This Machine Kills Secrets
Page 1
THIS MACHINE KILLS SECRETS
How WikiLeakers, Cypherpunks, and Hacktivists Aim to Free the World’s Information
ANDY GREENBERG
DUTTON
DUTTON
Published by Penguin Group (USA) Inc.
375 Hudson Street, New York, New York 10014, U.S.A.
Penguin Group (Canada), 90 Eglinton Avenue East, Suite 700, Toronto, Ontario M4P 2Y3, Canada (a division of Pearson Penguin Canada Inc.); Penguin Books Ltd, 80 Strand, London WC2R 0RL, England; Penguin Ireland, 25 St Stephen’s Green, Dublin 2, Ireland (a division of Penguin Books Ltd); Penguin Group (Australia), 250 Camberwell Road, Camberwell, Victoria 3124, Australia (a division of Pearson Australia Group Pty Ltd); Penguin Books India Pvt Ltd, 11 Community Centre, Panchsheel Park, New Delhi–110 017, India; Penguin Group (NZ), 67 Apollo Drive, Rosedale, Auckland 0632, New Zealand (a division of Pearson New Zealand Ltd); Penguin Books (South Africa) (Pty) Ltd, 24 Sturdee Avenue, Rosebank, Johannesburg 2196, South Africa
Penguin Books Ltd, Registered Offices: 80 Strand, London WC2R 0RL, England
Published by Dutton, a member of Penguin Group (USA) Inc.
Copyright © 2012 by Andy Greenberg
All rights reserved. No part of this book may be reproduced, scanned, or distributed in any printed or electronic form without permission. Please do not participate in or encourage piracy of copyrighted materials in violation of the author’s rights. Purchase only authorized editions.
“Svartar Rosir/Black Roses” and “Horror of War” by Birgitta Jónsdóttir printed by permission.
REGISTERED TRADEMARK—MARCA REGISTRADA
LIBRARY OF CONGRESS CATALOGING-IN-PUBLICATION DATA
Greenberg, Andy.
This machine kills secrets : how WikiLeakers, cypherpunks, and hacktivists aim to free the world’s information / Andy Greenberg.
p. cm.
Includes index.
ISBN 978-1-101-59358-5
1.Computer hackers—Political activity. 2.Secrecy. 3.Official secrets. 4.Whistleblowing. 5.Computer crimes. I.Title.
HV6773.G74 2012
364.16'8—dc23
2012004309
While the author has made every effort to provide accurate telephone numbers and Internet addresses at the time of publication, neither the publisher nor the author assumes any responsibility for errors, or for changes that occur after publication. Further, the publisher does not have any control over and does not assume any responsibility for author or third-party websites or their content.
For my father, Gary Greenberg, and the memory of my mother, Marcia Gottfried
CONTENTS
CHARACTERS
PROLOGUE THE MEGALEAK
PART ONE LEAKER PRESENT, LEAKER PAST
CHAPTER 1 THE WHISTLEBLOWERS
PART TWO THE EVOLUTION OF LEAKING
CHAPTER 2 THE CRYPTOGRAPHERS
CHAPTER 3 THE CYPHERPUNKS
CHAPTER 4 THE ONION ROUTERS
PART THREE THE FUTURE OF LEAKING
CHAPTER 5 THE PLUMBERS
CHAPTER 6 THE GLOBALIZERS
CHAPTER 7 THE ENGINEERS
CONCLUSION THE MACHINE
SOURCES
ACKNOWLEDGMENTS
THE PUZZLE CONTAINED IN THIS BOOK
INDEX
CHARACTERS
(IN ORDER OF APPEARANCE)
JULIAN ASSANGE
Founder of WikiLeaks, former hacker, cypherpunk, and activist who demonstrated the power of digital, anonymous leaking by publishing record-breaking collections of secret corporate and government material.
DANIEL ELLSBERG
Military analyst who from 1969 to 1971 exfiltrated and leaked the top secret Pentagon Papers to The New York Times and seventeen other newspapers.
