[liberationtech] Safer submission of content to news organizations
Moritz Bartl
moritz at torservers.net
Tue Jan 17 10:06:17 PST 2012
On 17.01.2012 18:15, Moritz Bartl wrote:
> On 17.01.2012 17:39, Martyn Williams wrote:
>> The goal isn't anonymity like Wikileaks - that brings a heap of
>> editorial problems with it - but making it harder for tracking to link
>> person A with news organization B.
> That IS anonymity.
Sorry, that probably was a too brief (and thus wrong) answer. I don't
have much time right now, and will contact you in private to discuss
this some more, but to fix that statement: In communication networks, if
you want to avoid tracking/linking of user to service, you need
anonymity ("non-traceability") of that network traffic. That is
independent of whether the user gives away some identity "on top of"
that connection.
> Should they set up a dedicated server, rely on a cloud service, use a
> certain type of encryption, base it on a particular technology, etc
> etc?
No matter what partner a media outlet uses, they have to trust the
operator of it to not intercept (or be forced into intercepting)
communication. This is the reason why I would recommend to run these
kind of services in-house, encrypt the drives of the server, and make
sure to communicate to users how they can make sure they're talking to
the right server (say, for example, the ability to compare HTTPS
certificate fingerprints).
--
Moritz Bartl
https://www.torservers.net/
More information about the liberationtech
mailing list