Slashdot Mirror

← Back to Stories (view on slashdot.org)

Using Technology to Protect Anonymous Sources?

Posted by Cliff on from the empowering-the-4th-estate dept.

A not-so Anonymous Anonymous Coward asks: "The New York Times has a story describing how newspapers are looking for new ways to hide the identities of anonymous sources from prosecutors. This seems like a something the Slashdot crowd might know something about. How can a newspaper setup an IT system that completely hides every trace (including emails, phone calls notes, logs and so forth) of an anonymous source's identity?"

4 of 450 comments (clear)

  1. Re:anonymous remailers? by learn+fast · · Score: 2, Informative

    You may be thinking of anon.penet.fi. Was popular on usenet while it lasted.

  2. FreeNet by cryptelligence · · Score: 2, Informative

    The safest and most anonymous protocol I've seen is Freenet. If anyone was lucky enough to see the Freenet presentation at DEFCON, they illustrated how a message could theoretically be sent over a trusted social network, location-independent and subsequently anonymous. The theory proposed that instead of a massive random anonymous freenet node network, Freenet would begin to integrate normal human-like social networks, allowing users to "validate" the identity of other users without compromising anonymity (Somewhat like a PGP-key signing party). Each user would pick a random number, and based on their social network of trusted friends, their number would be switched with other users, giving the illusion of proximity. Not only was the proposed theory location-independent, they also illustrated how a man-in-the-middle attack couldn't happen without being completely obvious (In the presentation, it was illustrated that a message to a false "John Kerry" would take a large and noticable amount of hops (if the message got there at all) because "John Kerry" doesn't have a normal social network that would be apparent with a prominent political figure). Of course, I do see how this method could possibly be vulnerable (As we all know how easy social engineering can be): A) A "trusted" person who is being used as a hop point could intercept the message and compromise security. (A risk you take when trusting friends, and friends-of-friends) B) The message sender or receiver could be compromised, and a person could theoretically follow the chain of hops to the other party involved.

  3. Re:Regarding Portable HDs by Petrushka · · Score: 2, Informative

    How 'bout a country that had 13 of it's citizens drive planes into two of our office buildings?

    That one seems to be beyond our reach...

    I take it you mean Saudi Arabia? You know, the one that has US military bases plastered all over it?

  4. Martus by christefano · · Score: 2, Informative

    I'm surprised that nobody has mentioned Benetech's Martus, a free, open source and multi-platform for encrypting and anonymously distributing information about human rights violations.

    Why can't the news media use something like this?

    Frankly, I'm even more surprised that nothing turned up when I searched /. to see if anyone had mentioned Martus in the past.