Thursday, December 16, 2010

WikiLeaks Hysteria Promoting Distortions, Prosecution Pipe Dreams Scenarios And Outlandish Un-American Censorship Efforts.

WikiLeaks Hysteria Promoting Distortions, Prosecution Pipe Dreams Scenarios And Outlandish Un-American Censorship Efforts.

Wikileaks Did Not Commit A Crime, House Judiciary Chairman Says

By Sahil Kapur
Thursday, December 16th, 2010 -- 1:14 pm

The chairman of the House judiciary committee defended Wikileaks on Thursday, arguing that the controversial actions of the anti-secrecy outlet are protected under free speech.
Speaking at a hearing to explore whether Wikileaks violated the Espionage Act -- which the Obama administration claims its editor-in-chief violated -- Rep. John Conyers (D-MI) said that "America was founded on the belief that speech is sacrosanct" and dismissed calls for censorship of media outlets publishing leaked documents.
"As an initial matter, there is no doubt that WikiLeaks is very unpopular right now. Many feel that the WikiLeaks publication was offensive," Conyers said, according to prepared remarks. "But being unpopular is not a crime, and publishing offensive information is not either. And the repeated calls from politicians, journalists, and other so-called experts crying out for criminal prosecutions or other extreme measures make me very uncomfortable."
The Obama administration and members of Congress from both parties have called for the prosecution of Wikileaks founder Julian Assange after the unauthorized leak of State Department cables, portraying him as a threat to national security.
But legal experts have pointed out the extraordinary difficulties in legally targeting the anti-secrecy outlet, and warned that doing so would set a dangerous precedent in which newspapers could be prosecuted for revealing unflattering information about the government.
"And so whatever you think about this controversy, it is clear that prosecuting Wikileaks would raise the most fundamental questions about freedom of speech, about who is a journalist, and about what the public can know about the actions of its own government," Conyers said.
The crime Wikileaks would be charged with involves obtaining classified government information and disseminating it to the public, which journalists have done in the past without being prosecuted. In a parallel example, the leak of the Pentagon Papers -- passed to the New York Times by government whistleblower Daniel Ellsberg -- was upheld as constitutional by the Supreme Court in the 1971 case New York Times Co. v. United States.
Calls for prosecuting Wikileaks have picked up steam in Washington, and a majority of the US public deems the leak of diplomatic cables harmful to public interest and supports legal action against Assange, according to an ABC News-Washington Post poll released Tuesday.
"But let us not be hasty, and let us not legislate in a climate of fear or prejudice," Conyers closed, referring to the calls for new laws criminalizing the actions of Wikileaks. "For, in such an atmosphere, it is our constitutional freedoms and our cherished civil rights that are the  first to be sacrificed in the false service of our national security."
Updated 16 minutes ago

Broke no Australian laws: WikiLeaks founder Julian Assange after his release from a British jail this morning (Reuters: Paul Hackett)

The Australian Federal Police (AFP) Says It Has Not Found Any Breaches Of Australian Law By Julian Assange's Wikileaks Organization.

"The AFP has completed its evaluation of the material available and has not established the existence of any criminal offences where Australia would have jurisdiction," the force said in a statement released today.

"Where additional cables are published and criminal offences are suspected, these matters should be referred to the AFP for evaluation."

Attorney-General Robert McClelland says it was "prudent" for the Government to have referred the matter to the AFP.

Mr Assange, who is wanted for questioning on sexual assault charges in Sweden, was freed on bail by the High Court in London overnight.

He is now at a friend's country house in Suffolk, where he must live until the start of his extradition hearing on February 7.

Mr Assange has denied the Swedish charges against him and his legal team have said they are worried about the possibility of him being extradited to face possible espionage charges in the US.

WikiLeaks is currently releasing around 250,000 US diplomatic cables which have caused major embarrassment for the US and some of its allies.

Prime Minister Julia Gillard has previously condemned Mr Assange's actions, calling them "illegal".

But she later moderated her language, saying it was the theft of the US cables that was the illegal act, while Mr Assange's role was "grossly irresponsible".

Meanwhile, Defence Minister Stephen Smith says a Defence taskforce has found WikiLeaks cables about Iraq released earlier in the year did not damage the national security interest.

Earlier this year WikiLeaks released batches of documents relating to the wars in Afghanistan and Iraq.

Defence had already said the leaked documents on Afghanistan did not damage Australia's interests.

No question that there was a security breach related to classified documents ending up on WikiLeaks but it is important to dig a bit further to define what may have gone wrong.

Here are the elements of security involved and where a breakdown may have occurred:

1. Data classification. Every organization creates a lot of data but not all data has the same value. To distinguish between pedestrian and top secret data, many organizations employ some type of taxonomy for data classification. This should create a hierarchy of data, from public to top secret, where each type of data has different access policies and security controls. This is what should happen but it often doesn't. In a 2009 ESG Research survey, 33% of the security professionals surveyed rated their enterprise organization as either "fair" or "poor" at classifying and tracking confidential data. The point here is that most organizations have sensitive data around that is not treated as such.

2. Access control. Access to sensitive data should adhere to the principle of least privilege which means that the data should only be accessible by users who need to see it to do their job. Easier said than done. If data is too restricted, workers complain and there is a general feeling that data visibility leads to creativity and productivity. It is likely that people who shouldn't have had access to the WikiLeaks documents did.

3. Acceptable use policy. These policies define what employees can and can't do with sensitive data. Everyone has them but few organizations make sure that users read them, understand them, and know the ramifications of a policy violation.

4. User behavior monitoring. I know this one sounds Orwellian and to some extent it is but there has to be an audit trail indicating who accessed which sensitive documents. Some organizations go further and either restrict what users can do with these documents (i.e. digital rights management or enterprise rights management), or at least monitor what they actually do when they access sensitive documents (i.e. email them, print them, save to a USB drive, etc.). Again, this isn't easy to do and in my opinion many organizations either don't monitor user behavior at all or don't do it very well.

5. Insider attacks. Most large organizations have their fair share of alienated employees willing to expose or steal sensitive data. This is especially problematic if these malcontents work in IT or have especially high security privileges. Obviously, the problem gets worse if alienated employees work at organizations with poor security controls, weak policies, AND lots of sensitive data.

It's easy to point fingers at the State Department or Federal Government but any security professional can tell you that these problems are fairly pervasive. In fact, see the recent ESG Research Report, "Assessing Cyber Supply Chain Security Vulnerabilities Within the US Critical Infrastructure," for more alarming data about how vulnerable we are (the report can be downloaded

The sooner we realize and address these cyber security vulnerabilities, the better. This won't eliminate breaches like the embarrassing WikiLeaks events, but it will lower the risk.

State Department: No WikiLeaks Peeking on 'Personal Time'


The State Department has sent out a memo to all employees in its Consular Affairs-Passport division telling them they can't read leaked confidential documents posted by WikiLeaks on their 'personal time.'

The memo was obtained by Gawker, which published it late Wednesday.

Other agencies have left open the question of whether employees were permitted to browse WikiLeaks on non-work computers. Preventing employees from viewing the classified material while not in a federal workplace could be illegal, Kathleen Clark, a law professor at Washington University in St. Louis School of Law with expertise in whistleblower protection and national security, told Nextgov Tuesday.

The State Department memo states: "Although legitimate reasons may exist for certain individuals in their official capacities to review 'Wikileaks documents,' with few exceptions, PPT employees have not been assigned work or projects related to 'Wikileaks documents,' . . . Accordingly, PPT employees shall not access any classified documents . . . during business hours or on their personal time."

The House Judiciary Committee held a surprisingly subdued hearing this morning on the legal and constitutional issues surrounding Wikileaks' publication activities. Committee members repeatedly emphasized the importance of protecting First Amendment rights and cautioned against overreaction to Wikileaks. The seven legal experts called to testify agreed, almost all of them noting that:
  • Excessive government secrecy is a serious problem that needs to be fixed,
  • It's critically important to protect freedom of expression and the press, and
  • The government should be extremely cautious about pursuing any prosecutions under the Espionage Act or any legislation that would expand that law, which is already poorly written and could easily be applied in ways that would be unconstitutional.
EFF agrees, and hopes that this hearing will dissuade the House from adopting rash legislation in the wake of Wikileaks' recent publications.

To learn more, take a look at the full video of the hearing, the witnesses' written testimony, and EFF's tweets throughout the morning.

Related Issues: Free Speech

Witness List
Abbe D. Lowell
McDermott Will & Emery LLP
Washington, DC
Kenneth L. Wainstein
O'Melveny & Myers LLP
Washington, DC
Geoffrey R. Stone
Edward H. Levi Distinguished Service Professor and Former Dean
University of Chicago Law School
Chicago, IL
Gabriel Schoenfeld, Ph.D.
Senior Fellow
Hudson Institute
New York, NY
Thomas S. Blanton
National Security Archive at George Washington University
Washington, DC
Stephen I. Vladeck
Professor of Law
American University Washington College of Law
Washington, DC
Ralph Nader
Legal Advocate and Author
Washington, DC

BOSTON - Supporters of WikiLeaks who last week attacked the websites of MasterCard and Visa, say they are tweaking the software used for those assaults in a bid to create more powerful tools for possible future protests.
Several programmers posted their versions of the attack program, known as Low Orbit Ion Cannon or LOIC, on Geeknet Inc’s website.
Users can download the software for free, and also post suggestions to developers on how to improve it.
“I improved this software to make a better weapon of it,” a developer working on the project, who goes by the screen name ChipForkAnon, told Reuters in an email.
The programmers are joining supporters of WikiLeaks who believe it is being unfairly attacked for publishing thousands of secret U.S. diplomatic cables. Credit card companies like Visa and MasterCard have stopped processing donations for the nonprofit site, while Inc kicked WikiLeaks off its hosted service.
The attack program is easy to use: Users need only enter the web address of the site they want to attack to join the army of computers launching a denial of service, or DOS, attack on a website. Such attacks can shut down a site by overwhelming it with web traffic.
Last week’s attacks succeeded in shutting down the sites of MasterCard and Visa. Attackers sought but failed to shut down the better defended Amazon and PayPal sites.
Some 88,000 copies of the program were downloaded from this week.
The LOIC software is not just a weapon. It can also be used by security experts to simulate attacks on websites that they want to protect.
Executives at SourceForge said they will continue to host the software, regardless of how frequently it is used in denial of service attacks — unless they are served with a court order to remove it from their site.
“There’s nothing inherent in the software that’s bad,” said Geeknet Chief Executive Scott Collison. “It would be like going to a store and saying ‘Somebody used a hammer to kill somebody. Remove all hammers form the store.’ We can’t do that.”
Supporters of the anonymous attacks are now incorporating changes to make it a more powerful weapon.
One key modification under consideration is adding a feature to hide the identities of the attackers. The current version allows the site under attack to log the location of its attackers, which would help law enforcement track them down.
Denial of service attacks are illegal in many countries including the United States and Britain.
Programmers are quietly working to improve the software so that it will work more efficiently in future attacks.
“I support this cause wholeheartedly,” a programmer who goes by the screen name Urijah said in an email. “This is the new social mechanism we’ve been waiting for to correct the deficiencies of markets.”
Analysts said publicity over the denial of service attacks by the WikiLeaks supporters will encourage other types of protesters to launch similar attacks on behalf of other causes with the same LOIC software,
“When we look back years from now we’ll see this as a tipping point in ‘hactivism’ going from largely a theoretical threat to something that’s more a day-to-day issue,” said Yankee Group analyst Ted Julian.
Barrett Lyon, a security expert who specializes in protecting companies against sophisticated denial of service attacks from criminal professionals, said he suspects that political websites could be targets in upcoming political campaigns.
“There are people willing to risk breaking the law to join a cause of some sort to silence somebody,” he said.
© Thomson Reuters 2010

Someone Is Smoking Some Bad Weed Below.

Anarchic, leaderless group who brought down MasterCard revealed to be more hierarchical with a dozen expert hackers

They were described as a leaderless, anarchic group of "hacktivists" who briefly brought down MasterCard, Visa and PayPal after those companies cut off financial services to WikiLeaks.

But inside Anonymous, the Guardian has found that the organisation is more hierarchical – with a hidden cabal of around a dozen highly skilled hackers co-ordinating attacks across the web.

The secretive group that directs the Anonymous network was also behind the assault on the Gawker websites in the US at the weekend, according to documents seen by the Guardian. That led to email addresses and passwords of more than 1.3 million Gawker users being made public, and spawned a spam attack on Twitter that is now being investigated by the FBI.

In the last 10 days, Anonymous has also orchestrated Operation Payback, which attacked Visa, MasterCard and PayPal for cutting off financial services to WikiLeaks under pressure from the US government. Given the youthful demographic of the group, insiders expect the attacks to be stepped up in the next week as schools, colleges and universities break up for Christmas.

Several members of Anonymous have contacted the Guardian, wanting to provide more information about their motives and how the group works. Although some have been prepared to reveal their identities in private, none is willing to be named in public for fear of a backlash within the hacker group.

One member said the group's "command and control" centres are invite-only, adding: "It's to protect people, but if you have proven trustworthy you get invited – it's not hard to do. It's not some elitist structure but a way to keep the press and the odd bit of law enforcement seeing who issues commands."

Members of the group and outside experts such as Gabriella Coleman, a New York University professor who has studied Anonymous, estimate that up to 1,000 people are members of the broader network, who make their computers available to co-ordinated cyber attacks. But the majority of members – put at 99% by one insider – have virtually no influence over the direction of the group or its strategy.

"Our project has no leader structure, only different roles. The degree of leadership and organisation in the various projects various a lot," one long-term insider explained. "It's all very chaotic, but we communicate and co-operate with each other. I see us as different cells of the same organism."

The leaders of the group use internet relay chat (IRC) technology, which can allow groups of people to communicate clandestinely. Some in the upper echelons are understood to have control over "botnets" comprising more than 1,000 Windows PCs that have been infected with a virus and can be controlled without the user's knowledge to direct "distributed denial of service" (DDOS) attacks against target organisations.

