by Quendrith Johnson, Los Angeles Correspondent
“Hello World,” is usually a newbie’s first line of code in programming, but as of Wikileaks Vault 7 data dump about CIA covert hacking on Mar. 7, followed by Julian Assange’s “Press Conference” on Mar. 9, the whole world is actually reeling, as in the wake-up call: Hello World!
But fear not, leave it to the much-maligned Entertainment Journalists to tread where no investigative reporter dares to go.
Later on, the actual self-conducted Q & A that Julian Assange held via video press conference is included in a very compelling transcript form. Glean from that what you will, it’s like the ultimate star hacker interview.
For now, when you look at Vault 7 in relation to the July 8 release of Alex Gibney’s documentary ZERO DAYS about the Stuxnet virus, it all makes sense. You can read this later, linked here, but for now just stare hard at the self-released description by tricky Wikileaks itself.
Ready? Wikileaks Vault 7 is “The first full part of the series. ‘Year Zero,’ comprises 8,761 documents and files from an [undisclosed internal server at Langley, CIA HQ]. ‘Year Zero’ introduces the scope and direction of the CIA’s global covert” cyber weapons exploits. Zero Days, Year Zero, hmm.
Located on the interwebs at https:// wikileaks.org/ciav7p1/ (which is not linked live here for security reasons and not to endorse Wikileaks), Year Zero alone says quite a lot.
So let’s have some fun with it. One reporting agency had a pundit on who sarcastically commended the CIA hacking team on its excellent choice of code names, such as UMBRAGE, whereby the CIA pretends to be other hacking entities by mimicking their stolen code. But they entirely missed out on Year Zero subtext.
Meaning, the bromance between comic nerds and hackers is writ large here. First, for nerd cred, “Year Zero” is also “an alternate reality game (ARG) based on the Nine Inch Nails concept album of the same name.” These internal hackers are toying with us.
As in, how about with an alternative reality game reference twist that is a clue to a shadow alternative government or deep state? But wait, there’s more. “Zero Year” is also “a year-long comic book crossover event published by DC Comics that began in June 2013 and ended in July 2014, featuring the superhero Batman.” Which is the Vault 7, Part One, start date Assange mentions, being 2013.
DC Comics describes this as “The second arc of BATMAN: ZERO YEAR is collected as the New 52 origin of The Dark Knight delves into Bruce Wayne’s past with the Red Hood Gang and his run-ins with aspiring District Attorney Harvey Dent! You won’t want to miss the moment that Bruce becomes Batman! [BATMAN #21-24].”
Red Hood Gang is so close to a hoodie reference, specifically Edward Snowden’s red hoodie he wears in CITIZENFOUR to shield himself while on the interwebs. Not to mention that if Bruce Wayne as Batman goes up against the DA, District Attorney, being the Gotham government, well isn’t that analogous to the CIA defying the actual government with their new cyber hacking superpowers?
Hey, if the Right Wing can have its conspiracy theories, there’s the extent of a comic book conspiracy. InfoWars and those YouTube conspiracy theorists only wish they’d seen these parallels.
Back to reality, or in Wikileaks version of reality, Year Zero must mean a year of undetectable cyber exploits by the CIA, which are now hit hard by daylight. While the revelations may shock many around the world, Alex Gibney, the documentary filmmaker behind the Eliot Spitzer expose, already bumped up against this internet leviathan, this covert sea monster of cyber space, by landing actual ex-CIA and NSA officials on the record in his documentary about the Stuxnet virus at the center of ZERO DAYS. CIA’s brave Gen. Michael Hayden even uses his actual identity as he hints at an internecine war between spy agencies in ZERO DAYS.
Stuxnet is described in the movie as a “self-replicating computer malware (known as a ‘worm’ for its ability to burrow from computer to computer on its own) that the US and Israel unleashed to destroy a key part of an Iranian nuclear facility, and which ultimately [mutated] and spread beyond its intended target.”
