WikiLeaks Posts Mysterious 'Insurance' File

reply to post by buddhasystem


you can fit quite allot more than 30 minutes of video in 1.4 GB's.

Some Hints:

- You can't open it in notepad/Word or anything else to peek inside. That's the whole reason encryption was created - to hide info from being easily discovered.
- If you don't even know what program to use to try and guess a key, you will get nowhere with this!
- If you don't know how to use Linux, just stop now.
- If you have never used encryption, just stop now. (Unless you are prepared to do research and learn a lot before posting)

Well done, Joe.

What if the decrypted file isnt even in English?
Or, what if this file is nothing more than fluff, just to prove that if they did want to release a giant file to bring down "the man" it would get very far before anyone was able to stop it.

reply to post by CommandoJoe


I would post what ive seen inside but its pages upon pages of useless charcters. The only line readable is the line I posted earlier. The password encryption. Used like on a cd or dvd the first sector holds hidden data about the disk.

Salted__Þsïó^9ÚúHS[mÂ?4b /
ŽÿŠ5àÅJ?fníÈ?
I$?Eäóx?TÓŠa
öõí%%Ijó?Ç?ä?Ô?Öses#??Ðk?b??m@vL??Õü\âvE 2NºI3àm8?ÙRŸØRæxÇÿÊIl??ÝwE??EîH
Øéù[5[UÌ8?ì?%8D?ûmÂÍô7[?|kôîìà?J?Új?0EïiC)Híe?ýmKκkùÐR?Œta.ZH?ú]??\?Ê06RD?µ?ê???ÝO?g ?º#þGÄýá?ÜÉ??:' hpµñïªÊ?uGsÂ?Ä.îÛ?*
ø?:`?SU?ï+Ps-Kp)Ý?qIs_JodÚÌ6??Õ*,ä?@k?cåÏ

I am sure this thread will continue to be about the cracking of the file. But:

1. This cannot be human race changing news otherwise they would have to have released it if you believe their rhetoric.

2. This file claimed as insurance is either:

a. A bluff and contains nothing
b. Seriously incriminating evidence of a threat against life: video and telephone calls at the very least.

What are your opinions? This file cannot have any real disclosure or incriminationary evidence can it?

I say it is a bit more hoopla and perhaps JA really feels his life is under threat and that he needs to deter TPTB from taking action against him.

But.... I say its just a bit of an attention seeking move. Like every time they have said in the past that they will make a big announcement in x amount of time instead of just making the bleeding announcement.

Thoughts...

reply to post by spacedonk

I think that the strategy implicitly communicates a recognition that the information is not only counter to that which is officially released but also that it contradicts the worldviews of the majority populace.

This strategy not only helps gain attention (which is a primary goal considering the type of information) but helps to transition some worldviews into the idea that official release may not be entirely truthful...

I agree with it...nothing important ever happened over night...

reply to post by spacedonk


I think wikileaks has learned to go old school on the newage security.
Wikileaks runs on wiki software the very same software the US government has decided to base there websites on. Diplopedia, Intellipedia and so on. Wiki was set up for open use so it had no security built in. When the government decided to use wiki software they put secruity on top of it and ignored the real problem the core of the software itself open. Does it do any good to lock an open door?

No amount of distributed computing on Earth will be enough to decrypt 256-bit AES encryption, assuming the password is 40+ characters and random.

Those hoping for a lucky guess should check back in a few hundred trillion years.

Originally posted by freedommusic
Ok, I received a reply to my email from WikiLeaks.

It reads:

---

Hang in there , you almost got it!

Best ones :-)
---

It would appear to me that they WANT this file cracked.

I'm curious, did you let them know you tried with ONION, ROUTER and such?

Originally posted by JBA2848

Salted__Þsïó^9ÚúHS[mÂ?4b ...

That is a little of the file. It is still encrypted. The first line salted means encrypted followed by the encrypted password. You could reverse engineer the orginal software to reverse the encryption then finding the password.
[edit on 2-8-2010 by JBA2848]

Are you sure? I tought "Salted__", the first 8 bytes, was the "magic number", the following 8 bytes should be the salt (DE181B73EFF35E39), the real encrypted data should starts at offset 0x10h.

Originally posted by JBA2848
reply to post by CommandoJoe

 

That is a little of the file. It is still encrypted. The first line salted means encrypted followed by the encrypted password. You could reverse engineer the orginal software to reverse the encryption then finding the password.

[edit on 2-8-2010 by JBA2848]

No need to reverse engineer the software, OpenSSL is open source... As I said before, I'm not an expert on encryption, but I don't think that is how it works... Just because you have the encryption algorithm doesn't mean you can decrypt without the key - again, that's the whole point of encryption - not to be easily broken...

But if it is, be sure to let us know what you come up with...

Originally posted by freedommusic

When extracted it will be an order of magnitude larger.

If everything is legit. eg: It's aes256 encrypted and 7zip compressed and there is all valid content inside.

Right now I have no reason to think otherwise.

Depends on what is being compressed. Zipped compression ratios vary for type of data being compressed.

Also consider that there could multiple layers of security (i.e. encryption) that add to the size of encrypted file.

In short, attempting to guess the contents of our beloved "insurance file" would be exactly that, only a guess and purely speculation.

Originally posted by dudez

Originally posted by freedommusic
Ok, I received a reply to my email from WikiLeaks.

It reads:

---

Hang in there , you almost got it!

Best ones :-)
---

It would appear to me that they WANT this file cracked.

I'm curious, did you let them know you tried with ONION, ROUTER and such?

Originally posted by JBA2848

Salted__Þsïó^9ÚúHS[mÂ?4b ...

That is a little of the file. It is still encrypted. The first line salted means encrypted followed by the encrypted password. You could reverse engineer the orginal software to reverse the encryption then finding the password.
[edit on 2-8-2010 by JBA2848]

Are you sure? I tought "Salted__", the first 8 bytes, was the "magic number", the following 8 bytes should be the salt (DE181B73EFF35E39), the real encrypted data should starts at offset 0x10h.

Better yet: freedommusic - Could you supply the text of your initial message to WL?

Originally posted by misinformational

Originally posted by freedommusic

When extracted it will be an order of magnitude larger.

If everything is legit. eg: It's aes256 encrypted and 7zip compressed and there is all valid content inside.

Right now I have no reason to think otherwise.

Depends on what is being compressed. Zipped compression ratios vary for type of data being compressed.

Also consider that there could multiple layers of security (i.e. encryption) that add to the size of encrypted file.

In short, attempting to guess the contents of our beloved "insurance file" would be exactly that, only a guess and purely speculation.

Very true. Most media formats (jpg, avi, etc) are already compressed pretty efficiently as part of their specification, and if you try to zip them (or use any other method of compression) you will get little to no additional size reduction. Try zipping some jpg's and see how much the file size changes - not more than 0%-5% I bet.

Plain text is the main data type that will give huge compression ratios. So if this data was just compressed text only (doubtful, since a full novel in plain text can take up only 100k), then it would be many gigabytes of data when extracted.

[edit on 2-8-2010 by CommandoJoe]

The encryption is in the header. Like on a cd dvd. They use programs like cdroller to bypass the damaged sector to record whats on the disk if the hidden sector is damaged. The hidden sector is where drm rights and encryption data is stored. But in this case the hidden sector shows the password encrypted so the data inside can be decrypted. The program used to encrypt uses a algorithm unique to that software. If you know what encrypted it you can reverse there algorithm and do a cdroll to get the encrypted password then run it through the reverse of the algorithm to get the password. Cracking and reverse engineering is how video games are hacked. Thats where Daemon comes in.

Originally posted by JBA2848
The encryption is in the header. Like on a cd dvd. They use programs like cdroller to bypass the damaged sector to record whats on the disk if the hidden sector is damaged. The hidden sector is where drm rights and encryption data is stored. But in this case the hidden sector shows the password encrypted so the data inside can be decrypted. The program used to encrypt uses a algorithm unique to that software. If you know what encrypted it you can reverse there algorithm and do a cdroll to get the encrypted password then run it through the reverse of the algorithm to get the password. Cracking and reverse engineering is how video games are hacked. Thats where Daemon comes in.

This is not a video game, and as far as I know, no video game copy protection that has been hacked uses AES-256 encryption...

Originally posted by JBA2848
The encryption is in the header. Like on a cd dvd. They use programs like cdroller to bypass the damaged sector to record whats on the disk if the hidden sector is damaged. The hidden sector is where drm rights and encryption data is stored. But in this case the hidden sector shows the password encrypted so the data inside can be decrypted. The program used to encrypt uses a algorithm unique to that software. If you know what encrypted it you can reverse there algorithm and do a cdroll to get the encrypted password then run it through the reverse of the algorithm to get the password. Cracking and reverse engineering is how video games are hacked. Thats where Daemon comes in.

I don't think blockcyphers work such as SecuROM, DRM and such: you use openssl as a "blackbox", you tell it the input and the key, he compute f(x) on that input and then it writes the resulting output.
The thing you are describing is something more on the Sony/SecuROM stuff, proprietary software with unique algorithm and keys.

reply to post by dudez


Thats the hack the key maker is broken not the encryption. Thats why I said its broken from the roots. It doesn't do any good to lock the door when its open. The password system is broken not the data encryption. But if the key is broken the encryption is useless because they have the key.

The key in file is in plain sight.
Salted__Þsïó^9ÚúHS[mÂ?4b /
That is a hidden sector they recorded the key and its encryption in just like on a cd drm sector.


[edit on 2-8-2010 by JBA2848]

reply to post by freedommusic

Ok, I received a reply to my email from WikiLeaks. It reads: --- Hang in there , you almost got it! Best ones :-) --- It would appear to me that they WANT this file cracked.

They meant it sarcastic.

If it's an insurance, and Wikileaks encrypted it, it's rather unlikely it has a simple password. Well, Ok, I suggested a couple posts ago that maybe we should try, and crack it, but I take that back. When someone who really understands how encryption works chooses a password, It won't be breakable in reasonable ammount of time.

And there's another, very sneaky possibility: Wikileaks got hold of the cables that everyone talks about, but they don't have the password for it. So they took the HEADER section of that file (let's say the first 100 bytes), and added 1.4GB of random data. Now they waiting who comes up with the cracked password. YOU won't have anything, because you may crack the password, but you only have the header and some random data.

But this is also very unlikely, it would be the end of Wikileaks and the whole crew. Assange in the first place.

reply to post by nooyb


Sarcasm: My thoughts exactly
Seconds are for suckers

Hi, well, about the encryption. The idea that this is a bluff is a very silly one, if I may say so. Assuming that it's nothing just because you can't see its contents might prove you later to be very naive. Ofcourse there's something significant in there. It's called leverage.

But, making assumptions might prove to be a dangerous game. We simply just don't know.

What I do know is that Julian is very handy with cryptology, and he's not the only one. One of the other WL-guys have been involved in something I'd love to share here now. It's about cryptanalysis, do have a look. I'm glad this is shared because cryptanalysis helps us to further improve our technology.

Originally posted by nonamousely

I know I come off as pretty crazy. To be honest I've been involved in another forum that has completely gone the way side. They used to care about things that ATS is talking about.

You dont come off as crazy at all. You come off as someone trying to sound like a conspiracy theorist who is rather bad at it. But, at least, your level of approach is slightly more intelligent than some of the yahoos they throw at us.

Originally posted by nonamousely
I am not trying to push an agenda.

Well, actually, you are. And, that agenda, coincidentally, is the same one being pushed at the American people in virtually all media. Even that targeted at non-conspiracy theorists. You are just using the conspiracy option for this website. Your bottom line is, "Wikileaks is dangerous and cant be trusted." Its the same bottom line as the governments bottom line being pushed by the MSM, only tailored for conspiracy theorists.

Originally posted by nonamousely
Right now, the head of the DoD, Robert Gates and the JCoS Adm. Mullen both released statements recognizing Wikileaks as legitimate. This, to me, is profoundly against our national policy of dealing with autonomous people that have something that we want. We usually see terrorists holding hostages and they make demands and we say "We don't negotiate with terrorists."

I dont see them negotiating with Wikileaks. I hear Assange saying that he offered for them to look at the leaks and remove any names that might cause innocents to die. And they refused. Much like your "we dont negotiate with terrorists" line. As for recognizing Wikileaks as legitimate, they are not saying "this is a good site," they are saying, much like you are, that Wikileaks is bad and dangerous.

Originally posted by nonamousely
Now, we have an Australian, long time hacker, telling the United States of America to come clean about what they have done.

Wikileaks does not target the US. It will leak any data it is sent, about any nation. In this case, they received a big leak about the US. The fact that he is a long time hacker doesnt make him less credible. It might if he were a cracker, who hacked just to show his stuff so that the PTB would pay him, (like Lamo) but he isnt. He has a demonstrated past of ethically motivated behavior, not profit driven behavior.

Originally posted by nonamousely
He does not represent any state, or faction, or even a terrorist group. Instead he represents a group of people who believe in anonymity over the Internet.

Is that what they believe in? Anonymity? Because the best way to be anonymous over the internet is not to start a website that stirs up the worlds leaders. They believe in providing information that is being withheld from the worlds people, and they offer anonymity to the leakers for their protection to accomplish that end. The "faction" they represent is the majority of the worlds people. Us, the nameless, faceless peons who are chess pieces on the world board, but who, through lack of information, cannot actually move the pieces in a meaningful way, even though many of us live in "democracies."

Originally posted by nonamousely
None of this raises any flags to you?

Now, for a second, just think of what the best way to collect the world's secrets would be? I think I can tell you how I would do it.

