Forgot your password?
typodupeerror
Encryption The Media The Military United States

How Did Wikileaks Do It? 973

Posted by timothy
from the you-can-post-anonymously-y'know dept.
grassy_knoll writes "Related to the Wikileaks video recently released and discussed here, the NY Times reports: 'Somehow — it will not say how — WikiLeaks found the necessary computer time to decrypt a graphic video, released Monday, of a United States Army assault in Baghdad in 2007 that left 12 people dead, including two employees of the news agency Reuters. The video has been viewed more than two million times on YouTube, and has been replayed hundreds of times in television news reports.' The article is light on details; what encryption algorithm was used? Was this a brute force attack? Did someone pass the decryption keys to Wikileaks along with the video? Something else?"
This discussion has been archived. No new comments can be posted.

How Did Wikileaks Do It?

Comments Filter:
  • maybe (Score:3, Insightful)

    by Anonymous Coward on Wednesday April 07, 2010 @02:02PM (#31764912)

    they got it unencrypted

    • Re:maybe (Score:5, Informative)

      by pixelpusher220 (529617) on Wednesday April 07, 2010 @02:10PM (#31765050)
      exactly.

      It was in December [slashdot.org] when we learned that much of US Military video is actually not encrypted at all.
    • Re:maybe (Score:4, Insightful)

      by Guysmiley777 (880063) on Wednesday April 07, 2010 @03:23PM (#31766446)

      Yep, they got it from an anonymous source, this "we had to haxx0r REALLY hard" story is a smokescreen. The AH-64's onboard recorders don't store this video encrypted. Either a concerned party in that unit or someone in the Pentagon leaked the video.

      The video itself isn't the worst part of this story. The fact that they tried to bury it is what is really disturbing to me. You put a bunch of Army troops on the ground and give them the most lethal and effective killing machines on the planet in an urban environment and civilians ARE going to die. People who claim otherwise are lying their asses off.

  • It was leaked. (Score:5, Insightful)

    by Hatta (162192) on Wednesday April 07, 2010 @02:07PM (#31764974) Journal

    It seems to me that whoever leaked the video must have been able to view it, since they knew what was on it. So they would have had the video, as well as the decryption keys. If they're going to leak the video, why not leak the keys too?

    • Re:It was leaked. (Score:5, Insightful)

      by Applekid (993327) on Wednesday April 07, 2010 @02:17PM (#31765166)

      If you look at the Wikipedia article [wikipedia.org]'s sources section, there was an investigation conducted by United States Central Command, days after the event occurred. It's entirely possible the video was pulled for review, but while the investigation's contents may have been encrypted and not visible, the index would explain what was on it.

      I could see how someone charged with filing and safeguarding the actual data would not possess the actual decryption keys.

    • Re:It was leaked. (Score:5, Interesting)

      by fm6 (162816) on Wednesday April 07, 2010 @02:19PM (#31765206) Homepage Journal

      You're assuming the keys were in a form that could be easily shared. I very much doubt that military encryption works that way. Having your keys in a file on your PC my be adequate for you and me, but when Blofeld is out to steal your plans for invading Normandy, you need to make it a little harder for him to steal access.

      And of course, it wasn't brute force. That approach was obsolete even back in Turing's day.

  • How ironic... (Score:5, Insightful)

    by Tenek (738297) on Wednesday April 07, 2010 @02:07PM (#31764982)

    Judge White said at the time, “We live in an age when people can do some good things and people can do some terrible things without accountability necessarily in a court of law.”

    Obviously, the ability to do some terrible things without accountability should be reserved for the government.

  • by ElectricTurtle (1171201) on Wednesday April 07, 2010 @02:08PM (#31764984)
    Whoever was willing to leak them the video either unencrypted it for them or was probably willing to leak the key too. In for a penny in for a pound.
  • supercomputer (Score:5, Interesting)

    by spectrokid (660550) on Wednesday April 07, 2010 @02:08PM (#31765006) Homepage
    maybe this [twitter.com]has something to do with it?
    • Re:supercomputer (Score:5, Insightful)

      by PakProtector (115173) <cevkiv@NOSPAm.gmail.com> on Wednesday April 07, 2010 @02:20PM (#31765220) Journal

      Whoever gave them that time, if they are an American, is a Patriot. If they are not, they are a true friend of Freedom and Truth and Justice.

      And if it was the Intelligence Arm of either Russia or China, it's fucking hilarious.

      • Re:supercomputer (Score:4, Insightful)

        by rwade (131726) on Wednesday April 07, 2010 @02:31PM (#31765396)

        Whoever gave them that time, if they are an American, is a Patriot. If they are not, they are a true friend of Freedom and Truth and Justice.

        Agreed. It is a symbol of our weakness if we are unwilling/unable to restrain our power if we cannot exercise such power without this level of "collateral damage."

