Tuesday, January 10, 2017

On WikiLeaks Methods and Motivations

Recently, the WikiLeaks Task Force tweeted something quite inflammatory:

We are thinking of making an online database with all "verified" twitter accounts & their family/job/financial/housing relationships.

In other words, that it was determined to create and publish a database of personal interconnections between verified Twitter users. This database would include information about finances, family connections, cohabitation, jobs and so forth.

This statement has, at the very least, sparked outrage.

Let's look at this statement from two points of view: (1) that WikiLeaks made the statement , and (2) that someone else made the statement and wants us to think WikiLeaks said it.

(1) WikiLeaks made the statement

That, on the face of it, would be galling.

I ask you here, honestly: does everything have to be public?

I can understand Facebook and why they would want to collect their user graph. They protect their users' privacy (although that's far more nebulous, even given their periodic missives, famous missteps, and explanations of policy).

But let's look at the author of the tweet: WikiLeaks. This sounds more like a sinister plot to me. Let's address the main reason for this.

What's all this about WikiLeaks working with the Russians?

Though WikiLeaks may never have dealt directly with the Russian intelligence services, they certainly had to know that release of the data played right into the Russians' hands. It seems pretty clear, given the timing of the release of the Podesta emails, that WikiLeaks understands perfectly the consequences of their actions.

In fact, WikiLeaks' sensitive data releases almost always damage the west and leave Russia unscathed. A visit to the wlstorage.net torrent repository shows us specifically who they target. There are very few Russia-related information troves.

If they released a trove of data on the Russians, it seems clear to me that Assange and many others at WikiLeaks would find themselves sipping Polonium-210-laced tea like that ill-fated ex-KGB whistleblower Alexander Litvinenko. Bad press for the Kremlin (in his case, looking into the assassination of Russian journalist Anna Politkovskaya) is generally punished by death in Russia. Dig too deeply and you'll discover, much to your chagrin, that it's your own grave you have dug.

WikiLeaks denies they received the leaked emails from the Russians. The US claims they know the go-betweens that prove Putin ordered the operation.

Let's just say for a moment that WikiLeaks are enemies of the west. Then this is completely consistent with publishing a database of who is related to who, what their jobs are, how much they make, and where they live. This process, called doxing enables people and organizations with malicious intent to get handles on people they want to attack. If this were true, the database WikiLeaks apparently would want to publish is, in fact, an analog of the human flesh search engine.

This kind of data would be of immense use to the Russian intelligence services, such as the FSB. So it certainly seems plausible to me that WikiLeaks was behind the tweet. But what about the other possibility?

(2) Someone else made the statement and wants us to think WikiLeaks said it

Did they even say it? It was tweeted by the WikiLeaksTaskForce, the Official WikiLeaks support account. It is explicitly intended to "correct misinformation about WikiLeaks".

Very soon after the original tweet, which has since been deleted, WikiLeaks itself tweeted the following:

Media note: is the only official account of WikiLeaks. No other accounts are authorized to make statements on behalf.

So the narrative might be that some troll joined (or hacked into) WikiLeaksTaskForce and posted the tweet to spread false information.

Its not unlikely at all that someone would want to discredit WikiLeaks. After all, their business is to enable whistleblowers by providing foolproof ways to release sensitive information. So anyone that has been damaged (or may be damaged) certainly has the motivation to discredit WikiLeaks. This is a big list of people, like John Kerry, Hillary Clinton, and organizations, like Bank of America, the American Intelligence community, and so on.

Tom properly discredit WikiLeaks, they would plausibly possess the means to accomplish the database in question. To assess that, we must first know exactly how WikiLeaks works.

How does WikiLeaks work?

Their primary modus operandi, I believe, must generally be given by the following steps:

  • accept large corpora of whistleblower information
  • put it onto an air-gapped network
  • strip it of all attribution, which entails editing it
  • separate it into bins of sensitivity
  • encrypt and encapsulate (using BitTorrent) the bins for transport
  • upload the information on wlstorage.net
  • get other sites to mirror the information
  • periodically release keys for the purpose of disseminating the information a bit at a time

They would use an air-gapped network to prevent anyone from hacking into them, which is definitely possible. They would want to isolate the sensitive data to completely control what is done with it and where it goes.

