accesses since January 17, 2012
copyright notice
link to published version: IEEE Computer, March, 2012
accesses since January 17, 2012
What a time for WikiLeaks. 2010 ended with the Afghanistan War Diaries, the Collateral Murder video, and CableGate going viral on the Internet. 2011 witnessed a complexity of events that multiplied the intrigue. 2012 looks just as interesting. This is a story that has taken wing.
We begin with the incontrovertible and proceed to the more controversial. In 2010, the self-proclaimed not-for-profit online repository of anonymous leaks, WikiLeaks.org, posted some politically-charged and embarrassing digital content dealing with the Afghanistan war (nicknamed the “Afghan War Diary”), gunsight footage of an airstrike in Baghdad (“Collateral Murder”), and thousands of purportedly secret U.S. State department diplomatic cables (“CableGate”). These leaks attracted the ire of U.S. Government officials and politicians, and embarrassed several foreign governments. All three of these leaks were allegedly the work of one Bradley Manning, a socially awkward, somewhat unstable Army Private serving in Iraq.
We add to the mix a non-conformist former computer hacker who refers to himself as the Editor-in-Chief of WikiLeaks, Julian Assange, and a convicted computer hacker/snitch with both Asperger's syndrome and some other alleged issues, Adrian Lamo. The prevailing media perspective at this writing holds the WikiLeaks EiC somehow got secret –and very embarrassing – documents from the Private, and then had them posted on WikiLeaks' websites. In a weaker moment, the Private then discusses his involvement in this derring-do with Lamo. The latter then shared the information with U.S. Government officials and a reporter for Wired Magazine. At that point the plot thickens, fingers point wildly (and, of course, outward), and seemingly everyone with even the slightest bit of egg-on-face takes a self-serving position that takes dead aim at the Editor and the Private.
The constituencies affected by the three leaks are slightly different but overlapping - there's plenty of embarrassment to go around, mind you. The Department of Defense and military were embarrassed by the Collateral Murder video (hereafter CMV) because some of the victims were Reuters' war correspondents and children. Defense and the military were also embarrassed by the 75,000 documents (most of which were classified ‘secret') released as the ‘Afghan War Diary' (AWD) but for different reasons: these documents included intelligence intercepts, internal military incident reports, speculative assessments, and reports from informants, some of which referred to informants by name, much to the chagrin and alarm of the U.S. and sympathetic foreign governments. But the holy grail of embarrassment was CableGate (CG) - approximately 250,000 diplomatic cables between the U.S. State Department and nearly 300 embassies, consulates, and diplomatic missions around the world. Of these cables, about half were unclassified, one-third labeled ‘confidential,' and approximately 15,000 labeled ‘secret.' Only a small fraction have been released by WikiLeaks thus far, with a larger fraction shared with major newspapers, including The Guardian, the New York Times, Der Spiegel, El Pais and Le Monde. By the time of the CableGate leaks, the battle lines were drawn and the strongly opinionated among us began choosing sides and taking aim.
CableGate and its predecessors produced a veritable feeding frenzy of accusations from Western politicians – most of which were directed toward WikiLeaks founder/Editor-in-Chief, Julian Assange . Mike Huckabee, former U.S. Presidential aspirant, is said to have called for Assange's execution for treason (Assange, it should be noted, is not a U.S. citizen). Australia's Prime Minister Julia Gillard called Assange a criminal and recommended revoking his Australian passport (which was nullified when Australia's Attorney General opined that Assange had broken no Australian law). U.S. Vice President Joe Biden labeled Assange a “high-tech terrorist.” Presidential contender Newt Gingrich recommended that Assange be treated as an “enemy combatant.” Conversely, Republican Presidential contender Ron Paul suggested that Private Manning may be a “political hero….a true patriot who reveals what is going on in government.”
Meanwhile the homeless (and close to being Stateless) Assange took refuge in the historic English country estate of a wealthy journalist, documentarian, and restaurateur. So 2012 begins.
The prevailing, but not singular, view of the leaks falls under the rubric of “stolen and leaked documents.” On this account, the documents were government property, were downloaded from government servers, and subsequently uploaded to WikiLeaks without permission: stolen, pure and simple. Free speech advocates tend to view these leaks as a natural byproduct of a free press in a democracy and are sympathetic to Manning and WikiLeaks. Bureaucrats and politicians tend to view the leaks as threatening and subversive and are hostile to Manning and WikiLeaks. The majority of observers seem to accept the stolen and leaked documents explanation.
