Recently in Hints and Tips Category

Introduction

|

Over the years, Spy Blog has been the willing and sometimes unwilling, recipient of various confidential secrets, some of which we have been asked to pass on anonymously to the mainstream media or to the appropriate government authorities.

This mini-blog splits up, and slightly greatly expands, what had become a rather long and cumbersome single Spy Blog posting Home Office whistleblowers - hints and tips, originally published in May 2006.

This was prompted by the whistleblower leaks to the media, and by appeals for further such leaks by political bloggers, regarding the appalling state of the Home Office, especially the scandals over Prisons and the inept non-deportation of foreign prisoners etc.

This lead to the resignation of one Labour Home Secretary Charles Clarke and the description of the Home Office, by his equally incompetent and repressive Labour successor John Reid as being "dysfunctional and not fit for purpose".

The later, scandalous arrest and searches of the then Conservative front bench immigration spokesman (now a Home Office Government Minister) Damian Green MP's home, constituency and Parliamentary offices, and the Home Office whistleblower Christopher Galley, in 2008 and their subsequent vindication in 2009, show how the civil service bureaucrats and the Labour politicians currently power, like to spuriously invoke "national security", when they are really trying to suppress purely political scandals, for which they are to blame, from being made public.

All well and good, but many of the whistleblowers, investigative journalists, bloggers and activists etc. are not very skilled at protecting the anonymity of their whistleblower or journalistic sources, especially when using today's computer and mobile phone technology.

Even where a whistleblower knows that they will eventually have to go public, there is often a crucial time period during which they want or need to protect their anonymity.

It is scandalous that we should even need to think about the same sort of techniques which are needed by people living under repressive dictatorships, when we live in a supposed "liberal western democracy" here in the United Kingdom, but unfortunately these internationally applicable practical hints and tips, are becoming increasingly necessary.

If you are leaking information to the press or broadcast media or to higher management in companies and organisations, or to external regulatory bodies, they all invariably need some documentary proof of what you are telling them, e.g. a document or memo or advance copy of a report, or photographic images or an email. etc.

Hopefully the following technical (and common sense) hints and tips will make you think about whether you are properly protecting yourself or your anonymous sources, given the complexity and power of modern communications and the means to snoop on them.

This is an ongoing Work in Progress, and some of the sections are placeholders, with further details to follow, if people are interested, or wish to contribute.

Please feel free to comment on the individual blog postings with error corrections or other suggestions.

Table of Contents

|

Table of Contents - updated 20 June 2020

  1. Whistleblower Anonymity limits

  2. Mole Hunts

  3. Surveillance threats to bloggers, investigative journalists and political activists

  4. Technical ineptitude - the "bomb Al-Jazeera memo" leak

  5. Trustworthy Contacts for Whistleblowers ?

  6. Whistleblower middlemen, intermediaries, cut outs

  7. What to do if you are arrested as a whistleblower

  8. Secure computer configuration checklists and scripts etc.

  9. Email and Encryption

  10. Web Bugs and Read Receipts in Emails and Attachments

  11. Telephones - Pay Phone Boxes and Private Landlines

  12. Mobile Devices - WiFi

  13. Buying a pre-paid phone card or mobile top up calling credit voucher anonymously

  14. Burner Phones - rarely used properly - Compartments may be good enough

  15. Mobile Phones and Wireless PDAs

  16. Signal Messenger - End to End Encrypted App

  17. Voice over IP and Communications Traffic Data Retention

  18. Fax Machines

  19. Photocopiers, Printers and Paper

  20. Shift PrtScr - Screen Dumps and photos of Computer Screens

  21. Electronic Document Files

  22. Photo Image Files

  23. CD-ROMs and DVDs and USB flash memory media

  24. Hard disk and USB Memory device Encryption

  25. File deletions

  26. Physical Meetings

  27. GPS satnavs and interactive web maps

  28. Dead Letter Drops and Geo Caches

  29. Covert Channel Signals for Meetings or Dead Letter Drops

  30. Postal mail and Courier services

  31. WikiLeakS.org - - no longer functioning for normal whistleblowers

  32. LeakDirectory.org wiki

  33. Tor - The Onion Router cloud of proxy servers

  34. Open Proxy Servers

  35. Virtual Private Networks

  36. Web Browser software anonymity

  37. Do not try to handle two whistleblowers at once on the same phone or email account

  38. Don't betray your sources through financial expense claims or payment authorisations

  39. Common Mistakes

  40. Conclusion

  41. Further Reading

About this blog

We know that there are decent, honest, trustworthy individual politicians, civil servants, law enforcement, intelligence agency personnel and broadcast, print and internet journalists etc., who often feel powerless or trapped in the system. They need the assistance of external, detailed, informed, public scrutiny to help them to resist deliberate or unthinking policies, which erode our freedoms and liberties.

Some of these people will, in the public interest, act as whistleblowers, and may try to leak documents or information to the mainstream media, or to political blog websites etc.