The stripping of all attribution information, including email headers and telltale references is done to protect their sources. This may involve redaction of information that can hurt innocent parties. But also look at this on the face of it: they are intimately acquainted with the forensics of data present in email headers.

They have admitted that they separate the data into bins of sensitivity so they can control the impact of the releases. After all, the idea that some information is more sensitive than others is a natural consequence of the information itself. But they might also want to keep the most inflammatory information as a deadman switch. Such information can be released if Assange is killed, for instance. This was demonstrated recently when, in October 2016, Ecuador cut off Julian Assange's Internet access. Soon thereafter, WikiLeaks tweeted hashes to various troves of information, aimed at John Kerry, Ecuador, and the UK FCO. So it's a virtual certainty that Assange has deadman switches.

Their favorite method of leak data storage is by encrypted, encapsulated databases, posted as a single file. This is so they can withhold the release of the data, processed using AES 256-bit encryption, until a later date, without withholding the data itself. Often, the files are hundreds of gigabytes in size, so they use BitTorrent as their transport. The file names often contain the word "insurance". This also corroborates the theory that the files constitute a deadman switch: if Assange or another key-holding WikiLeaks person is killed, then keys may be released by the others in retribution.

After the data is packaged, it is then uploaded to wlstorage.net, a storage site run by WikiLeaks that promotes mirroring. Unfortunately, from time to time, this data has often included malware which gets cleaned up, generally as soon as it is discovered.

Once there, any number of sites mirror the WikiLeaks databases. This includes CableDrum, and many other sites. This measure of redundancy prevents any single site from simply being destroyed to prevent the sensitive information from being released.

When WikiLeaks releases a trove of information, they simply need to release the AES 256-bit (64 hex digit) key. This allows anybody having access to any of the mirror sites to decrypt the information and begin the process of data mining it. Usually this means the press.

How does WikiLeaks modus operandi make the tweet more plausible, specifically?

First, because WikiLeaks is known to accept large corpora of hacked data, who says they haven't been able to get ahold of the verified Twitter database? If it's not plausible, then this tweet is a call to arms for the many hackers out there who need the cred that would stem from such a successful attack.

Second, because WikiLeaks is adept at stripping attribution information from email, metadata from photographs, wrappers from tweets, and other media, they are the perfect institution to be able to make use of that attribution information, symmetrically, to work against the "system".

Third, knowledge of encryption and the limits of its usefulness means they must also be knowledgeable about decrypting and cracking such information. They have a milieu of hackers that they are in regular contact with, certainly. They are trusted by hackers because it is WikiLeaks specific mission to protect them. They need to know what can and can't be cracked so they can keep their publicly available information troves secret from the most capable intelligence agencies in the world.

How does the tweet discredit WikiLeaks, specifically?

The ghastly specter of Big Brother looms over the tweet, that some clandestine organization is gathering information on all of us. This makes WikiLeaks the new NSA, the new GCHQ. Which makes those two organizations the ones most likely to discredit Assange.

Do they really need discrediting?

Currently their leader Julian Assange had been holed up in the Ecuadorean Embassy in London for 4 years and 7 months. This is because he has been granted asylum by Ecuador. Assange suspects that he will be extradited to the US to face charges under the Espionage Act of 1917. This could net him 45 years in a supermax prison, and potentially the death penalty.

Assange is also wanted for "lesser degree rape" in Sweden, a charge that will not expire until 2020.

The NSA has labelled WikiLeaks as a "malicious foreign actor".

