Tor, on the other hand, allows instant feedback. WikiLeaks initially ran a chat room that used the instant messaging protocol IRC. An anonymous source communicating by Tor-protected instant messages could be questioned one second and respond the next with a verifying fact, another crucial document, or simple technical fixes.
For Assange, Tor may have also possessed another unique capability, one that served a far more morally ambiguous purpose—as much an inherent bug in the system as a feature. Anyone who controls a node on the edge of the network, with a few simple tools, can read every unencrypted file that comes out of it. While Tor triple-encrypts all the files it routes as a key step in its anonymity mechanism, that encryption is stripped away in the routing process. Any data that isn’t encrypted before it enters Tor’s maze of pipes won’t be encrypted when it comes out the other end either. The service, after all, is designed to hide who the user is, not the data he or she is accessing or uploading.
Traditional implementations of encryption like SSL and PGP can solve that problem. But as with every security mechanism, users slip up. And much of the Web isn’t configured for SSL. The result, apparent to thousands of the hacker types who run Tor nodes, is that a clever relay operator can essentially suck out copies of any unencrypted data that exits the anonymity network through the node he or she controls. Tor’s administrators explain as much in the tool’s documentation:
“Tor anonymizes the origin of your traffic, and it makes sure to encrypt everything inside the Tor network, but it does not magically encrypt all traffic throughout the Internet,” the site warns. “Yes, the guy running the exit node can read the bytes that come in and out there.”
And many believe that WikiLeaks did exactly that.
In a June 2010 profile of Assange, The New Yorker reported that before WikiLeaks’ launch, a member of the project who ran a Tor exit node had noticed Chinese hackers using the relay to hide their tracks. Millions of documents were passing through the computer as the cyberspies went about their daily business of penetrating target servers and exfiltrating vast amounts of data. WikiLeaks’ volunteers began to record that traffic, and the immense bolus of information that they collected became a repository of documents that Assange would later tout, in what may have been a less-than-honest bit of marketing, as proof of WikiLeaks’ early success. “We have received over 1.2 million documents so far from dissident communities and anonymous sources,” WikiLeaks boasted on its site circa 2007.
When that New Yorker account of WikiLeaks’ origin story became a headline on Wired.com, Assange issued a vague and circuitous denial. “The imputation is incorrect,” he told the tech news site The Register. “The facts concern a 2006 investigation into Chinese espionage one of our contacts [was] involved in. Somewhere between none and a handful of those documents were ever released on WikiLeaks.”
But in another 2006 e-mail published by John Young on Cryptome after his falling-out with WikiLeaks, Assange described something that sounds very much like hoovering up sensitive data as it spills out of a Tor node. “Hackers monitor Chinese and other intel as they burrow into their targets,” he wrote to Young. “When they pull, so do we.”
The result, Assange continued breathlessly in that message, was an “inexhaustible supply of material. Near 100,000 documents/emails a day.” The data flood, he wrote, included hacked internal documents from the Council on Foreign Relations, half a dozen foreign ministries, the United Nations, trade groups, the World Bank, even the Russian cybercriminal mafia. Mendax’s hacker dream made reality.
“We’re drowning. We don’t even know a tenth of what we have or who it belongs to. We stopped storing it at one terabyte,” he wrote. That data trove would have been thirty times the size of every text article stored on Wikipedia today.
Whether or not those files were ever released, they marked the first seeds of WikiLeaks’ power. Assange sounds in his e-mail like a man made practically giddy over the wealth of secrets at his fingertips. “We’re going to crack the world open,” he told Young, “and let it flower into something new.”
When Appelbaum told the guards on the Turkish-Iraqi border that he was a tourist, as he recounts the story, they laughed at him and waved him through, refusing to even stamp his passport. A taxi had taken him from Diyarbakir through the Turkish city of Batman, and crossed into Iraq over a bridge straddling a river Appelbaum describes as “so brown and polluted that you wondered whether, if you fell in it, your bones would reach the bottom.”
