Blog   |   Iraq, USA, USA

Technicalities: 10 Questions on WikiLeaks

This still from the WikiLeaks footage shows a wounded Iraqi being put into a van during a 2007 attack by the U.S. military. (Reuters)
Monday's release of graphic video footage of an attack by the U.S. military on two Reuters journalists vividly depicted the dangers involved in covering a battlefield. It also thrust into the spotlight WikiLeaks, the enigmatic Web site responsible for obtaining, decoding, and publicizing the footage. Here's 10 questions answered on WikiLeaks, including how it works, its goals, and some of the technical details of how it protects its sources--and how they protect themselves. 

1. What is WikiLeaks?

According to Daniel Schmitt, a WikiLeaks spokesman, the site exists to "ensure the legally and technically protected retrieval of information from anonymous sources and to make available this information for the general public." It provides a secure online submission system for whistleblowers to upload documents, which WikiLeaks then makes available globally over the Web. 

2. Who is behind it?

Understanding the structure of the group is difficult since its organizers keep it deliberately opaque to preserve it from legal or other attacks. Many of the site's volunteers work anonymously. Nonetheless, Schmitt and Australian technologist Julian Assange often speak for WikiLeaks in interviews and public appearances, including this hour-long introduction to the project from 2009, and Assange's more recent interview on Al-Jazeera about WikiLeaks' release of the video footage taken from an Apache helicopter, showing the killing of Iraqi civilians, including two Reuters journalists. 

3. Where is WikiLeaks based?

The organization itself has no offices or central location. Schmitt and Assange are originally from Germany and Australia, although Assange now lives mainly in Kenya.

WikiLeaks hosts its main Web servers in Sweden with backup servers in other jurisdictions, according to WikiLeaks volunteer Jacob Appelbaum. Its hosting provider--the company that provides a network connection and physically manages its machines--PRQ was originally founded by one of the creators of the controversial file-sharing information site Pirate Bay as a free-speech friendly Internet service provider.

Recently, WikiLeaks have been working with Icelandic legislators to pass a series of legal reforms that would give Iceland strong protections for whistleblowers, sources, and Internet hosts and publishers, allowing organizations like WikiLeaks to operate there with less risk of legal challenge. (In 2009, WikiLeaks published confidential internal presentations from Iceland's Kaupthing Bank, showing a snapshot of the company's exposure to risk immediately before Iceland's financial meltdown). 

4. Why the name?

Following discussions on an invited mailing list composed of human rights activists, computer experts, and authors in 2006, WikiLeaks formally launched in January 2007, and has gone through a number of different iterations since then. 

Originally, the site was envisaged as a "wiki," a style of Web site that, like Wikipedia, allows anyone to enter content and anyone else to comment on or edit it. WikiLeaks says they worked carefully at the beginning to create technical measures to ensure the anonymity of the original sources and commenters. 

In its current version, documents submitted to WikiLeaks are not instantly placed online and, once published, are not freely editable. Submissions are selected for publishing by Wikileaks' volunteers and later placed online, sometimes in an edited form, according to the site.

5. What kind of documents does Wikileaks release?

The site says that "WikiLeaks accepts classified, censored or otherwise restricted material of political, diplomatic or ethical significance. WikiLeaks does not accept rumour, opinion or other kinds of first hand reporting or material that is already publicly available."

Previous document releases have included the correspondence of researchers at the Climatic Research Unit at East Anglia University, half a million pager messages from September 11, 2001, Sarah Palin's hacked e-mails, and an advance copy of a report on police killings by the Kenyan National Commission. 

6. Are all of these files still available?

For much of its existence, WikiLeaks offered an archive of its previously leaked documents. During a fundraising drive late last year, the site closed down access to its historical archive of leaked documents, and continues to operate a minimal site, providing only a short list of recent documents until they have the funding to provide a full service again.

Removed WikiLeaks content may be available (mirrored) elsewhere; journalists relying on content from the server should keep their own copies.

7. How is WikiLeaks funded?

The group accepts donations on its Web site, and claims a minimal required annual budget of $200,000 ($600,000 if all volunteers were paid for their time). The site has experimented with alternative methods of funding, including exclusivity arrangements with specific mass media organizations and the auctioning off of rights to particular documents.

