Recently in Protecting financial supporters Category

Various German language online media are reporting that Daniel Domscheit-Berg has been expelled from the Chaos Communication Club after his presentation of the state of play of his OpenLeaks.org project at the 5 day Chaos Computer Camp at an ex-soviet airfield / military aircraft museum north of Berlin this week.

Chaos Computer Club schließt Domscheit-Berg aus

CCC feuert gegen OpenLeaks

This is only the second expulsion of a member in the 30 year history of the Chaos Computer Club - the previous one was, apparently some neo-nazi who had been abusing their infrastructure.

There is no mention of this bickering on either the official https://ccc.de or https://openleaks.org web pages, the participants have, instead decided to give interviews to the media, without bothering to inform their supporters directly (a couple of thousand of whom were gathered at the campsite).

leaks_taz_de_screenshot_450.jpg
(click for a larger screenshot image of https://leaks.taz.de in a new window)

https://leaks.taz.de

The test setup

From 12th to 14th of August 2011 this public platform is offered by German daily taz die tageszeitung, German weekly der Freitag, Portuguese weekly Expresso, Danish daily Dagbladet Information as well as the consumer protection organization Foodwatch; in cooperation with OpenLeaks. During this time you can upload documents, which will be worked on by the involved parties.

The goal of this setup is to invite you to do a security evaluation of the system during the Chaos Communication Camp 2011.

Surely nobody in the rest of the world, who is interested in the anonymity and security of whistleblowing website projects, ever considered that the temporary test server, set up in a in a tent on the outskirts of the main camp site infrastructure, was actually somehow being "officially" tested and "approved" by the CCC ?

Obviously, most of the people at the CC campsite were busy with the many other projects and causes, but some of the people with expertise and experience of whistleblowing website anonymity and security infrastructure, and relations with the mainstream media, were present and may have contributed to the discussions and the preview "testing".

As anybody who has attended these sort of hacker conventions should know, the mere act of putting up a webs server on the campsite network, will mean that it will be "stress tested" in a very hostile network environment, with lots of port scans and probes and attempts to hack into it and run denial of service attacks, but these would also happen if it was hosted at a major data centre.

But that should not be the only proper testing that the system gets before going live, a point on which here we agree with the CCC and which Daniel Domscheit-Berg also probably agrees with.

Endorsement by mainstream media brand names mentioned above provide far more public trust and credibility, whatever that is actually worth regarding a currently non-operational system, than any (non-existent) "CCC" branding or approval.

The CCC have never been known for having any kind of "approved by the CCC" branding or "approval" of computer or telecommunications projects and they are deluding themselves if they think they would ever be trusted internationally if they did so.

The CCC leaders' action (it is a properly registered legal entity with a board of directors, a constitution etc.) now gives the impression of siding with Julian Assange (who was never a member) against Daniel Domscheit-Berg.

As mentioned in his book, Daniel Domscheit-Berg and the other former WikiLeakS.org technical staff defector "the Architect", took away their own intellectual property and thereby disabled the "improved" WikileakS.org submission system

Julian Assange and his cult of supporters have never bothered to replicate even the shaky anonymity and security infrastructure which they were left with or re-launch a different, better, whistleblower leak submission and publication system, despite having plenty of volunteers and money to do so.

The president of the CCC Andy Müller-Maguhn, who some of us once elected to the board of the ICANN which regulates internet domain name registration and appeals procedures, seems to have been trying to mediate between Julian Assange and Daniel Domscheit-Berg for nearly a year over the return of this encrypted data to Julian Assange.

Since there is no evidence that the current WikiLeakS.org team is capable of handling the data securely (their current website does not even bother to use an SSL / TLS Digital certificate any more) they cannot be trusted any more than Daniel Domscheit-Berg can be.

The current OpenLeaks.org project may not yet have published its software as an Open Source project, which is what the purists at the CCC would like, but then neither has WikiLeakS.org nor any other whistleblower website.

Even if they did so, there is no guarantee that the specific computer and networking configuration settings and infrastructure used by a particular website are not actually counteracting any anonymity or security functions built in to the Open Source software.

All that the CCC board needed to do was to issue a press release making it clear that there was no official CCC endorsement of the OpenLeaks.org project.

The breakdown in mediation attempts the CCC may have tried between Julian Assange and Daniel Domscheit-Berg are not proper grounds for expelling the latter from the Club.

Some of the wrongdoers who have something to hide from public scrutiny and might therefore fear the OpenLeaks.org project, will be smiling to themselves at this display of disunity amongst the German section of the tiny minority of people around the world with the technical skills and attitude to make a difference.

Expelling Daniel Domscheit-Berg, without also criticising the current WikiLeakS.org cult, has damaged the reputation of the Chaos Computer Club internationally.

What about the Wau Holland Foundation and OpenLeaks.org ?

