the WikiLeaks wiki and changed the passwords to the Twitter and e-mail accounts. In response, Assange shut down the whole system, causing the mutineers to cave in. But within weeks, Domscheit-Berg and one of the programmers had left WikiLeaks for good and taken the submission system with them.
They seized the system because they had doubts Assange would handle the documents securely, due to lack of care he had allegedly shown for submissions in the past.
"Children shouldn't play with guns," Domscheit-Berg writes. "That was our argument for removing the submission platform from Julian's control ... We will only return the material to Julian if and when he can prove that he can store the material securely and handle it carefully and responsibly."
The submission system had been recrafted by the programmer, whom Domscheit-Berg refers to only as "the Architect", after he became frustrated with the jerry-built infrastructure Assange, and perhaps others, had set up when Wikileaks launched in December 2006, according to the book. WikiLeaks had been running on a single server with sensitive backend components like the submission and e-mail archives connected to the public-facing Wiki page. The Architect separated the platforms and set up a number of servers in various countries.
In a statement Wednesday, WikiLeaks essentially confirmed Domscheit-Berg's version of why the site's submission system is missing. The organization said the system remains down months after Domscheit-Berg left because his "acts of sabotage" forced the organization to "overhaul the entire submission system" and the staff lacks time to do so.
The statement does not explain why Assange had previously claimed the submission system was down by design to stop an already huge backup of documents from growing even larger.
Domscheit-Berg writes that he and the Architect won't release the unpublished documents and will return them to WikiLeaks once Assange builds a secure system. Noting that the current site has no SSL support, Domscheit-Berg warns that anyone who visits the site to read submission instructions could be monitored.
"The current system has become a security risk for everyone involved," he writes.
Domscheit-Berg told Threat Level in an interview on Sunday that the hijacked leaks only include those submitted since the time the system came back online in July following an outage, and the time it went down permanently. Anything submitted before then, or via other methods, would still be in Assange's possession.
[...]
Domscheit-Berg began working with Assange after meeting him at a hacker conference in Germany in December 2007. Although WikiLeaks claimed to have hundreds of volunteers and an untold number of staffers, the organization consisted essentially of Assange and Domscheit-Berg, who pored through submissions, did little more than simple Google searches to verify documents and posed as non-existent staffers in e-mail and other correspondence to make WikiLeaks seem heftier than it was.The two were later joined by "the Technician" in 2008 and "the Architect" in 2009, both of whom assumed responsibility for the technological infrastructure, while Assange and Domscheit-Berg handled content and media relations. That is, until internal fighting began in 2009. Initially, the fights were over Assange's lack of transparency in handling donated funds, but eventually encompassed everything from the security of sources and submissions, to Assange's lack of trust in Domscheit-Berg, and Assange's relations with women.
[...]
When journalists asked about problems with WikiLeaks' infrastructure, Domscheit-Berg would purposely confuse them with technobabble. He writes that it was amazing how often their obfuscation strategy worked. "To create the impression of unassailability to the outside world, you only had to make the context as complicated and confusing as possible," he writes. "It was the same principle used by terrorists and bureaucrats. The adversary can't attack as long as he has nothing to grab hold of." The truth was, he notes, their "technical infrastructure was a joke and irresponsible. If someone knew where the server was located they could have shut WL down permanently ... We were acting irresponsibly, playing a risky game with our sources' trust and our supporters' donations."
Until WikiLeaks began working with media partners in 2010, it did little vetting of submissions beyond simple Google searches to see if documents seemed legitimate. This proved to be a problem when someone identified in a Julius Baer document as having a secret Swiss bank account claimed he'd been misidentified. Domscheit-Berg says the source who gave them the documents had also "included some background information he had researched about the bank's clients." But the source had apparently confused a Swiss account holder with a German man who had a similar name. When the German threatened to sue for slander, Assange and Domscheit-Berg added a caveat to the document saying, "according to three independent sources" the information might be false or misleading. The three independent sources, however, didn't exist. Domscheit-Berg says they made them up.
[...]
Will WikiLeakS.org ever resume operations for new whistleblower leak submissions ?
So will OpenLeakS.org really be any better than the WikILeakS.org smoke and mirrors confidence trick which this article portrays ?
N.B. OpenLeakS.org currently appears to have lost its https://OpenLeakS.org capability, despite, quite wisely, publishing the Digital Certificate details on
http://openleaks.org/content/contact.shtml
The SSL certificate we use for this website has the following fingerprints:
* SHA-1: 2F:A8:72:54:8F:CB:06:F1:02:39:D2:8C:1F:6B:FF:0A:22:1F:EB:36
* SHA-256: 5B:DE:F3:19:70:E7:D7:68:41:AE:75:20:C2:20:CB:78:1D:DE:81:A7:FE:8D:7D:0F:64:BD:69:E6:3E:AC:FE:47The serial of the certificate is 01:00:00:00:00:01:2C:F1:12:3A:99.
Cryptome have a few more extracts from this book
http://cryptome.org/0003/ddb-book/ddb-book.htm