Tuesday, May 8, 2012
http://www.theawl.com/2012/05/here-comes-openleaks-how-it-wont-be-
wikileaks
[47]Here Comes OpenLeaks: How It Won't Be WikiLeaks
By [48]Maria Bustillos [49]| May 8, 2012
Almost exactly a year ago [50]I spoke via email with ex-WikiLeaks
spokesman Daniel Domscheit-Berg. He and the four or five others who'd
defected from WikiLeaks in September of 2010 were already at work on
OpenLeaks, a successor organization with the same basic goal: to
maintain a secure platform where sensitive documents of interest to the
public can be uploaded by whistleblowers and anonymously distributed to
the press.
Now OpenLeaks is just about ready to launch. Domscheit-Berg gave a
presentation on the project some days ago at the [51]Share 2 conference
in Belgrade, and I just had to get over there to hear it. (I don't
know! All of a sudden I was in Belgrade narcoleptically passing out in
my soup, and also attending this surprisingly inspiring tech
conference.) I was able to meet and speak at length with Daniel, and
learned a ton about OpenLeaks and the future of whistleblowing.
The Serbian capital has an ex-totalitarian air, the monuments and
public buildings seeming to have been built with the principal aim of
intimidation, rather than beauty. Though there is beauty, too. There
are a lot of huge, dark bronze sculptures of stern-looking giant guys.
There are also wonderful old parks, old trees, lovely wrought iron
gates, cobbled walks. Tons of people in the street, day and night, safe
to walk, lots of women walking on their own. Beautiful old electric
trams in a wonderful rich aged red color, very noisy; I hope they keep
them always, like the San Francisco cable cars.
The conference took place against a backdrop of heightened political
activity in Belgrade. Serbian elections [52]took place yesterday.
Nerves were just generally inflamed, it seemed. Their
ultra-nationalists are far from down for the count. Indeed, the
ultra-nationalist group Nasi ("Ours") threatened to disrupt even the
groovy little Share 2 tech conference, once it became known that an
independent media group and web portal called Kosovo 2.0 intended to
present there. "Nasi's announcement condemned the webportal as 'a
direct promoter of the narco-state of Kosovo as independent and not a
part of the Republic of Serbia,'" [53]according to Lily Lynch at
Bturn.com, a Balkan culture blog. These splinter groups are known
fomenters of ultra-violence along with their ultra-nationalism. Lynch
writes, "Members of Nasi have been participants in all of the worst
shit that has gone down on the streets of Belgrade during the last
several years: the violence following Kosovo's 2008 declaration of
independence in which the American embassy was set on fire and one
individual was killed, and the 2010 Pride Parade in which 147 policemen
and nearly 20 civilians were injured."
And so [54]Kosovo 2.0 withdrew rather than risk upset at the
conference, passing out flyers and stickers instead of speaking.
Opinions were split about whether or not the Kosovo group should have
withdrawn, and the mood was thoughtful. These kids are so like ours:
sleeve tattoo, short beard, left politics, electronica, coding,
non-materialism, bicycle, veganism, Internet. I am in great hopes for
them.
Domscheit-Berg's presentation on the second day of the conference was
mobbed, and the audience was focused, attentive and respectful. This
makes quite a change from his circumstances eighteen months ago; when
he left WikiLeaks, he was almost insantly pilloried in the media and in
the hacker community, owing in large part to the high regard in which
Julian Assange, the original founder of WikiLeaks, was held at that
time. Daniel's book, Inside WikiLeaks: My Time with Julian Assange at
the World's Most Dangerous Website, was [55]routinely dismissed as the
vengeful act of a "disgruntled former employee" (though [56]not by me).
He was tossed out of the Chaos Computer Club, the hacker collective
he'd been part of before he'd ever heard of WikiLeaks. He was
[57]denounced as untrustworthy by Andy Mueller-Maguhn, former
WikiLeaks/OpenLeaks go-between (and Chaos Computer Club board member)
in Der Spiegel.