In the Iraqi city of Zakho, he was picked up by his old Greenpeace friend and his wife in a white SUV, with a Glock, an AK-47, and Browning nine millimeter handgun in the backseat. They drove to the northern town of Arbil, stopping to look in ghostly abandoned buildings along the highway. In one they found children’s drawings of helicopters firing on humans, rockets hitting buildings. In Arbil, Appelbaum spent the next days photoblogging and interviewing locals, uploading the results with a satellite modem and the peer-to-peer file-sharing protocol BitTorrent. To any Iraqis who seemed computer-savvy, he distributed copies of the open-source operating system Linux, spreading free software like a hacker Johnny Appleseed.
Appelbaum found in his conversations that the local Kurds, unsurprisingly, were mostly happy with the U.S. invasion and the toppling of Saddam Hussein’s regime. But from the Arabs who lived in Arbil he claims to have heard more disturbing stories of soldiers who fired .50 caliber bullets at oncoming cars at checkpoints, killing their drivers and all passengers, rather than aim for the engine block. A man told Appelbaum he kissed his wife every morning before leaving the house, thinking he would never see her again. Iraqis asked him sincerely whether Americans understood that they were normal people with homes and families. “As an American, I found myself feeling pretty awful about what we’d contributed to,” he says.
In Kirkuk, the trio’s vehicle broke down. While they waited for help on the side of the road, an enormous boom sounded over the hill behind them, and a black cloud of smoke rose from what seemed to be an oil refinery. Minutes later, two truckloads of soldiers, one American followed by one Iraqi, drove by. Appelbaum’s group laid low until his friends’ co-workers could bring them a new car, and then drove on. But the incident reminded him of how close he was to real harm. When his friends left Iraq for Istanbul, he left with them. “I was not in the greatest headspace, I guess,” he says. “But at some point my desire to live started to outweigh my desire to be shot in a war zone.”
Appelbaum returned to San Francisco and took a job at a security start-up, building software that automatically scanned code for vulnerabilities. The company was acquired and his entire office was laid off. Soon after, he was at a party in the city’s Mission District when news hit that the levees had broken in New Orleans: Hurricane Katrina had left nearly two thousand dead and tens of thousands more stranded in sports stadiums used as shelters. When one of the partygoers tried to turn off the television and lighten the mood, Appelbaum angrily grabbed the remote, turned up the volume, and refused to change the channel.
Days later, he flew to Texas, created a press pass for an obscure news agency, and slipped into the Astrodome to interview Katrina’s victims. “I got through the checkpoints the same way you hack firewalls: by identifying and exploiting weaknesses,” he says. Inside the makeshift shelter, he reported the inhabitants’ stories of prisonlike conditions: A man beaten in the shower. Nightly curfews, women raped. Some of the evacuees believed that the Army Corps of Engineers had blown up New Orleans’s levees to preserve more expensive real estate while flooding their parishes. Some other reports disputed those stories. But for Appelbaum, “This American disaster was a lot like the other American disaster I witnessed in Iraq,” he says. “The same thing, over and over again. The disconnection. The lack of humanity.”
Appelbaum worked with a group of activists that collected radios and distributed them to the Astrodome’s inhabitants to provide news for th
ose trapped inside. Then he loaded up on provisions and drove to the Algiers neighborhood of New Orleans, moved into a house organized by the activist collective Common Ground, and helped to set up EVDO wireless Internet connections so that the area’s hard-hit inhabitants could register online with FEMA to receive aid.
When Appelbaum returned from New Orleans, his tour through two levels of hell had left him more committed than ever to the liberating powers of technology. But he had yet to find the community that would be his own cypherpunks, the crypto-obsessed peers who would enwrap him in a larger movement and push him to greater feats of crypto-anarchy.
That group would be the Chaos Computer Club.
In many ways, the CCC had progressed years ahead of Tim May and Eric Hughes’s crypto-liberation movement in California. Founded by the German hacker luminary Wau Holland in 1981, the Hamburg – and Berlin-based nonprofit had been demonstrating the insecurity of public computer systems as early as 1984, when its hackers used the home terminal system created by the German postal system to transfer the equivalent of $50,000 from a bank to the CCC’s accounts. (The money was given back in a public ceremony the next day.) With a true surveillance state looming just over the Berlin Wall, privacy, antiauthoritarianism, and the need for strong crypto had been steeped into the group’s core.
