It's not that it's news, it's that it's classified documents. What would have already happened to this dude if they were Chinese Classified Documents? Yah, he'd already be in a shallow grave or fed to the sharks...
Mike B -----Original Message----- From: funsec-boun...@linuxbox.org [mailto:funsec-boun...@linuxbox.org] On Behalf Of Brance Amussen Sent: Tuesday, December 07, 2010 3:35 PM To: 'Rich Kulawiec'; funsec@linuxbox.org Subject: Re: [funsec] WikiLeaks founder Julian Assange arrested on Swedish warrant This is exactly correct, IMHO. The only people these leaks are "really" news to, are the general public. B :)_S -----Original Message----- From: funsec-boun...@linuxbox.org [mailto:funsec-boun...@linuxbox.org] On Behalf Of Rich Kulawiec Sent: Tuesday, December 07, 2010 3:23 PM To: funsec@linuxbox.org Subject: Re: [funsec] WikiLeaks founder Julian Assange arrested on Swedish warrant Y'know, there's a fallacy being propagated here that's quite similar to one pertaining to security bugs and full disclosure debates. Consider nation A. Now consider its ally nation X, its enemy nation Y, and its neutral nation Z. And let's say that the diplomatic communications of nation A with X, Y, and Z (and others, of course) are all published on the Internet by Wikileaks. The presumption being made is that the contents of those communications are all news to X, Y, Z and all those other nations. Now let's presume that Wikileaks never existed. Do you REALLY think that X, Y, Z, and everyone else would not help themselves to any of those communications that they care to? They do have intelligence services, y'know, some of which actually have intelligent people working for them. And while nations X and Z might hesitate to use certain methods, there's really not much reason for nation Y to abstain. I would guess that the right combination of spies, thieves, bribes, wiretaps, malware, seduction, blackmail, flattery, drugs, alcohol, etc. would suffice -- doubly so for low-hanging fruit such as the cables currently being disclosed. A large number of people have access to those, presenting a large attack surface for anyone engaged in human engineering. Now of course we are seeing public pronouncements by nation X and the like that they are <CaptainRenault>shocked, shocked</CaptainRenault> at what we can now all read. Of course we are. They can't very well publicly admit that they've known this stuff all along and had already adjusted policy as necessary. But really, if I were one of the heads of state of nation X (or Y or Z) and my national intelligence service hadn't given me most of this on a silver platter a long time ago, I'd sack my espionage chief before tea-time today and tell my staff to find someone minimally competent. Everyone is aware, I trust, that some of these countries (like the US, for example) have huge intelligence services which spend all day, every day, trying to do just that: discovering everyone else's secrets. <shrug> This is how the game is played. Some people try to keep secrets, some people try to find them out. Those can't handle their secrets being discovered should probably reconsider their participation in the game -- or perhaps their decision to try to keep a billion secrets spread among several million people. Maybe a thousand secrets spread among 50 people would present a more tractable problem. The parallel, of course, is that we are supposed to believe that if security researcher R does not disclose such-and-such a flaw, that it'll remain hidden from all the other security researchers, some of whom may not be nice people. This is nonsense: they may not be nice people, but that doesn't prevent them from being smart, diligent, resourceful, highly motivated people -- and moreover, they have a very long track record indicating that they're quite capable of independent discovery. (Well, and there are ways to short-cut that: if I were one of the not-so-nice people, one of my approaches would be to try to buy an employee or two at major IT security companies. Sure, I'd hire my own researchers as well, but I'd like to give them an advantage by getting my hands on whatever R is up to this week. That way, it really doesn't matter if R discloses or not -- in fact, I'd prefer R didn't because the information will have more value to me if my competitors don't have it too, and if the pool of people trying to fix the problem is as small as possible.) My point here is that this pretend game is silly. It's a capital mistake to presume one's enemy is stupid and ignorant, merely because they're the enemy. And it's *really* a mistake when the enemy has furnished plenty of evidence that they're actually pretty bright and that they have ways of finding out lots of things. As to the posturing by Joe McCarthXXXXXXXXLieberman, someone should tell him that there are now over a thousand Wikileaks mirrors. And soon enough there will be 2 Wikileaks and then 5 and then 100 and then... "I guess you all know about tapeworms? Good. Well, what I turned loose in the net yesterday was the...father and mother of all tapeworms... My newest masterpiece--breeds by itself... By now I don't know exactly what there is in the worm. More bits are being added automatically as it works it way to places I never dared guess existed... And--no, it can't be killed. It's indefinitely self-perpetuating so long as the net exists. Even if one segment of it is inactivated, a counterpart of the missing portion will remain in store at some other station and the worm will automatically subdivide and send a duplicate head to collect the spare groups and restore them to their proper place." -- John Brunner, "The Shockwave Rider", 1975 ---rsk _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.