The registered charity the Wau Holland Foundation, which is controlled by CCC sympathisers, may not now be available the Openleaks.org project, as a channel for receiving financial donations from supporters, a service it currently performs for WikiLeakS.org.

If OpenLeaks.org gets some money from its media partners, this may not matter too much, but until there is a virtuous circle of whistleblower trust and actual mainstream media publication of leaks via OpenLeaks.org, they will always be short of money.

OpenLeaks.org may still be able to make use of PayPal etc., to receive financial donations from individuals, something which WikiLeakS.org no longer can do, as they have managed to annoy and get banned over the years, due to their lack of financial transparency and their perceived anti-American political bias.


We ave previously commented that WkiLeakS.org, or similar organisations, actually require the same sort off "tax haven" and "tax avoidance" techniques employed by the Private Banking industry which they so gleefully try to expose the details of "for maximum political effect".

The Wall Street Journal has been "investigating", without actually revealing the details of any of the front companies and foundations, apart from some of the ones which have appeared on the WikiLeakS.org financial contributions pages. It is is disappointing that a financial sector newspaper like the Wall Street Journal, cannot find, or will not publish, any more details, other than those provided by Julian Assange.

Have these been verified in any way e.g. is WikiLeakS.org really registered as a library in Australia ?

How WikiLeaks Keeps Its Funding Secret

By JEANNE WHALEN and DAVID CRAWFORD

The controversial website WikiLeaks, which argues the cause of openness in leaking classified or confidential documents, has set up an elaborate global financial network to protect a big secret of its own--its funding.

Some governments and corporations angered by the site's publications have already sued WikiLeaks or blocked access to it, and the group fears that its money and infrastructure could be targeted further, founder Julian Assange said in an interview in London shortly after publishing 76,000 classified U.S. documents about the war in Afghanistan in July. The move sparked international controversy and put WikiLeaks in the spotlight.

In response, the site has established a complex system for collecting and disbursing its donations to obscure their origin and use, Mr. Assange said. Anchoring the system is a foundation in Germany established in memory of a computer hacker who died in 2001.

WikiLeaks's financial stability has waxed and waned during its short history. The site shut down briefly late last year, citing a lack of funds, but Mr. Assange said the group has raised about $1 million since the start of 2010.

WikiLeaks's lack of financial transparency stands in contrast to the total transparency it seeks from governments and corporations.

This lack of financial transparency is one of the major failings of the WikiLeakS.org project.

"It's very hard work to run an organization, let alone one that's constantly being spied upon and sued," Mr. Assange said in the The controversial website WikiLeaks, which argues the cause of openness in leaking classified or confidential documents, has set up an elaborate global financial network to protect a big secret of its own--its funding.

Some governments and corporations angered by the site's publications have already sued WikiLeaks or blocked access to it, and the group fears that its money and infrastructure could be targeted further, founder Julian Assange said in an interview in London shortly after publishing 76,000 classified U.S. documents about the war in Afghanistan in July. The move sparked international controversy and put WikiLeaks in the spotlight.

In response, the site has established a complex system for collecting and disbursing its donations to obscure their origin and use, Mr. Assange said. Anchoring the system is a foundation in Germany established in memory of a computer hacker who died in 2001.

WikiLeaks's financial stability has waxed and waned during its short history. The site shut down briefly late last year, citing a lack of funds, but Mr. Assange said the group has raised about $1 million since the start of 2010.

WikiLeaks's lack of financial transparency stands in contrast to the total transparency it seeks from governments and corporations.

"It's very hard work to run an organization, let alone one that's constantly being spied upon and sued," Mr. Assange said in the interview. "Judicial decisions can have an effect on an organization's operation. ... We can't have our cash flow constrained entirely," he said.

Among the cases WikiLeaks has faced, the Swiss bank Julius Baer & Co. in 2008 sued for damages in federal court in California, alleging that the site had published stolen bank documents. The court ordered the disabling of the wikileaks.org domain name, but the bank withdrew its lawsuit after civil-rights advocates protested.

Though Mr. Assange declined to name donors or certain companies through which donations flow, he provided some insight into the funding structure that allows the group to operate.

The linchpin of WikiLeaks's financial network is Germany's Wau Holland Foundation. WikiLeaks encourages donors to contribute to its account at the foundation, which under German law can't publicly disclose the names of donors. Because the foundation "is not an operational concern, it can't be sued for doing anything. So the donors' money is protected, in other words, from lawsuits," Mr. Assange said.

Nonsense ! There are several Islamic Charities which not only have been sued, but have subjected to anti-terrorism investigations and have had their financial assets frozen, even though they have never been "operational concerns" either.

No "tax evasion" / "tax avoidance" trust funds and front companies registered in tax havens are "operational concerns" either, but that does not prevent various tax authorities going after them and their beneficiaries.

The German foundation is only one piece of the WikiLeaks network.

