New Web-based technology might make leaking data easier and more secure in the future. Researchers in Germany are developing a platform based on Internet ads to help whistleblowers like Edward Snowden leak top-secret information without their activities being caught out online.
Corporate or official corruption and malfeasance can be difficult to uncover without information provided by insiders, so-called whistleblowers.
However, the proliferation of surveillance technology and the retention of Internet protocol data records has a chilling effect on potential whistleblowers. The mere act of connecting to an online whistleblowing Website may suffice to raise suspicion, leading to cautionary advice for potential whistleblowers.
The current best practice for online submissions is to use an SSL connection over an anonymizing network such as Tor. This hides the end points of the connection and it protects against malicious exit nodes and Internet Service Providers (ISPs) who may otherwise eavesdrop on or tamper with the connection. However, this does not protect against an adversary who can see most of the traffic in a network, such as national intelligence agencies with a global reach and view.
We suggest a novel type of submission system for online whistleblowing platforms that we call AdLeaks. The objective of the AdLeaks system is to make whistleblower submissions unobservable even if the adversary sees the entire network traffic. A crucial aspect of the AdLeaks design is that it eliminates any signal of intent that could be interpreted as the desire to contact an online whistleblowing platform.
We designed the AdLeaks system to work with partners who embed AdLeaks ads or AdLeaks bugs into their web pages. Our ads contain code that encrypts an empty message with the AdLeaks public key and sends the ciphertext back to AdLeaks. This happens on all users' web browsers. A whistleblower's browser substitutes the ciphertext with encrypted parts of a disclosure. The protocol ensures that an adversary who can eavesdrop on the network communication cannot distinguish between the transmissions of regular browsers and those of whistleblowers' browsers. AdLeaks ads are authenticated so that a whistleblower's browser can tell them apart from other code. Consequently, whistleblowers never have to navigate to any particular site to communicate with AdLeaks once our ads are sufficiently widespread.
AdLeaks is a research project and not a complete system. AdLeaks provides a submission frontend but it lacks the backend necessary to securely manage and distribute received disclosures. We hope to collaborate with other projects towards building a complete system. We will soon bring a research system online suitable to experiment with the submission process. Remember. Thou shalt not send us real disclosures!
We distribute the code you need to instrument your browser along with our ads. There is no need to download it. You only need a small bootstrapper script which extracts the code from your browser's cache or local storage. The script also verifies and installs the software for you. It is critical for your safety that you verify that the script you use is authentic, prior to using it! The best approach is to compare bootstrapper scripts taken from multiple sources. We publish authentic scripts at the following sources: