Wasn’t The Real Security Problem The Initial Leak Of State Dept. Cables Rather Than The Latest Leak Of Those Same Cables?

One of the myths around Wikileaks’ original release of State Department cables was that the organization simply dumped all the cables unredacted and let everyone sort it out. That’s simply not true. Wikileaks released only small batches of documents at a time, mostly in conjunction with newspaper reporters, and redacted sensitive info. While Wikileaks just did a big dump of additional cables, the big news that people are focused on is how a German newspaper found an encrypted file of all the cables that apparently has no redactions at all, and has a password that is easy to find. While the details aren’t entirely clear, most of the evidence seems to suggest some sort of human error, in placing the encrypted file online and then, later, accidentally releasing the password to the file.

While it does seem like there’s a fair bit of bad security and bad process on the part of Wikileaks, it does seem to be a little odd to pin the full blame on Wikileaks and various hacker groups as Paul Carr does here in his story on the new file:

In truth, it almost doesn’t matter who is responsible: the eventual release of the unredacted cables was inevitable. The message of Wikileaks — and the amoral cult of leaking for lulz that came in its wake — has always been one of callous contempt for the human cost of “free information”. From Assange’s well-publicised remarks to Guardian reporters that “if [informants] get killed, they’ve got it coming to them. They deserve it.”, to LulSec [sic] and Anonymous’ willingness to publish the personal details of anyone even tangentially associated with their ‘enemies’, what we see time and time again from mass-leakers is a sociopath’s disregard for individuals, combined with a Hollywood serial killer’s hunger for attention. Sooner of later — for attention, to make some misguided political point, for the lulz — someone was bound to obtain and leak the raw documents.

But all of this ignores where these documents came from originally. These cables were apparently available to hundreds of thousands — if not millions — of people within the government if they wanted to look at them. At that level of accessibility, it’s not hard to realize that lots of people had these documents, and there’s a fair likelihood that those working for foreign interests were able to get their hands on these documents long ago. The only folks who didn’t have them were the public.

Now, I do disagree with the tactics that Anonymous and LulzSec tend to take (and, honestly, am still surprised that their attacks have been so effective). But, that’s mainly because I just don’t think such things legitimately move issues forward. Instead, they focus the discussion on the hacks, rather than the content of the hacks, and get people focused on what they believe to be a bunch of script kiddies (whether it’s true or not).

But I think it’s a bit silly to blame their attitude and hackings for this release. The documents and their details were almost certainly “available” to various foreign parties long before anyone leaked them to Wikleaks. While this latest release certainly shows some serious process problems with Wikileaks (no surprise there), it’s kind of amazing that people aren’t pointing out that the much bigger security/process problem was at the beginning of the chain, in which the documents were available to so many different people without much security or protection in the first place.

Permalink | Comments | Email This Story

This entry was posted in Syndicated. Bookmark the permalink.

Comments are closed.