Showing posts with label wikileaks. Show all posts
Showing posts with label wikileaks. Show all posts
Saturday, 5 February 2011
Even more Wikileaks
Next order So, the latest nomination for the Nobel Peace prize: Wikileaks! I really thought that nobody could top this. Well done on surprising me World. I disagreed with last year's award, but that's more personal opinion than anything else, but this is ludicrous! I mean at this rate soon I will be nominated for the Nobel Prize in Literature for writing this blog!
Monday, 31 January 2011
Operation Payback/ Avenge Assange
So, we are back on the Wikileaks thing again. Despite my best arguments to myself, I could not convince me not to write about this. Moving swiftly on from my mild DID, we need to jump back in time a little. So, do you remember when the original Wikileaks stuff happened? Well, shortly after that, Wikileaks took a huge blow to the coffers. Visa, MasterCard, PayPal and others stopped accepting payments to Wikileaks' financial wing, shall we say?
Now, the reasons for stopping the payments varied, both on and off the record, but the gist of it was "violation of terms of service." Every time you sign up to another site, or install some software there is always a ToS or EULA that you have to agree to. Violating either basically constitutes breach of contract and you can be charged accordingly. So all these companies claimed breach of contract and shut down payments pending further investigations.
Now, this didn't sit well with some people on the Internet, namely Anonymous (pause for ironic effect.) Anonymous is basically a collection of individuals who post on forums, mostly 4chan, under known aliases. They are highly vocal about pretty much anything and participate in "hacktivism" and real activism, such as this. In truth it is slightly more complex than that and could fill a whole book, which I will probably never right, so somebody go ahead and do it, provided I am consulted and credited for the idea.
So, Anonymous are ticked off and decide to exact some payback (note the choice of words, specifically the usage of the word pay) on the payment proccessors. They look into their bag of tricks and whip out a classic: the DDoS attack (I will explain DDoS attacks in a future post). This was codenamed Operation Avenge Assange and came under the general umbrella of Operation Payback. I could explain the nuances, but I really don't want to get into, so sorry folks. Basically, they attacked various financial institutions and others and even took down Visa's and MasterCard's websites.
How it was actually done is kind of hazy, but as far as I know, people installed clients that would respond to an IRC trigger and act like a bot in a botnet (again, an explanation on botnets in a future post) to attack whatever target was named in the trigger. This would then allow a single person to have 100's and 1000's of computers attacking the desired target and thus lending more weight to the attack.
Now here's the thing, executing or participating in a DDoS is ILLEGAL. There is no room for discussion on this one. The legality of Wikileaks can be debated, but on this topic, the law is explicit. What they did was illegal, end of discussion.
Recently a few people have been arrested in connection to this, which they should be. Anonymous has retaliated saying that this should be considered a form of protest and freedom of speech and all manner of other things. Well, it's not protest, it's a crime. End of. They even went so far as to threaten the Government of the United Kingdom.
And throughout all of this, nobody realises the irony of the association between Wikileaks and Anonymous. Where Anonymous is rooted in the concealing of certain information, Wikileaks' founding principle is the full disclosure of information. I say nobody realised this, but Randall Munroe did and he showed it here. (PS xkcd = highly recommended by me)
I've said my piece and I'm done with this. I will post about the newer developments but in no real detail. As I've said before, this whole episode just pushed my buttons, so I'm going have as little to do with it as possible.
Now, the reasons for stopping the payments varied, both on and off the record, but the gist of it was "violation of terms of service." Every time you sign up to another site, or install some software there is always a ToS or EULA that you have to agree to. Violating either basically constitutes breach of contract and you can be charged accordingly. So all these companies claimed breach of contract and shut down payments pending further investigations.
Now, this didn't sit well with some people on the Internet, namely Anonymous (pause for ironic effect.) Anonymous is basically a collection of individuals who post on forums, mostly 4chan, under known aliases. They are highly vocal about pretty much anything and participate in "hacktivism" and real activism, such as this. In truth it is slightly more complex than that and could fill a whole book, which I will probably never right, so somebody go ahead and do it, provided I am consulted and credited for the idea.
So, Anonymous are ticked off and decide to exact some payback (note the choice of words, specifically the usage of the word pay) on the payment proccessors. They look into their bag of tricks and whip out a classic: the DDoS attack (I will explain DDoS attacks in a future post). This was codenamed Operation Avenge Assange and came under the general umbrella of Operation Payback. I could explain the nuances, but I really don't want to get into, so sorry folks. Basically, they attacked various financial institutions and others and even took down Visa's and MasterCard's websites.
How it was actually done is kind of hazy, but as far as I know, people installed clients that would respond to an IRC trigger and act like a bot in a botnet (again, an explanation on botnets in a future post) to attack whatever target was named in the trigger. This would then allow a single person to have 100's and 1000's of computers attacking the desired target and thus lending more weight to the attack.
Now here's the thing, executing or participating in a DDoS is ILLEGAL. There is no room for discussion on this one. The legality of Wikileaks can be debated, but on this topic, the law is explicit. What they did was illegal, end of discussion.
Recently a few people have been arrested in connection to this, which they should be. Anonymous has retaliated saying that this should be considered a form of protest and freedom of speech and all manner of other things. Well, it's not protest, it's a crime. End of. They even went so far as to threaten the Government of the United Kingdom.
And throughout all of this, nobody realises the irony of the association between Wikileaks and Anonymous. Where Anonymous is rooted in the concealing of certain information, Wikileaks' founding principle is the full disclosure of information. I say nobody realised this, but Randall Munroe did and he showed it here. (PS xkcd = highly recommended by me)
I've said my piece and I'm done with this. I will post about the newer developments but in no real detail. As I've said before, this whole episode just pushed my buttons, so I'm going have as little to do with it as possible.
Thursday, 20 January 2011
I've had about enough of Wikileaks
Well, I've been off silently fuming every time I hear the name "Wikileaks," which is why I haven't posted anything recently. But as promised in my previous post, this post will cover the blame part of the whole Wikileaks issue. (However, as this topic continues to annoy it will not be as lengthy as promised.)
So, here we go. The scenario is simple: Person X (I use an an anonymous name as I have no idea who actually did the leaking, but there are some suspects) had access to the US Diplomatic cables. I think its a safe assumption that X had some sort of clearance and/or was told not to share these cables with any unauthorised person(s). Another safe assumption would be that unauthorised persons includes me, possibly you and of course Wikileaks. Despite this, X decided to give the cables to Wikileaks.
We can see that this is obviously wrong, as in you will go to jail wrong. Blatantly illegal. Now the exact legality depends a few factors, such as if they had access to all the cables or some. If it was one person or many., the post the person is in, if the cables were classified and so on. Knowing now of these we cannot say much more and that is where I will leave it.
Moving on to Wikileaks, the law becomes a bit more grey. There are several issues involved here, the greatest of which being what jurisdiction does Wikileaks fall under? Which nation state's laws apply to them? This is quite a complex issue and still needs some resolving and legal catch up. Countries tend to be very cooperative on certain matters pertaining to the Internet, but there is still no really good legal framework. I still maintain that they are giving away stolen data, so intuitively that is wrong. See previous post for the whole whistle blowing or not issue.
Seeing as how they are now back in the news concerning the release of certain records from Julius Bär or Julius Baer Group. These records where leaked by former employee Rudolph Elmer. Elmer has since been detained and is being extradited to Switzerland to stand trial. Wikileaks has yet to publish the records, so we shall wait until they do so.
And on that note, I will leave this whole mess. I may or may not post something about any further revelations by Wikileaks. It all depends on how I feel about it at the time.
So, here we go. The scenario is simple: Person X (I use an an anonymous name as I have no idea who actually did the leaking, but there are some suspects) had access to the US Diplomatic cables. I think its a safe assumption that X had some sort of clearance and/or was told not to share these cables with any unauthorised person(s). Another safe assumption would be that unauthorised persons includes me, possibly you and of course Wikileaks. Despite this, X decided to give the cables to Wikileaks.
We can see that this is obviously wrong, as in you will go to jail wrong. Blatantly illegal. Now the exact legality depends a few factors, such as if they had access to all the cables or some. If it was one person or many., the post the person is in, if the cables were classified and so on. Knowing now of these we cannot say much more and that is where I will leave it.
Moving on to Wikileaks, the law becomes a bit more grey. There are several issues involved here, the greatest of which being what jurisdiction does Wikileaks fall under? Which nation state's laws apply to them? This is quite a complex issue and still needs some resolving and legal catch up. Countries tend to be very cooperative on certain matters pertaining to the Internet, but there is still no really good legal framework. I still maintain that they are giving away stolen data, so intuitively that is wrong. See previous post for the whole whistle blowing or not issue.
