WikiLeaks Sues the Guardian Over Leak 289
An anonymous reader writes "WikiLeaks complaining of a leak is hard to get one's head around. That it's suing The Guardian — its great ally — is even harder. That The Guardian did such a ridiculous thing to warrant litigation in the first place almost defies belief."
Update: 09/01 04:59 GMT by S : Changed the first link to point to the statement on WikiLeaks' website. The Guardian has denied the allegations, saying, "Our book about WikiLeaks was published last February. It contained a password, but no details of the location of the files, and we were told it was a temporary password which would expire and be deleted in a matter of hours."
Can't even try to read the fucking article (Score:2)
Message not found
Message does not exist. Either you've got a bad link or the poster has deleted the message.
Lovely!
Re:Can't even try to read the fucking article (Score:5, Funny)
Sorry, it's been redacted.
Re: (Score:3)
I swapped out the original link with one pointing to the statement on their website, so it should work now.
Thed saying holds true... (Score:5, Insightful)
There is no honor amongst thieves.
Either you support leaks or you do not. Selective leaking is simply propaganda dressed up to look pretty.
Re: (Score:3)
It's going to get even funnier when we find out that the US State Department leaked it to The Guardian as payback for all the diplomatic cable leaks...
Re: (Score:2)
There is no honor amongst thieves.
Either you support leaks or you do not. Selective leaking is simply propaganda dressed up to look pretty.
Just from curiosity: is the identity of the original leakers also subject to your postulate on selective leaking? (i.e. is there any category of information that should not leak?)
Re:Thed saying holds true... (Score:4, Insightful)
is the identity of the original leakers also subject to your postulate on selective leaking?
It certainly is part of Assange's. I can only ever assume that it was the papers that heald him back. His redactions are a joke after all.
is there any category of information that should not leak?
Many say no. But claiming special dispensation on a leak .. that is just delicious.
-Seraphim
Re: (Score:2, Interesting)
is there any category of information that should not leak?
Many say no. But claiming special dispensation on a leak .. that is just delicious.
-Seraphim
I wonder what you understand on the difference between "secrecy in governance" and "personal privacy"/"anonymity"/"pseudonimity"?
Re:Thed saying holds true... (Score:4, Insightful)
I understand them well. I would never cede their understanding to Julien Assange however. His *version* of them never involves himself, or perhaps always or only involves himself. If your life blood is "leaks" then you had best be squeaky clean yourself, and open. He is not. At least Robin Hood admitted he was a thief.
Re: (Score:2)
I understand them well. I would never cede their understanding to Julien Assange however. His *version* of them never involves himself, or perhaps always or only involves himself. If your life blood is "leaks" then you had best be squeaky clean yourself, and open. He is not. At least Robin Hood admitted he was a thief.
So, you don't deny the right of the "innocent" people to have their identity protected, you just deny Assange's right to complain that actions of The Guardian allegedly breached the rights to anonymity for these people?
Would it matter for you if I'm pointing that the complaint is actually issued by WikiLeaks as an organisation?
Re: (Score:2)
is the identity of the original leakers also subject to your postulate on selective leaking?
It certainly is part of Assange's.
I call bullshit, what are the names of the leaker's revealed or confirmed by Assange?
Why not? (Score:3)
Just from curiosity: is the identity of the original leakers also subject to your postulate on selective leaking?
The names of many people who would not have like to have been named were in the documents leaked and released. I do not see why the person leaking should expect any special treatment in that regard; of course an organization that leaks that would see fewer leaks come in to be sure, but it is fair game if someone ELSE can extract it from the site data is leaked to...
You have to figure as a leaker
Re: (Score:2)
Yes sir, we have that in the back (Score:2)
"would not have like to have been named " is very different to "were unfairly harmed by being named."
There were at least a few tribal leaders in Afghanistan named who were in fact worried about being killed, far worse than anything the leaker faces.
There is no difference at all, and in fact in many of these documents people are being named that are worried about being killed - also exact positions of military bases useful for mortars, etc.
Re: (Score:2)
Just from curiosity: is the identity of the original leakers also subject to your postulate on selective leaking?
The names of many people who would not have like to have been named were in the documents leaked and released.
