Tag Archives: wikileaks

Infestation: Vault 7 on the CIA cyber weapons

On 7 March 2017, WikiLeaks began its new series of leaks on the U.S. Central Intelligence Agency…code-named “Vault 7” by WikiLeaks..

The first full part of the series, “Year Zero”, comprises 8,761 documents and files from an isolated, high-security network situated inside the CIA’s Center for Cyber Intelligence in Langley, Virgina. It follows an introductory disclosure last month of CIA targeting French political parties and candidates in the lead up to the 2012 presidential election.

“Year Zero” introduces the scope and direction of the CIA’s global covert hacking program, its malware arsenal and dozens of “zero day” weaponized exploits against a wide range of U.S. and European company products, include Apple’s iPhone, Google’s Android and Microsoft’s Windows and even Samsung TVs, which are turned into covert microphones….

By the end of 2016, the CIA’s hacking division, which formally falls under the agency’s Center for Cyber Intelligence (CCI), had over 5000 registered users and had produced more than a thousand hacking systems, trojans, viruses, and other “weaponized” malware. Such is the scale of the CIA’s undertaking that by 2016, its hackers had utilized more code than that used to run Facebook. The CIA had created, in effect, its “own NSA”…

Once a single cyber ‘weapon’ is ‘loose’ it can spread around the world in seconds, to be used by rival states, cyber mafia and teenage hackers alike.

CIA malware and hacking tools are built by EDG (Engineering Development Group), a software development group within CCI (Center for Cyber Intelligence), a department belonging to the CIA’s DDI (Directorate for Digital Innovation)…. Malware called “Weeping Angel”, developed by the CIA’s Embedded Devices Branch (EDB), infests smart TVs, transforming them into covert microphones…  The attack against Samsung smart TVs was developed in cooperation with the United Kingdom’s MI5/BTSS. After infestation, Weeping Angel places the target TV in a ‘Fake-Off’ mode, so that the owner falsely believes the TV is off when it is on. In ‘Fake-Off’ mode the TV operates as a bug, recording conversations in the room and sending them over the Internet to a covert CIA server.

As of October 2014 the CIA was also looking at infecting the vehicle control systems used by modern cars and trucks. The purpose of such control is not specified, but it would permit the CIA to engage in nearly undetectable assassinations.

The CIA’s Mobile Devices Branch (MDB) developed numerous attacks to remotely hack and control popular smart phones. Infected phones can be instructed to send the CIA the user’s geolocation, audio and text communications as well as covertly activate the phone’s camera and microphone.

Despite iPhone’s minority share (14.5%) of the global smart phone market in 2016, a specialized unit in the CIA’s Mobile Development Branch produces malware to infest, control and exfiltrate data from iPhones and other Apple products running iOS, such as iPads. CIA’s arsenal includes numerous local and remote “zero days” developed by CIA or obtained from GCHQ, NSA, FBI or purchased from cyber arms contractors such as Baitshop. The disproportionate focus on iOS may be explained by the popularity of the iPhone among social, political, diplomatic and business elites.

A similar unit targets Google’s Android which is used to run the majority of the world’s smart phones (~85%) including Samsung, HTC and Sony. 1.15 billion Android powered phones were sold last year. “Year Zero” shows that as of 2016 the CIA had 24 “weaponized” Android “zero days” which it has developed itself and obtained from GCHQ, NSA and cyber arms contractors.

These techniques permit the CIA to bypass the encryption of WhatsApp, Signal, Telegram, Wiebo, Confide and Cloackman by hacking the “smart” phones that they run on and collecting audio and message traffic before encryption is applied.

The CIA also runs a very substantial effort to infect and control Microsoft Windows users with its malware.

Attacks against Internet infrastructure and webservers are developed by the CIA’s Network Devices Branch (NDB). The CIA has developed automated multi-platform malware attack and control systems covering Windows, Mac OS X, Solaris, Linux and more, such as EDB’s “HIVE” and the related “Cutthroat” and “Swindle” tools, which are described in the examples section below.

Cyber ‘weapons’ are in fact just computer programs which can be pirated like any other. Since they are entirely comprised of information they can be copied quickly with no marginal cost.  Securing such ‘weapons’ is particularly difficult since the same people who develop and use them have the skills to exfiltrate copies without leaving traces — sometimes by using the very same ‘weapons’ against the organizations that contain them. There are substantial price incentives for government hackers and consultants to obtain copies since there is a global “vulnerability market” that will pay hundreds of thousands to millions of dollars for copies of such ‘weapons’. Similarly, contractors and companies who obtain such ‘weapons’ sometimes use them for their own purposes, obtaining advantage over their competitors in selling ‘hacking’ services…

In addition to its operations in Langley, Virginia the CIA also uses the U.S. consulate in Frankfurt as a covert base for its hackers covering Europe, the Middle East and Africa….

If there is a military analogy to be made, the infestation of a target is perhaps akin to the execution of a whole series of military maneuvers against the target’s territory including observation, infiltration, occupation and exploitation...

The CIA’s hand crafted hacking techniques pose a problem for the agency. Each technique it has created forms a “fingerprint” that can be used by forensic investigators to attribute multiple different attacks to the same entity…The CIA’s Remote Devices Branch’s UMBRAGE group collects and maintains a substantial library of attack techniques ‘stolen’ from malware produced in other states including the Russian Federation.  With UMBRAGE and related projects the CIA cannot only increase its total number of attack types but also misdirect attribution by leaving behind the “fingerprints” of the groups that the attack techniques were stolen from.

Excerpts from, Vault 7: CIA Hacking Tools Revealed, Wikileaks Press Release, Mar. 7, 2017

Transparency the Wikileaks Way

wikileaks-logo

WikiLeaks founder Julian Assange first outlined the hypothesis nearly a decade ago: Can total transparency defeat an entrenched group of insiders?“Consider what would happen,” Assange wrote in 2006, if one of America’s two major parties had their emails, faxes, campaign briefings, internal polls and donor data all exposed to public scrutiny.”They would immediately fall into an organizational stupor,” he predicted, “and lose to the other.”

A decade later, various organs of the Democratic Party have been hacked; several staffers have resigned and Democratic presidential candidate Hillary Clinton has seen the inner workings of her campaign exposed to the public, including disclosures calling into question her positions on trade and Wall Street and her relationship with the party’s left . Many of these emails have been released into the public domain by WikiLeaks.

Some see the leaks as a sign that Assange has thrown his lot in with Republican rival Donald Trump or even with Russia. But others who’ve followed Assange over the years say he’s less interested in who wins high office than in exposing — and wearing down — the gears of political power that grind away behind the scenes.  “He tends not to think about people, he thinks about systems,” said Finn Brunton, an assistant professor at New York University who has tracked WikiLeaks for years. “What he wants to do is interfere with the machinery of government regardless of who is in charge.”WikiLeaks’ mission was foreshadowed 10 years ago in “Conspiracy as Governance,” a six-page essay Assange posted to his now-defunct blog.

In the essay, Assange described authoritarian governments, corporations, terrorist organizations and political parties as “conspiracies” — groups that hoard secret information to win a competitive advantage over the general public. Leaks cut these groups open like a double-edged knife, empowering the public with privileged information while spreading confusion among the conspirators themselves, he said. If leaking were made easy, Assange argued, conspiratorial organizations would be gripped by paranoia, leaving transparent groups to flourish…

It’s possible that malicious sources are using WikiLeaks for their own ends, said Lisa Lynch, an associate professor at Drew University who has also followed Assange’s career. But she noted that a lifetime far from public service and an aversion to email make Trump a more difficult target.”If Trump had a political career, he’d be more available for Wikileaking,” she said…

He has targeted Republican politicians in the past; in the run-up to the 2008 election his group published the contents of vice presidential candidate Sarah Palin’s inbox. Her reaction at the time anticipated the Democrats’ outrage today. “What kind of a creep would break into a person’s files, steal them, read them, then give them to the press to broadcast all over the world to influence a presidential campaign?” Palin wrote in her autobiography, “Going Rogue.”