    • Re:supercomputer (Score:5, Insightful)

      by Deanalator (806515) <pierce403@gmail.com> on Wednesday April 07, 2010 @03:08PM (#31766136) Homepage

      Followed up by http://twitter.com/wikileaks/status/9412020034 [twitter.com] a few months back

      "Finally cracked the encryption to US military video in which journalists, among others, are shot. Thanks to all who donated $/CPUs."

      I was under the impression that they sniffed a satellite feed, and created a BOINC project to crack the key.

  • by Stradivarius (7490) on Wednesday April 07, 2010 @02:09PM (#31765024)

    WikiLeaks claims they decrypted the material. While that's certainly possible, we have no way to know if this is true. They might have received it unencrypted, but made these assertions (including the Internet posts requesting supercomputer time) to throw investigators off-track.

  • Bruteforce (Score:4, Informative)

    by Anonymous Coward on Wednesday April 07, 2010 @02:13PM (#31765096)

    Wikileak Editor said clearly that they did it via bruteforce password guessing here:
    http://www.youtube.com/watch?v=7QEdAykXxoM [youtube.com]

    Presumably someone was able to grab a copy of the encrypted file, but didn't know the password?

  • by K. S. Kyosuke (729550) on Wednesday April 07, 2010 @02:14PM (#31765112)

    Was this a brute force attack?

    I have seen the video and I can positively confirm that it was indeed a brute force attack.

  • by vmxeo (173325) on Wednesday April 07, 2010 @02:14PM (#31765118) Homepage Journal
    They used a farm of PS3s running Linux to crack the encryption. This is why Sony, acting in behalf of the US DOD, removed the "Other OS" installation option and randomly bricked consoles through last week's firmware update, (albeit too late to prevent the video from being released). Also, as documented in FCC filings, Apple's iPad has a secret built-in front camera used to spy on the American people to find the person who leaked the data. That's why the wifi connection is so poor, most of it is saturated sending live video to DHS. Finally. Microsoft is also involved somehow. I'm not sure how, but I'm sure the OOXML file format is somehow involved.
  • court of law (Score:5, Insightful)

    by roman_mir (125474) on Wednesday April 07, 2010 @02:14PM (#31765130) Homepage Journal

    Another early attempt to shut down the site involved a United States District Court judge in California. In 2008, Judge Jeffrey S. White ordered the American version of the site shut down after it published confidential documents concerning a subsidiary of a Swiss bank. Two weeks later he reversed himself, in part recognizing that the order had little effect because the same material could be accessed on a number of other "mirror sites."

    Judge White said at the time, "We live in an age when people can do some good things and people can do some terrible things without accountability necessarily in a court of law."

    yes, Judge, you are obviously doing one of those terrible things without accountability in a court of law when you silence the truth.

  • by Liquidrage (640463) on Wednesday April 07, 2010 @02:21PM (#31765238)
    Wikileaks lost a lot of respect from me. Instead of actually, you know, leaking the video, they are using it as a campaign with bias.

    I fully support the idea of wikileaks. I fully look down on them for the way they released this with an opinionated campaign. They should not be in the job of interpreting their leaks. They should not be in the job of making sites like collateralmurder.com to publicize their leaks. They should be in the business of actually leaking newsworthy items with confidentiality.
    • by monoi (811392) on Wednesday April 07, 2010 @03:02PM (#31766002)

      Unless you're funding them through your tax system (and you're not), what right have you got to tell them what they should and should not do?

      If you don't like their site, nobody is preventing you from setting up your own.

    • by Yvanhoe (564877) on Wednesday April 07, 2010 @03:17PM (#31766336) Journal
      The website you mention tells it like that :

      5th April 2010 10:44 EST WikiLeaks has released a classified US military video depicting the indiscriminate slaying of over a dozen people in the Iraqi suburb of New Baghdad -- including two Reuters news staff. Reuters has been trying to obtain the video through the Freedom of Information Act, without success since the time of the attack. The video, shot from an Apache helicopter gun-site, clearly shows the unprovoked slaying of a wounded Reuters employee and his rescuers. Two young children involved in the rescue were also seriously wounded.

      What is non-factual about this ?

      • by jnaujok (804613) on Wednesday April 07, 2010 @03:38PM (#31766756) Homepage Journal
        The word "indiscriminate" in the first line, and "unprovoked" in the second last sentence. Both of those express an opinion as to the *motive* of the attack. That is opinion, it is biased against the soldiers who clearly (listen to the audio) go through the correct chain of command and rules of engagement before opening fire.

        Also the term "rescue" and "rescuer" bias the reader that the van that just happened to enter the area with three men who jump out immediately and attempt to put the wounded man into the van while the van is rapidly turning and moving to provide a getaway was some good Samaritan, and not at all involved despite everyone in Iraq knowing to stay away from where the Apaches are circling.

