September 2011

S M T W T F S
    123
4 5678910
11121314151617
18192021222324
252627282930 

Style Credit

Expand Cut Tags

No cut tags
hasimir: (Default)
Monday, September 5th, 2011 02:38 pm

Last week the complete unredacted diplomatic cables obtained by WikiLeaks last year were revealed to the world following a series of events involving WikiLeaks, the Guardian and possibly others. There has been much finger pointing regarding who is to ultimately blame for this, which is essentially pointless. The deed is done and the information is out. A couple of days later WikiLeaks, under the direction of Julian Assange, elected to update their Cablegate site with the unredacted data and provide a full mirror archive [torrent] and PostgreSQL database copy [torrent].

Already there are interesting revelations being brought to international attention by the latest data releases. There are also very valid concerns regarding the safety of intelligence sources, victims of crime and political dissidents who are identified in the cables. Amongst these have been the revelation that one or more cables identify current Australian intelligence officers, as reported in The Age and The Sydney Morning Herald.

Last Friday a statement [PDF] was made by Robert McClelland, the Australian Attorney-General, regarding this fact and confirming that the Australian Security Intelligence Organisation (ASIO), along with other agencies, were reviewing the material. Mr. McLelland reiterated that Section 92 of the Australian Security Intelligence Organisation Act 1979 (ASIO Act) makes it a crime to “publish or cause to be published in a newspaper or other publication, or by radio broadcast or television, or otherwise make public, any matter stating, or from which it could reasonably be inferred, that a person having a particular name or otherwise identified, or a person residing at a particular address, is an officer (not including the Director-General), employee or agent of the Organisation or is in any way connected with such an officer, employee or agent or, subject to subsection (1B), is a former officer (not including a former Director-General), employee or agent of the Organisation or is in any way connected with such a former officer, employee or agent.” That second part is obviously aimed at protecting the families of ASIO employees, while subsection 1B deals with exceptions where former officers have consented to their previous employment being made public.

This has led to speculation that Julian Assange could face prosecution under Section 92 of the ASIO Act. There may be the possibility of additional charges relating to officers of other Australian agencies, such as the Office of National Assessments (ONA) or the Australian Secret Intelligence Service (ASIS). In adition to the cable referred to by The Age and The Sydney Morning Herald there is at least one cable which lists the names of a number of senior ONA analysts and there may be more buried amongst the quarter of a million cables.

One of the problems facing any Australian prosecution in this matter will be whether or not charges can be laid based on the sequence of events. The initial revelations of the complete data came from a GPG encrypted file which had been available online via BitTorrent for several months and which was decrypted using a passphrase published by the Guardian. Each on its own could not reveal the information, they had to be used together to obtain the data. If charges were to be laid related to that, who would be charged? Julian Assange for creating the encrypted file? Another WikiLeaks staffer for putting it on BitTorrent? David Leigh and Luke Harding at the Guardian for publishing the decryption passphrase in WikiLeaks: Inside Jullian Assange’s War on Secrecy? John Young at Cryptome for providing the decrypted CSV file? Raymond Hill at Cablegate Search for using that data in his online database? Others?

That’s just dealing with the initial release of the data. The next question is whether or not Julian Assange or others involved with WikiLeaks can be charged for effectively republishing the data after it has already been decrypted by others? No doubt this is something which Australian Commonwealth prosecuters will consider following the reviews of the diplomatic cables being conducted by ASIO and others.

On Sunday the Attorney-General followed the national security theme with a statement [PDF] announcing a new national security awareness campaign promoting the National Security Hotline (NSH). The NSH was introduced in 2002 by the Howard Government and the initial advertising campaign in 2003 featured much derided fridge magnets for every household.

What is unclear about the latest NSH advertising campaign is whether it was already planned, whether or not it is in response to or accelerated due to the release of the unredacted cables or whether it is part of a push to turn public opinion against WikiLeaks. When the cables were being dribbled out with effort taken to redact information that could identify people at risk of violence or retaliation it was difficult for many people to take the government’s objection too seriously. The complete release last week changes that scenario completely and the publication has been condemned by the traditional media organisations, which had previously worked with WikiLeaks to redact and publish the cables. It is possible that the Attorney-General’s department views an elevation of national security in the public consciousness will make it easier for people to draw the conclusion that the cable publication and, by extension, WikiLeaks is to be condemned.

Regardless of one’s opinions of Julian Assange and WikiLeaks, either for or against, the fact is that the facility to provide a platform for the global release of sensitive material has been a major change for both national and international politics. It has shifted the concentration of power in ways which governments are not used to. They are beginning to learn a similar lesson to that of the media: that the people formerly known as the audience are able to actively engage to a greater extent than previously possible. Not only are people able to do this, but they actually do it.

As I type this there are people around the globe pouring through the released cables looking for interesting information. Some of the results are published by traditional media outlets, some are blogged about and some are included in the running commentary on Twitter or other social media networks. Most people refer to the latter as crowd-sourcing, but governments and intelligence agencies refer to it as open source intelligence. It is another example of ordinary citizens being able to level a playing field which has previously been restricted to governments, intelligence agencies, law enforcement and corporations with the budgets necessary to obtain and mine vast amounts of data. This shift is, unsurprisingly, of real concern to those organisations which have traditionally maintained a monopoly on information.

As a consequence, moves by governments around the world to attempt to limit or discourage this power shift are to be expected. Where that coincides with existing national security legislation, such as that protecting intelligence officers here in Australia, a link is able to be drawn between the power shift and a subtext of potential sedition. It’s not quite accusing anyone engaged in any aspect of the shift in power and sharing (versus control) of information of treason, but it is a manner of presenting opposition to people doing so as in the interests of national security. It is a subtle and dangerous approach to the changing nature of politics and intelligence, which could backfire. Yet it is one which will be pursued by any government seeking to maintain a concentration of power; that being, all of them.