"We're registered as a library in Australia, we're registered as a foundation in France, we're registered as a newspaper in Sweden," Mr. Assange said. WikiLeaks has two tax-exempt charitable organizations in the U.S., known as 501C3s, that "act as a front" for the website, he said. He declined to give their names, saying they could "lose some of their grant money because of political sensitivities."

Surely the Wall Street Journal could investigate and find out the names of the Australian "library", the French foundation and the US 501C3s ?

Mr. Assange said WikiLeaks gets about half its money from modest donations processed by its website, and the other half from "personal contacts," including "people with some millions who approach us and say 'I'll give you 60,000 or 10,000,' " he said, without specifying a currency.

How have WikiLeakS.org solved the problem faced by many unincorporated voluntary organisations, who cannot get large sums of money from rich individuals or companies or trades unions etc. because these donors would become "jointly and separately liable" for any debts incurred by the voluntary organisations , and, just as importantly, vice versa i.e. the organisation could become liable for the debts or bankruptcy of these large donors.

The other big risks to rich financial donors involve the horrendously complicated and ineffective (in terms of catching real criminals and terrorists) anti-money laundering regulations and investigations, which various government bureaucracies have imposed on the financial industry, especially for foreign money transfers.

How does WikiLeakS.org provide any protection to financial donors in such cases ?

Retrieving money from the Wau Holland Foundation is a complicated task, he said. WikiLeaks must submit receipts to the foundation, which issues grants to reimburse them. Because German law requires the foundation to publicly disclose its expenditures, WikiLeaks uses "other foundations" to aggregate its bills and send them to Wau Holland, so that some of the companies WikiLeaks does business with remain anonymous, Mr. Assange said. This prevents anyone from seeing whom, for example, WikiLeaks pays for Internet infrastructure, or where that infrastructure is located.

To operate, the website needs several powerful computers linked to high-speed Internet connections. WikiLeaks particularly tries to obscure payments for "basic infrastructure that could be attacked," for "servers that are engaged in source protection," and for "security engineers," Mr. Assange said.

So far, Wau Holland has distributed €50,000 ($64,000) to a WikiLeaks account in Germany, strictly in exchange for receipts, according to Daniel Schmitt, spokesman at WikiLeaks, and Hendrik Fulda, deputy board chairman of the foundation. Mr. Schmitt controls the account.

The average donation to WikiLeaks via the Wau Holland Foundation is about €20, Mr. Fulda said. The largest donation through the foundation--€10,000--arrived from a German donor after the publication of the Afghan war documents, he said, declining to reveal further details.

Mr. Schmitt said WikiLeaks needs about $200,000 a year to cover its operating expenses--mainly network fees, rent and storage costs for the sites where the servers are, and some hardware and travel expenses. Should it decide to pay salaries to its five staff members, as it is now considering, it would need about €600,000 a year, he said.

Paying salaries is a "sensitive subject," he said, noting that outsiders might question the need for them.

Most of the financial supporters of WikiLeakS.org would not object to salary payments for key staff, but they do demand some sort of financial accounting and transparency, which is totally lacking at the moment.

Mr. Fulda of the foundation said WikiLeaks needs €10,000 to €15,000 a month to maintain its Web presence. Late last year, when donors were contributing only €2,000 to €3,000 per month, WikiLeaks was struggling to survive, he said. So it shut down its website in December, leaving up only an appeal for donors to transfer money to the group via the Wau Holland Foundation. Soon, donations per month increased 20-fold.

WikiLeaks reopened its website in May, but "within days ... donations dropped back to near their former level," Mr. Fulda said.

The fluctuation caught the attention of Wau Holland's banking partners including eBayInc.'s PayPal, which demanded explanations for the surge and fall in donations. "I explained it wasn't money laundering, just WikiLeaks donations," Mr. Fulda said.

Which shows how useless the anti-money laundering red tape is.

A PayPal spokeswoman said the company is "still processing payments for WikiLeaks." She said that she couldn't comment further on a specific account but that in general, PayPal is required by anti-money-laundering laws and its own anti-fraud regulations to investigate accounts when they exceed certain limits.

WikiLeaks has tried to diversify away from PayPal by adding other payment options to its site, including Flattr.com, a payment system based in Sweden, and Moneybookers, a system based in the U.K.

A spokeswoman for Moneybookers said the company used to provide services to WikiLeaks but "as they don't adhere to Moneybookers' standards, the agreement was terminated." She declined to comment further. Flattr didn't respond to a request for comment.

"as they don't adhere to Moneybookers' standards, the agreement was terminated" - points to WikiLeakS.org lack of financial transparency as being a major problem.