However, to add complexity to the story, there is the “conspiracy” account, promulgated by former National Security Advisor to President Carter, Zbigniew Brzezinski: the leaked documents may be background noise that overshadows the more important and damaging “seeded” documents that were added to the mix. In Brzezinski’s view, these WikiLeaks should not be taken at face value. It is quite possible, if not probable, that Assange and WikiLeaks were duped by ‘special intelligence interests’ specifically to embarrass the United States and weaken its relationship with friendly allies. In Brzezinski ‘s own words:
“It’s, rather, a question of whether WikiLeaks are being manipulated by interested parties that want to either complicate our relationship with other governments or want to undermine some governments, because some of these items that are being emphasized and have surfaced are very pointed….And I wonder whether, in fact, there aren’t some operations internationally, intelligence services, that are feeding stuff to WikiLeaks, because it is a unique opportunity to embarrass us, to embarrass our position, but also to undermine our relations with particular governments.“
Quite from being the channel for a toxic data dump of secret material, Assange may actually be the useful idiot for foreign intelligence services: WikiLeaks may be an instrument of information warfare rather than the purveyor of blown whistlers.
At this writing it remains to be determined whether Assange, working under an assumed alias, actually encouraged Manning to provide the files to WikiLeaks. This is a critical determination for Assange, as an active role might lead to his prosecution under the U.S. Espionage Act.And yet, for me the most interesting part of this story has so far gone largely unnoticed.
There is no shortage of drama in this tale. Enter U.S. Senator Joe Lieberman and Amazon CEO Jeff Bezos. According to published reports, Lieberman and/or his staff asked Bezos and/or his staff to stop hosting WikiLeaks on Amazon Web Services - at the time the primary host of WikiLeaks content in North America. Mind you, this was after CMV, AWD and CG had already gone viral. When I saw the media reports of this story my first thought was “What part of ‘the toothpaste is out of the tube' don't they understand? In any event, Amazon Web services did pull WikiLeaks.org content from their server cluster.
Of course Amazon Web Services wasn't a sole hosting service for WikiLeaks. No one who knew how the Internet worked thought that it was. When Amazon pulled their content, it had no effect on content elsewhere. Nor did it seem to have any effect on its continued migration of the documents through cyberspace. Similarly, when EveryDNS pulled the DNS entry for the WikiLeaks.org IP address record for North America (after an alleged 100 gigabit/second distributed denial of service attack directed against WikiLeaks.org was threatening its service to other subscribers), the DNS records for other WikiLeak hosts began to proliferate. As networkers worldwide watched this unfold, they saw that nothing beyond the level of minor inconvenience to curious surfers resulted. Trying to deal with WikiLeaks at the level of hosting and DNS services is akin to the Internet version of Hammer Heads. (Maybe these government types never visited Chuck E. Cheeses as a kid!) That government officials and their staffs acted as if they actually thought that they could magically pull the plug on the embarrassment by pulling the plug on a hosting service is symptomatic of our cyber-deficiencies. This entire episode will live on in Wikinfamy as a paradigm case of cyber silliness.
I'm confident that Bezos and/or his Amazonian leadership team knew quite well that pulling the hosting service served no useful purpose. My hunch is that this was viewed as purely a business decision - they didn't need the distractions from Congressional complainers and watchdogs, and certainly wanted to avoid guilt by association with the controversial WikiLeaks. In Amazon's own words: "Some of [Amazon Web Services] data is controversial, and that's perfectly fine. But, when companies or people go about securing and storing large quantities of data that isn't rightfully theirs, and publishing this data without ensuring it won't injure others, it's a violation of our terms of service, and folks need to go operate elsewhere." - which is exactly what WikiLeaks did.
Within a few hours of EveryDNS' removal of the authoritative DNS records for the WikiLeaks.org site hosted by Amazon Web Services, WikiLeaks defiantly announced on Twitter that WikiLeaks.ch was created. A DNS entry for the domain WikiLeaks.ch was created in Switzerland by Piratenpartei Schweiz. That domain resolved to IP address 88.80.13.160 which is a part of a small class-B network cluster, not in Switzerland but in Sweden where ironically one of our protagonists, Julian Assange, had an outstanding arrest warrant for alleged sex offenses. (You can't make this stuff up, folks!) The Swedish server in turn redirected traffic to the French host, OVH ISP, at 213.251.145.96). This IP address was part of a 16-address server cluster located in France but registered in Melbourne, Australia. Of course the WikiLeaker team was parallel processing all the while, so there are multiple threads operating simultaneously. If you're getting the feeling that getting ahold of WikiLeaks content on the Internet is like trying to shovel smoke into a bucket, you're getting the big picture.
Meanwhile, back in Congress, U.S. Senators Dianne Feinstein, chairperson of the Senate Intelligence Committee and vice-chair Christopher Bond requested that Attorney General Eric Holder prosecute WikiLeaks' Julian Assange (to my knowledge, the justification was somewhat hazy). Meanwhile, Swedish authorities issued a European Arrest Warrant and sought extradition for Assange on the sex charge. Assange considers an asylum request in Switzerland, but the latter balks under pressure and the knowledge that they have an extradition treaty with the U.S. The Deputy Foreign Minister of Ecuador discusses the possibility of Assange taking residence there, but that idea is kiboshed by the President of Ecuador for the same reason. Unfortunately, there aren't many asylum candidates among the dozen or so countries who do not have extradition treaties with the U.S. Libya? Not so much. Chad in the midst of the Sahel famine? Not likely. Afghanistan? Not the best choice with 100,000 U.S. soldiers in country. Comoros? One can't move there unless one can find it on a map? East Timor? Kazakhstan? To Assange, I'm confident that the value proposition remained illusory.
But, again, the computing and IT component is just a small part of the story. The rest of the story, at least that part that has been under-reported so far, has to do with the rest of the people involved – many nameless and in the shadows. We begin with a small ensemble of colorful actors cast against the background of a much larger group of powerful politicians and military brass who by most accounts aren't the sharpest knives in the drawer. It is to this ensemble that we now turn.
I've endeavored to present what seem to be incontrovertible facts so that we're all on the same page for the commentary to follow. At this writing, Julian Assange is fighting extradition to Sweden, living in the English manor, and soliciting donations on the WikiLeaks site to help with his legal defense. Private Manning has been detained since May, 2010 in military jails in Kuwait and Quantico, VA. under conditions that have inspired criticism from a variety of sympathizers, including Amnesty International. He is currently in Fort Leavenworth awaiting trial facing courts marshal under section 32 of the Uniform Code of Military Justice.
Let's assume that Private Manning did in fact upload the documents to WikiLeaks by using his access to the Secret Internet Protocol Router Network (SIPRNet) as Adrian Lamo testified. In 2009 Manning would have been 21 or 22 years old. Unless they've changed the military insignia chart quite a bit since I served, a Private (most especially one barely beyond teenage years) is not considered the bulwark of reliability and sound judgment by military brass. The operative question is “By what authority was Manning and his cohorts given access to sensitive, classified State Department documents?” I've asked this question every senior military officer that I know, and have yet to find anyone who even claims to know the answer. In my day, a security clearance in the military was not a hunting permit for curiosity seekers. Have things changed?
One relevant data point is Donald Rumsfeld's desire to encourage information sharing between and within military agencies while he was Secretary of Defense under George W. Bush. One has to believe that this created the climate that made it possible for low-level enlisted military personnel like Manning to access sensitive information that was either beyond the scope of their job, or under the most charitable interpretation, marginally related. This is a good time for everyone to be reminded that security clearances are like college diplomas - they affirm that the individual has satisfied some minimal standards appropriate to the imprimatur. Neither attest to the sagacity of an individual nor their capacity to contribute anything important to the world. They are best thought of as one filter among many.
Security clearances were never intended to be issued carte blanche. Standard operating procedures always circumscribe their use on the basis of the ‘need-to-know.' The fact that an individual has been deemed trustworthy by some vetting process or other is just the first step in a reasonable authorization process. Having the requisite clearance should not entitle the holder to access all information classified at a level commensurate with the clearance. The second step determines whether the holder has a “need to know” based on his MOS and rank. In this context, the “impact of disclosure” is always taken as a critical consideration in this determination.
