Re: WikiLeaks founder Julian Assange arrested on Swedish warrant

[Rich Kulawiec <rsk () gsp org>]

Y'know, there's a fallacy being propagated here that's quite similar
to one pertaining to security bugs and full disclosure debates.

Consider nation A.  Now consider its ally nation X, its enemy nation Y,
and its neutral nation Z.  And let's say that the diplomatic communications
of nation A with X, Y, and Z (and others, of course) are all published
on the Internet by Wikileaks.

The presumption being made is that the contents of those communications
are all news to X, Y, Z and all those other nations.

Now let's presume that Wikileaks never existed.

Do you REALLY think that X, Y, Z, and everyone else would not help
themselves to any of those communications that they care to?

They do have intelligence services, y'know, some of which actually
have intelligent people working for them.  And while nations X and
Z might hesitate to use certain methods, there's really not much
reason for nation Y to abstain.  I would guess that the right combination
of spies, thieves, bribes, wiretaps, malware, seduction, blackmail,
flattery, drugs, alcohol, etc. would suffice -- doubly so for
low-hanging fruit such as the cables currently being disclosed.
A large number of people have access to those, presenting
a large attack surface for anyone engaged in human engineering.

Now of course we are seeing public pronouncements by nation X and
the like that they are <CaptainRenault>shocked, shocked</CaptainRenault>
at what we can now all read.  Of course we are.  They can't very well
publicly admit that they've known this stuff all along and had already
adjusted policy as necessary.

But really, if I were one of the heads of state of nation X (or Y or Z)
and my national intelligence service hadn't given me most of this on a
silver platter a long time ago, I'd sack my espionage chief before
tea-time today and tell my staff to find someone minimally competent.

Everyone is aware, I trust, that some of these countries (like the US,
for example) have huge intelligence services which spend all day, every
day, trying to do just that: discovering everyone else's secrets.
<shrug>  This is how the game is played.  Some people try to keep secrets,
some people try to find them out.  Those can't handle their secrets
being discovered should probably reconsider their participation in the
game -- or perhaps their decision to try to keep a billion secrets
spread among several million people.  Maybe a thousand secrets spread
among 50 people would present a more tractable problem.


The parallel, of course, is that we are supposed to believe that if
security researcher R does not disclose such-and-such a flaw, that it'll
remain hidden from all the other security researchers, some of whom
may not be nice people.  This is nonsense: they may not be nice people,
but that doesn't prevent them from being smart, diligent, resourceful,
highly motivated people -- and moreover, they have a very long track
record indicating that they're quite capable of independent discovery.

(Well, and there are ways to short-cut that: if I were one of the
not-so-nice people, one of my approaches would be to try to buy an
employee or two at major IT security companies.  Sure, I'd hire my
own researchers as well, but I'd like to give them an advantage by getting
my hands on whatever R is up to this week.  That way, it really doesn't
matter if R discloses or not -- in fact, I'd prefer R didn't because
the information will have more value to me if my competitors don't have
it too, and if the pool of people trying to fix the problem is as small
as possible.)

My point here is that this pretend game is silly.  It's a capital mistake
to presume one's enemy is stupid and ignorant, merely because they're
the enemy.  And it's *really* a mistake when the enemy has furnished plenty
of evidence that they're actually pretty bright and that they have ways
of finding out lots of things.

As to the posturing by Joe McCarthXXXXXXXXLieberman, someone should
tell him that there are now over a thousand Wikileaks mirrors.  And soon
enough there will be 2 Wikileaks and then 5 and then 100 and then...

        "I guess you all know about tapeworms?  Good.  Well, what I
        turned loose in the net yesterday was the...father and mother
        of all tapeworms...

        My newest masterpiece--breeds by itself...

        By now I don't know exactly what there is in the worm.  More bits
        are being added automatically as it works it way to places I never
        dared guess existed...

        And--no, it can't be killed.  It's indefinitely self-perpetuating
        so long as the net exists.  Even if one segment of it is
        inactivated, a counterpart of the missing portion will remain
        in store at some other station and the worm will automatically
        subdivide and send a duplicate head to collect the spare groups
        and restore them to their proper place."

                -- John Brunner, "The Shockwave Rider", 1975


---rsk
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.