For a period of seven months, despite the Cablegate betrayal, the 'cables cooking' and a book (with accompanying articles) composed of a litany of lies and distortions, outwardly the feud between WikiLeaks and its ex-media partner the Guardian seemed to have reached an equilibrium. The Guardian attacked and WikiLeaks tried to ignore them. Behind the scenes, however, a crisis was unfolding.
During the Iraq War Logs release (beginning 22nd October 2010) the WikiLeaks web server came under an unprecedented level of denial-of-service attacks (DDoS attacks), which shut down the organization's main wikileaks.org page. Around the same time, the then ostracized, now sacked, WikiLeaks spokesman for Germany, Daniel Domscheit-Berg removed a section of WikiLeaks' compressed data-set from its server. According to Daniel Domscheit-Berg's wife, Anke, he only took the "most recent, unchecked submissions". Looking at the files Domscheit-Berg has admitted taking (and also later claimed to have deleted), it is apparent that he took almost everything submitted by whistleblowers that had not yet been published. While the files taken did not include the encrypted U.S. diplomatic cables file (cables.csv), Domscheit-Berg's actions had an almost immediate effect upon those files. WikiLeaks supporters moved quickly to protect them; first of all they set up dozens of mirror WikiLeaks sites, all of them housing copies of WikiLeaks now reduced data-set, including the diplomatic cables. Secondly, at some point soon after the mirrors were in place, a compressed file of the data-set was quietly placed onto the Internet via the filesharing protocol BitTorrent.
The cables were loose, but their position and the encryption key (also known as a passphrase) were hidden. The first of these elements to fall was the location.
Domscheit-Berg had a book to sell ('Inside WikiLeaks: my time with Julian Assange at the world's most dangerous website'), but to ensure that his improbable claims appeared credible, and not solely stemming from a personal animosity towards Assange, he had to prove that Assange could not be trusted. It is alleged that Domscheit-Berg elicited the URL to an unlisted root directory hidden within an obscure Croatian server, which contained the diplomatic cables file from one of his former WikiLeaks colleagues. Domscheit-Berg decided to tell anyone who would listen, that there was an issue with WikiLeaks' security. Literally, anyone. In interview after interview, mainstream media outlets that felt commercially and conceptually threatened by WikiLeaks' model, gave Domscheit-Berg a platform to make vague criticisms of Assange and the security of WikiLeaks.
Before long, Domscheit-Berg was also informed (by Herbert Snorrason, a one-time WikiLeaks volunteer) that, in their book 'WikiLeaks: Inside Julian Assange's war on secrecy', Leigh and Harding had inexplicably published the passphrase for a file containing the cables. Was this passphrase authentic and did it fit any of the Cablegate files placed online? It is likely that Domscheit-Berg used either the URL to the server's hidden /wiki/ directory, or a torrent file (that could be used to download the Cablegate files - see below) to check the passphrase's legitimacy.
Ever since the book's publication on 1st February 2011, WikiLeaks had been silent about the passphrase that Leigh had unwisely chosen to use as a subheading to Chapter 11. They dared not even point it out to the Guardian in case the security breach leaked. Due to the properties of the encryption used to secure the Cablegate files, without the passphrase the contents were safe. However, when the passphrase was published in an electronic pdf format through the e-book version of Leigh's book, it was searchable by those seeking to unlock the Cablegate file downloaded via BitTorrent. An inevitability was forming. The WikiLeaks data-set was 'out there' and the keys to one file, the cables.csv file, were sitting on Amazon. The unredacted cables could potentially damage activists across the globe. The only thing to play for was time. WikiLeaks held its breath.
The story of Leigh's breach didn't break around the BitTorrent, as one might have expected, it broke on the Croatian URL. Again, enter Domscheit-Berg. After learning of the existence of the passphrase and likely confirming that it unlocked the Cablegate files, he decided to give the German press enough details to ensure the whole affair unraveled. Eager for a scoop, the relatively small German newspaper Der Freitag was the first to publicize Domscheit-Berg's revelation. Despite WikiLeaks' frantic requests for the press to be careful about how much they revealed, Der Freitag, TechCrunch and Der Spiegel all published stories based on Domscheit-Berg's information about the cables and the passphrase.
Within days, the location was found, and every file within every directory of the data-set was checked against Leigh's published passphrase. The first to put all the pieces of the jigsaw together was Nigel Parry:
In the directory, date-stamped 9 June 2010, were 4 files, all encoded with Pretty Good Privacy (PGP) encoding, the files names with *.gpg suffixes. I started at the bottom of the list, putting in the David Leigh password. It unzipped z.gpg into a file called z.7z. Opening that file and extracting it using the Ez7z compression / decompression program, the file spat out a file called cables.csv, dated with a creation date of April 12, 2010 at 9:22PM. It was a 1.61GB file but it had been reported in the German press to be 1.73GB.
