Posted on December 6th, 2011
An announcement was made on Wednesday by ‘whistleblower’ website WikiLeaks stating the postponement of the release of its latest submission system due to current security issues regarding the SSL infrastructure. The system was initially set to launch on Monday.
Almost a year back, Daniel Domscheit-Berg and Icelandic historian Herbert Snorrason along with many WikiLeaks associates left the organization. They followed the desertion by disrupting the submission system of the website. This action basically illuminated the need for an advanced and secure submission system.
The organization explained, “constructing the system is very complex. Due to the deteriorating state of internet security which directly impacts the ability of sources to communicate with journalists and human rights activists securely, WikiLeaks has decided to postpone the launch.”
WikiLeaks has decided not to disclose any further details about the latest system’s delay until their Press conference which is to be held on Thursday in London. The only information provided by them is that their latest system is more mature and composed as compared to the former one.
The website has planned to reveal some more information regarding the system along with other plans in the upcoming press conference. They are also working to disclose any privacy threats to journalists, sources and others.
WikiLeaks showed its deep concerns over security issues of multiple certificate authorities as well as the present situation of the internet’s public key infrastructure.
“For more than a year, SSL certificates have been penetrated by various organized crime groups and intelligence agencies,” said WikiLeaks. “The entire SSL system, which is the mechanism that guarantees security and anonymity online, has been compromised. The system is beyond repair.”
Due to this issue, many rogue SSL certificates were allotted for high-profile domains. Also, The Dutch Certificate Authority DigiNotar got hacked with the hacker releasing 531 rogue certificates on the internet in September.
This issue has challenged the general security of the SSL infrastructure and has highlighted the importance of certification authorities.
Some German hackers unleashed a new way to reveal the glitches in SSL last month. By using a single computer to crash a web server, they proved how even a secure connection can be compromised with the right tools.