Entries Tagged "whistleblowers"

Page 6 of 6

WikiLeaks

I don’t have a lot to say about WikiLeaks, but I do want to make a few points.

1. Encryption isn’t the issue here. Of course the cables were encrypted, for transmission. Then they were received and decrypted, and—so it seems—put into an archive on SIPRNet, where lots of people had access to them in their unencrypted form.

2. Secrets are only as secure as the least trusted person who knows them. The more people who know a secret, the more likely it is to be made public.

3. I’m not surprised these cables were available to so many people. We know access control is hard, and it’s impossible to know beforehand what information people will need to do their jobs. What is surprising is that there weren’t any audit logs kept about who accessed all these cables. That seems like a no-brainer.

4. This has little to do with WikiLeaks. WikiLeaks is just a website. The real story is that “least trusted person” who decided to violate his security clearance and make these cables public. In the 1970s, he would have mailed them to a newspaper. Today, he used WikiLeaks. Tomorrow, he will have his choice of a dozen similar websites. If WikiLeaks didn’t exist, he could have made them available via BitTorrent.

5. I think the government is learning what the music and movie industries were forced to learn years ago: it’s easy to copy and distribute digital files. That’s what’s different between the 1970s and today. Amassing and releasing that many documents was hard in the paper and photocopier era; it’s trivial in the Internet era. And just as the music and movie industries are going to have to change their business models for the Internet era, governments are going to have to change their secrecy models. I don’t know what those new models will be, but they will be different.

EDITED TO ADD (12/10): Me in The Economist:

The State Department has learned what the music and film industries learned long ago: that digital files are easy to copy and distribute, says Bruce Schneier, a security expert. Companies are about to make that discovery, too. There will be more leaks, and they will be embarrassing.

Posted on December 9, 2010 at 5:50 AMView Comments

WikiLeaks Insurance File

Now this is an interesting development:

In the wake of strong U.S. government statements condemning WikiLeaks’ recent publishing of 77,000 Afghan War documents, the secret-spilling site has posted a mysterious encrypted file labeled “insurance.”

The huge file, posted on the Afghan War page at the WikiLeaks site, is 1.4 GB and is encrypted with AES256. The file’s size dwarfs the size of all the other files on the page combined. The file has also been posted on a torrent download site.

It’s either 1.4 Gig of embarrassing secret documents, or 1.4 Gig of random data bluffing. There’s no way to know.

If WikiLeaks wanted to prove that their “insurance” was the real thing, they should have done this:

  1. Encrypt each document with a separate AES key.
  2. Ask someone to publicly tell them to choose a random document.
  3. Publish the decryption key for that document only.

That would be convincing.

In any case, some of the details might be wrong. The file might not be encrypted with AES256. It might be Blowfish. It might be OpenSSL. It might be something else. Some more info here.

EDITED TO ADD (8/9): Weird Iranian paranoia:

An Iranian IT expert warned here on Wednesday that a mysterious download file posted by the WikiLeaks website, labeled as ‘Insurance’, is likely a spy software used for identifying the information centers of the United States’ foes.

“The mysterious file of the WikiLeaks might be a trap for intelligence gathering,” Hossein Mohammadi told FNA on Wednesday.

The expert added that the file will attract US opponents and Washington experts can identify their enemy centers by monitoring individuals’ or organizations’ tendency and enthusiasm for the file.

Posted on August 4, 2010 at 7:52 AMView Comments

WikiLeaks

Long, but interesting, profile of WikiLeaks’s Julian Assange from The New Yorker.

Assange is an international trafficker, of sorts. He and his colleagues collect documents and imagery that governments and other institutions regard as confidential and publish them on a Web site called WikiLeaks.org. Since it went online, three and a half years ago, the site has published an extensive catalogue of secret material, ranging from the Standard Operating Procedures at Camp Delta, in Guantánamo Bay, and the “Climategate” e-mails from the University of East Anglia, in England, to the contents of Sarah Palin’s private Yahoo account.

This is only peripherally related, but Bradley Manning—an American soldier—has been arrested for leaking classified documents to WikiLeaks.

Another article from The Guardian, directly related to Manning.

EDITED TO ADD (7/13): More links.

Posted on June 24, 2010 at 1:13 PM

Cryptography Broken on American Military Attack Video

Any ideas?

At a news conference at the National Press Club, WikiLeaks said it had acquired the video from whistle-blowers in the military and viewed it after breaking the encryption code. WikiLeaks released the full 38-minute video as well as a 17-minute edited version.

And this quote from the WikiLeaks Twitter feed on Feb 20th:

Finally cracked the encryption to US military video in which journalists, among others, are shot. Thanks to all who donated $/CPUs.

Surely this isn’t NSA-level encryption. But what is it?

Note that this is intended to be a discussion about the cryptanalysis, not about the geopolitics of the event.

EDITED TO ADD (4/13): It was a dictionary attack.

Posted on April 7, 2010 at 1:37 PMView Comments

TSA Failures in the News

I’m not sure which is more important—the news or the fact that no one is surprised:

Sources told 9NEWS the Red Team was able to sneak about 90 percent of simulated weapons past checkpoint screeners in Denver. In the baggage area, screeners caught one explosive device that was packed in a suitcase. However later, screeners in the baggage area missed a book bomb, according to sources.

“There’s very little substance to security,” said former Red Team leader Bogdan Dzakovic. “It literally is all window dressing that we’re doing. It’s big theater on TV and when you go to the airport. It’s just security theater.”

Dzakovic was a Red Team leader from 1995 until September 11, 2001. After the terrorist attacks, Dzakovic became a federally protected whistleblower and alleged that thousands of people died needlessly. He testified before the 9/11 Commission and the National Commission on Terrorist Attacks Upon the US that the Red Team “breached security with ridiculous ease up to 90 percent of the time,” and said the FAA “knew how vulnerable aviation security was.”

Dzakovic, who is currently a TSA inspector, said security is no better today.

“It’s worse now. The terrorists can pretty much do what they want when they want to do it,” he said.

Posted on April 2, 2007 at 12:16 PMView Comments

Interview with Sandia Whistleblower

Interesting interview with Shawn Carpenter, the Sandia National Labs whistleblower who just won a $4.3 million lawsuit for wrongful termination.

What prompted you to conduct that independent investigation into the Sandia intrusion in the first place? As a network intrusion detection analyst, I regularly used similar “back-hacking” techniques in the past to recover stolen Sandia password files and retrieve evidence to assist in system and network compromise investigations.

We were able to better defend our networks as a direct result of the intelligence we gained. I authored in-depth analyses of these intrusions that were sent for reporting and educational purposes to the Department of Energy’s (DOE) Computer Incident Advisory Capability (CIAC), investigators at the DOE Inspector General (IG), Sandia Counterintelligence, DOE Cyber Counterintelligence, Sandia IT management and my entire department. Even to a novice, it was obvious after reading the analyses how intelligence was gleaned on the adversaries.

For example, phrases substantially similar to this were used in my reports: “I used their credentials to access the systems in Brazil and China, identify their hacking tool caches, and [pulling] down all of their tools, e-mails and other information to aid in their identification.” Numerous exhibits of these activities were presented at trial for the jurors. In a meeting with them after the verdict was rendered, even the less cyber-savvy folks understood what the e-mails represented.

What were you hoping to achieve through this investigation? My objective started out with a purpose similar to the other investigations I engaged in while at Sandia. The difference in this instance was that the rabbit hole went much deeper than I imagined.

In late May of 2004, one of my investigations turned up a large cache of stolen sensitive documents hidden on a server in South Korea. In addition to U.S. military information, there were hundreds of pages of detailed schematics and project information marked “Lockheed Martin Proprietary Information ­ Export Controlled” that were associated with the Mars Reconnaissance Orbiter. Ironically, Sandia Corp., the private company that manages Sandia National Laboratories, is a subsidiary of Lockheed Martin Corp. It was this discovery that prompted my meeting with [supervisors] and when I was told that “it was not my concern.” Later, I turned it over to the U.S. Army and the FBI and helped investigate how it was taken and where the path led.

Posted on March 12, 2007 at 6:56 AMView Comments

1 4 5 6

Sidebar photo of Bruce Schneier by Joe MacInnis.