Excerpt fro RAPHAEL SATTER,With email dumps, WikiLeaks tests power of full transparency, Associated Press, Oct. 24, 2016

Resuscitating Democracy: the role of Wikileaks

wikileaks ttip

On August 11, 2015 WikiLeaks has launched a campaign to crowd-source a €100,000 reward for Europe’s most wanted secret: the Transatlantic Trade and Investment Partnership (TTIP).

Starting pledges have already been made by a number of high profile activists and luminaries from Europe and the United States….Since it began to face opposition from BRICS countries at the World Trade Organisation, US policy has been to push through a triad of international “trade agreements” outside of the WTO framework, aimed at radically restructuring the economies of negotiating countries, and cutting out the rising economies of Brazil, Russia, India, China and South Africa (BRICS).

The three treaties, the “Three Big T’s”, aim to create a new international legal regime that will allow transnational corporations to bypass domestic courts, evade environmental protections, police the internet on behalf of the content industry, limit the availability of affordable generic medicines, and drastically curtail each country’s legislative sovereignty.  Two of these super-secret trade deals have already been published in large part by WikiLeaks – the Transpacific Partnership Agreement (TPP) and the Trade in Services Agreement (TISA) – defeating unprecedented efforts by negotiating governments to keep them under wraps.

But for Europeans the most significant of these agreements remains shrouded in almost complete secrecy. The Transatlantic Trade and Investment Partnership (TTIP), which is currently under negotiation between the US and the European Union, remains closely guarded by negotiators and big corporations have been given privileged access. The public cannot read it.

Today WikiLeaks is taking steps to ensure that Europeans can finally read the monster trade deal, which has been dubbed an “economic NATO” by former US Secretary of State Hillary Clinton.  Using the new WikiLeaks pledge system everyone can help raise the bounty for Europe’s most wanted leak. The system was deployed in June to raise a $100,000 bounty for the TTIP’s sister-treaty for the Pacific Rim, the TPP.

The pledge system has been hailed by the New York Times as “a great disrupter”, which gives “millions of citizens… the ability to debate a major piece of public policy,” and which “may be the best shot we have at transforming the [treaty negotiation] process from a back-room deal to an open debate.”

WikiLeaks founder Julian Assange said,

“The secrecy of the TTIP casts a shadow on the future of European democracy. Under this cover, special interests are running wild, much as we saw with the recent financial siege against the people of Greece. The TTIP affects the life of every European and draws Europe into long term conflict with Asia. The time for its secrecy to end is now.”

Excerpts from WikiLeaks goes after hyper-secret Euro-American trade pact

Greek Debt Unsustainable: the Wikileaks Cables

Greek protests in front of Greek parliament

2011 Euro-crisis, Wikileaks Cables

Discussing the Greek financial crisis with her personal assistant on 11 October, German Chancellor Angela Merkel professed to be at a loss as to which option–another haircut or a transfer union–would be best for addressing the situation. (The term “haircut” refers to the losses that private investors would incur on the current net value of their Greek bond holdings.) Merkel’s fear was that Athens would be unable to overcome its problems even with an additional haircut, since it would not be able to handle the remaining debt. Furthermore, she doubted that sending financial experts to Greece would be of much help in bringing the financial system there under control. Within the German cabinet, Finance Minister Wolfgang Schnaeuble alone continued to strongly back another haircut, despite Merkel’s efforts to rein him in, while France and European Commission President Jose Manuel Barroso were seen to be in favor of a gentler approach. European Central Bank President Jean-Claude Trichet was solidly opposed, with IMF Managing Director Christine Lagarde described as undecided on the issue. Finally, Merkel believed that action must be taken to enact a Financial Transaction Tax (FTT); doing so next year, she assessed, would be a major step toward achieving some balance in relief for banks. In that regard, the Germans thought that pressure could be brought to bear on the U.S. and British governments to help bring about an FTT.

Euro-crisis Wikileaks Cables: EU Summit: Germans Prepared to Oppose Special Solutions for Greek Financial Crisis

…German Chancellery Director-General for EU Affairs Nikolaus Meyer-Landrut provided on 14 October, 2011 an overview of what Berlin planned to ask for and would be prepared to support. First, the German government wanted solutions that work within the context of current European legislation; accordingly, it would not agree to giving the European Financial Stability Facility (EFSF) a banking license, establishing a joint EFSF-European Central Bank Special Purpose Vehicle, or any other measures that would require legislative changes among the member states. On the other hand, the Germans would support a special IMF fund into which the BRICS (Brazil, Russia, India, China, and South Africa) nations would pool funds for the purpose of bolstering eurozone bailout activities. Meyer-Landrut also believed that a resolution of the Greek crisis will require greater private-sector involvement than was first thought, and that the eurozone must look beyond the technical aspects of a deal and focus instead on the actual progress that Greece will have to make, as regards both legislation and implementation. It was his further opinion that a full-term team will have to be ensconced in Athens for the purpose of monitoring the situation.

The Equinet: decentralization v. enclosure of internet

Internet, image from wikipedia

“The Internet governance should be multilateral, transparent, democratic,and representative, with the participation of governments, private sector, civil society, and international organizations, in their respective roles. This should be one of the foundational principles of Internet governance,” the external affairs ministry says in its initial submission to the April 23-24 Global Multistakeholder Meeting on the Future of Internet Governance, also referred as NETmundial, in Sao Paulo, Brazil.  The proposal for a decentralised Internet is significant in view of Edward Snowden’s Wikileaks revelations of mass surveillance in recent months.

“The structures that manage and regulate the core Internet resources need to be internationalized, and made representative and democratic. The governance of the Internet should also be sensitive to the cultures and national interests of all nations.”The mechanism for governance of the Internet should therefore be transparent and should address all related issues. The Internet must be owned by the global community for mutual benefit and be rendered impervious to possible manipulation or misuse by any particular stake holder, whether state or non-state,” the ministry note says.  NETmundial will see representatives from nearly 180 countries participating to debate the future of Internet…

The US announced last month of its intent to relinquish control of a vital part of Internet Corporation for Assigned Names and Numbers (ICANN) – the Internet Assigned Numbers Authority (IANA).  “Many nations still think that a multilateral role might be more suitable than a multistakeholder approach and two years back India had proposed a 50-nation ‘Committee of Internet Related Policies’ (CIRP) for global internet governance,” Bhattacharjee added.

The concept of Equinet was first floated by Communications Minister Kapil Sibal in 2012 at the Internet Governance Forum in Baku, Azerbaijan.  Dr. Govind, chief executive officer, National Internet Exchange of India, is hopeful that Equinet is achievable. “Equinet is a concept of the Internet as a powerful medium benefiting people across the spectrum. It is all the more significant for India as we have 220 million Internet users, standing third globally after China and the US.”  “Moreover, by the year-end India’s number of Internet users are expected to surpass that of the US. The word Equinet means an equitable Internet which plays the role of an equaliser in the society and not limited only to the privileged people.”

He said the role of government in Internet management is important as far as policy, security and privacy of the cyber space is concerned, but the roles of the private sector, civil society and other stakeholders are no less. “Internet needs to be managed in a more collaborative, cooperative, consultative and consensual manner.”  Talking about the global strategy of renaming Internet as Equinet, he said: “Globally the US has the largest control over the management of the Internet, which is understandable since everything about Internet started there. Developing countries have still not much say over the global management of the Internet. But it is important that the Internet management be more decentralised and globalised so that the developing countries have more participation, have a say in the management where their consent be taken as well.”  The ministry note said: “A mechanism for accountability should be put in place in respect of crimes committed in cyberspace, such that the Internet is a free and secure space for universal benefaction. A ‘new cyber jurisprudence’ needs to be evolved to deal with cyber crime, without being limited by political boundaries and cyber-justice can be delivered in near real time.”

But other experts doubt the possibility of an Equinet or equalising the Internet globally.  Sivasubramanian Muthusamy, president, Internet Society India, Chennai, who is also a participant in the NETmundial, told IANS that the idea of Equinet is not achievable.  “Totally wrong idea. Internet provides a level playing field already. It is designed and operated to be universally accessible, free and open. Internet as it is operated today offers the greatest hope for developing countries to access global markets and prosper.”  “The idea of proposing to rename the Internet as Equinet has a political motive, that would pave way for telecom companies to have a bigger role to bring in harmful commercial models that would destabilize the open architecture of the Internet. If India is considering such a proposal, it would be severely criticized. The proposal does not make any sense. It is wrong advice or misplaced input that must have prompted the government of India to think of such a strange idea,” he said.

Excerpt from India wants Internet to become Equinet, Business Standard, Apr. 20, 2014

How to Get Rid of Hacktivists: the approach of the United States

operation payback tweet

Thirteen members of a hacking collective that calls itself Anonymous were indicted on Thursday (October 3, 2013) on charges that they conspired to coordinate attacks against prominent Web sites.The 13 are accused of bringing down at least six Web sites, including those belonging to the Recording Industry Association of America, Visa and MasterCard.  The attacks caused “significant damage to the victims,” the indictment said.

The attacks, carried out from September 2010 to January 2011, were part of campaign called Operation Payback, which started as an effort to support file-sharing sites but later rallied around WikiLeaks and its founder, Julian Assange.  Hackers took down the sites by inflicting a denial of service, or DDoS, attack, in which they fired Web traffic at a site until it collapsed under the load. Though the indictment mentions 13 hackers, thousands more participated in the attack by clicking on Web links that temporarily turned their computers into a digital fire hose aimed [at the websites of the companies].

According to the indictment, which was handed up at Federal District Court in Alexandria, Va., the hackers’ tool of choice was a simple open-source application known as Low Orbit Ion Cannon, which requires very little technical know-how.  Hackers simply posted a Web link online that allowed volunteers to download an application that turned their computer into a “botnet,” or network of computers, that flooded targets like Visa.com and MasterCard.com with traffic until they crashed…

By BRIAN X. CHEN and NICOLE PERLROT, U.S. Accuses 13 Hackers in Web Attacks, New York Times, October 3, 2013

Excerpt from indictment

“In connection with planning various DDoS cyber-attacks, members of the conspiracy posted fliers captioned “OPERATION PAYBACK” and claimed that: “We sick and tired of these corporations seeking to control the internet in their pursuit of profit. Anonymous cannot sit by and do nothing while these organizations stifle the spread of ideas and attack those who wish to exercise their rights to share with others.”

PDF of Indictment on Scribd

Persecuting Hackers in the United States: the case of Barrett Brown

Truth-Warner-Highsmith

A federal court in Dallas, Texas has imposed a gag order on the jailed activist-journalist Barrett Brown [pdf] and his legal team that prevents them from talking to the media about his prosecution in which he faces up to 100 years in prison for alleged offences relating to his work exposing online surveillance.

The court order, imposed by the district court for the northern district of Texas at the request of the US government, prohibits the defendant and his defence team, as well as prosecutors, from making “any statement to members of any television, radio, newspaper, magazine, internet (including, but not limited to, bloggers), or other media organization about this case, other than matters of public interest.”  It goes on to warn Brown and his lawyers that “no person covered by this order shall circumvent its effect by actions that indirectly, but deliberately, bring about a violation of this order”…

But media observers seen the hearing in the opposite light: as the latest in a succession of prosecutorial moves under the Obama administration to crack-down on investigative journalism, official leaking, hacking and online activism.Brown’s lead defence attorney, Ahmed Ghappour, has countered in court filings, the most recent of which was lodged with the court Wednesday, that the government’s request for a gag order is unfounded as it is based on false accusations and misrepresentations.

The lawyer says the gagging order is a breach of Brown’s first amendment rights as an author who continues to write from his prison cell on issues unconnected to his own case for the Guardian and other media outlets.In his memo to the court for today’s hearing, Ghappour writes that Brown’s July article for the Guardian “contains no statements whatsoever about this trial, the charges underlying the indictment, the alleged acts underlying the three indictments against Mr Brown, or even facts arguably related to this prosecution.”

