The Wikileaks "insurance.aes256" File

Christian Klippel said:
(I'm going to report myself after this post, since it probably is way too off-topic here. If that's the case, the moderator(s) please move it to a new thread instead, something like "WikiLeaks Fallout" maybe.)



I surely hope so. However, i think that the real "threat" is not WikiLeaks, nor the contents of what it publishes. The real danger is the fallout/backlash, whose dimensions we can only guess at the moment. It is not about some secret documents, that shouldn't be that secret in the first place. Well, most of them, anyways.

It is the grave dangers and threats to democracy itself, caused by the governments and corporations involved. And these dangers are just starting to show up, it's all just beginning. We will be concerned about that in months, if not years, to come.

Just take a look what already happened. And all that without any court deciding that yes, there was something illegal. It happened just because some powers influenced certain people:

- Visa and MasterCard terminated their services for WL. Just because. Of course they have no problem to still handle transactions for porn, anti-abortion fanatics, Ku Klux Klan...

- PayPal cut off their services to WL. Without any court ruling or similar.

- Post Finance of Switzerland closed WL's accounts. Allegedly because Assange does not have a residency in Switzerland. Of course, Swiss banks never had any problems with Nazi-Money, money-laundering, tax-evasions, etc. It's only WL that all of a sudden "touches our moral emotions", as they say.

- Amazon throws out WL's website from the cloud. Just for a second think about what that means. Any company's or entity's web presence can be shut down, without any legal basis, just because they feel like it. Mind you, it's not proven that what WL does is unlawful. There is no court ruling that says so, and it will be extremely hard to get one anyways. Think about the implications. If you have a business, hosted there, and they don't like it, they basically can drive you bancrupt.

- Certain politicians already call for a death penalty of the person who leaked the cables. And just in case, if that's not possible according to current laws, they should be changed to allow for that. Democracy anyone?
- Most of the press is bashing WL. However, they fail to see that what happens to WL right now, directly and equally affects them as well. If they don't like what WL is doing, they have to stop uncovering secrets as well. No more publishing secret information. No more whistle-blower protection. No more any safety for a newspaper that publishes such things. Certain politicians already want a trial for the NYT as well, mind you.

All these things do not bode well for anything that even remotely calls itself a democracy. BTW, there is a long post that covers many (and more) of such points in German here. Lot's of quotes there are in English, however, and for the rest Google-Translate is your friend.

As i said, it's all just beginning. We are about to face real threats, and they have nothing to do with what WL publishes. I think that this is something that most people overlook right now. Currently it's all about the "Ohh, look, the bad guys at WL" or the fake "But they are threatening lives with these publications" or the "But that's so embarrassing for the government of x" arguments.

Want free speech? Then take the risks of defending it. Want to see WL stop what they are doing? Then give up your desire for free speech. You can't have it both ways. And anyways, think twice where you host your companies web pages. Think twice about which bank and/or credit card you want to use. Because, you see, just because someone has bad feelings about what you do, you can loose it all in a blink of an eye. It doesn't take a court verdict that you did something criminal. Sad as it is, but that's the reality, one that we just begin to see. Be prepared for what will come in the near future.
Greetings,

Chris
Click to expand...
As a U.S. citizen, I agree with you that the worrying part of this is the encroachment on freedom. We lost some after 9/11 when Homeland Security was set up (first the Office of Homeland Security and then the Department of Homeland Security). We lose more as hysteria again strikes the U.S. and people respond with cries for censorship and punishment.

Once the chipping away starts, it's hard to stop. It's even harder to regain what has been lost.
 
FattyCatty said:
As a U.S. citizen, I agree with you that the worrying part of this is the encroachment on freedom. We lost some after 9/11 when Homeland Security was set up (first the Office of Homeland Security and then the Department of Homeland Security). We lose more as hysteria again strikes the U.S. and people respond with cries for censorship and punishment.

Once the chipping away starts, it's hard to stop. It's even harder to regain what has been lost.
Click to expand...

Indeed. And i just found out that it still gets worse.

There really is quite some irony in this news about the Elliot School of International Affairs. Not only that this comes from a school for international affairs, warning the student to directly read the cables which are about international affairs. No, the implications are even worse.

In fact they are covertly telling the students that all their internet traffic is monitored and forwarded to the places they work or might work in the future, that means things like recruiting offices as well.

Not only do they want to cripple free speech, they also want to forbid people to listening freely.

I'm wondering, did they make a mistake and took "1984" for an instruction manual?

Greetings,

Chris
 
Christian Klippel said:
Indeed. And i just found out that it still gets worse.

There really is quite some irony in this news about the Elliot School of International Affairs. Not only that this comes from a school for international affairs, warning the student to directly read the cables which are about international affairs. No, the implications are even worse.

In fact they are covertly telling the students that all their internet traffic is monitored and forwarded to the places they work or might work in the future, that means things like recruiting offices as well.

Not only do they want to cripple free speech, they also want to forbid people to listening freely.

I'm wondering, did they make a mistake and took "1984" for an instruction manual?

Greetings,

Chris
Click to expand...

My eye caught this snippet from the article:
If students must use information from the leaked cables, the e-mail suggested using only what has been reported about in the media.
Click to expand...
Does the Guardian's website count as "media? For they have a searchable database of the published cables on par or better than wikileaks. :)
 
ddt said:
My eye caught this snippet from the article:

Does the Guardian's website count as "media? For they have a searchable database of the published cables on par or better than wikileaks. :)
Click to expand...


I guess by "what is reported in the media" they meant the US media - which in general doesn't report much about the contents of those cables and diaries anyway (for some strange reasons).
 
BenBurch said:
But clearly, if a terrorist wanted to damage the great nations of the world, and that is what is represented to be (and not 30,000 spam emails) then killing Assange might be worth the risk.
Click to expand...
First of all, that is an extremely spurious argument. It just reeks of some CIA brainiacs sitting in a room and desperately trying to come up with anything, just anything that can make the release of this file seem unwise or uncalled for.

Second, there are no such 'terrorists at large' whose only goal is to cause a maximum amount of pain to a maximum amount of people. Real terrorists have specific goals, they want to hurt specific people in order to further specific agendas. We do not know what this file contains. The unredacted contents could hurt these terrorists' cause as well as helping it. Consider the choice between killing Assange for an unknown outcome, and killing a similarly difficult target such as a high-ranking US official.
 
So what software do I need to handle aes-encrypted files?
 
Note that Assange was involved in creating the cryptographic Rubberhose filesystem..

What sticks out is the 1GB sized "aspects". OTOH, originally it had no AES256 support.

Just want to point out that he has some ideas about cryptography, so he is certainly no fool in that matter. Despite the .aes256 suffix, it can be a lot of things/formats/containers in that file.

Greetings,

Chris
 
Christian Klippel said:
Note that Assange was involved in creating the cryptographic Rubberhose filesystem..

What sticks out is the 1GB sized "aspects". OTOH, originally it had no AES256 support.

Just want to point out that he has some ideas about cryptography, so he is certainly no fool in that matter. Despite the .aes256 suffix, it can be a lot of things/formats/containers in that file.

Greetings,

Chris
Click to expand...

While the aes256 motif might be rather sketchy for a correlation, the fact that this video has not been released yet might suggest the file contains this

(2:14:28 PM) Lamo: did that bear out? the surveillance?
(2:14:46 PM) Manning: based on the description he gave me, I assessed it was the Northern Europe Diplomatic Security Team… trying to figure out how he got the Reykjavik cable…
(2:15:57 PM) Manning: they also caught wind that he had a video… of the Gharani airstrike in afghanistan, which he has, but hasn’t decrypted yet… the production team was actually working on the Baghdad strike though, which was never really encrypted
(2:16:22 PM) Manning: he’s got the whole 15-6 for that incident… so it wont just be video with no context
(2:16:55 PM) Manning: but its not nearly as damning… it was an awful incident, but nothing like the baghdad one
(2:17:59 PM) Manning: the investigating officers left the material unprotected, sitting in a directory on a centcom.smil.mil
(2:18:03 PM) Manning: server
(2:18:56 PM) Manning: but they did zip up the files, aes-256, with an excellent password… so afaik it hasn’t been broken yet
Click to expand...

If true it will hardly bring the world crashing down.
 
Last edited:
Alternatively it might be the "Gitmo papers"

(04:35:31 PM) Manning: The Gharani airstrike videos and full report, Iraq war event log, the “Gitmo Papers”, and State Department cable database
(04:35:50 PM) Lamo: Not too shabby.
(04:36:03 PM) Manning: thats just me….
(04:36:26 PM) Manning: idk about the rest… he *hopefully* has more

wired.com then seems to delete some of the log
--------------------------------------------------------------------------------


04:45:48 PM) Manning: i couldn’t be a spy…
(04:45:59 PM) Manning: spies dont post things up for the world to see
(04:46:14 PM) Lamo: Why? Wikileaks would be the perfect cover
(04:46:23 PM) Lamo: They post what’s not useful
(04:46:29 PM) Lamo: And keep the rest

http://www.wired.com/threatlevel/2010/06/wikileaks-chat/
 
I've been pondering how attackable the password to this is. It seems to me that there's a limitation on how complex the password can be, by the neccesity to be able to distribute it in an emergency. Worst case scenario, Julian Assange shouts it in a courtroom, or while being dragged past reporters outside a prison, or some such.

If it's a 256 digit number, it has to be a number that can be derived by some quickly statable method, like the fibonacci sequence starting from a certain number, or a sequence of primes, or the 5000th through 5256th digits of pi, or something like that. It COULD be random, but only if we knew that whoever was tasked with distributing the password, or whatever software program would mail it out wouldn't be compromised, and I don't think that's an assumption that can be made. Recently China, for example, demonstrated that it's possible to divert the entire internet for at least a few minutes, so it's reasonable to assume that other industrialized nations have the ability to divert or paralyze the internet at will. /paranoia
 
ddt said:
A decryption program, e.g., this one (the first to show up on Google), or openssl. And, of course, the passphrase. :D
Click to expand...


Thanks for the tip, DDT. :) I guess it does not matter which program someone uses since AES is a standardized encryption format, right?

Also, there are rumors that NSA and CIA do know some kind of backdoor to AES. Does someone know more about the probability of such a backdoor?
 
BenBurch said:
Enough computing power and you do not need a back door. Remember that it is entirely likely that NSA has bleeding edge technology you and I can only dream of.
Click to expand...

You think they're trying to brute it?
 
You must log in or register to reply here.

Back
Top Bottom