It was during an invite-only chat on one of Anonymous's IRC channels that the group discussed taking revenge on the Gawker websites for derogatory remarks made by its British owner, Nick Denton, about internet messageboard 4chan, which is popular among a large number of Anonymous members.

The group then went on to discuss plans to distribute the file of 1.3m stolen email addresses and passwords. An aAnalysis by Joseph Bonneau, of the computer security group at Cambridge University, suggests Anonymous used a concentrated attack to deduce Denton's password for the Campfire business planning site, and then used passwords gleaned from there to break into Gawker's computers. "Gawker's security [was] probably above average," Bonneau noted. Even so, it was broken.

WikiLeaks has no affiliation with Anonymous, and has neither endorsed nor condemned the online war being waged on its behalf. But Julian Assange this week urged his supporters to protect the site from "instruments of US foreign policy", citing Visa, MasterCard and PayPal. Days later the group toppled the Swedish prosecutor's website as Assange faced a UK court hearing over rape charges in Sweden, leading Downing Street to warn of threatened attacks on major government sites. That did not materialise.

The list of targets is much longer than just those who have hindered WikiLeaks. The first co-ordinated Anonymous attack was on the Church of Scientology in 2008, after it demanded the removal from the web of a recruitment video featuring Tom Cruise.

The attack on Gawker was dubbed Operation Overlord, which aims to carry out more damaging hacks into the systems and databases of the group's "enemies". Other activities include Operation Leakspin, which distributes US diplomatic cables from WikiLeaks that the group thinks are underexposed and embarrassing, and Operation Paperstorm, conducted in the physical world, plastering pro-WikiLeaks propaganda on lamp-posts and street signs.

Today, Anonymous released a multi-authored – but unsigned – three-page statement, entitled: "Free Thinking Citizens of the World". The angry tract said: "Many people think they understand Anonymous, but as an amorphous, opt-in entity, Anonymous is … fractitious [sic] at best and anything but unanimous."

Despite having no named author, the document is clearly the work of a small group, despite its rhetoric to the contrary. "It may then seem odd to try to characterise or explain Anonymous at all," the group said. "Among this buzzing hive of thoughts, ideas and dreams, the only common characteristics that one might perceive are only the ideas that hold the most traction among humans at large," it added, citing Thomas Jefferson's allegory on information being "the currency of democracy".

Despite being shrouded in secrecy, Anonymous members are not above a bit of marketing, with distinctive branded posters, videos, masks and logos. The headless, suited man adorning many of its posters is symbolic of the apparently leaderless clan that police and governments – not to mention its victims – are trying to identify.

Despite the bravado, there are signs the group is at risk of breakup as law enforcement agencies chase down its members under the media glare. At least three people suspected of taking part in Operation Payback, including two Dutch teenagers, have been arrested.

Julian Assange may seem like an unlikely babe magnet, but the pasty, weak-chinned Wikileaks founder apparently has a number of women in a hormonal twist, despite being accused of committing sexual crimes against two Swedish women. Assange, who was released on bail Thursday, addressed reporters and supporters at London’s High Court before being whisked away to a British estate. As the cameras flashed and the noisy audience cried out for him, it wouldn’t have seemed too bizarre if Assange had been pelted with panties and bras.

A Facebook group calling itself Feminists for Free Speech has launched a defense of Assange. Glamorous babes (Jemima Khan, Bianca Jagger), political babes (Naomi Wolf and Arianna Huffington), and a host of enthralled female followers (the woman protesting outside the English court with a sign saying “Julian, I want yourbabies”) all seem to be hot for Julian. The popular women's blog Jezebel acknowledged the fascination over his looks with a video showing the mighty morphing of his hair. Other bloggers have also gotten caught up in Julian fever —

"Julianassnageisgorgeous" expressed elation at how well he held up while incarcerated and the the "Julian Fanciers Guild" declared that the elevation of Assange to "Justin Bieber status is complete." …

REALTIME RESULTS FOR WIKILEAKS - Official Wikileaks Page [,,] - Secure SSL Chat Page [] - Secure Document Submission Page [] - Points to Official Site [] - Points to Official Site [] - Points to Official Site [] - Points to Official Site [] - Points to Official Site [] - Points to Official Site [] - Points to Official Site [] - Points to Official Site [] - Points to Official Site [] - Points to Official Site [] - Points to Official Site []

Real mirrors on different IP Addresses - Mirror hosted in Switzerland [] - Mirror hosted in Sweden [] - Mirror hosted in the United States []

Important Wikileaks Links - Official Wikileaks Twitter Page ipv6

No comments: