Wikileaks posts an Insurance policy
Wikileaks Afghanistan War Diary
It seems that Wikileaks has posted a massive (1.4 GB, 10x larger than all the other files on the page combined) heavily encrypted file on their dedicated "Afghan War Diary" page labeled simply "Insurance". (See link above)
Possibly in response to the harsh rhetoric issuing from the US DoD regarding Wikileak's founder Julian Assange (including the rumored price on his head), sometime last Sunday afternoon the new file was quietly uploaded with no explanation.
The Daily Beast is reporting the Pentagon has a manhunt currently underway for Wikileaks' founder Julian Assange.
Investigators from the Pentagon are flocking out and "are desperately searching" for the white-haired sage of openness and accountability. The US is apparently convinced that whistleblower Bradley Manning, who was arrested two weeks ago, did indeed hand over 260,000 US diplomatic cables concerning the Middle East over (sic) to Wikileaks....
The US intelligence apparatus is currently trying to figure out how to come to terms with Wikileaks. A counterintelligence report called the site "a potential force protection, counterintelligence, operational security (OPSEC, and information security(INFOSEC) threat to the US Army". It recommended “the identification, exposure, termination of employment, criminal prosecution, legal action against current or former insiders, leakers, or whistleblowers could potentially damage or destroy this centre of gravity and deter others considering similar actions from using the Wikileaks.org web site".
As Wired puts it,
Cryptome, a separate secret-spilling site, has speculated that the new file added days later may have been posted as insurance in case something happens to the WikiLeaks website or to the organization’s founder, Julian Assange. In either scenario, WikiLeaks volunteers, under a prearranged agreement with Assange, could send out a password or passphrase to allow anyone who has downloaded the file to open it.
It’s not known what the file contains but it could include the balance of data that U.S. Army intelligence analyst Bradley Manning claimed to have leaked to Assange before he was arrested in May.
It would seem that the only way "Insurance" will work is if many, many, many people download that particular file and save it for a rainy day, no???
Wikileaks Insurance file link
..............................
Ed. note, Nov 28, 2010
http://cryptome.org/0002/wl-diary-mirror.htm
The "Insurance" file is encrypted, nearly impossible to open until WikiLeaks provides the passwords. But experts suggest that if anyone can crack it — it would be the National Security Agency. It depends on how much time and effort they want to put into it, said James Bamford, who has written two books on the NSA.
The NSA has the largest collection of supercomputers in the world. And officials have known for some time that WikiLeaks has classified files in its possession. The agency, he speculated, has probably been looking for a vulnerability or gap in the code, or a backdoor into the commercial encryption program protecting the file.
At the more extreme end, the NSA, the Pentagon and other U.S. government agencies — including the newly created Cyber Command — have probably reviewed options for using a cyber attack against the website, which could disrupt networks, files, electricity, and so on. "This is the kind of thing that they are geared for," said Bamford, "since this is the type of thing a terrorist organization might have — a website that has damaging information on it. They would want to break into it, see what's there and then try to destroy it."
The vast nature of the Internet, however, makes it essentially impossible to stop something, or take it down, once it has gone out over multiple servers. In the end, U.S. officials will have to weigh whether a more aggressive response is worth the public outrage it would likely bring. Most experts predict that, despite the uproar, the government will probably do little other than bluster, and the documents will come out anyway.
"Once you start messing with the Internet, taking things down, and going to the maximum extent to hide everything from coming out, it doesn't necessarily serve your purpose," said Bamford. "It makes the story bigger than it would have been had the documents been released in the first place. If, in the end, the goal is to decrease the damage, you have to wonder whether pouring fuel on the fire is a reasonable solution," he said.
[snip]
If there is a takedown of Wikileaks, the insurance.aes256 file will be available through Cryptome along with the entire files of the Wikileaks website which have been archived.
http://www.torrentdownloads.net/torrent/1651759583/Wikileaks+Insurance
https://thepiratebay.org/torrent/5723136/WikiLeaks_insurance
Subscribe
Formal Petition to Attorney General Eric Holder to appoint a Special Prosecutor
Comments
Take that,
you MIC fascists.
