Connect with us

Current Affairs

Here’s How The US Claims The Assange-Manning Conspiracy Worked

Published

on

The U.S. government has disclosed more of its case against WikiLeaks cofounder Julian Assange. It hinges on a claim he and Chelsea Manning worked together to crack a password for a computer storing sensitive government files.

An affidavit unsealed Monday outlining the case against Assange said he conspired with Manning when they discussed working together to crack a password “related to two computers with access to classified national security information.” More specifically, the password belonged to a user called FTP (not to be confused with an FTP server) on two Windows computers that Manning could access from a base in Iraq, the government said.

The FTP account wasn’t associated with any specific individual, and the government alleged that if Manning had used it to pilfer files and hand them over to Wikileaks, she could have foiled investigators looking into who was behind the leaks.

“Although there is no evidence that the password to the FTP user was obtained, had Manning done so, she would have been able to take steps to procure classified information under a username that did not belong to her,” the affidavit read. “Such measures would have frustrated attempts to identify the source of the disclosures to WikiLeaks.”

The alleged conspiracy to crack the password took place in March 2010, two months after she’d walked out of the Iraq base with classified war reports from Iraq and Afghanistan. She was later convicted and served seven years in jail for downloading tens of thousands U.S. military documents and diplomatic cables.

How passwords are cracked

The reason any password had to be cracked in the first place was the use of what’s known as a “hash.” Microsoft’s Windows operating system doesn’t store passwords in plain text. That’s to prevent hackers who find a way on to the computer from seeing and stealing them. Instead, Microsoft makes life harder for cybercriminals and snoops by turning that plain text into scrambled code. That string of letters and numbers is known as a “hash value” and it’s created when an algorithm is applied to the plain text of the password.

For an attacker to get at the plain text it’s possible to do a so-called “brute force attack.” The process for this is basic: The hacker creates a huge list of guessed passwords through the same hashing algorithm used by Windows to find a matched hash value for the hidden password. Once the same hash value is calculated, the password has been found.

Sometimes a password will be too complex for guessing to work in a short enough time frame. That’s where “rainbow tables” come in. These contain a massive number of hash values for previously calculated passwords. Hackers use them to do a quick comparison of the hash they have with the ones in the table, in the hopes that it’s already been seen before and a match is available.

“In computing terms we call this a time/memory trade-off. Rather than spend time on a task, we pre-calculate parts of it and store them somewhere, essentially trading time for memory,” says Tom Wyatt, senior penetration tester at cybersecurity provider Bulletproof. “These tables can be calculated or downloaded from various online sources, and it simply boils down to paying for storage for it all; even in 2010 this was fairly cheap and entirely possible.”

But Microsoft goes one step further in protecting those hash values by splitting them in two, storing the parts in separate files. Here’s where a little trick comes in handy: A hacker might be able to recover those two separate pieces by rebooting a Windows PC using a CD with the Linux operating system. Back in 2010, it was possible to do that and recover the full hash value.

Ken Munro, a penetration tester with Pen Test Partners, told Forbes the technique still works, as long as there’s no additional layer of security over it, such as full disc encryption. “Whilst the technique still works, it’s quite rare to find systems that don’t now have full disc or similar encryption,” he added. (Microsoft hadn’t responded to a request for comment at the time of publication). According to the government’s telling of the story, evidence suggests Manning tried, and very possibly failed, with this technique. In a footnote in the affidavit, the government said Manning hadn’t provided Assange with the full hash, only one of the two halves required.

It’s alleged Manning passed what she thought was a hash value to Assange. The Wikileaks chief then said he would pass it on to a specialist in cracking, according to chats over the Jabber encrypted communications app, as provided in the affidavit. But, as per the investigators’ claims, there was some confusion: Manning said she wasn’t even sure what she handed to Assange was the hash value they wanted. Assange messaged Manning to ask if there were “any more hints” about the hash and that he’d had “no luck so far,” according to the government account. From there it’s unclear what happened. The government admits it didn’t know whether the password was ever cracked.