David Leigh's 'encryption key fiasco'
We found out that Freitag is going to publish this information and we implore upon them to not publish it, because once this combination is revealed then [that all] reveals and all our redaction work is in vain, not our publishing work but all our redaction work is in vain. We also asked the State Department how their warning program has been going along and could they speed that up, they started in November and December last year. It took us 36 hours to get a proper interaction with the State Department, the State Department having a policy of refusing to communicate with us, so we had to reach a high enough level for that to be undone.
I spoke to Crowley and a number of others and their top lawyer. They were of the view "well, we can't do anything more than we've already done back then, we’ve informed all these people". Then our lawyers instructed this Domscheit-Berg character to stop telling people, this was a dangerous activity and to stop doing it. Freitag then prepared another article, much more explicit, and we asked them that they do not publish that, but they did. And then Spiegel published more information, and that was then enough for anyone interested in the subject to go and find it and decrypt it, and that is what happened, and it started spreading via Twitter, and eventually started appearing on websites.
Many of the world's more sophisticated security agencies would have had access to the unredacted cables due to the lax security of the media organizations that worked on them. Now, anyone could access all of them. WikiLeaks published the entire data-set itself on the 1st September 2011. As former U.S. State Department spokesman P. J. Crowley said: "Any autocratic security service worth its salt" that had not already accessed the data "will have it in short order." WikiLeaks had notified the U.S. government of the impending publication of Cablegate so that protective measures could be taken by them. And WikiLeaks had also asked for "any specific instances (record numbers or names) where it considers the publication of information would put individual persons at significant risk of harm that has not already been addressed" without receiving a useful reply. The 'architect' of the WikiLeaks' leak, Domscheit-Berg, had said that "[He would] only return the [stolen whistleblowers' submissions] to Julian [Assange] if and when he can prove that he can store the material securely and handle it carefully and responsibly.” However, after Domscheit-Berg had caused the Cablegate files to be disseminated, he then revealed his understanding of treating whistleblowers' submissions, "carefully and responsibly". First, under the guise of "ensuring that sources are not compromised", he deleted their submissions, apparently heedless of the risks taken by the whistleblowers in obtaining their information and despite the fact that he knew that WikiLeaks' submission process does not record or collect any source-identifying information. Domscheit-Berg's next illustration of "carefully and responsibly" handling whistleblowers' submissions involved informing Der Freitag of his acquisition of the Cablegate file location and his discovery of David Leigh's passphrase blunder. The strange truth is that Domscheit-Berg was correct all along, WikiLeaks did have a security problem, and that problem was Domscheit-Berg. Before Der Freitag published Domscheit-Berg's information, Julian Assange again acted to protect individuals named in the cables:
Despite these efforts to balance the public interest with the safety of individuals, Domscheit-Berg and the Guardian had forced events. Later that day (1st September 2011), the Guardian decided the most effective method of defense against the damage their reputation would receive over Leigh's negligence would be to blame WikiLeaks for his actions:
A security breach has led to the WikiLeaks archive of 251,000 secret US diplomatic cables being made available online, without redaction to protect sources. WikiLeaks has been releasing the cables over nine months by partnering with mainstream media organisations. Selected cables have been published without sensitive information that could lead to the identification of informants or other at-risk individuals. The US government warned last year that such a release could lead to US informants, human rights activists and others being placed at risk of harm or detention.
A statement from the Guardian said: "It's nonsense to suggest the Guardian's WikiLeaks book has compromised security in any way. Our book about WikiLeaks was published last February. It contained a password, but no details of the location of the files, and we were told it was a temporary password which would expire and be deleted in a matter of hours. It was a meaningless piece of information to anyone except the person(s) who created the database. No concerns were expressed when the book was published and if anyone at WikiLeaks had thought this compromised security they have had seven months to remove the files. That they didn't do so clearly shows the problem was not caused by the Guardian's book."
