Select your localized edition:

Close ×

More Ways to Connect

Discover one of our 28 local entrepreneurial communities »

Be the first to know as we launch in new countries and markets around the globe.

Interested in bringing MIT Technology Review to your local market?

MIT Technology ReviewMIT Technology Review - logo

 

Unsupported browser: Your browser does not meet modern web standards. See how it scores »

Attorney General Eric Holder’s new probe into Wikileaks’s posting of 91,000 war documents will likely find that tracing the path of the documents back through the Internet is next to impossible. But watermarks–if they were embedded in the files–could reveal the whistle-blower.

Wikileaks relies on a networking technology called Tor, which obscures the source of uploaded data. While Tor doesn’t encrypt the underlying data–that’s up to the user–it does bounce the data through multiple nodes. At each step, it encrypts the network address. The source of data can be traced to the last node (the so-called “exit node”), but that node won’t bear any relationship to the original sender.

Ethan Zuckerman, cofounder of the blogging advocacy organization Global Voices, says he doubts investigators can crack Tor to find the computer from which the documents were originally sent. “There’s been an enormous amount of research done on the security of the Tor network and on the basic security of encryption protocols,” he says. “There are theoretical attacks on Tor that have been demonstrated to work in the lab, but no credible field reports of Tor being broken.”

And while Tor’s profile has been raised by its association with Wikileaks, Andrew Lewman, Tor’s executive director, says he has no insights into the source of the purloined documents. “I don’t know how Wikileaks got any of the information,” he says. While Wikileaks gets technical help from Tor staffers, “they don’t tell us anything, other than ‘Did we set up the hidden service correctly?’ which we’d answer for anyone,” Lewman adds.

“People assume that Wikileaks is a Tor project, but I can tell you definitely there is no official relationship.”

Lewman points out that many law-enforcement agencies, such as the U.S. Drug Enforcement Agency, also use Tor to protect their operations.

One way the government could finger a leaker is through digital watermarking of the documents themselves. James Goldman, a cyber forensics expert at Purdue University, says it’s not clear whether the government uses digital watermarking, “but it’s certainly possible.”

Such watermarks would consist of hidden digital data–or even slight alterations in the pattern of words–added to documents in ways that are hard to detect, but are readily decodable with the right software.

19 comments. Share your thoughts »

Credit: WikiLeaks

Tagged: Web, security, Internet, cryptography, WikiLeaks, Tor

Reprints and Permissions | Send feedback to the editor

From the Archives

Close

Introducing MIT Technology Review Insider.

Already a Magazine subscriber?

You're automatically an Insider. It's easy to activate or upgrade your account.

Activate Your Account

Become an Insider

It's the new way to subscribe. Get even more of the tech news, research, and discoveries you crave.

Sign Up

Learn More

Find out why MIT Technology Review Insider is for you and explore your options.

Show Me