        That, and naming the site, "Collateral Murder" as well.

        That puts it outside the provenance of just factually "leaking" the data.

        A factual release would have been, "5th April 2010 10:44 EST WikiLeaks has released a classified US military video depicting a military action in Iraq which resulted in the deaths of over a dozen people in the Iraqi suburb of New Baghdad -- including two Reuters news staff. Reuters has been trying to obtain the video through the Freedom of Information Act, without success since the time of the attack. The video, shot from an Apache helicopter gun-site, clearly shows the slaying of a wounded Reuters employee and the riders in a van apparently coming to remove him from the scene. Two young children seated in the van were also seriously wounded in the attack."

        The difference is subtle, but important. The factual version lets you decide whether it is indiscriminate or not -- by watching the video. The original version acts as judge and jury on the actions of the Apache crew -- a crew vindicated as meeting all the rules of engagement by a Pentagon review of their actions.
        • by pclminion (145572) on Wednesday April 07, 2010 @04:14PM (#31767428)
          When non-combatants are killed, it is because of a lack of discrimination between combatants and non-combatants. This is "indiscriminate." When a person is killed who posed no threat to the people doing the killing, it is "unprovoked." These are both statements of FACT, which can easily be confirmed by viewing the video. The wording is a summary, not an opinion.
          • by jnaujok (804613) on Wednesday April 07, 2010 @04:34PM (#31767786) Homepage Journal
            No, it is an after-action summary with near perfect knowledge of the situation. You know, going into the video, that these are non-combatants embedded in a group of combatants. The pilot and gunner did not know this. Under the Rules of Engagement, when some of a group is armed, they are all combatants.

            Secondly, the Reuters reporters failed to wear their officially issued retro-reflective "Press" vests, that would have identified them as non-combatants. They made this choice knowing the consequences. Thus, they intentionally, and knowingly, put themselves into a situation where they were endangering their lives. They also had failed to report to Reuters that they would be in the area, or even in the city of Bagdhad. It was only because one of the reporters was talking to a third man on his cell phone that Reuters found out where they were.

            Third, recovered from the scene were one (or more) AK-47 fully automatic rifles, and two RPG7 rocket launchers with two warheads. One of the RPG rounds was actually found under the body of the cameraman.

            Fourth, also recovered were the two Canon EOS cameras used by the reporters. The last images on the cameraman at the corner (the one found on the RPG round) were beautiful pictures of the lightly armored side of a Humvee about a block away from them. These are included in the investigative report. Were an RPG to have been fired from his position, those American soldiers would have died.

            Again, with perfect knowledge, we know that the guy leaning around the corner is holding a camera with a long lens. To an Apache gunner, guarding the convoy below, it looks like a big tube, and the guy is standing over an RPG round (remember, it was found under him) pointing right down the street at the troops the Apache is supposed to be protecting.

            That convoy had already received small arms fire (the reason for calling in the Apache air support) and was attempting to move through the area.

            Now, consider what the Apache pilot knew. He has been called in to protect an armored column that has been taking fire from insurgents in the area. He (and a second Apache) spot a group of armed men, one holding an RPG (which rules out the idea of "bodyguards" floated so often in this discussion.) approaching the route of the column he's been called in to protect. These men brandish the weapons, and then gather around a blind corner on the route of the column. One of them, apparently holding a long, straight tube, leans around the corner and sights down the tube directly at the column of soldiers.

            Still think that "unprovoked" applies? The mere presence of an RPG means that this is not just a bunch of guys taking pictures. So the attack is provoked.

            As for "indiscriminate"? Seriously? When the guy is down and wounded, and not carrying a weapon, they do not fire. Admittedly they beg for him to "give them a reason," but they do not fire. "Indiscriminate?" I think not.

            At every step of the way, they are getting cleared by commanders watching the same video feed, the commanders have the feed from two different Apaches to make those decisions (and apparently a UAV in the area as well.) We are seeing a single viewpoint. And we can slow-mo and zoom in on the video in a light-controlled office environment, with all the leisure to scroll back and forth and take closer looks. We are not in the heat, light, and adrenaline rush of a helicopter cockpit, buffeted by noise, smoke,and wind, and fearing for the lives of the men below who are counting on us to protect them.

            The "FACT" can only come with perfect knowledge after the facts are known, and even then, you have to ignore most of the facts to come to that conclusion.
        • by Idiomatick (976696) on Wednesday April 07, 2010 @05:10PM (#31768262)
          indiscriminate - not marked by careful distinction : deficient in discrimination and discernment
          The US army killed everyone in the group since 1 may have had a gun and 1 may have had an RPG. That may be called prudent even. But it certainly was indiscriminate.

          unprovoked - occurring without motivation or provocation
          The men on the ground didn't shoot. They weren't close enough to swear at or give the finger. Hell there was no indication that they were aware of the helicopter.

          rescuer - a person who rescues you from harm or danger
          In this case you are right. Attempted rescuer would be better. I think you could say with confidence in a strict a situation as a legal court that they were rescuers. There was a man laying on the ground riddled with bullets and they tried to drive off with him. Would you describe them as kidnappers?

