WHISTLEBLOWER Wikileaks might have acquired documents from peer-to-peer (P2P) networks according to a network research firm.
Tiversa claims that Wikileaks used Swedish computers to search for files on P2P networks such as Limewire and Kazaa. This contradicts Wikileaks' claim that its information is sourced from volunteer whistleblowers, such as former Swiss banker Rudolf Elmer who handed over secret bank account details on wealthy alleged tax evaders to Wikileaks just the other day.
CEO Robert Boback told Bloomberg that his firm had found evidence that four Swedish computers had issued 413 searches for file formats among the 18 million or so nodes the company believes is on P2P networks. Commenting on the searches, Boback claimed, "it would be highly unlikely that someone else from Sweden is issuing those same types of searches resulting in that same type of information".
The company reports that one of those searches returned a survey from the Pentagon's Pacific Missile Range Facility in Hawaii. The PDF file, which Tiversa claims it observed one of the aforementioned Swedish computers downloading, contained sensitive information and eventually wound up on Wikileaks' website.
Not all of the documents captured by Tiversa appeared on Wikileaks. The firm found other sensitive information such as the entire blueprints for Marine One, the US presidential helicopter, on a computer in Iran. In another case, the location of a safe house for the president's family was available on Limewire.
Tiversa made its claims after conducting research for an undisclosed customer. The firm has since handed its findings over to US agencies to aid in what Boback says are "initial investigations".
The allegations that Wikileaks trawled through P2P networks should serve as a wake-up call for government agencies everywhere. Rather than pound on Wikileaks, the question that should be asked is, why is such data ending up on public P2P networks in the first place?
Clearly protocols meant to keep these documents secret are inadequate or not properly enforced, and while some might question the morality of Wikileaks publishing some of this data, the fact is that the information was available, unencrypted, on public P2P networks.
Then there is Tiversa's claim that no one else would search for particular file formats on P2P networks. The fact is, anyone can do simple "*.xls" and "*.pdf" searches using a P2P client. Although searches might have originated from computers in the same country as some of Wikileaks' servers, there is no evidence presented to pin activity that any Internet user can do on Wikileaks.
What Tiversa's research does show are shocking security oversights on the part of US government agencies. Whoever downloaded these files certainly wasn't overestimating the incompetence of US government agencies. µ
Spool if you think it's over
A break from the status Kuo
In China, at least