Rixstep
 About | ACP | Buy | Industry Watch | Learning Curve | News | Products | Search | Substack
Home » Learning Curve » Developers Workshop

The Jabberwocky of DeeDeeBee

Hack! Schnell!


Get It

Try It

Note: The mythical character 'DeeDeeBee' is of course Daniel Domscheit-Berg, former WikiLeaks staff and contact for the organisation in Germany who later went rogue (and according to some went nuts). DeeDeeBee's been accused of being a direct descendant of the mythical Jabberwock. Judging from his cavalier attitude to truth and language, this might very well be true.

See the extensive link section below for background on the mythical DeeDeeBee. Protect your children.

Trying to review or deconstruct Daniel Domscheit-Berg's talk before the CCC the other day is like trying to describe the triangularity of a square circle. It's all Jabberwocky and none of it makes any sense.

Anyone versed in presentations knows how they work. First rule is to never bore your audience. DDB will never be able to avoid that. He's boring by nature. So a few people in the audience will always fall asleep, no matter how interesting the topic.

But the topic? Aye there's the rub, said the bard. For the topic was OpenLeaks and the 'open' in it has been stressed for the past eleven months. Everyone was to be open. Transparent. Everyone was to know what OL were up to, who they were, what they were working on, what source code they were using, what submission system environment they were setting up, etc.

None of that has happened of course. Journalists from the Old Media have been firing the right questions at Domscheit-Berg for the better part of the past year and he's been squirming out of responding like the proverbial farmyard animal his beloved Leberkäse comes from.

Who is 'we', DDB? Who are your collaborators? What partners do you have? What are you doing with your time besides chatting with DreamWorks and badmouthing the site you sabotaged?

DDB told the CCC audience he had 'about' ten media partners. About. One would hope DDB's arithmetic is better than that. Or does he seriously think he can dupe an audience at CCC into swallowing the factoid he can't even keep track of the number when they're only about ten?

No matter. The test site isn't even at the OL site. It's being hosted elsewhere. Why? And the source code? Because this is supposed to be 'open'? You can't look at that either. Why not? Here comes a mouthful: it's because he'd have to hire on two more people to fend questions people would ask him.

'DDB is out of his depth and he knows it - but he doesn't know how much out of his depth he really is. He doesn't have the technical expertise to understand that.'

After explaining he has 'technical software controllants' [sic] reviewing the source code right now and explaining the submission system has been finished for several months, he wants people to believe he came to the CCC to have his new system tested - even though he does everything in his power to stop them from testing it.

What purpose in testing a system if you can't even accept feedback on it? Who are these mysterious technical software controllants? Where are they working right now? Why isn't third party review at the CCC a good idea if it was DDB's idea to go to them in the first place?

He wouldn't even let the audience look at the server room. No way. That was off limits too.

Good guess? Just a guess but a good one. DDB purchased the submission software, it's under an exclusive licence, he might or might not have the source - but if he lets anyone look at what he's got, he's toast. They'll figure him out in no time.

Another good guess? The code belongs to the 'architect'. Who doesn't want anyone but him using it. WikiLeaks didn't use it but DDB's trying. Show off the code and the architect will recognise it as his own.

The unstoppable Birgitta Jónsdóttir turns up at 1:05 in the clip. Looking a little worse for wear, she takes a front row seat. What she's doing there is anybody's guess. Perhaps she's one of the 'technical software controllants'.

A little bit later DDB is caught boasting that he has thousands of interested media partners but he's chosen to keep it down to four news organisations and one NGO German consumer rights group. But he's involved in discussions with about ten!

DDB also explains away the lack of progress for the past eleven months with this gem.

'We have to build a lot of processes.'
 - Daniel Bullshit-Berg

DDB talks around his subject matter for the better part of one hour. Around it. He's so clearly out of his depth and he's making stuff up as he goes along. Try that on a government liaison for Microsoft and you might get away with it. Try it at the CCC and you'll be burnt to a crisp.

DDB goes on about web bugs and browser caches. For ten minutes. Web bugs? Browser caches? Where's the software, dude? Where's the good stuff everybody came to see? And dear somebody, but inviting people to a party afterwards as DDB did is no substitute for giving people what they came for.

DDB is just like any number of IT trainers trying to bluff their way through assignments. They want to keep their jobs and managed to slip in the organisation. The higher-ups will eventually get around to auditing them and they'll be exposed. For it's possible to talk for 45 minutes about C++ when you're supposed to be explaining kernel level interfaces. But not to a course auditor.

But the great failure of every pathological liar like DDB (and he excels at failures) is not only that he really believes all the bullshit he spews out but that he acts (and speaks) first - without thinking - and then only after the fact scrambles to try to make sense out of what he's done.

DDB gave in to a fit of rage on 25 August last year, hijacked the WikiLeaks Twitter account, hijacked the parts of the WikiLeaks networks he had access to. WikiLeaks staff found themselves under attack and did the right thing: shut everything down and conduct a post-mortem. Check the logs. Check logs for root escalation, check logs for logins, web access, the works. Find out who was in and why. Figure out how much of the system's been damaged. Let no one else in until you've banked all that data.

But of course DDB didn't get that and his knees started shaking almost immediately. He knew he was a naughty boy and he panicked. He contacted WL and told them what he'd done, gave them the new passwords, etc.

Mustering strength for his inevitable inquisition, DDB goes into the WL chat system the following day to try to preempt it. He contacts Julian before Julian has a chance to contact him. And DDB immediately begins talking about - the Iraq War Logs? He wasn't involved in them!

So JA sits there thinking 'aha, there he is, here he goes, I have to ask the required questions and give him a chance'. It's all in DDB's book. The wonder of it is DDB really thinks he can fool his readers into accepting his skew of it.

Julian waits patiently, his mind laser-focused. Just repeat the question, he says to himself. Did you do that, DDB?

The part where DDB explains why the devil made him hijack the WL network is not in the transcript in DDB's book. Perhaps there was nothing to discuss - DDB already admitted what he'd done. And how does DDB end his conversation with Julian on this occasion?

'BAHAHAHA!'

There you go. The words of a transparency advocate. But it happens again and again.

It happens when DDB tries to explain why and how he went about sabotaging the WL mail server in the Ruhr.

It happens again when DDB gives Marcel a list of key questions and then explains for all to hear that stealing documents from WikiLeaks is not a good thing.

It happens again when DDB tries to make himself into a hero for stealing from WikiLeaks anyway.

It happens again when DDB tells Artificial Eyes that yes, he did too steal, but he really never meant to, and in fact was trying to return what he'd not stolen the same day he stole it but Julian didn't have time to listen to him.

It happens again when DDB tells the CCC that yes, he'll be happy to return the 3,500 submissions he never stole but he wants to read through them all first. Note that each submission may have hundreds or thousands of documents. Do the math - and don't say 'it's about ten'.

It happens again when DDB only a fortnight ago again told the German media (in no uncertain terms) the following.

'Nein, ich habe keine Dokumente von WikiLeaks mitgenommen.' ('No, I have not taken away anything from WikiLeaks.')
 - Daniel Domscheit-Berg

It happens again (and again and again) at the CCC this summer as DDB tries to squirm out of the traps that his world of lies sets for him.

'Never forget it's a lot of other people doing the work and not just about me', he says at the end of his painfully embarrassing hour. As if he expects the audience to fall for that ruse. This has been about DDB and no one but DDB from the beginning.

Who left WikiLeaks? The Icelanders? If you're thinking of Kristinn and Ingi? No. They're still with WikiLeaks to this day and they keep winning awards to boot. If you're thinking of Birgitta, Herbert, or Smári? No. They were never on board at WikiLeaks. So they don't count. The architect? Sure. The architect was someone DDB brought on board - one of DDB's few contributions to the organisation. The architect worked part time. But where is the architect now? He's not with DDB anymore. He's not with OpenLeaks. He'd never have let the catastrophe of the OL presentation happen.

Who's onboard at OpenLeaks? Perhaps the Icelandic Loser Trio. But DDB's not talking. There's obviously no one of any technical merit.

Who hijacked the WL network on 25 August? DDB likes to talk about his 'dozen' and his 'handful' and his 'domino chain'. But the fact is that no one else was involved. And no one would have backed up DDB on what he did. Some of them might have not liked everything at WikiLeaks, but they wouldn't have chosen DDB's solution.

Who sent out the poison pen message at EDS right before DDB tendered his resignation? Why for that matter haven't EDS filed charges against DDB, now that his admission is out in the open? Are they just glad to get rid of him? Or did they in fact find him out and force him to resign?

Who tried to hijack the WL mail server in September 2010?

What happened to that hundred thousand euros DDB spent on new computer hardware?

How come the mail server didn't get replaced - especially as DDB claims he was fixing it all the time? Did DDB really deploy servers for one hundred thousand? Where are the receipts? Where's the cash?

Defining the Task

Time and again DDB reveals he's not really sure himself what OpenLeaks is supposed to be. The idea is Julian Assange's - he talked about this at a conference in Kuala Lumpur years ago. Dedicated mail slots - but of course with a watchdog like WL at the top of the chain.

This idea then became the basis for Julian's application to the Knight Foundation. DDB hijacked the application and made one of his own. That wasn't too popular around WikiLeaks. DDB says openly today that the idea of OL came from the proposal to the Knight Foundation.

But what's the OpenLeaks idea today? DDB doesn't seem to know. His failure to answer the most obvious and elementary questions at the end of that sordid hour makes it all too apparent. DDB is out of his depth and he knows it - but he doesn't know how much out of his depth he really is. He doesn't have the technical expertise to understand that.

