Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
[flagged] WikiLeaks: CIA source code leak shows agency impersonating Kaspersky (betanews.com)
72 points by sparklemarkle on Nov 10, 2017 | hide | past | favorite | 54 comments



I took a look at the repository.

The fake certificates aren't signed by a legit CA. It's not actually clear if they're in use or just examples; the code is a mess. The idea is clearly if someone is using packet sniffing tools to monitor their network, they see Kaspersky's name in the cert of an outbound connection and assume either:

1) It's their own AV installs grabbing updates or something similar

2) They've been hacked by teh evil ruskies

Interestingly these example certs aren't in the HEAD of the repository (WikiLeaks provide the entire git repo with history). To find the certs they were talking about I had to look at the first commit. At some point these files were removed. The start of the repo is in 2013, well before the current Red Scare.

It's unclear to me that this is the CIA impersonating Russia for political reasons, as might be assumed from the headline, vs just using Kaspersky and Thawte because these happen to be companies with many customers. However, Wikileaks does say the justification is simply to hide exfiltration. We already knew that western intelligence agencies like to frame their opponents and cause confusion around attribution, like the neat trick NSA/GCHQ use where they send data they want to a server controlled by someone they don't like/some random innocent, which ignores the traffic because it's not actually compromised. They then suck the data they want off the wire as it is transferred.

All that said it is depressing how well US propaganda works. Look at all the people in this thread saying, no no, it can't be true, it's from Wikileaks - even though the code and files themselves are available to download. The analysis they post isn't misleading either. It's pretty much describing what's found in the repo.

edit: lol, just as I was writing this the story is flagged. What a big surprise. We can't have anything interfering with the official narrative, now, can we?


> The start of the repo is in 2013, well before the current Red Scare.

"Well before"? The public part of the current Red Scare started over the annexion of Crimea in March 2014 (and the preceding turmoil in all of the Ukraine). 2013 is precisely the point where I would expect an intelligence agency to start anticipating it.


OK, fair enough. I guess I think of the current Russia related hysteria as primarily about Trump and Clinton, so starting around 2 years ago. But fair point that it goes back further.


I hope people here are paying attention to the tactics being used to discredit wikileaks, even here. Its about numbers. Yeah most of us know you can't prove a negative, etc, but its about subtle influence of bias over time on the $% that are still blinded by their unsupported belief in the Russian narrative.


After the last year, I assume anything WikiLeaks releases is /at least/ contextually misleading.


How is releasing factual information misleading?


Because context is everything. It is easy to lead someone to draw the wrong conclusion by only providing part of the picture, when the context would lead one to a very different set of conclusions.


not only has there not been a documented falsehood that WL propagated, but there has not been an example of something leaked to them that was subsequently withheld due to an agenda.

Unless you have evidence of either of these two things happening, you will not change my opinion that they are a force for openness in a very opaque political scene.

The fact that they release more that is anti-whatever says more about who is leaking than it does about WL.


Wikileaks provides context that wouldn’t exist without their exposure of data.

More information being available to the public is a good thing.


In general, I think most people would agree with a blanket statement like that. But we don't actually know that wikileaks is providing context at all, because you don't know what isn't released. For example, sure, they've got 30k emails pilfered from Clinton. That paints a terribly unappealing picture of the Clinton campaign. But what about emails taken from a GOP-controlled server? What kind of context would those provide? Do they exist? What would they tell us about the other side of that question if they do? And crucially, what would it tell us about Wikileaks themselves if we knew they existed and weren't released?

Because that last scenario is the one I find extraordinarily likely.


Even if the scenario you describe is true (and there is no proof of that so this is purely a thought excersise), would you rather the Clinton emails weren’t released at all? Was there nothing to gain by learning that Clinton and the DNC worked against Sanders? That they had direct access to a very supportive media? At least we know that now.


There's not a good answer for that. Given hindsight and the knowledge that releasing them contributed directly to the election of Trump, yes, I'd say that I'd rather that they had not been released. If the opposing candidate had been a sane Republican the calculus might be a little different.

However, I think its self-deception of the highest order if you think either Wikileaks or the supplier of the Clinton emails is not also sitting on a great deal of incriminating evidence from the Trump campaign and/or the RNC.


