|Home » Industry Watch (» The Technological » Hall of Monkeys » Heroes Banquet)
David Leigh Negligently Revealed Cablegate Password
Staggering arrogance and incompetence at the Grauniad.
1 September 2011
A Guardian journalist has negligently disclosed top secret WikiLeaks decryption passwords to hundreds of thousands of unredacted unpublished US diplomatic cables.
Knowledge of the Guardian disclosure has spread privately over several months but reached critical mass last week. The unpublished WikiLeaks material includes over 100,000 classified unredacted cables that were being analysed, in parts, by over 50 media and human rights organisations from around the world.
For the past month WikiLeaks has been in the unenviable position of not being able to comment on what has happened, since to do so would be to draw attention to the decryption passwords in the Guardian book. Now that the connection has been made public by others, we can explain what happened and what we intend to do.
WikiLeaks has commenced pre-litigation action against the Guardian and an individual in Germany who was distributing the Guardian passwords for personal gain.
Over the past nine months, WikiLeaks has been releasing US diplomatic cables according to a carefully laid out plan to stimulate profound changes. A number of human rights groups, including Amnesty International, believe that the coordinated release of the cables contributed to triggering the Arab Spring. By forming partnerships with over 90 other media and human rights organisations, WikiLeaks has been laying the ground for positive political change all over the world.
The WikiLeaks method involves a sophisticated procedure of packaging leaked US diplomatic cables into country groups or themes, such as 'resources corruption', and providing them to those organisations that agreed to do the most research in exchange for time-limited exclusivity. As part of the WikiLeaks agreement, these groups, using their local knowledge, remove the names of persons reporting unjust acts to US embassies, and feed the results back to WikiLeaks. WikiLeaks then publishes, simultaneously with its partners, the underlying cables together with the politically explosive revelations. This way publications that are too frightened to publish the cables have the proof they need, and the public can check to make sure the claims are accurate.
Over time WikiLeaks has been building up, and publishing, the complete Cablegate 'library' - the most significant political document ever published. The mammoth task of reading and lightly redacting what amounts to 3,000 volumes or 284 million words of global political history is shared by WikiLeaks and its partners. That careful work has been compromised as a result of the recklessness of the Guardian.
Revolutions and reforms are in danger of being lost as the unpublished cables spread to intelligence contractors and governments before the public. The Arab Spring would not have have started in the manner it did if the Tunisian government of Ben Ali had copies of those WikiLeaks releases which helped to take down his government. Similarly, it is possible that the torturing Egyptian internal security chief Suleiman - Washington's proposed replacement for Mubarak - would now be the acting ruler of Egypt, had he acquired copies of the cables that exposed his methods prior to their publication.
Indeed, it is one of the indelible stains on Hillary Clinton that she personally set course to forewarn dozens of corrupt leaders, including Hosni Mubarak, about some of the most powerful details of WikiLeaks revelations to come.
Every day that the corrupt leadership of a country or organisation knows of a pending WikiLeaks disclosure is a day spent planning how to crush revolution and reform.
Guardian investigations editor David Leigh recklessly, and without gaining our approval, knowingly disclosed the decryption passwords in a book published by the Guardian. Leigh states the book was rushed forward to be written in three weeks - the rights were then sold to Hollywood.
The following extract is from the Guardian book:
Leigh tried his best not to fall out with this Australian impresario, who was prone to criticise what he called the 'snaky Brits'. Instead, Leigh used his ever-shifting demands as a negotiating lever. 'You want us to postpone the Iraq logs publication so you can get some TV', he said. [WikiLeaks: We required more time for redactions and to complete three Iraq war documentaries commissioned through the Bureau of Investigative Journalism. The documentaries were syndicated through Channel 4 (UK) and al Jazeera English and Arabic.] 'We could refuse and simply go ahead with publication as planned. If you want us to do something for you, then you've got to do something for us as well.' He asked Assange to stop procrastinating and hand over the biggest trove of all: the cables. Assange said 'I could give you half of them, covering the first 50% of the period'.
Leigh refused. All or nothing, he said. 'What happens if you end up in an orange jumpsuit en route to Guantánamo before you can release the full files?' In return he would give Assange a promise to keep the cables secure, and to not publish them until the time came. Assange had always been vague about timing: he generally indicated, however, that October would be a suitable date. He believed the US army's charges against the imprisoned soldier Bradley Manning would have crystallised by then, and publication could not make his fate any worse. He also said, echoing Leigh's gallows humour: 'I'm going to need to be safe in Cuba first!' Eventually Assange capitulated. Late at night after a two-hour debate, he started the process on one of his little netbooks that would enable Leigh to download the entire tranche of cables. The Guardian journalist had to set up the PGP encryption system on his laptop at home across the other side of London. Then he could feed in a password. Assange wrote down on a scrap of paper:
[WikiLeaks: we have replaced the password with Xs.] XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
'That's the password', he said. 'But you have to add one extra word when you type it in. You have to put in the word 'XXXXXXX' before the word 'XXXXXX'. [WikiLeaks: so if the paper were seized, the password would not work without Leigh's cooperation.] Can you remember that?' 'I can remember that.' Leigh set off for home and successfully installed the PGP software.
The Guardian disclosure is a violation of the confidentiality agreement between WikiLeaks and Alan Rusbridger, editor-in-chief of the Guardian, signed 30 July 2010. David Leigh is also Alan Rusbridger's brother in law, which has caused other Guardian journalists to claim that David Leigh has been unfairly protected from the fallout. It is not the first time the WikiLeaks security agreement has been violated by the Guardian.
WikiLeaks severed future projects with the Guardian in December last year after it was discovered that the Guardian was engaged in a conspiracy to publish the cables without the knowledge of WikiLeaks, seriously compromising the security of our people in the United States and an alleged source who was in pre-trial detention. Leigh, without any basis and in a flagrant violation of journalistic ethics, named Bradley Manning as the Cablegate source in his book. David Leigh secretly passed the entire archive to Bill Keller of the New York Times in September 2011 or before, knowingly destroying WikiLeaks' plans to publish instead with the Washington Post and McClatchy.
David Leigh and the Guardian have subsequently and repeatedly violated WikiLeaks security conditions, including our requirements that the unpublished cables be kept safe from state intelligence services by keeping them only on computers not connected to the Internet. Ian Katz, deputy editor of the Guardian, admitted in a December 2010 meeting that this condition was not being followed by the Guardian.
PJ Crowley, US State department spokesman on the cables issue earlier this year, told AP on the 30 August 2011 that 'any autocratic security service worth its salt' would probably already have the complete unredacted archive.
Two weeks ago when it was discovered that information about the Leigh book had spread so much that it was about to be published in the German weekly Freitag, WikiLeaks took emergency action, asking the editor to not allude to the Leigh book, and tasked its lawyers to demand those maliciously spreading its details about the Leigh book to stop.
WikiLeaks advanced its regular publication schedule to get as much of the material as possible into the hands of journalists and human rights lawyers who need it. WikiLeaks and its partners were scheduled to have published most of the Cablegate material by 29 November 2011 - one year since the first publication. Over the past week we have published over 130,000 cables, mostly unclassified. The cables have lead to hundreds of important news stories around the world. All were unclassified with the exception of the Australian and Swedish collections and a few others scheduled by our partners.
WikiLeaks has also been in contact with Human Rights Watch and Amnesty at a senior level. We contacted the US embassy in London and then the State department in Washington on 25 August to see if their informant notification program, instituted last year, was complete - and if not, to take such steps as would be helpful. Only after repeated attempts through high level channels and 36 hours after our first contact did the State department, although it had been made aware of the issue, respond. Cliff Johnson (a legal advisor at the State department) spoke to Julian Assange for 75 minutes but the State department decided to not meet in person to receive further information which could not at that stage be safely transmitted over the telephone.
OpenLeaks @ CCC 2011 (MP4)
Nothing is Permanent: Open Letter
Industry Watch: Schmitt Leaves WikiLeaks?
Industry Watch: The WikiLeaks Palace Revolt
Industry Watch: OpenLeaks: Schmitt on Toast
Industry Watch: OpenLeaks Off to a Flying Fail
Global Voices: Renata Avila Contributor Profile
Industry Watch: OpenLeaks: Schmitt on Toast II
Topsy: The Life and Times of the Leberkäse Kid
Industry Watch: Schmitt Suspended from WikiLeaks
Developers Workshop: The Jabberwocky of DeeDeeBee
Zeit Online: Chaos Computer Club misstraut OpenLeaks
Hanno's Blog: OpenLeaks doing strange things with SSL
The Technological: Daniel Domscheit-Berg: The Reviews
The Technological: The Life and Times of the Leberkäse Kid
Red Hat Diaries: Unrequited Love, Uncomfortable Coincidences
Spiegel Online: WikiLeaks-Aussteiger haben Datenschatz entführt
TwitLonger: Statement by Julian Assange on the Domscheit-Bergs
The Technological: That Super-Secret WikiLeaks Encryption Key File
Spiegel Online: Chaos Computer Club wirft OpenLeaks-Gründer raus
Industry Watch: Statement by Julian Assange on the Domscheit-Bergs
TwitLonger: WikiLeaks Statement on Daniel Domscheit-Berg and OpenLeaks
Spiegel Online: Chaos Computer Club: Hacker distanzieren sich von OpenLeaks
Spiegel Online: 'I Doubt Domscheit-Berg's Integrity': Top Hacker Slams OL Founder