Well, the devil in the details. It's not about what the people want or not, it's the difference between what one is doing (which is important) and the identity/position of the person doing it (which may be important - if that person has chances of persisting in doing it. e.g. Hillary asking for private data on UN officials - or may be not important - I didn't care to know who is the blonde nurse Gaddafi hold dear, she wasn't doing anything of consequence to Libyan people).
With the CableGate leak, WL seems
Re:Thed saying holds true... (Score:5, Insightful)
The point of leaking is to expose malfeasance. The point of redacting the leaked material was to limit collateral damage to those who had not acted poorly. You only leak what you need to leak in order to expose the bad acts and bad actors, but no more than that.
WikiLeaks' act of leaking the original (redacted) leaks and their suit against this new (non-redacted) leak are a consistent stance from the point of doing the most good while avoiding the most damage. But oh, to live in your simple world...
Re:Thed saying holds true... (Score:5, Interesting)
The point of leaking is to expose malfeasance. The point of redacting the leaked material was to limit collateral damage to those who had not acted poorly. You only leak what you need to leak in order to expose the bad acts and bad actors, but no more than that.
WikiLeaks' act of leaking the original (redacted) leaks and their suit against this new (non-redacted) leak are a consistent stance from the point of doing the most good while avoiding the most damage. But oh, to live in your simple world...
From the New York Times, August 30: "WASHINGTON — In a shift of tactics that has alarmed American officials, the antisecrecy organization WikiLeaks has published on the Web nearly 134,000 leaked diplomatic cables in recent days, more than six times the total disclosed publicly since the posting of the leaked State Department documents began last November. A sampling of the documents showed that the newly published cables included the names of some people who had spoken confidentially to American diplomats and whose identities were marked in the cables with the warning “strictly protect.” State Department officials and human rights activists have been concerned that such diplomatic sources, including activists, journalists and academics in authoritarian countries, could face reprisals, including dismissal from their jobs, prosecution or violence."
In other words, Wikileaks no longer gives a s*** about protecting peoples' identity as long as they can get some media attention, and probably never have. As soon as Wikileaks stopped being front-page news, they increased the volume of the leaks and stopped editing them. Headlines, after all, are far more important than people's heads. But oh, to live in your simple world...
Re: (Score:3)
"In other words, Wikileaks no longer gives a s*** about protecting peoples' identity"
Well it's about weighing the dangers against the benefits, and as the dangers to date have seemed to be completely negligible I'm not sure I can blame them. When they did it last time, no harm came from it, even the Pentagon agreed.
This time, when they worked with media organisations they got nothing but shit off them. The old school media being pissed off that they'd been shown up in terms of their lack of journalistic cap
Re:Thed saying holds true... (Score:4, Insightful)
"If Wikileaks is going back to just leaking raw data then I don't blame them, they were better off that way not getting fucked by a media" ... "I don't believe Wikileaks is anything like perfect, it has many problems, but they were better off just leaking data" [Emphasis mine].
Aside from a slight sympathy with people in general, who cares if Wikileaks gets "fucked" or what Wikileaks are better off doing? Surely the important thing here is the exposure of malfeasance, while doing your best to protect the innocent? If the promotion of Wikileaks becomes more important than the actual leaks, you have just proven the parent post's point. And if the newspapers don't print what Wikileaks want them to print, they can always release the information themselves as well.
As a side note I'd rather see Assange and Wikileaks get fucked than some innocent who just happens to be put in danger due to his identity being revealed by Wikileaks. At least Assange made the concious choice to put themselves in the spotlight for this.
NYT: Nixonian henchmen of today (Score:5, Insightful)
Ah yes, the NYTimes - The Nixonian henchmen of today [salon.com]
Apparently, faced with hundreds of thousands of documents vividly highlighting stomach-turning war crimes and abuses -- death squads and widespread torture and civilian slaughter all as part of a war he admired for years and which his newspaper did more than any other single media outlet to enable -- John Burns and his NYT editors decided that the most pressing question from this leak is this: what's Julian Assange really like?
Re:Thed saying holds true... (Score:5, Insightful)
The point of leaking is to expose malfeasance
So every one of those diplomatic cables exposed malfeasance? Tsvingarai is guilty of malfeasance?
WikiLeaks' act of leaking the original (redacted) leaks and their suit against this new (non-redacted) leak are a consistent stance from the point of doing the most good while avoiding the most damage.
Assange doesnt think there should be any secrets, and has a known axe to grind with the US. There may be other reasons for why he leaks the way he does, but one only has to see the edits that he did to "collateral murder" (or even the title he gave it) to see that hes hardly some noble unbiased source.
