How to leak a secret and not get caught
Marcos el Ruptor
ruptor at cryptolib.com
Sat Jan 13 12:31:02 EST 2007
It won't work.
1) Fakes: The number of fakes will be so overwhelming that no one will trust
the real documents. Just take a look at the number of fake movie torrents
out there or the amount of bs on wikipedia! Only designs, figures and source
code cannot be faked because anyone can check if the design works or
doesn't, if the figures add up or not, and if the source makes sense and
compiles to the right executable or not. But names, dates, policies,
regulations, etc. all can and will be faked to reduce public trust to that
web site to zero. And even those documents that cannot be faked can be
easily altered and resubmitted to the network by thousands claiming all the
other fakes to be fakes. Only the authors can ultimately proove the
document's authenticity. To everyone else, verification and removal of fakes
inherently takes much more time than submitting them. Even new legitimately
looking fakes can be easily created to produce the necessary public
reaction: people love scandals, so why not give them scandals? The site will
be flooded with fakes that serve those who have a greater need and more
resources to create and submit those fakes.
2) Monitoring: No government employee or anyone in his right mind would risk
visiting www.wikileaks.org without authorisation or downloading their client
software from anywhere else and then expect not to get investigated,
interrogated and ultimately caught just for being the only person with
access to that information or possibly even the only person in that city or
in that small country who did that [shortly before the document appeared
online... just to be assimilated into the pile of fakes]. One would have to
be really stupid to think that their government doesn't monitor all the
internet traffic in their own country, marking everyone visiting that site
as a potential traitor, rebel or criminal.
The idea is interesting for the difficulty of its secure implementation, but
in reality they'll just help out all those governments in catching their
traitors and in creating the scandals that suit them. Any such system is
doomed to fail in general, but a few interesting documents might still leak
out.
Ruptor
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list