So after untold years of paying people and offering them anonymity in person, while keeping your knowledge of your enemies plans secret, you think the giant leap forward here was to figure out a way to get leakers to risk themselves for free, and, at the same time, allow your enemy to know that you know. Because the best possible way to gather information that might be useful to you is to put all your opposition on high alert that leaks were occurring, and inform them that their current plans are already world news.

Originally posted by nonamousely
Next move is waiting until you catch the big one. Once you do make the catch, you release it in an agenda driven form.

And what agenda are you seeing here? I'll tell you the agenda I see. I see someone naive and optimistic who thinks human life matters, and that the rules of war should be followed to minimize loss of innocent life. Thats the agenda I see. Whoever leaked this mistakenly assumed that people would care a great deal about the civilian deaths that are not being publicized in the press. Likely, because he/she did.

Originally posted by nonamousely
We aren't seeing the diplomatic cables,

Yet. We dont know what we will see. IF Wikileaks has diplomatic cables, and explosive material, they may be waiting for the most effective time to release them. I know I would. I would not release explosive material right now. I would wait till a few days before the November elections. Americans are easily distracted. And, leaking it now would allow plenty of time for damage control to be implemented, or for the material to be spun in a way that might work in the favor of the PTB. Much like they are trying to spin the Afghan info into proof they need to waste, errrr, invest more of our money and soldiers over there.

Originally posted by nonamousely
nor the Iraq war tracking, but instead... the Afghan Diary, which in itself has been heavily edited into browseable format and missing a quarter of it's original documents.

You have a lot of info about what Assange should have. He has claimed he is withholding data that might cost innocent lives until it can be safely leaked. Are you saying you have direct knowledge of the info he has, and you are claiming his motives are nefarious?

Originally posted by nonamousely
To the public (and the 3 newspapers), simply because if it's size and scope it seems sensational.

The media seems to me to be downplaying the civilian deaths as well. They are showing what they have to show to remain competitive (hence leaking to three outlets) and to make it seem as if they are indeed a free press. But it is being spun even under these circumstances. Much like you are spinning it,
"this wasnt important, nothing to see here, interesting, but not really anything exciting." In large because we still are not addressing the issue of whether or not the rules of war allow the killing of large numbers of civilians while hunting down targeted individuals. I havent seen one MSM report where they are actually talking about what is, and isnt allowed in terms of killing civilians.

Protocol 1 (Additional to the Geneva Conventions, 1977) article 51 (Protection of the Civilian population)

4 Indiscriminate attacks are prohibited. Indiscriminate attacks are:

1. those which are not directed at a specific military objective;
2. those which employ a method or means of combat which cannot be directed at a specific military objective; or
3. those which employ a method or means of combat the effects of which cannot be limited as required by this Protocol; and consequently, in each such case, are of a nature to strike military objectives and civilians or civilian objects without distinction.

Now granted, this most humane nation, the US, has along with other states world renowned for their humanity not ratified this protocol,

en.wikipedia.org...

As of 8 June 2007, it had been ratified by 168 countries[1], with the United States, Israel, Iran, Pakistan, Turkey, and Iraq being notable exceptions. However, the United States, Iran, and Pakistan signed it on 12 December 1977 with the intention of ratifying it. According to an appeal by the International Committee of the Red Cross in 1997, a number of the articles contained in both protocols are recognized as rules of customary international law valid for all states, whether or not they have ratified them.[2]

But we are signatories to it, and are considered to be bound by these rules by most of the world. If not ourselves.

Originally posted by nonamousely
However, any person who has been following the war was not able to bring any new issues to light with the release of these leaks (sort of the whole point behind "leaking" although transparency could be a solid motive as well.)

You are right, our press is not picking up on "anything new" in these reports, even though they have been silent on civilian casualties and there are numerous reports of them in these leaked documents, some of which are clearly excessive. But thats proof, as you see it, that Wikileaks is not leaking anything of importance.

Originally posted by nonamousely
Assange is making money, that much we know.

Yes, and money is clearly his motive. He gets the very best seats in train stations and airports around the world. And has the very best backpack money can buy. Clearly, he is living large on our dime.

Originally posted by nonamousely
Hosting a server in a northern European state to collect intel secrets on the world and potentially collect our intel that we never wanted to get out. Seems at least highly plausible.

Net effect. The plausibility of your argument hinges on net effect. COULD this happen? Sure. Why not. Almost anything meets the "could" test. But what is the net effect here? How is this benefiting the CIA? Several of the documents that have been leaked make them look like traitorous manipulators of the public, here and abroad. And yet you feel it is in their best interests to fund a site that makes them look like a rogue organization?

Net effect, is this drumming up support for their war? Or undermining it? Or is it your claim that the CIA wants an excuse to withdraw from Afghanistan and is setting us up for one?