Note also that another online money payment system which WikiLeakS.org has used during their dispute with PayPal, called TipIt.to seems to have gone "tits up" at the end of February 2010 due to "fraudulent transactions"

http://blog.tipit.to/2010/04/gesloten-voor-preventie-%E2%80%94%C2%A0closed-for-prevention/

Write to Jeanne Whalen at jeanne.whalen@wsj.com and David Crawford at david.crawford@wsj.com

Twitter, with its very short messages, is inherently the wrong medium for publishing important security / anonymity / financial warning advice about the WikiLeakS.org project.

http://twitter.com/wikileaks/status/9495477247

Our Kenyan PO BOX is no-longer considered secure after a break in. Please use Australia or Cambodia instead.

'Mon Feb 22 22:03:11 +0000 2010

from bit.ly

The WikiLeakS.org website is still deliberately crippled, and no longer displays the PO Box address for "Cambodia".

Why anyone would trust the Cambodian Government not to snoop on foreign letters or parcels sent to such a Post Office Box address, is a mystery.

The Postal Submissions (for whistleblower leak documents) web pages, did at least offer a few words of security / anonymity advice, which the single Twitter message, obviously does not.

Astonishingly, the current WikiLeakS.org home page still gives out this allegedly insecure address for Kenya, over 24 hours after the Twitter warning was published.

Kenya
WikiLeaks ICT
PO Box 8098-00200
Nairobi
Kenya

in the section devoted to "give us your money".

  • So is this address still suitable for sending cash or other financial donations, but not for whistleblower leak documents ?
  • Why can they not publish a full details about this security threat in Kenya, on the WikiLeakS.org website ?
  • What procedures does WikiLeakS.org employ to audit the reliability of their postal PO Box submissions, which they have suggested as a high security method of sending them whistleblower leaked documents.?
  • Do they ever send test documents and / or money via these PO Boxes, to see if these are being intercepted, delayed , censored or stolen ?
  • If the Kenyan PO Box can still be trusted, then the WIkiLeakS.org Twitter feed obviously cannot be trusted.

In order to reduce the chances of a Denial of Service attack via Rumour, WikiLeakS.org should have published fuller details of the reasons for no longer trusting this published method of submitting sensitive whistleblower leak documents and / or money, on their own website and via an email Press Release.

This security / anonymity warning press release should have been Digitally Signed using their (now long expired) PGP Public Encryption and Signing cryptographic Key, to vastly reduce the chance that it has been tampered with or entirely forged.

WikiLeakS.org purport to be experts in protecting their whistleblower sources, so why are such simple precautions beyond them ?

WikiLeakS.org is still not publishing any of their old or new whistleblower leaks, whilst still asking for new whistleblower leak submissions, and, still asking for money.

They now seem to have got themselves a TipiT.to tip jar, run by a company called Like It Tipit Ltd, based in the United Kingdom and the Netherlands.

https://tipit.to/wikileaks.org

which accepts Euros, US Dollars or GB Pound currency donations via credit card or the (mostly) Netherlands based iDEAL online payment system.. TipiT.to seem to be using the Netherlands based AdYen internet payments system for credit cards.

The TipiT.to terms of service make it clear that any responsibility for taxation lies with WikiLeakS.org.

However, now casual visitors to the suspended WikiLeakS.org web page will see a typical "appeals thermometer" graphical image.

https://tipit.to/img/thermo?style=1&tipjarId=1&currency=EUR&goal=5000000&since=20100124&width=150&background=c0c0c0

tipit_to_wikileaks_org_261.jpg

Note the target "goal" of 50,000 Euros.

Another "web bug":

Even though the PayPal graphic is now being served locally, rather than as a Deep Link from the Canadian fishing supplies website, this Web Bug problem has simply been replaced by a new one.

The new "thermometer appeal" graphical image is not a static graphical image, served locally from the WikiLeakS.org web servers. (like the above screen capture graphic is being served from the WikiLeak.org web space)

It is a dynamic image, generated remotely on the fly, presumably to show how much of the target has been achieved, as per the "appeals thermometer" theme.

This means that the TipiT.to webservers, and the Amazon Web Services, Elastic Compute Cloud, EC2 instance which they use, are collecting Communications Traffic Data logfiles, including visit time and date, IP address, Web browser details, language settings etc., from most of the visitors to the WikiLeakS.org page, even if they do not intend to proceed to the tip jar donations form.

Will anybody be monitoring or automatically screen scraping and logging, the WikiLeakS.org TipIT tip jar, or even the TipiT.to home pages, which display the amounts of money of the last 10 or so tips received ? Obviously some of these donations or tips are pseudo anonymous, but several people seem to be leaving their names and comments of support, which they may or may not regret later.

N.B. since the TipiT.to webs server does not appear to be serving a robots.txt file:

http://tipit.to/robots.txt

it may well be that snapshots of the "latest tips / financial contributors" to WikiLeakS.org and any other website will be captured by automatically and "forever", by Google, Yahoo, Bing and other web search engines..

