WikiWars: blow by blow

December 9

2350: Federal Liberal member for the Sydney seat of Wentworth, Malcolm Turnbull, draws parallels between his defence of ex-MI5 agent Peter Wright in the Spycatcher affair and Wikileaks in his blog. He says that it would be difficult to prosecute Assange and that the US State Department should take up the Wikileaks' publisher's offer to vet the remaining cables: "Harm minimisation should be the order of the day for Washington."

Just as the vindictive pursuit of Peter Wright turned his book into an international best seller, so the furious attacks on Mr Assange are likely to be counterproductive. The long term damage from the wikileaks cables is likely to be that it confirms that despite spending billions on security and the war against terror, the US Government is unable to preserve the security and confidence of those it deals with right around the world. It will take a lot of reassurance before the chilling impact of these leaks wears off.

Malcolm Turnbull

2330: Supporters of Bradley Manning, the US soldier believed to be the source of the Wikileaks diplomatic cables, say the whistleblowers' website is yet to make good on a promised "substantial amount" towards his $US100,000 legal defence fund.

We understand the difficult situation Wikileaks currently faces as the world's governments conspire to extinguish the whistleblower website. However, in order to meet Bradley Manning's legal defence needs, we're forced to clarify that Wikileaks has not yet made a contribution towards this effort. We certainly welcome any contribution from Wikileaks, but we need to inform our supporters that it may not be forthcoming and that their continued contributions and support are crucial.

The website says tax-deductible donations (US citizens) can be made at bradleymanning.org, which accepts Visa or Mastercard.

2310: The website of former US vice-presidential hopeful Sarah Palin is still down, possibly Anonymous retribution for Palin demanding that the "un-American" Assange be hunted down like Osama bin Laden for publishing the diplomatic cables. A Palin aide told ABC (US) that hackers also stole the personal credit card details of Palin and her husband.

2300: John Young is no stranger to publishing leaked documents to the internet. The founder of the original website for leaks, Cryptome.org, tells the Guardian that even as US left and right wed over their shared loathing of Assange, all the fuss over Wikileaks is "just typical arm-waving and yelling. If anything, this will just further wind people up to oppose authority and send in more documents." Cryptome has published more than 60,000 leaked documents over 14 years.

2240: GetUp! reaches $170,000 in donations, sufficient to buy a half page ad in the New York Times (it's aiming for at least $250,000 to buy a full page).

2200: Britain's Telegraph reports that hackers took down the Swedish Government's official website regeringen.se for a couple hours but it is back online.

2020: GetUp! tweets the activist group collected $132,000 and 25,000 signatures in just four hours from an online campaign to run ads in US media. The group is collecting donations at the rate of $550 a minute.

1930: An updated list of Australian protest actions is on the Wikileaks Central website. Actions are planned for all Australian capitals over the next week except for Darwin.

1815: Finnish information security researcher Mikko Hypponen says the Verified by Visa and main PayPal sites are down, coming at the worst time for nervous retailers in the run up to Christmas. Downforeveryoneorjustme.com confirms the sites are offline.

1800: Asher Wolf is live blogging the Law Institute of Victoria Wikileaks panel with Julian Burnside, ABC radio presenter Jon Faine and others. Twitter hashtag #LIV

1750: Anonymous equates its DDoS attacks to a "digital sit-in" in defence of human rights in an open letter published to its Google Blogger page.

Anonymous is doing what many successful campaigns have done in the past; a sit-in. It may be hard to comprehend, but a digital sit-in is our most effective method to show that all of us deserve Freedom of Speech and a free Internet.

1730: Spanish security researcher PandaLabs says Anonymous IRC chat servers flooded with bots from US "patriots" seeking to disrupt the collective's communications.The researcher was under "constant and steady" DDoS attack today.

PandaLabs blog sustained 139 service interruptions and over five hours of downtime today. It's still unclear who is to blame for the attack, but it's obvious that they did not want these attacks documented for the general public.

People have been asking me all day if there is some sort of "patriot response" to Operation Payback and there is no doubt in my mind that an initiative does exist, but no one besides @Th3J35t3r has publicly "attacked back" and he/they still haven't said anything about these latest attacks.

So, what makes me think that there is some sort of underground patriot response?

The Operation Payback website has sustained a series of DDoS attacks despite being hosted on a "bulletproof" server specializing in anti-ddos and hosted in Russia.

1720 hrs: Australian information security expert Stephen Wilson criticises Anonymous' defence of Wikileaks for losing the "moral high ground". The identity and authentication expert blogs that if a "government had mounted a DDOS attack against Wikileaks, the blogosphere would rightly scream blue bloody murder".

