WikiLeaks unveils updated anonymous data submission system
WikiLeaks prides itself on bringing information to public attention that might otherwise stay hidden. In order to get this information out in the open, the organization is reliant on a wide range of sources. The sort of stories which WikiLeaks deals with would often not come to light if those breaking the stories could not be guaranteed anonymity.
A few days ago the Sun newspaper revealed that it was using SecureDrop as a way for people to give anonymous tips about stories, and it was touted at the time as being a WikiLeaks-style tool. Now Julian Assange has announced that WikiLeaks has upgraded its own submission tool to offer even greater security.
Currently running in beta, version 2.0 of the WikiLeaks submission tool is accessible via Tor, just like SecureDrop. Unlike SecureDrop, however, WikiLeaks offers an extra level of security. Rather than forcing would-be submitters to scour the site looking for submission instruction -- something which could be used as evidence against someone -- full bootstrap instructions are included on numerous WikiLeaks pages:
The fact that a source is looking at instructions that are telling them how to submit material could be used as evidence against them if there is an SSL key break. To prevent this, we deploy the full bootstrap instructions and keys on millions of WikiLeaks pages across our full server network. When the "Submit" button is pressed, there is literally zero network traffic as a result, because all these details are downloaded everytime anyone looks at nearly any page on WikiLeaks. We cover the source bootstrap process with our millions of page views by readers.
To help with the processing and verification of any data that is submitted, the system includes an encrypted chat feature. Assange says that "the 2.0 public-facing submission system is an important new method in our arsenal."