[liberationtech] Safer submission of content to news organizations

Fabio Pietrosanti (naif) lists at infosecurity.ch
Wed Jan 18 03:15:19 PST 2012 

On 1/18/12 1:18 AM, Jacob Appelbaum wrote:
> The submission system itself should probably be free software and
> hopefully not invented in house without third party review.

Given that the minimal security requirement are met, it's also important
to consider if you are going to have a bi-directional information
exchange between whistleblower and the group of analyst receiving
submission.

Most WB submission system are stateless, it means that are one-way-only
file-dropping system.

While this maybe ok for some context, it may represent a strong
limitating factor as it doesn't allow interaction between Whistleblower
and receivers of submitted data.
Example:
- The WB submit document X, the receiver consider this information
valuable, but not enougth to be considered trusted.
- The receiver need to ask to the WB if he have also the document Y
(related to X) as it would represent a proof of the fact.
If there's no way to have a bi-directional, data-submission-centric,
communication channel among the parties you'll loose the opportunity to
get other data.

On that GlobaLeaks WB model it's currently implemented (even if 0.2
release will go under a major rewrite):
  - exchange messages between receivers of submission and whistleblower
  - whistleblower can add new files, comments
  - whistleblower is given the ability to see statistics of who (of the
receiver group) downloaded the information

Other important elements to be considered while discussing about it is:
Which is the workflow of received data analysis?
- does the fact-checking methodology is defined and formalized?
- which fact-checking methodology are you using?
- are you using a tool to facilitate group-based fact-checking
methodologies?
- Does the fact-checking tool cooperate with submission system?

Additional elements to be considered is Whistleblower awareness are:
- Are you proposing multiple submission anonymity level (for example
fully anonymous via or partially anonymous via tor2web) ?
- Do you make whistleblower aware of his anonymity condition?
- do you formally state which are you submission handling policies and
data retention policies?

-naif

More information about the liberationtech mailing list