Hard News by Russell Brown

Read Post

Hard News: Book review: 'Wikileaks: Inside Julian Assange's War on Secrecy'

170 Responses

First ←Older Page 1 2 3 4 5 7 Newer→ Last

  • Rich of Observationz,

    You used the phrase "bad guys". Twice.

    Back in Wellington • Since Nov 2006 • 5550 posts Report Reply

  • Russell Brown, in reply to Don Christie,

    Interesting interview with Peter Sunde (Swedish Pirate Bay Party) over on the Webstock blog ... (the more artistically minded can scroll through to the Amanda.Fucking.Palmer interview)

    All being well, I'm interviewing the pair of them together on the Media7 Webstock special.

    Auckland • Since Nov 2006 • 22850 posts Report Reply

  • Russell Brown, in reply to Rich of Observationz,

    You used the phrase “bad guys”. Twice.

    What was I supposed to say? "Enemy combatants"? ;-)

    Auckland • Since Nov 2006 • 22850 posts Report Reply

  • Rich of Observationz,

    "Insurgents"? "Paramilitaries"?

    Back in Wellington • Since Nov 2006 • 5550 posts Report Reply

  • Juha Saarinen, in reply to Don Christie,

    Journalists have their own, often narrow, agendas which are not generally those of the public interest.

    Don, please don't turn into another Whale Oil... that's a really stupid thing to say.

    Since Nov 2006 • 529 posts Report Reply

  • Don Christie,

    Juha - present company excepted, of course.

    Wellington • Since Nov 2006 • 1645 posts Report Reply

  • Neil Graham,

    You’ve hopefully made the best choices, but you’ve made choices – and if the bad guys know your choices, they have a significant advantage. Because you sure as hell don’t know theirs.

    You get to make your choices once. If you are significantly disadvantaged by the bad guys knowing your choice then you haven't stopped them. You've just awarded the prize to the bunch who guessed right. It may be worth the gamble if you were trying to stop one attack once, but there's more out there than that.

    Of course the real world is going to provide a stickier situation to one comprised of math problems, but I'm not sure if the principle can be rejected that simply.

    I don't think it is a matter of prioritizing resources. The war on Terror seems to prioritise everything it can identify and half as many that it can't.

    Christchurch • Since Nov 2006 • 118 posts Report Reply

  • Matthew Poole, in reply to Neil Graham,

    In IT terms that’s known as security by obscurity, and is considered poor practice. While the real world cannot be reduced to a cryptographic style problem. I think there is merit in the notion that you plan your actions as if your adversaries can see everything you are doing and planning.

    Really, really, really weak response. Computer security enjoys the benefit of an ultimately binary world. Meat-space, not so much. Much of modern computer security is built on mathematical problems that are considered sufficiently unsolvable that it doesn't matter who knows about them. And even then, companies don't publish detailed network designs and username lists on the web. That's security through obscurity too.

    The thing about a tactical response plan is that it's not the finished product, just a guide to "If this happens, then we'll do something that looks like that." "If a plane gets hijacked, we'll keep it on the runway, try and talk them out, exercise a forceful resolution under cover of darkness. Forceful resolution will not be considered for x hours unless the hijackers escalate." Knowing that much means the hijackers can plan their periods of alertness for the late night/early morning hours. They don't need to know the precise operational plans to be able to bugger things up for a tactical resolution. It may not change the ultimate outcome, but it could change the casualty count for the SAS/STG team that's going in.
    Similarly, knowing that response resources will be staged in areas that meet particular criteria relative to the initial attack allows additional attacks to be aimed at potential staging areas for maximum disruptive effect.

    It's nice and easy to sit in your chair and cry "Security through obscurity. Get a proper operating model", but it doesn't work that way. When lives are on the line, having to start from scratch is not an option. You need to at least be doing a colour-by-numbers, not looking at a blank canvas. Filling in the blanks as the situation dictates is fine, even necessary because too rigid a tactical plan leads to poor responses, but if the best you've got is a strategic plan that looks like "We don't negotiate with terrorists, the escalation is AOS to STG and the STG decide if it needs to go further, if it's chem/nuke/bio Fire Service will be needed for decontamination and the hospitals need to be warned" then you've got too many lines to draw before you get something that looks like a picture to be able to respond effectively.

    The security comes from the details in the operational plan, but that plan has to be built on something that already exists. Has to. Just like your theoretically perfect system design is considered over a period of weeks, if not months, and builds on the decades of work by giants that precedes your effort.