Daniel Domscheit-Berg managed to get two minor degrees in computer science without once writing a computer program. He's never written a line of code in his life. Never. He took courses in 'administration'. He has no appreciation for programming. And certainly even less for 'hacking'. He doesn't have a bloody clue. And if he had any hacker blood in him - if he was the genuine article - then he'd have taken up programming years ago.

Daniel Domscheit-Berg has no business being in the CCC: he's not a hacker - he's the antithesis of hacker. Designer clothes? Cauliflower? Ovaltine? Leberkäse? How did things work out at Fosshotel for Mister Tappy Shoes? What's that tattoo on his back? What was Daniel Domscheit-Berg doing with WikiLeaks anyway?

Further evidence of this breathtaking incompetence came when DDB revealed how the 'site test' was to be carried out. He didn't have a clue there either. Oh just let them hack! I don't know what hacking is! It's what programmers do! Give them a URL and let them hack away! Hack! Schnell! Can't they dress more properly?

As the CCC pointed out, there are standard procedures for such tests. DDB didn't even know they existed.

√ He got the certificate wrong.
√ He had a middle level cert from GoDaddy.
√ The site was dropping cookies on user machines.


Everybody in the business has seen how fools try to squeeze into the upper rank and file. Middle level management bursting at the seams and no one has a clue. They go around dropping hi-tech words on each other. No one understands a thing but nobody's going to ask and risk being outed. They talk like DDB - exactly like DDB. At one point he told the audience that his goal with OpenLeaks was to create 'a system that has well-defined processes and that is technically savvy'. WTF does that mean? It's almost as bad as 'technical software controllants'.

The only people in the business who talk and act like that are the idiots like DDB who don't have a clue what they're talking about. If they knew what they were talking about, they'd shut up.

If they knew what they were talking about, then they'd come to the CCC with a substantial report on the activities of the past year - of course excluding the Leberkäse Tour for DreamWorks and Bonniers with all the JA/WL slamming and book promotion hype. They'd come to the CCC with the code to prove they'd been working. They'd come to the CCC because they had good intentions - because they really wanted people to help inspect their code.

Who can possibly have better technical software controllants than the CCC?

They'd come to the CCC not to hype themselves and try to get a stamp of CCC approval but to merely inform. There's no way a group of hackers can perform a reliable and worthwhile test in a matter of days. Theo de Raadt has a team of code auditors at OpenBSD - he doesn't call them 'technical software controllants' quite yet. They work all the time, every time there's a code update and even when there isn't. Security is an iterative process, but that's another thing DDB has NFC about.

They could absolutely not come to the CCC for any other reason.

Afterword

CCC head Andy Müller-Maguhn asked the key question at the end: 'what is open about OpenLeaks?' A short time later, the board of the CCC convened to expel Daniel Domscheit-Berg from the organisation.

Postscript: Whistleblower Safety?

It's also become apparent that the annoying DeeDeeBee mantra for the past year that WikiLeaks can't be trusted with whistleblower documents is again so much Jabberwocky. And not only because the WikiLeaks track record in this regard is proven and so far flawless, but also - and most importantly - because it is now apparent, more than ever, that DeeDeeBee aka Daniel Domscheit-Berg never knew what he was talking about anyway.

Twas bryllyg and ye slythy toves did gyre and gymble in ye wabe.
 - The Jabberwock
We have technical software controllants reviewing the code right now.
 - Daniel Domscheit-Berg

See Also
OpenLeaks @ CCC 2011 (MP4)
Nothing is Permanent: Open Letter
Industry Watch: Schmitt Leaves WikiLeaks?
Industry Watch: The WikiLeaks Palace Revolt
Industry Watch: OpenLeaks: Schmitt on Toast
Industry Watch: OpenLeaks Off to a Flying Fail
Global Voices: Renata Avila Contributor Profile
Industry Watch: OpenLeaks: Schmitt on Toast II
Topsy: The Life and Times of the Leberkäse Kid
Industry Watch: Schmitt Suspended from WikiLeaks
Zeit Online: Chaos Computer Club misstraut OpenLeaks
Hanno's Blog: OpenLeaks doing strange things with SSL
The Technological: Daniel Domscheit-Berg: The Reviews
The Technological: The Life and Times of the Leberkäse Kid
Red Hat Diaries: Unrequited Love, Uncomfortable Coincidences
Spiegel Online: WikiLeaks-Aussteiger haben Datenschatz entführt
Spiegel Online: Chaos Computer Club wirft OpenLeaks-Gründer raus
Spiegel Online: Chaos Computer Club: Hacker distanzieren sich von OpenLeaks
Spiegel Online: 'I Doubt Domscheit-Berg's Integrity': Top Hacker Slams OL Founder

About | ACP | Buy | Industry Watch | Learning Curve | News | Products | Search | Substack
Copyright © Rixstep. All rights reserved.