Strongbox for the New Yorker
The New Yorker, a weekly magazine dating back to 1925, has implemented a system of secure communications with its readers called Strongbox. Amongst other things, this system will allow whistle-blowers to post to the magazine anonymously.
The New Yorker has a strong history of ground-breaking investigative journalism, having published articles such as Seymour Hersch's "Torture at Abu Ghraib" in 2005 which exposed the the treatment of Iraqi prisoners by the American military. Tip offs have always been an important part of investigative journalism, and the New Yorker has always welcomed input from its readers. Back in the first issue in 1925, it printed its address inside the front cover and just a few years later, as the technology became more widespread, it added its phone number. It was to take another seventy years before it added an email address in 1998. As technology becomes more sophisticated and pervasive, so too has it become more traceable, and none more so than email. With security agencies so quick to seize traffic logs and charge whistle-blowers and critics, that is a serious deterrent.
To overcome this problem, The New Yorker has created an electronic dead-drop system it calls Strongbox. It provides a webform-style interface that allows people to send a message and documents to the New Yorker, but to preserve the anonymity of the sender, the connections must be made using the TOR anonymity network. TOR routes messages through thousands of routers provided by a worldwide volunteer TOR network, none of which maintain traffic logs, making it much more difficult, if not impossible, for anyone to trace the original sender. The system is designed so that it is technically impossible for The New Yorker to know who the original sender is, and a court order to disclose its sources cannot change that.
It will be interesting to know, in years to come, how effective this has proved, whether anyone used it for its intended purpose, whether it was successful in protecting source identities, or will people make mistakes when using it which exposes their identity? Even the mere fact that someone is using the Tor network or encryption tools is often enough to put someone onto the surveillance radar.
25th June 2013
This article comes from the SKILLZONE email newsletter, published monthly since January 2008, and covering topics related to technology and the internet. All articles and artwork in the SKILLZONE newsletter are orignal content.