Greenwald in a Box – (Glen Greenwald don't know about that, is just a joke) – Today goals

View Github Repository Open presentation in a new window

globaleaks

See all presentation from globaleaks

Greenwald in a Box – (Glen Greenwald don't know about that, is just a joke) – Today goals

0 1

globaleaks.github.io

HTML presentation repository, indexed automatically in https://globaleaks.github.io

On Github globaleaks / globaleaks.github.io

Greenwald in a Box

(Glen Greenwald don't know about that, is just a joke)

An Experiment by Hermes Center to make every journalist able to receive anonymous tip-off from sources.

press ESC to display slide tree

The Vision

  • Every potential source will find themself confident to speak with a journalist: this will broke the wall of silence
  • Digital communication is the proper media to start this cooperation: this will increase the outreach
  • Internet traffic is heavily monitored: this is why you need a specific technology (GlobaLeaks)
  • A lot of persons can be sources even if not being an Edward Snowden: just sometime they don't know that something they now is of real public interest until your article arrive.

Today goals

  • Explain what GlobaLeaks can do (functionalities, security)
  • Register yourself on the system
  • Display some promotion idea

Basis

  • Source has to connect to a dedicated site (a link or a button is required in your blog, or has to be shared in other ways)
  • Exist some administrators of the system (Experiment driver for the first months *): they are not able to see the data that is exchanged **, and who accesses the node.
  • The journalist (as Receiver) has to put a validation effort, sometime it is just used a investigative lead.
  • Thanks to the platform a bi-directional communication is enstablished with the anonymous source, through a receipt code.
* This experiment will last only 6-9 months if no other organisation will take the lead ** When end-to-end encryption will be in place; at the moment you will need to setup a PGP key.

Functionalities

  • Configurable questionnaire: the quality of the tip-off increase drastically
  • Multiple Journalists can be involved (In this experiment, only one)
  • Platform inclusion on your blog or media website: easier follow up from readers.
  • Data retention policy force to keep a clean server.

Security: Exposed online only via Tor Darknet hidden service

  • Nobody can track where the server location is. (location privacy)
  • The server don't know who is contacting it. (access privacy)
  • Cannot be censored.
  • Requirement: users need Tor Browser. Exception: in order to increase outreach, we developed Tor2Web, a proxy service between Internet and the Darknet.

Security: Anonymity vs confidentiality

Also using Tor2web keep the content anonymous, and tip-off submitted unlinked from the source

but in theory someone can see that an encrypted connection has been performed to the proxy service.

In security you always assume the worst case scenario, so we call these submissions Confidential Submission instead of Anonymous Submissions

Encryption

Current: if you upload your PGP key, only the users able to decrypt that PGP will read the submitted files.

And nobody other: nor the admin, nor the source itself.

In two months: the same above, without effort from your side: implementing PGP inside the application will reduce the effort for users.

Did you remember how Greenwald and Snowden started ? we want avoid that the same will happen again.