    Auckland • Since Mar 2007 • 4097 posts Report Reply

  • Trevor Nicholls, in reply to Russell Brown,

    A thought: which countries would top the Honesty in Foreign Policy Index?

    I expect you could get the answer by perusing the Most Investment in P.R. Index

    Wellington, NZ • Since Nov 2006 • 325 posts Report Reply

  • Neil Graham,

    Really, really, really weak response. Computer security enjoys the benefit of an ultimately binary world. Meat-space, not so much.

    Indeed. A wise man once said "the real world cannot be reduced to a cryptographic style problem"

    Christchurch • Since Nov 2006 • 118 posts Report Reply

  • Paul Campbell,

    (puts on crypto hat) beside your heavy-crypto math is only as good as how obscure your master keys are (as Sony has recently found ....) - great if you can hide them and never let them out of your sight - and nothing like practical quantum crypto comes along and makes you choose new technologies

    Dunedin • Since Nov 2006 • 2623 posts Report Reply

  • Russell Brown,

    This just on the Twitters from David Leigh:

    #Assange is NOT sueing the #Guardian for libel. His lawyer Mark Stephens confirms apparently. I'm relieved to find Julian is not a hypocrite.

    Auckland • Since Nov 2006 • 22850 posts Report Reply

  • Laurence Millar,

    Your answer to “what government information should be made public?” depends not so much on what you think about information, but what you think about the government. (HT Whimsley http://bit.ly/fF6elC).

    Since Feb 2011 • 8 posts Report Reply

  • Laurence Millar,

    It is clear that JA has a different view of the world, ethics and morals from most people, and also he is on record as being inconsistent.

    However, more than 100,000 Iraqi civilians have been killed in a war of dubious legality; and we would probably not know that without Wikileaks.

    It is not helpful to characterise the population into good guys and bad guys (the real world is a lot more complex than a hollyood western).

    And if there is a good/bad ledger, I would balance a one-off remark in the Moro restaurant against the Pentagon's rejection of the request for help in redaction.

    It is certainly a high stakes game he has got himself into.

    Since Feb 2011 • 8 posts Report Reply

  • Russell Brown, in reply to Laurence Millar,

    It is clear that JA has a different view of the world, ethics and morals from most people, and also he is on record as being inconsistent.

    However, more than 100,000 Iraqi civilians have been killed in a war of dubious legality; and we would probably not know that without Wikileaks.

    We had a fair idea – it seems that the official count matched quite closely with the unofficial tally of Iraq Body Count – but no, we would not have known.

    What jumped out for me was that we constantly heard the “we don’t do body counts” from US command in Iraq – whereas, in fact, they did, right from the start.

    It is not helpful to characterise the population into good guys and bad guys (the real world is a lot more complex than a hollyood western).

    If you you meant me here, no, I don’t consider Assange a “bad guy” but I do lose patience with the way some people are reluctant to acknowledge some fairly significant flaws in his personality.

    And these do have a significant impact on the operation. He seems to have burned off a series of colleagues, from Daniel Domscheit-Berg on down.

    The New York Times’ role has been important in bringing these stories to Americans – but its participation in the Cablegate release was possible solely because The Guardian pretty much told Assange to get stuffed and provided the material direct to the NYT itself, after Assange became enraged by an insufficiently reverent profile of him that ran in the Times and insisted the Americans be cut out. (He had previously demanded that the Times undertake to publish no further criticism of him personally as a condition of getting this vital public-interest material.)

    And now, of course, The Guardian is the enemy – witness the ridiculous (and fortunately empty) threat to sue last week. (He also threatened to sue the Guardian for the loss Wikileaks “financial assets” during the dispute over theNYT’s participation.)

    It is entirely reasonable to consider whether this sort of caprice is desirable in a man in such a powerful position, especially one who is the subject of a personality cult so fervid that some of its members feel justified in taking vigilante action against rape complainants.

    Auckland • Since Nov 2006 • 22850 posts Report Reply

  • Matthew Poole, in reply to Neil Graham,

    A wise man once said “the real world cannot be reduced to a cryptographic style problem”

    A wiser man would never have suggested the comparison, however.

    Auckland • Since Mar 2007 • 4097 posts Report Reply

  • Don Christie,

    The New York Times’ role has been important in bringing these stories to Americans

    I think the NYT has behaved in a reprehensible and self serving manner. The way they have attempted to undermine the freedom of speech defence for WL ("they don't count as journalists") is about as shoddy as it comes.

