Friday, 10 December 2010

Wikileaks, Assange, Insurance, US Cables, Anonymous, LOIC and all that jazz.

There are so many aspects to this story, it's very difficult to know where to start.

First, it was clear that once Julian Assange got his hands on the leaked cables, it was only a matter of time before some or all of them were released. The nature of many of the released cables is pretty tedious to be honest and I suspect that a number of them have been 'over-marked' that is to say, have been afforded a protective marking above the marking that they actually warrant but it's not my call. There are some leaked cables that are significant and whoever Assange has employed to vet/ redact them may be working to a different agenda.

Second, the issue of the 'insurance' file and Assange. It is clear that the huge insurance file could be the complete collection of cables, perhaps we'll never know as, if Assange releases the password for it, there will be absolutely nothing left for him to bargain with therefore he is only likely to release the password if he has nothing left to lose.
Regarding the accusations levelled against him in Sweden, we should always take the attitude of 'innocent until proven guilty', even if sexual crimes are seen as the most distasteful. It is possible he is guilty, it is possible that the accusations have been made in an attempt to discredit him. The timing would seem to suggest the latter or it could be a coincidence. Certainly the initial prosecutor in Sweden felt as though there was no case to answer.

Regarding Anonymous and their attempts to avenge Assange. From what I've seen of Anonymous, it is rare for them to be so united behind one cause. They also seem to be garnering support from other sections of society. Historically, Anonymous has a pretty short attention span and I would not expect their assault to run and run but if the momentum thay have gathered can continue it is possible that a sustained campaign could be achieved.

The LOIC. I'll admit, I've not submitted the code to any analysis, I do have some concerns though. A malware developer is a malware developer. It is entirely possible that anyone putting together the LOIC code could have included an update function that could change the nature of the tool entirely. While the LOIC will only be attacking anti-Wikileaks targets at the moment, it could trivially be modified for the operators to target sites for blackmail purposes or to install additional trojan software onto the host computer to assist in the collection of personal details, banking details, passwords, etc. The bottom line is, the LOIC has not come from a 'trusted' source and therefore there is no recourse to the developers if it starts acting in a manner that was not advertised. If you're tempted to download and run the software, please bear this in mind. You might also find that your actions would be considered illegal. IANAL.

Finally, a quick word about the 'need to know' There has been some discussion concerning the need to know and if it would be considered illegal to view the wikileaks cables. I would suggest that if you are working in Government, it would be beneficial to discover what has been released. I'm sure the Intelligence community is reviewing the cables but I am less confident that they will pass on the relevant information to other Government departments.