The embedded YouTube video script remains as before, also potentially betraying the anonymity of visitors to the WikiLeakS.org website, in log files over which WIkiLeakS.org have no control.

Why is the simple website anonymity protection measure of serving copies of graphical images only from your own web server so difficult for the WikiLeakS.org people, who one would expect to live and breathe internet anonymity and security, to understand ?

We wonder what effect, if any, the suspension of the WikiLeakS.org PayPal button will have on their funding, whilst they are still offline, pleading for money.

The current WikiLeakS.org web page (Saturday 23rd January 2010) :

WikiLeakS_org_home_page_23jan2010_433.jpg

Support us financially

Pay by credit card or PayPal worldwide

Note the PayPal graphic, but not one actually locally hosted on the WikiLeakS.org web servers ! See below.

Paypal has as of 23rd of January 2010 frozen WikiLeaks assets. This is the second time that this happens. The last time we struggled for more than half a year to resolve this issue. By working with the respected and recognized German foundation Wau Holland Stiftung we tried to avoid this from happening again -- apparently without avail.

We are working on resolving this issue as fast as possible. Please use our bank accounts for direct transfer in the meantime, or contact wl-donations@sunshinepress.org for any further questions.

WikiLeaks is not the only non-profit organization with this problem. This is a regular occurrence, that from our perspective should not be tolerated by the global community using this payment system.

PayPal usually suspends non-profit organisations, because PayPal have to comply with local taxation laws involving the tax exempt status of such organisations, and with the world wide anti-money laundering red tape and bureaucracy.

You end up having to send them details of your charitable status, or, failing that, proof that you have a bank account in the name of your group etc.

WikiLeakS.org have "web bugged" most of their home page visitors

WikiLeakS.org proudly boasts that none of the identities of any of their whistleblower sources have been compromised. We have always been critical of their much more lackadaisical approach to the anonymity of the web site visitors, who may be just curious or who may be informed analysts who have the knowledge and experience to comment intelligently on the whistleblower leak documents - some of these people need to preserve their anonymity from snoopers, just as much as whistleblowers do.

Such visitors to the website home page will almost certainly also include the actual whistleblowers themselves, at some point before, during or after, they upload their potentially sensitive documents.

What then, were the WikiLeakS.org web team thinking of, by using a PayPal image which is hosted on a Canadian angling supplies website called www.alainfishing.com ?

"Fishing" for PayPal donations is going to make quite a few people wonder if this is a "phishing" scam.

Looking at some of the current WikiLeakS.org home page HTML source code, they appear to have commented out their PayPal link to the Wau Holland charitable foundation in Germany, but they are deep linking (for no good reason) to a PayPal web graphic, hosted on a third party website, a Canadian sports angling website which sells brightly coloured fishing bobs


<p> <b>Pay by credit card or PayPal worldwide</b><br>
<img src="http://www.alainfishing.com/en/images/paypalIcon.gif">

<!--- <form action="https://www.paypal.com/cgi-bin/webscr">
<input type="hidden" name="business" value="vorstand@wauland.de">
<input type="hidden" name="cmd" value="_donations">
<input type="hidden" name="hosted_button_id" value="9801043">
<input type="hidden" name="currency_code" value="USD">
<input type="hidden" name="item_name" value="WikiLeaks donation">
<input type="hidden" name="lc" value="en">
</p>
<p>Message with your donation:</p>
<p> <input type="text" name="item_number" value="">
</p>
<p>Enter amount:<br />
<select name="currency_code">
<option value="USD">USD
<option value="EUR">EUR
<option value="GBP">GBP
<option value="CAD">CAD
<option value="AUD">AUD
<option value="NZD">NZD
<option value="SEK">SEK
<option value="DDK">DDK
<option value="NOK">NOK
<option value="CHF">CHF
<option value="HKD">HKD
<option value="HUF">HUF
<option value="ILS">ILS
</select>

<input type="text" name="amount" style="width: 4em; text-align: right;" value="25.0"><br />
</p>
<p> <input name="submit" type="submit" style="margin-top: 1em;" value="Choose payment type"><br />
<span style="font-size: smaller;">(PayPal, VISA, Mastercard and more accepted)</span>
</form>
</p>--->

This effectively means that the web server log files of www.alainfishing.com, are now tracking most of the visitors to the WikiLeakS.org web page - in effect WikiLeakS.org have web bugged their own supposedly anonymity protected website.

This potentially compromises the anonymity of the vast majority the WikiLeaKS.org home page visitors, regardless of whether they are interested in PayPal or not, and anyone foolish enough to try to submit a whistleblower leak at the moment, without any timescale of when or if it will ever be published by the (suspended) WikiLeakS.org project.

This "web bug" effect also applies to the embedded YouTube Video of the Berlin 26C3 conference speech. (see WikiLeakS.org presentation at 26C3 - will Iceland become a WikiLeakS.org Publishing Data Haven ?).

