Reminds me of my favorite Wikileaks episode. The time they failed to deliver something to Cryptome and then had a slap fight via DM.pic.twitter.com/KJdhkjdF3m
আপনি আপনার টুইটগুলিতে ওয়েব থেকে এবং তৃতীয়-পক্ষ অ্যাপ্লিকেশনগুলির মাধ্যমে অবস্থান তথ্য যেমন শহর বা সুনির্দিষ্ট অবস্থান যোগ করতে পারবেন। আপনার কাছে আপনার টুইটের অবস্থান ইতিহাস মোছার বিকল্প থাকবে। আরও জানুন
Reminds me of my favorite Wikileaks episode. The time they failed to deliver something to Cryptome and then had a slap fight via DM.pic.twitter.com/KJdhkjdF3m
Oh geez, GRU didn’t even encrypt the file. They encrypted the *link* to the file. This is like watching new Linux users try to install a video driver.pic.twitter.com/yvsUyKa7jS
I don’t get it. Why didn’t Wikileaks just point the GRU to the appropriate place on their site and tell them to click “Edit”?
I know that bashing GPG is a favorite discipline on Twitter, but I would love to hear what would be the alternative for open-source software package signing? PKI is not an option, that's even crazier for the use case.
You could build your own tool like OpenBSD did. Or use theirs: https://www.openbsd.org/papers/bsdcan-signify.html …
That's the other part (archive to user). Debian also uses GPG to establish (technical) trust between developers and to sign packages from the developer to the archive.
I’ve said this several times elsewhere, but a few things: 1. I don’t have any problem with people using GPG to sign (except for the fact that many end users don’t verify the signatures), my concerns are with PGP when used as an email confidentiality tool.
2. However, whenever we discuss replacing the PGP tooling with something else for that use case, a subset of the community says “what will we use for signing!!11” to which I say — who cares, use GPG. I don’t care. Just stop treating it as a safe email confidentiality tool.
3. But of course, having preserved PGP/GPG for that use case, the whole community then goes on to recommend and use it for email confidentiality, where it sucks, sucks, sucks. And prevents better alternatives from emerging.
4. At this point I feel like we’d be better just transitioning the signature use case to something from the 21st century. Something based on EdDSA. Get rid of the cruft and extra features.
5. All that stuff that makes GPG/PGP “easy”, like HTTP key servers and WoT is actually pretty much the weakest part of the software signing and distribution process.
This had been bugging me, and just not on the WL side. Can GRU be that incompetent? Only explanation possible is that they wanted to be found, let everything burn?
They didn’t care that much. It wasn’t some big secret.
We’re talking about the same people who dropped NSA exploits via a Russlish-sounding clown account. This wasn’t some big secret, it was an obvious attempt to screw with the US. It wasn’t until Trump won that people started turning up dead.
Dropping and burning exploits of your adversary is one thing, one might say "legitimate". "We caught you with your pants down". It is still contained in the espionage realm largely. Actively targeting the electoral process is two steps beyond that on the playbook.
Seems like @wikileaks is compromised now as well.
Wikileaks was always the opposition to begin with.
I dunno, their emails, Vault 7, etc; were all very helpful in my learning more about the corruption in elite groups/politics/tech etc
Just because you obtained some useful information doesn't mean they were being altruistic. They were and are tight with Russia, if not actually Russia themselves. Anything they produce is suspect without unassociated corroboration.
Does not refute his statement. I haven't seen any lies by Wikileaks. The problem they have is they were used. As far as i can see, they still haven't broken any law.
I’m no lawyer, but generally speaking when someone is in the middle of a serious Federal crime you don’t write them and say “Hey Guys, while you’re in there stealing stuff could you grab some things we need because we want to change the outcome of this election!!”
You mean like pressuring prosecutors in a foreign country to not settle charges so that they can be extradited? i.e. Sweden? That's Clinton as secretary of state isn't it? Perhaps he didn't care about America, he just didn't care for Clinton.
I don’t care who he liked. Generally speaking the way to get your revenge is not to turn yourself into an accessory to a Federal crime on a monitored, unencrypted connection. 
টুইটার তার ক্ষমতার বাইরে চলে গেছে বা কোনো সাময়িক সমস্যার সম্মুখীন হয়েছে আবার চেষ্টা করুন বা আরও তথ্যের জন্য টুইটারের স্থিতি দেখুন।