Slashdot Mirror
Swartz-Designed Whistleblower Tool "SecureDrop" Launched
An anonymous reader writes in with word of a new tool for whistleblowers: "The 'strongest-ever' whistleblowing tool for sources to speak anonymously with journalists, partly developed by the late Reddit co-founder Aaron Swartz, has been launched by the Freedom of The Press Foundation. Before his suicide in January 2013, Swartz had been working on a tool for sources to anonymously submit documents to journalists online, without using traceable email and in a way that could be easily catalogued by news organisations. Called SecureDrop, the tool can be installed on any news organisation's website as a 'Contact Us' form page. But where these pages usually require a name and email address, the encrypted SecureDrop system is completely anonymous, assigning the whistleblower two unique identifiers - one seen by the journalist, and one seen by the whistleblower. These identities stay the same, so a conversation can be had without names being shared or known."
They can still narrow it down to the nearest post office or mailbox or courier depot where you drop off the package. Last time I talked to the courier, they are keeping records of 2 years. There is also the usual fingerprints etc they can collect from the letter assuming if they find the actual package.
I think you're thinking of Michael Hastings, not Aaron Swartz.
Aaron's car never blew up. He hung (hanged?) himself. You're likely thinking of Michael Hastings, who died recently under circumstances that are closer to what you're describing.
Looks like with PGP & Tor, & USB Keys. It's detailed here. https://github.com/freedomofpress/securedrop/blob/master/docs/user_manual.md
Source code seems to be available online here. A quick look at the User Manual indicates that all communication is routed via tor which raises the bar for tracing connections significantly.
09F91102 no, 455FE104 nope, F190A1E8 uh-uh, 7A5F8A09 that's not it, C87294CE no. Ah! 452F6E403CDF10714E41DFAA257D313F.