Genii Weblog

Using WikiLeaks to commit the perfect crime

Thu 9 Dec 2010, 05:22 PM



by Ben Langhinrichs
Let's say that you are in one of those third world countries that are the focus of many of the WikiLeaks cables.  Let's say that you have an enemy that you can't touch, or at least not without risking your life and reputation.  Along comes WikiLeaks.  Grab the latest torrent and insert a couple of plausible cables over a long period.  Ones that are believable, but implicate your enemy in a specific, regional atrocity in a roundabout way.  Now, build your own package with these few doctored cables and everything else the same.  Maybe delete an equal number in case anybody is keeping track, or even doctor existing ones.

Now, put it back out on torrent, perhaps through a few dozen clients.  Let it spread.  Every few days, grab the latest package and carefully doctor the same older cables the same way.  The false cables will spread along with the real ones.  Eventually, somebody will come across this "proof" and leak it to the rebels, who will take vengeance on the person you have chosen.  Can't be traced back to you.  The cables are very hard to deny when the governments involved don't want to verify any of them.  Perfect crime.

So, for those excited about the troves of unverified information in the WikiLeaks files, ask yourself:  What if this has already been done, either by the largely anonymous WikiLeaks advisory board who may have their own goals, or by one of the many torrent users.  Is there any proof that the cable you just read is one of the real ones, that the package you got from one of the zillions of torrent clients is the original?

Ah, the joy of misinformation spread along with real information.  I wouldn't be surprised if the US government itself was doing the same thing right now.  That would show the anarchists defending the right to distribute the information at all costs.

Copyright © 2010 Genii Software Ltd.

What has been said:


924.1. Giuseppe Grasso
(10/12/2010 00.21)

Hem.... Digital signature...


924.2. Ben Langhinrichs
(12/10/2010 01:15 AM)

Wonderful things, digital signatures. They prove that stuff from a trusted source is really from that trusted source. Of course, I could easily use a digital signature that says I am Barack Obama, and unless I am a trusted source, it is as believable as the next untrusted signature. Also, these are big compressed file directories of text files. Where does the digital signature go? On the whole file. Are they secured via a trusted source?


924.3. Ben Langhinrichs
(12/10/2010 12:08 PM)

The first line says: "based on fake WikiLeaks cables that contain crude anti-Indian propaganda". As I pointed out, a subtle approach is necessary. Think about what the story confirms, though, which is that newspapers were taken in by the admittedly crude propaganda (some still swear by it), because it confirms what they wanted to hear.

After all, do you think that because some clumsy oaf got caught hacking into a corporate website, no sophisticated hacker could have gotten away with it? This was a crude, obvious attempt with no subtlety at all, and it still managed to make it into newspapers.


924.4. Alin
(12/10/2010 04:48 PM)

is WIKI and people should always remember that. Needs confirmation or denial, before that is wiki. Apply more sofistication to your scenario and it for a short time would work on Wikipedia also.

on the other end, a lot of true information lost its value because was included in wikileaks.

"because it confirms what they wanted to hear." is also a key phrase.