Leaking can be entirely political ... (Score:4, Informative)
The point of leaking is to expose malfeasance.
Not necessarily. Leaking is also a tool of embarrassment, harassment, political manipulation, etc. When leaking selectively, one side and not the other, the point may be entirely political.
Re: (Score:3)
deciding "good" should not be wikileaks motive unless they want to be an old school political movement.
that just makes them users of power, instead of a tool for people(unable to do it themself) to publish things anonymously. when they decide what's good or bad, they're taking active part in politics of what's good or bad, deciding what's immoral and whats moral, deciding who is guilty and who is innocent, what's true and what's not - and by that way they get responsibility as well as they're no longer a ca
Re: (Score:2)
Re: (Score:2)
The purpose of accepting leaks as declared by Wikileaks is to expose malfeasance.
There, FTFY (otherwise "leaking" may a mean to various ends). Otherwise, all's well.
Re: (Score:2, Insightful)
The point of leaking is to expose malfeasance. The point of redacting the leaked material was to limit collateral damage to those who had not acted poorly. You only leak what you need to leak in order to expose the bad acts and bad actors, but no more than that.
WikiLeaks' act of leaking the original (redacted) leaks and their suit against this new (non-redacted) leak are a consistent stance from the point of doing the most good while avoiding the most damage. But oh, to live in your simple world...
BULLSHIT
Wikileaks is awfully selective about what they term malfeasance and who they target with their leaks. They don't have the guts to actually leak things about Russia or China - because they know they'd end up with a 9mm-hole-induced headache.
They target they US because:
1. Assange is a bog-standard anti-American, sheltered, coddled, ignorant Western leftist twerp, albeit with enough charisma to set up Wikileaks (and play around with his adoring girls..). Don't think so? Follow his history.
2. They
Re:Thed saying holds true... (Score:4, Insightful)
You only leak what you need to leak in order to expose the bad acts and bad actors, but no more than that.
And who gets to decide who are the "bad" actors and who are the good ones? What gives WikiLeaks the right to be my judge and jury? No investigation, no trial, no chance for rebuttal, just BAM, and your name is attached to something "bad" that may or may not have happened, or that you may or may not have had anything at all to do with.
Your innocence in this case is not relevant. Getting the opportunity to defend yourself is not important. The lives of your family, your wife, kids, parents, distant cousins who you never met, may be the price for the "bad" things that some document says you did.
Sorry, but a right to fair trial and an investigation into the allegations are a basic, fundamental, global human right. WikiLeaks has stripped that basic human right from everyone whose name is on any document that has ever been leaked by them.
Re: (Score:3)
Honest officer, I just wanted to burn up that little pile of trash, not the whole damned neighborhood.
Wikileaks is not equipped to make informed decisions on what should be leaked nor what should and should not be redacted. They material they have is largely out of context and undoubtedly incomplete.
Re:Thed saying holds true... (Score:4, Insightful)
"You only leak what you need to leak in order to expose the bad acts and bad actors, but no more than that."
Okay so it would be okay for someone to post that you are cheating on your mate, downloading porn, and or that you like to dress up as a little girl and have Rupert Murdoch spank you with a fish? I am sure that many people would find thing that you do to be bad acts.
"The point of redacting the leaked material was to limit collateral damage to those who had not acted poorly." And you trust a private group with no public oversight to do this more than a democratically elected government? Really?
Even using your own rules Wikileaks fails I will go back to your rules.
"You only leak what you need to leak in order to expose the bad acts and bad actors, but no more than that." So why did wikileaks leak a list of locations of important contractors? I am talking about parts makers. What bad act and bad actors where exposed? Why did they release pager data from 9/11 of private people paging their loved ones that they where ok? What bad acts and actors where involved in those?
Wikileaks has failed.
They failed by your rules.
They failed in basic security by giving out a password to sensitive data.
They have failed to redact data that could get people hurt.
They have failed to present the data without bias.
" But oh, to live in your simple world..." it seems that you do as well.
Re: (Score:2)
There is no honor amongst thieves.
Either you support leaks or you do not. Selective leaking is simply propaganda dressed up to look pretty.
Of course there is; they honor each other by stealing from each other.
Re: (Score:2)
There is no honor amongst thieves.
Either you support leaks or you do not. Selective leaking is simply propaganda dressed up to look pretty.
To me, this issue emphasizes one thing that's always bothered me about wikileaks.org: It's not actually a Wiki. Wikis are about maximum user freedom, but I don't think that's ever been true of wikileaks.org.
"[Americans] learned in Earth's final century..." (Score:5, Insightful)
Re: (Score:2)
We must dissent!
Password (Score:3, Informative)
The supposed password, as it appears on page 148 of the pdf [googlecode.com] version of the book, is ACollectionOfDiplomaticHistorySince_1966_ToThe_PresentDay#
Supposedly applies to "cables.csv" but not to the insurance.aes torrent released last year by Wikileaks.
Re: (Score:2)
Journalists change names of sources/interviewees/places all the time, the same should apply for passwords.
Re: (Score:2)
To me it shows a great lack of discretion by the Guardian or at least David Leigh.
I agree. The Guardian is one of my favourite publications but they shouldn't be claiming that their publishing the password was reasonable as they are doing. They undeniably and stupidly broke half the security making it likely that they are dumb enough to be the source of the file leak as well.
Re: (Score:2)
This is why an encryption key is never "temporary" -- it shows no discretion on the part of the journalists to leak a key. This is not a password that can be revoked--it's a key. If you have a key for your previous house, you don't ever give the key away while telling people the address -- the lock has probably not been changed.
Honestly I don't know why he didn't use SCP or SFTP, giving the journalist the fingerprint+password over a second channel... It's easy to revoke a password, and hard to MITM the leap
Re:Password (Score:4, Insightful)
To me it shows that the whole Wikileaks/Guardian set up was a gaggle of amateurs dabbling in information that they did not know how to handle.
Either this data is highly sensitive and needs great care in handling, which they demonstrated they were unable to do, or it isn't and there is no need for the encryption etc. Wikileak's claim that it is mostly not sensitive, should be public, and they are the self-appointing ones to set it free. This debacle demonstrates that they handled it like it was entirely sensitive, shouldn't be made public, and they are not the ones to be trusted to do it.
Their own actions make a nonsense of their claims.
Who watches the watchmen? (Score:2)
The coastguard?
I'm starting a new website, to be called 'Open-Wiki-Leaks-Leaks'.
Re: (Score:2)
The coastguard?
I'm starting a new website, to be called 'Open-Wiki-Leaks-Leaks'.
...And then I'm going to start a website to publish the leaks on your website.
It's leaky turtles all the way down!!!
Re: (Score:2)
...And then I'm going to start a website to publish the leaks on your website.
I take your leak and raise you a leak!
In saying that, I now really need to pee.
Food for thought (Score:5, Insightful)
FTFA:
Wikileaks complaining of a leak?
Yes, and damned well they should unless your moral views are very shallow.
How many US politicians are laughing at the Wikileaks/Guardian partnership exploding so spectacularly?
I'd say it's the CIA laughing. This is incredibly valuable for them. They lose some secrets, but they discredit the messenger (And anyone who tries to replace them) to prevent future leaks. If I was running the CIA, I'd certainly run a program to discredit Wikileaks. A few rape allegations here, an ideological schism in the organization alleging untrustworthiness, some unveiling of sources to make future sources afraid...
Does Wikileaks finally realise there's a need for secrecy/privacy in the world?
Finally? They've said that all along. That's why they were redacting the documents in the first place.
Does privacy/secrecy all boil down to where someone draws an arbitrary line in the sand?
Yes. The world is a fuzzy place and doesn't lend itself to simple morals where you can divide things into the dark side and the light side. At some point it just comes down to someone looking at the situation and doing what they feel is right.
Should a lack of privacy/secrecy be all or nothing?
Of course not. In general, I believe that the larger an entity is, the less privacy they deserve.
Is Wikileaks cementing views that it is or isn't an organisation of journalists who are guided by traditional journalistic ethics?
They publish the truth and protect sources who need protection. They've pretty much always been in that camp.
Why the black and white morals? (Score:2)
Finally? They've said that all along. That's why they were redacting the documents in the first place.
You are attempting to claim Wikileaks is 100% pure here.
The reality is no-one can truly judge what should be redacted over thousands of documents. A lot of REALLY bad information was released and not redacted in the documents Wikileaks released. Names were named. Why you are trying to paint WikiLeaks as wholly noble when they are the same shade of grey is a mystery to me.
Yes they tried to redact some st
Re: (Score:3, Informative)
You are attempting to claim Wikileaks is 100% pure here.
No, I'm claiming that "Wikileaks [ ... ] realizes there's a need for secrecy/privacy in the world", and providing evidence to support that claim.
And yes, the job's too big for one person... that's why they were farming it out to reasonably respectable news organizations which are (well, should have been) capable of handling this level of journalistic ethics.
Have a look at the actual leaks. The redactions aren't like the black pages you get back on an FOIA request. They're omitting names and other specifi
Re: (Score:2)
FTFA:
Wikileaks complaining of a leak?
Yes, and damned well they should unless your moral views are very shallow.
Yes and damned well they should.
Because two actions use the same mean doesn't make the actions equivalent.
To put it into perspective: self-defense and premeditated murder may use a firearm. Are they equivalent?
Re: (Score:3)
Nice theory, but since those things actually happened instead of a major fuckup it's incredibly unlikely that the CIA was involved :)
Re: (Score:3)
At that point you may as well start the good intentions paving company and be done with it. Also no snowflake in an avalanche feels responsible.
Re: (Score:3)
Speaking of people with black and white morals...
Sometimes exposing a secret is the right thing to do, sometimes not. That's not hypocrisy; that's just admitting that the subject is too complicated to boil down to "secrets should [not] be exposed".
Addendum (Score:3)
After I wrote this, a great quote came to mind:
There it is. That's the ten word answer my staff's been looking for for two weeks. There it is. Ten-word answers can kill you in political campaigns. They're the tip of the sword. Here's my question: What are the next ten words of your answer? Your taxes are too high? So are mine. Give me the next ten words. How are we going to do it? Give me ten after that, I'll drop out of the race right now. Every once in a while... every once in a while, there's a day with an absolute right and an absolute wrong, but those days almost always include body counts. Other than that, there aren't very many unnuanced moments in leading a country that's way too big for ten words. I'm the President of the United States, not the President of the people who agree with me. And by the way, if the left has a problem with that, they should vote for somebody else.
--President Josiah "Jed" Bartlet, from The West Wing
Re: (Score:2)
Really?
Elected juries? That sounds like a world of hurt to me.
Elected executioners? I guess you could, but surely that's just a standard job - it's not like the executioner chooses whom to execute or anything.
Elected judges? Well some US states seem too - but pretty much everywhere else thinks that's a great way to produce a biased judiciary that makes popular decisions rather than correct decisions.
Wikileaks change of position? (Score:2)
Re:Wikileaks change of position? (Score:5, Informative)
Your post basically answers itself. They did change their position on the issue because they got a lot of heat for not redacting the cables. That is why for the past year (with the Cablegate cables) they have been working with news organisations to carefully redact them before releasing, and releasing them in small batches a few at a time. That has consistently been WL's position for the past year. Complaining that The Guardian released the cables that were supposedly sent to them for the sole purpose of redacting them is not inconsistent with their recent position.
(I have often said that one is not a hypocrite for changing one's beliefs, only for simultaneously saying one thing and doing another.)
Re: (Score:2)
Re: (Score:2)
Idiots. (Score:5, Insightful)
Who in their right mind would think it okay to publish a password and publish the correct one? They could have published the same book with a fake password all the same, yet obviously it was the password.
As for it being temporary, it wasn't an access password, but a decryption password. And in the eyes of the law, why would what Wikileaks said even matter if non-disclosure was part of their arrangement?
Re: (Score:3)
Yes -- very well put about the access password vs decryption password. To put it another way, there was no point in having the password at all if the password was eventually to be made public.
JA sent a file over the network, then deleted it afterwards. There are two scenarios: we can either a) assume that nobody did or ever will get their hands on the data being sent, or b) assume that someone might have or might in the future get their hands on the data. If we're going with (a), then we don't need a passwo
Re: (Score:2)
Re:Idiots. (Score:4, Insightful)
I am guessing that the choice of password played into this. Had it been random, nonsensical and dull it probably wouldn't have been published, but "CollectionOfDiplomaticHistorySince_1966_ToThe_PresentDay#" has descriptive value.
I remember hearing or reading about an idea that involved identifying a leaker by seeding different people with documents that contained juicy, unique phrases to tempt journalists into quoting them directly, thereby identifying the source of the document.
This isn't the same, but having a password that has meaning in relation to the contents of the documents certainly adds some risk. A pass phrase should be context free.
Re: (Score:2)
For the Graun to publish key material, even stuff they "know" to be meaningless, is irresponsible. Publishing that key assumed that the ciphertext had been securely destroyed, and I ca
Re: (Score:3)
Mod parent up.
You are spot on. If the password had been random then it most certainly wouldn't have been mentioned. But the password used gives "insight" into how those handling it were treating it. Someone was being smart-arse. Someone was saying "I can encrypt this with a straight-forward description of what I regard this to be". Someone was making a statement in saying "This is no big secret, it's just a history".
But of course, the fact they encrypted it immediately demonstrates the reverse. They
Only in the USA... (Score:2)
...can someone who illegally obtained classified documents and released them into the public domain then sue someone else for stealing their illegally obtained documents and releasing them into the public domain.
For what it's worth it seems much more likely to me that someone within WikiLeaks who was disaffected them stole the data/password and release them than the Guardian did it. Just because it was the (supposedly) time limited password given to the Guardian doesn't mean no one else had access to it.
Re: (Score:2)
The two situations are totally different. The very reason that nobody can sue Julian Assange (or any other newspaper that has ever leaked something) is because they did not "illegally [obtain] classified documents". There is a deliberate asymmetry in the law here: it is illegal to disseminate classi
Re: (Score:3)
Sorry, the first part was meant to be funny... As for the second, according to the Guardian at http://www.guardian.co.uk/world/2011/sep/01/unredacted-us-embassy-cables-online [guardian.co.uk]
"The embassy cables were shared with the Guardian through a secure server for a period of hours, after which the server was taken offline and all files removed, as was previously agreed by both parties. This is considered a basic security precaution when handling sensitive files. But unknown to anyone at the Guardian, the same file wit
Re: (Score:2)
Yes but this is what I meant by "Nobody is denying the facts here (the only thing that's in contention is where the blame lies)." -- I accept that there is a debate going on as to who said what was temporary and who should or shouldn't have disclosed what. But the following facts are not in dispute: (1) WikiLeaks provided the documents (encrypted) and passphrase to Guardian, (2) Guardian editors revealed passphrase in book. So there is no need for a theory that someone else got hold of the password: Leigh p
Personally, I'd put the blame on Wikileaks (Score:2)
Having a "doomsday" file out there in case Wikileaks is taken down, everyone arrested and whatnot is a good precaution. Reusing a password that many people in many organizations they've shared it with know is insanely stupid, no matter what. They should have used a password they and only they knew. Because as this case proves, that means they've lost control of their doomsday device. They don't have control over the file and they don't have control over the password.
They should have used a different file fo
Re: (Score:2)
Anybody can sue anybody about anything almost anywhere. Frivolous crap like this gets thrown out of court pretty fast.
A lawsuit exposes Wikileaks to civil discovery. Civil discovery is very broad. Think about the story that the Guardian could write with what they learn about Wikileaks personnel in the civil discovery process. Think about the secrecy that Wikileaks gives up by prosecuting a lawsuit.
This is posing. Assange is a nauseating individual. While Bradley Manning sits his ass in jail, that scum
Which part is secret? (Score:2)
It has often been said in security that the first law of security is being clear about what is a secret and what is not. Once we have decided that, we can safely distribute the non-secrets as long as we hide the secrets. This is, for example, why I am perfectly comfortable revealing my public key to everybody on the planet.
So who is to blame? In one corner, WikiLeaks (allegedly... I'm not clear on the details) released this encrypted file to the public. In the other corner, The Guardian released the passphr
Re: (Score:2)
Why is wikileaks in the right?
What kind of security policy is this, giving trust to outsiders, hoping that they will do the right thing? You may have the contract on your side, but litigation will not put the toothpaste back in the tube.
Really it's just shoddy security practices by Wikileaks. They could have managed this in a way where they did not have to trust the reporter to do the right thing.
Re: (Score:2)
I don't claim to be an expert, but I'm pretty sure I can easily create a PGP key that is time-limited, which would render the Wikileaks position bogus. At least, GPG certainly supports such keys.
Wouldn't it be possible to change the GPG code so it no longer honors the expiration date of a key?
Re: (Score:2)
It has often been said in security that the first law of security is being clear about what is a secret and what is not.
I think perhaps the first law of security is that you actually have to keep the secrets secret.
Re: (Score:2)
Mm, well, no I would say that's the second law of security. You can't keep the secrets secret until you have determined which pieces of information should be kept secret.
Re: (Score:2)
And if you don't keep the secrets secret, the entire exercise is pointless!
Re: (Score:2)
The second rule is pretty important, I agree.
My point is, you can't keep everything secret. If you did, you wouldn't be able to release your public key. And you wouldn't be able to disclose the details of the AES algorithm, to be vetted by security professionals. And you wouldn't be able to transmit even the binary for your decryption program to untrusted people, because then someone could reverse engineer it. And, importantly for this discussion, you wouldn't be able to transmit encrypted documents over th
Re: (Score:2)
I don't understand your logic.
Deciding what is secret and what is not is just a matter of content. Deciding that you need to keep the secrets secret affects the fundamental policies of how you do things.
Re: (Score:2)
I'm not talking about content (as in "let's keep the details on Iraq secret but the contents of the president's breakfast public"). I'm talking about fundamental units of information (as in "let's keep the private key secret but the public key public", or more to the point, "let's keep the plaintext secret but the ciphertext can be viewed by the public"). See my response to your other post.
It's so basic it should be a non-issue: WikiLeaks is currently taking heat for making the ciphertext of an encrypted fi
Irony? (Score:2)
I think not. Alanis Morrissette never mentioned Wikileaks.
Is this a circle jerk . . . (Score:2)
100% Wikileaks' fault (Score:2)
Give each individual access for a short period of time, and then DELETE THE INDIVIDUAL FUCKING ARCHIVES FROM YOUR SERVER! This has the additional benefit of being able to trace any future leaks.
Seriously, if you have disseminated the password to your single "master copy" archiv
Re: (Score:3)
I've written a full post on this issue here [tumblr.com], but I'll respond to your individual points.
I agree, it is somewhat unusual for WL to have disseminated the cables in an encrypted archive, deleted the archive, then at a later time shared the same encrypted archive rather than creating a n
Re: (Score:2)
But in the WikiLeaks scenario, what is "the damage"? If any one journalist is "compromised" (say, publishes the password in a book), all the cables go public unredacted. This is true whether they are all sharing the same password or not.
No, and that is the whole point. If they publish the password in a book, then they themselves must also publish their copy of the archive - or the password is useless. So if one organisation publishes their file, and then another publishes their password, there is no issue.
Mixed feelings (Score:2, Insightful)
On one hand, their anger is understandable. Even when your business is to reveal secrets, you need to also keep some secrets (ask any reporter with an anonymous source). It sounds hypocritical, but it really isn't. You can argue all you want about whether some military secrets endanger national security or the safety of civilians, but it should be clear that, for example, evidence of military or political wrong-doing is in the public interest, while access information to private computers or bank accounts i
Let me get it right. (Score:2)
JA copies confidential files into a secret directory on a server and does not warn the people who have the right and the access to the parent directory, then does not delete these after transmission, and he chooses a simple password transmitted in a public place AFAIU (instead of a larger key transmitted on a physical medium, like a cd or an sd card) which he does not warn his partner never to reveal it and handle it with care, does not make sure he has the organizational, physical and administrative contro
Re:Wikileaks should be happy... (Score:5, Insightful)
Now that wikileaks can't be trusted with keeping the UNREDACTED versions safe, they will lose a lot of sources.
Re:Wikileaks should be happy... (Score:5, Insightful)
Assange is on record stating that he doesnt think there should be ANY secrets at all. A large number of slashdotters have reinforced that belief.
Why the hypocrisy all of a sudden?
Re: (Score:2)
I look at it from a different angle :
this proves a leak is possible within wikileaks itself, and as such , they should try to fix it.
It's better that the password is released to everyone, than to only a select few who would benefit from it.
I assume all wikileaks has to do is see the password, and change the password everywhere it was used.
However, their reaction seems to indicate it's not that simple.
But the fact that they bitch (and sue ) about it , rather than trying to fix the actual problem , is at leas
Re: (Score:3, Insightful)
How exactly do you propose they change a password in a file has already been downloaded by thousands of people?
Re: (Score:2)
Why the hypocrisy all of a sudden?
We're not going to tell you. It's a secret.
Pragmatism (Score:2)
This is eerily parallel to RMS with respect to copyright. Ideally, he would prefer that copyright not exist, but it is the basis for the GPL/copyleft model of enforced sharing.
Utilizing a resource which you would prefer not exist, but it does, to derive benefits in the meantime while you wait for it to be abolished, is not hypocrisy in my eyes --- providing that you do not claim that the resource is wholly bad, there is no problem with this. It only becomes hypocrisy if you add the additional logical error
Re: (Score:2)
I think you make a valid point, but when I step back, I see Assange attempting to use governmental power (via the courts and associated governmental enforcement mechanisms) to keep secrets from the people.
Re:Wikileaks should be happy... (Score:5, Informative)
Assange is on record stating that he doesnt think there should be ANY secrets at all
Let me see if I can dumb it down for you:
1. Chicken is yummy
2. Chicken hatch other baby chicken
3. You eat all yummy chicken -> No baby chicken -> You die of starvation X-(
4. You save some chicken -> Yummy chicken year around
The goal of complete openness is not achievable while fighting against large conspiracies, just like the goal of complete non-violence is infeasible when fighting for peace against a violent aggressor. Recognizing this, Wikileaks maintains the least secrecy necessary in order to maximize the total quantity of leaked information. Leaking more than this level is detrimental to their long term goal. In their quest for openness Wikileaks is willing to settle for a practical goal, and if it turns out they can't protect sources that practical goal is compromised. And what practical results those were ! They played a major role, maybe a decisive one in starting the Arab Spring.
The position of The Guardian who leaked the password for the widely disseminated Cablegate file under the pretence that "a password isn't harmful by itself" is laughable. Here Wikileaks recognized it's inability to correctly disseminate the large volume of data, and brought in traditional media, only to be betrayed and embarrassed by their sheer negligence or malevolence.
ACollectionOfDiplomaticHistorySince_1966_ToThe_PresentDay#
Re:Wikileaks should be happy... (Score:5, Informative)
That's just false.
Assange advocates for public knowledge and control about the things that governments and enterprises are doing. He also advocates for personal privacy.
Please, read what Assange says before writing nonsense about his believes.
Re:Wikileaks should be happy... (Score:4, Informative)
Have you bothered looking at wikileaks from before, say, 2010? Assange has no qualms about releasing private personal information, such as hacked emails, from people he doesn't like.
Re: (Score:3)
Not quite.
Assange is ALL FOR leaks of information about Western Democracies and corporations, especially the US, but I have yet to see a leak from him of Russian or Chinese secrets. That because he knows such a leak would result in his unfortunate "accidental" death.
Crying about leaks concerning his operations is the height of arrogance and hypocrisy.
I would imagine that if his leaks of Western information results in the deaths of one or more ordinary people mentioned by name in those leaked documents then
Re: (Score:3)
He leaks information primarily about the US because he has an axe to grind with us. He may along the way leak genuinely good things (either from the US or other countries), but lets not pretend he isnt really pro-tearing-the-us-down.
Re: (Score:3)
Please, read what Assange says before writing nonsense about his believes.
Really? I call bullshit. His history shows the exact opposite. This is the fucking douche who lost his kid ... for being a fucking douche, and then campaigned to make ALL CHILD CUSTODY RECORDS PUBLIC INFORMATION so he could get something to use against the mother of his child. He didn't give a flying fuck about what that meant to the children.
He believes in personal privacy for Julian Assange, no one else. If you think he wants you to have personal privacy, you're completely out of touch with reality.
Re: (Score:2)
A large number of slashdotters have reinforced that belief.
Why the hypocrisy all of a sudden?
Who? They needn't all have the same beliefs.
Re: (Score:2)
Re: (Score:3)
If Wikileaks allowed a third party to have access to unredacted ANYTHING they are idiots.
Said third party might have government moles or spies looking to bust whoever leaked the stuff...or enemy moles looking to use the sensitive stuff to inflict damage.
Re: (Score:2)
So much for "don't use words, and especially not words in your field of interest".
And not taking the server down a few hours later as promised, but depending on others believing it was taken down so you could re-use it, is just "insecurity through obscurity."
Re:only confirms (Score:4, Insightful)
This only confirms what kind of hypocrits the wikileaks guys are.. Leaking other people's secrets is ok, but if you leak theirs....
Using a firearm to defend others is ok, but it makes you a hypocrite if you protest others using a firearm to commit murder.