WikiLeaks Intercepted Private Communications, Maintains Access

WikiLeaks has gained notoriety by passively receiving and then publishing information that others have leaked.
WikiLeaks Intercepted Private Communications, Maintains Access
Joshua Philipp
12/9/2010
Updated:
12/9/2010
WikiLeaks has gained notoriety by passively receiving and then publishing information that others have leaked.

But now it appears that WikiLeaks also actively intercepts private information from unsuspecting users of the free and open Tor Project information-sharing networks. This quiet data-grabbing casts a different light on the outfit.

The Tor Project is an open network that allows “organizations and individuals to share information over public networks without compromising their privacy,” according to the project’s website.

Jacob Appelbaum plays a key role with both the Tor Project and with WikiLeaks. The ongoing conflict of interest within WikiLeaks ties the organizations more closely.

Appelbaum represented WikiLeaks at the 2010 HOPE (Hackers of Planet Earth) conference, hosted in July by the “2600: The Hacker Quarterly” magazine, and is a volunteer researcher for WikiLeaks. He is also the main advocate for the Tor Project and serves as a developer and security researcher. He is the second person listed under Tor’s list of core people.

Although Tor can hide the identity of an individual, stealing data from Tor networks is easy for anyone who knows what they’re doing. On the servers, the entry and exit nodes are both randomized, but taking data from the exit nodes is simple.

Julian Assange, the head of WikiLeaks, admitted that the organization was taking data being sent across Tor networks in 2006, while they were investigating Chinese espionage.

“Somewhere between none and handful of those documents were ever released on WikiLeaks,” Assange told U.K.-based media, The Register.

His comments were in response to a June 2010 article in the New Yorker that states: “One of the WikiLeaks activists owned a server that was being used as a node for the Tor network. Millions of secret transmissions passed through it. The activist noticed that hackers from China were using the network to gather foreign governments’ information, and began to record this traffic. Only a small fraction has ever been posted on WikiLeaks, but the initial tranche served as the site’s foundation, and Assange was able to say, ‘We have received over one million documents from thirteen countries.’”

After Assange responded to questions over WikiLeaks taking data from Tor networks, the issue largely fell off the radar, yet WikiLeaks maintains access to these networks.

Until recently, Appelbaum ran a significant number of Tor networks, using the domain lostinthenoise.net. Tor networks can work as either “entry nodes” or “exit nodes,” which is in reference to whether the data is entering or leaving the secure system.

“Among security folks, everyone knows that the only motivation anybody has for putting up a Tor exit node is to watch what’s coming out of it,” said Matthew Jonkman, founder and CEO of cybersecurity company Emerging Threats and president of the Open Information Security Foundation.

“If you want to be private, Tor is not the way to go,” Jonkman said. “If you really want to move sensitive information in the clear, then that’s not the way to go anymore, because like I said, everyone who is setting up a Tor exit node is recording traffic and taking what they can out of it.”

Tor has an estimated 100,000 users, yet their numbers have jumped as high as 800,000.

“Estimating the number of users in an anonymity network is a hard problem,” states a Nov. 30 report from Tor.

There are also somewhere around 1,000 Tor networks.

In terms of the networks run by Appelbaum, it used to be that “if you go to the listing of Tor servers, you’ll see that more servers are run by him than any other entity,” said famed hacker Adrian Lamo, who is known for turning in Army intelligence officer Bradley Manning—the person who had allegedly provided WikiLeaks with State Department documents.

An odd thing took place recently with Appelbaum’s Tor servers, however.

“About two months ago, there were dozens that came back under lostinthenoise.net. Now I see two,” Lamo said, while looking at Tor networks listed under torstatus.all.de.

Appelbaum did not respond to questions regarding the matter as of press deadline.

The server names were either changed, or they were removed—yet neither case is common.

“People pride themselves on their uptime, their server stability,” Lamo said, adding that there is a tedious process needed to make such a change to so many networks.

The change, suspected to have happened within the last two months, coincides closely with WikiLeaks’ preparation of secret State Department wire communications, which the organization began to release on Nov. 28.

“There could be an innocent explanation for it, but I find … I’m not out to look for conspiracy theories, but I find this as strange,” Lamo said.
Joshua Philipp is an award-winning investigative reporter with The Epoch Times and host of EpochTV's "Crossroads" program. He is a recognized expert on unrestricted warfare, asymmetrical hybrid warfare, subversion, and historical perspectives on today’s issues. His 10-plus years of research and investigations on the Chinese Communist Party, subversion, and related topics give him unique insight into the global threat and political landscape.
twitter
Related Topics