12 comments:

  1. Mark do you really want to know how deep this rabbit hole goes with Wikileaks intentional help in electing Trump in order to seed civil war in the USA?

    http://qntra.net/2017/03/wikileaks-hands-elected-trump-us-government-weapon-to-gut-careerist-deep-state-us-government/#comment-89063

    https://bitcointalk.org/index.php?topic=1837136.msg18323952#msg18323952

    Study about who MPeX is and his cohorts who are replacing the world’s financial system (remember Assange was protected by Rothschilds):

    https://bitcointalk.org/index.php?topic=1837136.msg18459511#msg18459511

    https://bitcointalk.org/index.php?topic=1959633.0

    Dig into John Nash’s ideal money, his cooperative game theory, and the true design of Bitcoin that forces everyone off chain because due to cooperative game theory block size can not scale.

    P.S. see my reply today to your 2016 comment in your Evolution of Painter blog.

    ReplyDelete
    Replies
    1. Wikileaks and the tales around it are a total fantasy haven for conspiracy theorists, as your links suggest. I wouldn't believe everything I read on the net.

      Also, I feel cryptocurrency is really just another stock market and thus the talk surrounding it is subject to analysts' motives. See my post "analysts: what are these?", which is less tongue-in-cheek than you might think concerning analysts' motives.

      Don't totally get me wrong, bro. Cryptocurrency is also a haven for the conspiracy theorists who specifically predict doom and destruction. Who want to disentangle themselves from the currency of any particular state actor.

      Again, don't believe everything you see on he internet. There are plenty of things going on to disrupt the famous multi-year cycles and most historical Nostradamuses' predictions.

      However, you might look at the effect of AI on the job market. Imagine no truck drivers and no taxi drivers and its effect on the unemployment line, for instance. Factory jobs are already disrupted by specialized machines, and this effect is only going to get more pronounced. It won't matter where factories are soon. That shoots the hell out of your Asia triumphant predictology.

      Predicting the future is a tough game to win. Commerce abhors a vacuum.

      Delete
    2. …You do not understand. Asia is transitioning into the knowledge age with better annealing because they do not have the very high rates of social welfare liabilities and bankrupted retirement plans of the West. China is rapidly replacing all of our Internet business with their own for example.

      Seriously Mark you are a very talented engineer, mathematician, researcher, and artist (more so than myself, heck you graduated from CalTech and your accomplishments and connections are so enviable and my utmost respect for it) who is in danger of becoming a dinosaur and wasting the tail end of your career. I do hope you wake up. I respect your abilities, but your myopia right now is severe. Taking an extended trip out of Cupertino could possibly give you new perspectives?

      Any way, I think it is nearly impossible to change any person’s opinion. Would you actually expend the time to dig through all the data and come to a rational conclusion of the coming Minsky Moment when the West runs of out of “other people’s money”. I am presume your research work is more interesting for you. I certainly enjoy technical work also.

      > Commerce abhors a vacuum.

      Especially the rigor mortis of the Titanic winner-take-all power vacuum in the West.

      Delete
    3. For some unknown reason my other comment is not appearing, so here is a link to the entire comment:

      https://gist.github.com/shelby3/b3b19767246d40123ca64f7cc5289ffd

      Delete
    4. Dude, I have been all over the world. And, market-wise, we have seen consolidation, split-up, rising, and falling. And the only thing that stays the same is that things change. The only thing that matters is how well you are prepared for the Minsky moments.

      Some people make money predicting doom and gloom, Shelby. And other people stockpile supplies and weapons in their bomb shelters. The right answer is probably neither of those.

      One thing is for sure: the housing crisis was most detrimental to those who did stupid things: extending themselves into a danger zone with respect to the valuation of their properties.

      And, by the way, wipe that froth off your mouth, dude.

      We haven't even begun to see the result of tech disruption.

      Delete
    5. > We haven't even begun to see the result of tech disruption.

      Yes but my point is about where that disruption is happening. Google has entirely disrupted Apple on marketshare and waiting for the disruption from below to finish the hollowing out of what is remaining of iPhone’s (profitable) vertical markets.

      China will clone the iPhone and replace with their own local one. They are doing this in every industry, high-tech or otherwise.

