On Fri, 1 May 2015, Rohan McLeod <rhn@jeack.com.au> wrote:
Reading these links the technology seems pretty much the same ie. using a secure anonymous brouser ( Tor) to; access an otherwise invisible website.The problem / possibility which I was hoping to highlight by referencing "ombudsmen" was the much wider appllication.of such technology beyond merely protecting newspaper sources; eg. Police internal affairs; oversight of intelligence organizations, public scrutiny of large commercial organizations, etc.
1/ The first problem is does this technology actually guarantee the anonymity of the whistleblower ?;
http://linuxers.org/article/browser-fingerprinting-technique-identify-users- without-using-cookies That depends on the implementation. If someone uses a regular web browser with tor instead of torbrowser then their combination of OS, fonts, browser version, screen resolution, etc probably narrows it down a bit. If the authorities already have a list of a few hundred people who could have blown the whistle that is likely to identify the person. The above URL has some background information.
2/ How can an 'IT naive' whistleblower be certain of this ? because one can see in the case of Edward Snowden and the tragic case of Chelsea Elizabeth Manning; (born Bradley Edward Manning) these people are actually putting their lives on the line.
They can't. But it's better than nothing. Also in regard to browser fingerprinting that restricts it to just the news source, so it's a matter of whether you trust the integrity of the news organisations to not to store data for fingerprinting (don't trust Murdock) and whether you trust their ability to keep the authorities out of their servers.
4/ A second problem, should the technology actually allow the possibility of secure anonymous dropboxes/ suggestion boxes; is their use by 'black-hats'; to use the example of Police Internal Affairs corrupt officers or criminals could use the system to safely spread disinformation. This suggests the information from such drop-boxes could never be used , in a court of law although it could reference information that can. eg a police department was supposed to have destroyed certain files and hadn't
I think that if the police wanted to keep data instead of destroying it then they would just do so. They could rent or build entire data centers for storing such data and no-one would stop them. -- My Main Blog http://etbe.coker.com.au/ My Documents Blog http://doc.coker.com.au/