But too many are lionising the DDOS attacks undertaken by a self-appointed cyber militia. One of Wikileaks' key assets is the moral high ground. Their true supporters should roundly condemn all hacktivism, or we will all go down the gurgler of double standards.

1700: A poster circulating the internet claimed earlier today that millions of Mastercard's customers' details were leaked during a break in to the credit card company's servers last night. Those behind "Operation Bank Troll" claim Mastercard knows of the breach but is covering it up. Mastercard denies its systems were breached.

Late afternoon wrap (1615): Mastercard and Visa, which choked funds to Wikileaks this week, were revealed in cables published in the Guardian to have been the beneficiaries of high-level lobbying efforts by the US Government seeking to halt the passage of a bill through the Russian parliament or Duma that would have harmed the credit card companies' interests.

Julian Burnside will address a gathering on Assange's situation at the Law Institute of Victoria at 1730 today, the same time as a protest in Brisbane. Protests in support of Wikileaks are planned for Perth and Melbourne tomorrow, Canberra next week and other cities around the world.

The British bookselling arm of cloud-services company Amazon that kicked Wikileaks from its servers last week owing to alleged breach of contract terms has for sale on its website a Kindle version of the first tranche of Wikileaks documents.

Activist group GetUp! asks at its website Australians to back its push to take out ads in US media aimed at defending Assange from calls for his arrest and killing.

The official site of the Bolivian Vice President is a Wikileaks mirror.

1525: Anonymous publishes its manifesto in which it says it's "not an organisation or group of people. It most certainly not a group of hackers [it's] an online living consciousness."

Operation: Payback is now directed towards those who employ unfair means to fight Wikileaks. [O]rganisations such as Visa and Mastercard among others are facing attacks not to their critical infrastructure but to their corporate websites, the online public face of those organisations.

1515: Australia emerges as a leading battlefront in the online civil war over Wikileaks while iPhone and Android are the mobile infosurgent's gadgets of choice. Gadget blog Gizmodo has a handy primer on the hacker's DDoS tool of choice, Low Orbit Ion Cannon, ideal for the total n00b.

The idea behind LOIC is that it can allow you to participate in attacks even if you've no clue how to hack. Just download a copy of LOIC (available for Windows, Mac, and Linux!), punch in the target information like a URL or an IP address and zap.

Low Orbit Ion Cannon, the DDoS tool for newbies.

1500: Electronic Frontiers Australia chairman Colin Jacobs tells the Australian Broadcasting Corporation that the "tactics used by Anonymous are extremely unsophisticated and more of a brute force attack rather than any subtle manipulation of data and security in order to free any information." [mp3 audio stream]

1445 hrs: AnonOps.info website shows its network status, including sites under attack and those being rebuilt after data corruption.

1440: US information security professional Hemanshu Nigam advises government spooks not to try to crack the 256-bit AES "Insurance" file, rumoured to contain the unredacted wikileaks cables, but to focus on turning someone who Julian Assange trusts for the password, he tells CNN.

The Government would be wise not to focus on the technical, and instead concentrate on finding and talking with people who were around Assange in the last few years, the people who he trusts. Technology won't turn on a friend but people will.

1420: Babbage, the tech blog for the Economist, tries to educate Anonymous about the US political system. An Anonymous op asks: "Paypal and Visa are unbeatable, so do is Everydns, and interpol will rape all of us, Postfinance is the most able to suffer our rage, who the **** is lieverman?" To which the Economist replies: "He's just a senator. Almost became vice-president, once. It was years ago."

1405: Tango down: Anonymous claims its attacks against PayPal successful:"PayPal is down :) #BradAss87 #wikileaks #cablegate #payback #DDOS #paypal #win #lol"

Takedown confirmed by downforeveryoneorjustme.com.

1340: The Californian city of Berkeley is considering awarding alleged Cablegate whistleblower Bradley Manning "hero" status for "courage in bringing truth to the American people and the people of the world", Kim Zetter reports in Wired. Author of the resolution, Bob Meola said:

If he did what he's accused of doing, he's a patriot and should get a medal. I think the war criminals should be the ones prosecuted, not the whistle-blowers.

Berkeley, which is home to the famous eponymous university and a centre for technology research and companies such as Pixar, was a centre of the hippy movement in the '60s.

Earlier, Facebook and Twitter slammed closed the accounts of Anonymous. Hackers immediately shifted Twitter accounts for command and control.

@Anon_operation Twitter suspension notice.

1330: Wikileaks mirror count: 1334. Number in Australia: four.

1320: Time magazine says in the era of crowdsourcing, apprehending Julian Assange is a win for Wikileaks and its followers.

The asymmetrical info war initiated by the WikiLeaks dump of diplomatic cables is all about spectacle - the more Assange is set up by world powers, the more powerful his own movement becomes.

1312: ThePayPalblog.com is back online with its earlier, updated statement on why it strangled funds to Wikileaks, although it's not accepting comments.

Media reports today regarding a statement made by our vice president of platform, mobile and new ventures, Osama Bedier, at the LeWeb conference in Paris, have created confusion about PayPal's decision to permanently restrict the account that was raising funds for WikiLeaks. We want to set the record straight.

As a global payment service that moves billions of our customers' funds across borders and across jurisdictions, we are required to comply with laws around the world. Compliance with these laws is something we take very seriously. PayPal's Acceptable Use Policy states that we do not allow any organization to use our service if it encourages, promotes, facilitates or instructs others to engage in illegal activity. This policy is part of an agreement we've made with our account holders and with the companies that allow us to process global payments. It's also an important part of our commitment to protect our customers and to ensure our business can continue operating around the world.

In 2008 and 2009, PayPal reviewed and restricted the account associated with WikiLeaks for reasons unrelated to our Acceptable Use Policy. As soon as proper information was received from the account holder, the restrictions were lifted.

The account was again reviewed last week after the U.S. Department of State publicized a letter to WikiLeaks on November 27, stating that WikiLeaks may be in possession of documents that were provided in violation of U.S. law. PayPal was not contacted by any government organization in the U.S. or abroad. We restricted the account based on our Acceptable Use Policy review. Ultimately, our difficult decision was based on a belief that the WikiLeaks website was encouraging sources to release classified material, which is likely a violation of law by the source.

While the account will remain restricted, PayPal will release all remaining funds in the account to the foundation that was raising funds for WikiLeaks.

We understand that PayPal's decision has become part of a broader story involving political, legal and free speech debates surrounding WikiLeaks' activities. None of these concerns factored into our decision. Our only consideration was whether or not the account associated with WikiLeaks violated our Acceptable Use Policy and regulations required of us as a global payment company. Our actions in this matter are consistent with any account found to be in violation of our policies.

1305: The Internet Society says in its monthly newsletter that EveryDNS' action in yanking Wikileaks' domain name from under it "dramatically puts the principles" of "free expression and non discrimination that are essential to preserve the openness and utility of the internet" at risk. And it says those who "maliciously" took Wikileaks down should face prosecution.

Recently, we have witnessed the effective disappearance from the Internet of a website made infamous through international press coverage and political intrigue.

The Internet Society is founded upon key principles of free expression and non discrimination that are essential to preserve the openness and utility of the Internet. We believe that this incident dramatically illustrates that those principles are currently at risk.

Recognizing the content of the wikileaks.org website is the subject of concern to a variety of individuals and nations, we nevertheless believe it must be subject to the same laws and policies of availability as all Internet sites. Free expression should not be restricted by governmental or private controls over computer hardware or software, telecommunications infrastructure, or other essential components of the Internet.

Resilience and cooperation are built into the Internet as a design principle. The cooperation among several organizations has ensured that the impact on the Wikileaks organizational website has not prevented all access to Wikileaks material. This further underscores that the removal of a domain is an ineffective tool to suppress communication, merely serving to undermine the integrity of the global Internet and its operation.

Unless and until appropriate laws are brought to bear to take the wikileaks.org domain down legally, technical solutions should be sought to reestablish its proper presence, and appropriate actions taken to pursue and prosecute entities (if any) that acted maliciously to take it off the air.

1300: Confronted with suspicion that it was censoring discussion of Wikileaks, Twitter clarified how trends came to be on the popular microblogging site.

Sometimes a topic doesn't break into the Trends list because its popularity isn't as widespread as people believe. And, sometimes, popular terms don't make the Trends list because the velocity of conversation isn't increasing quickly enough, relative to the baseline level of conversation happening on an average day; this is what happened with #wikileaks this week.

Noon: PayPal, Visa and Mastercard say their core networks are operational although acknowledge attacks against their public websites are having an impact. PayPal's official social media website thepaypalblog.com is again down. Anonymous (AnonOps), the group coordinating the "Operation: Payback" attacks against the infrastructure of those aligned with the US Government, is itself offline.

0930: In taking down Visa, hackers appear to have done what Monica Lewinski, Mars Pathfinder and the World Cup couldn't do: overload the world's most sophisticated content distribution network, Akamai, Finnish anti-malware researcher Mikko Hypponen tweeted.