The New Yorker launches anonymous dead-drop tool
Posted on 16 May 2013.
Popular U.S. magazine The New Yorker has made available for its potential sources an anonymous dead-drop tool that allows them to send and receive messages and files to the publication's journalists without revealing their actual identity.

It's called Strongbox, and is only accessible using the Tor network.

The tool is based on DeadDrop, an open source software written mostly by the late Aaron Swartz and finally brought into the light by security expert James Dolan and a few of its colleagues.

"When you visit or use our public Strongbox server at http://tnysbtbxsf356hiy.onion, The New Yorker and our parent company, Condé Nast, will not record your I.P. address or information about your browser, computer, or operating system, nor will we embed third-party content or deliver cookies to your browser," says The New Yorker's "privacy promise".

"Strongbox is designed to be accessed only through a 'hidden service' on the Tor anonymity network, which is set up to conceal both your online and physical location from us and to offer full end-to-end encryption for your communications with us. This provides a higher level of security and anonymity in your communication with us than afforded by standard e-mail or unencrypted Web forms," it explains, but warns that the tool does not provide perfect security.

"Among other risks, if you share your unique code name, or if your computer is compromised, any activities, including communications through Strongbox, should be considered compromised as well."

DeadDrop is free software that can be modified and used under the terms of the GNU Affero General Public License v3 or any later version, so we can expect other media or whistleblower sites to implement it.

According to the documentation that goes with it, to use DeadDrop you must have three servers: a public-facing server, a second server for storage of messages and documents, and a third that does security monitoring of the first two.









Spotlight

Emerging cloud threats and how to address them

Posted on 15 September 2014.  |  Public and community clouds can be appealing targets for hackers looking to disrupt or steal information from scores of organizations with one successful strike. Here are some emerging security threats and issues cloud providers and their clients should be aware of.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Sep 16th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //