

Wikileaks Was Launched With Documents Intercepted From Tor - jackfoxy
http://www.wired.com/threatlevel/2010/06/wikileaks-documents/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+wired%2Findex+%28Wired%3A+Index+3+%28Top+Stories+2%29%29&utm_content=Google+Feedfetcher

======
tptacek
This is the big problem I have with Tor, and, in particular, with the people
who recommend Tor to people with serious privacy needs (such as the Iranian
dissidents). A heist like this is possible because putting your traffic on Tor
flags it as belonging to a subset of all traffic that is more likely to
contain interesting information.

It's the same with the people trying to help Chinese dissidents evade the
"great firewall". Maybe you're really helping them evade the firewall. Or,
maybe you're helping a savvy government agency zero in on the traffic worth
monitoring.

I worry that to the people providing the anonymizing and securing technology,
this is a game. It's not for the people using the technology.

~~~
m0nastic
I agree with your sentiments. TOR is designed for anonymity, not privacy;
which is something I think is lost on many people who use it.

If you're transmitting information that is personally identifiable, TOR isn't
the means to do it. The issue I see, is that there isn't really a solution for
people concerned with that.

~~~
stipes
Yes, Tor is for anonymity, not privacy. But that just means you still need to
be operating over a secure channel---be that SSL or sending the documents
encrypted, etc.

The fact that they operated compromised nodes does NOT diminish from Tor's
anonymity. Most anonymity systems assume about 1/5 of the nodes will be
compromised (which is reasonable barring a very large global adversary).

In general, timing attacks are the biggest issue in low-latency anonymity
systems: if you can track packets going into Tor and coming out of Tor, you
can link the sender to the destination. But, if the traffic was encrypted,
that still doesn't get you the documents themselves.

Edit: More specifically to the grandparent---even with a compromised exit
node, that doesn't reveal the source (that's the point of onion routing). The
case of China is a hard one, due to the level of state control. There are ways
to request exit nodes in the Tor network (I have no idea how well documented
this is), so for them, selecting an exit outside China for accessing
international sites would probably be best (this would remove/greatly reduce
the risk of Chinese gov't timing attacks).

There has been some work on strategically choosing entrance/exit nodes to
reduce the risk of these kinds of timing attacks, but I don't know of anything
that has been published or implemented yet (I haven't worked on that
particular aspect in a while). Basically, some of the methods would have
automatically chosen exit nodes outside of China (to prevent exit->destination
traffic from travelling through the same autonomous systems as
source->entrance traffic).

~~~
stipes
After some brief digging, it appears there has been some published research on
location diversity in path selection in Tor since I last worked on that
problem.
[https://docs.google.com/viewer?url=http://www.cs.rpi.edu/~ed...](https://docs.google.com/viewer?url=http://www.cs.rpi.edu/~edmanm2/ccs159-edman.pdf)
has some good results, if anyone is interested.

------
mjgoins
I believe if the final destination of the tor communication had been https,
wikileaks could not have eavesdropped and read the documents. The article
fails to make that distinction when it says:

    
    
      By necessity, however, the last node through which traffic   passes has to
      decrypt the communication before delivering it to its final destination.

------
orborde
A poignant reminder that Tor is just one of many tools and practices necessary
to maintain security and privacy.

I remember during Wired's "Vanish" contest (
<http://www.wired.com/vanish/2009/11/ff_vanish2/> ), the guy on the run was
using Tor. As such, there was talk about setting up a bugged Tor exit node
with lots of reported bandwidth to try to intercept his Gmail sessions. I ran
the odds (figuring his client chose exit nodes at random), and there was a
decent chance that his traffic would have been captured at least once over the
month of the contest. Unfortunately, someone pointed out that it ran afoul of
wiretap laws. And the SSL MITM shenanigans to try to capture his email
password would definitely have been illegal. So the idea was shelved.

~~~
smallblacksun
Which shows a serious flaw with the contest. The only people you would go to
these lengths to avoid would be someone from the government or a criminal
organization. Those are exactly the two groups who either don't have the law
apply to them, or are willing to break the law.

------
teilo
Talk about a conflict of interest. May I be the first to suggest that this
falls into the bombshell category?

~~~
pavs
How is this conflict of interest? They were eavesdropping on private tor
communication, albeit morally questionable action.

Either way I lost most of my respect for them long time ago, they are not much
different from other news organization, they just put a sensationalist spin to
their news. Take whatever they give with a grain of salt and understand that
they are only portraying one side of the story.

