WikiFreaks, Pt. 4 “The Nerds Who Played With Fire”

Tron: most influential movie of the Internet era

“Mom packs us a lunch and we’re off to school
They call us nerds ’cause we’re so uncool
They laugh at our clothes
They laugh at our hair
The girls walk by with their nose in the air
So go ahead, put us down
One of these days we’ll turn it around
Won’t be long mark my word
Time has come for revenge of the nerds
Revenge of the nerds
Revenge of the nerds”

-Revenge of the Nerds, The Rubinoos

As this is, in many ways, a tale of nerds, it is only fitting that they get a subchapter that is all their own. For the world of hackers is so strange, so technical, and so devoid of many of the things that characterize life for other humans, that they simply need their own space to play. In this chapter, we will cover some of the bloody history of hacking in Germany, and also touch on some of the financial and technological aspects of WikiLeaks.

When investigating a group like WikiLeaks, one would think that one of the first journalistic steps would be to “Follow the Money”. However, it is a step that is often frustratingly skipped by the press, and I think that the WikiLeaks story is typical in that regard. Where does WikiLeaks get its money? Why do they need so much? What are their plans for financial transparency? Can donors feel secure in donating to such a group?  Do you really want to pay for Assange and “Daniel Schmitt”s travel expenses?

WikiLeaks Cash Flows in, Drips Out

The secret-spilling website WikiLeaks appears to be a frugal spender, tapping less than 5 percent of the funds received through two of its three donation methods, according to the third-party foundation that manages those contributions.

WikiLeaks has received 640,000 euros (U.S. $800,000) through PayPal or bank money transfers* since late December, and spent only 30,000 euros (U.S. $38,000) from that funding, says Hendrik Fulda, vice president of the Berlin-based Wau Holland Foundation.

The money has gone to pay the travel expenses of WikiLeaks founder Julian Assange and spokesman Daniel Schmitt, as well as to cover the costs of computer hardware, such as servers, and leasing data lines, says Fulda. WikiLeaks does not currently pay a salary to Assange or other volunteers from this funding, though there have been discussions about doing so in the future, Fulda adds. The details have not yet been worked out.

“If you are drawing from volunteers who are basically doing stuff for free and if you start paying money, the question is to whom, and to whom not, do you pay, and how much?” Fulda said. “It’s almost a moral question: How much money do you pay?”

…The foundation manages donations sent to WikiLeaks from people around the world through PayPal and wire transfers directed to a bank account controlled by the foundation. It does not handle donations submitted through Moneybookers, a PayPal-like service, that WikiLeaks also lists on its website as a method for donating.

…The Wau Holland Foundation is named after Herwart Holland-Moritz, also known as Wau Holland. He founded the Chaos Computer Club, a hacker club in Germany that has been at the forefront of the hacking community since its establishment in 1981. WikiLeaks approached the foundation last year to manage its donations because of its reputation in supporting the concept of freedom of information. Although the foundation is run by unpaid volunteers, Fulda said its advantage is that it has a more formal structure to manage funds than does WikiLeaks. Wau Holland began handling donations for the site beginning last October. The foundation adheres to Germany’s rules for accountability.

This is important. The Wau Holland Siftung is managing WikiLeaks money for them, and much of their money comes from Germany. We will come back to Wau Holland, the person, in a little bit.

A U.S. Army intelligence analyst named Bradley Manning was since arrested and charged with being WikiLeaks’ source for the video. Assange and other WikiLeaks volunteers have claimed that the organization commissioned lawyers to defend Manning, and the group has campaigned for more donations from the public to cover the legal expenses.

Fulda said that no money handled by the foundation has gone to pay expenses for Manning’s defense. He didn’t know if WikiLeaks obtained money from other sources for the purpose. He said, however, that his foundation would have no problem in principle paying such legal expenses.

So their support for Manning is theoretical. See, they will go out to protect their sources… unless they don’t.

Next, we come to the real nerds who played with fire. The Wau Holland Siftung has its roots in the Chaos Computer Club, a German hacking society whose various members were caught hacking into various NATO and major corporate computer systems in return for drugs and money provided by KGB, and paid some very severe costs.  Wau Holland himself seems like he was a decent guy who was just misguided.

One who paid was “Tron”, aka Boris Floricic. He was found hung in a park back in 1998.

St. Tron?

Boris Floricic, better known by his pseudonym Tron (8 June 1972 – 17–22 October 1998), was a German hacker and phreaker whose death in unclear circumstances has led to various conspiracy theories. He is also known for his Diplom thesis presenting one of the first public implementations of a telephone with built-in voice encryption, the “Cryptophon“.

Floricic’s pseudonym was a reference to the eponymous character in the 1982 Disney film Tron. Floricic was interested in defeating computer security mechanisms; amongst other hacks, he broke the security of the German phonecard and produced working clones. He was subsequently sentenced to 15 months in jail for the physical theft of a public phone (for reverse engineering purposes) but the sentence was suspended on probation.

….Later, American scientists outlined a theoretical attack against SIM cards used for GSM mobile phones. Together with hackers from the Chaos Computer Club, Floricic successfully created a working clone of such a SIM card, thus showing the practicability of the attack. He also engaged in cloning the German phonecard and succeeded. While Floricic only wanted to demonstrate the insecurity of the system, the proven insecurity was also abused by criminals which led to the attention of law enforcement agencies and the German national phone operator Deutsche Telekom. After Deutsche Telekom changed the system, Floricic tried to remove a complete public card phone from a booth by force (using a sledgehammer) on 3 March 1995 in order to, as he told, adapt his phonecard simulators to the latest changes. He and a friend were, however, caught by the police upon this attempt. Floricic was later sentenced to a prison term of 15 months which was suspended on probation.

