On 30/04/15 22:05, Rohan McLeod wrote:
Russell Coker wrote:
On Wed, 29 Apr 2015 04:39:01 AM Andrew McGlashan
On 28/04/2015 1:43 PM, Rohan McLeod wrote:
> ......snip But it did prompt the question suppose an ombudsman
> wanted to set up a secure
> drop box for "IT-naive whistleblowers", is it feasible ? and how could
> the whistleblower be certain
> of that anonymity ?
Rather amusing to see a Murdoch paper railing against phone
an 'important scoop about cabinet minister Andrew Mitchell calling cops
“f***ing plebs”'. Seriously? We have lies about multiple wars, and
other serious issues and a profane MP is an "important scoop"?
That said it's good that the publish information about using Tor, the
who read The Sun aren't going to be attending LUG meetings etc so
best chance to learn about such things.
I agree that the New Yorker is probably a better option in most
cases. But if
you have evidence of a dodgy MP doing something stupid that a tabloid
harass them about then The Sun is a good option.
Reading these links the technology seems pretty much the same ie.
using a secure anonymous brouser ( Tor) to;
access an otherwise invisible website.The problem / possibility which
I was hoping to highlight by referencing
"ombudsmen" was the much wider appllication.of such technology beyond
merely protecting newspaper sources;
eg. Police internal affairs; oversight of intelligence organizations,
public scrutiny of large commercial organizations, etc.
1/ The first problem is does this technology actually guarantee the
anonymity of the whistleblower ?;
tor/tails is currently the best option for a
"naive" user to become
anonymous it has its problems but its the best we currently have.
(low-latency anonymity is a hard problem or actually anonymity in
general is a hard problem when facing a state actor )
2/ How can an 'IT naive' whistleblower be
certain of this ?
they would need to do a little research. the only good thing the
govs data retention policy has achieved is it has made a lot of regular
"naive" users at least aware of the current options.
because one can see in the case of Edward Snowden and
the tragic case
of Chelsea Elizabeth Manning;
(born Bradley Edward Manning) these people are actually putting their
lives on the line
Ed outed himself by choice for his reasons.
chelsea outed herself by telling a a person she really shouldnt have
told what she did. in her case i really think she would have remained
anonymous had she had kept quiet.
3/ If it does; is it accessible to IT naive sources because apart from
the question of ease of use one doesn't,
want to provide even this information about a whistleblower.
ideally you wouldnt
want one 2 one this information over open channels,
but have a how to access on a public site someplace so you are not
flagging them. Currently using your use case of police corruption if
they called or emailed the PIC they are potentially already outed due to
data retention. hence it would be optimal to have a how to give
anonymous tips in a very public place.
4/ A second problem, should the technology actually allow the
possibility of secure anonymous dropboxes/ suggestion boxes;
is their use by 'black-hats'; to use the example of Police Internal
Affairs corrupt officers or criminals could
use the system to safely spread disinformation. This suggests the
information from such drop-boxes could never be used ,
in a court of law although it could reference information that can.
eg a police department was supposed to have destroyed certain files
dropboxes would normally be more like an "anonymous tip from a payphone"
that would lead to verifiable data that could be used in court. not the
be all and end all of a case.
regards Rohan McLeod
luv-talk mailing list