~~~
jorgeortiz85
Say what you want about the methods, motives, and spin of the people behind
Wikileaks, but the fact is they release an incredible amount of credible
primary sources. You can dismiss their spin, but you can't dismiss the hard
facts they've uncovered.

~~~
pavs
I am not dismissing the importance of what they released. I am hoping that
people would see their sensationalist method of reporting.

Take for example the last apache fire video. Its true that it was troubling,
its true that it was gruesome and its also true that it will remind people who
are otherwise oblivious to the consequences of war, even if it is for a few
moments.

But how much value does that piece of video have in changing the perception of
public, even after months of hyping ("CIA is following us" on twitter) about
it? I suppose not much.

Was this video more significant than the revelation that Iraq never had WMD to
begin with? Is this video more significant than Abu Ghraib torture and
prisoner abuse? Is this any more significant than 100s of videos you will find
online about armies killing Iraqis?

The simple fact is that this single incident is not anymore significant than
other 100s of incidents that has been widely reported by mainstream media.
People who care, read about it and know about it.

They are certainly not the bad guys but I think wikileaks have questionable
ethics and when you have questionable ethics its hard to take you or the news
you have seriously, even if the news are exceptional [1]. The idea that they
have millions of documents that they can't release because they don't have
enough funds is utterly ridiculous. Holy shit, someone tell him about a thing
called "torrents".

Their whole point of the sensationalist, biased video release was to get
maximum bang for the bucks and get those donations piling up. Which is exactly
what happened.

[1] See also: Fox News. (not they are not exceptional, but their occasional
truths are lost amid their river of lies)

~~~
sesqu
_I lost most of my respect for them long time ago [--] Take for example the
last apache fire video._

Do you have another example, from long time ago? That last one was widely
panned, but prior to that, their editorialism wasn't criticized very much
(though I seem to recall there was some; I just wasn't paying attention).

~~~
pavs
Wikileaks has been around for less than 3 years. So when I say "long time ago"
you have to take it as a figure of speech. I did say I lost respect for them,
but I didn't say I lost respect for them as a result of their release of any
particular information. I lost respect since they started to claim that they
have more than a million documents (2007) waiting to be released, but they
can't release it because of lack of funds, specifically for infrastructure
costs and had to close the site down. Which they later expanded into legal
fees, their website (when they were shut down) showed that their legal fees is
being paid by other non-profit organizations and most lawyers are working pro-
bono (since they opened up the site I can't find the page or the piece of
information). For the love of me I don't understand how they can have an
operative cost of €600,000 per year. They never addressed the specifics of
their costs.

More WTF, they listed some members in their advisory boards (including Noam
Chomsky), who didn't even know that they were members of wikileaks advisory
board. [1]

There are quite a few things about wiki-leaks that doesn't make sense or add
up, and perhaps the nature of their work creates some discrepancies in
information about their work, but that shouldn't take away anything from some
of the valuable leaks that came from wikileaks.

Two rules I try to apply in my life.

1) Be skeptical of anyone and everyone. Everyone is biased and everyone has a
motive. "Who watches the watchmen"?

2) Don't put anyone in unrealistic moral standard. Avoid "herofication" of
individuals or an organization. Humans are fallible.

[1] [http://motherjones.com/politics/2010/04/wikileaks-julian-
ass...](http://motherjones.com/politics/2010/04/wikileaks-julian-assange-iraq-
video?page=2)

------
zitterbewegung
Hrm, in 2007 people were able to intercept traffic from Tor quite easily by
using a packet sniffer on an exit node. It looks like wikileaks got
information through an implementation of this hack possibly?

Link: <https://lwn.net/Articles/249388/>

~~~
ZachPruckowski
Intercepting TOR traffic is trivial, it's not really a hack. They could have
just run a TOR exit node of their own, and seen what came through unencrypted.
The point of TOR is not to keep the traffic private (you use end-to-end
encryption for that), it's to obscure the sender.

------
Groxx
I'm of the mindset that if you _require_ anonymity and privacy, and use tools
you do not even RTFM for, nor do some _basic_ investigation into the field,
you _deserve_ what happens to you.

Go Wikileaks. Capitalizing on stupidity for great justice FTW.

~~~
naz
I doubt China cared about the privacy of the documents they stole.

~~~
Groxx
Which has what to do with what?

The sources they stole from (if you're referring to "the big one" a little
while ago) _did_ know the basics, and presumably quite a bit more than many
places. It was a fairly sophisticated attack. It's part of the risk you run in
connecting to the internet in the first place, but it's 100% different than
people who think TOR makes all their data private, which they'd learn if they
read the short intro page. Notably the two sentences that are important enough
to get their own paragraph:

 _"Tor doesn't magically encrypt all of your Internet activities, though. You
should understand what Tor does and does not do for you."_

~~~
naz
My point was that China was transmitting stolen documents over TOR, not
stealing documents transmitted over TOR. Although they probably do that as
well.

------
shareme
ahem this has been debunked folks by wikileaks itself..

~~~
btn
Where? They seem to endorse the New Yorker article; linking to it on their
front page.

------
DanielBMarkham
Stick a fork in them, they are done.

