nigelparry.com: the website less traveled


following wikileaks

Guardian Investigative Editor David Leigh publishes top secret Cablegate password revealing names of U.S. collaborators and informants... in his book


The UK's Guardian newspaper's Investigative Editor, David Leigh, author of the "Get this Wikileaks book out the door quickly before other Wikileaks books are published" Wikileaks book has messed up.

And when I say "messed up", I mean that Mr. Leigh let slip the top secret password revealing the names of U.S. collaborators around the world—information now freely available to all the enemies of the U.S.

And when I say "let slip", I mean that David Leigh published the password as a chapter heading in his book, "WIKILEAKS: Inside Julian Assange's War on Secrecy":

Dum dum-de dum dum dum dum dum.

Over the last week, a storm has been brewing, as German newspapers reported a leak of unredacted United States embassy cables, as Wikileaks put it when the Cablegate publishing began in November 2010:
...the largest set of confidential documents ever to be released into the public domain. The documents will give people around the world an unprecedented insight into US Government foreign activities.

The leaked Cablegate documents—251,287 in all—began being released on November 28th, 2010, in dribs and drabs by Wikileaks, who argued:
"The embassy cables will be released in stages over the next year. The subject matter of these cables is of such importance, and the geographical spread so broad, that to do otherwise would not do this material justice."

Guardian Investigative Editor, David Leigh, has been one of the fiercest critics of Wikileaks' head Julian Assange since the media partnership with the whistleblower publishing organization collapsed. Repeatedly on his @davidleigh3 Twitter feed, and in interviews, he has blasted Assange for his allegedly cavalier attitude towards informant name redactions from the raw Cablegate files.

It was a powerful criticism to give credence. The US Army Joint Chiefs of Staff Chairman, Admiral Mike Mullen, used it himself in July 2010, saying that Wikileaks "might already have on their hands the blood of some young soldier". The Defense Secretary would later concede that this was not the case.

When David Leigh met Julian Assange in July 2010, and took possession of the Cablegate files, Assange wrote down a password for Leigh, and told him to remember a word to insert into the password later. The account is given in pages 138-139 of David Leigh and Luke Harding's book, Wikileaks: Inside Julian Assange's War on Secrecy:


I remember reading this shortly after the book was released and instinctively thinking "bad idea".

On a basic security level, revealing any information about how Julian Assange formulates his passwords could have implications in any of the other myriad of sensitive areas Wikileaks deals with. Any files encrypted by Assange at the same time—or before—the cables, and in the possession of any entity hostile to Wikileaks, are now more vulnerable since Leigh's book gave up its clue about how Assange formulates passwords.

And anyone who has access to the original file David Leigh was given, could now decrypt it. Unless the original file was carefully protected throughout its entire life, decrypted and unzipped, then destroyed after the data was released, that password will work on copies of it for ever. No backsies. So regardless how David Leigh & Co. imagine computer security works—and right now they are desperately trying increasingly ridiculous arguments to blame Wikileaks for Leigh's actions—there's no reason to publish any password this sensitive—ever.

The entire Leigh/Harding Wikileaks book is written in the thrilled tone of a girl scout's diary, clearly reveling in the secret squirrel aspect of the story. And they're clearly clueless too. Leigh at one point drives across town so Assange can show him how to unzip the Cablegate file. Perhaps not the best people to share secrets with.

Cat out the bag

On August 25th, Der Freitag reported that a file containing the unredacted cables was available on the Internet. TechCrunch summarized the story a couple of days later:
In the story, published on Friday, editor Steffen Kraft claims to have found online a “password protected csv file” containing a 1.73GB cache of entirely unredacted diplomatic cables, originating from Wikileaks. According to Kraft, the password for the file is also easy to locate.

On August 29th, Der Spiegel confirmed the story:
In the summer of 2010, Assange stored the password-protected file containing the cables in a concealed location on a WikiLeaks server. He gave the password to an external contact to allow him access to the material contained in the file.