…Floricic disappeared on 17 October 1998 and was found dead in a local park in Britz in the Neukölln district of Berlin on 22 October[1] after being hanged from a waistbelt wrapped around his neck. The cause of death was officially recorded as suicide. Some of his peers in the Chaos Computer Club, as well as his family members and some outside critics, have been vocal in their assertions that Floricic may have been murdered.[2] It is argued that his activities in the areas of Pay TV cracking and voice scrambling might have disturbed the affairs of an intelligence agency or organized crime enough to provide a motive.

Next, we take a look at the response of hackers themselves to Tron’s alleged “suicide”. Neat little factoid about his death found in second article below: he hung himself, but his feet were on the ground when he was found.  I would imagine it’s awful hard to hang oneself while standing on the ground. I guess you could bend your knees and hang them in the air, but it would be pretty hard to fight the urge to unbend them, right? Obviously, I’m being facetious…

Out of Chaos Comes Order
Wired Magazine
David Hudson 12.28.98

BERLIN — Tempers flared at Sunday’s Chaos Communication Congress session, and the death of a famous Chaos Computer Club member was the flashpoint.

The conference assembles computer enthusiasts from around the world for three days of hacking, discussions, and workshops on topics ranging from alternative operating systems to TCP/IP penetration to the state of the hacker ethic.

This year, the mysterious disappearance of German hacker Boris Floricic — also known as Tron — on 17 October and the discovery of his body in a Berlin park five days later has been Topic A.

CCC spokesman Andy Mueller-Maguhn presented a timeline of events surrounding Floricic’s death. A heated discussion centered on two points that continue to rile CCC members.

First was a refusal by the Berlin police to waive the 48-hour waiting period before referring the case to the Bureau of Missing Persons. Second was the decision by the police to file charges against Tron.

By 20 October, the 26-year-old hacker was not only officially missing, but also under suspicion of committing computer fraud. Tron’s computer, laptop, and all his equipment and files were confiscated.

Two police officers unofficially addressed the issues Sunday. They said that the missing-person investigation was not compromised by the criminal case, since they were being handled separately.

Responding to emotional outbursts from Tron’s friends calling suicide out of the question, officer Klaus Ruckschnat reminded the crowd that the official line was still “apparent suicide.” That is, the police have not yet ruled out the possibility that Tron was murdered.

Padeluun, a longstanding member of the CCC, gently suggested that “sometimes things are what they seem.” In other words, just as the police weren’t ruling out murder, the CCC should not rule out suicide.

Mueller-Maguhn outlined the areas of Tron’s work that may have got him in trouble with any number of parties. The young hacker cracked phone cards and digital set-top boxes for pay TV, and his university dissertation was on ISDN-related cryptography.

“Tron may have underestimated the financial value of the information he uncovered,” said Mueller-Maguhn. “He was always direct and honest, but also naive.”

The CCC settled on no unified position regarding Tron’s fate, but some audience members agreed that if a lesson is to be learned from his death, it is to publish valuable information widely as soon as it’s discovered. Or risk life and limb.

Earlier, CCC co-founder Wau Holland shared his personal observations on a decade and a half of CCC history and controversy. Among its “accomplishments,” the CCC had cracked the German postal network, planted a Trojan horse in NASA’s computer system, and seen the death of one of its own before.

“In every case,” said Holland, “the club has retained its independence. We don’t take sides.”

Other conference events this week include a lockpicking contest, a robot-building contest, and a report on “Hacking the KGB: 10 Years After.”

Berlin Prepares for Chaos
by David Hudson
3:00 a.m.  24.Dec.98.PST

..The mysterious and as yet unsolved case is eerily reminiscent of the death of another CCC associate, Karl Koch, nearly 10 years ago.  Indeed, Berlin police were quick to call Tron’s death a suicide, as Koch’s had been. But the CCC, as well as Tron’s family and friends, have vehemently denied that suicide was even remotely in his nature.

Unlike Koch, Tron was not only a well-balanced personality but also a brilliant hacker. He was the first European to hack phone cards so that they could be used freely and forever, and had figured out a way to make ISDN phone calls tap-proof.

“Often, he was the focus of attention,” remembers Heinrich Seeger, a Hamburg journalist who has covered many CCC congresses. “I guess one of the reasons for that, aside from his undebatable genius and expertise, were his good looks and his charm, which made him stand out.”

Despite ruling the death a suicide, Berlin police have assigned eight officers to investigate, noting more than a few oddities about the case.Although Tron appeared to have hanged himself, for example, his feet were firmly on the ground.

German newspaper and television reports have suggested that considering the potential value of Tron’s knowledge of smartcards and telephony, organized crime may have been involved.

Our next dead Chaos Computer Club hacker is Karl Koch, who became obsessed with Robert Anton Wilson’s Illuminatus trilogy. A German film based on his life was even called “23” due to the number’s prominence in Wilson’s book.  He was involved with the KGB scandal that involved hackers being bought by drugs in exchange for breaking into key NATO and corporate installations. . Here are several articles dealing with this case. They were originally in German and translated, so that explains the clumsiness (sometimes hilarious on multiple levels) of some of the writing.

Karl Koch

One of Cliff Stoll’s “Wily Hackers” Is Dead (Suicide?)             June 5, 1989


According to West German publications, the “Wily Hacker” Karl Koch, of Hannover, West Germany, died Friday, June 3, probably by suicide.  His body was found burnt (with gasoline) to death, in a forest near Celle (a West German
town near Hannover where he committed his hacks, as had been observed by GermanPost).