At the time that Manning is alleged to have leaked this information, protocols for determining confidentiality levels, data integrity levels, and availability level (aka need-to-know) had already become law in the E-Government Act of 2002 (Public Law 107-347). Title III of the E-Government Act mandated NIST to create such standards, which became the FIPS 199 standard in February, 2004 – five years before the WikiLeaks disclosures. President Bush's EO 13292 specifically included “military plans,” “weapons systems,” “operations,” “foreign government information,” “intelligence activities (including special activities),” “Intelligence sources or methods,” and “foreign relations,” in his amendment of the 1995 EO 12958, which is subsumed under FIPS 199. All of this, it should be noted, is part of the Federal Information Security Management Act of 2002 (FISMA). Manning's attorneys will have a field day with the issue of why the U.S. Government didn't follow its own information security guidelines when it allowed Private Manning to rummage through secret information if this goes to trial. As an aside, the U.S. government has a spotty record prosecuting such cases cases – e.g., the Lawrence Franklin/AIPAC espionage scandal where a Pentagon employee, Lawrence Franklin, received a reduced sentence of 100 hours of community service in 2006 after pleading guilty for conspiracy to communicate national defense information to people not entitled to receive it (Israel). Many charges were dropped because of the Government's concern over its' ability to successfully apply the silent witness rule.
Beyond that, there's another issue involved as well – admittedly a social issue rather than a legal one. By what justification would any reasonable authority put a 22 year old disputatious Army Private in front of a computer terminal that can access controversial, contentious, embarrassing, and/or libelous information with international implications? There is a familiar staple in case law called the attractive nuisance doctrine that holds that when a landowner presents curiosities to those who aren't fully capable of understanding the risks involved, the landowner may be held liable for damages. There is a perfectly reasonable sense in which the secret documents were an attractive nuisance to someone like Private Manning. While I agree that someone should take responsibility for the WikiLeaks fiasco, it's someone much farther up in the organization chart than a 22 year old Army Private. Here's a news flash for our military: kids and young adults sometimes do dumb things. Don't trust them with the keys to the kingdom.
Of course this story just keeps on giving. There are so many characters, sub-plots, and scene changes at this point that it will take years to really appreciate this security drama. I can tell already that when Hollywood makes this movie, 90 minutes won’t do justice to the subject. This may have to be a serialized docudrama on TV.
But what, if anything, have we learned? Let’s take a look at the low-hanging fruit.
In plain terms, everything this lesson taught us any reasonable, security-aware person either already knew or should have known. This is really a confirming instance of policy makers and government officials who were asleep at the wheel. If there is anyone who deserved to sit buck naked in a jail cell over this, it's someone farther up in the food chain than an Army Private.
Unfortunately, our military leadership doesn't seem to be very quick on the uptake. As this column goes to press, The Army placed an entire 100-member company from the 4 th Stryker Brigade at Joint Base Lewis-McChord, WA, under lockdown because of the apparent theft of expensive military equipment – another example of closing the corral after the cows escape. Is it possible that the real problem behind this theft was attractive temptation without adequate oversight – in the same spirit as WikiLeaks and the matter of Private Manning?
For those contemplating asylum without fear of extradition, the complete list of countries with extradition treaties with the U.S. is an online Department of State resources at www.state.gov/documents/organization/71600.pdf .
For Zbigniew Brzezinski's views of the leaks, see the Judy Woodruff PBS video interview at www.pbs.org/newshour/bb/government_programs/july-dec10/weakileaks2_11-29.html .
Several threads of Wired Magazine's coverage Bradley Manning's Article 32 hearing are linked to www.wired.com/threatlevel/2011/12/adrian-lamo-bradley-manning/ .
FIPS 199 may be found online at: http://csrc.nist.gov/publications/fips/fips199/FIPS-PUB-199-final.pdf . EO 13292 is online at http://www.archives.gov/isoo/policy-documents/eo-12958-amendment.html . The earlier EO 12958 is at http://www.archives.gov/isoo/policy-documents/eo-12958-amendment.html .
www.WikiLeaks.org and www.bradleymanning.org are relevant to our discussion.
Acknowledgement: Many thanks to Jim Earl for his helpful suggestions to earlier drafts of this column.