Not that it changes much for Assange: The charge is that of conspiracy. If he did offer assistance to help Manning gain access to U.S. government systems and encouraged the then intelligence analyst to leak files, the charge still stands. Manning, who served seven years in jail before being pardoned by President Barack Obama, is back behind bars for refusing to testify in the investigation into Wikileaks. Her lawyer had not responded to a request for comment at the time of publication.

Assange’s lawyer, Jennifer Robinson, couldn’t be reached for comment at the time of publication. She told Sky News yesterday that the indictment against her client showed “the kinds of communications journalists have with sources all the time.” Following Assange’s arrest, however, various journalists have said on Twitter that any incitement to hack organizations or steal documents was far from normal and risked breaking the law.

Meanwhile, the fallout from Assange’s arrest continues. According to Reuters, Ecuador’s telecommunications vice minister Patricio Real said the government’s networks had been hit by a mass of cyberattacks after it decided to revoke Assange’s asylum status. He claimed various government websites had been slammed by 40 million hacking attempts per day, double the number it typically sees.

-Thomas Brewster; Forbes Staff

Continue Reading
Advertisement
Comments

Current Affairs

Roadmap For African Startups

Published

on

Francois Bonnici, Head of the Schwab Foundation for Social Entrepreneurship, explains how African impact entrepreneurs will continue to rise.


Does impact investment favor expats over African entrepreneurs? If so, how can it be fixed?

There is a growing recognition all over the world that investment is not a fully objective process, and is biased by the homogeneity of investors, networks and distant locations.

A Village Capital Report cited that 90% of investment in digital financial services and financial inclusion in East Africa in 2015-2016 went to a small group of expatriate-founded businesses, with 80% of disclosed funds emanating from foreign investors.

READ MORE | It’s Time For Africa’s Gazelles To Shine

In a similar trend recognized in the US over the last decade, reports that only 3% of startup capital went to minority and women entrepreneurs has triggered the rise of new funds focused on gender and minority-lensed investing.

There has been an explosion of African startups all over the continent, and investors are missing out by looking for the same business models that work in Silicon Valley being run by people who can speak and act like them.

In South Africa, empowerment funds and alternative debt fund structures are dedicated to investing in African businesses, but local capital in other African countries may not also be labelled or considered impact investing, but they do still invest in job creation and provision of vital services.

There is still, however, a several billion-dollar financing gap of risk capital in particular, which local capital needs to play a significant part in filling. And of course, African impact entrepreneurs will continue to rise and engage investors convincingly of the growing and unique opportunities on the continent.

READ MORE | The World’s Most Generous Billionaires Outside Of The US

What are the most exciting areas for impact investing and social entrepreneurship today?

After several decades of emergence, the most exciting areas are the explosion of new products, vehicles and structures along with the mainstreaming of impact investment into traditional entities like banks, asset managers and pension funds who are using the impact lens and, more importantly, starting to measure the impact.

At the same time, we’re seeing an emergence of partnership models, policies and an ecosystem of support for the work of social entrepreneurs, who’ve been operating with insufficient capital and blockages in regulation for decades.

Francois Bonnici, Head of the Schwab Foundation for Social Entrepreneurship. Picture: Supplied

The 2019 OECD report on Social Impact Investment  mapped the presence of 590 social impact investment policies in 45 countries over the last decade, but also raises the concern of the risk of ‘impact washing’ without clear definitions, data and impact measurement practices. 

In Africa, we are also seeing National Advisory Boards for Impact Investing emerge in South Africa and social economy policies white papers being developed; all good news for social entrepreneurs.

READ MORE | Naomi Campbell: Africa Is One Of The Leading Continents In The World

What role does technology play in enabling impact investing and social entrepreneurship?

The role of technologies from the mobile phone to cloud services, blockchain, and artificial intelligence is vast in their application to enhancing social impact, improving the efficiency, transparency and trust as we leapfrog old infrastructures and create digital systems that people in underserved communities can now access and control.

From Sproxil (addressing pirated medicines and goods), to Zipline (drones delivering life-saving donor blood to remote areas of Rwanda) to Silulo Ulutho Technologies (digitally empowering women and youth), exciting new ways of addressing inclusion, education and health are possible, and applications are being used in many other areas such as land rights, financial literacy etc.

While we have seen a great mobile penetration, much of Africa still suffers from high data costs, and insufficient investment in education and capacity to lead in areas of the fourth industrial revolution, with the risk that these technologies could negatively impact communities and further drive inequality.

READ MORE | Why Now Is The Time To Invest In African E-commerce

Continue Reading

Current Affairs

Businesses At The Heart Of A Greener Future

mm

Published

on

With every day that passes by it becomes more apparent that the Earth is deteriorating and time is running out to save it. Scientists have estimated that we have less than a decade to save the planet before it is irreversibly damaged, mainly due to climate change.

Businesses claim the largest percentage of global emissions (at approximately 70% since 1988, according to The Guardian) which is an alarming statistic, especially in a time when the planet’s well-being is being compromised.

Many large business corporations are hastily coming on board with operating sustainably by transforming their practices and placing business ethics at the forefront of their priorities.

READ MORE | The Most Sustainable Companies In 2019

Last week, a round table discussion was held at the Fairlawns Boutique Hotel, Sandton hosted by Environmental Resources Management (ERM) – the world’s largest sustainability consulting firm. Their aim was to discuss how imperative it is for African businesses to get on board with sustainability.

“We have been talking about how to be sustainable for a long time but now it is time for us to do sustainability,” says Thapelo Letete, Technical Director of ERM.

An engaging and thought-provoking panel discussion ensued with representatives from ERM and mining companies, Anglo American and Gold Fields. They emphasized the importance of sustainability being recognized by investors, especially in mining and oil companies that rely solely on Earth’s natural resources.

Civil society has a colossal role to play in ensuring the sustainability of businesses. Due to the law of supply and demand in production, consumers are being urged to be mindful of their buying habits and to make sustainable decisions. These are as simple as minimizing the utilization of plastic straws by replacing them with metal or paper straws and reusable shopping bags and by recycling selected items.

READ MORE | Challenging The Gender Divide

“Research suggests that socially and environmentally responsible practices have the potential to garner more positive consumer perceptions of (businesses), as well as increases in profitability,” according to an entry in Sage Journals published in May.

The advancement of science, artificial intelligence and the rapid growth of the technological industry make it an undeniable fact that the Fourth Industrial Revolution is underway. Many businesses across the globe seem to be well prepared for this change. However, businesses in Africa seem to be vulnerable. 

“It is difficult to say that all businesses in Africa are prepared for it. It is not a country specific thing but it does vary across corporations. There will be businesses that are well prepared and businesses that are not so well prepared,” says Keryn James, CEO of ERM.

A large part of sustainability also relies on empowerment and equality. Sub-Saharan Africa has the highest number of female-owned businesses who contribute a large amount of money towards their respective countries’ GDPs. However, most of these businesses struggle with the issue of scaling.

“Women sometimes underestimate their ability and they don’t necessarily  have the confidence that they should have about the value that their businesses present. Women often take less risks than men,” says James.

“The issue of scaling is one that we see globally. One of the issues are access to funding to support in the investment and growth of their businesses.”

READ MORE | Mastercard: Diligent About Digital In Africa

Going forward, the availability of mentorship programmes and skills development opportunities for women, especially black women in business should be encouraged.

According to a study done by the UN Women’s organization, an average of 3 out of 7 women score higher in performance when they are placed in senior managerial positions. Additionally, if more women work, the more countries can exponentially maximise their economic growth.

Women will be empowered when given the correct skills and opportunities to be able to run their own businesses independently which would ultimately lead to the scaling of female-owned businesses in Africa and sustainable development.

The Nedbank Capital Sustainable Business Awards aim to recognize the efforts of businesses that operate sustainably and to encourage other corporations who intend to adopt more sustainable strategies into their practices. Initiatives such as these prove that business value also depends on how sustainable they are.

It is clear that the prioritization of sustainability and accountability in businesses is the only way forward in the midst of this global crisis. With a combination of will and the rigorous work that African businesses have put into sustainability initiatives and strategies, it is easier to be optimistic about our planet’s wellbeing.