BRADLEY MANNING
Army private who, at the age of twenty-two, allegedly leaked a trove of secret military and State Department documents to WikiLeaks that would become the largest-ever public disclosure of classified materials.
ADRIAN LAMO
A former hacker and homeless wanderer to whom Manning confessed his leak. Lamo turned Manning in to army investigators.
TIM MAY
Intel physicist, libertarian, and crypto-anarchist thinker who would cofound the cypherpunks in 1991 and create a thought-experiment prototype for cryptographically anonymous leaks called BlackNet.
PHIL ZIMMERMANN
Applied cryptographer whose Pretty Good Privacy program (PGP) brought free, strong encryption to the masses. His investigation by the U.S. Justice Department from 1993 to 1996 ignited a debate over users’ right to uncrackable encryption.
DAVID CHAUM
Inventor and academic whose anonymity systems, including DC-Nets and Mix Networks, would inspire the cypherpunks and lead to tools like anonymous remailers and Tor.
ERIC HUGHES
Mathematician, cryptographer, and cofounder of the cypherpunks who ran one of the Internet’s first anonymous remailers.
JOHN GILMORE
Former Sun Microsystems programmer who would cofound the cypherpunks as well as the Electronic Frontier Foundation.
JOHN YOUNG
Architect, activist, and cypherpunk who founded Cryptome.org in 1996, a leak-focused site that has published thousands of names of intelligence agents and their sources, along with hundreds of secret encryption – and security-related documents.
JULF HELSINGIUS
Finnish systems administrator and privacy advocate, Helsingius created the Penet anonymous remailer and faced legal pressure from the Church of Scientology that demanded he turn over the identity of one of his users.
JIM BELL
Engineer and libertarian whose 1997 essay “Assassination Politics” described a system of using encryption to facilitate anonymous, untraceable, and crowd-funded contract killings.
JACOB APPELBAUM
Activist, hacker, and developer for the Tor anonymity network who befriended Julian Assange and became the WikiLeaks’ primary American associate.
PAUL SYVERSON
Logician and cryptographer in the Naval Research Laboratory who is credited with inventing the anonymous communications protocol known as “onion routing.”
NICK MATHEWSON AND ROGER DINGLEDINE
Two MIT researchers who worked with Syverson to develop onion routing into a usable tool and then a nonprofit known as the Tor Project.
PEITER “MUDGE” ZATKO
Former “gray hat hacker” who served as a spokesperson for the hacker group the L0pht. Now leads the cybersecurity division of the Pentagon’s Defense Advanced Research Projects Agency, including its program to find a method of rooting out rogue insiders known as CINDER or Cyber Insider Threat.
AARON BARR
Former chief executive of HBGary Federal, a small D.C. security firm that touted his methods for unmasking anonymous hackers and leakers.
THOMAS DRAKE
National Security Agency whistleblower who was threatened with prosecution under the Espionage Act for communicating with a reporter regarding alleged financial fraud and waste at the agency.
BIRGITTA JÓNSDÓTTIR
Icelandic member of parliament, poet, and activist who worked with WikiLeaks and is pushing a collection of radical transparency bills through Iceland’s legislature known as the Icelandic Modern Media Initiative.
DANIEL DOMSCHEIT-BERG
Germ
an former WikiLeaks associate who worked closely with Assange but was pushed out of the group in the fall of 2010. He has since engaged in a bitter feud with Assange and founded his own digital whistleblower group known as OpenLeaks.
ATANAS TCHOBANOV AND ASSEN YORDANOV
Two Bulgarian investigative reporters who founded the independent media outlet Bivol and were inspired by WikiLeaks to create the Bulgaria-focused leak site BalkanLeaks.
ANDY MÜLLER-MAGUHN
Former member of the board of the German hacker group the Chaos Computer Club. Müller-Maguhn worked with WikiLeaks and served as an intermediary in the dispute between Assange and Domscheit-Berg.
THE ARCHITECT
Secretive and pseudonymous engineer who worked with Assange and Domscheit-Berg to set up a revamped submission system for WikiLeaks in late 2009 and 2010. After a falling-out with Assange, he joined Domscheit-Berg at OpenLeaks.