Pay close attention to that “computer to computer” line, because Julian Assange will refer to an “air-gap” later, and you need to know what that is to understand the ramifications of this new class of weaponzied programs. Air-gap jumpers mean the virus can literally jump without a wire, through the ether to infect nearby computers, thus a potentially endless domino effect of digital disaster.
Filmmaker Alex Gibney basically told the world about what was to come in Wikileaks Vault 7 when he categorically stated for ZERO DAYS, the following: “I started out making a small film investigating ‘Stuxnet…’ What I discovered was a massive clandestine operation involving the CIA, the NSA, the US Military and Israel’s intelligence agency Mossad to build and launch secret cyber ‘bombs’ that could plunge the world into a devastating series of… attacks on critical infrastructure, shutting down electricity… this science fiction scenario…”
And it was only Oscar short-listed for 2017, even though, pyrrhic victory, it is now vindicated as a real contender.
Symantec anti-virus whiz Eric Chien, who is in ZERO DAYS, said “when you have black motorcycles, wearing all black following you, behind you, you start to wonder.”
On why Stuxnet wasn’t part of the Snowden leak, he casually mentioned “Edward Snowden didn’t leak this because those files are stored on a different server.” Unbelievably important information, now backed up by Wikileaks Vault 7, and Julian Assange himself.
Speaking of the white-haired, self-conflicted, quasi-programming wizard from Oz, Australian-born Assange speaks here in his own words. Granted, some of his Britishisms have been converted to American English (i.e.; favour to favor).
This is the Mar. 9, transcript, presented in its entirety (typos and all), so as to honor the tradition of unedited versions, that Wikileaks trademark.
Assange tends to be long-winded and overuses the word “problematic” as a euphemism for all hell breaking loose, but it’s worth a read to draw your own conclusions about the Vault 7 data dump that is literally as important as a big budget Hollywood release in its footprint in the media.
(Note the linked ZERO DAYS article at the end, which includes a complete 101 download on hacking terms.)
JULIAN ASSANGE INTERVIEWS HIMSELF, STREAMING ON VAULT 7
JULIAN ASSANGE: We now need a digital Geneva convention that will commit governments to protecting civilians from nation-state attacks in times of peace and just as the Fourth Geneva Convention recognize that the protection of civilians require the active involvement of the Red Cross – protection against nation-state cyber-attacks requires the active assistance of technology companies and companies like Wikileaks which can provide information about these attacks.
The tech-sector plays a unique role as the internets first responders and we therefore should commit ourselves to collective action which will make the internet a safer place affirming a role our role as a neutral digital Switzerland that assists people all over the world to be secure.
So now I will go on to some questions, first of all I confess this is one from me.
Q: Does Wikileaks have a position on this sort of material?
Well Wikileaks has a position on publishing in general – we fight for the rights of publishers to publish, we fight for the rights of sources to be protected and we fight for media accuracy.
Having obtained a perfect record in the last 10 years it’s one of our comparative advantages, but otherwise we don’t have a position on particular issues that we’re publishing about but in this case we do have a position.
We have a position because these types outside the weapons are used to attack the communication technology the journalists use to communicate with their sources and with each other. The sorts of technology that investigative reporters reporting on the national security sector reporting on war crimes use to communicate their information within their media organization and back-and-forth with their sources.
For example the New York Times has put up a tip line – it is based upon the signal protocol.
Now Signals a good encryption system for mobile smart phones, now what’s the problem – well if you control the smart phones it doesn’t matter how good the encryption system is. So signal and telegram from that perspective can simply be bypassed by attacking the endpoints, attacking one of the telephones belonging to the source or one of the telephones belonging to the journalist.
And the New York Times has a central tip-line – one phone that all of its tips go to for the signal protocol and of course that phone can be hacked it doesn’t matter what the security system is, as a result you see the numbers coming into the coming into it and you see the messages exchanged.
So Wikileaks does have a position – we want to secure communications technology because without secure communications technology journalists are not able to effectively hold the state to account.
WikiLeaks protections for its sources, are they affected by this?
