WikiLeaks insurance password (possibly) incoming!

Originally posted by donttellthefeds
has anyone tried reston5 as the password ????? or something along those lines, i have tried doing it but i am not very compitant.

I just did for you. "reston5" can be confirmed as not being the password, it throws a "bad decrypt" error.

Also, for those that question whether the file on the torrents is the same as the file originally released...

I used the following:
www.torrentdownloads.net...
Torrent added: 2010-07-28 22:21:03
Last Updated: 2010-07-29 21:01:07

This file which I downloaded last night gives the following hash/sha1sum:

SHA1(insurance.aes256)= cce54d3a8af370213d23fcbfe8cddc8619a0734c

This matches the hash/sha1sum of the original file released on 29 July 2010, meaning it is the precise same file. If one character had been changed it wouldn't match.

(Again, this is presuming that the NSA doesn't have a backdoor to decrypt AES encrypted files, modify the contents and pad them to match the original hash/sha1sum...which in theory is impossible to do.)

If you open it, then you will die in 7 days.

[atsimg]http://files.abovetopsecret.com/images/member/abc22d561cbb.jpg[/atsimg]

Me thinks they came to pick up Itop1's friend to take him on stargate universes destiny ship

2nd line

Please calm down, take a deep breath, and listen:

Itop1 friends - DOES NOT - have access to the file. He can't know what's in there. Period.

Short explain: If he would have access, he wouldn't tell b/c part of the system + google aes265 encryption and only click on serious websites


Second, and the most important thing:

The file, downloaded, laying on you hdd,usb - CAN NOT - harm your system!
It is not an excecutable, at least not what you have on your pc right now.

There MIGHT be an excecutable (.exe / .bat / .whatever) in it. But as long as you do not decrypt it. It WON'T harm you.


If you are unsure about downloading, storing, decrypting (IF there'll be a PW release) - Just don't do it!

The people who have a basic understanding of security, hacking (the positiv word), etc will have the old + the new one stores separatly. And will ONLY play / decrypt with the file on secure / unplugged systems (kinda virtual machines)

If sth interessting pops up, a pw gets released , whatever, the scene will inform us (you, me and the rest).

And Jez, Suxnet, whatever virus, worm, name it. Has never the size of 1,4 GB more like 100-2000KB TOP

So please. Stop the discussions about decrypting, infecting, or whatever specualtion about the file. You can't know.

Instead i'd rather discuss the agenda, timing etc. Analyse what news page reports what... that's more interessting then this useless speculations...

*EDIT: You, yes and you to, can not decrypt the file without the PW or Marty McFly. So please just stop trying, or worse, pretending ./

reply to post by ExPostFacto


I agree i think any body who was clever enough to open this file would also be cleaver enough to disconnect their internet before doing so.

Originally posted by Itop1
OK!!, somebody i know accessed the file (please take note i did not say he cracked the file!), 4 hours later he gets taken away, dont know who by, dont know where, this was about 4 hours after he access the file, i really dont think they give a # if you download it, after all the file is protected so people cant access it.

Riiiiiight...




And here you are feeling safe about posting this info on some online-forum...

Man you are very brave and have such super smart hacker friends...you seem SO trust worthy on this.

Thanks for the facts...

maybe this is a test tptb are doing to findou if someone can get into that encrytion...
This would be the second line ,if i had more to say about this

Can anyone break this down barny style for me? Whats happening to wikileaks? did someone shut it down? What does the torrent hold in it? What do we do with that info after we DL it? I'm sorry guys I just don't really understand whats goin on...

I don't know what you are all fussing about !! It's just the 1.4 gb worth of files that mckinnon downloaded with his 56k connection... oh and mckinnon is now going to meet with Itop1 friend on Destiny (double ) - (hey there maybe even some truth in what I have just said, but what part )

Originally posted by Unclerayray3000
Can anyone break this down barny style for me? Whats happening to wikileaks? did someone shut it down? What does the torrent hold in it? What do we do with that info after we DL it? I'm sorry guys I just don't really understand whats goin on...

I know this won't be much help, but the honest answer to those questions is (i) noone knows, (ii) noone knows, (iii) noone knows, and (iv) noone knows.

So you actually understand just as much as the rest of us!

Another method to release the password would be a deadmans type of switch. Julian would have to log into a program or website every day and if he missed a day the computer would release the password to the entire world.

Or maybe something related to Skynet.

Originally posted by fraterormus

Originally posted by donttellthefeds
has anyone tried reston5 as the password ????? or something along those lines, i have tried doing it but i am not very compitant.

I just did for you. "reston5" can be confirmed as not being the password, it throws a "bad decrypt" error.

Also, for those that question whether the file on the torrents is the same as the file originally released...

I used the following:
www.torrentdownloads.net...
Torrent added: 2010-07-28 22:21:03
Last Updated: 2010-07-29 21:01:07

This file which I downloaded last night gives the following hash/sha1sum:

SHA1(insurance.aes256)= cce54d3a8af370213d23fcbfe8cddc8619a0734c

This matches the hash/sha1sum of the original file released on 29 July 2010, meaning it is the precise same file. If one character had been changed it wouldn't match.

(Again, this is presuming that the NSA doesn't have a backdoor to decrypt AES encrypted files, modify the contents and pad them to match the original hash/sha1sum...which in theory is impossible to do.)

How come the hash of the torrent I'm downloading is different from what you posted?
So they changed the file?

It's:
76A36F1D11C72EB5663EEB4CF31E351321EFA3A3

now..

Originally posted by Mak Manto
If that's true, that they're checking everybody who downloaded the file and who opens it, then we live in a more screwed up world then I thought.