Seeing as how they are now back in the news concerning the release of certain records from Julius Bär or Julius Baer Group. These records where leaked by former employee Rudolph Elmer. Elmer has since been detained and is being extradited to Switzerland to stand trial. Wikileaks has yet to publish the records, so we shall wait until they do so.
And on that note, I will leave this whole mess. I may or may not post something about any further revelations by Wikileaks. It all depends on how I feel about it at the time.
Sunday, 12 December 2010
Wikileaks
So, I've been away for a while. Between having minimal to no Internet and having no electricity, I have been less than connected to the Internet. That and I am fairly lazy, but still TIA. Now on to business.
I'm sure you have all heard of Wikileaks, the purported whistle blower website. It provides people with an anonymous "drop boxes", where they can submit documents detailing any wrongdoing. The site then goes on to state "our accredited journalists assess the submission. If it meets the criteria, our journalists then write or produce a news piece based on the document." It goes on further to describe ways of ensuring your anonymity when sending it via post and so forth. In theory this has provided whistle blowers with a way to expose wrongdoings. In theory.
I say purported as I do not believe it is a whistle blower site. Firstly, let us examine the concept of whistle blowing. It derives from the practice of policemen blowing a whistle to alert people around of the commission of a crime. It refers to a person who highlights something wrong that is happening, most in an organisation. Now, when I say wrong I mean illegal, but some people consider it includes immoral wrongdoings. So the site first came to prominence when it published Iraq/Afghanistan War Diaries. These gave details of operations and on the ground realities of the wars. They did bring to light some, for lack of a better term, disconcerting revelations. These could be considered whistle blowing, but there are many grey areas, which we overlook for the sake of argument and say this is valid whistle blowing. That, my friends, is where it all ends.
The next major publication was swiftly dubbed Cablegate (hate that name, cf.this post for the explanation). This was the leak of several secret diplomatic cables between Washington DC and diplomatic missions in several countries. Here's where we go from the legally ambiguous to outright illegal and the legitimacy of these leaks as whistle blowing is a little more than questionable.
To explain, let us detail the job of a diplomatic mission to another country. Most of us are familiar with the consular services, that is issuing visas, passports, etc, but that is only their public facing role. Diplomatic envoys are representatives of their sovereign government in a, presumably, friendly nation. It is their duty to not only represent their country, but also provide their country with information about the people, mainly politicians, of that country. As part of this duty, they send back profiles, if you will, on politicians to their government. These are sent in cables, which are private communications.
Notice the emphasis on private. Not only are these communiques private, but some of them are even classified. Granted, they may not be highly classified, but classified all the same. Only a limited number of people have access to these cables and presumably such access comes with a "do not tell anybody about this" clause. This is where the illegality comes in.
Whomsoever gave these cables to Wikileaks is guilty of a few crimes, depending which way you spin it. These range from the banal mail fraud to my personal favourite espionage. It's not even debatable if what these people did is wrong, it just is. Most of these cables do not expose any sort of wrongdoing at all.
As stated before diplomatic envoys report on local politicians. Although I would like to believe that these people are trained for and/or good at judging people, most of what they report is still personal opinion and conjecture. It is just inherent in this type of data. This is essentially office gossip at an international level. I'm pretty sure that someone somewhere has called their new Head of PR an "mistake-prone control freak" (my personal favourite quote out of all of the cables) and that is considered to be normal. Hence, no wrongdoing and thus no whistle blowing.
Furthermore, some of the "data" sent in the cables in nothing more than well crafted misinformation (this is completely ignoring the false cables that were released). Governments are aware that diplomats report back to their capital, as they have their own diplomats doing the same. So they may choose to feed a diplomat false information in the hope that their parent country will believe it and thus be manipulated into behaving a certain way. I will swiftly avoid any ethical or political debate by saying that all of that falls outside my purview.
Yes, I agree that there may be some cables whose leaking may have proved beneficial, but they are a minority. There is a saying in the security industry: "Even f you secure 99% of the system, you have still failed." The cables that potentially have a detrimental effect, though small in number, will have the greatest impact. Barring these, most of the cables' leakage and then release lead to nothing more than embarrassment for the governments involved.