Of course, Insurance policies only work if people get them....hint hint hint.
"If ye love wealth better than liberty, the tranquility of servitude better than the animating contest of freedom, go home from us in peace... Crouch down and lick the hands which feed you. May your chains set lightly upon you...and may posterity forget t
Thanks for posting this, Lisa.
The glare of publicity - the more the better - is what will keep Assange safe, and the insurance can only help.
Insurance policy
The file from wiki-leaks is named "insurance.aes256". "aes256" is a cryptographic cipher, frequently used in public key cryptography. A file or message is encrypted with a private key, then it can be decrypted (i.e. read) with the public key.
If Assange gets popped by Uncle Sam, he could release his public key (or have another party who in advance has been ordered to do so release it). Anyone who gets the public key can add it to a key-ring in an email client (or other app), then the file can be read.
AES ciphers have been adopted as the standard by the U.S. government. This irony is not lost on any government agent, surveiling wiki-leaks or trying to close in on Assange.
The file could contain the purported Iraq documents, or it could be a big ruse - an attempt to play chicken with (or raise the stakes by bluffing) the U.S. government. Either way, I predict that Assange will be criticized by war-hawks for "blackmailing, coercing or threatening" the US government from taking action against him. It is quite objectionless for the U.S. government to "blackmail, coerce or threaten" any person on the face of the planet, but turn-about will not be considered fair play.
Well said, kheper
Good clear explanation without being overly technical. Thanks for that.
In cryptography AES is a symmetric-key encryption standard adopted by the U.S. government. The standard comprises three block ciphers, AES-128, AES-192 and AES-256.
AES, or Advanced Encryption Standard, is a symmetric-key encryption standard adopted by the U.S. government. It became effective as a Federal government standard on May 26, 2002 after approval by the Secretary of Commerce, and is the first publicly accessible and open cipher approved by the NSA for top secret information.
In June 2003, the U.S. Government announced that the design and strength of all key lengths of the AES algorithm (i.e., 128, 192 and 256) are sufficient to protect classified information up to the SECRET level. TOP SECRET information will require use of either the 192 or 256 key lengths.
Any US government agency or agent who cracks WikiLeaks encrypted file would be publicly and clearly demonstrating serious insecurity of US Government classified to top secret files, and at the same time undermining any claim they might have had that WikiLeaks was "leaking" information that was not at the same time freely and openly available to anyone.
AES256
"Any US government agency or agent who cracks WikiLeaks encrypted file would be publicly and clearly demonstrating serious insecurity of US Government classified to top secret files"
AES256 has been shown to have a number of vulnerabilities. The US gov does not encrypt its top secret documents with AES256; It is approved up to (I think) secret.
The NSA developed a cipher called DES. It was adopted world-wide. DES was later shown to be vulnerable, and there was speculation (or downright paranoia) that it was devised broken, so that the government could crack whatever was encrypted with DES.
AES256 was not created in secret by a government agency. It was developed from dozens of open source algorithms that were analyzed by anyone who wanted to inspect it.
The vulnerabilities of AES256 are exploitable only in theory. As far as anyone knows, there is no practical way to attack it, and most of the vulnerabilities apply to variants of the cipher (reduced-rounds) which are seldom used.
Then again, for Assange to name the extension of his file "aes256" suggests a knowledgeable attempt to raise the eyebrows of governmental crypto spooks. If there is evidence of conduct in the file so damaging that the US gov would become a pariah if disseminated and the US gov actually cracks it (or does not crack it but suspects that the evidence is in there), it may think twice about pursuing a case against him.
You don't want to play
Poker with Mr. Assange.
Peace
"If ye love wealth better than liberty, the tranquility of servitude better than the animating contest of freedom, go home from us in peace... Crouch down and lick the hands which feed you. May your chains set lightly upon you...
You see this, Lisa?
http://dailyradar.com/beltwayblips/story/wikileaks-posts-an-insurance-policy/tweets/?p=1
Thanks, logging out &
clearing my cache did the trick.