WikiLeaks Posts Mysterious 'Insurance' File

The Obama administration has asked Britain, Germany, Australia, and other allies to consider criminal charges against Julian Assange for his Afghan war leaks.

Source


May not have to wait much longer to find out whats in that file.

Part of me thinks that if charges could be laid against Wikileaks or Julian Assange, it would have been done by now, as they have been releasing information for about 4 years now, the American government are grasping at straws.

In this case, I can't really see the UK and Germany getting on board with the USA to try and bring charges. Surely it would be a legal nightmare (jurisdictions, sovereignty, hard physical evidence) and completely fruitless. It all seems to be thinly veiled threats which will probably come to nothing because the American government know that they can do exactly that - nothing.

It's a bit of a cheek to try and criminally charge someone for exposing 6 years of governmental cover-ups and lies. The hypocrisy is staggeringly, unbelievable.

They all (the governments) want to make us scared so that we allow them to implement laws that restrict our freedoms and privacy, and unfortunately they have pretty successful so far. On that basis, we have to hope that charges are never allowed to be brought against Wikileaks or Julian Assange.

We have an absolute right to know if our governments are covering up the killing of innocent people in our names, and using our tax money to pay for it.

I don't think that we will get to find out what is in the insurance file anytime soon.

I think it has more to do with just trying to keep Assange from moving around to different countries. Keeping him out of set countries would help keep track of where he is at all times. I would think he would take this as an action against him/wikileaks. I am not saying this is nearly enough to make him release the key to file. I would just view it as a means to an end.


[edit on 11-8-2010 by netxshare]

> That said, maybe this has been done. But from my understanding this 256 character password

Well actually it's 256 bit, which is about 32 or so characters.

Most characters have a byte reserved for a single letter unless it is say Japanese, which requires double byte wide chars.

Has anybody tryed md5brute force on the md5hash.
MD5 Hash: 94a032849b1f446e3a1ed06cf4867a56

And from looking at dumps im also wondering if this thing is not posix.
en.wikipedia.org...
I have had errors show up saying multiprocessor is not supported. Ram must be over 1g. Abios and abois lid not present. 16 bit r2 pc card controller. floating points. smart card login. large bucket array. Just to name a few.

I think that leads to a military posix system. Where hard drives are not used just ram for running the file.

Older three page article about the militarys posix demands.
rtcmagazine.com...



[edit on 11-8-2010 by JBA2848]

Originally posted by JBA2848
Has anybody tryed md5brute force on the md5hash.
MD5 Hash: 94a032849b1f446e3a1ed06cf4867a56

Why would you try to bruteforce the md5 hashsum?
What would bruteforcing a *digest" algorithm accomplish??

Btw, read more on md5 here: en.wikipedia.org...

Why has no one simply downloaded a decrypter program and ran this beast of a file through it? What most people fail to realize is that since it is encrypted with a program, it therefore can be reversed with a program.

On another note, the size of the file, 1.4 GB, is also the size of your average full-length feature film. Perhaps it is a two hour video. In all reality I can't see it being 1.4 GB of text.

Originally posted by Xilvius
Why has no one simply downloaded a decrypter program and ran this beast of a file through it? What most people fail to realize is that since it is encrypted with a program, it therefore can be reversed with a program.

But then of course you need a correct key which you dont have...

reply to post by JBA2848


Skipping the md5 part since it was covered by a previous poster and just generalizing...

I think they zipped up an archive of files with 7zip and specified to use AES-256 encryption. There's really no need to have done anything else except pick a good password.

Everyone's thinking too hard about it.

[edit on 11-8-2010 by bikeshedding]

reply to post by citizen smith


Yes, that's where my train of thought goes as well.
However, it might be even more interesting than that if you take into account the logistics required to *distribute* the key among those that should have it without risking to transfer it through compromised channels.
So, if they aren't using an easy to remember and bruteforce pass, it is a possibility that the key is actually in plain sight and readily available to anyone who knows where to look. Moreover, it seems that this is not the first time Wikileaks distributes the data in such a fashion. So it is probable that a long prior mechanism in tying data to keys is used here. As pure example, the key might be a part of hash of the html page where the file is posted on.