Brown, 32, was arrested in Dallas on 12 September last year and has been in prison ever since, charged with 17 counts that include threatening a federal agent, concealing evidence and disseminating stolen information. He faces a possible maximum sentence of 100 years in custody.  Before his arrest, Brown became known as a specialist writer on the US government’s use of private military contractors and cybersecurity firms to conduct online snooping on the public. He was regularly quoted by the media as an expert on Anonymous, the loose affiliation of hackers that caused headaches for the US government and several corporate giants, and was frequently referred to as the group’s spokesperson, though he says the connection was overblown.

In 2011, through the research site he set up called Project PM, he investigated thousands of emails that had been hacked by Anonymous from the computer system of a private security firm, HB Gary Federal. His work helped to reveal that the firm had proposed a dark arts effort to besmirch the reputations of WikiLeaks supporters and prominent liberal journalists and activists including the Guardian’s Glenn Greenwald.

In 2012, Brown similarly pored over millions of emails hacked by Anonymous from the private intelligence company Stratfor. It was during his work on the Stratfor hack that Brown committed his most serious offence, according to US prosecutors – he posted a link in a chat room that connected users to Stratfor documents that had been released online. The released documents included a list of email addresses and credit card numbers belonging to Stratfor subscribers. For posting that link, Brown is accused of disseminating stolen information – a charge with media commentators have warned criminalises the very act of linking.

As Geoffrey King, Internet Advocacy Coordinator for the Committee to Protect Journalists, has put it, the Barrett Brown case “could criminalize the routine journalistic practice of linking to documents publicly available on the internet, which would seem to be protected by the first amendment to the US constitution under current doctrine”.

Excerpt, Ed Pilkington, US stops jailed activist Barrett Brown from discussing leaks prosecution, Guardian, Sept. 4, 2014

See also Persecuting the Hactivists

State Capitalism at its Best: US Support for the Biotechnology Industry

These transgenic plums called C5 contain a gene that makes them highly resistant to plum pox virus.  Image from wikipedia

American diplomats lobbied aggressively overseas to promote genetically modified (GM) food crops such as soy beans, an analysis of official cable traffic revealed on Tuesday.  The review of more than 900 diplomatic cables by the campaign group Food and Water Watch showed a carefully crafted campaign to break down resistance to GM products in Europe and other countries, and so help promote the bottom line of big American agricultural businesses.

The cables, which first surfaced with the Wikileaks disclosures two years ago, described a series of separate public relations strategies, unrolled at dozens of press junkets and biotech conferences, aimed at convincing scientists, media, industry, farmers, elected officials and others of the safety and benefits of GM products..The public relations effort unrolled by the State Department also ventured into legal terrain, according to the report. US officials stationed overseas opposed GM food labelling laws as well as rules blocking the import of GM foods. The report notes that some of the lobbying effort had direct benefits. About 7% of the cables mentioned specific companies, and 6% mentioned Monsanto. “This corporate diplomacy was nearly twice as common as diplomatic efforts on food aid,” the report said….

In some instances, there was little pretence at hiding that resort to pressure – at least within US government circles. In a 2007 cable, released during the earlier Wikileaks disclosures, Craig Stapleton, a friend and former business partner of George Bush, advised Washington to draw up a target list in Europe in response to a move by France to ban a variety of GM Monsanto corn.  “Country team Paris recommends that we calibrate a target retaliation list that causes some pain across the EU since this is a collective responsibility, but that also focuses in part on the worst culprits,” Stapleton wrote at the time.”The list should be measured rather than vicious and must be sustainable over the long term, since we should not expect an early victory. Moving to retaliation will make clear that the current path has real costs to EU interests and could help strengthen European pro-biotech voices,” he wrote.

Excerpts, Suzanne Goldenberg,Diplomatic cables reveal aggressive GM lobbying by US officials, Guardian, May 15, 2013

Who is Cryptome?

Salonica.  Image from cryptome.org

Cryptome unfamiliar to the general public, is well-known in circles where intelligence tactics, government secrets and whistle-blowing are primary concerns. Since its creation in 1996, Cryptome has amassed more than 70,000 files — including lists of secret agents, high-resolution photos of nuclear power plants, and much more.