When Domscheit-Berg left the organization in September 2010 together with a German programmer, the two men took the contents of the server with them, including the encrypted file containing the documents. As a result, Assange no longer had access to the file.

At the end of 2010, Domscheit-Berg finally returned to WikiLeaks a collection of various files that he had taken with him, including the encrypted cables. Shortly afterwards, WikiLeaks supporters released a copy of this data collection onto the Internet as a kind of public archive of the documents that WikiLeaks had previously published. The supporters clearly did not realize, however, that the data contained the original cables, as the file was not only encrypted but concealed in a hidden subdirectory.

From the two German reports, it became clear that a torrented mirror of Wikileaks had accidently included an encrypted copy of the Cablegate cables. And that the password was easy to find on the Internet.

This last part immediately brought to mind the Guardian's Wikileaks book and David Leigh and Luke Harding's inexplicable need to tell people the password for the original encrypted Cablegate file.

Meanwhile, none of the German reporters wanted to be the one to mention which password and which archive. In the case of both, there aren't that many options.

It was Domscheit-Berg who allegedly connected the dots for the German media organizations. Unparalleled Wikileaks news follower and gatherer Asher Wolf later perhaps best summed up the tangled web with a tweet quoting an anonymous Twitter user, @Nin_99, who played a significant role in the treasure hunt:
wl fucked up b/c they had file on public server, leigh fucked up b/c he told everyone the pw, ddb told everyone who would listen about all

Surely it couldn't be that easy? In the evening of August 30th, I started searching the various Wikileaks torrents online and that I'd downloaded, looking in directories for encrypted file. I wrote to several of the German journalists who had broke the story and asked them outright if David Leigh's password opened the archive. No response. I asked David Leigh himself. He declined to respond.

I tweeted other people who closely follow the Wikileaks story. It was a treasure hunt with clues. Anonymous Twitter user, @Nin_99, joined in and messaged us, pointing to a suspicious directory on a downloaded Wikileaks torrent, shared online:

@flyingmonkeyair @JLLLOW @Asher_Wolf @m_cetera Anyone might guess what's in these here: http://193.198.207.6/wiki/file/xyz/ (from torrent)

https://twitter.com/#!/Nin_99/status/108988882862870529

@Nin_99 had been exploring the directory for a few days, trying different passwords on it.

In the directory, date-stamped 9 June 2010, were 4 files, all encoded with Pretty Good Privacy (PGP) encoding, the files names with *.gpg suffixes.

I started at the bottom of the list, putting in the David Leigh password. It unzipped z.gpg into a file called z.7z. Opening that file and extracting it using the Ez7z compression/decompression program, the file spat out a file called cables.csv, dated with a creation date of April 12, 2010 at 9:22PM.

It was a 1.61GB file but it had been reported in the German press to be 1.73GB. A closer look at my file system reporting showed the file size to be both 1.61 GB and 1,730,507,223 bytes. It was easy to see how the byte amount could be mistranslated as 1.73GB.

So there it was. After Wikileaks, the various media partners, Aftenposten—who apparently scored a copy of cables.csv back in December 2010—and the German reporters, I was the first person out of the loop and in the wild to have unzipped the unredacted Cablegate cables.

I private messaged @Nin_99 to save them some time and let them know the password opened z.gpg.

Game over at this point. The cat was forever out of the bag. Regardless even of what we both did, it was only a matter of time before someone else unpacked the unredacted cables. The various media organization's hints were more than enough.

I tweeted:

It's a bad day for @DavidLeigh3 & the Guardian. His book password decrypts an old wikileaks.org dir file into cables.csv, 1.61GB #Cablegate

https://twitter.com/#!/flyingmonkeyair/status/109022484065562624

and a minute or so later:
Just to be clear: I ran the password from p139 of @DavidLeigh3's book and it opened into cables.csv #Wikileaks #FAIL

https://twitter.com/#!/flyingmonkeyair/status/109022790035836928

It was a tense minute or so after I first unzipped the cables. The bigger the secrets, the bigger the sense of personal responsibility. If the United States government was unhappy about redacted cables being released by media organizations, it was going to have a giant WikiCow about the unredacted ones being released to the whole world.