This Guardian statement posing as an article is nonsense. The Guardian could have checked whether the 'passphrase' had expired on their own Cablegate files. They could have simply asked WikiLeaks whether it was safe to publish it. They could even have checked the facts printed in their own newspaper. In an article entitled 'Julian Assange answers your questions' published in the Guardian on the 3rd December 2010, Julian Assange responded to one reader's question: "The Cable Gate archive has been spread, along with significant material from the U.S. and other countries, to over 100,000 people in encrypted form. If something happens to us, the key parts will be released automatically." So much for Leigh's claim that the Guardian wasn't to know the 'files' were still online when he published his book. Perhaps he should have checked his own newspaper first? Further, as James Ball knows, once a file has been 'released' as a torrent, it cannot be 'recovered'. The file can be spread and hosted anywhere and its torrent file used to locate and disseminate it. That Ball would suggest otherwise is dishonest and presupposes that his readers have an extremely limited knowledge of file sharing technology, to say the least.
nigelparry.com, 31st August 2011: Guardian Investigative Editor David Leigh publishes top secret Cablegate password revealing names of U.S. collaborators and informants.. in his book, by Nigel Parry
On a basic security level, revealing any information about how Julian Assange formulates his passwords could have implications in any of the other myriad of sensitive areas WikiLeaks deals with. Any files encrypted by Assange at the same time - or before - the cables, and in the possession of any entity hostile to WikiLeaks, are now more vulnerable since Leigh's book gave up its clue about how Assange formulates passwords. And anyone who has access to the original file David Leigh was given, could now decrypt it. Unless the original file was carefully protected throughout its entire life, decrypted and unzipped, then destroyed after the data was released, that password will work on copies of it for ever. So regardless of how David Leigh & Co. imagine computer security works - and right now they are desperately trying increasingly ridiculous arguments to blame WikiLeaks for Leigh's actions - there's no reason to publish any password this sensitive - ever.
A 10th September 2011 Economist article states "Mr Assange's file management looks sloppy, but Mr Leigh's blunder seems bigger: since digital data is easily copied, safeguarding passwords is more important than secreting files." In the comments section David Leigh finally admits that the 'passphrase fiasco' was his fault after all, while still blaming Julian Assange:
Yes, I understand the archive with z.gpg somewhere in it was posted by Assange or his friends in an obscure location around 7 December 2010, the day Assange was arrested for alleged sex offences. No-one told us this had been done [Julian Assange had told Leigh's newspaper and its readers precisely that information 4 days previously]. Assange apparently re-used the password he gave me earlier (although the file title - z.gpg - was different.) Obviously, I wish now I hadn't published the full password in the book. It would have been easy to alter, and that would have avoided all these false allegations. But I was too trusting of what Assange told me.
In the months that followed, the Guardian continued to attack WikiLeaks. It has now become the greatest assault upon a person and an organization in the history of the UK press. Even members of the public writing in support of WikiLeaks in the Guardian's comment section have found their posts 'disappeared' and accounts deleted.
The manufactured Israel Shamir story and David Leigh's 'passphrase fiasco' cover-up are typical of the lack of journalistic integrity found whenever the Guardian reports on either WikiLeaks or Julian Assange. There are exceptions - both John Pilger, who contributes occasional articles to the Guardian, and Glenn Greenwald, who has his own column with full editorial control, support WikiLeaks and Julian Assange, along with a few other Guardian writers. However, they do not let this support overwhelm their writing, and they do not invent or skew facts. They cover the subject carefully and, objectively.
Below are four further examples of the Guardian's reporting. These examples are important because they are all found in Leigh and Domscheit-Berg's books, both of which have been used as the primary source material for two Hollywood-funded films: Alex Gibney's documentary 'We Steal Secrets: The Story of WikiLeaks' (2013), and 'The Fifth Estate' (2013) directed by Bill Condon.
In the first example below, Guardian journalist Nick Cohen mentions "David Leigh and Luke Harding's history of WikiLeaks", but what kind of a 'history' are they trying to project and why?
A pattern of reporting
The Guardian, 18th September 2011: The treachery of Julian Assange. The WikiLeaks founder, far from being a champion of freedom, is an active danger to the real seekers of truth, by Nick Cohen (published in the Guardian's sister paper the Observer and then re-published in the Guardian).
David Leigh and Luke Harding's history of WikiLeaks describes how journalists took Assange to Moro, a classy Spanish restaurant in Central London. A reporter worried that Assange would risk killing Afghans who had co-operated with American forces if he put U.S. secrets online without taking the basic precaution of removing their names. "Well, they're informants," Assange replied. "So, if they get killed, they've got it coming to them. They deserve it." A silence fell on the table as the reporters realized that the man the gullible hailed as the pioneer of a new age of transparency was willing to hand death lists to psychopaths.