Its co-founder and webmaster, a feisty 77-year-old architect, doesn’t hesitate when asked why.  “I’m a fierce opponent of government secrets of all kinds,” says John Young. “The scale is tipped so far the other way that I’m willing to stick my neck out and say there should be none.”  Young describes several exchanges with federal agents over postings related to espionage and potential security breaches, though no charges have ever been filed. And he notes that corporate complaints of alleged copyright violations and efforts to shut Cryptome down have gone nowhere.

For Young, there’s a more persistent annoyance than these: the inevitable comparisons of Cryptome to WikiLeaks, the more famous online secret-sharing organization launched by Julian Assange and others in 2006.  Young briefly collaborated with WikiLeaks’ creators but says he was dropped from their network after questioning plans for multimillion-dollar fundraising. Cryptome operates on a minimal budget — less than $2,000 a year, according to Young, who also shuns WikiLeaks-style publicity campaigns.  “We like the scholarly approach — slow, almost boring,” says Young. He likens Cryptome to a “dusty, dimly lit library.”  That’s not quite the image that Reader’s Digest evoked in 2005, in an article titled “Let’s Shut Them Down.” Author Michael Crowley assailed Cryptome as an “invitation to terrorists,” notably because of its postings on potential security vulnerabilities.Cryptome’s admirers also don’t fully buy into Young’s minimalist self-description….

Young considers himself a freedom-of-information militant, saying he is unbothered by “the stigma of seeming to go too far.” Claims that Cryptome aids terrorists or endangers intelligence agents are “hokum,” he said. “We couldn’t possibly publish information to aid terrorists that they couldn’t get on their own,” he said, depicting his postings about security gaps as civic-minded.  “If you know a weakness, expose it, don’t hide it,” he said…

As a motto of sorts, the Cryptome home page offers a quote from psychiatrist Carl Jung: “The maintenance of secrets acts like a psychic poison which alienates the possessor from the community.”  The website says Cryptome welcomes classified and confidential documents from governments worldwide, “in particular material on freedom of expression, privacy, cryptology, dual-use technologies, national security, intelligence, and secret governance.”  Young attributes Cryptome’s longevity and stature to its legion of contributors, most of them anonymous, who provide a steady stream of material to post.  Among the most frequently downloaded of Cryptome’s recent postings were high-resolution photos of the Fukushima Dai-ichi nuclear plant in Japan after it was badly damaged in the March 2011 tsunami/earthquake disaster.

Cryptome also was a pivotal outlet last year for amorous emails between national security expert Brett McGurk and Wall Street Journal reporter Gina Chon, which led McGurk to withdraw as the Obama administration’s nominee to be ambassador to Iraq.  Other documents on the site list names of people purported to be CIA sources, officers of Britain’s MI6 spy agency, and spies with Japan’s Public Security Investigation Agency….

Another exchange with the FBI came in November 2003, according to Young, when two agents paid him a visit to discuss recent Cryptome postings intended to expose national security gaps. The postings included maps and photos of rail tunnels and gas lines leading toward New York’s Madison Square Garden, where the Republican National Convention was to be held the next year….Another confrontation occurred in 2010, when Cryptome posted Microsoft’s confidential Global Criminal Compliance Handbook, outlining its policies for conducting online surveillance on behalf of law enforcement agencies. Contending that the posting was a copyright violation, Microsoft asked that Cryptome be shut down by its host, Network Solutions. Criticism of Microsoft followed, from advocates of online free speech, and the complaint was withdrawn within a few days….

Moreover, Young urges Cryptome’s patrons to be skeptical of anything placed on the site, given that the motives of the contributors may not be known.  “Cryptome, aspiring to be a free public library, accepts that libraries are chock full of contaminated material, hoaxes, forgeries, propaganda,” Young has written on the site. “Astute readers, seeking relief from manufactured and branded information, will pick and choose…”

Excerpts from DAVID CRARY, Older, Quieter Than WikiLeaks, Cryptome Perseveres, Associated Press, Mar. 9, 2013