WikiLeaks Posts Mysterious 'Insurance' File

10 points by mishmash ↗ HN
Interesting stuff, following the saga of the recent WikiLeaks disclosure, they seem to have implemented some form of dead-man's switch on a future release of information.

http://cryptome.org/0002/wl-diary-mirror.htm

I would be curious to know if it's a fully automatic switch, maybe requiring a webpage to be visited, an email to be sent, etc. every x hours, or if it's human-based. Which would be more susceptible to attack, humans or code?

Reading up on AES256, it seems physically impossible to crack at this time. But with the decades spanning lead the military/intelligence community likely has on the private sector, it does make one wonder is the NSA, or other anonymous agencies, will be able to crack this file?

Other source:

http://www.wired.com/threatlevel/2010/07/wikileaks-insurance-file/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+wired%2Findex+%28Wired%3A+Index+3+%28Top+Stories+2%29%29

6 comments

[ 2.3 ms ] story [ 21.1 ms ] thread
Also, the geek in me wants to download this file, but I don't very much want flagged in some government DB, which leads to the question:

If a file contains illegal content, is it also illegal to possess that content in encrypted form?

In the US, wouldn't it full under the amendment that allow you not to incriminate yourself (aka, don't give over the encryption key (which you don't have anyway))
Yeah you're right. According to this CNET article from 2007, it has been decided at least to the Federal District level, that investigators are unable to compel encryption keys at this time.

http://news.cnet.com/8301-13578_3-9834495-38.html

edit: maybe not the case, here's an update to the same case from 2009 where, although he was free to keep the key secret, he was ordered to produce the contents of the drive.

http://news.cnet.com/8301-13578_3-10172866-38.html

The second was a case where guards had already seen the incriminating content. Maybe defendants can still plead the 5th when the contents are unknown.

In any case, if you can show that you weren't the one who encrypted the document, I don't see how you could be prosecuted for not doing the impossible.