Tuesday, September 29, 2009

Security Update

SnitchWire is always looking to improve security for our contributors, whistle-blowers, tipsters, and even those wily government agents sending threatening emails or trying to spread disinformation. We are pleased to announce that communications sent to SnitchWire can from now on be sent to a new, more secure address from Riseup.net instead of to our Gmail account. Riseup is email designed specifically for activists with secure communication in mind, which is an excellent step up from free webmail that could easily be read by a third party. Have a look at Riseup's mail policy:
  • We do not log your IP address. (Most services keep detailed records of every machine which connects to the servers. We keep only information which cannot be used to uniquely identify your machine.)
  • All your data, including your mail, is stored by riseup.net in encrypted form.
  • We work hard to keep our servers secure and well defended against any malicious attack.
  • We do not share any of our user data with anyone.
  • We will actively fight any attempt to subpoena or otherwise acquire any user information or logs.
  • We will not read, search, or process any of your incoming or outgoing mail other than by automatic means to protect you from viruses and spam or when directed to do so by you when troubleshooting.
This should provide more open communication with this project as well as better security. Rest assured, our PGP encryption key has not changed and can still be used when sending mail to the new Riseup address, SnitchWire [at] riseup [dot] net. Our Gmail account will still be checked on a regular basis until it is clear that Riseup dominates communication for this project.

We're also excited about implementing a tor2web protocol for EVEN MORE anonymity. More news on this soon, as it is in development, but pretty soon even the Department of Homeland Security will realize SnitchWire (on our MIGHTY PUBLIC BLOGSPOT SERVER :P) is an impregnable fortress of cyber security and anonymous communication.

The reason for all of this is because you should trust no one. Not even your lovable foul-mouthed anarchist pals at SnitchWire. By providing resources in which sources and tipsters can remain as anonymous as technologically possible, we hope that by removing the ramifications associated with identity, more information about infiltrators and snitches within radical communities and activist circle can be shared and news spread quickly with SnitchWire.

This is a similar ethos to Cryptome and Wikileaks. Simply put, send us relevant shit as anonymously as possible to our new Riseup email address, we will publish and disseminate that shit after some fact checking and judgment calls, and you walk away knowing you did a service to everyone in struggle by helping expose an informant. This process will refine as this project matures, but the bottom line is to take identity out of the equation and utilize a monk-like form of security culture in trusting nobody. This is better for everyone. You don't know who we are, we don't know who you are, and valuable information is still distributed via a newsblog like SnitchWire.

No comments:

Post a Comment