But what if the "former employee" had very good reasons for being
disgruntled? Since reading his book, I've always thought that Daniel
Domscheit-Berg was being made to suffer exactly as whistleblowers often
are: blamed for speaking up and accused of self-aggrandizement,
sabotage or pursuing a private agenda.
A lot has happened at WikiLeaks since the fall of 2010. Most notably,
through a breathtaking series of gaffes, the Guardian, its
investigations executive editor David Leigh and WikiLeaks
[58]accidentally made available a working password that unlocked the
entire unredacted trove of over a quarter-million State Department
cables leaked to WikiLeaks and known colloquially as "Cablegate." By
the time the password leak was discovered, the encrypted archive had
already been distributed far and wide on the Pirate Bay--exactly how
and by whom has never been made precisely clear--so there was no way of
putting the cat back in the bag.
The publication of the Cablegate password in David Leigh's book, which
came out in December of 2010, meant that all the names and identities
of confidential informants in the cables were compromised. Fortunately,
though, by the time the password was published, the State Department
had certainly known of the leak for many months, the first of the
cables having been published in February 2010. There is grounds for
hope that nobody was harmed as a result of the negligence of Assange,
Leigh or the Guardian. But that's all just luck, seemingly; their
carelessness might easily have compromised much more sensitive
information.
There were various accounts of the Cablegate password fiasco, some
blaming [59]WikiLeaks, others [60]David Leigh, still others [61]The
Guardian or sometimes all three. Some, including Glenn Greenwald,
sought to implicate Domscheit-Berg, though he was never directly
involved with Leigh; nor, he claims, did he have access to the
ill-fated password. [62]Greenwald's September 2011 remarks regarding
Domscheit-Berg's role in the affair were uncharacteristically
incoherent.
To my mind, the real upshot of the Cablegate debacle was that it put
paid to the likelihood of anyone's sharing so much as the contents of a
fortune cookie with Julian Assange ever again. He is currently holed up
in the UK, enduring a kind of extra-fancy house arrest while he resists
extradition to Sweden on charges of sexual misconduct. His relevance in
world affairs diminishes by the day, despite his [63]rather grandiose
Twitter feed. Recently, he's been taping "[64]The World Tomorrow," a
chat show sponsored, improbably, by the mostly Russian-state-owned TV
station RT.com. The latest episode features Assange talking to very
little purpose with Slavoj Zizek and David Horowitz.
The 2010 rupture between Domscheit-Berg and Assange has proved
absolute. These two approach life itself in fundamentally incompatible
ways, it would seem.
On the day of his presentation, Domscheit-Berg texted me, explaining
that he was upstairs at the conference center working, and that I could
wander over and talk with him, if I liked. He was all on his own,
bashing away at a laptop. A lot of media people came and went, asking
questions, filming, photographing. He handled them all with a practiced
grace and generosity; he likes talking to people, he says. The fluidity
of Daniel's talk is ornamented rather than otherwise by his marked
German accent.
MB: I find it fascinating how you wandered into the WikiLeaks
project with Assange, just like, hey, that is a good idea, and the
next minute you're caught in a web of geopolitical intrigue. I can
see how that would be bound to drive anyone a little crazy. This
rare phenomenon of what just two people are doing kind of on their
own suddenly having global significance. How do you think that
affected your character and personality afterward?
DDB: That's a really good question. It affected me in a couple of
different ways. At the beginning, I liked a lot that we were getting
a lot of media attention, and this was a big high, and I felt that
this is kind of proving that what I'm doing is worthy, validating it
in some way. But that has changed to the exact opposite; I haven't
really read any piece of news on me, with me, whatever, in the last
year at least [...] because I feel that in some way I'm kind of
terrified, by now, to take this too serious or to take myself too
importantly. That's one of the consequences of seeing what happened
to Julian. From my perspective... at the beginning, we didn't let
any of this go to our heads. At some stage, I think it went to his
head, and that's where a lot of things changed and it became
difficult. [...]
MB: Whatever the man's problems are, he's also been stuck in this
English guy's house for a thousand years.
DDB: Well, that situation needs to be resolved by courts of law.
Whether in the UK or in Sweden. Just certainly not in the U.S.
(Just to note, for those who may have forgotten: the criminal
allegations against Assange in Sweden are minor enough that they would
not ordinarily be pursued against a foreign national on foreign soil to
anything like the degree experienced by Assange in this case. So one
really can't blame Assange and his associates for supposing that the
ultimate goal of the Swedish charges is extradition to the U.S. in
connection with, for example, the release of the [65]Collateral Murder
video.)
Meanwhile, Domscheit-Berg's reputation has slowly mended. For example,
a matter of weeks ago he was [66]voted back into the Chaos Computer
Club, and Andy Mueller-Maguhn was booted off their board. These
developments indicate that the steady vindication of Domscheit-Berg, in
the hacker world at least, is more or less complete.
Since Domscheit-Berg left to start OpenLeaks, along with several others
including the mysterious programmer known only as "The Architect," who
took some or all of the code he'd written with him when they left,
WikiLeaks has been unable to accept submissions of new documents. I've
thought ever since I first looked into this story that OpenLeaks would
eventually pick up the ball, so it was gratifying to learn about the
progress they've made.
There are only five or six people working on the project so far, and it
is privately funded by them alone. Daniel said, "There is no sponsor,
there are no foundations, no corporations, there are no people paying
us for what we are doing. This is all just 100% privately funded by me
and the others. This is good because right now we are independent and
there's no one that can tell us that we need to hurry up a little bit
more.
"Have you guys thought about doing a Kickstarter?" I asked.
He answered: "Yeah, we certainly have. But we are not formally
organized yet, and as long as that hasn't happened we will not take any
money from the outside. Maybe when we are properly constituted."
I knew I wouldn't learn a thing about him, but couldn't resist asking:
"Oh, everybody wants to know about The Architect." Daniel said, "Yeah,
I know. And he knows. He just prefers to remain private and able to get
work done as long as the world is full of all this drama." Hmm, we are
liable to have still a bit of a wait, then.
WHAT WILL BE DIFFERENT ABOUT OPENLEAKS?
From its inception in September 2010, OpenLeaks was designed with all
the painful lessons of WikiLeaks in mind.
The key difference is that where WikiLeaks itself participated in the
vetting, editing and publication of leaked documents, OpenLeaks won't
even be able to read them. OpenLeaks provides only the platform for
submissions, which will be encrypted and visible only to publishing
partners designated by the source. OpenLeaks is pursuing a course of
total neutrality. This is in sharp contrast to WikiLeaks, which worked
closely with major news organizations, an approach that sometimes
resulted in a lot of friction.
DDB: When WikiLeaks [...] started to work with the Spiegel, and the
Guardian and the New York Times, the problem is the moment you get
these players, they will start to put you under pressure, because
they want to remain exclusive. This is unfortunately what the media
landscape is like; fixated on scoops, not on maximizing
enlightenment [...]
So our approach in the design that we have takes this problem into
account, because we let the source decide who gets the information
and how it flows from there. This way, we cannot steer anything. We
cannot become good friends with one organization, that we have to do
a favor or something like this, because we have no control at all;
it's just the source that is deciding. We cannot even see what kind
of information is put into the system. [...]
MB: But when you have a scoop, then you can put a spotlight on it.
There is an upside, right, to the WikiLeaks approach? Like when the
Collateral Murder video came out, there was such a buzz on that--as
a journalist, you try to create something that you know people are
going to click, they're gonna look, you make it like what they call
"sexy" or whatever, by having a provocative headline. At OpenLeaks,
then, you're giving that up.
DDB: We're not really giving it up. Because there's one organization
that receives the stuff. If the source for such a video trusts you
as a journalist, and they give it to you, then you are the one that
can put on the spotlight. [...] And as a source, if I give you
information, I can specify how long this information will remain
exclusive with you. So I can say, for two weeks that scoop is yours.
But if you decide, this is not my topic, or your publisher might
say, "This is an advertiser of ours, you're not going to run the
story." Then after two weeks, the other organizations that are part
of our network will get access to this information, if that's what
the source wanted.