But how would they know if you opened up the file?

It is true that in the UK you can be prosecuted for not providing the password for an encrypted file due to laws passed in i think 2002. Recent cases have proven this law can be enforced. It is also true they hold files on 1 in 12, i did try and dig out that article but it's lost in the BBC's database and i can't remember the headline sorry. As i can't find the article you can ignore it but i swear it was on the BBC's news site.

Lets be clear, you don't have to open the files under these laws, you simply have to refuse to open the files when asked by law enforcement. So if you download it, if they track it and then search your computer and you refuse, well say hello to prison.

UK laws suck.

reply to post by Unclerayray3000

lol its ok man, i can see how all this can get confusing lol. basically, wikileaks has been having some site maintenance (which could be because they are expecting some huge influx of trafic) and have released a file called 'insurance'. nobody knows whats on the file as it has an nsa encryption and can only be opened with a password. but we speculate that it has data that the government dont want people to see in it. and if wikileaks gets attacked they can send the password out to everyone who has the file to decrypt it!!

but people are talking about the password today because wikileaks posted the file again for peole to download and said it would be a good idea to mirror it now. so mabie they are getting ready to release te password, no1 knows!! lol

hope this was helpful

Originally posted by randomer
reply to post by ImaginaryReality1984

 

I live in the UK i downloaded this file. I really dont think the police or anyone else are going to come knocking at my door.

I was making a point regarding two things.

1. 1 in 12 people have a file, we have to ask what the hell reason they have for that.

2. If for some unrelated reason they took your computer then you would be required to give them the password. If you coudln't they would imprison you for 2-5 years.

Enjoy freedom

I posted a tread where im requesting an alternative download for the wiki insurance file...

www.abovetopsecret.com...

We need other sources we can get this

Originally posted by Spartannic
maybe this is a test tptb are doing to findou if someone can get into that encrytion...
This would be the second line ,if i had more to say about this

Actually that is one of the more plausible theories going around right about now.

The contents of the file could be a Red-Herring, totally irrelevant to WikiLeaks, totally irrelevant to Afghanistan. However, the promise that they could be something along the lines of the digital version of the Holy Grail is enough bait to get every script-kid, amateur cryptologist, and wanna-be hacker trying to hack the encryption to get to the contents.

Why would Wikileaks do such a thing?

Well, the patently obvious would be to drum up monetary interest, media interest, et cetera. The not so obvious would be that if someone *WERE* able to crack the AES256 encryption this would be a huge thing.

1.) All E-Commerce uses AES256 Encryption when using SSL. Matter of fact, PCI Compliance (required to process Credit Cards online) demands you use AES256 exclusively.
2.) All modern Wireless Communication uses AES256 Encryption at the specific request of our government.
3.) Our Department of Defense uses AES256 Encryption. Matter of fact, NIST FIPS 140-2 demands it.
4.) Most of the world's governments use AES256 Encryption, because it is endorsed as "unbreakable" by the NSA.

There have been numerous claims by high-profile cryptographers that the AES256 algorithm is deeply flawed. Certainly, there have been implementations of it that have been flawed (recently discovered in all Microsoft products just last month, for but a single example). However, no concerted effort has been made to show a proof of concept breaking of AES256 algorithm. However, if ever it was, not only would it cause the proverbial House of Cards to come down, exposing *EVERYBODYS'* secrets until a migration to a more secure algorithm was made (like to Blowfish or Triple-DES), but it would erode world-wide confidence in the NSA, just as the knowledge that Operative Services (OS) broke the Enigma devices (entirely with assistance from the British) before WWII was even over, yet sold them to every single country for use under the claim that they were "Secure and Unbreakable" up until the 1980s so that we could spy on them for 35+ years eroded world confidence in the CIA (formerly Operative Services).

So, perhaps it's not the contents that are threatening but the manner in which they are stored and playing on the innate desire of human curiosity to break into that which they are locked out of.

Just a theory...one of many floating around.

reply to post by ImaginaryReality1984


Then i would explain where i dowloaded the file from and explain that nobody knows the password. I think this would stand well in court and its not like they have to take my word for it they could easily check for themselves.

Originally posted by THE_PROFESSIONAL
Another method to release the password would be a deadmans type of switch. Julian would have to log into a program or website every day and if he missed a day the computer would release the password to the entire world.

Or maybe something related to Skynet.

Loved the Skynet line...

BTW - I'm not sure if anyone else commented on this yet but I think the size of the file is interesting.

1.3GB or 1.4GB is about the size of a full DVD. The file size will be slightly different after decryption, but if it isn't also compressed, it won't vary that much.

That fact alone doesn't really mean anything (i.e. - it doesn't mean it's video), but it's an interesting coincidence. Typically, I am not a big believer in coincidences especially when they're related to something controversial.

It might have been done on purpose so that the file (or it's contents after decryption) could be of a size to give it the broadest ability to be portable. Also, if you burn the contents to a DVD ROM, it cannot be overwritten (accidently or otherwise), unlike most memory sticks.

Again, this may mean nothing, but I found it interesting....

Originally posted by fraterormus

Originally posted by donttellthefeds
has anyone tried reston5 as the password ????? or something along those lines, i have tried doing it but i am not very compitant.

I just did for you. "reston5" can be confirmed as not being the password, it throws a "bad decrypt" error.

Just something to keep in mind also :

Right then i'am not a computer geek so I might say something stupid. From what I understand AES256 encryption can support upto a 62 caracter password, and a password is concidered secured at 15 caracters or more, so I wouldn't expect a 7 caracter pass on a file if you don't want anyone to get in easy ...