Here's a link to the archived thread with the Silverman post:
https://archive.4plebs.org/pol/thread/179647411/#179647703
(search 'wikileaks jbppa')
That email is damning–it's one of the best examples of collusion between the media and the HRC campaign I've seen. Inviting reporters to dinner is one thing, but that email has a) a preferred format for stories, b) a schedule for rolling them out, c) names named for maximizing impact (ie, release stories at this time so Andrea Mitchell can comment on them on her show a little later).
But what was used to find that isn't a password–it was something associated with a BV (maybe part of his/her username or trip code). Maybe the BV had seen the email before and decided to incorporate it into their name–it's an important one and should be brought to the public's attention.
I've attached a .pdf that describes the F5 algorithm. Here's some example code that someone else put up:
https://github.com/matthewgao/F5-steganography/blob/master/crypt/F5Random.java
Digging through that code, it seems to rely on sun.security.provider.SecureRandom to hash the password:
https://hg.openjdk.java.net/jdk7/jdk7/jdk/file/tip/src/share/classes/sun/security/provider/SecureRandom.java
Interestingly, one of the error types is a "NoSuchAlgorithmException" → NSAException
Maybe the NSA developed the pseudo random number generator for Sun Microsystems? That would be interesting, to say the least.
Anyway, that's a compilation of things I've found thus far. There is work going on at /VQC that may help somehow, but at the moment we're being taught how to deal with RSA. Maybe we'll be able to extend those teachings to this somehow…but it will take some time, as this is an entirely new way of looking at things for most (or all) of us.