18 August 2012

Official and Fake Leak Sites

From: To Luke Allnutt <AllnuttL[at]rferl.org>
Date: 10:54 AM 8/7/2012
Re: interview request

Dear John Young and Deborah Natsios,

I'm a journalist at RFE/RL looking at digital whistleblowing. In short, after WikiLeaks came on the scene a number of clones popped up and were heralded as the future. However, many of them are defunct today and haven't produced the fruits the boosters were expecting.

I know Cryptome as been in the biz a lot longer and has the pedigree so I wondered if you'd be willing to speak on this subject.

If you would, it would be hugely appreciated.

Thanks and hope to hear from you.

Best Wishes,

Luke
@lukeallnutt

To Luke Allnutt <AllnuttL[at]rferl.org>
Date: 08/08/2012 01:01 PM
Subject: Re: interview request

We would be pleased to participate in an interview.

Our preference is to do it by email. Please provide questions when convenient.

Best regards,

John and Deborah

From: Luke Allnutt <AllnuttL[at]rferl.org>
Date: 05:13 AM 8/9/2012
Subject: Re: interview request

Dear John and Deborah,

Thanks very much for agreeing to answer a couple of questions. Here goes:

To your knowledge, what has been the most successful digital whistleblowing site started in the wake of WikiLeaks? a) in terms of the protections they offer leakers and b) in terms of the material they have produced.

Public Intelligence (publicintelligence.net), for a group-sponsored website. (Although there are dozens around the world)

Crytocomb.org, for a single-person website. (Although there are dozens others around the world)

The multi-personed Anonymous in many iterations and global locations, for material distributed through a variety of outlets.

The hundreds of outlets, websites, blogs, social media, news fora, which do not claim to be leak sites but produce that kind of material along with other materials.

A number of whistleblowing sites, set up in the last couple of years, are flagging. Some are defunct; others are operational but don't seem to have produced much. Why do you think that is?

Most are not meant to be long-lived in order to avoid attack against a prolonged operation.

Multiplicity diffuses targetability.

Material is being distributed by less-publicized means, not publicized at all or concealed in other types of material.

A substantial number are fake sites operated by officials to sting, fail, confuse and stigmatize.

What would be the biggest challenge for someone wanting to start up a whistleblowing website? Cost, time, pressure from governments, establishing a secure system, data overload?

Believing that it cannot be done, that operators will be criminalized, that security is impossible, that it is too hard, that it is too expensive. None of these are true.

How do people submit documents to Cryptome? Just by email? Does that provide the leaker with protection?

By a variety of means, and ingenuity is ever fertile. We advise sources to protect themselves, that we cannot do that nor can any other outlet, that promised protection and security is always fraudulent, either by design or by ignorance. This is not limited to disclosures but covers all forms of security from national to personal.

Would you consider a WikiLeaks-style drop box/submission form that might better protect identities?

Drop boxes are one among many and only one is never enough. Submitters should have many identities, one is never enough.

Do you know of a highly secure open source drop box that could be used by digital whistleblowing start-ups?

There are quite a few, and they are evanescent, variable, deceptive, self-serving and none are risk-free. No source should ever trust an outlet because outlets never expose themselves to risk as great as risk to a source. No outlet should ever trust a source because sources never expose themselves to risk as great as risk to an outlet. Treachery and deception should be expected, that is the essence of disclosures, aka, leaks -- they are agenda-driven, meant to delude, deceive, propagandize, cheat, profit, muddle, distort and much more.

Disclosures are always partial and nobody should believe them until wedded to other forms of information.

"Leaks," a particularly venal form of disclosure due to the term's invention for over-dramatization for newsworthiness, aim at seducing and manipulating consumers, therefore should be considered to be advertizing, to wit, caveat emptor.

Cryptome does not call its material leaks, whistleblowing or secret-spilling, due to the excessive abuse of those advertizing terms.

Thanks again for offering to answer these questions. Look forward to your answers.

Very Best Wishes,

Luke

From: Luke Allnutt <AllnuttL[at]rferl.org>
Date: 02:02 PM 8/14/2012
Subject: Re: interview request

John, Deborah:

Thanks so much for your answers. I have one follow-up question for you, related to something you said.

"A substantial number are fake sites operated by officials to sting, fail, confuse and stigmatize."

Do you have any specific examples you could share with me?

Best Wishes,

Luke

To: Luke Allnutt <AllnuttL[at]rferl.org>
Date: 03:33 PM, 8/14/2012
Re: interview request

This site provides a variety of "fake sites operated by officials to sting, fail, confuse and stigmatize:"

http://leakdirectory.org/index.php/Leak_Site_Directory

This paper proposes official fake sites as well using the manipulative term "responsible disclosure:"

http://cryptome.org/2012/08/whistleblowing-wl-world.htm

The US Freedom of Information program is a fake official disclosure mechanism.

Press offices of government agencies, corporations and organizations are fake leak sites.

Best regards,

John and Deborah

__________

To: Luke Allnutt <AllnuttL[at]rferl.org>
Date: 03:38 PM, 8/14/2012
Re: interview request

Correction:

Freedom of Information programs in all nations, not just the US, are official fake leak sites.

You will not take offense as a journalist when we note that RFERL is an official fake leak site.

John and Deborah