WikiLeaks suffers major breach, prompting accusations and a theory on what went wrong
The Washington Post
By Jason Ukman | 10:23 AM ET, 09/01/2011
The full, unredacted versions of more than 250,000 U.S. diplomatic cables are floating around online after the security of a WikiLeaks database was compromised.
Thousands of the cables had previously been published, but many of those cables had been carefully redacted to protect the names of individuals who consulted with American diplomats and who could, U.S. officials said, be put at risk in their home countries if their involvement with the Americans became known.
In a lengthy message posted online late Wednesday, WikiLeaks accused the Guardian of causing the leak, saying that one of the newspaper’s investigative reporters “negligently disclosed” a decryption password in a book about the group and its founder, Julian Assange.
The Guardian, in a statement, dismissed the allegations, pointing out that the book was published last February.
“It contained a password, but no details of the location of the files, and we were told it was a temporary password which would expire and be deleted in a matter of hours,” the paper said in a statement.
The truth, according to a long, detailed account in the German daily Der Spiegel on Thursday morning, might lie somewhere in between WikiLeaks’ account and the Guardian’s.
Der Spiegel was also among the first news organizations to acquire the cables last year, and as a result, claims to know exactly how “a series of mistakes made by several different people” add up to “a catastrophe.”
According to the account, those people include not only Assange and Guardian reporter David Leigh, but also the head of a breakaway faction of WikiLeaks, Daniel Domscheit-Berg, who took a dataset off a WikiLeaks server that, unknown to him, included the cables.
Assange should have removed the dataset from the server, Der Spiegel suggests, but apparently failed to do so.
From there, the tale gets even more tangled after WikiLeaks disseminated a compressed version of the dataset using a file-sharing program known as BitTorrent. Says Der Spiegel:
BitTorrent is decentralized. Data which ends up on several other computers via the site can essentially no longer be recalled. As a result, WikiLeaks supporters had in their possession the entire dataset that Domscheit-Berg took off the WikiLeaks server, including the hidden data file. Presumably thousands of WikiLeaks sympathizers -- and, one supposes, numerous secret service agents -- now had copies of all previous WikiLeaks publications on their hard drives.
At that point, it was only a matter of time before a user realized that the dataset included the cables.
And while the data remained encrypted, they could be decrypted with the password.
That password could be found in the Guardian’s book.
In an interview, Ian Katz, the Guardian’s deputy editor, strongly dismissed any wrongdoing by the paper.
Katz said that at no time had Assange ever voiced concern about the password published in the book; rather WikiLeaks had said the password was to be changed.
Wikileaks had been “careless” with the documents, Katz sad.
Leigh, the Guardian reporter, also asserted that he did nothing wrong.
“What we published ... in our book was obsolete and harmless,” he told the Associated Press in an e-mail. “We did not disclose the URL where the file was located, and in any event, Assange had told us it would no longer exist.”
In its statement, WikiLeaks claims Leigh’s decision was a violation of an agreement with the Guardian’s editor, Alan Rusbridger.
In its Twitter feed, the group asked supporters whether it should release all the cables itself at this point, making it easier for them to be found.
Correspondent Anthony Faiola in London contributed to this report.
By Jason Ukman | 10:23 AM ET, 09/01/2011
The full, unredacted versions of more than 250,000 U.S. diplomatic cables are floating around online after the security of a WikiLeaks database was compromised.
Thousands of the cables had previously been published, but many of those cables had been carefully redacted to protect the names of individuals who consulted with American diplomats and who could, U.S. officials said, be put at risk in their home countries if their involvement with the Americans became known.
In a lengthy message posted online late Wednesday, WikiLeaks accused the Guardian of causing the leak, saying that one of the newspaper’s investigative reporters “negligently disclosed” a decryption password in a book about the group and its founder, Julian Assange.
The Guardian, in a statement, dismissed the allegations, pointing out that the book was published last February.
“It contained a password, but no details of the location of the files, and we were told it was a temporary password which would expire and be deleted in a matter of hours,” the paper said in a statement.
The truth, according to a long, detailed account in the German daily Der Spiegel on Thursday morning, might lie somewhere in between WikiLeaks’ account and the Guardian’s.
Der Spiegel was also among the first news organizations to acquire the cables last year, and as a result, claims to know exactly how “a series of mistakes made by several different people” add up to “a catastrophe.”
According to the account, those people include not only Assange and Guardian reporter David Leigh, but also the head of a breakaway faction of WikiLeaks, Daniel Domscheit-Berg, who took a dataset off a WikiLeaks server that, unknown to him, included the cables.
Assange should have removed the dataset from the server, Der Spiegel suggests, but apparently failed to do so.
From there, the tale gets even more tangled after WikiLeaks disseminated a compressed version of the dataset using a file-sharing program known as BitTorrent. Says Der Spiegel:
BitTorrent is decentralized. Data which ends up on several other computers via the site can essentially no longer be recalled. As a result, WikiLeaks supporters had in their possession the entire dataset that Domscheit-Berg took off the WikiLeaks server, including the hidden data file. Presumably thousands of WikiLeaks sympathizers -- and, one supposes, numerous secret service agents -- now had copies of all previous WikiLeaks publications on their hard drives.
At that point, it was only a matter of time before a user realized that the dataset included the cables.
And while the data remained encrypted, they could be decrypted with the password.
That password could be found in the Guardian’s book.
In an interview, Ian Katz, the Guardian’s deputy editor, strongly dismissed any wrongdoing by the paper.
Katz said that at no time had Assange ever voiced concern about the password published in the book; rather WikiLeaks had said the password was to be changed.
Wikileaks had been “careless” with the documents, Katz sad.
Leigh, the Guardian reporter, also asserted that he did nothing wrong.
“What we published ... in our book was obsolete and harmless,” he told the Associated Press in an e-mail. “We did not disclose the URL where the file was located, and in any event, Assange had told us it would no longer exist.”
In its statement, WikiLeaks claims Leigh’s decision was a violation of an agreement with the Guardian’s editor, Alan Rusbridger.
In its Twitter feed, the group asked supporters whether it should release all the cables itself at this point, making it easier for them to be found.
Correspondent Anthony Faiola in London contributed to this report.
posted by Hanan Elbadry at 8:53 PM
0 Comments:
Post a Comment
<< Home