My values are consistent regardless of who is involved. More information is always better. I also don’t think it’s worth speculating on what information WL may have. That they exist at all is a huge service, that they’re not releasing the kind of information you imagine exists (and happens to help your political goals) doesn’t make the info they do release any less valuable.


Why is this downvoted? Is there significant evidence to suggest wikilieaks was in fact not compromised?


Why are you asking anyone to prove a negative?

There is no evidence that WikiLeaks has anything to do with Russia. None whatsoever. Whenever I've asked people why they think this, they give two reasons:

1 - WikiLeaks hasn't published leaks about the Russian government.

2 - Assange did some TV interviews on RT years ago.

These are both laughable. Assange himself gave the obvious explanation for (1) - they haven't done that because they didn't receive any. And it's equally obvious why not: WikiLeaks arose to handle leaks of material that the western press were refusing to publish for unsatisfying reasons, like the Iraq war stuff. But the western press would salivate at the opportunity to publish damaging leaks about the Russian government, assuming the original holder wanted the info to appear in the west and not in, say, Russian. So why would anyone with such material care about Wikileaks? There is no reason for them to do so.

Regardless, attempting to divine intent from things that have not happened is hardly a good standard of evidence to use when making serious accusations.

As for the TV interviews, well, RT is a large scale news channel that has interviewed tons of different people over the years. Appearing on a TV channel is hardly evidence of working for the related national government. Otherwise everyone who appears on the BBC works for the British government, anyone who appears on Al Jazeera is in the pocket of Qatar and so on.


1. It is disingenuous to say that WikiLeaks doesn't publish bad news about Russia. When panama papers came out they actually attacked the source.

2. They are hosted out of Russia.

3. They actively take sides in political battles. Hardly the stance of an objective "journalistic" organization.


"They attacked the source"? I had to go look for what you were talking about, I guess it's this:

http://www.aljazeera.com/programmes/listeningpost/2016/04/qa...

I don't see Assange attacking any sources in that Q&A. He does criticise (not attack) the way some journalists handled it, saying they put their own spin on things and that there should have been a bulk release. Otherwise, he argues, the impact would be low. That seems like a reasonable opinion to hold.

2. I looked at their IP addresses. They appear to have three datacenters, at least being advertised to me, one in Russia, one in the Netherlands and one in Norway. From a political perspective having servers in a place unfriendly to America, given how many of their leaks are about the US establishment, seems pretty sensible to me. But saying they are "hosted out of Russia" is extremely misleading, a lie of omission.

3. How are they "actively taking sides in political battles"? They leak what they get. If they didn't, leakers would go elsewhere to get their info out, it's not like Wikileaks has a monopoly on leaking. This is just slander and smearing.


> #PanamaPapers Putin attack was produced by OCCRP which targets Russia & former USSR and was funded by USAID & Soros.

https://twitter.com/wikileaks/status/717458064324964352?lang...


It is at least a hypocritical opinion. Podesta's emails were not bulk released. Wikileaks did put their own spin on them.

Do you know that they leak what they get? Cause there are credible accusations by former members that they do not.


Podesta's emails were bulk released:

https://wikileaks.org/podesta-emails/

You can search by text, attachment filename or email ID. How is that not bulk released?

Do you know that they leak what they get?

It's common sense that they do. These leaks come in the form of digital files, not papers. People give material to WikiLeaks so it gets published. If they gave material to WikiLeaks and nothing happened they'd just find another way to leak the same material - like Snowden when he went to Greenwald and Poitras instead of Assange.

This is why the idea that WikiLeaks is somehow a part of the Russian government is so mind-bendingly stupid propaganda. How would they hold anything back? Not only is there no motive and no evidence with these allegations, there isn't even common sense!


> Cause there are credible accusations by former members that they do not

that's an unreasonably low bar when they have done more for transparency than most conventional news organizations.


I don't really care if it's objective or not as long as they expose the truth.


That provides enough weight to take everything out of wikileaks with a grain of salt.

However, I don't think it's sufficient reason to flag/dismiss anything.


Whay about the change of public keys, tampering with pre-release hashes that occured during a time where no-one could reach Assange for about a month? Coincidentally during one of the larger DDOS events of the past year?

I'm stacking the tinfoil pretty hard but ignoring the history/politics you gotta say the technical side behaved in a weird way.


10 years ago, Wikileaks promised an imminent expose on the Russian government. It has never materialized. http://content.time.com/time/world/article/0,8599,2028283,00...


Wikileaks is compromised. The source of the leaks is beside the point. Their communications on Twitter over the past year or so leave absolutely no doubt that they are willing to bend the truth to support the Russian agenda. Everything Wikileaks and Assange have written on Twitter has been pure unadulterated garbage since the days of the presidential primaries.


Don't ask people to prove a negative.


Ok I'll rephrase. Given the events of last year (the part with message hashes and public keys changing), what gives you faith in wikileaks and Assange?


Julian Assange continues to be a beacon of freedom, accountability and hope to those who believe in a future not run by the military industrial complex. Evidence enough for me.


No such thing as objective journalism exists, at least nowadays. Surely not in large media editorial lines... They are a crapfest of partisan lies. Reading the NYTimes become harder every day because my eyes keep rolling up in disbelief.


My guess, because of cognitive dissonance


How can you see the amount of downvotes ?


Why is it contextually misleading? Are you implying something about how they leaked information from Russia to influence the election?


US committing crimes does not attract much discussion these days.


So did the CIA hack the DNC’s servers or what?


It would be hilarious if the reason for the Kaspersky ban is because NSA can't tell whether it's Russia or the CIA behind the hacks.


Has anyone looked at the Hive repository and could point to the parts that show that the agency is impersonating Kaspersky?


On WikiLeaks' web based repository browser, some files referencing Kaspersky can be found here: [1] (e.g. client.crt and kaspersky.conf). In the dump, the files are in the directory /client/ssl up to commit da81be4.

[1] https://wikileaks.org/vault8/document/repo_hive/client/ssl/C...


I don't understand the fixation with Wikileaks' motive. That seems independent of whether their information is true or false.


Shoot the messenger in the hope the message doesn't get out. Look at this story. Flagged. Apparently one yesterday too. Lots of people want the "all Russian people and companies are working together to ensure everything I disagree with happens" line to stick, but US intelligence agencies impersonating Russian firms undermines that angle. So it's gotta go.


Well, enough accounts with enough karma obviously don't want anything favorable about WikiLeaks on HN. But then, HN has no pretensions about impartiality. And I must admit that, overall, the system works quite well.


Wikileaks sort of lost all credibility the moment they decided to become a tool for Putin and Co


Any proof for that claim?


CNN said so after reading the wikileaks documents that they said they are legally allowed to look at but I'm not. So I take their word on it. /s



This seems like a perfectly reasonable tweet in the context of discussions about Russian meddling, clearly it happens on both sides.


And we clearly see which side Wikileaks is on.


How so?


They attempt to discredit Panama Papers, a leak that uncovered vast volumes of corruption worldwide.

They try to tarnish it by associating with Soros conspiracy, which is near exclusively done by people supporting authoritarian regimes. A good marker on its own.

They present Russia as the target/victim of the Papers, despite them implicating a number of Western European politicians and Ukraine's president.

Unless one tries to be deliberately thick it's fairly clear which side they are on.


I consider myself a fairly reasonable person and it's not as clear as you make it sound without having your own bias influencing it. Saying only facists are against Soros is silly. Soros has inarguably had a massive influence on politics and there are many reasons to dislike the platforms he's supported.


I didn't say only fascists, I said authoritarian types. And I maintain people ambivalent or opposed to them are not prone to Soros conspiracy theories.

Make a thought experiment. Would you say you do not in any way support the policies and rhetoric of Orban, Putin, Trump, Assad, Chavez/Maduro? Without ifs, buts and what-about-Obamas.


Right. But this is just some news post and a claim but nothing that would say they are biased or even a tool in hands of somebody.


This article was on HN yesterday and got downvoted/flagged. Seems like the russian trolls are back in action.


OK, if "CIA impersonated Kaspersky" it is of course implied they stole the NSA tools to frame benign Russian government. NSA tools were revealed by Wikileaks in "Vault 7". This revelation comes as WL's "Vault 8".

Does that mean WL got Vault 7 from CIA and Vault 8 from Russian FSB?

Assange, you sad confused crackpot…




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: