CybersecurityIdentifying future digital leakers, whistle-blowers
Digital encoding could catch future informants; the Wikileaks saga will likely result in an overhaul of how governments protects information; in addition to using watermarking, government agencies could adapt existing digital-rights-management technologies; such technologies can perform various tasks that might be relevant: identify when the same computer is downloading voluminous amounts of material, restrict downloading to authorized users, and stop users from copying or passing restricted files to other computers
Forty years ago, Daniel Ellsberg, a high official in the Nixon National Security Council who grew disenchanted with the U.S. involvement in the Vietnam War, brought his two young kids to the Pentagon on several weekends to Xerox, secretly, thousands of secret documents about the history of the U.S. campaign in Vietnam. He then gave these documents, which became known as the Pentagon papers, to the New York Times for publication — and they were published after the U.S. Supreme Court ruled that the publication could not be suppressed by “prior restraint.”
Whoever leaked the secret documents — low-level security documents, we note, not top security or higher — pertaining to U.S. policy in Afghanistan and Pakistan did not have to bring their family members to the office on weekends. All they had to do was download the documents to a USB drive.
Are we, then, at an age in which voluminous leaks are inevitable — and untraceable? David Talbot writes in Technology Review that Attorney General Eric Holder’s new probe into Wikileaks’s posting of 91,000 war documents will likely find that tracing the path of the documents back through the Internet is next to impossible. Watermarks, however — if they were embedded in the files — could reveal the whistle-blower.
Wikileaks relies on a networking technology called Tor, which obscures the source of uploaded data. Tor does not encrypt the underlying data — this is up to the user — but it does bounce the data through multiple nodes. At each step, it encrypts the network address. The source of data can be traced to the last node (the so-called “exit node”), but that node will not bear any relationship to the original sender.
Talbot quotes Ethan Zuckerman, cofounder of the blogging advocacy organization Global Voices, to say that he doubts investigators can crack Tor to find the computer from which the documents were originally sent. “There’s been an enormous amount of research done on the security of the Tor network and on the basic security of encryption protocols,” he says. “There are theoretical attacks on Tor that have been demonstrated to work in the lab, but no credible field reports of Tor being broken.”
Andrew Lewman, Tor’s executive director, says that while Tor’s profile has been raised by its association with Wikileaks, he has no insights into the source of the purloined documents. “I don’t know