A link to YouTube or, if they ever get it working again, to PayPal, should be illustrated with a local copyof the graphic, hosted on the WikiLeakS.org web servers , which supposedly do not keep log files.

Such links should also carry an "anonymity health warning", that clicking on them will make a connection with an external website, over which WikiLeakS.org have no control, and which will leave detectable electronic footprints.

WikiLeakS.org is currently unavailable until 6th [UPDATED 7th January] 11th January 2010, as they are appealing for your money and technical and legal support.

Have they run out of money ?

wikileaks_25dec09_appeal_for_money_450.jpg

We protect the world--but will you protect us?

"Wikileaks has probably produced more scoops in its short life than the Washington Post has in the past 30 years"
-- The National, November 19. 2009

To concentrate on raising the funds necessary to keep us alive into 2010, we have very reluctantly suspended all other operations, until Jan 6.

The Sunshine Press (WikiLeaks) is an non-profit organization funded by human rights campaigners, investigative journalists, technologists and the general public. Through your support we have exposed significant injustice around the world--successfully fighting off over 100 legal attacks in the process. Although our work produces reforms daily and is the recipient of numerous prestigious awards, including the 2008 Economist Freedom of Expression Award as well as the 2009 Amnesty International New Media Award, these accolades do not pay the bills. Nor can we accept government or corporate funding and maintain our absolute integrity. It is your strong support alone that preserves our continued independence and strength.

We have received hundreds of thousands of pages from corrupt banks, the US detainee system, the Iraq war, China, the UN and many others that we do not currently have the resources to release. You can change that and by doing so, change the world.

They want your money:

Support us financially


Pay by credit card or PayPal worldwide

[...]

(Processed for us by the Wau Holland foundation; PayPal, VISA, Mastercard and more accepted)

We hope that this PayPal account is not compromised like the previous one was - see: Follow the money - WikiLeakS.org partial financial donors list email

Bank transfers

To contribute via direct wire transfer, please make your donation to one of the following organizations that can accept support on our behalf. Tax deductibility is possible where indicated.

Europe

Use our account at the tax-deductible Wau Holland foundation:

Wau Holland Stiftung, Postfach 640236, 10048 Berlin, Germany
Commerzbank Kassel, BLZ: 52040021, KTO: 277281204
(international: IBAN: DE46520400210277281204, BIC: COBADEFF520)
(inquiries: wl-supporters@sunshinepress.org)

United States

Banking details available on request.

Email wl-supporters@sunshinepress.org with the name of your state to be guided through this simple process.

Australia & New Zealand

Use our tax-exempt infrastructure foundation:

WikiLeaks ICT, Australia
Full bank details available on request. Email wl-supporters@sunshinepress.org to be guided through this simple process.

All other countries

Use our account at the non-profit Wau Holland foundation in Europe:

Wau Holland Stiftung, Postfach 640236, 10048 Berlin, Germany
Commerzbank Kassel, BLZ: 52040021, KTO: 277281204
(international: IBAN: DE46520400210277281204, BIC: COBADEFF520)
(enquiries: wl-supporters@sunshinepress.org)

Other bank accounts are available on request from wl-supporters@sunshinepress.org

The Wau Holland Foundation has charitable tax status in Germany, and was set up in memory of German Chaos Computer Club pioneer and anti-censorship activist Herwart Holland-Moritz.

Cash or cheques

You can support us by posting cash, cheques or international money grams to one of the following addresses:

All countries

WikiLeaks ICT
BOX 4080, University of Melbourne
Victoria 3052, Australia

USD, EUR, AUD preferred. International cheques are best over $800 to avoid fees. If sending cash, please place it in a non-transparent envelope or a CD case for maximum security.

Remember that banknotes, and especially plastic CD cases, are good for fingerprints and DNA sample forensic evidence.

Kenya

WikiLeaks ICT
PO Box 8098-00200
Nairobi
Kenya

Other addresses are available on request from wl-supporters@sunshinepress.org

Apart from these payment methods

I f you are interested in contributing to our mission using another payment method or with a shares, property, bonds, a grant, matched contribution, bequest, interest free loan, or have any other questions, please write to wl-supporters@sunshinepress.org

None of these methods of funding allow financial supporters of the WikiLeakS.org project to remain anonymous.

Financial transactions are even easier for governments and law courts etc. to trace than IP addresses are.

The wl-supporters@sunshinepress.org email address must surely be monitored and intercepted by various Government law enforcement and intelligence agencies.

Since there is no longer any WikiLeakS.org published PGP Public Encryption Key (see Why have WikiLeakS.org abandoned the use of PGP Encryption ?), any such financial correspondence will be at risk of being snooped on, and is likely to reveal the identities of potential and actual WikiLeakS.org financial supporters.