    HuffPost and the Internet has done more to bring these stories to Americans than the NYT.

    Wellington • Since Nov 2006 • 1645 posts Report Reply

  • Don Christie,

    A wiser man would never have suggested the comparison, however.

    It was an analogy, a not a bad one. Of course you can reduce any analogy to absurdity if you want to - but that is not the purpose they serve. Do you really think, for example, that the "terrorists" don't have bloody cameras and have to rely on 3rd parties to take photos of army vehicles and then publish them on the web?

    If you do, they you really should rethink your security model.

    Wellington • Since Nov 2006 • 1645 posts Report Reply

  • Matthew Poole, in reply to Don Christie,

    Do you really think, for example, that the “terrorists” don’t have bloody cameras and have to rely on 3rd parties to take photos of army vehicles and then publish them on the web?

    If you do, they you really should rethink your security model.

    Wrong sub-thread, Don.

    Auckland • Since Mar 2007 • 4097 posts Report Reply

  • Don Christie,

    Power and wealth seeks privacy and secrecy, and abhors public scrutiny

    This is *the* fundamental issue that WL is addressing.

    Laurence Millar's fuller take of the impact of Wikileaks is well worth a read.

    http://globalvillagegovernance.blogspot.com/2011/02/small-earthquake-in-media-not-many-dead.html

    Wellington • Since Nov 2006 • 1645 posts Report Reply

  • BenWilson,

    Really, really, really weak response.

    Simmer down, just even throwing the idea of computer security in there leads to thinking about alternative angles to the problem. Computer security is, after all, mostly about secrets, and how to keep them.

    Although, as in "meat space", even computer security is not entirely digital. The cheapest cryptographic attack is very often the "rubber hose method", in which you beat the keys out of some poor miscreant. When decent computer security is circumvented, that's very often how it's done, usually by governments.

    There's something so very American about the idea of actually trying to decrypt infiltrated data, when infiltrating human networks is so much more fruitful. At least encryption methods don't involve putting an agent at risk. Poorer governments just wouldn't bother with that.

    Indeed. A wise man once said "the real world cannot be reduced to a cryptographic style problem"

    Currently most of our scientific modeling does do exactly that. Why? Because there aren't any other contenders. If we're going to model the world, currently, the dominant paradigm is to model it digitally. It's far more flexible than trying to build some kind of analog model. It's way, way faster than trying to work it out by hand calculations. It's less arbitrary than role playing. It's a weird modern phenomenon, that we almost don't believe that non-digital knowledge is possible. Knowledge is almost, by definition, digital. I've struggled with this idea forever, trying to think of how alternatives could be made, but reducing them to digital is always possible. It's the ultimate end-game of materialism as a philosophical standpoint, which seems to be by far the most dominant one amongst scientists.

    I expect game theory could come up with some fairly interesting insights into the consequences of a no-secrets organization. If the leaders could not keep secrets, but it was possible for other people to, my gut feeling is that the organization would be subverted extremely quickly. Secrets are power. A secret clique could easily stage a coup, for instance. How could it be stopped, if the organization chasing them was not allowed to make any secret of trying to do so, or how they are doing so?

    It's an age-old conundrum, how to best organize open societies. It struck me as a rather scary thing that Plato's ideal Republic was the exact opposite of an open society, because he considered anything else to be weak and inefficient. Only by power being concentrated into the hands of the most knowledgeable people, and deliberately withheld from the rest, with everyone serving their narrow function as ordained, could the unstoppable war machine that he seemed to find most perfect, function best. IOW, he modeled his ideal society around Sparta, which was currently giving his own town, Athens, the bash.

    I guess that's something that makes more sense when you're getting the bash than it does now, but when we think back to the way in which our own societies were forced into building the most colossal war machine ever just to beat German and Japanese fascism, and that a number of the crucial victories that won that war came down to better kept secrets, it's no surprise that even an open society has to keep them. Imagine if the Americans had been required to tell everyone how they made nuclear weapons during the Manhattan project. The Nazis had quite a lot of uranium stockpiled, they could very well have cranked out a bunch of nukes and even if that didn't win them the war, it could certainly have killed untold millions more people, particularly if mounted into V2s.

    These thoughts had me thinking that war is the greatest enemy of open society. A truly open government is inconceivable with our current nation-state setup. It might be more feasible if there were viable world-government. Indeed, if such a government weren't set up that way, I'd definitely be a partisan.

    Auckland • Since Nov 2006 • 10657 posts Report Reply

  • Matthew Poole, in reply to BenWilson,

    The cheapest cryptographic attack is very often the “rubber hose method”, in which you beat the keys out of some poor miscreant.

    Obligatory XKCD reference.

    ETA: This is also why people who have high-level clearances are subjected to travel restrictions. The people who design the security systems that interact with the “meat space” world have no illusions about the interrogation resistance ability of your average office-dwelling classified-materials handler.

    One interesting thing I read about interrogation resistance for the SAS (all candidates get subjected to a resistance exercise before getting accepted for training) was that guys who’d actually been caught by “bad guys” and given a proper working-over, as opposed to the largely psychological working-over (with a few punches, but nothing serious) they got in training, said it was harder to resist the guys on their own side. The line between friend and foe got blurrier much more quickly, and the lack of physical torment made it much harder to focus on resisting.

    Auckland • Since Mar 2007 • 4097 posts Report Reply

  • Russell Brown, in reply to Don Christie,

    I think the NYT has behaved in a reprehensible and self serving manner. The way they have attempted to undermine the freedom of speech defence for WL (“they don’t count as journalists”) is about as shoddy as it comes.

    Okay, here is the actual quote, from Keller's essay:

    But while I do not regard Assange as a partner, and I would hesitate to describe what WikiLeaks does as journalism, it is chilling to contemplate the possible government prosecution of WikiLeaks for making secrets public, let alone the passage of new laws to punish the dissemination of classified information, as some have advocated.

    Is that really an "attempt to undermine the free-speech defence for Assange"? Or a view on an issue on which there is a wide range of views? Rusbridger noted that sometimes Assange presented as a journalist, sometimes as a source, sometimes as a publisher.

    Then there's this discussion, reported by HuffPo::

    "If, God forbid, ever this came to court, I'd...stand completely shoulder to shoulder with him," Rusbridger said. "I have great admiration for him [and] respect for a lot of the stuff that he's done."

    Keller said that he was "not a lawyer," but that it would be "hard to conceive of a prosecution of Julian Assange that wouldn't stretch the law to be applicable to us. Whatever one thinks of Julian Assange...journalists should feel a sense of alarm at any legal action that intends to punish Assange for doing what journalists do."

    I find it hard to read that as throwing Assange to the wolves. Given the petulance they've had to endure, both editors have, I think, taken a pretty measured approach in theircomments.

    HuffPost and the Internet has done more to bring these stories to Americans than the NYT

    HuffPo? A site which doesn't pay most of its writers and has done precisely zero original reporting on this story? Seriously?

    Read the book if you want to find out how much value working journalists added to this project.

    For god's sake, Don, the biggest risk faced by HuffoPo bloggers is probably RSI. The NYT has field reporters who get kidnapped, assaulted and occasionally killed in the line of work. There are sound and reasoned criticisms of that can be made of the Times' approach, but this sort of glib MSM-hatred doesn't really wash.

    Auckland • Since Nov 2006 • 22850 posts Report Reply

  • Alex Coleman,

    On the various hypocricy angles,

    Is objecting to defamation really the same thing as objecting to leaks? Wasn't he saying that the claims were false, rather than that they were in confidence? If so then I'm not sure I see the irony.

    On the 'informants' stuff, (and without saying I agree with his quoted position in any way) are people who privately tell the state some secrets really doing the same thing as someone who leaks state secrets to the media? They seem like different things to me.

    Wellington • Since Nov 2006 • 247 posts Report Reply

  • Paul Campbell,

    to be fair no one memorises the 4k+-bit crypto key that's the basis of a crypto system - done right it's not even online anywhere, it's in a secure multilocked room not able to be entered by fewer than N trusted people at a time - signed certs/keys come out in some 1-way physical media (burned on a CD) - so you can't beat it out of them - Sony screwed up their implementation and are now faced with the choice of trashing all the existing PS/3s

    Of course the terrorists don't care - they can use 1-way pads distributed by the world's music industry (the LSBs of CDs) ....

    Dunedin • Since Nov 2006 • 2623 posts Report Reply

First ←Older Page 1 2 3 4 5 7 Newer→ Last

Post your response…

Please sign in using your Public Address credentials…

Login

You may also create an account or retrieve your password.