Sunday, June 15, 2014

Secure Platform for Whistleblowers Launched

The Guardian, a UK-based newspaper known for publishing leaks from Edward Snowden, has launched a secure platform for whistleblowers that enables them to securely submit confidential data to the reporters. A year ago the Guardian posted the first of a series of NSA documents leaked by Snowden, which sparked a worldwide debate on surveillance and civil liberties.

Screen_Hunter_03_Jun_08_15_10.jpg

A number of free speech and privacy groups and popular websites are also marking the day with a so-called Reset the Net campaign. They encourage Internet users to do something to secure their privacy on the Internet. In addition, some tech firms are also expected to announce new steps to protect users’ privacy.

The new SecureDrop open-source whistleblowing platform allows those who want to remain anonymous to submit files and data while avoiding online tracking. The platform combines the use of the well-known anonymizing technology (Tor network) and the Tails OS, which was used by the reporters to work on the NSA files leaked by Edward Snowden.

A number of outfits, including The New Yorker, the US non-commercial investigative newsroom ProPublica, and The Intercept startup, are already making use of the SecureDrop system, which was originally developed by a computer genius Aaron Swartz. The latter is known for committing suicide last year after facing pressure from the law enforcement for the mass downloading of academic articles. SecureDrop was finished after his death, and since then has been maintained and promoted by the non-commercial Freedom of the Press Foundation.

The Guardian announced that the page for requests on using the system is hosted on a separate server, includes no tracking cookies, and records no logs. In the meantime, regular Guardian webpages use tracking cookies to serve advertising. SecureDrop system is installed outside of the United Kingdom, as the UK government applied pressure to the Guardian, forcing the news organization to relocate its reporting on the files to the US.

The system was given an extensive security audit by a team of cryptographers a year ago and then updated to address the Heartbleed security vulnerability. However, SecureDrop specifically doesn’t promise 100% security, because its developers admit that there are always risks. Along with just sending classified content to the journalists, the system also allows for subsequent secure two-way communication between sources and reporters.

No comments:

Post a Comment