I e-mailed Wikileaks, copying the tweet URL. Whether in response or not, Wikileaks sprung into action and released a statement within 20 minutes:
Statement on the betrayal of WikiLeaks passwords by the Guardian.

GMT Wed Aug 31 22:27:48 2011 GMT

A Guardian journalist has, in a previously undetected act of gross negligence or malice, and in violation a signed security agreement with the Guardian's editor-in-chief Alan Rusbridger, disclosed top secret decryption passwords to the entire, unredacted, WikiLeaks Cablegate archive. We have already spoken to the State Department and commenced pre-litigation action. We will issue a formal statement in due course.

WIKILEAKS

Within an hour, @Nin_99 had uploaded the unredacted cables onto the Internet, and within a couple of hours, the cables were also available at longtime transparency website Cryptome.org.


During that one minute—when I realized I was one of the few people in the world with access to this data—I grasped why so many people had been such dicks about the documents.

Several "unauthorized" copies have long existed outside of the ones that Wikileaks and the official media partners have. James Ball and Heather Brooke both weaseled jobs at the Guardian due to the Wikileaks insider knowledge and/or possession of the cables. In Ball's case, he was a former Wikileaks employee.

Assimilation was the way the Guardian hung onto exclusivity as long as it could. There's been a feeding trough around the Cablegate documents and no one has been sharing nicely.

The week before this "Cablegategate" story broke, Domscheit-Berg made a big public show by claiming to have destroyed a large trove of Wikileaks documents because 'Wikileaks couldn't keep data safely'. Then apparently he went back to some members of the media to explain to them exactly how to add 2 and 2 together in order to guarantee that sensitive Wikileaks data would be publicly released in an unsafe way.

It is hard to describe the depths of shame that one would imagine that David Leigh would be feeling about making the most momentous Internet blunder since HBGary CEO Aaron Barr stuck his penis in an e-hornets' nest.

Yet there's zero sign of shame over at the Guardian. Over at David Leigh's twitter feed there is only hostility and denial:
Shame to see time-wasting efforts to drag Guardian into #Assange-Domscheit-Berg row over #wikleaks leaks. No dog in that fight, folks

Deranged nonsense from Assange, attempting to deflect blame on to Guardian for his own chaotic mistakes. Sad to watch

Note for nerds: The cables file originally accessed by the Guardian WASN'T called z.gpg. It's a quite different file. Mysterious, isn't it?

And some of this stuff is not only not true, but contradicts other information the Guardian is putting out. David Leigh underling James Ball was dispatched to write the Guardian's excuse up, under a headline so transparent it couldn't be leaked, WikiLeaks prepares to release unredacted US cables. Their own investigative editor is such a clod-footed moron as to publish a top secret password in his "rush it out to cash in" book, but it's not David Leigh who is to blame for what has already happened, it's Wikileaks fault for the redundant action it hasn't even taken yet!

Wikileaks put out a statement about David Leigh on 1 September 2011, accusing him of "negligently disclos[ing] top secret WikiLeaks’ decryption passwords" and announcing "pre-litigation action against the Guardian and an individual in Germany who was distributing the Guardian passwords for personal gain".

All this amateur hour PR scrambling by the Guardian is causing a few problems, glaring contradictions being one of them. Leigh's Twitter feed claims:
"Note for nerds: The cables file originally accessed by the Guardian WASN'T called z.gpg. It's a quite different file. Mysterious, isn't it?

Meanwhile, the Guardian's in-house former Wikileaks nerd, James Ball, writes in his article that:
"This file, it was later discovered, was the same file that had been shared with the Guardian via the secure server. It shared the same file name and file size, and could be unlocked using the same password as that given to Leigh."**

Mysterious, isn't it?

**UPDATE: James Ball has written claiming that the part of his article I quote is talking about a "different" file. That may very well be the case but the password remains the same. At this stage, I just have to shake my head at the Guardian's whole convoluted defense that ignores the elephant in the room.