Almost exactly a year after his father’s death, Appelbaum flew to Berlin to attend the CCC’s annual Chaos Communication Congress. The topic of his talk was the same problem that had troubled Julian Assange years earlier, one central to any activist who believes in the power of cryptography: how to keep encrypted data encrypted, even when authorities are standing over the user, rubber hose in hand, demanding the key.
In his talk in Berlin, Appelbaum walked the audience through a series of crypto-schemes, grading various software and taking special pleasure in giving Apple an F. (The user’s unencrypted key could be extracted from a file Apple carelessly left on the computer’s hard drive.) And then he came to Julian Assange’s very own solution to the problem of violent key extraction—Assange’s 1997 invention, the crypto-scheme Rubberhose.
“In today’s world,” Appelbaum told the audience of European hackers, “this is probably going to get you killed.”
Appelbaum cited the obvious issue: If the jailer knows his prisoner, Alice, is using Rubberhose, he’ll never stop torturing her to try and get more of the data that may be hidden on her hard drive. “I don’t think it’s a good idea to never be able to prove you don’t have any more secrets,” Appelbaum told the CCC crowd.
Instead, he offered an idea for a new theoretical solution: MAID, or mutually assured information destruction. In the system Appelbaum suggested, Alice keeps her cryptographic keys on a faraway server, accesses it only with Tor to keep its location obscured, and sets a certain time limit. If that time limit passes without Alice checking in, MAID automatically deletes all her keys. When Alice gives in to her jailer after either suffering through a certain period of torture or legal silence, she can show him that the keys no longer exist. Everything on the server full of secrets becomes permanently, irrevocably encrypted. “You’re not obstructing justice anymore,” Appelbaum explained. “Justice was just too slow to catch you.”
In the questions period following the talk, Ralf-Philipp Weinmann, the researcher who had developed Rubberhose with Assange a decade earlier, stood up and laid into Appelbaum, defending Rubberhose and pointing out flaws in the MAID concept. They debated genially and then agreed to talk afterward.
That conversation drew Appelbaum into Assange’s circle, albeit indirectly. Appelbaum became a CCC regular, and Assange would attend the next year to introduce a project he was working on: WikiLeaks.
Friends say they met at that wintry Berlin conference. Their paths must have felt uncannily parallel: broken, wayward childhoods, IQs beyond those of the hated authorities that tried to exert power over their lives, and a belief in the redemptive power of cryptography to defeat those forces. By Appelbaum’s fourth year at the conference, they had become close. Appelbaum told me he woke up on New Year’s Day after the Twenty-sixth Chaos Communication Congress in bed with Assange and two women. “That was how we rolled in 2010,” he says, smiling. (He later clarifies that they had busied themselves the night before with programming, not sex, and slept in different beds. “I can dream,” he adds.)
The two never spoke about Appelbaum’s critique of Rubberhose. But the CCC conference where Appelbaum spoke on the superiority of cryptography to violence, the young cypherpunk says, was “the start of a good friendship.”
Browsing WikiLeaks’ archives from 2006 to late 2009—the years before it was catapulted onto the world stage—feels like opening a creaking door onto a dusty museum of badly organized, fascinating secret artifacts: A purported draft of a resignation letter from Venezuelan president Hugo Chavez. A military report on the prevalence of hash-smoking among a group of American soldiers. An internal video from networking tech giant Cisco showing every television and movie scene in which it had purchased product placement. A list of sites to be censored by a Norwegian Internet service provider. A report on incompetence among safety staff at the Rocky Mountain Biological Laboratory. A censored image of the Belgian chief of police photoshopped into a pornographic scene. The handbooks of secret rituals for nine different fraternities.
It all started with a single, unverified document. Whether by sniffing the Tor network, receiving it from a Tor-masked source, or through other untraced means, Assange and WikiLeaks obtained and published its first leak: It was a Somalian government document calling for the assassinations of leaders in two rogue Somali states.
John Young, who at that point hadn’t yet broken off from the group, warned that the leak could easily be disinformation or a forgery. “This is not to suggest leaks are not to be trusted, just not blindly so, for they are now standard tools for lying, smearing and stinging by governments, corporations, persons of all demonics,” Young wrote on the WikiLeaks mail list.
In the end, WikiLeaks did post the Somalian leak, but with a breathless disclaimer: “Is it a bold manifesto by a flamboyant Islamic militant with links to Bin Laden? Or is it a clever smear by US intelligence?”
As WikiLeaks’ profile rose, the answer never surfaced, and hardly mattered. Assange traveled to Kenya, moved into the compound of Doctors Without Borders, and continued to tout WikiLeaks at the World Social Forum, a collection of nonprofits and activists that shadowed the World Economic Forum. Seeking to create a “WikiLeaks advisory board for Africa,” he met with Mwalimu Mati, an organizer of Transparency International in Nairobi. “We had tried many online whistleblowing sites,” says Mati. “But WikiLeaks’ idea of using cryptography to separate the whistleblower and the source . . . that seemed to me to be very useful and clever.”
The Kenyan leak that would put WikiLeaks on the map, it turned out, had little to do with encryption. In 2004, the Nairobi government of Mwai Kibaki had taken power after the long reign of Daniel arap Moi, promising an end to the corruption of the Moi regime. Kibaki commissioned a report into the previous regime’s embezzlement, suspected to be billions of dollars, that would come to be known as the Kroll Report. But when Kibaki’s government started to come under fire for its connections to the Moi indiscretions, the report wasn’t released.
Instead, someone printed it out and mailed it to Mati. It confirmed the worst: more than two billion dollars siphoned to Moi’s associates’ properties in twenty-eight countries, hundreds of millions given to his children, and even reports of currency counterfeiting by the regime’s organized crime connections. Knowing that Nairobi’s media was hardly independent enough to publish the bombshell report, Mati gave it to WikiLeaks. The Guardian picked up WikiLeaks’ release and printed the front-page headline “The Looting of Kenya.” Mati and Assange followed up with another major leak, again sourced to an envelope that appeared on Mati’s desk. It detailed the extrajudicial exe
cutions of members of a criminal gang called the Mungiki, a crackdown that led to the indiscriminate police killings of thousands of young men.
After those exposés, “the site’s popularity rocketed,” says Mati. Leaks began to flow in earnest to the site’s submissions system: A detailed account of the Cayman Islands tax shelters administered by the Swiss bank Julius Baer, an internal report from the mining giant Trafigura detailing the effects of its toxic dumping in the Ivory Coast that had been legally prevented from appearing in British media. Icelandic banking documents that would catalog the country’s financial meltdown and eventually inspire a transformative legal movement in the volcanic island. And a collection of pager messages from September 11, 2001, that would catch the attention of one young analyst in a dusty base in Iraq.
But for Assange, the most gratifying moment of WikiLeaks’ ascendancy may have had a smaller, but more personally meaningful, target: the Church of Scientology. Since the days of Penet and Suburbia, the church’s lawyers had continued to intimidate anyone that leaked its manifold secrets, both to traditional media and digital outlets. So when WikiLeaks published a 208-page strategy manual that seemed to have been written by founder L. Ron Hubbard himself and detailed strong-arm tactics for attacking journalists and even tricking airlines into revealing their flight details, the church responded with its usual suppressive methods. A letter from the group’s lawyer asked WikiLeaks to remove the documents immediately.
Assange, needless to say, did not. And instead of merely holding an eleven-person protest as he had in his cypherpunk days, this time he fired back with both barrels. “WikiLeaks will not comply with legally abusive requests from Scientology any more than WikiLeaks has complied with similar demands from Swiss banks, Russian off-shore stem cell centers, former African kleptocrats, or the Pentagon. WikiLeaks will remain a place where people of the world may safely expose injustice and corruption,” read a letter sent back to the church’s lawyer. “In response to the attempted suppression, Wikileaks will release several thousand additional pages of Scientology material next week.”
This Machine Kills Secrets Page 19