Koch was one of the 2 hackers who confessed their role in the KGB hack to the public prosecutors, therewith bringing the case to public attention.  As German newspapers report, he probably suffered from a psychic disease:  He thought he was permanently observed by alien beings named Illimunates’ which tried to kill him.  Probably, he had internalized the role of “Captain Hagbard” (his pseudonym in the hacking scene), taken from a U.S. book, who (like him) suffered from supervision by the Illuminates. Police officials evidently think that Koch committed suicide (though it is believed, that there are “some circumstances” which may also support other theories; no precise information about such moments are reported).

According to German police experts, Karl Koch’s role in the KGB case as in daily life can properly be understood when reading this unknown book.

Information Provided by Klaus Brunnstein
(University of Hamburg)

– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
Illuminatus!                                                      June 14, 1989

The book in question is believed to be “Illuminatus!” by Harold Shea and Robert Anton Wilson.  The book is a spoof on conspiracy theories, and suggests that many and probably all human institutions are just fronts for a small group of
“enlightened ones,” who are themselves a front for the Time dwarves from Reticuli Zeta, or perhaps Atlantean Adepts, remnants of Crowley’s Golden Dawn, or even more likely the Lloigor of H.P. Lovecraft’s Cthulhu Mythos.  A leading
character in this book is named Hagbard Celine.

German Hackers Break Into Los Alamos and NASA                     March 2, 1989

Three hours ago, a famous German TV-magazine revealed maybe one of the greatest scandals of espionage in computer networks:  They talk about some (three to five) West German hackers breaking into several secret data networks (Los Alamos, Nasa, some military databases, (Japanese) war industry, and many others) in the interests of the KGB, USSR.  They received sums of $50,000 to $100,000 and even drugs, all from the KGB, the head of the political television-magazine said.

The following news articles (and there are a lot) all deal with (directly and indirectly) the recent Spy scandal situation that occurred in West Germany. The majority of the articles shown here are taken from RISKS Digest, but they have been edited for this presentation.

Computer Espionage:  Three “Wily Hackers” Arrested                March 2, 1989
Three hackers have been arrested in Berlin, Hamburg and Hannover, and they are accused of computer espionage for the Soviet KGB.  According to the television magazine “Panorama” (whose journalists have first published the NASA and SPAN hacks), they intruded scientific, military and industry computers and gave passwords, access mechanisms, programs and data to 2 KGB officers; among others, intrusion is reported of the NASA headquarters, the Los Alamos and Fermilab computers, the United States Chief of Staff’s data bank OPTIMIS, and several more army computers.  In Europe, computers of the French-Italian arms manufacturer Thomson, the European Space Agency ESA, the Max Planck Institute for Nuclear Physics in Heidelberg, CERN/GENEVA and the German Electron Accelerator DESY/Hamburg are mentioned.  The report says that they earned several 100,000 DM plus drugs (one hacker evidently was drug addict) over about 3 years.

For the German Intelligence authorities, this is “a new quality of espionage.” The top manager said that they had awaited something similar but are nevertheless surprised that it happened so soon and with such broad effects.

– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
Computer Spy Ring Sold Top Secrets To Russia                      March 3, 1989

…In Karlsruhe, the West German Chief Public Prosecutor’s Office, which is in charge of spy cases, would only confirm last night that three arrests have been made March 2nd during house searches in Hannover and West Berlin.

Those detained were suspected of “having obtained illegally, through hacking and in exchange for money, information which was passed on to an Eastern secret service.”

But the spokesman did not share West German television’s evaluation, which said the case was the most serious since the unmasking in 1974 of an East German agent in the office of ex-Chancellor Willy Brandt.  The Interior Ministry in
Bonn last night also confirmed several arrests and said the suspects had supplied information to the KGB.  The arrests followed months of investigations into the activities of young computer freaks based in Hamburg, Hannover and West Berlin, the ministry said.

According to the television report, the hackers gained access to the data banks of the Pentagon, NASA Space Center, and the nuclear laboratory in Los Alamos. They also penetrated leading West European computer centers and armament companies, including the French Thomson group, the European Nuclear Research Center, CERN, in Geneva; the European Space Authority, ESA, and German companies involved in nuclear research.
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
News From The KGB/Wily Hackers                                    March 7, 1989
Now, five days after the “sensational” disclosure of the German (NDR) Panorama Television team, the dust of speculations begins to rise and the facts become slowly visible; moreover, some questions which could not be answered in Clifford Stoll’s Communications of the ACM paper may now be answered.  Though not all facts are known publicly, the following facts seem rather clear.

– In 1986, some hackers from West Berlin and Hannover discussed, in “hacker parties” with alcohol and drugs, how to solve some personal financial problems; at that time, first intrusions of scientific computers (probably CERN/Geneva as hacker training camp) and Chaos Computer Club’s spectacular BTX-intrusion gave many hackers (assisted by newsmedia) the *puerile impression* that they could intrude *into every computer system*; I remember contemporary discussions on 1986/87 Chaos Computer Conferences about possibilities, when one leading CCC member warned that such hacks might also attract espionage (Steffen Wernery recently  mentioned that German counter-espionage had tried several times to hire him and other CCC members as advisors — unsuccessfully).

– A “kernel group” of 5 hackers who worked together, in some way, in the “KGB case” are (according to Der SPIEGEL, who published the following names in its Monday, March 6, 1989 edition):

-> Markus Hess, 27, from Hannover, Clifford Stoll’s “Wily Hacker” who was often referred to as the Hannover Hacker and uses the alias of Mathias Speer; after having ended (unfinished) his studies in mathematics, he works as programmer, and tries to get an Informatics diploma at the University of Hagen (FRG); he is said to have good knowledge of VMS and UNIX.

