http://www.guardian.co.uk/theguardian/2008/feb/23/internet.usa By David Leigh and Jonathan Franklin The Guardian February 23 2008 A secretive Swiss bank landed an apparently novel censorship blow against the internet this week. Anyone who tried to call up wikileaks.org, a global website devoted to publicising leaked documents, found themselves frustrated. The site simply wasn't there any more. The Julius Baer bank in Zurich succeeded in hamstringing the shadowy individuals behind the website by the simple trick of moving not against them, but against a US company that hosted their domain name. Dynadot, the California resellers who collect a few dollars by this internet trade, submitted to a legal injunction ordering the name to be deleted. Yet however wise this scheme may have appeared at the time to the Swiss bank's Los Angeles lawyers, Lavely & Singer, it has now backfired in a big way. The injunction blew up a gale of debate about internet freedom, and sprayed the bank's secret documents all over the net. It has also thrust into prominence an obscure group of dreamers and programmers who want to provide what they call an "untraceable and uncensorable" leaking machine, to be used by dissidents worldwide. Those behind Wikileaks include Tibetan, Chinese and Thai political campaigners, an Australian hacking author, and Ben Laurie, a mathematician living in west London who is on the advisory board. Wikileaks is not the first site of its kind. John Young, a New York architect, has been posting leaked intelligence documents on his Cryptome site for some years. But since its launch in late 2006, Wikileaks has had an impressive record. When Northern Rock collapsed last autumn, print media in London were gagged by a judge's order from re-publishing its leaked sales prospectus. It was Wikileaks that kept the prospectus before the public, along with the text of some threatening "not for publication" letters from the British lawyers, Schillings. In the US, Wikileaks also made headlines last November with the publication of secret documents, including the 238-page manual Standard Operating Procedures for Camp Delta, a document that even the US military grudgingly admitted was genuine. The Guantnamo document, including descriptions of everything from transferring prisoners to evading protocols of the Geneva convention, was a comprehensive guide to day-to-day operations at the controversial prison. Wikileaks landed an even bigger coup last August with a previously secret 110-page draft report by the international investigators Kroll, which revealed allegations of massive corruption in Kenya. The family of former Kenyan leader Daniel Arap Moi were reported to have siphoned off more than 1bn. The reason Wikileaks has now enraged the Zurich bank is that pages have been posted detailing the bankers' most intimate trade secret: the way they hide the funds of their ultra-rich international clients in offshore trusts. This sort of material is very hot stuff. In Germany, the federal intelligence service recently paid an informer almost 4m for a disc containing similar details from a Liechtenstein bank. That led to raids on hundreds of suspected tax evaders, the disgrace of prominent businessmen, and a diplomatic collision with the tiny tax haven. The person Baer describes as a disgruntled former employee at their own Cayman Islands office has similarly made off with a large quantity of internal records. A handful of these have made their way on to the Wikileaks site, which advertises that individuals can leak with the confidence they won't be discovered, thanks to the site's cryptographic protection. The files tell some interesting stories. One of Margaret Thatcher's life peers allegedly salted away more than $100m (50m) in a secret trust, for example. The late Lawrence Kadoorie, a Hong Kong millionaire, was ennobled in 1981 by the former British prime minister. He had built up the family's fortunes through China Light and Power, which provides Hong Kong with its electricity, and through a chain of hotels. According to the files, the Baer bank ran an anonymous company, registered in the British Virgin Islands and called Seneford Investments. A nominee director was based in a second tax haven, the Cayman Islands. But the real owner of Seneford Investments, it is claimed, was Kadoorie's family trust. In 1998, the documents listed six bank accounts for the company, in Switzerland and elsewhere. They held a total of $113m. There is no suggestion that this was illegal. Kadoorie's son, Sir Michael, who still has major interests in the Hong Kong companies, did not respond yesterday to invitations from the Guardian to comment. The other bank records posted by Wikileaks describe equally elaborate structures husbanding millions of pounds for Spanish financiers, Greek ship-owners, Chinese expatriates and wealthy New Yorkers. Although the leaker hints that tax frauds and bribery may lie behind some of these other accounts, he does not give enough detail to provide proof. Wikileaks itself admits that some of the documents might be fabricated, and the whole affair might have only been seen as a curiosity, had the Baer bank not called in their lawyers. The federal judge Jeffrey White in San Francisco not only ordered removal of the domain name, but banned further circulation of the documents. As a result, they reappeared on Wikileaks "mirror" sites, hosted in the