-Buhle Ntusi

Continue Reading

Current Affairs

Ex-Google Staffer Says After Split With Chief Legal Officer David Drummond: ‘Hell Does Not Begin To Capture My Life’

mm

Published

on

By

Former Google employee Jennifer Blakely has written a scathing blog post with allegations about how her affair with chief legal officer David Drummond unfolded.


A former member of Google’s legal team who says she had a child with the company’s chief legal officer, David Drummond, has written a scathing blog post about the way that their relationship unfolded within the search engine giant, including that he issued “terrifying threats” to take custody of their child after initially refusing to pay child support.

In a Medium post, Jennifer Blakely says that she was inspired to detail her experience after an explosive New York Times story last fall put a spotlight on how the company shielded top executives from harassment claims and sparked massive employee protests.

“Looking back, I see how standards that I was willing to indulge early on became institutionalized behavior as Google’s world prominence grew and its executives grew more powerful,” Blakely writes.

READ MORE | Google, Facebook, Twitter Fail To Live Up To Fake News Pledge

“Women that I worked with at Google who have spoken to me since the New York Times article have told me how offended they were by the blatant womanizing and philandering that became common practice among some (but certainly not all) executives, starting at the very top.” 

While her relationship with the married Drummond was included in the Times story and first reported byThe Information in November 2017, this is the first time Blakely has written about the experience herself.

Drummond is one of several current and former Google executives who has reportedly had relationships with employees or extramarital affairs, including Eric Schmidt, Sergey Brin, and Andy Rubin.

READ MORE | Calling Out Sexual Harassment

Blakely alleges that after their relationship ended, Drummond had another relationship with a subordinate, which is against Google’s workplace policy. He is still employed by Google and made more than $47 million last year. 

Blakely says that she started working in Google’s legal department under Drummond in 2001 and that after he told her that he was estranged from his wife, they began a relationship in 2004. She says the two had a child together in 2007 and that Google’s human resources department then told her that one of them had to leave the department.

She moved to sales, an area where she had no experience, and subsequently struggled with her work. Blakely alleges that after she ultimately left the company at Drummond’s urging in 2008, but that while they were living together in Palo Alto, he broke off their relationship via text message.

“‘Hell’ does not begin to capture my life since that day,” she writes. “I’ve spent the last 11 years taking on one of the most powerful, ruthless lawyers in the world. From that fateful night forward, David did things exclusively on his terms.” 

She alleges that Drummond initially refused to see their son or pay child support, and then fought against her in a custody battle. While she says they ultimately reached a settlement and he began paying child support, she writes that “months or years” would go by when he wouldn’t see their son. In 2014, Drummond allegedly showed her an article about Eric Schmidt’s reported history of extramarital affairs during an argument, implying that the executive’s position granted him impunity.

READ MORE | Young women in Soweto, South Africa, say healthy living is hard. Here’s why

“His ‘personal life’ (which apparently didn’t include his son) was off limits and since I was no longer his ‘personal life’ it was time for me to shut up, fall in line and stop bothering him with the nuisances or demands of raising a child,” Blakely writes.

Blakely’s story is the latest in a string of public posts from former Google employees highlighting issues with the company’s culture and policies (or their lack of enforcement).

One of the women who helped organize last fall’s protests, Claire Stapelton, recently wrote about her experience with retaliation, another employee detailed the disappointing way the company’s human resources department dealt with her harassment reports, and former senior engineer Liz Fong-Jones posted about “grave concerns” with the company’s decision making in general.

The outspokenness of Google employees exemplifies — and has helped spur — a broader activism in the tech sector that has seen workers speaking out against their employer’s internal policies and business decisions.

Blakely’s post also taps into the larger #MeToo movement which has drawn attention to sexual harassment and abuse in the workplace across industries.

“Until truth is willing to speak to power and is heard, there’s not going to be the sea change necessary to bring equality to the workplace,” she writes.

Neither Google nor Drummond immediately responded to a request for comment. 

This story is developing.

-Jillian D’Onfro; Forbes

Continue Reading

Trending