Wikileaks Sidesteps Publishing Public PGP Key 96
An anonymous reader writes "Repeated requests toward the Wikileaks staff regarding their use of PGP have gone unanswered. The current public PGP key posted has been expired since November 2nd, 2007. A response on their PGP talk page notes that the 'SSL based mail submission system' will be the secure online method of document submission. At the current time, there is no method to safely encrypt any postal communications with Wikileaks or verify that any given communication actually originated from a Wikileaks staff member."
Doubtless there are some complicating factors here -- but what is the best way to keep a confidentiality-centric site like Wikileaks trustworthy?
Comment removed (Score:5, Insightful)
There isn't (Score:4, Insightful)
Unfortunately, there isn't - information is only as trustworthy as the source.
Re:I wish the world would use GPG more (Score:3, Insightful)
I know there are extensions to firefox to get s/mime support, PGP and a few other (proprietary) methods of encrypting emails, but you don't always have ontrol over the browser you're using.
I'd love to use encryption on my email, but if I can't read it, there's no point.
The issue is more than encrypting and signing (Score:5, Insightful)
Wikileaks appears to want to provide a way for submitters to deny they even submitted anything to Wikileaks. Sending an e-mail to wikileaks with the contents encrypted is a clear indication that you're sending something to them. By the time the leaks are made public all they want to do is find the person, searching for something that sent pgp encrypted mail, even without being able to decrypt the actual contents, is going to be good enough for them.
An ssl page, especially if wikileaks sets up some sort of drop system with other domains so you aren't obviously submitting to wikileaks, is much harder to track because people use ssl pages all over the internet all the time. If PGP were used more frequently then they could probably use that with a drop system as well, but it's just too rarely used.
Re:Whoo boy (Score:5, Insightful)
I think what they mean by "provides proof of intention to conceal" is that they don't want people leaking something and then saying "aha! You just told everyone something that I meant to be kept private, I'm going to sue! Why would I have encrypted it if I had meant you to release it?"
And that person would have a point. It's hard to think how someone could post something to WikiLeaks, so that it can be publicly posted, but desire that their information be transmitted encrypted. The assumption should always be anything you send to WikiLeaks is public, and allowing encrypted submissions may make this unclear.
If they need to submit the information anonymously they should do it anonymously, PGP can't help with that.
Re:I wish the world would use GPG more (Score:3, Insightful)
Also, what has changed is that nowadays the reason I want more privacy is because of the government and not because of regular people/crooks. And there are various ways in which the government could still read my files even when I use encryption, both by checking my screen and what I type.
Finally, even when encryption would be really secure right now, if they keep the files for 10 years, there's still the possibility that they may be able to open them. That's not real privacy to me.
The same goes for people who use Skype because they know it encrypts their conversations. But, of course the government can listen in on those conversations when they really want that, and of course eBay won't tell you about that, because then they'd lose many customers.
Re:The issue is more than encrypting and signing (Score:4, Insightful)
Why would you submit something to Wikileaks from your organization's network or through your organization's mail servers? I would think that act alone would scream, "Fire me," at the top of its figurative lungs to your soon to be ex-employers.
Re:I wish the world would use GPG more (Score:4, Insightful)
Re:Whoo boy (Score:5, Insightful)
"Proof of intention to conceal" would refer to the fact that when the next scandal at ACME is published, and only one of their faithful employees ever used PGP as evidenced by their router logs, that would constitute enough proof to sue, even without being able to read the actual contents of the mail.
So what the nice folks at wikileaks are saying is that you might as well ditch PGP and use web-based SSL forms so you can just claim you were paying your annual Playboy magazine subscription, or whatever. Or you could send all your mail with PGP and try to convince everybody else to do so as well.
So yes, PGP isn't going to do you much good, but not for the reasons you stated.
Re:Whoo boy (Score:4, Insightful)
I read it as "the Chinese or other totalitarian governments might punish you solely for using PGP".
gmail won't support it. (Score:5, Insightful)
I can't envisage an encrypted mail service that has an externalized revenue source, so the only way to fund it is by the customer paying. Which then begs the question, who do you trust enough to pay them to keep your secrets safe? In my case, I no secrets worth keeping, but if I did, I wouldn't trust anyone else to keep them for me.
Open-source, peer-reviewed encryption, under my own control, is the only technique I would trust to keep digital secrets transmitted across a wire.
The best kept secrets are of course the ones you keep solely in your own head.
there isn't (Score:2, Insightful)
There isn't. By verifying that anyone is anyone the cover is blown. Regardless the best use of it is still to post anonymously and link as many people as humanly possible. Then even if your cover is blown, the message still gets out. If you're a whistleblower, this is something you should have accepted long before you blew the whistle
Re:The issue is more than encrypting and signing (Score:5, Insightful)
Re:Reading between the lines (Score:1, Insightful)
Another option (Score:2, Insightful)
Re:Secure proof of sending, reading (Score:4, Insightful)
The short answer is "don't try to make SMTP do something that it wasn't designed to do".
The long answer - send people unique links to a web server that you control.
Re:I wish the world would use GPG more (Score:4, Insightful)
Re:Whoo boy (Score:3, Insightful)
That's silly, you don't have to distribute the private key, that's the whole point.
Take the wikileak's SSL key. How do you know that's their private key and it's not a MiM attack? You know that because verisign (or someone) signed the public key. They did that with a private key -- and wikileak doesn't have it!! Oh nos!!!
There's always a private key you don't have. That's the whole point of asymetric cryptography. PGP is no different.
So this argument is all very silly.