We wonder what effect, if any, the suspension of the WikiLeakS.org PayPal button will have on their funding, whilst they are still offline, pleading for money.
The current WikiLeakS.org web page (Saturday 23rd January 2010) :
Support us financially
Pay by credit card or PayPal worldwide
Note the PayPal graphic, but not one actually locally hosted on the WikiLeakS.org web servers ! See below.
Paypal has as of 23rd of January 2010 frozen WikiLeaks assets. This is the second time that this happens. The last time we struggled for more than half a year to resolve this issue. By working with the respected and recognized German foundation Wau Holland Stiftung we tried to avoid this from happening again -- apparently without avail.
We are working on resolving this issue as fast as possible. Please use our bank accounts for direct transfer in the meantime, or contact wl-donations@sunshinepress.org for any further questions.
WikiLeaks is not the only non-profit organization with this problem. This is a regular occurrence, that from our perspective should not be tolerated by the global community using this payment system.
PayPal usually suspends non-profit organisations, because PayPal have to comply with local taxation laws involving the tax exempt status of such organisations, and with the world wide anti-money laundering red tape and bureaucracy.
You end up having to send them details of your charitable status, or, failing that, proof that you have a bank account in the name of your group etc.
WikiLeakS.org have "web bugged" most of their home page visitors
WikiLeakS.org proudly boasts that none of the identities of any of their whistleblower sources have been compromised. We have always been critical of their much more lackadaisical approach to the anonymity of the web site visitors, who may be just curious or who may be informed analysts who have the knowledge and experience to comment intelligently on the whistleblower leak documents - some of these people need to preserve their anonymity from snoopers, just as much as whistleblowers do.
Such visitors to the website home page will almost certainly also include the actual whistleblowers themselves, at some point before, during or after, they upload their potentially sensitive documents.
What then, were the WikiLeakS.org web team thinking of, by using a PayPal image which is hosted on a Canadian angling supplies website called www.alainfishing.com ?
"Fishing" for PayPal donations is going to make quite a few people wonder if this is a "phishing" scam.
Looking at some of the current WikiLeakS.org home page HTML source code, they appear to have commented out their PayPal link to the Wau Holland charitable foundation in Germany, but they are deep linking (for no good reason) to a PayPal web graphic, hosted on a third party website, a Canadian sports angling website which sells brightly coloured fishing bobs
<p> <b>Pay by credit card or PayPal worldwide</b><br>
<img src="http://www.alainfishing.com/en/images/paypalIcon.gif"><!--- <form action="https://www.paypal.com/cgi-bin/webscr">
<input type="hidden" name="business" value="vorstand@wauland.de">
<input type="hidden" name="cmd" value="_donations">
<input type="hidden" name="hosted_button_id" value="9801043">
<input type="hidden" name="currency_code" value="USD">
<input type="hidden" name="item_name" value="WikiLeaks donation">
<input type="hidden" name="lc" value="en">
</p>
<p>Message with your donation:</p>
<p> <input type="text" name="item_number" value="">
</p>
<p>Enter amount:<br />
<select name="currency_code">
<option value="USD">USD
<option value="EUR">EUR
<option value="GBP">GBP
<option value="CAD">CAD
<option value="AUD">AUD
<option value="NZD">NZD
<option value="SEK">SEK
<option value="DDK">DDK
<option value="NOK">NOK
<option value="CHF">CHF
<option value="HKD">HKD
<option value="HUF">HUF
<option value="ILS">ILS
</select>
<input type="text" name="amount" style="width: 4em; text-align: right;" value="25.0"><br />
</p>
<p> <input name="submit" type="submit" style="margin-top: 1em;" value="Choose payment type"><br />
<span style="font-size: smaller;">(PayPal, VISA, Mastercard and more accepted)</span>
</form>
</p>--->
This effectively means that the web server log files of www.alainfishing.com, are now tracking most of the visitors to the WikiLeakS.org web page - in effect WikiLeakS.org have web bugged their own supposedly anonymity protected website.
This potentially compromises the anonymity of the vast majority the WikiLeaKS.org home page visitors, regardless of whether they are interested in PayPal or not, and anyone foolish enough to try to submit a whistleblower leak at the moment, without any timescale of when or if it will ever be published by the (suspended) WikiLeakS.org project.
This "web bug" effect also applies to the embedded YouTube Video of the Berlin 26C3 conference speech. (see WikiLeakS.org presentation at 26C3 - will Iceland become a WikiLeakS.org Publishing Data Haven ?).
A link to YouTube or, if they ever get it working again, to PayPal, should be illustrated with a local copyof the graphic, hosted on the WikiLeakS.org web servers , which supposedly do not keep log files.
Such links should also carry an "anonymity health warning", that clicking on them will make a connection with an external website, over which WikiLeakS.org have no control, and which will leave detectable electronic footprints.
Recent Comments