No they’re not affected not directly – why is that well because we’re specialists in this area, we’re specialists in source protection and I’ve known in general about this type of problem for a long time. So our systems are developed to not be exposed and not based on smart phones for example we have specialised cryptography that is not susceptible to these types of attacks. On the other hand are our lawyers susceptible to these types of attacks ? Yes they are – a lot of
them are susceptible to these types of attacks. Are our key security security staff ? No because we understand that, but we want to protect all our staff and the rights of journalists and sources to communicate effectively.
Ok so that’s my question now I’ll go onto the others – the question from CNN:
Q: As long as these are overseas targets isn’t it legal for the CIA to do this?
Well first of all I’d just like to .. It’s a legally important question in the United States but there are many questions that might be asked by CNN, and one that seems to defend the interests of the CIA I think is a bit problematic* to have been the first question to be asked.
Well the answer is this – unfortunately the CIA does have a history of attacking not only the political parties operating overseas we just published how the central intelligence agency issued instructions to its staff to penetrate the last French election cycle in 2012, the last French presidential election.
It has a habit of behaving badly inside the United States as well.
That’s an extensive habit going on for years. Most recently in 2014 the CIA was denounced by the US Senate Intelligence Committee because it had hacked their investigation in Congress into the CIA torture program and had used its hackers to retrieve documents that the Senate Intelligence Committee had evidencing what the Central Intelligence Agency did in terms of torture.
Why did it do that ? I mean it’s given various excuses, the answer probably is because it perceived that information would be a threat to itself as an institution. That’s how institutions behave especially intelligence institution – the CIA is the largest intelligence agency in the world by budgetary expenditure and of course it wants to maximize its own institutional power.
And key individuals also want to defend their programs or increase their roles, get themselves into a position where they can cash out and go to work for defense contractors.
What about WikiLeaks material in the first part of Vault 7 – does it demonstrate the CIA attacking targets within the United States ? That’s an interesting question the answer is not known.
There are more than 22,000 IP addresses that we have detected, internet addresses that correspond to computer systems within the United States.
Now one of the large research programs projects we have underway is to discover:
How many of those systems are attack systems that are used to relay and pass attacks from the CIA out into the rest of the world. How many of those intermediary victims – that is say an internet service provider which is hacked in order to create an attack somewhere else overseas. How many are direct victims. How many corresponding to say a visitor to the United States from a foreign country. How many correspond to joint operations between the CIA and the FBI, with the CIA providing technical support . It’s a complex question that is not resolved but there are more than 22,000 IP addresses corresponding to CIA activities in the United States.
Q: Is there proof that the CIA are involving in an internal struggle [vs NSA] – leaking as opposed to something else?
Well we can’t we can’t comment directly on sourcing. As someone who’s studied the behaviour for many years of intelligence agencies in different countries it is an unusual time in the United States to see an intelligence agency so prominently involved in domestic politics.
Now it’s a level of principle that’s quite problematic , there are arguments on the other side that obviously – if there’s an extreme government then perhaps it does call for illegal behaviour by an intelligence agency. We don’t have an opinion on whether that is the case yet or not the United States.
Wikileaks is intellectually intrigued to see this conflict occurring because it does tend to generate whistleblowers and sources on both sides of the equation.
Q: What are the implications for journalists and sources?
I explained previously these types of the technology are used to penetrate the computers and phones that journalists used to communicate with each other and communicate and protect their sources. I think that’s an incredible problem.
In response to the Edward Snowden disclosures and some others much more encryption has been used by individual companies specializing in it like with Whisper Systems, like Telegram but also included into Apple and Microsoft and other products so that is fairly effective at hindering bulk interception, which is what the national security agency’s been doing. Passively taking all the information say that flows from Latin America to North America or from North America to Europe.
But in response the Central Intelligence Agency at least has diversified to specialise on attacking the endpoints prior to encryption occurring or after decryption occurring. And say okay but that at least means that they have to engage in target in attacks which is more more expensive and might have more of an audit trail – that’s true but we have exposed the particular section of the central intelligence agency called the automated implant branch.
So that is not just to develop viruses and other attacks to put into people’s computer systems to facilitate a CIA hacker in doing that but also to automate how that is done.
