Showing posts with label Wikileaks. Show all posts
Showing posts with label Wikileaks. Show all posts

Wednesday, September 17, 2008

Sarah Palin's Yahoo account hacked

Sarah Palin has apparently been using a personal email account for State of Alaska business (perhaps following Republican precedent on how to avoid subpoenas?), and it's been compromised.

Wikileaks has the documents.

UPDATE (September 19, 2008): The screenshots used by the attacker showed that he used ctunnel as his web proxy, and contained enough information to identify his source IP in ctunnel's logs.

As pointed out by commenter Schtacky, it looks like they've identified the culprit, who used some Google research and Yahoo's password recovery feature to change the password on the account to break in.

This shows the problem with choosing "security questions" for password recovery that have answers which are easily publicly available.

I hope that this kid's actions don't sabotage the corruption case against Palin that may have been supported by evidence in her Yahoo email, evidence that is now tainted by the fact that it was compromised (and subsequently deleted).

Wednesday, February 20, 2008

Cayman Islands bank gets Wikileaks taken offline

As reported in Wired's blog:

Wikileaks, the whistleblower site that recently leaked documents related to prisons in Iraq and Guantanamo Bay, was taken offline last week by its U.S. host after posting documents that implicate a Cayman Islands bank in money laundering and tax evasion activities.

In a pretty extraordinary ex-parte move, the Julius Baer Bank and Trust got Dynadot, the U.S. hosting company and domain registrar for Wikileaks, to agree not only to take down the Wikileaks site but also to "lock the wikileaks.org domain name to prevent transfer of the domain name to a different domain registrar." A judge in the U.S. District Court for Northern California signed off on the stipulation between the two parties last week without giving Wikileaks a chance to address the issue in court.

The Julius Baer Bank, a Swiss bank with a division in the Cayman Islands, took issue with documents that were published on Wikileaks by an unidentified whistleblower, whom the bank claims is the former vice president of its Cayman Islands operation, Rudolf Elmer. The documents purport to provide evidence that the Cayman Islands bank helps customers hide assets and wash funds.

After failing to convince Wikileaks to take down the documents, the bank went after its U.S. hosting service, which responded by agreeing not only to remove the Wikileaks account from Dyndadot's server but also to help prevent Wikileaks from moving its site to a different host.

Wikileaks is actually still online, even though its domain has been taken out of its control in this highly unusual and inappropriate move by the courts. Bank Julius Baer and its attorneys are making a huge mistake that is now going to drive far more attention to the documents in question than they would have received otherwise.

Wikileaks publishes the correspondence between the organization and the bank's attorneys, in which they refuse to identify their client or the specific documents that they take issue with.

Wikileaks board member Julian Assange (author of the security tool "strobe" and technical advisor and researcher for the excellent book Underground: Tales of Hacking, Madness, and Obsession on the Electronic Frontier, by Suelette Dreyfus), has been quoted saying that Wikileaks will continue to publish:
"The order is clearly unconstitutional and exceeds its jurisdiction," Wikileaks spokesman Julian Assange said in the e-mail statement issued from Paris on Monday. "Wikileaks will keep on publishing. In fact, given the level of suppression involved in this case, Wikileaks will step up publication of documents pertaining to illegal or unethical banking practices."
Wikileaks was set up primarily to allow the leaking and publishing of documents from non-Western authoritarian regimes, but it has gotten the most press for its earlier leak of the Guanatanomo Bay operating manual and now for this report of a Cayman Islands/Swiss bank's activities.

In my opinion, Wikileaks is subject to abuse--just like the Internet in general, as well as newspapers and other forms of publication--but that organizations which attempt to use trade secret and copyright law as a tool to conceal illegal or immoral activity should not be permitted to succeed. This particular case appears to be somewhat complex and based on a particular whistleblower's account, and if it only involves tax avoidance (as opposed to evasion), then it doesn't involve the violation of any laws. It is, however, clearly inappropriate for the entire site to be shut down just because of a few specific documents from one case--that would be like shutting down Wikipedia because of the content in one set of articles, or shutting down Blogger because of material posted on one blog. That's the kind of censorship we have seen from some authoritarian regimes in response to critical material, but it's not how the law should work in the United States.

UPDATE (March 4, 2008): Judge White wisely reversed his decision and Wikileaks.org is back at its own domain name.

Thursday, November 15, 2007

Guantanamo Bay operations manual leaked to Internet

The unclassified, for official use only, operations manual for U.S. soldiers stationed at Guantanamo Bay has been leaked to the Internet on the Wikileaks.org website, which is being crushed by traffic at the moment.

The manual allegedly contradicts U.S. military claims that the International Committee of the Red Cross has not been denied access to some parts of the facility at Guantanamo.

The manual unsurprisingly prohibits soldiers from subjecting prisoners to "abuse, or any form of corporal punishment," since specific interrogation procedures are no doubt covered in separate classified documents. Still, it's a good thing to see in writing.

A Reuters story at Yahoo has more specifics, and I'm sure we'll see mirrored copies of the document appearing elsewhere to reduce the load on Wikileaks.org.