8. What preparation does WikiLeaks do prior to publishing the documents?

WikiLeaks says that its pre-publishing process checks documents for their authenticity and compliance with their submission criteria before publishing, but not for content or legal status. 

WikiLeaks does reformat documents and present them in a form different from the original document. It attempts to remove data from material that might identify the source, such as watermarks or metadata. The changes can be also be stylistic (it presented its release of 570,000 pager messages from September 11, 2001, as a real-time re-enactment, and produced an edited version of the Iraq Apache footage), or meant to make the data more comprehensible by the public. WikiLeaks claims that the Iraq footage was sent to them encrypted, and they had to decrypt it before publishing.

9. Has WikiLeaks been censored, prosecuted, or attacked in the past?

WikiLeaks has been blacklisted by national Internet censorship systems, sometimes because it has published censorship blacklists itself. It was added to a proposed mandatory Australian blacklist after WikiLeaks published Denmark's list of banned Web-sites. The site is has been blocked in China for several years

In February 2008, the Swiss bank Julius Baer filed suit in United States federal district court against the American company that managed WikiLeaks' domain name, and obtained a permanent injunction to disable the domain. This effectively prevented anyone from being able to find WikiLeaks by visiting their most well-known Web address. The judge in the case reversed the ruling after hearing arguments from free speech groups representing American readers of WikiLeaks. 

A 2008 classified assessment of WikiLeaks written by an analyst at the Army Counterintelligence Center proposed that "the identification, exposure, termination of employment, criminal prosecution, legal action against current or former insiders, leakers, or whistleblowers could potentially damage or destroy this center of gravity and deter others considering similar actions from using the WikiLeaks.org Web site." The document was leaked to and published by WikiLeaks in 2010. 

Assange has reported that trespassers with weapons entered his compound in Kenya, and that individuals connected with WikiLeaks have been followed and questioned by authorities in Iceland. 

10. How well protected are sources that submits to WikiLeaks?

Both PRQ and WikiLeaks strongly assert their dedication to protecting sources. Sweden has clear legal protections for the confidentiality of journalistic sources, although the application of these protections to WikiLeaks contributors has not been tested in court. 

Sources are at risk, however, from other organizations that might monitor submissions to the site. In 2008, Sweden enacted a law permitting its security services to spy on all international Internet traffic passing to and from the country. Wikileak's submission process uses strong Web encryption to protect the contents of leaked documents from this form of surveillance, but it cannot stop wiretapping agencies from collecting the Internet addresses of visitors to the site. 

Sources or other visitors concerned about protecting their identity should use WikiLeaks in conjunction with an anonymizing service, such as the Tor Browser Bundle, which can help hide their origins from intermediaries. 

Malicious parties intending to track down submitters could also surreptitiously redirecting visitors to WikiLeaks' submission page to their own servers, where they could offer a fake WikiLeaks site, similar to how criminals pretend to be banking or financial sites. 

China's Great Firewall has in the past invisibly redirected visitors away from sites like Voice of America's to other servers by sending fake answers to computer domain name queries. There is no evidence that this is currently a problem with WikiLeaks. 

A simple way of verifying you are visiting the real WikiLeaks secure submission site is to double-click on the small padlock icon (either at the bottom of your browser window, or near the address bar at the top). Click on the button marked "Certification Information" or "View Certificate." Among the values listed on your screen for the Wikileak's certificate, there should be two strings of numbers, marked "Fingerprints." The real WikiLeaks' fingerprints, at least for now, are:

MD5 Fingerprint=36:64:C6:A0:45:AA:BA:58:F2:79:A3:89:C6:C4:CD:9A

SHA1 Fingerprint=88:CC:EE:8C:4F:87:3F:5D:8A:88:F1:43:2D:A9:7D:EA:8B:70:B9:07

If you see fingerprints marked "MD5" or "SHA1" that are different from these, exercise extreme caution--it shows that the encryption key used by the site you are visiting does not match the past key used by the official WikiLeaks site, and so could be an impostor. 

