Wikileaks is back in business for leakers, with two revamped ways to submit secret documents, the group announced Saturday. The security certificate for uploading by HTTPS has been replaced, after expiring in early June. When the old certificate expired, it …

Wikileaks Reopens for Leakers

Wikileaks is back in business for leakers, with two revamped ways to submit secret documents, the group announced Saturday.

The security certificate for uploading by HTTPS has been replaced, after expiring in early June. When the old certificate expired, it disabled Wikileaks’ upload system for over a month without any notice on the site.

Those with particularly sensitive documents can also once again cloak their uploads over the anonymizing system Tor. Wikileaks’ Tor Hidden Service had been a much-touted feature of the site, but was taken down without notice several months ago.

After Wired.com reported on Wikileaks’ technical issues last month, Julian Assange, the site’s leader, said that both outages were part of an upgrade to Wikileaks’ infrastructure.

The changes and other additions to Wikileaks were announced Saturday at the HOPE hacker conference in New York City by prominent Wikileaks volunteer Jacob Appelbaum, who tacitly acknowledged that Wikileaks had been less than transparent about the outages. In a spirit of communicating more with supporters, he announced a new blog for Wikileaks, supplementing its active Twitter feed.

“It’s extremely important that we tell you what’s  going on,” Appelbaum said. “Because whenever we do anything — when we take down the submission site to make sure that there are some new things that can be launched — we need to make sure that we let you know about it so that it doesn’t cause a huge problem in the media where we have to take a lot of time away from doing important work to talk to people that are not going to be very helpful, and in some cases are quite hostile.”

Assange had been slated to give the Saturday keynote at the hacker conference, but Appelbaum stepped in to deliver the address instead.

Wikileaks has been in the spotlight in the last few months after it released classified footage of a 2007 military attack in Iraq, where two Reuters employees were killed by U.S. soldiers in a Apache helicopter. Two children in a van that stopped to help an unarmed wounded man were also shot and severely wounded in the attack.

In May, PFC Bradley Manning, a former intelligence analyst in Iraq, was arrested on charges of leaking the video and other documents to Wikileaks, after confiding in former hacker Adrian Lamo, who turned him in.

While publishing classified documents isn’t a crime in the U.S., press reports indicate the government is concerned that Wikileaks will publish tens of thousands of sensitive State Department cables that Manning purportedly also provided Wikileaks. In chats with Lamo, Manning claimed to have given Wikileaks a database of 260,000 cables; Manning has been formally charged with downloading over 150,000 cables, and leaking more than 50 classified cables.

The reported government interest makes it unlikely that Assange would attempt to enter the U.S., where he’d likely face questioning, but he has spoken publicly twice in the U.K. in the last month.

Other new features announced include increased support for peer-to-peer file sharing and ways to find all leaks by geographic region or subject. The site also published the unique identifier of its SSL certificate, which would-be leakers can use to make sure that their connection to Wikileaks uploading server isn’t being spied on by rogue intelligence agencies.

Some of Wikileaks donations are handled by a German non-profit foundation, which last week said that the site’s spending was parsimonious, and that it would release a fuller report on the site’s budget in August.

The new upload page is handled, without explanation, through the web site for Wikileaks’s sister organization The Sunshine Press. A third security feature on Wikileaks — the ability to access documents securely over HTTPS — has yet to return, and will “take some more time until it is available,” according to the site’s new blog.

See Also:

Ryan Singel

Ryan Singel is the editor and co-founder of the Threat Level blog. He keeps his eye on privacy, tech policy and online liberties.

Read more by Ryan Singel

Follow @rsingel and @ThreatLevel on Twitter.