          The title I will give you! It is clearly a leading title.

          Though i find it ironic that you don't want wikileaks to act as jury. But you are cool with the us gov acting as judge, jury and executioner in this case. Do remember that the US gov pretty clearly lied about this action in cover up and refused to release the footage. That is pretty evil.
    • by bersl2 (689221) on Wednesday April 07, 2010 @04:00PM (#31767212) Journal

      Do note that WikiLeaks spent real money to send real journalists to the actual Iraq to speak to real eyewitnesses and the very children who survived the attack. This was part of the verification process, and I do not see why this additional information gathered to provide context to the video should not also be used to voice some sort of opinion about the ongoing injustices that happen as part of wars. We civilians, removed from the locus of this conflict, tend to marginalize the innocent victims in our own personal evaluations of the war.

      FWIW, I don't think that the pilots should ever be punished harshly at this point, as they likely were indeed operating within rules of engagement, as the military concluded. The root cause of the errors lies farther up the chain of command.

      Also, remember that this is also about the CYA actions on the part of the military. If they had told Reuters, "Hey, our guys seriously fucked up," and perhaps paid the families of the journalists restitution (which would be the least they could do to somehow attempt to make right), and made significant changes to the rules of engagement, it wouldn't be quite as bad. But of course, this is probably not an isolated incident, and Wikileaks has footage of something in Afghanistan IIRC.

      And again, they need money to operate. There is enough of a PR component in all of this that one might consider whether money potentially derived through increased exposure played a factor in this. If so, that's one hell of a calculated gamble.

  • Overpaid geeks reading this: GIVE WIKILEAKS MONEY [wikileaks.org].

    I know Julian Assange slightly. He used to be the sysadmin at Suburbia.net [suburbia.net]. That's where my critic of Scientology [suburbia.net] website lives. He and Mark Dorset of Suburbia have assiduously defended that site against baseless legal threats from Scientology for the past fifteen years. The guy's got balls of titanium.

    The newspapers whine about "who's going to do journalism without us around?" The answer is the same as who'll do it with them around, i.e. someone else. So far it's Wikileaks.

    I gave 'em GBP50 (~US$100) last pay and will again this pay. So should you.

    Overpaid geeks reading this: GIVE WIKILEAKS MONEY [wikileaks.org].

    Thank you.

  • by goodmanj (234846) on Wednesday April 07, 2010 @03:54PM (#31767082)

    Remember, we are not seeing what the soldiers see here here. We can watch the video fifty times on slow-mo, squinting to see if that dude's carrying an RPG or a camera: the soldiers are making snap decisions on half-second glimpses. Contrariwise, the soldiers have a much wider perspective on the entire battlefront, and see things we can't. Our hindsight second-guessing is pointless.

    But my point here is not to defend the soldiers or the military: it's to say that since hindsight is useless, we should try foresight. BEFORE we send troops into a country, we should understand that shit like this WILL happen. Absolute precision in warfare is impossible: conflict WILL result in innocents getting slaughtered by terrified boys with heavy weapons.

    So when the option of war starts being discussed, we should not ask, "is our cause righteous? Are we prepared to sacrifice our sons' lives for it?" but rather, "Is our cause righteous enough that we can watch the mass slaughter of innocents, and still say we did the right thing?"

    • by kuzb (724081) on Wednesday April 07, 2010 @06:20PM (#31769160)

      The fact remains they were wrong. They didn't even try to be sure, they just started shooting and laughed about it.

      Screw you for trying to protect trailer park trash like this which shouldn't even be allowed access to weapons of any kind, never mind heavily armed assault choppers.

    • by Anonymous Coward on Wednesday April 07, 2010 @09:04PM (#31770808)

      Nonsense. On my first casual watch-through, I heard them claim 5-6 guys with AKs. My jaw dropped, then I assumed that was chatter from a different site. There was ONE man in the PLENTIFUL video beforehand who had anything long enough to be a rifle, and it was the wrong shape.

      It soon became evident that the claim was not chatter from a different site.

      I only watched as far as the first salvo - the crime had been committed at that point. I didn't watch the rest of the egregious violations, and I didn't watch it in slo-mo, so my criticisms above aren't about 'heat of battle'. I'm also not a trained killing professional. There was no battle before the US started it. This isn't about 'absolute precision'. This isn't even supposed to be a war at this point, but an occupation.

      This is one of the weakest positive identifications in existance, outside of total, utter fabrication.

"Time is money and money can't buy you love and I love your outfit" - T.H.U.N.D.E.R. #1

Working...