
Just how accurate are GPS-guided precision bombs, and what is most likely to send them off-target? Now you can find out by simply reading the smart bomb鈥檚 tactical manual on the internet. No, the Pentagon didn鈥檛 slip up and post the instructions online. Rather, a whistle-blower leaked the manual via Wikileaks, a website that uses anonymising technology to disguise the source of leaked information.
Launched online in early 2007, Wikileaks is run by an informal group of open government and anti-secrecy advocates who want to allow people living under oppressive regimes, or with something to say in the public interest, to anonymously leak documents that have been censored or are of ethical, political or diplomatic significance.
Wikileaks鈥 fame has spread rapidly in recent weeks, thanks to the release of some headline-grabbing documents. These include the design for the Hiroshima atomic bomb, a report on how the UK acquired its nuclear weapons capability, and hundreds of camera phone pictures of the Tibetan riots.
Advertisement
In the last fortnight alone it has released 50 documents and it is now hosting more leaks than its global network of volunteer editors appear able to check.
Thanks to Wikileaks, potential whistle-blowers are now far more willing to come forward, says John Young, who runs the long-standing site , which specialises in posting documents on espionage, intelligence and cryptography issues. 鈥淲e started getting a lot less information after 9/11 as people became more cautious when law enforcement agencies got more draconian powers. So we are very happy to see Wikileaks doing what they are doing so aggressively.鈥
This flood of leaked documents has been made possible by internet technology that allows whistle-blowers to post documents online without revealing their identity or IP address. The website uses a network called The Onion Router (Tor), to disguise the origin of documents. Tor routes documents sent to the Wikileaks website into a cloud of hundreds of servers, where they bounce randomly between a handful of them, before finally landing in one of Wikileaks鈥 inboxes (see 鈥淭he onion will cover your tracks鈥).
To track where a leaked document, picture or video came from would take the computing power of the US National Security Agency. And it would have to be trained on the right servers at the right time, making it virtually impossible to succeed.
鈥淭o trace a leak would take a vast amount of computing power trained on the right servers鈥
Ironically, given the number of military documents that are leaked to Wikileaks and other whistle-blowing websites, the Tor network was originally developed by the US Naval Research Laboratory, based in Washington DC, before becoming an open source project anybody can use. But this does not mean the military has a back door into the system, says Wikileaks spokesman Julian Assange. 鈥淟ike the internet, Tor is out of the hands of those that were once involved in crafting it,鈥 he says.
Wikileaks itself is actually much more than a single website. has mirror sites hosted in a number of countries, including Belgium, Sweden, Australia, Christmas Island and California. This means that if someone tries to take legal action against Wikileaks in one country 鈥 by taking down the wikileaks.org website for example, as a Swiss bank tried and failed to do earlier this year 鈥 it cannot take down the entire service. Also, Sweden and Belgium in particular have very strong anti-censorship legislation, making Wikileaks a resilient beast.
Once a document has been submitted to the website, and before it can be published, editors check it for veracity and assure themselves that it is of compelling public interest. 鈥淎nonymous leaking is an ancient art and many websites publish documents from sources they cannot identify,鈥 says Steven Aftergood of the Federation of American 杏吧原创s鈥 (FAS) Project on Government Secrecy. 鈥淲hat Wikileaks has done is to professionalise the operation. They have created a standard procedure for receiving, processing and publishing leaks.鈥
In 2007, for example, Wikileaks revealed massive corruption in the Kenyan government and made the startling discovery that agents of the Stasi, the former East German secret police, had become members of the commission investigating Stasi crimes. It also leaked a Pentagon handbook revealing that psychological torture was used against prisoners at the US鈥檚 Camp Delta in Guantanamo Bay.
So how do Wikileaks鈥 editors decide which leaks to post? Unlike print editors, Wikileaks鈥 editors do not reject leaked documents just because they are unlikely to have widespread appeal. The only rule is that leaks must be in the public interest, says Assange. And there are few frivolous leaks, he says. 鈥淥ur sources, perhaps inspired by examples already set, nearly always send in genuine public interest material. Wikileaks pushes submissions through a number of questions and only the well-motivated leaks get through.鈥
One example is the manual for the Joint Direct Attack Munition (JDAM), or smart bomb, available on the Wikileaks site. The leaked document from 2002 reveals that while the bomb, which has since been upgraded, had an accuracy of 2.8 metres in flight tests, this dropped to 7.8 metres in actual combat, thanks to guidance errors, failure to specify target coordinates accurately, and inaccuracies in the GPS systems.
鈥淛DAM is the most strategically significant US military development in the past twenty years,鈥 says Assange. It costs from $20,000 to $40,000 and bolts onto existing 500 to 2000-pound bombs, turning them into individually targeted gliders that are accurate to within 3 metres. Eighty JDAMs can level all the critical infrastructure of a medium-sized city in one B2 bomber flight, says Assange. 鈥淭his means that posting the manual clearly fits our editorial policy that the material be of political, diplomatic or ethical significance.鈥
Despite the success of Wikileaks in bringing such documents out into the open, potential whistle-blowers should remain on their guard when posting documents to any leak site, says Young. Some are in fact run by intelligence agencies hoping to catch whistle-blowers in the act, he says.
鈥淭here are lots of dirty tricks out there. We always caution against trusting our site or anybody else鈥檚 because there are so many 鈥榮ting鈥 sites out there,鈥 he adds.
Meanwhile, some anti-secrecy advocates in the US criticise Wikileaks鈥 editorial policy for being too open, as the website does not censor sensitive military documents, including potentially dangerous details on bombs.
Assange says there are no documents Wikileaks would not post on the grounds of military sensitivity. 鈥淚t would be quite incorrect for us to express any national favouritism,鈥 he says.
That greatly troubles Aftergood, who also leaks documents through his FAS newsletter Secrecy News and the FAS website. 鈥淭hey are essentially an outlaw operation 鈥 operating literally outside the framework of the law 鈥 and they have shown no willingness to refrain from publication of sensitive military technology.鈥
This could make the website a threat to security, Aftergood says. 鈥淚t鈥檚 troubling that Wikileaks is beyond accountability to anyone. The better they are at what they do the more pressing it becomes that there is some kind of accountability. Otherwise Wikileaks itself could become a threat.鈥
First things first, says Assange. 鈥淲hen governments stop torturing and killing people, and when corporations stop abusing the legal system, then perhaps it will be time to ask if free speech activists are accountable.鈥
The onion will cover your tracks
No spy movie is complete without an agent trying to shake off the villain on their tail by taking random twists and turns down back alleys and side streets. The Onion Router (Tor) does the same thing with your digital files, and then erases your 鈥渇ootprints鈥.
A Tor network comprises thousands of volunteer users who turn their computers into 鈥渙nion proxy鈥 servers by downloading client software from the Tor website. Then, when you want to send a message, Tor encrypts it three times in onion-like layers and forwards a key to each layer to three proxy servers, chosen at random, in the network.
When the message arrives at the first server, its outer layer is decrypted and so on. By the time the completely decrypted message pops out of the third server, it appears to have originated at this server, disguising its true source. 鈥淚magine a large room jammed full of people in which many of them are passing around envelopes,鈥 says computer security expert Bruce Schneier. 鈥淗ow would you know where any of them started?鈥
However, Tor is not completely secure. Steven J. Murdoch and colleagues at the University of Cambridge have shown that it is possible to identify some onion proxies. Although that would not reveal your secret message, it would reveal who is using Tor.