-> Karl Koch, 23, from Hannover, who works as programmer; due to his luxurious lifestyle and his drug addiction, his permanent financial problems have probably added to his desire to sell “hacker knowledge” to interested institutions.

-> Hans Huebner, alias “Pengo,” from Berlin, who after having received his Informatics diploma from Technical University of West Berlin, founded a small computer house; the SPIEGEL writes that he needed money for investment in his small enterprise; though he does not belong to the Chaos Computer Club, he holds close contacts to the national hacker scenes (Hamburg: Chaos Computer Club; Munich: Bavarian Hacker Post; Cologne: Computer Artists Cologne, and other smaller groups), and he was the person to speak about UUCP as a future communications medium at the Chaos Communication Congress.

-> Dirk Brezinski, from West Berlin, programmer and sometimes “troubleshooter” for Siemens BS-2000 systems (the operating system of Siemens mainframe computers), who earned, when working for Siemens or a customer (BfA, a national insurance for employees) 20,000 DM (about $10,800) a month; he is regarded (by an intelligence officer) as “some kind of a genius.”

-> Peter Carl, from West Berlin, a former croupier, who “always had enough cocaine.”  No information about his computer knowledge or experience is available.

Next, we get to the man Wau Holland himself! Note: Like the other famous CCC members, Holland died young, of a stroke at the age of 49.

By Boris Groendahl
Berlin Bureau Chief
July 30, 2001

The year is 1981. IBM still has to introduce its first Personal Computer. The movie “WarGames” and Steven Levys book “Hackers,” which will make the self-description of alternative computer nerds a household name in the U.S, are two years away.

In Western Berlin, in the offices of the left-wing daily “die tageszeitung,” fringe computer hobbyists are sitting at a conference table, sharing their knowledge of early computers and computer networks.

Wau and his Linux Penguin

They followed the call of Wau Holland, a bearded, balding man in dungarees who looks more like an eco-warrior than an electronics enthusiast. The assembled group is about to found the Chaos Computer Club (CCC) and go down in computing history.

Twenty years later, the CCC now has to continue without its honorary president Wau Holland, also known as Herwart Holland-Moritz. Holland suffered a stroke in late May and fell into a coma; he died Sunday morning, age 49. Read today, Hollands editorial that appeared in the first issue of CCCs magazine “Datenschleuder” (roughly: “data sling”) back in 1984 appears almost visionary. For him and for the CCC, the computer was already not merely a technology but “the most important new medium.” He held that “all existing media will be increasingly networked through computers, a networking which creates a new quality of media.”

The first and foremost goal of the hackers association was to promote this new medium, by “distributing wiring diagrams and kits for cheap and universal modems.” What should have earned the CCC a medal for the advancement of the information society, however, got him in conflict with the arcane German telecom law. At the time, as Holland remembered later, “the prolongation of a telephone cable was considered worse than setting off an atomic explosion.”

Involving everybody, not just big government and big business, into the information revolution, ways always Hollands and the CCCs main goal. Its first famous hack was performed 1984 on Germanys first online service Btx, an atavistic network operated by the German postal service. The CCC found a security hole in the network, but the postal service didnt react to the warning.

So Holland and his colleague Steffen Wernry logged in, masquerading as a German savings bank, and downloaded their own billable Btx page all night long. When the tab got to 134,000 deutschmarks, they stopped the program and called German TV Btx had its first scandal only months after its launch, and it wouldnt recover for more than a decade.

The Btx hack, as it became known later, would become a pattern for every CCC action. Holland, in particular, was at least as media-savvy as he as he was computer literate. Whenever the CCC hacked into regions he wasnt supposed to see, he sought protection by seeking public attention, and used them to warn of weak security and insufficient data protection.

Though only a few of Waus CCC comrades shared his political background most joined the club as regular electronics nerds he shaped the German hackers association into a unique institution, incomparable with the U.S. hacker scene. The CCC is different from both the technology-oriented Homebrew Computer Club that gave birth to the PC in the ’70s, and the cracker gangs that dominated media attention in the early ’90s.

Holland taught his fellow CCCers to never hack for profit, to always be open about what they were up to, and to fight for an open information society. He was deeply embarrassed when some CCCers sold their discoveries from within the U.S. military computer network to the KGB. This incident and the subsequent discussions in the club brought the next generation to the CCCs helm.

While the new leadership has a less strict moralistic, more postmodern sense of hacking, it remains true to the CCCs political objectives. Holland became the clubs honorary president. Under his stewardship, the CCC gained considerable status in German politics, with its speakers invited by the parliament, telecoms firms, banks and even the secret service.

That part fascinates me. The German secret service, the BND? That is quite a process of legitimization for a supposedly “outlaw” hacker club.  As we shall see in Part 4b, the Chaos Computer Club has a physical site in Berlin, which just blew my mind as I found out fairly late in my research. Are you kidding me? A hacker gang that breaks into major corporate and defense systems has a PHYSICAL location? How naïve are these guys?

To underline the point that the story  of WikiLeaks “security” is much more myth than fact, here is an interview by former insider John Young of the website, also designed for leakers. As someone who has a fairly strong understanding of computer networks, I’ve always found it comical how secure some of these radical groups (indybay for example) think their online communications truly are. John Young hits on many of the key points. In my opinion, the world’s governments fail to police the Internet effectively not because of overwhelming technical issues, but because of political, financial, and human resource overload. The most difficult part is the sheer amount of data to go through and prosecute.  Hell, can you imagine what it would take just to police a day’s worth of Ebay transactions? Also, the business culture of America sees the free Internet as part of our national brand that we market to the world.

But when the will is there to target something, in my opinion, the government cyber-security teams of the West can be QUITE effective. They have incredibly gifted hackers on their side, many who have been brought in through plea deals to avoid 10 years of federal time.  In fact, many of those hackers are sitting right next to the outlaws at their cute little “hacker conventions”, like DefCon in Las Vegas, wearing the same piercings and black shirts with skulls on them.  The whole “libertarian hacker myth” of  courageous, sex-starved 400 lb Bohemian heroes who stay up all night hacking to save the world for Anarchy ,while eating fifty packs of Skittles and listening to Nine Inch Nails, applies to a relatively small portion of the hardcore nerd community. They are outnumbered by sex-starved 400 lb military contractors who stay up all night tracking and infiltrating other hackers while eating fifty packs of Skittles, listening to crap like the Top Gun soundtrack. Oh, and playing role-playing games on the Internet with the guys they are going after. Trust me, I’ve known guys like this. They’re the guys who had posters of F14 schematics on their dorm walls.

"Fly...Into...The...DANGER ZONE!"

And lest we forget, who created and paid for the Internet in the first place? DARPA, part of the Pentagon! Another great “libertarian hacker myth” is that the Internet was just sitting there unused by the military, and waiting in mothballs to be taken over by the world’s role-playing gamers, porn seekers, and music bootleggers.  Again, are you serious?  Nerds, you’re playing on “their” turf! While there is a significant element of “genie out of bottle” in the military’s relationship with it’s bastard stepchild, the Internet, let’s not kid ourselves…  Here’s John Young to spoil the party.

BBC: What do you think about Wikileaks being based in a country which will protect it from takedown.

Cryptome: There is no place where a takedown cannot occur. The distribution system for communication can always be blocked and servers confiscated. Only multiple, growing and changing public outlets for prohibited information can offer a chance of avoiding shutdown, demonization, corruption through finance and bribery and orchestrated distrust.

BBC: What do you think about security of web sites and communication on the Internet.

Cryptome: There is none that is not superficial and illusory. Security and/or privacy policy for the Internet and digital communication are unbelievable. Digital communication should be seen as a spying machine. The Internet is a magnificently appealing means to gather data on its bewitched users — for harvesting by governments, commerce, institutions and individuals, but especially by the providers of Internet services, distribution systems and equipment.

BBC: Why are you so paranoid about the Internet and what do you think is possible for its use in providing more public information?

Cryptome: Skepticism, not paranoia, about the Internet and digital communication is self-protective because their managers and operators are inaccessible to public scrutiny under claims of secrecy and confidentiality, and are therefore publicly unaccountable.

This is a more detailed story about Young that includes an interview. According to him, he left not only because WikiLeaks was full of shit about it’s security policies but a) he saw that Assange was about the money and knew that they were asking for money far beyond the website’s expenses and b) he saw that they were trolling for cash from Western intel-affiliated organizations to go after China, Russia, and the ‘stans. Young wasn’t willing to play this kind of CIA game and left.

Cryptome's John Young

NEW YORK–John Young was one of Wikileaks’ early founders. Now he’s one of the organization’s more prominent critics. Young, a 74-year-old architect who lives in Manhattan, publishes a document-leaking Web site called that predates Wikileaks by over a decade. He’s drawn fire from Microsoft after posting leaked internal documents about police requests, irked the U.K. government for disclosing the names of possible spies, and annoyed Homeland Security by disclosing a review of Democratic National Convention security measures.

Cryptome’s history of publicizing leaks–while not yielding to pressure to remove them–is what led Young to be invited to join Wikileaks before its launch over three years ago. He also agreed to be the public face of the organization by listing his name on the domain name registration.

Operating a Web site to post leaked documents isn’t very expensive (Young estimates he spends a little over $100 a month for Cryptome’s server space). So when other Wikileaks founders started to talk about the need to raise $5 million and complained that an initial round of publicity had affected “our delicate negotiations with the Open Society Institute and other funding bodies,” Young says, he resigned from the effort.

Open Society Institute is George Soros’ outfit, by the way.

In the last few weeks, after the arrest of Army intelligence analyst Bradley Manning cast a brighter spotlight on Wikileaks, Young has been trying to trace Wikileaks’ money flows. On July 17, Wikileaks asked supporters for $200,000 to pay for Mannings’ attorneys, even though co-founder Julian Assange said a few days earlier that the organization had already raised $1 million.

CNET caught up with Young at the Next HOPE hacker conference here last weekend, where he was attending the Wikileaks keynote speech. Following is a transcript made from a recorded interview with Young, lightly edited for space.

…What you’re doing sounds a lot like what Wikileaks is doing, no?
Young: Only superficially, Declan, because, and we can talk more about this, I initially thought that was what they were going to be doing when I first agreed to participate. But it became clear right away that they were going to set up an operation with multiple people involved. So the first difference is that I don’t run an operation. I don’t have any people working on this. This is strictly–and I like the term myself, but other people hate it–it’s strictly an amateur version.

It’s not like Wikileaks and their grand goals. I’ve never had any desire to overturn governments or do any of these noble things that they want to do. Or jack up journalism. This was just a way to get certain kinds of documents out to the public.

And so when they explained the amount of money they were going to try to raise, that was the basis for parting company with them. I thought it was going to be more like Cryptome, which is a collective of people contributing their time to it and not a centralized operation raising lots of money. Cryptome is not into that kind of thing. We parted company at that point. We’re still not like Wikileaks in that we don’t do any promotional work for our activities.

CNET: Who were the other Wikileaks founders?

Young: I’m not going to talk about those. I’ll say Julian (Assange) was clearly there. I elected to conceal those names when I published these messages. And I think it’s basically a violation of Cryptome’s policy–to publish the names of people who do not want to be identified.

CNET: You had a falling-out with the other Wikileaks founders?

Young: Yes. But it was over this: someone said that the initial goal was $5 million. That caught my attention. One, because I think the type of stuff I was going to publish, you should never do it for money. Only because that contaminates the credibility and it turns it into a business opportunity where there’s great treachery and lying going on.

And it will contaminate Wikileaks. It always does. In fact, that’s the principal means by which noble endeavors are contaminated, the money trail. That’s pretty obvious. I happen to think that amateur stuff is better than paid stuff.

CNET: How long were you involved before you resigned?

Young: Not long. A few weeks. It wasn’t long. However, one of the things that happened is that somehow I got subscribed to that list under another nym and the messages kept coming in. I got to keep reading what they were saying about me after they booted me off. The messages kept coming in. So I published those too.

CNET: Did they criticize you for, well, leaking about Wikileaks?

Young: They certainly did. They accused me of being an old fart and jealous. And all these things that come up, that typically happen when someone doesn’t like you. That’s okay. I know you would never do that and journalists never do that, but ordinary people do this all the time.

CNET: Because journalism is a noble profession in all its guises?

Young: That’s right. And there’s no back-biting there.

CNET: Over the years you’ve been running Cryptome, you’ve had some encounters with federal agencies. What visits did you have and what were the agents concerned about?

Young: They were most concerned that we published lists. The names of spies. That was the first issue that brought us to their attention. There was a request, so we were told, from one of the British intelligence people to have that list removed.

CNET: And did you remove it?

Young: No. And not only that, but the FBI was always very polite. They said you’ve done nothing illegal, we’re not pursuing a criminal investigation. These are just courtesies we’re offering other governments. We had one with the Brits and one with the Japanese that brought them to our door.

CNET: You had no other interaction with, say, Homeland Security?

Young: The other was when we started our eyeball series of publishing photos. That brought one visit and one phone call. But again, they were polite and said there’s nothing illegal about this. They never used a negative term. They just said the issue has been raised with us.And by the way, I did a FOIA trying to get records of these visits, but I could never find anything. I did get business cards, though, and I asked for ID. They were very polite and gave me business cards and I published all that. They asked me not to publish their names. But what the hell, Declan, what else do I have to go with?

CNET: So if you’ve been publishing sensitive government information for so long, why have you not had the same encounters that Wikileaks has had? [Ed. Note: Wikileaks has claimed its representatives have been harassed by U.S. government agents.]

Young: I don’t think they’ve had any encounters. That’s bogus. But that’s okay. I know a lot of people who talk about how the government’s after them. It’s a fairly well-worn path. You know it from your own field. It remains to be seen whether any of this stuff holds up or not.

I take this fairly seriously from Young, who seems to have the right mix of paranoia and common sense. For him to say that WikiLeaks is exaggerating up the stories of government harassment is significant.

One of the tests is: unless you go to jail, it’s all bogus. When I go to jail, you’ll say he actually did it, finally. He came up with something that offended someone. So far that hasn’t happened, no indictments or anything. These polite visits are the closest I’ve come. Professionals are going to have nothing to do with Wikileaks, as you probably know if you check around. People who know security will not have anything to do with Wikileaks. But the public will.

CNET: Wikileaks pledges to maintain the confidentiality of sources and stressed that in the presentation over the weekend. Do you offer your contributors the same guarantee?
Young: No. That’s just a pitch. You cannot provide any security over the Internet, much less any other form of communication. We actually post periodically warnings not to trust our site. Don’t believe us. We offer no protection. You’re strictly on your own.

We also say don’t trust anyone who offers you protection, whether it’s the U.S. government or anybody else. That’s a story they put out. It’s repeated to people who are a little nervous. They think they can always find someone to protect them. No, you can’t. You’ve got to protect yourself. You know where I learned that? From the cypherpunks.

So Wikileaks cannot protect people. It’s so leaky. It’s unbelievable how leaky it is as far as security goes. But they do have a lot of smoke blowing on their site. Page after page after page about how they’re going to protect you.

And I say, oh-oh. That’s over-promising. The very over-promising is an indication that it doesn’t work. And we know that from watching the field of intelligence and how governments operate. When they over-promise, you know they’re hiding something. People who are really trustworthy do not go around broadcasting how trustworthy I am.

CNET: It sounds like you’ve become more critical of Wikileaks over time.

Young: It’s not just them. It’s also that they’re behaving like untrustworthy organizations. So yes, if the shoe fits, fine.I don’t want to limit this to Wikileaks, but yes, they’re acting like a cult. They’re acting like a religion. They’re acting like a government. They’re acting like a bunch of spies. They’re hiding their identity. They don’t account for the money. They promise all sorts of good things. They seldom let you know what they’re really up to. They have rituals and all sorts of wonderful stuff. So I admire them for their showmanship and their entertainment value. But I certainly would not trust them with information if it had any value, or if it put me at risk or anyone that I cared about at risk.

Nevertheless, it’s a fascinating development that’s come along, to monetize this kind of thing. That’s what they’re up to. You start with free samples.

CNET: You’ve been trying to follow some of Wikileaks’ money flows. You contacted the German charity and posted their response. They said they’re going to have some information to you perhaps in early August. Does that make you feel any better about the money trail?

Young: No. To clarify, they’re going to publish it on their Web site. They said, “you could mirror it or point to it.” So it’s not just for me. But it’s only a tiny sliver of what Wikileaks claims it’s raised. whether Wikileaks has raised a million dollars as they’ve claimed, or whether they’re trying to prime the pump, I don’t know. (German charity) Wal Holland has only handled a very tiny amount of this, and they’ve said that, “We know nothing about the rest.”

I notice that Wikileaks is touting the revelation that’s going to come. But it doesn’t fit the claims that Wikileaks is making about how much it’s raised. There’s nothing wrong with that. People exaggerate all the time for effect. So back to why I admire Wikileaks: they’ve got chutzpah.

CNET: What do you think of Wikileaks’ spat with Adrian Lamo? You’ve been publishing some of the correspondence.

Young: None of the stuff that Lamo has made available has been verified. Early on, I said chat logs can be forged, you can make this stuff up. So far there’s nothing of substance here. It’s a story that’s being played. I’m not seeing any credible information that this story has any substance at all other than as a story.

It’s being treated almost as if there’s something of substance here because the chat logs have come out. But I’ve not seen any verification. And chat logs are notoriously (easy to) forge by authorities and other people, as with other digital stuff. So I don’t know whether there’s anything to this or not. But I’m following it because it’s kind of a test of how gullible people can be with a good story. And all frauds work that way.

And I think Wikileaks is wary too. I think they’re not sure that anything’s actually happened here or if they’re not being sucked into a trap.

The kind of sacred character of these chat logs is weird. I don’t know why anyone believes these have any genuine quality at all, just because Lamo allegedly handed them over.

CNET: I saw the two e-mail messages that you sent to Adrian Lamo. Have you received a response to your questions? [Ed. Note: Lamo, an ex-hacker, says he tipped off authorities that Manning was leaking classified information.]
Young: Not yet, no. I don’t know if I will. But those are questions I would have liked to have asked at (Sunday afternoon’s) panel. Except there was no time.

There’s lots of interesting things going on if this is a genuine investigation. And since Lamo said (he would be) transparent so everyone would know what was happening, well, I happen to believe the whole legal thing should be transparent too. That was the basis of my questions.

If you want to get transparent, really get transparent. And don’t let the feds tell you what you can and cannot do. There are some interesting issues here because the feds don’t want this stuff to become public and yet they haven’t kept him from talking. So let’s see how far he goes. We’d all like to know more about how this is actually working.

There was suspicion from day one that this was entrapment run by someone unknown to suck a number of people into a trap. So we actually don’t know. But it’s certainly a standard counterintelligence technique. And they’re usually pretty elaborate and pretty carefully run. They’ll even prosecute people as part of the cover story. That actually was talked about at (Sunday’s) panel. They’ll try to conceal who was informing and betraying others by pretending to prosecute them.

One of the funniest aspects of this is that John Young leaked on the ‘Leakers! After leaving, he dumped their private emails onto the web, which give away the whole story. I love it, he’s so “open-source”, he whistleblew on Wikileaks! Now THAT is a hack.

These two emails are from Assange and outline what the WikiLeaks gameplan was several years ago: attract support from Western intelligence agencies, take their money, then stab them in the back several years down the road.

“Our primary targets are those highly oppressive  regimes in China, Russia and central Eurasia, but we also expect to be of  assistance to those in the west who wish to reveal  unethical behavior in their own governments and corporations.

“1. WL was founded by chinese dissidents, mathematicians and startup company technologists, from the US, Taiwan, Europe, Australia and South Africa.

1.1 Our advisory board, which is still forming, includes representatives from expat Russian and Tibetan refugee communities, reporters, a former US intelligence analyst and cryptographers.

2. There are currently 22 people directly involved in the project.

3. We haven’t sought public feedback so far, but dissident communities have been been very gracious with their assistance.”

To: Wikileaks <wikileaks[a t]>
From: John Young <jya[a t]>
Subject: Re: [WL]
Funding / who is on this list.
Date: Date: Sun, 7 Jan 2007 11:47:00 -0500

Cryptome is publishing the contents of this list, and how I was induced to  serve as US person for registration.

Wikileaks is a fraud: Fuck your cute hustle and disinformation campaign against legitimate dissent. Same old shit, working for the enemy.

From: WikiLeaks

[WL] Funding / who is on this list.
Date: Sun, 7 Jan 2007 12:36:29 -0500
To: John Young <>

Heh. John, please do not do that. If you’re wondering about the WL, the  list has grown and there were enough accidental wl mentions [e.g in  the somali document and a cc] that not mentioning it became of little  additional obscurity especially since you’re receiving the mail. No one has bothered to change the warning which after all doesn’t really  hurt. Even if you think we are CIA stooges, you can’t treat everyone on the  list that way.

To: John Young
From: Wikileaks
Subject: martha stuart pgp
Date: Sun, 7 Jan 2007 12:20:25 -0500

J. We are going to fuck them all. Chinese mostly, but not entirely a feint. Invention abounds. Lies, twists and distorts everywhere needed for protection. Hackers monitor chinese and other intel as they burrow into their targets, when they pull, so do we.

Inxhaustible supply of material. Near 100,000 documents/emails a day. We’re going to crack the world open and let it flower into something new. If fleecing the CIA will assist us, then fleece we will. We have pullbacks from NED, CFR, Freedomhouse and other CIA teats. We have all of pre 2005 afghanistan. Almost all of india fed. Half a dozen foreign ministries. Dozens of political parties and consulates, worldbank, apec, UN sections, trade groups, tibet and fulan dafa associations and… russian phishing mafia who pull data everywhere. We’re drowning. We don’t even know a tenth of what we have or who it belongs to. We stopped storing it at 1Tb.”

This final piece is from someone asking some of the right security questions. Highly recommend going to the site, as my excerpting doesn’t get across the full situation.

We hope that this PayPal account is not compromised like the previous one was – see: Follow the money – partial financial donors list email

None of these methods of funding allow financial supporters of the project to remain anonymous.Financial transactions are even easier for governments and law courts etc. to trace than IP addresses are. The email address must surely be monitored and intercepted by various Government law enforcement and intelligence agencies.

Since there is no longer any published PGP Public Encryption Key (see Why have abandoned the use of PGP Encryption ?), any such financial correspondence will be at risk of being snooped on, and is likely to reveal the identities of potential and actual financial supporters.

If you do plan to contact that target email address, you should not use your usual, personally identifiable email account. What about limited liability ? Are you “jointly liable” with them, for any debts or legal fines or legal costs ?

If you become a supporter of and some Judge awards massive, inflated legal costs against in a court case, do your financial assets become targets for avaricious lawyers or governments ?

Desperate lawyers and government bureaucrats will lash out at any identifiable people, e.g. identifiable financial supporters, in order to put censorship pressure on ….When will publish any sort of financial accounts ?
They are also appealing for technical and infrastructure help:

….“you can help us by integrating new hardware into our project infrastructure or developing software for the project” – who made the technical decisions about this ?

Where is there even a high level overview of the current or proposed new Security and Anonymity Architecture plan for this ? What anonymity protection can a provider of server space or bandwidth or other infrastructure possibly be given by ?

I think we know the answer to that question…

TO BE CONCLUDED in Part 4B “The Nerd Who Kicked the Hornets Nest”

~ by psychedelicdungeon on September 15, 2010.

13 Responses to “WikiFreaks, Pt. 4 “The Nerds Who Played With Fire””

  1. I go to see everyday some web sites and blogs to read articles or reviews, except this webpage offers feature
    based content.

  2. Wild Bran also offers German wines, which, according to Lynnette, have had
    most of the alcohol removed but somehow keep the reserveratol intact.
    Health food stores, especially local health and farmer’s markets seemed to have done well during the past few years recession. Juice Fast is a fasting method and a detox diet where a person consumes only fruit and vegetable juices to obtain nutrition while otherwise abstaining from food consumption.

  3. I think everything wrote made a bunch of sense. But, think on this, suppose
    you wrote a catchier title? I mean, I don’t wish to tell you how to run your website, however what if you added a post title that makes people want more? I mean WikiFreaks, Pt. 4 The Nerds Who Played With Fire | The Psychedelic Dungeon is kinda vanilla. You could peek at Yahoo’s home page and watch how they create news titles to
    grab viewers to click. You might add a related video or a related pic
    or two to grab readers interested about everything’ve written. In my opinion, it might make your website a little bit more interesting.

  4. I can understand your confusion so let me explain
    how grapeseed oil benefits the skin compared to natural essential oils.

    For cooking purposes, the oil is usually extracted chemically from the tiny grapeseeds.
    These particular changes in the early stages are not actually cancer, but
    in the later stages they can become cancerous.

  5. I’d like to thank you for the efforts you’ve put in penning this website.
    I really hope to see the same high-grade blog posts by you in the future as well.
    In fact, your creative writing abilities has encouraged me to get my very own website
    now 😉

  6. This site was… how do you say it? Relevant!!
    Finally I’ve found something that helped me. Many thanks!

  7. Having read this I believed it was rather informative.
    I appreciate you finding the time and energy to put this informative
    article together. I once again find myself personally spending way too much time both reading and
    posting comments. But so what, it was still worthwhile!

  8. Fastin is a true “mood promoter” whose stimulant effects are rapid, yet exceptionally even throughout each dose.

    Weight loss design includes increased lipolysis (fat loss) accompanied by elevated mood and
    high-energy levels in combination with a reduced caloric
    intake and increased metabolic expenditure typical of an effective overall weight
    loss plan.We love inspiring our followers and fans, whether it’s
    on facebook, pinterest or twitter, and we especially like to hear.
    It’s Friday again! How has your weight loss journey been going this last week?
    Great, we hope! The side effects of phentermine, like lack of sleep and low mood, as well
    as pushing yourself to exercise. As well as setting the
    goals you want to achieve and planning out how you will approach each of the weight loss
    stages. Since we know that weight loss is a journey (we’ve been there, too!), we have developed a
    series of tools to help you reach your goal! Weight
    loss tools to lose more pounds. Lose weight, Celebrate your success! has helped thousands of people lose weight!
    We offer FREE weight loss tools and supportive online community!
    Get inspired by the success of our users by checking out our 90+ success stories, by people just like YOU!

    Adipex (sometimes known as Adipex-P) is the most popular brand of phentermine diet pills, manufactured by Teva Pharmaceuticals USA.
    It is a phentermine 37.5 mg dosage (the strongest) that you can buy in capsule or tablet form.
    Adipex is not cheap phentermine. It is generally considered high quality.
    Phentermine 37.5 mg is a very popular dosage of phentermine.
    Popular dosages include 15mg, 30 mg and 37.5 mg. All manufacturers of phentermine diet pills have their own 37.5 mg
    dosage. Phentermine 37.5 mg tablets or capsules are generally cheap and are manufactured by generic pharmaceutical groups.
    Qsymia (previously known as Qnexa) is a new diet pill combo made of phentermine and Topiramate.

    It was approved by the FDA in 2012 and recently launched in September 2012.
    Because it uses phentermine as an appetite
    suppressant, it is considered as a very effective diet pill but cannot be prescribed to everybody.
    Phen Caps are an alternative to the prescription drug, phentermine.
    Phen Caps give similar benefits as phentermine, such as supressing appetite, stimulating your metabolism and increasing energy, without the side effects.
    Phen Caps do not contain phentermine, making them available without a prescription to



  11. Dark Politricks

  12. […] [14]; […]


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: