Story

Smart Whistleblower platform Adleaks being designed by German researchers

New Web-based technology might make leaking data easier and more secure in the future. Researchers in Germany are developing a platform based on Internet ads to help whistleblowers like Edward Snowden leak top-secret information without their activities being caught out online.

AdLeaks is a system that is being designed to minimize the footprint of leaking information online in order to avoid the gaze of wide-reaching, international monitoring systems — such as those that the US is reported to use to keep track of overseas and domestic Internet traffic.

what is it?

Corporate or official corruption and malfeasance can be difficult to uncover without information provided by insiders, so-called whistleblowers.

However, the proliferation of surveillance technology and the retention of Internet protocol data records has a chilling effect on potential whistleblowers. The mere act of connecting to an online whistleblowing Website may suffice to raise suspicion, leading to cautionary advice for potential whistleblowers.

The current best practice for online submissions is to use an SSL connection over an anonymizing network such as Tor. This hides the end points of the connection and it protects against malicious exit nodes and Internet Service Providers (ISPs) who may otherwise eavesdrop on or tamper with the connection. However, this does not protect against an adversary who can see most of the traffic in a network, such as national intelligence agencies with a global reach and view.

We suggest a novel type of submission system for online whistleblowing platforms that we call AdLeaks. The objective of the AdLeaks system is to make whistleblower submissions unobservable even if the adversary sees the entire network traffic. A crucial aspect of the AdLeaks design is that it eliminates any signal of intent that could be interpreted as the desire to contact an online whistleblowing platform.

For technical details, please take a look at our paper on arXiv.org. For the source code of our research prototype, please take a look at our GitHub repository.

how does it work?

We designed the AdLeaks system to work with partners who embed AdLeaks ads or AdLeaks bugs into their web pages. Our ads contain code that encrypts an empty message with the AdLeaks public key and sends the ciphertext back to AdLeaks. This happens on all users' web browsers. A whistleblower's browser substitutes the ciphertext with encrypted parts of a disclosure. The protocol ensures that an adversary who can eavesdrop on the network communication cannot distinguish between the transmissions of regular browsers and those of whistleblowers' browsers. AdLeaks ads are authenticated so that a whistleblower's browser can tell them apart from other code. Consequently, whistleblowers never have to navigate to any particular site to communicate with AdLeaks once our ads are sufficiently widespread.

When popular websites begin to support AdLeaks this produces increasing amounts of cover traffic. Nodes in the AdLeaks network reduce the resulting traffic by means of an aggregation process so that a small number of trusted nodes can recover whistleblowers' submissions efficiently. Since neither transmissions nor the network structure of AdLeaks bear information on who a whistleblower is, the AdLeaks submission system is immune to passive adversaries who have a complete view of the network.

IMPORTANT NOTICE

AdLeaks is a research project and not a complete system. AdLeaks provides a submission frontend but it lacks the backend necessary to securely manage and distribute received disclosures. We hope to collaborate with other projects towards building a complete system. We will soon bring a research system online suitable to experiment with the submission process. Remember. Thou shalt not send us real disclosures!

what do I need to have and how do I use it?

Whistleblowers need a software to instrument their browsers and a tool that prepares disclosures for submission. Once installed, all a whistleblower does is surf the web as regular. The instrumentation will leak bits of the disclosure to AdLeaks as the whistleblower encounters AdLeaks ads. This process may take in the order weeks depending on the size of the disclosure and the number of ads encountered per day. AdLeaks is not suited for large disclosures but provides a high degree of security. Website operators who would like to support AdLeaks need a bit of JavaScript that they must embed in web pages.

for whistleblowers

We distribute the code you need to instrument your browser along with our ads. There is no need to download it. You only need a small bootstrapper script which extracts the code from your browser's cache or local storage. The script also verifies and installs the software for you. It is critical for your safety that you verify that the script you use is authentic, prior to using it! The best approach is to compare bootstrapper scripts taken from multiple sources. We publish authentic scripts at the following sources:

  • in the QR code below (make sure the connection is authentic)
  • in print media (none yet, if you represent a major newspaper, please contact us)

contact information

Volker Roth
Arbeitsgruppe Sichere Identität
Fachbereich Mathematik und Informatik
Freie Universität Berlin

AdLeaks team

Volker Roth
Benjamin Güldenring
Eleanor Rieffel
Sven Dietrich
Lars Ries