And thus we see that the recent Cablegate (*shudder*) was basically neither legal nor legitimate whistle blowing. Effectively, Wikileaks are just fences for stolen digital data. Now this leaves us with the question of where the blame/responsibility lies. For that, I will put up another post, as it is quite a lengthy matter. That and you are probably really bored of reading this by now.
***SIDENOTE***
Just found this. No real relevance, but it's funny!
I'm sure you have all heard of Wikileaks, the purported whistle blower website. It provides people with an anonymous "drop boxes", where they can submit documents detailing any wrongdoing. The site then goes on to state "our accredited journalists assess the submission. If it meets the criteria, our journalists then write or produce a news piece based on the document." It goes on further to describe ways of ensuring your anonymity when sending it via post and so forth. In theory this has provided whistle blowers with a way to expose wrongdoings. In theory.
I say purported as I do not believe it is a whistle blower site. Firstly, let us examine the concept of whistle blowing. It derives from the practice of policemen blowing a whistle to alert people around of the commission of a crime. It refers to a person who highlights something wrong that is happening, most in an organisation. Now, when I say wrong I mean illegal, but some people consider it includes immoral wrongdoings. So the site first came to prominence when it published Iraq/Afghanistan War Diaries. These gave details of operations and on the ground realities of the wars. They did bring to light some, for lack of a better term, disconcerting revelations. These could be considered whistle blowing, but there are many grey areas, which we overlook for the sake of argument and say this is valid whistle blowing. That, my friends, is where it all ends.
The next major publication was swiftly dubbed Cablegate (hate that name, cf.this post for the explanation). This was the leak of several secret diplomatic cables between Washington DC and diplomatic missions in several countries. Here's where we go from the legally ambiguous to outright illegal and the legitimacy of these leaks as whistle blowing is a little more than questionable.
To explain, let us detail the job of a diplomatic mission to another country. Most of us are familiar with the consular services, that is issuing visas, passports, etc, but that is only their public facing role. Diplomatic envoys are representatives of their sovereign government in a, presumably, friendly nation. It is their duty to not only represent their country, but also provide their country with information about the people, mainly politicians, of that country. As part of this duty, they send back profiles, if you will, on politicians to their government. These are sent in cables, which are private communications.
Notice the emphasis on private. Not only are these communiques private, but some of them are even classified. Granted, they may not be highly classified, but classified all the same. Only a limited number of people have access to these cables and presumably such access comes with a "do not tell anybody about this" clause. This is where the illegality comes in.
Whomsoever gave these cables to Wikileaks is guilty of a few crimes, depending which way you spin it. These range from the banal mail fraud to my personal favourite espionage. It's not even debatable if what these people did is wrong, it just is. Most of these cables do not expose any sort of wrongdoing at all.
As stated before diplomatic envoys report on local politicians. Although I would like to believe that these people are trained for and/or good at judging people, most of what they report is still personal opinion and conjecture. It is just inherent in this type of data. This is essentially office gossip at an international level. I'm pretty sure that someone somewhere has called their new Head of PR an "mistake-prone control freak" (my personal favourite quote out of all of the cables) and that is considered to be normal. Hence, no wrongdoing and thus no whistle blowing.
Furthermore, some of the "data" sent in the cables in nothing more than well crafted misinformation (this is completely ignoring the false cables that were released). Governments are aware that diplomats report back to their capital, as they have their own diplomats doing the same. So they may choose to feed a diplomat false information in the hope that their parent country will believe it and thus be manipulated into behaving a certain way. I will swiftly avoid any ethical or political debate by saying that all of that falls outside my purview.
Yes, I agree that there may be some cables whose leaking may have proved beneficial, but they are a minority. There is a saying in the security industry: "Even f you secure 99% of the system, you have still failed." The cables that potentially have a detrimental effect, though small in number, will have the greatest impact. Barring these, most of the cables' leakage and then release lead to nothing more than embarrassment for the governments involved.
And thus we see that the recent Cablegate (*shudder*) was basically neither legal nor legitimate whistle blowing. Effectively, Wikileaks are just fences for stolen digital data. Now this leaves us with the question of where the blame/responsibility lies. For that, I will put up another post, as it is quite a lengthy matter. That and you are probably really bored of reading this by now.
***SIDENOTE***
Just found this. No real relevance, but it's funny!
Subscribe to:
Posts (Atom)
Subscribe To
Posts
All Comments