Security fears over SSL prompt Wikileaks to delay the launch of its online submission system
The whistleblowing website, Wikileaks, has delayed the launch of its secure online submission system, citing security concerns.
The online submission system was designed to make it easy for whistleblowers to safely pass the website secret or sensitive information.
This comes after a year in which Wikileaks’ electronic submission system has been closed, and as the website’s founder, Julian Assange, seeks to overturn a failed appeal against the decision by the British High Court to extradite him to Sweden to face sexual assault charges.
SSL – Beyond Repair
Wikileaks explained the reason for delaying the launch of the redesigned submission system, citing problems associated with the credibility of the SSL infrastructure, which has recently suffered a number of serious security compromises.
“WikiLeaks is building a state-of-the-art secure submission system. Constructing the system is very complex,” Wikileaks said in a public statement. “Due to the deteriorating state of internet security which directly impacts the ability of sources to communicate with journalists and human rights activists securely, WikiLeaks has decided to postpone the launch initially scheduled for Monday 28th November 2011 in the interest of source protection. WikiLeaks’ new public electronic drop box is substantially more advanced than its predecessor.
“Online security has become severely and irreversibly compromised over the past months,” the organisation added. “Over a year or longer SSL certificates have been penetrated by various organised crime groups and intelligence agencies. The entire SSL system, which is the mechanism that guarantees security and anonymity online, has been compromised. SSL is beyond repair.”
Wikileaks said it would host a press conference on Thursday 1 December in central London, when it will reveal more details, including other plans for Wikileaks.
The organisation said that the press conference would reveal plans to start a new phase and to expose “extraordinary privacy threats” to journalists, sources and others.
Assange was arrested in the UK in December 2010, over allegations he had sexually assaulted two female WikiLeaks supporters in Sweden.
The arrest came at the height of the media storm, as WikiLeaks began publishing 250,000 confidential cables leaked from US embassies. Assange and his supporters believe the extradition to be politically motivated, and suspect a plot to have him eventually brought to the US.
The American solider Bradley Manning, who allegedly passed Wikileaks the cables, is to face a military court in Maryland next month.
And the website warned it may not be able to continue unless it raises millions of dollars in donations.
“The attack has destroyed 95 percent of our revenue,” the organisation said in a statement at that time. “The blockade came into force within ten days of the launch of Cablegate as part of a concerted US-based, political attack that included vitriol by senior right wing politicians, including assassination calls against WikiLeaks staff.”
So while Wikileaks is facing outside attacks, it also has some internal problems.
In August a former Wikileaks employee, Daniel Domscheit-Berg, alleged that Julian Assange could not guarantee safe handling of any leaked documents, and therefore he actually deleted files to ensure the sources were not compromised.
And in September Wikileaks threatened to sue The Guardian newspaper over the disclosure of decryption passwords for the whistleblowing organisation’s stash of leaked messages.