Like this article? Support our work

Comments

Ref Wiki Leaks 2007 Apache Helo video. I agree with your mission of improving public access to info but in this case you have greatly injured your credibility by twisting facts to arrive at incorrect conclusions. Wiki Leaks showed deliberate misinterpretation of the video and the published CENTCOM investigation. There was no mistake made by the Apache crews and there was no "fog of war". The video clearly shows the enemy people carrying RPGs and machine guns and approaching a US ground patrol. The video includes the Apache crew telling the ground commander of the threat and the sight of weapons. The crew fired after getting the ground commander's approval. The crew also correctly identified enemy forces trying to escape in the van and correctly shot the van. The ground forces found and photographed RPGs and machine guns when they arrived. CENTCOM published a detailed investigation report confirming all the above. It only takes 30 to 60 minutes to review the video and the CENTCOM report and see the weapons, understand there was a real threat and the Apache crew properly destroyed the threat. Please do not color the facts to match incorrect assertions.

Patrick Buckley April 9, 2010 11:54:50 AM ET

.
Patrick, it wasn't weapons, it was cameras. The RPG was a tripod for the cameras. Of course it's easy to confuse them by weapons, but then again, the apaches crew should be able to be to take a bit more time to correctly identify a threat, specially by the way they behave. But no, they were eager to turn them down. And, if they acted correctly, then we should blame the rules of engagement. Either way, innocent ppl were killed out of fast assumption they carried weapons when it was not.

Take a look again at the vid, and you'll see the supposed AK-47 has a big nozzle just like... a camera.

In response to Patrick, and to establish my bona fides from the start, I have in excess of 25,000 hours of flight time including in excess of 2,500 hours of low level (less than 50' above ground level) target spotter time. The RPG is a bogus claim. If any 'photographs' were taken of an RPG or an RPG launcher (they are two separate things in case you don't know it and one is useless without the other) at the site subsequent to the massacre, they were 'drop pieces', a practice that has been widely reported on in these two wars, the first Gulf war and as far back as the Viet Nam war that I can recall without more research.
I will perhaps accede to the 'AK-47' although that claim is highly doubtful too. The alleged AK-47 appears to be a combination of some sort of case and shadow cast by the loose fitting clothes the man was wearing. I am more inclined to believe that this too was a 'drop piece' carried to cover up just such idiocy as this.
If the helicopter crew is no better at discerning threats and knowing exactly what they are looking at than this, I think that courts martial are in order for the entire chain of command of the Army's Training Command. Because these guys are either pitifully trained or treacherously murderous.
And the final question that I have yet to receive anything like a coherent response to is: If these guys were enemy combatants and armed as is claimed, they must have known after the third circle that this helicopter had some suspicion about them and what type of firepower it had. That taken as granted, why had they not opened up with everything they had on the helicopter? An RPG from that altitude would have knocked that Apache to Kingdom Come with one shot. Even the AK-47 would have only had to lodge one bullet in the main rotor, sever an oil line or knock out the high pressure fuel pump to toast the Apache as effectively as the RPG. So why no hostile fire?

Just watched a doco on ABC1 (Australian TV) and wanted to commend you for the efforts todate, it gives me great pleasure to know that you have been a voice for the world....

thank you
Michael

I Just want to congratulate you on your efforts, and especially in protecting whistleblowers.. for those who have risked their lives to reveal the truth.

We need more organizations like Wikileaks! The majority of Americans WANT the truth, the nay-sayers are the MiNORiTY !!! DON'T EVER STOP, KEEP UP THE GREAT AND HEROIC WORK !!!!

I think this website is great. It is about time such information comes to Public knowledge. America claims to be a nation where everything is transparent and everyone has a freedom of speech.
However their own public has been misled when it comes to war against Iraq and Afghanistan. They know nothing about it.
War against Iraq was a against UN's decision to find so called "weapons of mass destruction" which they never found a TRACE.
I believe that calls for the president to be tried for war crimes.
I could go on a lot more but i will stop for now since this post was for wiki leaks.

Putting the information before people's eyes is the only way to spread the truth. If the Unites States government has nothing to hide about its so called "war", then why is it so threatened by wiki leaks.
If anyone says "it will compromise current intelligence/operation" please not that wiki leaks makes sure that current operational data or for past 6 months is not published.