So you can you can see that between an individual targeted attack which is direct and invasive and massive passive bulk interception the intermediary point which is the increasing automation of targeted attacks. Their automated enough they start to approach the level of bulk capacity intersection we’re not there yet for most countries but we are shifting significantly away from one CIA officer directing one hacker who attacks one target.
Rather we’re seeing systems developed and whole branches of the Central Intelligence Agency to automate attacks and infestations of CIA malware into targets.
Q: How do these practices by the CIA impact on members of the general public?
With android phones, iPhones, Samsung TVs etc, well in a number of ways. So you might think as a member of a kind of average person well is the CIA interested in you? We have this problem that increasing automation of these attacks means that the interest may not have to be that high.
You might be you might know someone who knows someone who say works for the French government will be the target of such an attack because they’re involved in decision-making about large French exports, and we published a previous document showing how the ODNI – that’s the oversight body for all intelligence agencies instructed the CIA to try and get hold of every single French contract valued at over 200 million dollars.
Similarly in the information we revealed about CIA attacks on the French political parties there was two instructions to try and determine where the French political parties will try and go for a more German oriented economic policy of increasing exports. Now really what’s going on is that the Central Intelligence Agency and the ODNI through who they tend to be involved in contracting is close to organizations say like Boeing and then wants to assist Boeing in unfair competition say against Airbus which the French have a stake in.
Q: About redaction, WikiLeaks has often stated they only redact in exceptional cases [i.e.; what is the policy]?
Well there’s been a lot of false reportage about what our redaction policy is. Our redaction policy is essentially the same as the Freedom of Information Act which is – we don’t react unless there are important ground to do so and then we only do so for a limited period of time until those important grounds have elapsed.
In this particular case we redacted some 78,000 pieces of information for Vault 7 part 1. That information corresponds as i said before to IP address of targets and attack machines. Well why did we redact that – well because we want to investigate which ones are targets, which ones are attacking scenes which ones were victims that were attacked to get a place hold to make another attack and if we publish them all immediately it’ll be harder to create that investigation.
Q: What is the time period that these publications relate to?
The time period is 2013 to 2016 for the part 1 publication be published on Tuesday. Other material in Vault 7 is also recent and there is some old material. Interestingly one of the key systems, attack systems developed by the Central Intelligence Agency which affects multiple computer types at once it’s called HIVE and if you look carefully you’ll see that in our publications on Tuesday there’s a reference to HIVE being first started more than a decade ago.
So the CIA has been involved in this for quite a long period of time gradually expanding its capacity as it managed to get budgetary and political pre-eminence over its chief bureaucratic and budgetary rival the National Security Agency. That’s a very interesting story about the conflict between these two rival agencies over time.
The CIA budget used to be smaller than the national security budget and it’s now something like 1.5 times the size of national security budget, as a result the CIA has been able to build its own drone air force and massively expand its hacking operation so it doesn’t need to ask the National Security Agency for favors.
And of course if you also want a favor a favor can be asked back but also a lot of the operations of the CIA conducts are a bit questionable for example that operation conducted against the Senate Intelligence Committee. Now if the CIA had no capacity that it would have had to ask National Security Agency to provide it with hackers to help it attack and try and take those documents off Dianne Feinstein and her staff.
Now it wasn’t able to, didn’t need to disclose that to the National Security Agency because it has the capacity to do it itself and the National Security Agency having been in the media so prominently especially after it’s complications in 2013 , has far more oversight and accountability for its digital operations then the Central Intelligence Agency does. It’s a real question whether in practice there can be meaningful oversight.
I don’t think there can be – I think it’s an illusion that there can be meaningful oversight although one has to try because you can’t leave a regulatory ground unoccupied because it it will simply, the bureaucratic organization will expand into that regulatory ground and occupy it.
Q: So why can’t the CIA hacking operations be effectively regulated?
Well they’re done in secret, its arcane complex technology and look what has happened with the CIA – loss of control over it’s entire cyber weapons arsenal.
So if the CIA which is certainly, it’s highly motivated to try and keep control of it – if it can’t even control its entire cyber weapons arsenal because information can flow without oversight – then what is the chance that it can control how that Arsenal is used ? It can’t, there’s absolutely nothing to stop a random CIA officer or contractor or liaison agent working for the British using that technology against whoever they like whatever personal reasons they like.
The technology is designed to be unaccountable, it’s designed to be untraceable, it’s designed to hide itself, it’s designed to to remove traces of its activity, it’s designed to throw off people looking to see where there are fingerprints that might demonstrate who authored that technology.
And that is done by collecting viruses and malware from mafia and various groups in other states and assembling them, that’s something that we published that there’s a whole section of the CIA working something called umbrage which is designed to do that. And we have quite a lot more material that talks about these attempts to throw off authenticated, sorry to throw off attribution to discover who was really behind a particular cyber attack.
Already an antivirus expert has come forward to say that a sophisticated malware that he had attributed to a state either Iran or China or Russia now he believes actually is from Central Intelligence Agency, because the type of attack system that uses corresponds directly to a description that we published of an attack system and it’s rare enough that it seems unlikely it would be independently discovered discovered.
Unless of course that China has already gotten hold of these parts of the CIA arsenal and that China is using them to pretend to be the CIA.
Q: is the CIA causing commercial damage to companies through these practices?
Yes – potentially billions of dollars of damage because if say you’re in China which is now the world’s largest economy and you run a company and you want to equip all your employees with particular phones or particular computers – do you trust that if you go and buy a dell computer or computer running Microsoft or Apple phone can you trust that it’s not vulnerable to these CIA attacks ?
Well because Apple and Dell and so on are all based in the United States where it’s understood that the u.s. government is breaching previous promises that is made which is to tell us industry about these vulnerabilities – then it starts to look like that the u.s. government and US industry is in cahoots and then you can’t trust any exports from United States.
So one report just at the time of Edward Snowden’s revelations suggested that practice by the National Security Agency of imperiling US industry would cost 40 billion dollars in exports, so this sort of behavior by the Central Intelligence Agency undermining those commitments by the Barrack Obama administration to tell US technology companies about vulnerabilities before they were exploited by foreign intelligence agencies or by cyber Mafia – that breach of promise decreases trust both in the US government but also in US exports.
Q: How do these publications shed light on the ability of the CIA to penetrate high security networks not connected to the internet?
Important question – they’re called air-gapped network so if your worried about being attacked over the internet make your machines internet disconnected that’s what most police network do for example or networks that are inside companies say like Boeing, they disconnect the network so that hackers they think can’t attack them – but the CIA has created a number of viruses one for example called HammerDrill which are air gap jumping virus.
So they sit on a computer waiting – this particular one HammerDrill sits on a computer, windows computer waiting until someone goes to burn a cd-rom, put software on a cd-rom and it jumps onto the cd-rom and infects the executable programs that you put on the cd-rom so they want to go somewhere else it then affects the other computer and starts a channel.
There’s a number of at least 30 different types of malware that the CIA has created to try and do that, some that are designed for CIA hackers and CIA agents to say pretend to go somewhere and pretend to give a presentation or use VLC a video player to play a video to give a presentation, meanwhile behind the scenes the video presentation software and it’s trojanised version of VLC goes into the computers that it’s plugged into – surveys them, infects them and ransacks the material and brings it back.
If you invite someone into your company or government department to give a presentation they put this into the presentation computer and now its infected. Similar to play a video and it’s infected, many other different things. One is even a virus scanner someone is pretending to be a computer security consultant to remove viruses from an organization and in fact the virus checking program is the CIA virus that is used to infest the rest of the computer network and retrieve information.
Q: Among the list of possible targets are there any references to extremists or transnational criminals?
Not in the material that we published on Tuesday [Mar. 7] – Vault 7 part 1. No. It’s conspicuous, there’s there’s no reference to terrorism theres no reference to extremists, there are references to many other target types for example liaison agents so Allied intelligence agencies that speak to the central intelligence agency.
And the CIA has developed a menu of frequent attacks include attacking the liaison officers coming only from QCHQ or the DGSE which is a French intelligence agency who think that they are cooperating with the CIA but really the CIA is infesting the liaison agent. So they’re all there in a menu called “fine dining” it’s a list which literally describes itself as a menu of frequent attacks and attack types that is given to CIA case officers and they say yeah I want to attack and infest some agent that I control, a liaison, someone working for a foreign government department etc.
What is not there is any reference to terrorists any reference to extremists and that actually shouldn’t be a surprise to anyone , no one no one who studies the intelligence world it shouldn’t surprise them because even if you just look at the budgets that came out in 2013 to the US intelligence black-budget you don’t see anything like the majority of the body going towards extremism even though they are very strong political reasons to try and catch any operation in counter terrorism and counter extremism to get more money despite that political pressure.
Something like a third of the US the entire US intelligence budgets is described as countering various forms of extremism and the overwhelming majority is not but particularly for the CIA the vast majority of the expenditure and attack types are geopolitical. They’re about, you know similar to the information revealed about the attacking of the French election cycle – understanding who could be pals with the CIA , who could you know help out the institution in one way or another so for example spy on Airbus, that information you then pass to the US Chamber of Commerce among others which is listed in the material and US Chamber of Commerce and then adjust what is doing in order to that is Boeing and these companies are closely connected to each other.
It’s not even about what is the policy that can help us industry the most, boost US economy the most, it it’s about which elements of the US economy and or related intelligence organizations in the United States and outside the United States are best able to ask for favors because they have proximity – they have interpersonal proximity or they have institutional proximity.
Q: About the story that’s in the press with possible hacking monitoring of President Donald [Trump] and his team, do these revelation shed any light on what is possible in this regard?
Well that there were earlier Press reports that the Trump cabinet has been using a encryption system called confide where the messages disappear quite quickly it’s sort of like an extra encrypted version of snapchat. Well it doesn’t matter it’s on smartphones the software attacks smartphones, doesn’t matter what encryption you’re running on telegram or signal or confide if you can bypass that encryption you can turn on the microphones, it can monitor movements, it can activate the camera to look at photos that have been taken.
Has the CIA done that ? This material doesn’t comment on whether it has done that to the president Trump.
I suppose a question that is of interest, because there was a lot of press – there were numerous Press reports from New York Times, The Washington Post and some in Politico that people close to Donald Trump had been monitored in a counterintelligence activity. Possibly by some parts of the US government, possibly by the FBI, FBI had been mentioned, NSA had been mentioned – on the other hand it seems that many of the leaks to the media are coming from the Central Intelligence Agency based upon how they’re described.
There are a number of collaborations that are evidenced by the material that we publish between the FBI and CIA and the National Security Agency and CIA so I think there’s a real question whether that technology is being used or has been used in these types of investigations – that is a separate tech question to whether CIA officers have been pressing the button on that technology.
What is often done in the commercial industry, the commercial spying industry – if you’re in the commercial industry you can be prosecuted for hacking someone – so what happens in the commercial industry and we did a big publication we of Hacking Team where we published more than more than million emails from an Italian computer hacking contractor called Hacking Team, it sets up attack sites and it writes the software and then it helps configure it for a hacking attack and then it gives the people they’ve told it to in a government department, Intelligence Agency, Police Service – the ability to press the button so they hope to that removes them from being accountable for the attack.
They’ve just created the system to attack the actual button was pressed by different party so that’s obviously a possibility in the United States in relation to a number of different attacks. Publications don’t say anything directly about the President and cabinet but that is a general phenomenon of people creating attack systems and facilitating attacks in some way but being careful about the legalities of actually pressing the button.
Q: How many parts to the vault 7 series?
What we have a lot of material – it’s a big journalistic investigation from us, from our partners, we need more partners. So that those who engaged in journalistic excellence on reporting and material that we have published so far and there have been some good report, we will look at those people and trying to produce some of them to get them in – there is more work than WikiLeaks can do on its own that’s quite typical with some publications, so we assemble international teams to try and get as much understanding in as many different languages as possible.
And then also finally make sure a lot of the material is published so the public can also catch any angles that us and the combined journalistic have missed – in this case we have extra problem which is that we have quite a lot of exploits that is this key attack code that we want to disarm before we think about publishing it.
And to have that discussion we’re going to work with some of these manufacturers that have called for it to try and get those antidotes out there before we publish more information that can give clues to the cyber mafia or other intelligence agencies on how to do this.
There is a fair criticism I think of that methodology and we’re watching closely which is that the CIA was so careless to produce this material, this enormous cyber weapons arsenal and lose control of it at least once and that it has spread. So does the various Cyber Mafia already have it, do foreign intelligence agencies already have it. Well I think that’s a serious question , they were securing it very well so it’s quite possible that numerous people could have it also it has spread appears to have spread within a number of individuals within the US intelligence community. So how much more will it spread ?
I think it’s quite hard to control even if Wikileaks quickly doesn’t publish any of these cyber weapons I think it is quite hard to stop the spread elsewhere which might have already occurred so therefore what you want is the fastest possible antidotes, and for that to work the fastest way of course it’s just publish everything but at the moment we’re watching to see whether there is a spread, and analyze what we have, work with some of the manufacturers to create, to create antidotes to these weapons.
Q: Why is Wikileaks focusing only on problems from the United States?
That’s not true, we’ve published just in the last few months very significant collections of materials from Germany from Turkey in fact in response to our Turkish publications the Turkish government put seven Turkish journalist who has reported on our publications into prison.
A very serious situation – one of those Turkish journalists is fortunate enough that he was a foreign correspondent for Geseit which is german newspaper and so he’s getting a bit of support from Germany but the the other six are in a serious situation – completely outrageous that they’re simply reporting on what we published and the Turkish government, Erdogan’s government has abused concerns about the coup that occurred a few months ago – to crack down on reporting about corruption.
In this case the emails that were from Erdogan’s son-in-law who was the minister for energy and that’s what we published you can look them up at Baret’s Box. On Russia and China we have published hundreds of thousands of things most of them are critical about 80% critical and more than 2.3 million from the Syrian government including our Bashar Al-Assad’s personal emails.
So all cultures tend to just look at themselves and speak to themselves, they speak their own language and they’re aware of themselves and what other people say about then all what’s being published about their culture. When it’s published about another culture, another country then don’t pay attention. Of course but people raise this for you know distracting reasons to try and question the messenger because the content itself is so powerful.
Ok that’s it .
Let me just break, I’ll just break for about three minutes and see if any other questions that are really important have come in and if so i might answer them…
G’day my name’s Julian Assange , Welcome back to the Wikileaks press conference we have found some other questions from Fox, CBS, ABC and another journalists.
We’ll start first of all with CBS Jeff Pegues who asks:
Q: Why did you release the documents on Tuesday, can you comment on the timing?
We have a description of the timing in the frequently asked questions, it was as soon as we were ready but it wasn’t the weekend anymore. Those were the only factors involved – interestingly the administration says it’s going to prepare some response on cyberwar, not sure exactly when it is they said within 30 days but 30 days might have already elapsed but it didn’t play a part in our timing.
Nothing else played a part in our timing, it’s quite a you know you can imagine it’s quite a difficult effort to pull this kind of thing together. There has been also a number of attacks on our players and on even the various forms of streaming hardware that we used to create these press conferences. Secure systems are all fine, but the streaming system is insecure because it’s for the public.
It went down and we have some workaround for some parts, I’m not sure if some of the other glitches that you’ve seen today if it has anything to do with that probably not, probably just glitches.
What occurred on Tuesday was much more serious, but to be fair I mean we’re publishing an epic scoop on the CIA, the biggest in it’s history and they deserve to have a little comeback.
Ok Bryan Ross from ABC:
Q: Mr. Assange have you ever been paid by the Russian government or state funded outlet RT?
The answer is no, but quite interesting to see the ABC taking that line.
This is the largest publication of Central Intelligence Agency documents – number 1. An enormous journalistic scoop about all sorts of things that affect journalists and almost every individual within the United States and in many other countries about the in some sense the future of what it means to be a state, where is the border between one state and another ?
Borders are created by sea and land, borders are also created by one army meeting another army and then making a truce , that’s where borders come from.
On the internet there’s no borders and if there’s something like the use of force, that’s a very interesting question as to how much state computer hacking is like a use of force in some ways it isn’t in some ways it is, then obviously borders because start to become pretty mushy so enormously interesting that instead here we have a pretty sad question trying to divert from epic publication to something else.
Hillary Vaugn from Fox asks:
Q: How long do you anticipate it will take to help tech companies to issue fixes or secure devices?
What is the timeframe – that is a very important question. My experience as a computer security guy which is what I used to be in my previous profession, well some of those fixes will be fast. Ones that just affect a little part of the system with a little part that you can make a hole in and go through but the fix is just plugging this little hole, tweaking a little, distributing it, testing and distributing. Those can be issued potentially in just two or three days.
Problems that affect more critical aspects of computer code that’s in a telephone or TV or somewhere else, some of them can take a lot longer to fix. And for some systems like Android with many manufacturers possibly like those Samsung TV’s, there is no automatic update this isn’t some people have to manually try and pull something so that the only people who are aware of it can fix the problem. If you’re not aware of it,the problem is not fixed.
That’s a question journalists should be asking of the the various manufacturers involved.
It is an important question and it’s important to put pressure on those companies to make it , basically to make security something that the market cares about and they’ll respond, and they are to a degree already responding.
If they can get away with it they’ll say nothing that’s what that’s what google did initially was to just say nothing at all hoping perhaps that maybe we wouldn’t discuss it because Android is significantly more insecure than iOS – which is the software is used on Iphone. Both of them have severe problems, that are described in these CIA documents that were published but Iphone has slightly slightly less.
Another journalist says :
Q: Is it clear which countries were among the targets of the program?
Partly – we have a lot of records in this part 1 material, a lot more in the others that we’re studying that reveals tens of thousands of targets so yes many of the targets are revealed but many are also not to do with how the CIA split up the different it’s different sections and branches some of the operational branches only within that branch can be quite closely held do they know what the target are .
In other cases there’s collaboration between branches and support of one branch to another and the information about targets can spread further but as we have already stated there are more than 22,000 just in this initial batch of material, IP addresses that correspond to the United States. It’s not clear which are attack infrastructure, intermediary victims or targets.
But there’s also as we’ve stated attacks, numerous attacks on Europe and Latin America including Brazil including Ecuador and we’re still assessing which parts of the those governments and individuals have been attacked but Brazil and Ecuador are not really known for their extremists.
Assange signs off with “Ok that’s it thanks guys, bye.”
If this isn’t a premise for movie, you really wish it was, because the unelected official unauthorized entity known as Wikileaks is really unleashed here. Plus, he implies there will be a sequel Part Two, possibly more.
Whomever gave Assange/Wikileaks the virtual keys to the kingdom at Langley, CIA headquarters, in Virginia is being sought out by any means necessary and dubbed the next Edward Snowden, and it just adds to the political chaos of the moment. So we’re even given a protagonist or anti-hero depending on which way the intel spins on the next data dump.
Luckily we have movies like Alex Gibney’s meticulously researched and prescient documentary ZERO DAYS to sort through the mire. ZERO DAYS should have won Best Documentary, only this was Oscar’s Year Zero, where everything went haywire in Hollywood too, with the wrong winner “leaked,” sigh.
In the end, all we really want is for all government, even a shadow government, to mind its own business, except in the movies, where it’s appropriate to find outlandish scenarios and world-breaking intrigue.
But this is not a movie folks, it’s happening in America right now. Maybe it’s time to pull the cash plug on some of these alphabet agencies, scrub the black ops, and ask for receipts. ZERO DAYS was released by Magnolia Pictures back in July, and can be viewed via links here.
# # #