Here are some Spy Blog "Hints and Tips", giving some basic preecautions, and some more obscure technical tips, which both whistleblowers, journalists, and bloggers need to be aware of, in order to help preserve the anonymity of whisteleblowing or other journalistic sources, especially in the United Kingdom, but applicable in other countries as well.

Whistleblower anonymity may not always be possible, or even necessary, forever into the future, but it is usuially crucial during at least the early stages of a "leak", whilst it is being evaluated by others, to see if it merits wider publication and publicity.

Email & PGP Contact

Please feel free to email your views about this blog, or news about the issues it tries to comment on.

blog@spy[dot]org[dot]uk

Our PGP public encryption key is available for those correspondents who wish to send us news or information in confidence, and also for those of you who value your privacy, even if you have got nothing to hide.

pgp-now.gif
You can download a free copy of the PGP encryption software from www.pgpi.org
(available for most of the common computer operating systems, and also in various Open Source versions like GPG).

We look forward to the day when UK Government Legislation, Press Releases and Emails etc. are Digitally Signed so that we can be assured that they are not fakes. Trusting that the digitally signed content makes any sense, is another matter entirely.

Pages

Tag Cloud

Recent Comments

  • Proxy List: Ahaa, its pleasant discussion concerning this paragraph at this place read more

CryptoParty London

CryptoParty London

Most months there is a CryptoParty London event. where some of these Hints and Tips and other techniques are demonstrated and taught.

Usually at:

Juju's Bar and Stage 15 Hanbury St, E1 6QR, London

Follow on Twitter: @CryptoPartyLDN

Syndicate this site (XML):

Categories

Campaign Button Links

Watching Them, Watching Us, UK Public CCTV Surveillance Regulation Campaign
UK Public CCTV Surveillance Regulation Campaign

NO2ID Campaign - cross party opposition to the NuLabour Compulsory Biometric ID Card
NO2ID Campaign - cross party opposition to the NuLabour Compulsory Biometric ID Card and National Identity Register centralised database.

Gary McKinnon is facing extradition to the USA under the controversial Extradition Act 2003, without any prima facie evidence or charges brought against him in a UK court. Try him here in the UK, under UK law.
Gary McKinnon is facing extradition to the USA under the controversial Extradition Act 2003, without any prima facie evidence or charges brought against him in a UK court. Try him here in the UK, under UK law.

FreeFarid_150.jpg
FreeFarid.com- - Kafkaesque extradition of Farid Hilali under the European Arrest Warrant to Spain

Peaceful resistance to the curtailment of our rights to Free Assembly and Free Speech in the SOCPA Designated Area around Parliament Square and beyond

Parliament Protest blog - resistance to the Designated Area restricting peaceful demonstrations or lobbying in the vicinity of Parliament.

Petition to the European Commission and European Parliament against their vague Data Retention plans
Data Retention is No Solution Petition to the European Commission and European Parliament against their vague Data Retention plans.

Open_Rights_Group.png
Open Rights Group

renew for freedom - renew your passport in 2006
Renew For Freedom - renew your Passport in the Summer Autumn of 2006.

The Big Opt Out Campaign - opt out of having your NHS Care Record medical records and personal details stored insecurely on a massive national centralised database.

Tor - the onion routing network
Tor - the onion routing network - "Tor aims to defend against traffic analysis, a form of network surveillance that threatens personal anonymity and privacy, confidential business activities and relationships, and state security. Communications are bounced around a distributed network of servers called onion routers, protecting you from websites that build profiles of your interests, local eavesdroppers that read your data or learn what sites you visit, and even the onion routers themselves."

Tor - the onion routing network
Anonymous Blogging with Wordpress and Tor - useful Guide published by Global Voices Advocacy with step by step software configuration screenshots (updated March 10th 2009).

irrepressible_banner_03.gif
Amnesty International's irrepressible.info campaign

anoniblog_150.png
BlogSafer - wiki with multilingual guides to anonymous blogging

ngoiab_150.png
NGO in a box - Security Edition privacy and security software tools

homeofficewatch_150.jpg
Home Office Watch blog, "a single repository of all the shambolic errors and mistakes made by the British Home Office compiled from Parliamentary Questions, news reports, and tip-offs by the Liberal Democrat Home Affairs team."

rsf_logo_150.gif
Reporters Without Borders - Reporters Sans Frontières - campaign for journalists 'and bloggers' freedom in repressive countries and war zones.

committee_to_protect_bloggers_150.gif
Committee to Protect Bloggers - "devoted to the protection of bloggers worldwide with a focus on highlighting the plight of bloggers threatened and imprisoned by their government."

wikileaks_logo_low.jpg
Wikileaks.org - the controversial "uncensorable, anonymous whistleblowing" website based currently in Sweden.

public_concern_at_work.gif
Public Concern at Work - "(PCaW) is the independent authority on public interest whistleblowing. Established as a charity in 1993 following a series of scandals and disasters, PCaW has played a leading role in putting whistleblowing on the governance agenda and in developing legislation in the UK and abroad. All our work is informed by the free advice we offer to people with whistleblowing dilemmas and the professional support we provide to enlightened organisations."