MB: All at once?
DDB: Yes. Right now there's just all or nothing.
MB: Two levels.
DDB: Yes. It's very confusing for sources if they can specify, which
organizations should and which shouldn't. So if you run with the
scoop, and the source has specified that it can be distributed, the
moment that you run the scoop [all the other organizations] have
access to it as well. So now other newspapers in your country that
might even be your competitors can use the original material. And
that's not what's happening today. Today all the journalists are
sitting on their material, and trying to protect it from other
people, because they can continue to milk it all the time. And that
doesn't help society. Because that's where we are today: people are
just copying and pasting the news agency stories because they don't
have access to original materials.
Several news organizations have already begun work on implementing
secure sites for the receipt of materials through the OpenLeaks
network.
DDB: Now, the media partners so far have been very much smaller, and
internationally we have just one newspaper from Portugal, and one
from Denmark, and nobody from the States, for example, and that's
for a couple of reasons. I mean, we're open to collaborate with
anyone who has an interest. But for what we've done so far, it was
much easier to stick to organizations closer to us in order to make
some first experiences.
At OpenLeaks, partners--publishers, groups of journalists, NGOs--will
be required to set up their own websites within the OpenLeaks network
in order to receive material. But they and they alone will be able to
see that material; it will be up to them to verify, authenticate, edit
and decide how and when to publish.
Any U.S. group wishing to set up as an OpenLeaks partner will have to
send web developers along to Germany for a five-day workshop, during
which they will be provided with the initial specs and training
required for setting up such a website.
Regarding these workshops, Daniel said: "For now this would be for
developing a front end. How do you develop a website that's secure,
what kind of stuff about anonymity do you have to consider, how might
you integrate this in a meaningful manner with your existing website
[...] we're doing the workshops in the countryside so there's no
distraction at all, other than the possibility for people to take a
walk in the woods or something to get a fresh head, but it's meant to
be quite intense."
He continued: "You have to find out what is possible and what is not
possible, technically. And once you have an educated opinion on this,
only then will you be able to say if you want to run such a site or
not. There cannot be a promise that once you have done this workshop,
you will be enabled to [implement a site.] Especially if you are in the
U.S., that's a really big problem because of all these technological
details. But you will understand the constraints and be able to take a
well-informed decision. We're really eager, and all for creative
solutions. So whoever has an interest, that is great and let's take it
from there."
Travel to Germany will be required because the OpenLeaks crew, having
been as deeply involved as they were with WikiLeaks, prefer not to
visit the U.S. in case they get into some kind of hot water over here.
MB: Do you feel like you're being watched?
DDB: No. Not at all. I don't have the feeling of being watched, and
I refuse to give in to whatever kind of paranoia I could be making
of it. I'm trying to remain realistic about it. Then again, I assume
people are listening to my phone calls, because it's too cheap not
to do it.
MB: They're listening to everybody's, I guess.
DDB: Exactly. But I haven't ever noticed that I am being followed;
the house I am staying in is not under surveillance, as much as I
can tell, and it's highly unlikely that anyone has ever been in my
place when I was out, you know. I'm careful about these things, and
I'm pretty sure I would notice.
MB: Do they bother you at the airport?
DDB: No, never.
MB: Never?!
DDB: No, never ever. And I'm traveling a lot. [...]
MB: Wow. I am stunned.
DDB: So the question is, why is that? And I could get super paranoid
about the fact that this is the case, but rationally, I have no
explanation for it.
Daniel was accompanied at the conference by his wife, Anke
Domscheit-Berg, who, as an expert in Open Government issues, is a noted
activist in her own right. At the conference, she had a presentation
and was on several panels. She also gave a presentation on guerrilla
knitting and yarn-bombing; in the photo here she's working on a sort of
handrail-cozy that she installed on the handrail just outside the
conference amphitheater.
Daniel describes meeting his wife in Inside WikiLeaks; the two are
clearly very close partners, in their activism and work, and in life,
too. "You're in love!" I observed to Daniel. "I'm writing that down."
"I don't mind," he replied. "It's a known fact."
I wondered how OpenLeaks would be dealing with the rapid changes in the
security landscape online. Daniel is mainly a network specialist, so
this is his particular area of expertise.
MB: You saw the [67]Wired piece in April about increased attention
from the US government, throwing so much computing power at cracking
encryptions. How does that affect your work?
DDB: Hmm. It doesn't directly affect our work, because we're not
trying to develop an off-the-shelf product. But it certainly affects
the considerations around security and secure communications. So it
affects what is possible for our partners and what is not, and it is
what we are educating them about. Ultimately, to some extent--it's a
really good question, how secure any communication on the Internet
today can actually be.
MB: This is my question exactly. The more important, the more
visible you get, the more scrutiny there is.
DDB: Yes. Generally, there are questions like, how reliable is SSL
encryption? That's a very basic question for any kind of web
communication via the HTTPS protocol, you know. If SSL is broken,
and I think largely it is broken, then the question becomes
ultimately how much can you rely on the most widely deployed
encryption technology on the web.
Now for actually 99.99-whatever percent of all the cases of
whistleblowers, their material is not of interest to the NSA. But
there's this small, very small fraction where it would matter, and
you never know what's coming. So the question is, how much can you
offer an online whistleblowing solution when there is the chance for
that one case where a whistleblower has something that might draw
the attention of the NSA, and it might then screw that person.
So this is why it's more complicated than just delivering a
solution.
For those who haven't been keeping score in the U.S. regarding
whistleblower protections: we are so hosed. Though we were promised
strengthened whistleblower protections in the 2008 presidential
campaign, that has in no way come to pass. Though that's likely not
really Obama's fault--it has been just one more fallout from our
catastrophically locked legislative and executive branches. (For
technical details on the "national security" overreach of governmental
snooping, the Bradley Manning story, and matters pertaining to
whistleblowers in general, [68]please do consult Glenn Greenwald, whose
counterproductive, combative rhetoric drives me nuts, but there is no
denying that he has been consistently right on the facts regarding
these issues.)
The Q&A period after Daniel's presentation was held in a smaller room
at the Dom Omladine center, upstairs from the amphitheatre. Maybe
thirty people showed up. The audience was young, very young. Equal
parts rage against the machine, and idealism: Brains, energy, drive,
engagement.
"Why are they so great?" I asked Daniel afterward.
"It's this generation. They are networked, and they get perspectives
from other people."
"They are citizens of the world. Like, the first ones."
There was one tall, pale, dark-haired bearded boy, furious, pleading.
He said to Daniel: "Let's say you publish a newspaper in Serbia, that
is published, that doesn't mean anything, nobody goes to jail, there
are no consequences, there are no legal actions, there's nothing. So
you publish it, it goes in a story for a week, some person stole, I
don't know, ten million dollars from the state, but nobody cares, in
ten days it goes away, nobody remembers it. So did you ever consider
that some database could be formed, just as a memory for future
generations. To retain that information, that Google cannot delete it
from search engines. So their children are not like oh, my father was a
great citizen, a very competitive and capable businessman, no!--he was
a thief! And like no matter that he doesn't suffer legal consequences,
but in memory, like, here are the evidence."
Our later talk addressed this general frustration with media and
politics.
MB: I think the big problem is that people don't understand that
they have agency themselves. You touched on this yesterday, just for
a second; but people don't have faith that any move I can make as an
individual is going to have an effect, out there.
DDB: Yeah, but it does. And that's again what the Internet is good
for, because it helps you to understand that. Because you are
connected to all these other people and you will see that whatever
you do, it causes some kind of a ripple or whatever you call this,
and you can see it echoing somehow. Change can begin with every
single small decision we take.
If conventional news organizations aren't going to step up to
participate in OpenLeaks, it would be possible to form an association
of journalists through an NGO to participate. There are a lot of ways
whereby journalists can become involved in this effort. I hope that one
way or another, a lot of U.S. groups will jump in. Initiatives like
these are almost the only way left open to American journalists to
combat the vast and illegal snoopings of the government on our
activities. Indeed, instead of providing the added protections promised
in the 2008 campaign, [69]the administration has stepped up its efforts
to prosecute whistleblowers.
American journalists would do well to heed the remarks of a national
security representative at an [70]Aspen Institute meeting last year
between journalists, Congressional staffers, lawyers and spooks: 'We're
not going to subpoena reporters in the future. We don't need to. We
know who you're talking to.'
So time's a-wastin', with respect to restoring First Amendment rights.
DDB: We haven't come up with a fixed schedule yet. But it might make
sense to talk to editors as well, and to make them understand how to
deal with digital content, educate them about metadata and document
formats, how to clean documents of traces, these types of things. We
will also do security workshops for journalists so that
non-technical people get security training. The spectrum of what is
possible is actually pretty broad. And we're very open. Also people
should roughly know where our expertise lies, and if there is
anything that we haven't thought of yet, and somebody wants to know
if we can do it, we're open.
MB: If I run across different press outlets that want to get
involved, how do they go about it?
DDB: Just put them in touch.
MB:
d...@openleaks.org
[71]Maria Bustillos is the author of [72]Dorkismo and [73]Act Like a
Gentleman, Think Like a Woman.
References
47.
http://www.theawl.com/2012/05/here-comes-openleaks-how-it-wont-be-
wikileaks
48.
http://www.theawl.com/user/2694/maria-bustillos
49.
http://www.theawl.com/2012/05/here-comes-openleaks-how-it-wont-be-
wikileaks
50.
http://www.theawl.com/2011/05/wikileakss-insecure-future-with-an-
interview-with-daniel-domscheit-berg
51.
http://www.shareconference.net/en
52.
http://www.nytimes.com/2012/05/07/world/europe/in-serbia-voters-
disillusioned-by-the-economic-crisis.html
53.
http://bturn.com/8139/kosovo-2-0-not-coming-to-share-conference-due-
to-threats-from-serbian-ultranationalists
54.
http://www.balkaninsight.com/en/article/kosovo-media-
representatives-cancel-lecture-in-belgrade
55.
http://www.theaustralian.com.au/news/world/wikileaks-fury-at-ex-
employees-tell-all-book/story-e6frg6so-1226004259921
56.
http://www.theawl.com/2011/05/wikileakss-insecure-future-with-an-
interview-with-daniel-domscheit-berg
57.
http://www.spiegel.de/international/germany/0,1518,780289,00.html
58.
http://www.spiegel.de/international/world/0,1518,783778,00.html
59.
http://www.guardian.co.uk/world/2011/sep/01/unredacted-us-embassy-
cables-online
60.
http://www.abc.net.au/technology/articles/2011/09/01/3307488.htm
61.
http://arstechnica.com/tech-policy/news/2011/09/wikileaks-
unredacted-cable-release-is-guardians-fault.ars
62.
http://www.salon.com/2011/09/02/wikileaks_28/
63.
https://twitter.com/#!/wikileaks
64.
http://www.youtube.com/watch?feature=player_embedded&v=PM0I5k50XsY
65.
http://www.bradleymanning.org/learn-more/collateral-murder-video
66.
http://translate.google.com/translate?
sl=de&tl=en&js=n&prev=_t&hl=en&ie=UTF-8&layout=2&eotf=1&u=http%3A%2F%
2Fwww.zeit.de%2Fdigital%2Finternet%2F2012-02%2Fdomscheit-berg-wieder-im-
ccc
67.
http://www.wired.com/threatlevel/2012/03/ff_nsadatacenter/all/1
68.
http://www.salon.com/2012/05/06/surveillance_state_democracy/
69.
http://www.miamiherald.com/2012/05/07/2783978/media-silent-when-
administration.html
70.
http://www.rcfp.org/browse-media-law-resources/news-media-law/news-
media-and-law-summer-2011/lessons-wye-river
71.
http://twitter.com/#!/mariabustillos