Blowing Whistles

  • 1 September 2011

If you were a whistleblower, what would you do to deliver your data to the public without exposing your identity? Let’s assume that you know some secrets about a Mexican drug cartel, so you have some extra motivation to stay anonymous. Where would you turn to?

  • Contact the media – nice idea, but maybe the media is afraid, too. Or there are spies among the ranks of editors.
  • Contact WikiLeaks – sounds pretty straightforward, but what about their promises about protecting whistleblowers and their reluctance to share information how they protect the sources?
  • Contact OpenLeaks – the new kid on the bloc; shares the word Leaks with WikiLeaks, promises to be more open, but isn’t quite open, only a bit. Apparently has destroyed leaked information for protection of sources (but then again it might not have done this at all).
  • Contact a government – this is the classical approach. True, the police of many countries always looks for anonymous sources depositing hints, but given their refusal to allow anonymity, pseudonymity and privacy, this is probably just bait and you are the catch of the day.
  • Contact Anonymous – splendid idea, but Anonymous is an idea, not a well-defined group. You might as well publish your leak on your blog or web site.
  • Try to leak the information yourself by anonymity services – that’s a start, but that’s not a sound plan. Let’s assume your know how to use TOR or Mixmaster remailers. What’s next? You have to send your information somewhere. Even if you run a hidden TOR service, you have to tell someone about it. Who is this someone? If you don’t know, you have a problem. You could hide the information and hope that someone finds it. This is also not very targeted.

Right now the options are very limited. Given the fights between WikiLeaks and the media or with OpenLeaks you options might be fading quicker than a candle in a snowstorm. Your best bet might be a platform such as Cryptome which does what WikiLeaks does quite a bit longer. Then again some of the possibilities above might work for you. Don’t forget to use your mind. As Cryptome puts it: „Recall that Cryptome never claims trustworthiness, authenticity or security, those can be done only by the citizen-user-consumer-believer, if at all. Expect to be deceived.“

A leak might not be a leak, and a „lost“ password might not been lost by accident. Time will tell.


Sorry, the comment form is now closed.