Assange’s ‘Poison Pill’ File Impossible to Stop, Expert Says

Daily News Article   —   Posted on December 9, 2010

(by Ashley Fantz, CNN.com) — …Whatever you call the file Julian Assange has threatened to release if he’s imprisoned or dies or WikiLeaks is destroyed, it’s impossible to stop. [Assange, WikiLeaks founder, has circulated across the internet an encrypted “poison pill” cache of uncensored documents suspected to include files on BP and Guantanamo Bay.  One of the files identified this weekend by The (London) Sunday Times – called the “insurance” file — has been downloaded from the WikiLeaks website by tens of thousands of supporters, from America to Australia.  Assange warns that any government that tries to curtail his activities risks triggering a new deluge of state and commercial secrets.]

“It’s all tech talk to say, ‘I have in my hand a button and if I press it or I order my friends to press it, it will go off,'” said Hemu Nigam, who has worked in computer security for more than two decades, in the government and private sector.

“Julian is saying, ‘I’ve [set] this so that no matter how many ways you try, you’re never going to be able to deactivate it,'” Nigam said. “He’s sending a call to action to hackers to try it. To the government, he’s also saying, ‘Try me.'”

There’s a reason Assange specifically announced — on the Web — that there is a 256-bit key encryption code that only a few trusted associates know that will unleash the contents of the 1.4 gigabyte-size file.

“He’s saying don’t even bother trying. It will take you so long to succeed that by that time, it will be too late,” Nigam said. “[He is] sending a message: ‘I’m smart enough to know that you will try to get in.'”

It’s not the first time Assange, the face and founder of WikiLeaks, has asked someone to dare him. He and the anonymous, globally scattered WikiLeaks staff have warned since July’s release of Afghanistan War documents that they are not to be messed with. Press them, they say, and they will retaliate by releasing more secret information.

But this week, the stakes got higher. Assange was arrested Tuesday in Great Britain in relation to a sex crimes investigation in Sweden. A British judge denied bail, and Assange is expected to remain in a jail in England for at least a week, officials said.

Assange’s lawyer, Mark Stephens, called evidence against his client “very thin” and he will fight extradition to Sweden. Assange has called the rape allegations a “smear campaign.”

Often described as suspicious and even paranoid, Assange reportedly refused on Tuesday to be photographed or fingerprinted or have a swab of his DNA taken, all standard procedures for British arrests.

Is the arrest politically motivated, a witch hunt for the man responsible for stoking the ire of the U.S. government by sharing with the world its confidential and sensitive war-time intelligence? The Pentagon has denied that. …

“WE WILL RELEASE MORE CABLES” — WikiLeaks tweet

Assange has repeatedly said that stopping him would not stop WikiLeaks.

Tuesday night, the organization fulfilled a tweet earlier in the day: “Today’s actions against our editor-in-chief Julian Assange won’t affect our operations: we will release more cables tonight as normal.” [Cables are confidential written communications.]

More cables — at least 75 — were indeed released Tuesday, several having to do with Libya. …

Hundreds of Web sites have popped up which appear to have copied WikiLeaks’ data for display on “mirror sites.” Some sites are offering a how-to guide on mirroring.

While that’s happening, an anonymous group of hackers apparently hacked PayPal, one of the service providers that cut off service to WikiLeaks. ……

YEARS TO CRACK CODE

It could take an incalculable number of years to figure out the combination of letters, numbers and symbols comprising the 256-bit key code [which Assange built to protect the stolen documents he is threatening to release].

It’s anyone’s guess what’s in the file labeled “insurance.aes256.”

But few doubt that it’s interesting [and possibly harmful to the U.S.].

That massive file size is big enough to hold the contents of all of the group’s leaks since July: 90,000 secret intelligence documents about the Afghanistan War; 400,000 pages of classified intel about the Iraq War, and purportedly more than a quarter million cables [confidential written communications] authored by U.S. diplomats.

Assange has said in previous interviews that [someone at] Bank of America leaked him a hard drive, and he’s warned that WikiLeaks is planning a major leak about a large bank, according to Forbes.

Assange has also claimed to have files on oil giant BP. …

Assange has hinted that whatever information he has, it’s unredacted [posing a possible security risk for coalition partners around the world.].

WikiLeaks came under tremendous fire this summer after its release of the Afghan War logs. Human rights organizations and government officials across the world said that the group’s failure to remove the names of informants who had helped coalition forces in Afghanistan put those sources in grave jeopardy.

Assange told Time that he was not aware of anyone ever hurt by a WikiLeaks document release.

If the “poison pill” file is opened and its contents published online, it becomes easier to trace who might be involved, Nigam said. But it will still be hard.

“You could have your IP address visible and accessible to trace,” he said.

“But if your goal is to hide your identity, then you will use proxy servers, hide your ID through rerouting so that information bounces from place to place until the person chasing you ends up in a dead zone. You could leave traces behind by accident, but I think we are safe in saying people affiliated with this situation know what they’re doing.”

Nigam was one of the first prosecutors in the U.S. Justice Department to pursue internet child predators. He’s experienced in investigating cases using online techniques, but also in the real world.

“The government would be wise not to focus on the technical, and instead concentrate on finding and talking with people who were around Assange in the last few years, the people who he trusts,” Nigam said.

Technology won’t turn on a friend, he said, but people will.

Reprinted here for educational purposes only. May not be reproduced on other websites without permission from CNN.com. Visit the website at CNN.com.  (NOTE:  Bracketed information in para. 1 & 18 is from nypost.com)

 



Background

HACKER ATTACKS AGAINST ANYONE REFUSING TO SUPPORT WIKILEAKS:

  • A growing list of organizations and individuals that have [opposed] WikiLeaks and its detained founder, Julian Assange, have suffered online attacks, in what appears to be an effort by hackers bent on exacting revenge for the document-leaking website.
  • Hacker attacks [against corporate and other websites who wouldn't comply with WikiLeaks wishes] stepped up Wednesday [Dec. 8], a day after Mr. Assange was arrested and denied bail in London in connection with sexual-misconduct accusations in Sweden.
  • The onslaught was dubbed ‘Operation: Payback'.
  • While it isn't clear exactly who is behind the attacks, some security specialists say they are being organized by a group of online activists calling themselves "Anonymous" as part of the so-called "Operation Payback" effort.
  • "Anonymous has targeted mainly companies which have decided for whatever reason not to deal with WikiLeaks. Some of the main targets involve Amazon, MasterCard, Visa and PayPal."
  • In one case, Assange's online supporters hit the corporate website of MasterCard in reprisal for its blocking of donations to the WikiLeaks website.
  • MasterCard first reported an attack which partially shut down its corporate website Mastercard.com at around 9.30am yesterday [Dec. 8].
  • Other organizations, including Visa Inc., and the Swedish prosecutor's office, reported technical difficulties with their websites that appear to stem from so-called denial of service attacks, in which computers flood a server to prevent it from displaying a Web page.
  • Also affected: Swiss bank PostFinance. The unit of Swiss Post recently closed Mr. Assange's account, saying he provided a false address in Geneva, failing to meet the bank's requirement of Swiss residency for account holders.
  • Yesterday a spokesman for Anonymous, calling himself ‘Coldblood', a 22-year-old computer programmer based in London, said: ‘Websites that are bowing down to government pressure have become targets.
  • Coldblood also said, ‘We feel that WikiLeaks has become more than just about leaking of documents, it has become a war ground, the people versus the government.'

 NOTE: The information above is from the following news articles: