At midday on Friday 5 February, 2016 Julian Assange, John Jones QC, Melinda Taylor, Jennifer Robinson and Baltasar Garzon will be speaking at a press conference at the Frontline Club on the decision made by the UN Working Group on Arbitrary Detention on the Assange case.

Thursday, May 5, 2011

May 6 - Don't Leak to the Wall Street Journal's New Wikileaks Knockoff

Don't Leak to the Wall Street Journal's New Wikileaks Knockoff

By Adrian Chen, May 5, 2011 07:15 PM 
 
Don't Leak to the Wall Street Journal's New Wikileaks Knockoff 
The Wall Street Journal is trying to make a play for whistleblowers with its very own Wikileaks clone, SafeHouse. But SafeHouse is the opposite of safe, thanks to basic security flaws and fine print that lets the Journal rat on leakers. 

SafeHouse, which launched today to much fanfare, promises to let leakers "securely share information with the Wall Street Journal," by uploading documents directly to its servers, just like Wikileaks! But unlike Wikileaks, SafeHouse includes a doozy of a caveat in its Terms of Use:
"Except when we have a separately negotiated confidentiality agreement… we reserve the right to disclose any information about you to law enforcement authorities or to a requesting third party, without notice, in order to comply with any applicable laws and/or requests under legal process, to operate our systems properly, to protect the property or rights of Dow Jones or any affiliated companies, and to safeguard the interests of others."
So, go ahead and upload your explosive documents to SafeHouse. But if they publish a scoop based on your material and someone gets mad, they can sell you out to anyone for any reason, including the insanely broad one of safeguarding "the interests of others." (And Rupert Murdoch, who controls the paper, sure has a lot of interests!)
Although you might get outed by hackers before you're sold out to the cops. Despite the WSJ's assurances that the SafeHouse submission system is secure, it is "rife with amateur security flaws." Security researcher Jacob Appelbaum has been tweeting out a stream of holes he's spotted in SafeHouse's security. He calls the Journal's claim that people submitting documents can remain anonymous if they choose a "blatant lie". Appelbaum knows a thing about security: He's one of the chief developers of the anonymizing software TOR, which SafeHouse ironically recommends leakers use to help hide their identity. (Granted, Appelbaum has a horse in the race, since he's been a prominent Wikileaks volunteer.)

Bottom line, writes Appelbaum: "[The Wall Street Journal is] negligent and this is the wrong project to beta-test on an open internet."

Wikileaks has attracted its high-profile leaks because of its unequivocal promise to protect the anonymity of all leakers and its super-secure submission system. SafeHouse portrays itself as a similarly, um, safe space for leakers. In fact it offers threadbare protections and could sell you out on a dime. SafeHouse's only real similarity to Wikileaks is that both benefit megalomaniacal Australians.

By all means, call up Journal editors with a hot tip if you've got one. But leak to SafeHouse at your peril.

Source:

No comments:

Post a Comment