PROLOGUE
THE MEGALEAK
On a rainy November day in a garden flat in London, Julian Assange is giving me a lecture on the economics of leaking.
“To put it simply, in order for there to be a market, there has to be information. A perfect market requires perfect information,” he says, settling his six-foot-two-inch body, clothed in a sleek navy suit, into the couch, a coffee mug in hand. His voice is a hoarse, Aussie-tinged baritone. As a teenage hacker in Melbourne its pitch helped him impersonate IT staff to trick companies’ employees into revealing their passwords over the phone, and today it’s deeper still after a recent bout of flu. His once-shaggy white hair, recently dyed brown, has been cropped to a sandy leopard print of blond and tan. (He’s said he colors it when he’s “being tracked.”)
“There’s the famous lemon example in the used car market. It’s hard for buyers to tell lemons from good cars, and sellers can’t get a good price, even when they have a good car,” he says in a professorial tone. “We identify the lemons.”
Assange, today, has a particular lemon in mind. He’s just told me that WikiLeaks plans to release tens of thousands of internal e-mails from a major American bank in early 2011, just a few months away from our meeting. He won’t say which bank, or exactly what the e-mails will reveal, but he promises they will expose corporate malfeasance on a massive scale, enough to “take down a bank or two.”
“You could call it the ecosystem of corruption,” he says. “But it’s also all the regular decision making that turns a blind eye to and supports unethical practices: the oversight that’s not done, the priorities of executives, how they think they’re fulfilling their own self-interest.”
This is Assange at the height of his power. When I report his words later that month in Forbes magazine, speculation that WikiLeaks’ target would be Bank of America shaves off $3.5 billion from the company’s stock market value in a matter of hours. The thirty-nine-year-old WikiLeaks founder had gotten accustomed to the feeling of his thumb on the eject button for the world’s institutional information. In the last four months, his group had already spilled 76,000 secret documents from the Afghan War and another 391,000 from the war in Iraq, entire shadow histories of the two wars, the largest public classified data breaches of all time. “These big package releases. There should be a cute name for them,” he says with a stern look.
“Megaleaks?” I offer tentatively.
“Megaleaks. That’s good,” he says. “These megaleaks . . . they’re an important phenomenon, and they’re only going to increase.”
A few hours later, after I’ve turned my recorder off, Assange has donned his gray parka and he and his assistant are packing up to leave. That’s when he lets slip that WikiLeaks is planning another megaleak in the near future, speaking about it as if it were an embarrassing technicality he mentions only out of necessity.
A big one? I ask, sweating a little. He responds that it’s seven times the size of the Iraq War document dump.
“Does it affect the private sector or a government?” I try to subdue the panicked feeling that after three hours of talking to a man who dispenses secrets to reporters like Christmas gifts, I’m somehow only now getting the real story.
“Both,” he says.
“Which industries?” I ask, thinking of my editors’ interests at the business magazine I work for.
That’s when Assange’s professional dispassion seems to crack, and he allows an unrestrained, full schoolboy grin to spread across his face, complete with his usually hidden overbite. “All of them,” he says.
A minute later, he’s out the door and disappeared down the rain-shined sidewalks of London.
Cablegate changed the world. Three weeks after my meeting with Assange, 251,000 once-secret State Department Cables began flowing out of WikiLeaks and would continue for the next year. The documents had too many connections to too many world affairs to draw straight lines between cause and effect. But when a sidewalk vendor named Mohamed Bouazizi set himself on fire in front of the governor’s office in the Tunisian town of Sidi Bouzid, the country’s citizens responded by taking to the streets to overthrow their government. Many of them cited WikiLeaks’ revelations about the U.S. State Department’s disdain for Tunisian president Ben Ali as giving them the courage to oppose their dictator of the prior two-and-a-half decades. If they stood up to him, it was now clear, America wasn’t coming to his aid.
As populist anger spread to Egypt, Libya, Syria, and elsewhere, Muammar Qaddafi warned Libyans in a televised speech not to read “WikiLeaks, which publishes information written by lying ambassadors in order to create chaos.” Nine months later, that revolutionary chaos had overwhelmed his military, ousted him from power, and killed him.
