23 April 2013

WikiLeaks Threat: Eric Schmidt and Jared Cohen

Also: http://wikileaks.org/Transcript-Meeting-Assange-Schmidt

Related: The Rise of Terrorist Hackers: Eric Schmidt and Jared Cohen

http://cryptome.org/2013/04/terrorist-hackers.htm

Schmidt, Eric; Cohen, Jared (2013-04-23). The New Digital Age: Reshaping the Future of People, Nations and Business. Knopf Doubleday Publishing Group. Kindle Edition. (pp. 34, 39-47)

The Data Revolution

[Excerpt]

Some people will cheer for the end of control that connectivity and data-rich environments engender. They are the people who believe that information wants to be free,² and that greater transparency in all things will bring about a more just, safe and free world. For a time, WikiLeaks’ cofounder Julian Assange was the world’s most visible ambassador for this cause, but supporters of WikiLeaks and the values it champions come in all stripes, including right-wing libertarians, far-left liberals and apolitical technology enthusiasts. While they don’t always agree on tactics, to them, data permanence is a fail-safe for society. Despite some of the known negative consequences of this movement (threats to individual security, ruined reputations and diplomatic chaos), some free-information activists believe the absence of a delete button ultimately strengthens humanity’s progress toward greater equality, productivity and self-determination. We believe, however, that this is a dangerous model, especially given that there is always going to be someone with bad judgment who releases information that will get people killed. This is why governments have systems and valuable regulations in place that, while imperfect, should continue to govern who gets to make the decision about what is classified and what is not.

We spoke with Assange in June 2011, while he was under house arrest in the United Kingdom. Our above-mentioned position aside, we must account for what free-information activists may try to do in the future, and therefore, Assange is a useful starting point. We will not revisit the ongoing debates of today (about which there are already many books and articles), which focus largely on the Western reaction to WikiLeaks, the contents of the cables that have been leaked, how destructive the leaks were and what punishments should await those involved in such activities. Instead, our interest is in the future and what the next phase of free-information movements— beginning with, but not restricted to, the Assange types— may try to achieve or destroy. Over the course of the interview, Assange shared his two basic arguments on this subject, which are related: First, our human civilization is built upon our complete intellectual record; thus the record should be as large as possible to shape our own time and inform future generations. Second, because different actors will always try to destroy or otherwise cover up parts of that shared history out of self-interest, it should be the goal of everyone who seeks and values truth to get as much as possible into the record, to prevent deletions from it, and then to make this record as accessible and searchable as possible for people everywhere.

Assange’s is not a war on secrecy, per se—“ There are all sorts of reasons why non-powerful organizations engage in secrecy,” he told us, “and in my view it’s legitimate; they need it because they’re powerless”— but instead it is a fight against the secrecy that shields actions not in the public’s interest. “Why are powerful organizations engaged in secrecy?” he asked rhetorically. The answer he offered is that the plans they have would be opposed if made public, so secrecy floats them to the implementation stage, at which point it’s too late to alter the course effectively. Organizations whose plans won’t incur public opposition don’t carry that burden, so they don’t need to be secretive, he added. As these two types of organizations battle, the one with genuine public support will eventually come out on top, Assange said. Releasing information, then, “is positive to those engaged in acts which the public supports and negative to those engaged in acts the public doesn’t support.”

As to the charge that those secretive organizations can simply take their operations off-line and avoid unwelcome disclosure, Assange is confident in his movement’s ability to prevent this. Not a possibility, he said; serious organizations will always leave a paper trail. By definition, he explained, “systematic injustice is going to have to involve a lot of people.” Not every participant will have full access to the plans, but each will have to know something in order to do his job. “If you take your information off paper, if you take it outside the electronic or physical paper trail, institutions decay,” he said. “That’s why all organizations have rigorous paper trails for the instructions from the leadership.” Paper trails ensure that instructions are carried out properly; therefore, as Assange said, “if they internally balkanize so that information can’t be leaked, there’s a tremendous cost to the organizational efficiency of doing that.” And inefficient organizations mean less powerful ones.

