On 30/04/15 22:05, Rohan McLeod wrote:
Russell Coker wrote:
On Wed, 29 Apr 2015 04:39:01 AM Andrew McGlashan wrote:
On 28/04/2015 1:43 PM, Rohan McLeod wrote:
......snip But it did prompt the question suppose an ombudsman wanted to set up a secure drop box for "IT-naive whistleblowers", is it feasible ? and how could the whistleblower be certain of that anonymity ?
http://www.thesun.co.uk/sol/homepage/news/6429126/The-Sun-Whistleblower-C
harter.html Rather amusing to see a Murdoch paper railing against phone hacking. They had an 'important scoop about cabinet minister Andrew Mitchell calling cops “f***ing plebs”'. Seriously? We have lies about multiple wars, and lots of other serious issues and a profane MP is an "important scoop"?
That said it's good that the publish information about using Tor, the people who read The Sun aren't going to be attending LUG meetings etc so it's their best chance to learn about such things.
https://projects.newyorker.com/strongbox/ I agree that the New Yorker is probably a better option in most cases. But if you have evidence of a dodgy MP doing something stupid that a tabloid can harass them about then The Sun is a good option.
Reading these links the technology seems pretty much the same ie. using a secure anonymous brouser ( Tor) to; access an otherwise invisible website.The problem / possibility which I was hoping to highlight by referencing "ombudsmen" was the much wider appllication.of such technology beyond merely protecting newspaper sources; eg. Police internal affairs; oversight of intelligence organizations, public scrutiny of large commercial organizations, etc.
1/ The first problem is does this technology actually guarantee the anonymity of the whistleblower ?; tor/tails is currently the best option for a "naive" user to become anonymous it has its problems but its the best we currently have. (low-latency anonymity is a hard problem or actually anonymity in general is a hard problem when facing a state actor )
2/ How can an 'IT naive' whistleblower be certain of this ? they would need to do a little research. the only good thing the .au govs data retention policy has achieved is it has made a lot of regular "naive" users at least aware of the current options. because one can see in the case of Edward Snowden and the tragic case of Chelsea Elizabeth Manning; (born Bradley Edward Manning) these people are actually putting their lives on the line Ed outed himself by choice for his reasons. chelsea outed herself by telling a a person she really shouldnt have told what she did. in her case i really think she would have remained anonymous had she had kept quiet.
3/ If it does; is it accessible to IT naive sources because apart from the question of ease of use one doesn't, want to provide even this information about a whistleblower. ideally you wouldnt want one 2 one this information over open channels, but have a how to access on a public site someplace so you are not flagging them. Currently using your use case of police corruption if they called or emailed the PIC they are potentially already outed due to data retention. hence it would be optimal to have a how to give anonymous tips in a very public place.
4/ A second problem, should the technology actually allow the possibility of secure anonymous dropboxes/ suggestion boxes; is their use by 'black-hats'; to use the example of Police Internal Affairs corrupt officers or criminals could use the system to safely spread disinformation. This suggests the information from such drop-boxes could never be used , in a court of law although it could reference information that can. eg a police department was supposed to have destroyed certain files and hadn't
dropboxes would normally be more like an "anonymous tip from a payphone" that would lead to verifiable data that could be used in court. not the be all and end all of a case.
regards Rohan McLeod
_______________________________________________ luv-talk mailing list luv-talk@luv.asn.au http://lists.luv.asn.au/listinfo/luv-talk