The Guardian and the Wikileaks Encryption Key

← Back to Stories (view on slashdot.org)

The Guardian and the Wikileaks Encryption Key

Posted by timothy on Friday September 2, 2011 @10:50AM from the cascade-of-decisions dept.

rtfa-troll writes "Bruce Schneier has a good article explaining how the Guardian released the encryption key for the WikiLeaks cables and destroyed the main protection against the release of informers' personal information. The comments in Schneier's blog fill in details of how exactly WikiLeaks' secondary file security protections were also bypassed. Now the Guardian has an article that Assange risks arrest by Australia over the latest leaks, which include information about an Australian intelligence officer. They even say, 'We deplore the decision of WikiLeaks to publish the unredacted state department cables, which may put sources at risk,' and go on to state that 'The decision to publish by Julian Assange was his, and his alone,' something which seems clearly debunked in the analysis on Schneier's blog."

19 of 196 comments (clear)

Min score:

Reason:

Sort:

Links & hints to the data by mcantsin · 2011-09-02 10:56 · Score: 5, Informative

http://cryptome.org/z/z.7z (368MB) pwd: ACollectionOfDiplomaticHistorySince_1966_ToThe_PresentDay# http://pastebin.com/SBq9Xpsr http://cryptome.org/xyz/x.gpg.torrent (Returns xyz_x.gpg, 409MB. No passphrase yet) http://cryptome.org/xyz/y.gpg.torrent (Returns xyz_y.gpg, 88MB. No passphrase yet) http://cryptome.org/xyz/y-docs.gpg.torrent (Returns xyz_y-docs.gpg, 8MB. No passphrase yet) http://cryptome.org/xyz/z.gpg.torrent (Returns xyz_z.gpg, 368MB. Passphrase below) "xyz_z.gpg" and "z.gpg" appear to be identical and both decrypt to "z.7z." The decrypted file is "z.7z," 368MB, which unzips to "cables.csv," about 1.7GB in size, dated 4/12/2010.
1. Re:Links & hints to the data by Ironchew · 2011-09-02 11:12 · Score: 5, Insightful
  
  They accepted the risks when they engaged in the covert operations to begin with. People who uncover secrets are not responsible for deaths -- killers are.
2. Re:Links & hints to the data by Jeremiah+Cornelius · 2011-09-02 11:26 · Score: 5, Interesting
  
  These leaked cables are about HAVING KILLED PEOPLE!
  Including the point-blank firing of weapons into the heads of toddlers.
  Including Israeli lies about killing "terrorists" being revealed as bombing and killing 16 civilian villagers, at prayer.
  Like most reactionary cranks, you fret SO over the theoretical loss of life that might occur, if illegal and anti-democratic secrecy is not punitively enforced.
  Where is your concern, passion and outrage about the ACTUAL callous and criminal loss of life, that would have initiated any such threat?
  Your hypocrisy and disingenuous moral posturing stinks like the foetid pool of death that you defend.
  
  --
  "Flyin' in just a sweet place,
  Never been known to fail..."
3. Re:Links & hints to the data by a_nonamiss · 2011-09-02 11:33 · Score: 4, Insightful
  
  I'm sure you're correct in that most of the damage has already been done. I am, however, reacting to the cavalier attitude with which people seem to be treating this data. People have and will be killed over this information, and more importantly, next time someone is considering leaking something that may benefit the public as a whole, they're going to think twice about doing it. Because of that, this leak is a terrible thing for the world.
  
  --
  -Arthur
  Cave ne ante ullas catapultas ambules
4. Re:Links & hints to the data by Jah-Wren+Ryel · 2011-09-02 11:38 · Score: 4, Insightful
  
  Information wants to be free, and I do appreciate your eagerness to propagate this information, but people will die as a result of these leaked cables.
  You've said that twice now. How do you know it to be true? These cables weren't internal CIA reports, most of them were not even classified and those few that were had only the lowest level of classification.
  Furthermore, the information was "leaked" by the Guardian's careless publication of a password. Wikileaks officially publishing them now in an easily searchable form means anyone at risk has the ability to check for themselves if their names are mentioned - the bad guys have had the cables since at least last week, if not for the last few months following the publication of the password in February.
  
  --
  When information is power, privacy is freedom.
5. Re:Links & hints to the data by Oxford_Comma_Lover · 2011-09-02 11:42 · Score: 5, Insightful
  
  They accepted the risks when they engaged in the covert operations to begin with. People who uncover secrets are not responsible for deaths -- killers are.
  If your ex will kill you if he/she knows where you live, and I know your ex will do that, and I tell your ex where you live, I am *not* blameless
  If the country you're in will kill you if it knows what you do, and I know the country will do that, and I tell them what you do, I am not blameless.
  Saying someone accepted the risk of a bad result does not mean that other people who cause that result are inherently blameless. You may accept the risk of an accident when you drive to work in the morning, but if I hit you with my car, it may still be my fault.
  