However, an independent witness - John Goetz, a journalist with Der Spiegel - states that the events related above are simply not true:
I was at dinner at the Moro restaurant in London, along with Marcel Rosenbach from Der Spiegel, David Leigh and Declan Walsh of the Guardian, and Julian Assange of WikiLeaks. Patrick Forbes asked me specifically if Julian Assange had made the remark “They're informants, they deserve to die” at the dinner, as has been alleged by David Leigh, and I told him that Julian did not say that at the dinner.
When considering which of the two parties is telling the truth, perhaps the best indicator available is to look for a pattern of dishonesty. One aspect is slanted journalism - through the deliberate omission of opposing view points. John Goetz, a Der Spiegel journalist and witness to the alleged remarks, puts forward both the allegation and the rebuttal (which in this case is his own testimony). The Guardian only puts the allegation forward, which it frames as fact.
Another example of dishonesty found in the Guardian's WikiLeaks reportage concerns the arrest of Bradley Manning; which was used by Leigh and Ball to attack WikiLeaks. Indeed, Leigh and Harding's 'WikiLeaks: Inside Julian Assange's War on Secrecy' related as fact rather than allegation (1st February 2011) that Manning was WikiLeaks' source - this while he was still being tortured at the Quantico Marine Corp Base, and before the U.S. government had even put him in front of a court for his first pre-trial hearing. On the 30th January 2011, Leigh again named Manning as WikiLeaks' source without stating that this is speculation. Leigh then blames Assange for Manning's arrest:
Leigh finally admitted (15th March 2011) that it was the actions of Adrian Lamo (an informant who at the time owed the U.S. federal government 60,000 dollars from a previous conviction) that caused Manning's arrest, but he still tries to blame WikiLeaks:
Three months later, James Ball was still distorting the basic facts of Manning's arrest:
The Guardian, 16 July 2011: All the encryption in the world wouldn't have kept Bradley Manning safe. The story of Manning's exposure shows how sources aren't protected by the kind of security measures WikiLeaks takes, by James Ball
But perhaps the Lamo / Manning chatlogs offer WikiLeaks an opportunity to simplify their thinking. What matters is whether public interest whistleblowers are protected, and stay anonymous – not who reveals them. WikiLeaks' greatest source is currently in prison. Instead of stressing no one has been caught through WikiLeaks actions, or boasting of security, WikiLeaks – and everyone else working in that world – should take a long look at what they can do better, and put the results into action. If not, Manning may not be the last whistleblower to face the consequences.
In contrast to the above, the Wired magazine's 'unspun' coverage makes it absolutely clear where responsibility lies for Manning's fate: in his own decision to leak classified information he felt revealed crimes the public needed to know about, and with his 'careless talk':
On May 21, 22-year-old Army intelligence analyst Bradley Manning initiated a series of online chats with former hacker Adrian Lamo after a story on Lamo was published at Wired.com. The chats continued over several days, during which Manning claimed that he was responsible for leaking classified material to the whistleblower site WikiLeaks. Lamo tipped off the FBI and the Army about Manning’s claims, and on May 26, Manning was seized by Army authorities and put into pre-trial detention in Kuwait. He remains in Kuwait while the Army Criminal Investigation Division and other agencies investigate whether he leaked classified information and determine if he should be charged with any crime.
Extract from the Adrian Lamo / Bradley Manning chat log:
(1:52:54 PM) email@example.com: i’ve been considering helping wikileaks with opsec (security measures)
(1:53:13 PM) bradass87: they have decent opsec.. i'm obviously violating it
WikiLeaks guarantees that it will never reveal the identity of a source. Nothing can pressure WikiLeaks to reveal a source's identity and it is pointless to infiltrate them to find out. This is because nobody within WikiLeaks knows or has the means to discover a source's identity. Their system of submitting information has been designed to make that impossible. However, WikiLeaks clearly cannot guarantee anonymity if the source itself chooses to ignore security measures.
Another distortion pushed by the Guardian relates to the onward extradition of Julian Assange from Sweden to the United States:
And ultimately there is the repeated suggestion from Mr Assange's supporters that if he goes to Sweden he will face extradition to the US to be prosecuted for treason. Yet there is no serious evidence that Washington plans to start such proceedings; and if it ever did, the political and public opposition in Sweden as well as Britain and across the world would be massive.
Most of these were based on the claim that the United States wants to get its hands on Mr Assange because of WikiLeaks, that it may torture him, that his deportation to Sweden by the UK would bring this closer, and that Ecuador has a right to protect him.
No one should be naive about the US, but this is a fallacious chain of reasoning. The US has not said whether it wants to detain Mr Assange, though it has had plenty of time to do so. If it wanted his extradition, the US might logically be more likely to make use of Britain's excessively generous extradition treaty with the US – which has not happened – rather than wait until he was in Sweden, when both Sweden and the UK would have to sign off on any extradition application.
The Guardian makes these claims despite credible evidence from a source with close connections to Washington's national security powerbase – Fred Burton of Stratfor (ex-Deputy Chief of Counterterrorism of the State Department's Diplomatic Security Service), that a sealed indictment for Julian Assange has been in place since January 2011, as was revealed when Stratfor's emails were hacked and passed to WikiLeaks, who later published them as the GIFiles. The fact is that it is a criminal offense for any U.S. government official to reveal the existence of a sealed indictment before it is unsealed, which only happens once the indicted person is taken into custody. Furthermore, if Julian Assange is held incommunicado (except for limited communication with his defense lawyers) in a Swedish remand center and then a prison, his ability to exercise his legal right to seek asylum – a basic human right available to any person in fear of persecution – or to properly defend his case (doubly difficult when presented with hundreds of pages of evidence in an unfamiliar language with only two weeks until trial) or to rally support and fight a critical public relations campaign would be non-existent. Once in prison, he could be held there throughout any onward extradition proceedings after either the Stockholm allegations proceedings or jail term ends.
Support for Assange and WikiLeaks in the UK remains substantial and resilient to the media distortions surrounding the so-called 'Stockholm affair' (unlike the situation in Sweden). It is in London, where the world's most formidable civil rights legal community resides, that resistance to an extradition to the U.S. would be greatest. An extradition attempt from London would be a seemingly unending public relations nightmare for the UK government, with political capital being expended day after day, into the teeth of an astute public who always favor an underdog. The argument of where it would be more viable to extradite legally is an obvious misdirection (Sweden is likely the easier option due to 'temporary surrender'). The pertinent question is where it would be politically feasible. Statements that the U.S. doesn't want Assange to face 'justice' and that there is “no evidence” that they desire this, are absolute nonsense - the evidence is not just compelling, it is overwhelming.
The final example concerns a tactic which is to be found woven between the distorted facts of almost all of the Guardian's coverage of Assange. The tactic involves attacking the person rather than his argument. In an article about the mainstream press coverage of Noam Chomsky, Glen Greenwald writes:
One very common tactic for enforcing political orthodoxies is to malign the character, "style" and even mental health of those who challenge them [...] The New York Times [has] led the way in depicting both Bradley Manning and Julian Assange as mentally unstable outcasts with serious personality deficiencies. The lesson is clear: only someone plagued by mental afflictions would take such extreme steps to subvert the power of the US government.
What is at play here is this destructive dynamic that the more one dissents from political orthodoxies, the more personalized, style-focused and substance-free the attacks become. The goal is not merely to dispute their claims but to silence them. That's accomplished by demonizing the person on personality and style grounds to the point where huge numbers of people decide that nothing they say should even be considered, let alone accepted. It's a sorry and anti-intellectual tactic, to be sure, but a brutally effective one.
In the article below, this approach has become the main substance of the piece. Almost every topic raised is done so, solely to set up the next ad hominem attack; there is no attempt to discuss the issues of Assange's predicament or his work:
It all looks and feels like an ordinary interview. But when Assange appears, he seems more like an in-patient than an interviewee, his opening words slow and hesitant, the voice so cracked as to be barely audible. If you have ever visited someone convalescing after a breakdown, his demeanor would be instantly recognizable.
My point was that there is a theme of his relationships turning sour. "There is not!" he shouts. I don't blame Assange for getting angry. As he sees it, he's working tirelessly to expose state secrecy and save us all from tyranny. He has paid for it with his freedom, and fears for his life. Isn't it obvious that shadowy security forces are trying to make him look either mad or bad, to discredit WikiLeaks? If that's true, then his flaws are either fabricated, or neither here nor there. But the messianic grandiosity of his self-justification is a little disconcerting.
Decca Aitkenhead's statements clearly do not stand up to the actuality, filmed 29th November 2012, nine days earlier:
Are the readers of the Guardian really supposed to be so helplessly uninformed as to be unaware of the difference between Aitkenhead's fantasy and reality? Or is this an attempt to change the public's perception of Julian Assange and WikiLeaks through media saturation? This is a propaganda technique that is generally referred to as the 'big lie'. The idea was first expressed by Adolf Hitler in Mein Kampf and 16 years later by Joseph Goebbels "If you tell a lie big enough and keep repeating it, people will eventually come to believe it".
January 19, 2013