If you do plan to contact that target email address, you should not use your usual, personally identifiable email account.

What about limited liability ? Are you "jointly liable" with them, for any debts or legal fines or legal costs ?

If you become a supporter of WikiLeakS.org. and some Judge awards massive, inflated legal costs against WikiLeakS.org in a court case, do your financial assets become targets for avaricious lawyers or governments ?

Desperate lawyers and government bureaucrats will lash out at any identifiable people, e.g. identifiable financial supporters, in order to put censorship pressure on WikiLeakS.org.

Surely, in order to minimise the risk of this, WikiLeakS.org would need to employ exactly the same sort of sophisticated financial techniques involving investment trusts, nominee accounts and private bank accounts in tax havens etc., as used by the likes of Bank Julius Baer or Barclays etc. who have tried to sue WIkiLeakS.org to suppress details of such tax avoidance or tax evasion schemes and the rich people who have used them ?

Alternatively, some sort of Hawala informal banking /money transfer scheme would be needed, which is increasingly suspected of terrorism money laundering etc. by various suspicious and / or greedy governments.

Perhaps, as used in some African countries, pre-paid mobile phone credit vouchers could be used, to transfer small amounts of money to WikiLeakS.org.- just send the 12 digit voucher number to someone who can make use of it on a particular mobile phone network, perhaps for voice or data calls,or for "m-commerce" to buy goods or services.

When will WikiLeakS.org publish any sort of financial accounts ?

About this blog

This blog here at WikiLeak.org (no "S") discusses the ethical and technical issues raised by the WikiLeakS.org project, which is trying to be a resource for whistleblower leaks, by providing "untraceable mass document leaking and analysis".

These are bold and controversial aims and claims, with both pros and cons, especially for something which crosses international boundaries and legal jurisdictions.

This blog is not part of the WikiLeakS.org project, and there really are no copies of leaked documents or files being mirrored here.

Email Contact

Please feel free to email us your views about this website or news about the issues it tries to comment on:

email: blog@WikiLeak[dot]org

Before you send an email to this address, remember that this blog is independent of the WikiLeakS.org project.

If you have confidential information that you want to share with us, please make use of our PGP public encryption key or an email account based overseas e.g. Hushmail

LeakDirectory.org

Now that the WikiLeakS.org project is defunct, so far as new whistleblower are concerned, what are the alternatives ?

The LeakDirectory.org wiki page lists links and anonymity analyses of some of the many post-wikileaks projects.

There are also links to better funded "official" whistlblowing crime or national security reporting tip off websites or mainstream media websites. These should, in theory, be even better at protecting the anonymity and security of their informants, than wikileaks, but that is not always so.

New whistleblower website operators or new potential whistleblowers should carefully evaluate the best techniques (or common mistakes) from around the world and make their personal risk assessments accordingly.

Hints and Tips for Whistleblowers and Political Dissidents

The WikiLeakS.org Submissions web page provides some methods for sending them leaked documents, with varying degrees of anonymity and security. Anybody planning to do this for real, should also read some of the other guides and advice to political activists and dissidents:

Please take the appropriate precautions if you are planning to blow the whistle on shadowy and powerful people in Government or commerce, and their dubious policies. The mainstream media and bloggers also need to take simple precautions to help preserve the anonymity of their sources e.g. see Spy Blog's Hints and Tips for Whistleblowers - or use this easier to remember link: http://ht4w.co.uk

BlogSafer - wiki with multilingual guides to anonymous blogging

Digital Security & Privacy for Human Rights Defenders manual, by Irish NGO Frontline Defenders.

Everyone’s Guide to By-Passing Internet Censorship for Citizens Worldwide (.pdf - 31 pages), by the Citizenlab at the University of Toronto.

Handbook for Bloggers and Cyber-Dissidents - March 2008 version - (2.2 Mb - 80 pages .pdf) by Reporters Without Borders

Reporters Guide to Covering the Beijing Olympics by Human Rights Watch.

A Practical Security Handbook for Activists and Campaigns (v 2.6) (.doc - 62 pages), by experienced UK direct action political activists

Anonymous Blogging with Wordpress & Tor - useful step by step guide with software configuration screenshots by Ethan Zuckerman at Global Voices Advocacy. (updated March 10th 2009 with the latest Tor / Vidalia bundle details)

WikiLeakS Links

The WikiLeakS.org Frequently Asked Questions (FAQ) page.

WikiLeakS Twitter feeds

The WikiLeakS.org website does not stay online all of the time, especially when there is a surge of traffic caused by mainstream media coverage of a particularly newsworthy leak.

Recently, they have been using their new Twitter feeds, to selectively publicise leaked documents to the media, and also to report on the status of routing or traffic congestion problems affecting the main website in Stockholm, Sweden.

N.B.the words "security" or "anonymity" and "Twitter" are mutually exclusive:

WikiLeakS.org Twitter feed via SSL encrypted session: https://twitter.com/wikileaks

WikiLeakS.org unencrypted Twitter feed http://twitter.com/wikileaks

Internet Censorship

OpenNet Initiative - researches and measures the extent of actual state level censorship of the internet. Features a blocked web URL checker and censorship map.

Temporary Autonomous Zone

Temporary Autonomous Zones (TAZ) by Hakim Bey (Peter Lambourn Wilson)

Cyberpunk author William Gibson

Campaign Button Links

Watching Them, Watching Us, UK Public CCTV Surveillance Regulation Campaign
UK Public CCTV Surveillance Regulation Campaign

NO2ID Campaign - cross party opposition to the NuLabour Compulsory Biometric ID Card
NO2ID Campaign - cross party opposition to the NuLabour Compulsory Biometric ID Card and National Identity Register centralised database.

Gary McKinnon is facing extradition to the USA under the controversial Extradition Act 2003, without any prima facie evidence or charges brought against him in a UK court. Try him here in the UK, under UK law.
Gary McKinnon is facing extradition to the USA under the controversial Extradition Act 2003, without any prima facie evidence or charges brought against him in a UK court. Try him here in the UK, under UK law.

FreeFarid_150.jpg
FreeFarid.com - Kafkaesque extradition of Farid Hilali under the European Arrest Warrant to Spain

Peaceful resistance to the curtailment of our rights to Free Assembly and Free Speech in the SOCPA Designated Area around Parliament Square and beyond

Parliament Protest blog - resistance to the Designated Area restricting peaceful demonstrations or lobbying in the vicinity of Parliament.

Petition to the European Commission and European Parliament against their vague Data Retention plans
Data Retention is No Solution Petition to the European Commission and European Parliament against their vague Data Retention plans.

Save Parliament: Legislative and Regulatory Reform Bill (and other issues)
Save Parliament - Legislative and Regulatory Reform Bill (and other issues)

Open_Rights_Group.png
Open Rights Group

The Big Opt Out Campaign - opt out of having your NHS Care Record medical records and personal details stored insecurely on a massive national centralised database.

Tor - the onion routing network
Tor - the onion routing network - "Tor aims to defend against traffic analysis, a form of network surveillance that threatens personal anonymity and privacy, confidential business activities and relationships, and state security. Communications are bounced around a distributed network of servers called onion routers, protecting you from websites that build profiles of your interests, local eavesdroppers that read your data or learn what sites you visit, and even the onion routers themselves."

Tor - the onion routing network
Anonymous Blogging with Wordpress and Tor - useful Guide published by Global Voices Advocacy with step by step software configuration screenshots (updated March 10th 2009).

irrepressible_banner_03.gif
Amnesty International's irrepressible.info campaign

anoniblog_150.png
BlogSafer - wiki with multilingual guides to anonymous blogging

ngoiab_150.png
NGO in a box - Security Edition privacy and security software tools

homeofficewatch_150.jpg
Home Office Watch blog, "a single repository of all the shambolic errors and mistakes made by the British Home Office compiled from Parliamentary Questions, news reports, and tip-offs by the Liberal Democrat Home Affairs team."

rsf_logo_150.gif
Reporters Without Borders - Reporters Sans Frontières - campaign for journalists 'and bloggers' freedom in repressive countries and war zones.

committee_to_protect_bloggers_150.gif
Committee to Protect Bloggers - "devoted to the protection of bloggers worldwide with a focus on highlighting the plight of bloggers threatened and imprisoned by their government."

wikileaks_logo_low.jpg
Wikileaks.org - the controversial "uncensorable, anonymous whistleblowing" website based currently in Sweden.

Syndicate this site (XML):

Recent Comments

  • James Hyams: I'm writing a thesis on Public Trust in WikiLeaks, the read more
  • rich kaplan: Hello Wikeleaks vrew. In Turkey , the islamist goverment just read more
  • wikileak: Cryptome have a few more extracts from this book http://cryptome.org/0003/ddb-book/ddb-book.htm read more
  • wikileak: OpenLeaks.org have now launched their website with some details of read more
  • wikileak: Bahnhof Internet seem to be hosting two Wikileaks servers in read more
  • teresa: I THANK THEY JUST TO SHUT HIM UP. THEY THINK read more
  • wikileak: Clay Shirky has posted a rough transcript of Daniel Domscheit-Berg's read more
  • wikileak: @ N - you can still see the "1.2 million read more
  • N: @wikileak - Exactly, these cables are _from_ the United States, read more
  • wikileak: Openleaks.org is now displaying this meassage: Coming soon! While we read more

November 2018

Sun Mon Tue Wed Thu Fri Sat
        1 2 3
4 5 6 7 8 9 10
11 12 13 14 15 16 17
18 19 20 21 22 23 24
25 26 27 28 29 30