      And Mircea Popescu and blockchains are disrupting everything.

      > Some people make money predicting doom and gloom

      Who is predicting doom and gloom? I do not live in the West nor work for Apple nor Paypal.

      > the housing crisis was most detrimental to those who did stupid things

      And it will be the same again. Those who stayed put in the clusterfuck and did not identify the correct sectors and disruptions underway.

      > And, by the way, wipe that froth off your mouth, dude

      We will know in a few years.

      There are other perspectives and sometimes we get overinvested in our own and fail to glance over the trees.

      Delete
    6. If market share were the issue, then Apple would have acted like Microsoft and would be gone by now. I can't spell out enough that it's the product quality and the user experience, and the lifecycle of the product that matters.

      Perspective matters. And you are following the predictors of doom and gloom. Pursuing a strategy of an OS on top of an OS that, for reasons I've already spelled out, literally anybody would think is addled.

      Do your market research. Simplify your plans. Choose the right path.

      Delete
    7. > I can't spell out enough that it's the product quality and the user experience, and the lifecycle of the product that matters.

      Agreed those are all important.

      Apple is averaging $40 per user per year in App Store revenue and ~$1 a day in revenue per user overall including device sales.

      People are spending less on Apple than they are on any one of their car payment, petrol, food, electricity, or entertainment.

      Thus mobile is still secondary to major things in life such as employment or investment.

      Most of Apple’s revenue growth is coming from payments, music, apps, and cloud services. Now imagine we challenge this with an investment and employment model. This could be more important to users than their current usage of mobile. If Apple blocks this model, I wonder what would be the impact.

      Yet there is afaik no precedent that such a project could reach Apple’s 700M active usership. Perhaps the dot.com bubble reached 10s of millions of investors participation.

      The PC was highly related to employment and achieved billions of users, yet no one company captured most of the revenue. And that was where commodification of the OS and hardware won, even though many claimed the Mac was superior.

      I think we are maybe focusing too much on the revenues that major OS companies are extracting from the smartphone ecosystem, rather than potential revenues across the ecosystem of all possible use cases of smartphones. Surely the employment ecosystem that was built around PCs dwarfs the revenues in smartphone ecosystems.

      Delete
    8. All I can say is that Apple is one of the few companies that constantly seeks to disrupt itself, and has no fear of it. You fundamentally misunderstand the model. Revenue certainly comes into it, but, as Steve once said "don't be the richest guy in the graveyard". The agglomeration of wealth is not the goal. The goal is to make lives better. Owning the world simply reduces the competition and the growth. The goal is to make great products by reinventing them. Focus on their real use cases. Make the user experience simple and delightful. Improve lives by removing the drudgery, making interaction simpler.

      You can look at historical economics all you want. The mobile industry has disrupted much of it. And that's because somebody took the time to make things simpler. And because it's simpler, people want to use it.

      Revenue is simply the result of doing it right, enabling people, and showing them what the future looks like in their hands. Playing the "cheapest model wins" game never came into it, and never should.

      This reinvention can apply to anything, literally anything. But listen to Horace Dediu to understand the potential barriers to entry of any given potential disruption. Problems must be solved first before a disruptive tech can begin to snowball into the useful part of the utilization curve.

      Enterprise computer use is changing, mostly due to companies "getting it" and simplifying such complexities as data entry, database access, point-of-sale systems, and so forth. And because of BYOD it's changing to mobile.SO many of those PCs don't have to be desktop or even laptop units.

      And because enterprise is going this way, it gives you the opportunity of creating the ultimate secure enterprise data capture and retention system, secured by blockchain. Do it Shelby! You are the expert. Make that bundle of cash. And, for heaven's sake, make it simple enough that it can succeed. Now is the time to secure the enterprise from hackers. Your market is ready-made and hungry for this!

      Delete
    9. Mark thanks for that insight on the enterprise market.

      Delete
  2. This comment has been removed by a blog administrator.

    ReplyDelete
  3. This comment has been removed by a blog administrator.

    ReplyDelete