When President Obama announced that all American troops would be leaving Iraq by the end of 2011, CNN reported that WikiLeaks had cratered negotiations that might have kept them there longer. U.S. generals had asked for guarantees of legal protection for any remaining soldiers in the country. But thanks to leaked cables that revealed a massacre of Iraqi civilians and a subsequent cover-up, the Iraqi government had refused, and sent the American forces on their way.
But even as Assange’s ultrascoop percolated around the globe, the bank leak he had foretold to me failed to appear. For the next year, the Australian carefully dodged all questions about the nonleak, offering veiled excuses and eventually seeming to pin the blame on a rogue staffer who WikiLeaks would claim deleted the files. Assange’s brash vows to “take down a bank or two” only contributed to the banks’ vicious retaliation against WikiLeaks: Bank of America joined an informal coalition of payment firms including Visa, MasterCard, PayPal, Western Union, and others who refused to process donations to the world’s most controversial website, choking it to the point of paralysis.
Today, WikiLeaks is on life support. Assange faces questioning for alleged sex crimes in Sweden, with more American legal foes waiting in the wings. Revelations by the prosecutors of WikiLeaks’ alleged source Bradley Manning suggest Assange may have actively coached the young army private, potential grounds for his own indictment. His organization’s work has stalled as it struggles to raise cash. Some of its most ardent supporters have become its most bitter critics, and its releases have dropped sharply in frequency and impact. Assange seems more interested in hosting a TV talk show on the Russian government–funded network RT than in rebuilding his organization, and WikiLeaks-watchers from Evgeny Morozov to Richard Stallman argue that the group’s fate holds dark lessons. With WikiLeaks, they say, the Web turned out to be less the free, anarchic realm we once imagined than a restrictive platform tightly controlled by corporations and governments.
But it would be a mistake to focus only on how WikiLeaks has been contained, muzzled, punished, and sabotaged while ignoring a larger lesson: how the group has inspired an entire generation of political hackers and digital whistleblowers. That story didn’t begin or end with Julian Assange, or even with his inst
itution-eviscerating group. Instead, it tracks the ideals, the means, and the movement that WikiLeaks represents, extending from its predecessors decades earlier to the ideological descendants it has radically mobilized.
Since my meeting with Assange that rainy day in London, that thread has taken me from one edge of the Western world to the other as I sought out the history and future of an idea: digital, untraceable, anonymous leaking. And the line of thought I followed remains stronger in many ways than ever before. The activists and fellow travelers I’ve met have no illusions about WikiLeaks’ and Assange’s weaknesses and failures. But they share the same spirit that drove Assange: to build a better secret-spilling machine than the last one.
This Machine Kills Secrets is a book about the forces that coalesced to make WikiLeaks happen. And it’s also about how those forces are working to make it happen again.
The insider’s drive to expose institutional secrets—to conscientiously blow the whistle or vindictively dump a superior’s dirty laundry—has always existed. But the technology that enables the spillers of secrets has been accelerating its evolution since the invention of computing. With the dawn of the Internet, the apparatus of disclosure entered a Cambrian explosion, replicating its effective features, excising its failed components, and honing its methods faster than ever before.
The state of the world’s information favors the leaker now more than ever. In 2002, the amount of digitally recorded data in the world finally matched the amount of analog recorded information, according to a study by the University of Southern California’s Annenberg School for Communication and Journalism. Just five years later in 2007, the most recent year the study included, digital information already accounted for 94 percent of the world’s recorded information. And all of that information is liquid: infinitely reproducible, frictionlessly mobile—fundamentally leakable.
Just what fraction of that vast digital swamp remains secret is tough to gauge. But Harvard science historian Peter Galison, taking printed files as a proxy, estimates that there are five times as many pages being added to the world’s classified libraries as to its unclassified ones. Despite Barack Obama’s promises of a more transparent government, 76.7 million documents were classified in 2010, compared with 8.6 million in 2001 and 23.4 million in 2008, the first and last years of George W. Bush’s administration.