Digital strongboxes won’t solve whistleblower problem for journalists
Network World - 05/22/2013
Following the news last week that the Department of Justice had secretly obtained records of phone calls made by the Associated Press in an attempt to find an information leak, the New Yorker magazine launched an online scheme to receive sensitive documents and preserve the identity of their sources.
The service, called Strongbox, is based on a project developed by Kevin Poulsen, a Black Hat hacker turned magazine editor, and Aaron Swartz, who took his own life in January after an aggressive prosecution of his digital activities by the DOJ.
Strongbox is an elaborate system involving Tor, a network designed to preserve the anonymity of its users; multiple computers; multiple thumb drives and PGP encryption. While the Byzantine arrangement provides strong protection of the identity of a source, it removes an important element in the process: authentication.
“When you’re dealing with anonymous sources, they’re not anonymous to you; you know who they are,” Dan Kennedy, an assistant journalism professor school at Northeastern University, said in an interview.