It also won’t work, not completely, that genie is well and truly out of the bottle. The governments, intelligence agencies, law enforcement and corporations already know this; their game is now to limit anything which they see as potentially damaging. The extent of their success or failure in this will only become apparent over time; not just in relation to the various releases from WikiLeaks, but also information which will be released by other sources and organisations in the future.

There are new players in the Great Game of international politics, players who were previously viewed almost entirely as pawns. It will be very interesting to see how it plays out as the power and the rules shift.

Originally published at Organised Adversary. Please leave any comments there.

hasimir: (Default)
Saturday, August 20th, 2011 06:53 am

Yesterday’s news that Paul Freebody, a candidate for the Queensland seat of Cairns, has been expelled from the Liberal National Party (LNP) highlights the need for the greater adoption of email encryption and digital signatures.

As with the OzCar Affair of two years ago, the issue here relates more to the verification that an email has not been tampered with rather than protecting the content from prying eyes. Thus it is a digital signature which would have been of use to Freebody in this case. Had he already been using OpenPGP compliant software to sign his emails, such as PGP or GPG, Freebody could have proven that the change to his email after signing and sending it was made by someone else, without needing to identify or, in this case, embarass that person.

The reports regarding the case of Paul Freebody are a little unclear as to whether the modified email had been sent from his computer or whether a family member who had received the email modified it and then forwarded it on. Regardless of which of those two alternatives it was, the regular use of a digital signature would have helped.

If the email had been modified on Mr. Freebody’s computer before it was sent, the prompt to sign the message would have prevented message from being sent without the relevant passphrase. If the relative had removed the signing option then Mr. Freebody could have pointed to the lack of the signature as a certain level of proof that he did not send that email.

Had the email been signed and a recipient modified the content before forwarding it to others, the signature would not validate for that message and Mr. Freebody could then have pointed to that as proof that the message had been altered. In this case Mr. Freebody could have provided a copy of the original message with the valid signature for comparison.

This is the second time in as many years in which a forged or modified email has resulted in a scalp being claimed in Australian politics; yet the tools to prevent it have been available for two decades and standardised since the late 1990s. Since that time the ease of using email encryption and signatures, particularly with the combination of Thunderbird, GPG and Enigmail, has been improved considerably.

Until people in public life start using at least this aspect of cryptographic technology, even if they don’t actually encrypt their email, these kind of scandals will continue to occur.

Originally published at Organised Adversary. Please leave any comments there.

hasimir: (Default)
Sunday, January 30th, 2011 09:16 pm

Recent reports in The Guardian and The Independent, largely overshadowed by current events in Egypt, return to the phone hacking scandal and a renewal of the investigation into illegal activities performed by or on behalf of Rupert Murdoch’s News of the World. It is important to note that, with the exception of what apparently happened to Nick Brown’s landline, what we are talking about is not wiretapping, rather it is cracking the (poor) security of voicemail systems to access recorded messages without authorisation.

In spite of years of denials of involvement, Andy Coulson has resigned as Director of Communications for Prime Minister David Cameron. News International has fired assistant editor Ian Edmondson. While the London Metropolitan Police have finally been spurred into a new and hopefully more complete investigation. Celebrities and politicians seem intent on taking the News of the World to court for numerous breaches of their privacy.

My interest in this case is twofold.

Firstly I want to know if these activities are limited to News of the World or if they have been used by other News International or News Corporation organisations. In particular I want to know if these practices have been employed in the United States or here in Australia.

Secondly I am interested, as a professional geek, in methods of maintaining private communications. Upon the realisation that the so-called hacking was simply accessing a voicemail system, the solution to that problem was readily apparent: move the voicemail system from something under the telephone company’s control to something under one’s own control. It’s actually fairly straight forward to do with solutions available right now. Essentially it just involves forwarding missed or unanswered calls to a PABX (e.g. Asterisk) and then accessing that voicemail in a more secure manner, such as via HTTPS on any smartphone.

So I will continue to watch the case with interest and how far it does or doesn’t spread throughout the Murdoch empire. As well as seeing just how low the muckrakers will stoop for a scoop.

Originally published at Organised Adversary. Please leave any comments there.

hasimir: (Default)
Saturday, January 29th, 2011 12:23 pm

By now most people will have heard or read about the civil unrest in Egypt and the Egyptian government’s response of shutting down communications networks, including all Internet connectivity. This is, of course, one of the most complete forms of electronic censorship available to a totalitarian state.

Already there are people attempting to solve the technical aspects of routing around this kind of denial of service attack. In particular the OpenMesh project that has been reported on TechCrunch.

Personally I think that any solution in this area will have to involve a return to a real peer-to-peer networking model, rather than the client-server networking model that is so prevalent these days. I suspect that wireless networks will be the transmission path of choice for most such networks, at least as far as maintaining communications within a region affected by a government orchestrated black-out.

I am clearly not the only one who thinks this and fortunately a great deal of work has already been done on this by wireless community groups, like Wireless.org.au. The biggest implementation of such a network, of course, is the One Laptop Per Child program’s wireless mesh network.

The tricky part is getting connectivity out of such a censored region without having to rely on telecommunications carriers or government controlled networks. The level of difficulty in resolving this aspect will almost certainly depend on the physical distance between the censored region and the nearest location able to provide Internet connectivity. Some more obvious and long used methods would have to include satellite and radio transmissions, but a tolerance for data or packet loss would be beneficial.

I do not know whether a wireless mesh network or even some other solution could be deployed in Egypt before the current crisis is resolved, but I do think that making sure the information to rapidly deploy one in the future is essential for defending human rights.

Originally published at Organised Adversary. Please leave any comments there.