Snowden can't really sign the files if he has absolutely no access to them, which is a critical part of the current story, otherwise we'd be right to worry about his proximity to the FSB. On Wed, Jul 1, 2015 at 8:00 PM, John Young <jya@pipeline.com> wrote:
The Intercept doesn't sign Snowden files, just posts them on DocumentCloud. Best would be for Snowden to sign them if to be signed, journalists do not have capability to do it, and most could care less except to blow smoke about certification. Their lawyers advise to not certify anything leaked to them, too risky.
Same procedure by all the journalist-publisher users of DocumentCloud; it is restricted to journalists-publishers, whom it is well known are quite slack about comsec, infosec and their customers's privacy in order maximize profitability of user data for advertizers.
DocumentCloud, now hosting over 700,000 documents of millilons of pages, is rather easily penetrated and tampered with, but that's to be expected of anything hosted on the cloud which has the world's worst security. Worser: logs of accesses are kept and shared to authorities.
Cloud may be the most grievously harmer of privacy today, soon to be surpassed by the IoT to exploit user's gullibility with promises of oh so popular faulty security measures and irresponsibly shady privacy policies.
At 07:05 PM 7/1/2015, stef wrote:
On Thu, Jul 02, 2015 at 08:51:39AM +1000, Alfie John wrote:
On Thu, Jul 2, 2015, at 07:47 AM, John Young wrote:
Mostly Xkeyscore and more.
http://cryptome.org/2015/07/nsa-xks-more-intercept-15-0701.7z (643MB)
Is there an md5sum of that link served via HTTPS?
i'd rather prefer the intercept itself actually releasing this as a signed archive.
-- otr fp: https://www.ctrlc.hu/~stef/otr.txt