There are a series of Guardian articles currently coming out written by Ball and Leigh which attack Wikileaks for being about to do what the Guardian has already done—releasing the unredacted cables into the wild.

Leigh has so far owned nothing and is owed no special consideration. He has not even said that he 'wishes he hadn't published the password' or anything vaguely similar. It's hard to respect people who screw up this much and then spend all their time blaming someone else. This man has spent much of the last year trashing Julian Assange for not caring about informants, even as he had already handed them over to their enemies with his moronic, clod-footed, password-publishing blunder.

The ongoing ferocity of the Guardian's attack on Wikileaks, even as it is plunged into the spotlight for their gross error, is embarrassing to watch. David Leigh is the Guardian editor's brother in law, so no shocker there. That defense is going to cost the newspaper some fans.




Nigel Parry was one of the first bloggers, the first warblogger, producer of the first alt.news site out of a warzone, the cofounder of the Electronic Intifada, Electronic Iraq, and Electronic Lebanon alternative news websites, and offers communications solutions via his business nigelparry.net.

OTHER RECENT ARTICLES ABOUT WIKILEAKS & THE GUARDIAN

  • Art: "@Guardian Logo on #Cablegate Password Dispenser" by Nigel Parry (Friday, September 2nd, 2011)
  • Parody: Google Translation of the Sept 2nd Guardian Editorial: "Julian Assange and WikiLeaks: no case, no need" (Guardian English to Plain English) by Google Translator on Duty Nigel Parry, Bangladesh Desk (Monday, September 5th, 2011)


    THIS SIDE OF PARADISE by NIGEL PARRY

    This Side Of Paradise album cover"...a disc whose recommendation is its deftly managed intensity"

    -- New Internationalist, August 2001


    "Deeply moving songs... With quiet intensity, Parry gives voice to this
    'invisible people' living under siege."


    -- Lydia Howell, KFAI Radio,
    90.3/106.7FM, Twin Cities, MN.


    DOWNLOAD THE ENTIRE ALBUM FOR FREE ON THIS SITE!








    Bookmark and Share

    more from this section

    • following wikileaks: Letter to Judge Preska requesting leniency for Jeremy Hammond (Wednesday, October 9th, 2013)

    • following wikileaks: Sacrificing Stratfor: How the FBI waited three weeks to close the stable door (Sunday, March 25th, 2012)

    • following wikileaks: Sabu the Inciter: Marveling at the FBI's Hacker Frankenstein Monster (Sunday, March 11th, 2012)

    • following wikileaks: Wikileaks releases "The Global Intelligence Files" (Monday, February 27th, 2012)

    • following wikileaks: Parody: Google Translation of the Sept 2nd Guardian Editorial: "Julian Assange and WikiLeaks: no case, no need" (Guardian English to Plain English) (Monday, September 5th, 2011)

    • following wikileaks: Guardian Investigative Editor David Leigh publishes top secret Cablegate password revealing names of U.S. collaborators and informants... in his book (Wednesday, August 31st, 2011)

    • following wikileaks: Leaked Los Angeles police documents: Radical Islamic Tattoos (Friday, June 24th, 2011)

    • following wikileaks: Scary Daily Telegraph report that Al-Qaida's military leader threatened nuke attack if Osama captured or killed is unsupported by Wikileaks source documents (Sunday, May 1st, 2011)

    • following wikileaks: The Wikileaks Story... Visually. (Friday, April 8th, 2011)

    • following wikileaks: Glenn Greenwald presentation for Lannan Foundation (Tuesday, March 8th, 2011)




  • search

    google search


    browse
    home
    what's new?
    about nigel parry
    multimedia blog
    selected writing
    songs & lyrics
    monkey times blog
    in the press
    action & events
    following wikileaks
    world news
    documentaries
    design & consulting



    get e-mail news
    edit subscription


    tools
    e-mail this page
    print this page
    sitemap
    contact nigel parry
    nigel on twitter




    ...the nigelparry.net
    recommended
    web hosting