> I think they zipped up an archive of files with 7zip and specified to use AES-256 encryption.

Actually I don't think so. I tried doing that w/ a file and even when you encrypt in 7zip program, you get the 7z header.

What I am pretty sure they did, was take a file, compressed it (or not), and then encrypted it using openssl. Possibly AES256 but we don't know which encryption for sure.

reply to post by bikeshedding

Then try to open it with 7zip

reply to post by JBA2848

Where's the youtube video?

reply to post by Xilvius


IMO it is more likely that it's an archive with more than one file inside.
But fine, i'll check out if they've insured a porno film

> As pure example, the key might be a part of hash of the html page where the file is posted on.

He, I already tried that a few weeks back.

There is even a key= embedded in the HTML source - but it doesn't work.

I even tried various strings in their artwork.

So far nothing.

reply to post by the.krio


Interesting. The logistics could be quite simple depending on the number of people who have the necessary information. It's also not really hard to come up with a difficult-to-crack password that is lengthy and still easy to remember.

Consider the password: (A135b_y246Z)

That is a difficult password to crack, compared to say, "onion," but actually pretty easy to remember. For people who can't remember longer strings, it may help to think of it as two chunks, the first of which contains the first two letters of the alphabet with the first three odd numbers between them, and the second of which contains the last two letters of the alphabet and the first three even numbers between them. An underscore is used to separate the chunks and only the letters at the beginning and end are capitalized. The whole thing is wrapped in parentheses.

I guess the real point of the previous paragraph is just to say that sometimes you don't have to teach individuals a key or password, you can teach them an algorithm instead. As long as you retain the rules of the algorithm, you don't have to retain the individual characters.

[edit on 11-8-2010 by bikeshedding]

reply to post by the.krio


Why would I do that? It's encrypted with AES-256 and I don't know the password. I wasn't saying you can just magically run 7zip and open the file and God's in his heaven and all's right with the world.

[edit on 11-8-2010 by bikeshedding]

Originally posted by the.krio
Yes, that's where my train of thought goes as well.
However, it might be even more interesting than that if you take into account the logistics required to *distribute* the key among those that should have it without risking to transfer it through compromised channels.
So, if they aren't using an easy to remember and bruteforce pass, it is a possibility that the key is actually in plain sight and readily available to anyone who knows where to look.

The URL of the page that the file-download is posted on? Mentioned elsewhere on the same WL page? Or how about "AES256"??

I'll put a tenner on it being right under everyone's noses the whole time!

reply to post by freedommusic


I forgot about the "7z" that gets pre-pended to the output. It's been awhile since I used that app. In that case, more likely it's as you describe.

My admittedly, poorly-formed point was really that I feel two operations occurred: archiving and encryption. The order of operations or whether compression occurred was less of a concern. Our ability to determine what is in the archive of files is tied heavily to password strength of the chosen password.


[edit on 11-8-2010 by bikeshedding]

Originally posted by Xilvius
On another note, the size of the file, 1.4 GB, is also the size of your average full-length feature film. Perhaps it is a two hour video. In all reality I can't see it being 1.4 GB of text.

It can be uncompressed text, it's easy for some tens of thousands of e-mails, for example, to end up using more than 1 GB.

It can even be a small text with enough spaces after it just to make people think it's a large file.

the SALTED__ is for openssl, we know that already that's been stated, my guess is it's a compressed archive of some kind that was then encrypted with openssl. So even if you ever happen to come across the password make sure you check file headers before giving up.

I speculate that its the photos from all three debris sites of flight 93 along with the transcripts of the cockpit recording of the fighter jets. I know it exists, I just can't prove it.