UK, Belgium and the Christmas Islands. It even transpired that the deleted main Wikileaks site could be accessed, slightly less conveniently, by using its IP number (88.80.13.160) instead of the domain name. Bloggers, online columnists and websites decried the bank's move as they launched a counterattack and lobbied in favour of Wikileaks' right to anonymously publish secrets. Less than a week after the court decision, a Google search for the court case turned up 69,000 hits. Four hours later, the tally was 78,000. A further hearing on February 29 may well overturn the original decision. The Zurich bank says: "It was the sole objective of Julius Baer to have legally protected documents removed from Wikileaks. We brought legal action against the website only after our initial efforts proved unsuccessful. In the course of taking such action, the bank has been made the subject of serious defamatory allegations. Such allegations are based on forged and stolen documents and are unequivocally denied. We have always sought to act in the best interests of our clients and shall continue to do so." Who are Wikileaks? Although the project makes a feature of the anonymity of its volunteers, the minds behind it are not hard to find. One prominent driving force is Julian Assange, a much-travelled Australian programmer and author who has a flamboyant mane of silver hair. Before riding his motorcycle across Vietnam, he co-wrote a book about computer hackers. "He's a pretty standard modern geek with a thing about dissidents," says the British encryption expert Ben Laurie, who advised the group on encryption. "He's quite techie and he can write code." One of Assange's early schemes was to develop what he called "deniable cryptography". The idea was to help dissidents resist giving away secrets under torture. Texts would be encrypted in layers, so that even if a victim were forced to reveal a password, the torturer would not realise there was a second layer of information, hidden by a second password. Assange then turned up in London and proposed the Wikileaks scheme for "an open-source, democratic intelligence agency". Laurie said: "I thought it was all hot air at first." But he became enthusiastic. He advised on an encryption system, first developed by the US Navy, which uses a chain of three separate servers, and ensures leakers can post documents anonymously. Laurie is an international consultant on internet security. Earlier he set up a business that bought two military bunkers, at the abandoned US base at Greenham Common, and at an old RAF radar station in Kent. His company rents them out to firms and banks who want to protect their servers from attack. The Kent bunker is deep underground: "The radar operators were supposed to survive 30 days after a nuclear strike." Some of his subversiveness may have rubbed off from his father, Peter Laurie, who wrote a cult book in the 1970s called Beneath the City Streets, which traced networks of secret government bunkers and tunnels. Fresh off a flight from Washington, he answers the door to his rambling house in Acton in bare feet, and willingly explains why he approves of Wikileaks, while pointing out he is not personally responsible for any of their legally controversial deeds: "I have a long-term interest in privacy on the internet. It provides enormous opportunities for surveillance and this is not a good thing. Also, this is an interesting technical problem: how do you reveal things about powerful people without getting your arse kicked? Whistleblowing is a practice which should be encouraged. "I'm really quite surprised at Wikileaks' success. They've done a lot of interesting stuff. It seems people are prepared to take the risk." Another member of the advisory board is an American former draft resister, CJ Hinke. Speaking from his home in Thailand, he said: "Wikileaks is a decentralised phenomenon, and that means there are volunteers in dozens of countries. These volunteers form a very loose network so that, in fact, government can't home in on anybody and take drastic action against them." In Thailand, Wikileaks has focused on efforts to block access to websites critical of the government. "The minute Wikileaks was announced, we sent them a huge trove of secret documents," said Hinke, founder of Freedom Against Censorship Thailand. The documents included detailed lists of blocked sites, including all references to The King Never Smiles, a book published by Yale University Press. "Ordinary people come across things that governments or companies or individuals would prefer to keep secret. I think it is possible for almost everybody to expose these kind of events." The wikileakers share the same belief in the "wisdom of crowds" that lies behind Wikipedia, the online encyclopaedia. Their theory is that their leaked documents will be self-verifying, thanks to the scrutiny of thousands of pairs of eyes. Some may wonder whether it's quite as easy as that. Laurie cautions that Wikileaks' vaunted encryption is not completely unbreakable. Codebreakers such as the US National Security Agency could probably crack it, he says. "If my life was on the line, I would not be submitting [documents] to Wikileaks." ___________________________________________________ Subscribe to InfoSec News http://www.infosecnews.org/mailman/listinfo/isn
This archive was generated by hypermail 2.1.3 : Mon Feb 25 2008 - 01:38:12 PST