Print! Spread! Donate!
Monday, March 22, 2010
Saturday, March 20, 2010
Friday, March 19, 2010
The fight is not over! Donate today!
In 2008, the United States Army got a little bit testy about some of its secret documents ending on Wikileaks and commissioned a secret investigation on the pesky website. Naturally, said report ended on Wikileaks three days ago and the story has since been making the run around the interwebs.
The classified (SECRET/NOFORN) 32 page U.S. counterintelligence investigation reports the most unforeseeable finding ever in the history of reports: Wikileaks uses "trust as a center of gravity by protecting the anonymity and identity of the insiders, leakers or whisteblowers''. Hence, the most thought-out recommendation ever in the history of recommendations:
"The identification, exposure, termination of employment, criminal prosecution, legal action against current or former insiders, leakers, or whistlblowers could potentially damage or destroy this center of gravity and deter others considering similar actions from using the Wikileaks.org Web site''.
I'll give the US Army some credit here and posit it never even entertained actually enacting this plan; what with comments all over the web coming to the same outstandingly outstanding conclusion. Ironically, enough, the one plan that could actually work is the one that the very addressees of Wikileaks' efforts would carry on: a fund drought. Despite the fundraising drive, Wikileaks has only received two thirds of the annual $600,000.00 needed to run the site. After 4 months! If it keeps going on like this, if we keep taking Wikileaks for granted, then there will not even need to be a plan to end the adventure, we'll have managed just fine on our own.
Wednesday, February 3, 2010
Tuesday, February 2, 2010
How to be a good leaker
Have some secret information you want to share with the world? Wikileaks is there to help! By providing you with a secure environment and protecting your anonymity, Wikileaks helps you get the information out safely. However, there are still some risks that your identity be discovered. Here are some quick steps - I gathered from Ben Laurie himself - to make your leaking safer:
- Scrub the document of all possible metadata
Metadata is "data about data". It is the information about your document (author's name, edits and editors, deleted information, versions ...) and it's usually hidden in your document. In other words, it's the data that's going to help you get caught. Now, how exactly does one get rid of this damaging information? By using a metadata scrubber. Digital Confidence has a quite interesting article about why such tools are important. Check it out! There are quite a few out there. You might want to try this one. You might also want to look out for digital watermarking. Always be wary of digital "fingerprints", they might do you in.
- Find an intermediary to do the submission for you, preferably someone who has no idea who you are
This second step is optional but highly recommended. As we all know, security goes hand in hand with paranoia and there's no reason why you should trust Wikileaks with your data, is there? So why not put an extra layer between you two, it certainly can't hurt. Who's to say that the folks at Wikileaks aren't actually a front for the CIA or some shady underground organization set on controlling the whole world for the coming Millennium? For all we know, it could be a front for Xenu or any other galactic overlord. You can never be too careful.
- Get the material to the intermediary (or Wikileaks) using strong anonymizing technology
While it is true that Wikileaks works hard at providing you the best anonymity out there, it won't hurt to come up with your own. On its website Wikileaks boasts that "[a]ll files are processed in cryptographically secure, isolated environments making use of AES256, US DoD TOP SECRET-approved encryption for long-term storage as well as system swap memory". In plain English, it means that the source material is protected at all times using the best encrypting technology to date, that is, even if you didn't follow the first two steps. Still, it is you putting this document out there and so if there's any repercussion you're the most at risk. This is where a strong anonymizing technology might prove helpful. Ben recommends mixminion anonymous remailers.
Now, those three steps aren't going to eliminate all risks, quite evidently, but they will reduce them drastically.
Happy leaking!
Subscribe to:
Posts (Atom)