Openness, on the other hand, introduces new challenges for this movement of truth-seekers, from Assange’s perspective. “When things become more open, then they start to become more complex, because people start hiding what they’re doing— their bad behavior— through complexity,” he said. He pointed to bureaucratic doublespeak and the offshore financial sector as clear examples. These systems are technically open, he said, but in fact are impenetrable; they are hard to attack but even harder to use efficiently. Obfuscation at this level, where the complexity is legal but still covering something up, is a much more difficult problem to solve than straightforward censorship.

Unfortunately, people like Assange and organizations like WikiLeaks will be well placed to take advantage of some of the changes in the next decade. And even supporters of their work are faced with difficult questions about the methods and implications of online disclosures, particularly as we look beyond the case study of WikiLeaks and into the future. One of the most difficult is the question of discretionary power: Who gets to decide what information is suitable for release, and what must be redacted, even temporarily? Why is it Julian Assange, specifically, who gets to decide what information is relevant to the public interest? And what happens if the person who makes such decisions is willing to accept indisputable harm to innocents as a consequence of his disclosures? Most people would agree that some level of supervision is necessary for any whistle-blowing platforms to serve a positive role in society, but there is no guarantee that supervision will be there (a glance at the recklessness of hackers³ who publish others’ personal information online in bulk confirms this).

If there is a central body facilitating the release of information, someone or some group of people, with their own ideas and biases, must be making those decisions. So long as humans, and not computers, are running things in our world, we will face these questions of judgment, no matter how transparent or technically sound the platforms are.

Looking ahead, some people might assume that the growth of connectivity around the world will spur a proliferation of WikiLeaks-like platforms. With more users and more classified or confidential information online, the argument goes, dozens of smaller secret-publishing platforms will emerge to meet the increase in supply and demand. A compelling and frightening idea, but wrong. There are natural barriers to growth in the field of whistle-blowing websites, including exogenous factors that limit the number of platforms that can successfully coexist. Regardless of what one thinks of WikiLeaks, consider all the things it needed in order to become a known, global brand: more than one geopolitically relevant large-scale leak to grab international attention; a track record of leaks to show commitment to the cause, to generate public trust and to give incentives to other potential leakers by demonstrating WikiLeaks’ ability to protect them; a charismatic figurehead who could embody the organization and serve as its lightning rod, as Assange called himself; a constant upload of new leaks (often in bulk) to remain relevant in the public eye; and, not least, a broadly distributed and technically sophisticated digital platform for leakers, organization staff and the public to handle the leaked materials (while all remaining anonymous to one another) that could evade shutdown by authorities in multiple countries. It is very difficult to build such an intricate and responsive system, both technically and because the value of most components depends on the capabilities of others. (What good is a sophisticated platform without motivated leakers, or a set of valuable secrets without the system to discretely process and disseminate them?) The balance struck by WikiLeaks between public interest, private disclosure and technical protections took years to reach, so it is hard to imagine future upstarts, offshoots or rivals building an equivalent platform and brand much faster than they could— particularly now that authorities around the world are attuned to the threat such organizations pose.

Moreover, even if new organizations managed to build such platforms, it is highly unlikely that the world could support more than a handful at any given time. There are a few reasons for this. First, even the juiciest disclosures require a subsequent media cycle in order to have impact. If the landscape of secret-spilling websites became too decentralized, media outlets would find it difficult to keep track of these sites and their leaks, and to gauge their trustworthiness as sources. Second, leakers will naturally coalesce around organizations that they believe will generate maximum impact for their disclosures while providing them with the maximum amount of protection. These websites can compete for leakers, with promises of ever better publicity and anonymity, but it’s only logical that a potential whistle-blower would look for successful examples and follow the lead of other leakers before him. What source would risk his chance, even his life, on an untested group? And organizations that cannot consistently attract high-level leaks will lose attention and funding, slowly but surely atrophying in the process. Assange described this dynamic from his organization’s perspective as a positive one, providing a check on WikiLeaks as surely as it kept them in business. “Sources speak with their feet,” he said. “We’re disciplined by market forces.”

Regionality may determine the future of whistle-blowing websites more than anything else. Governments and corporations in the West are, for the most part, now wise to the risks that lackluster cybersecurity allows, and though their systems are by no means impenetrable, significant resources are being invested in both the public and the private sector to better protect records, user data and infrastructure. The same is not true for most developing countries, and we can expect that as these populations come online in the next decade, some will experience their own version of the WikiLeaks phenomenon: sources with access to newly digitized records and the incentive to leak sensitive materials to cause a political impact. The ensuing storms may be limited to a particular country or region, but they will nonetheless be disruptive and significant for the environments they touch. They may even catalyze a physical revolution or riot. We should also expect the deployment of similar tactics from government authorities to combat such sites (even if the organizations and their servers are based elsewhere): filtering, direct attacks, financial blockades and legal prosecution.

Eventually, though, the technology used by these platforms will be so sophisticated that they will be effectively unblockable. When WikiLeaks lost its principal website URL, WikiLeaks.org, due to a series of distributed denial-of-service (DDoS) attacks and the pullout of its Internet service provider (which hosted the site) in 2010, its supporters immediately set up more than a thousand “mirror” sites (copies of the original site hosted at remote locations), with URLs like WikiLeaks.fi (in Finland), WikiLeaks.ca (in Canada) and WikiLeaks.info. (In a DDoS attack, a large number of compromised computer systems attack a single target, overloading the system with information requests and causing it to shut down, denying service to legitimate users.) Because WikiLeaks was designed as a distributed system— meaning its operations were distributed across many different computers, instead of concentrated in one centralized hub— shutting down the platform was much more difficult than it seemed to most laymen. Future whistle-blowing websites will surely move beyond mirror sites (copies of existing sites) and use new methods to replicate and obfuscate their operations to shield themselves from authorities. One way to accomplish this would be to create a storage system where fragments of files are copied and distributed in such a way that if one file directory is shut down, the files can be reassembled from those fragments. These platforms will develop new ways to ensure anonymous submission for potential leakers; WikiLeaks constantly updated its submission methods, warning users to avoid earlier cryptographic routes— among them SSL, or secure sockets layer, and hidden Tor service, using the highly encrypted Tor network— once they had determined that those were insufficiently secure.

And what of the individuals leading this charge? The Assanges of the world will still exist in the future, but their support bases will remain small. The more welcomed whistle-blowers of the future will be the ones who follow the example of people like Alexei Navalny, a Russian blogger and anticorruption activist, who enjoys much sympathy from many in the West. Disillusioned with Russia’s liberal opposition parties, Navalny, a real-estate lawyer, started his own blog dedicated to exposing corruption in major Russian companies, initially supplying the disclosures himself by taking small stakes in the businesses and invoking shareholder rights to force them to share information. He later crowd-sourced his approach, instructing supporters to try to do the same, with some success. Eventually, his blog grew into a full-blown secret-spilling platform, where visitors were encouraged to donate toward its operating costs via PayPal. Navalny’s profile grew as his collection of scoops swelled, most notably with a set of leaked documents that revealed the misuse of $ 4 billion at the state-owned oil pipeline company Transneft in 2010. By late 2011, Navalny’s public stature placed him at the center of preelection protests, and his nickname for Vladimir Putin’s United Russia party, the Party of Crooks and Thieves, had gone viral, adopted widely throughout the country.

Navalny’s approach, at least in the beginning of his new activism, was distinctive in that for all his zeal he had not turned the focus of his whistle-blowing operation toward Putin himself. His targets had largely been commercial, although given that the Russian public and private sector are not always easily distinguished, the information implicated some government officials as well. Moreover, despite the harassment he experienced— he had been arrested, imprisoned, spied on and investigated for embezzlement— he remained free for years. His critics may have called him a liar, a hypocrite or a CIA stooge, but Navalny remained in Russia (unlike so many other high-profile Kremlin opponents) and his blog was not censored.

Some think Navalny did not constitute much of a threat to the Kremlin; his name recognition among Russians remained quite low, though his supporters argue that such figures merely reflect low Internet penetration across the country and the success of state media censorship (Navalny was banned from appearing on state-run television). But a more interesting theory is that, for a time at least, Navalny found a way to toe the line as an anticorruption activist, knowing what to leak— and from whom— and what areas to avoid. Unlike prominent Putin critics, like the jailed billionaire Mikhail Khodorkovsky and the self-exiled oligarch Boris Berezovsky, Navalny seems to have found a way to challenge the Kremlin, while fighting corruption, without veering into overly sensitive areas that might place him in grave danger. (Short of a badly doctored photograph that appeared in a pro-Kremlin newspaper showing Navalny laughing with Berezovsky, there is little to suggest he has any ties to those critics.) His presence seemed to be tolerated by the Russian government until July 2012, when it deployed all available tools to discredit him, formally charging him with embezzlement in a case concerning a state-owned timber business in the Kirov region, where he had formerly worked as an advisor to the governor. The charges, carrying a maximum sentence of ten years in prison, reflected how much of a threat the resilient antigovernment protest movement had become. The world will continue to watch the trajectories of figures like Navalny to see whether his approach provides some measure of insulation from attack for digital activists.

There is also the frightening possibility that sites will emerge created by people who share the design and scale of these whistle-blower platforms but not their motivations. Rather than functioning as a clearinghouse for whistle-blowers, such platforms would serve as hosts to all manner of pilfered digital content— leaked active military operations, hacked bank accounts, stolen passwords and home addresses— without any particular agenda beyond anarchy. Operators of these sites would not be ideologues or political activists; they would be agents of chaos. Today, hackers and information criminals publish their ill-gotten gains fairly indiscriminately— the 150,000 Sony customer records released by the hacker group LulzSec in 2011 were simply made downloadable as a file through a peer-to-peer file-sharing service— but in the future, if a centralized platform emerged that offered them WikiLeaks-level security and publicity, it would present a real problem. Redaction, verification and other precautionary measures taken by WikiLeaks and its media partners would surely not be performed on these unregulated sites (indeed, Assange told us he redacted only to reduce the international pressure that was financially strangling him and said he would have preferred no redactions), and lack of judgment around sensitive materials might well get people killed. Information criminals would almost certainly traffic in bulk leaks in order to cause maximum disruption. To some extent, leaking selectively reflects purpose while releasing material in bulk is effectively thumbing one’s nose at the entire system of secure information.

But context matters, too. How different would the reaction have been, from Western governments in particular, if WikiLeaks had published stolen classified documents from the regimes in Venezuela, North Korea and Iran? If Bradley Manning, the alleged source of WikiLeaks’ materials about the United States government and military, had been a North Korean border guard or a defector from Iran’s Revolutionary Guard Corps, how differently would politicians and pundits in the United States have viewed him? Were a string of whistle-blowing websites dedicated to exposing abuses within those countries to appear, surely the tone of the Western political class would shift. Taking into account the precedent President Barack Obama set in his first term in office— a clear “zero tolerance” approach toward unauthorized leaks of classified information from U.S. officials— we would expect that future Western governments would ultimately adopt a dissonant posture toward digital disclosures, encouraging them abroad in adversarial countries, but prosecuting them ferociously at home.

_____

2 This dictum is commonly attributed to Stewart Brand, the founder and editor of the Whole Earth Catalog, recorded at the first Hackers’ Conference, in 1984.

3 While in the technical community the term “hacker” means a person who develops something quickly and with an air of spontaneity, we use it here in its colloquial meaning to imply unauthorized entry into systems.