Wasn't The Real Security Problem The Initial Leak Of State Dept. Cables Rather Than The Latest Leak Of Those Same Cables?

from the playing-the-blame-game dept

One of the myths around Wikileaks' original release of State Department cables was that the organization simply dumped all the cables unredacted and let everyone sort it out. That's simply not true. Wikileaks released only small batches of documents at a time, mostly in conjunction with newspaper reporters, and redacted sensitive info. While Wikileaks just did a big dump of additional cables, the big news that people are focused on is how a German newspaper found an encrypted file of all the cables that apparently has no redactions at all, and has a password that is easy to find. While the details aren't entirely clear, most of the evidence seems to suggest some sort of human error, in placing the encrypted file online and then, later, accidentally releasing the password to the file.

While it does seem like there's a fair bit of bad security and bad process on the part of Wikileaks, it does seem to be a little odd to pin the full blame on Wikileaks and various hacker groups as Paul Carr does here in his story on the new file:
In truth, it almost doesn’t matter who is responsible: the eventual release of the unredacted cables was inevitable. The message of Wikileaks — and the amoral cult of leaking for lulz that came in its wake — has always been one of callous contempt for the human cost of “free information”. From Assange’s well-publicised remarks to Guardian reporters that “if [informants] get killed, they’ve got it coming to them. They deserve it.”, to LulSec [sic] and Anonymous’ willingness to publish the personal details of anyone even tangentially associated with their ‘enemies’, what we see time and time again from mass-leakers is a sociopath’s disregard for individuals, combined with a Hollywood serial killer’s hunger for attention. Sooner of later — for attention, to make some misguided political point, for the lulz — someone was bound to obtain and leak the raw documents.
But all of this ignores where these documents came from originally. These cables were apparently available to hundreds of thousands -- if not millions -- of people within the government if they wanted to look at them. At that level of accessibility, it's not hard to realize that lots of people had these documents, and there's a fair likelihood that those working for foreign interests were able to get their hands on these documents long ago. The only folks who didn't have them were the public.

Now, I do disagree with the tactics that Anonymous and LulzSec tend to take (and, honestly, am still surprised that their attacks have been so effective). But, that's mainly because I just don't think such things legitimately move issues forward. Instead, they focus the discussion on the hacks, rather than the content of the hacks, and get people focused on what they believe to be a bunch of script kiddies (whether it's true or not).

But I think it's a bit silly to blame their attitude and hackings for this release. The documents and their details were almost certainly "available" to various foreign parties long before anyone leaked them to Wikleaks. While this latest release certainly shows some serious process problems with Wikileaks (no surprise there), it's kind of amazing that people aren't pointing out that the much bigger security/process problem was at the beginning of the chain, in which the documents were available to so many different people without much security or protection in the first place.

Filed Under: leaks, state department cables, wikileaks
Companies: wikileaks

Reader Comments

Subscribe: RSS

View by: Time | Thread

  1. icon
    That Anonymous Coward (profile), 30 Aug 2011 @ 8:50pm

    Because there is much motivation to keep people focused on Wikileaks being stupid than what Wikileaks had.

    Example -
    The Sony "Hacks" (level of hack required being a paperclip)
    Everyone was screaming at the people who did it, bitching about having to change their passwords on ALL sites they used (as they used the same one everywhere), and calling for the Feds to find the "hackers" and punish them.
    Sony played up how skilled the hackers were, and that this was something that no one could withstand.

    The truth -
    Sony had horribly lax procedures for security. These were made way more evident as site after site around the global were compromised and unencrypted data was set free.

    There are still people who are screaming for the "hackers" blood but they do not feel as much anger at Sony. Sony broke the rules for security, and while the data was leaked it was most likely not the first time it had ever been accessed.

    I have a feeling that this "leak" of the file has something to do with the pissing contest between the frontmen of Wiki and Open leaks. Openleaks killed itself when its founder deleted a file containing information that Wikileaks had. No one will be able to say what was lost, and there is much PR spin to be had on both sides.
    The issue is the Openleaks guy in trying to condemn bad practices by Assange committed a worse sin in destroying data that people had sent to Wikileaks.
    Would you try to blow the whistle to someone who in a fit of anger would just delete what you risked yourself to get to them?

    Don't read the cables, focus on people who might be outed as agents of the Government. Focus on the evil people who stole this and then didn't protect anyone. Ignore the law breaking exposed in the cables, ignore the bad faith in our policy, ignore the evil we do in the name of "good".

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here

Subscribe to the Techdirt Daily newsletter

Comment Options:

  • Use markdown for basic formatting. (HTML is not supported.)
  • Remember name/email/url (set a cookie)

Follow Techdirt
Techdirt Gear
Shop Now: Techdirt Logo Gear
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads


Email This

This feature is only available to registered users. Register or sign in to use it.