Even though Julian Assange could very well be extradited from the UK to Sweden next week, to face non-wikleaks related sexual offences allegations
https://twitter.com/#!/JudiciaryUK/status/129846526171287552
Julian Assange appeal against extradition - the High Court will hand down judgment on Wednesday 2 November.
10:06 AM Oct 28th 2011
he has announced a new, re-engineered WikiLeakS.org submission system to be launched on November 28th 2011.
https://twitter.com/#!/wikileaks/status/128455207490293762
@wikileaks WikiLeaks
Assange: On November 28th WikiLeaks will launch new generation submissions system http://www.ustream.tv/recorded/180824171:58 PM Oct 24th 2011
http://www.ustream.tv/recorded/18082417
Julian Assange speaking at the Frontline international press club in London, on Tuesday 24th October 2011
Approx 1 hour 5 minutes near the end of the video clip:
The fallout from that was the we viewed that our submission system could not be trusted any more
So did everyone else with any clues about computer security and anonymity, including Daniel Domscheit-Berg and the "Architect", which is partly why they left in the first place.
As a result we have had to completely re-engineer, from scratch, a new generation submission system.
On November 28th, the one year anniversary of CableGate, we will
Now, wikileaks has never had only the one submission system. We've received information in a wide variety of means, just like intelligence agencies and professional, mainstream media organisations, receive their information from a wide variety of means.
It has been important to us, to always have a wide variety of means, so no one mean becomes the sole, the sole subject of infiltration or investigation.
However, for the last, for the last 12 months, for the last 12 months, you haven't been able to go through the front door to submit wikileaks sensitive, information
You've had to establish, contacts, with the organisation and transmit us the material through other mechanisms.
Is Assange claiming that people have actually been stupid enough to submit sensitive material to him in the last 12 months, through other means ?
Why has he not bothered to publish any of this new, "non-Bradley Manning" sourced stuff then ?
How exactly are these "other means" actually Anonymous or Secure ?
Remember that wikileaks stopped publishing a PGP Public Encryption Key years ago and their incompetence in using PGP as a means of symmetric encryption and then stupidly publishing their CableGate archive online around the world and the re-using the same pass phrase with Guardian journalist David Leigh, was an
Similarly, they stopped publishing a Tor Hidden Service even before they stopped accepting new submissions.
On November 28th, the one year anniversary of CableGate, we will launch our new generation submission system.
That includes, not just, a public interface, but also several other mechanisms that are necessary to deal with an attack on the entire internet security system, that has been established over the last few years, by intelligence agencies and criminal groups.
Right now, it is not possible to trust any https:// connection on the internet.
Utter rubbish !
Even wikileaks.org itself has, at various times, published a Self Signed Digital Certificate and has published the MD5 and SHA-1 cryptographic hash fingerprints, without relying on any built in web browser trust of Certificate Authorities.
It is not possible your banking system, it is not possible to trust any, regular, web based secure encryption system
What about banks which use SSL v3 Client Side Digital Certificates for mutual client / server authentication, without the need for any external Certificate Authority ?
That is because, intelligence agencies have infiltrated , a number of Certificate Authorities. Certificate Authorities are those authorities which
sign the cryptographic keys that are used for secure internet communication.On November 28th, we will release our alternative to that system, which is independent of all Certificate Authorities
Is the something which Julian and his cult have created from scratch, or will they just steal / borrow the work of Moxie Marlinspike and SSLLabs etc. with Convergence ?
Remember that SSL / TLS encryption only provides Secrecy about most of the contents of an encrypted session, it does not provide any Anonymity, and, may in fact provide less anonymity than a non-SSL connection via a shared proxy server.
A question from the floor:
"I understand that you may be limited in what you can say, but how have you manage to get around the fact, that in your eyes, Certificate Authorities can't be trusted, with this particular submission system ?"
01:08:57
We will give full details here, on a conference, on November 28th
Full details ?? Don't hold your breath.
Will they publish the source code of their system, or even a detailed security architecture of what is is intend to actually do and protect against ?
On past performance, this is extremely unlikely.
I would like to say, that in that, this problem has been brewing over a number of years, and we were aware of it before, back in 2010, and we had a number of mechanisms to ameliorate that, ahh, thousands of robots that went out over the internet, to simulate being sources, to check to see, whether these "men-in-the-middle" or fabricated certificates existed.
So we had a number of different mechanisms to try to ameliorate that problem, but it is our view that the problem has now gone so severe, that even those attempts to ameliorate it, can no longer be trusted to the degree, that our sources expect us, to be able to solve the problem
More nonsense from the deliberately deceptive Julian Assange:
"thousands of robots" ??
At the time they claimed that this was to provide "cover traffic" to help to confuse Communications Traffic Analysis and thereby to improve the Anonymity of the submission system
This could not and would not have tested for any SSL "man-in-the-middle" attacks on the Security / Privacy of submissions.
Neither could it have detected compromised Certificate Authorities around the world, especially in places where the Government also controls international internet access.
Even if it was meant to do so, they obviously failed to detect a single example of such an attack aimed at wikileaks, or if they did, they must have covered it up.
Regardless of the technical merits of this new submission system, any whistleblower with really sensitive, life threatening information to publish, would have to be suicidal to trust Julian Assange and his WikiLeakS.org cult followers with it.
Recent Comments