  --
  -- IANAL, this isn't legal advice, and definitely isn't legal advice for you. Also, Squee!
6. Re:Links & hints to the data by he-sk · 2011-09-02 11:52 · Score: 5, Funny
  
  Information wants to be free, and I do appreciate your eagerness to propagate this information, but people will die as a result of these leaked cables.
  You've said that twice now. How do you know it to be true?
  It's true because it's in bold.
  
  --
  Free Manning, jail Obama.
7. Re:Links & hints to the data by Jeremiah+Cornelius · 2011-09-02 12:10 · Score: 5, Interesting
  
  Look at this from the tin-hat angle:
  David Leigh/Guardian is working in the interest of CIA/MI6 and looking not to collaborate with WikiLeaks, but to ensnare him for prosecution.
  Clue: DL Insisting on seeing the actual files
  Clue: DL Pressing for the GPG passphrase
  Clue: DL Publishing the ENTIRE proceeding and passphrase in a book
  Dumbshit-Borg is either a long-time mole or was "turned"
  Clue: D-B had full access to all unredacted material
  Clue: D-B acrimoniously split with Assange/WikiLeaks over ego-boundary shit and speculative "risk" issues
  Clue: D-B in his schism is part of the probable exposure of these cables - portrayed as an "accident", while he was unilaterally and admittedly sabotaging WikiLeaks
  Clue: D-B can now say "I told you so" over this exposure of sources - pointing to this as evidence, rather than a situation he perpetrated
  The US Army Counterintelligence Agency said in 2008 that WikiLeaks was"a potential force protection, counterintelligence, OPSEC, and INFOSEC threat to the US Army" and PLANNED OPERATIONS to neutralise/discredit WikiLeaks:
  "The identification, exposure, or termination of employment of or legal actions against current or former insiders, leakers, or whistleblowers could damage or destroy this center of gravity and deter others from using Wikileaks.org to make such information public."
  http://www.scribd.com/doc/28385794/Us-Intel-Wikileaks
  Question: Do you think that the Agency makes these declarations in vain, for their entertainment value?
  Question: Do you think they are alone, and that there are not equivalent planned and current operations by the CIA, etc.?
  Question: Are the combined actions of DL and D-B implausible as the intended outcome of a counter-WikiLeaks strategy, set in motion by one or more intelligence agencies, including US Army Counterintelligence?
  Think about it. Once they set this down IN PRINT, internally, and don't have a "positive" outcome? Sombody goes through the ringer.
  This is likely all a setup. One with a scenario that is similar to the one indicated here, if not completely identical. It is one where where David Leigh and Dumbshit-Borg are either pathetic and self-serving dupes, or sickening quislings.
  Either way, this is a noose fabricated of intentional actions with plausible deniability. Identify WikiLeaks with Assange's personality, and attack the personality. Attack the credibility of WikiLeaks methodology while distracting from their effectiveness and success in exposing filth, corruption and illegal government action.
  I know the will get Assange one way or another. They just created the circumstance to have him charged in Australia - their one sure bet. But watch out, DL and D-B.
  When your mysterious, untimely deaths occur, I will look at it as confirmation of these speculations.
  And proudly burnish my tin-hat...
  
  --
  "Flyin' in just a sweet place,
  Never been known to fail..."
8. Re:Links & hints to the data by Jeremiah+Cornelius · 2011-09-02 12:31 · Score: 4, Insightful
  
  Just an aside here, I don't know how relevant it is.
  I love how all the small-government types - the ones who think that the notions of commonwealth are somehow equivalent to boogieman socialism - get all righteously pro-State, when it comes to WikiLeaks. It is a curious kind of cognitive dissonance.
  I propose that this psychological maladaptation is the expected outcome of an authoritarian personality forming in the context of what is, nominally, a republic.
  George Orwell was impossibly subtle and perceptive in his fictional exposition of this as "DoubleThink". He demonstrates it as obvious, oxymoronic contradiction - a caricature of the actual mental state of those who enable and support totalitarian positions.
  "Freedom isn't Free" Christ! That's the knee-jerk truism for "War is Peace", "Freedom is Slavery" and "Ignorance is Strength" in one, compact portmanteau!
  
  --
  "Flyin' in just a sweet place,
  Never been known to fail..."
9. Re:Links & hints to the data by FoolishOwl · 2011-09-02 12:42 · Score: 4, Informative
  
  Including the point-blank firing of weapons into the heads of toddlers.
  I'm guessing you meant this:
  WikiLeaks: Iraqi children in U.S. raid shot in head, U.N. says
  Bradley Manning did the right thing.
10. Re:Links & hints to the data by Pseudonym · 2011-09-02 12:46 · Score: 4, Insightful
  
  It's been a year, and so far, nobody has died as a result of the leaked cables. Not saying it won't happen, but it hasn't happened so far.
  On the other hand, the cables contain information about people who have been murdered. These crimes would not be known, nor their murderers known, were it not for the release of the cables. So you seem to be advocating the cover-up an actual crime to potentially stop a future, theoretical crime. That'd be a great one for an undergraduate philosophy class to work through.
  
  --
  sub f{($f)=@_;print"$f(q{$f});";}f(q{sub f{($f)=@_;print"$f(q{$f});";}f});
11. Re:Links & hints to the data by Jeremiah+Cornelius · 2011-09-02 12:57 · Score: 4, Informative
  
  No "few bad apples".
  An airstrike was called in, to try and destroy evidence of the scene.
  These are beginning to emerge as "business as usual" occurrences from Iraq and Afghanistan.
  But, in history, we revile the Wehrmacht of Nazis for this same activity.
  
  --
  "Flyin' in just a sweet place,
  Never been known to fail..."
12. Re:Links & hints to the data by AliasMarlowe · 2011-09-02 18:33 · Score: 4, Informative
  
  I love how all the small-government types - the ones who think that the notions of commonwealth are somehow equivalent to boogieman socialism - get all righteously pro-State, when it comes to WikiLeaks. It is a curious kind of cognitive dissonance.
  It is a cognitive dissonance which forms part of a larger pattern. There is even a freely downloadable book on the topic, written by a psychology professor.
  
  --
  Those who can make you believe absurdities can make you commit atrocities. - Voltaire
13. Re:Links & hints to the data by hxnwix · 2011-09-02 20:10 · Score: 4, Informative
  
  "1,300 people were eventually killed, and 350,000 were displaced. That was a result of our leak," says Assange. It's a chilling statistic, but then he states: "On the other hand, the Kenyan people had a right to that information..."
  1,300 accessories to murder, I'd say.
  Let's put that in context:
  
  The leak exposed massive corruption by Daniel Arap Moi, and the Kenyan people sat up and took notice. In the ensuing elections, in which corruption became a major issue, violence swept the country. "1,300 people were eventually killed, and 350,000 were displaced. That was a result of our leak," says Assange. It's a chilling statistic, but then he states: "On the other hand, the Kenyan people had a right to that information and 40,000 children a year die of malaria in Kenya. And many more die of money being pulled out of Kenya, and as a result of the Kenyan shilling being debased."
  Removing the context as you did such that Assange apparently confessed to murder strikes me as rather dishonest. Assange has made real mistakes; focus on those unless your intent is merely to discredit his critics.
Wikileaks did the right thing sorta by DarkOx · 2011-09-02 11:04 · Score: 4, Interesting

They were stupid to let the Guardian to get the key in the first place but once it was out making it more available was the right call.
When you had to get the data and key together that require time, and some computer skills. People who might retaliate against leakers have the resources to marry the key and copy of the data they either already had or could get from torrents.
That might be much harder to do for some poor tribesman who has limited or intermittent access to the internet. By making the information easier to get at, it lowers the bar, makes it easier for potential victims to know if they have been outed, and need to protect themselves.

--
Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
DER SPIEGEL has a much better writeup by SmilingBoy · 2011-09-02 11:08 · Score: 4, Informative

The Schneier article is very speculative and doesn't have many facts.
DER SPIEGEL has a much better and more detailed account: http://www.spiegel.de/international/world/0,1518,783778,00.html
1. Re:DER SPIEGEL has a much better writeup by rtfa-troll · 2011-09-02 11:33 · Score: 4, Informative
  
  The Spiegel article is referenced by Schneier so it's there for people to read. However, in one, but the most crucial, aspect the Spiegel article is wrong. It accepts the statement that the Guardian believed password was temporary at face value.
  
  In a statement the Guardian rejected the accusations from Wikileaks, explaining that the paper had been told the password was temporary and would be deleted within hours. "No concerns were expressed when the book was published and if anyone at WikiLeaks had thought this compromised security they have had seven months to remove the files," the statement said. "That they didn't do so clearly shows the problem was not caused by the Guardian's book."
  What's new in Schneier's article is that that is pretty clearly debunked. This was a standard GPG/PGP archive which had already been distributed. There was absolutely no reason to hand out the correct password and doing so is a clear breach of IT security norms (never give your password to anybody) for no good reason.
  
  --
  =~ s,(.*),<sarcasm>$1</sarcasm>,g if any_point_you_wish();
Clarification by I(rispee_I(reme · 2011-09-02 11:17 · Score: 4, Informative

This is not the Wikileaks insurance file, which remains encrypted.
This is a different file, that the Guardian was privy to, and was then mirrored.
The password to this other file was published in a book.
I only mention this because the previous /. post on this topic had a lot of replies with the mentality that wikileaks has surrendered its insurance. Such is not the case.
RIP journalism by E+IS+mC(Square) · 2011-09-02 11:21 · Score: 5, Insightful

Among other revealations during this ordeal, one thing stands out - I now know how morally bankrupt main stream media have become, irrespective of how right or wrong assange is.
Guardian won awards for all the work done by wikileaks/manning, and now they just backstabbed them, and still have guts to defend their own actions.
NYT is even worse.
Whisleblowing investigative journalism is dead, sold out to big governments and corporations.