The New Yorker unveils Strongbox for anonymous tip sharing

May 15, 2013
0
The New Yorker unveils Strongbox for anonymous tip sharing

Media companies of all sorts enjoy tips from readers and others, some of them being small snippets of information that are more or less without consequence, and with others putting the tipster's job - or worse - at stake. As such, privacy and anonymity are of the utmost importance, and conventional messaging methods often fall short of providing it. Because of this, The New Yorker has implemented StrongBox.

Strongbox was created by Kevin Poulsen and the late Aaron Swartz, who committed suicide earlier this year after intense legal pressure following his JSTOR hacking debacle. It is an extension of DeadDrop, the code of which will be made open source and released for other companies and individuals to use. Unlike traditional methods for submitting tips and information, Strongbox aims to keep the tipster anonymous, and makes it so the recipient won't be able to determine from where the information comes.

The Strongbox system is both fairly simple and quite involved, with several steps happening between the sharing of the tip and access of the information on the receiving end. Tipsters have to access Tor in order to upload a file or message (which are encrypted using PGP), and will receive a randomly generated alias. The files are then shuttled off to a server that is isolated from the recipient's network and checked regularly by those with access.

If information has been received, the recipient downloads it via a VPN-connected laptop onto a flash drive, then decrypts the files on a secondary laptop running a live CD that is wiped with every restart using a second thumb drive containing the decryption keys. From there, the recipient can then return a message if desired via Strongbox, and the tipster can receive it by accessing the system using the randomly-generated alias that was assigned.

Poulsen talks about the project in his own write up, detailing how it was initiated and the work that went into it, mixed it with a personal perspective on the man himself and the weeks leading up to his untimely passing days after a launch date for the project had been set.

SOURCE: The New Yorker


Must Read Bits & Bytes