An open source system "SecureDrop" that allows documents to be obtained securely from anonymous sources

Aaron Swartz(Aaron and Schwarz) created the original code of the system, an open source system for the press to securely obtain information from anonymous sources "SecureDrop"is. It is a tool used for exchanging e-mails and sentences safely on the web, and the side who talks about information can provide information without using their own information at all.

SecureDrop | Freedom of the Press Foundation
https://pressfreedomfoundation.org/securedrop

Freedomofpress / securedrop · GitHub
https://github.com/freedomofpress/securedrop

Darrell Issa Praises Aaron Swartz, Internet Freedom At Memorial
http://www.huffingtonpost.com/2013/02/07/darrell-issa-internet-freedom_n_2633197.html

◆ Aaron and Schwarz
Mr. Aaron Schwartz who wrote the original code of SecureDrop was born in the United States in 1986 and worked as a programmer and writer, and on January 11, 2013 closed a short life with a youth of 26 years old. What kind of person was he?

ByNick Gray

He is a text format for easily distributing updated information on websitesRSSIt is also known as a person who worked hard to disseminate, but in additionCooperate in creating markdown methodOr share the website link and exchange the commentsRedditAct as an early member of the framework, and even a framework for PythonWeb.pyHe is a person who has been active in the Internet world since quite a young age.

ByBen Adida

Mr. Schwartz who has created a lot of value added to the Internet world, but in 2008Watchdog.netHe gathered information on politicians and visualized it, or was a type of pressure group on the netDEMAND PROGRESSIt was a young man who became one of the founders of fathers, acted actively in fields other than the Internet, and was able to act to change the world.

ByMaria Jesus V

And in 2008, it is an American court text search systemPACER(Public Access to Court Electronic Records) to download and publish data of 198,556,160 pages which is about 20% of the total. This database was managed by the United States Court Secretariat and was provided for a fee. Meanwhile, I agree with Mr. Karl Malamad who asserted that "Information fee should be free because copyright is not applied to documents created by the government, and this data is so that everyone can freely access the data It seems to have announced. Although this action has attracted attention of the FBI, it is eventually non-prosecution, and Schwartz's published data is an extension of Firefox and ChromeRECAPIt is now free accessible from now.

Following thisOpen dataAs a dissertation,JSTORWe will download and publish the articles of academic journals from. However, Mr. Schwartz is charged with suspicion that he downloaded about 4.8 million data on January 6, 2011 without permission.Statement issued by JSTORAmong them, this indictment was judged by the government rather than JSTOR, but Mr. Schwartz was accused of a long period of two years or more due to hacking more than 13 and cheating on wire communication Yes, "Up to 35 years imprisonment, 3 years probation observation, return of stolen goods, forfeiture of property and a fine of up to 1 million dollarsThere was also the possibility that a too heavy sentence was given too that it was too heavy. Worried about the possibility of this sentence, Mr. Schwartz committed suicide on January 11, 2013 as young as 26 years old in local time, then the prosecutor's office withdrew the indictment,JSTOR publishes more than 4.5 million articles free of chargeI will do.

It can be said that it was a person who positively acted on the basis of the development of the Internet and the open data thought that anyone should be free to use data in a short lifetime.

ByPeretz Partensky

◆ SecureDrop
SecureDrop, which is based on source code written by Mr. Schwartz, is a tool for safely exchanging mails and sentences. By using codename, the side who talks about information does not have to use personal information at all, the information is encrypted by GPG and stored on the source server prepared by the news agency side.


In order to use SecureDrop, the news agency needs to prepare one dedicated computer and three Ubuntu servers. One of the servers is used as the source server. Anonymous information is gathered to this server, and this is a necessary ant to operate software that makes anonymization of Tor connection path. The second server, the document server, is also used to run Tor, download documents sent from anonymous sources, and exchange information with other people. The third server will be the server to monitor the source and document servers.

And the personal computer is used as a viewing station for decryption, which must be isolated from the net. Save the encrypted information downloaded via the document server on a USB or SD card, copy it to the viewing station, and decode the encryption so that you can read sentences.



In addition to these four computers, it is also necessary to prepare working terminals for downloading encrypted documents from the document server and for communicating anonymously with information providers. A security audit is conducted by Bruce Schneier, a security audience specialist, and a team of researchers at the University of Washington led by Alexei Czeckis, to ensure the highest possible level of security, if not 100% secure It seems to be a system that did. Detailed on SecureDropInstallation methodYahow to useSince it is made public, those who are worried are OK if you check it.

If SecureDrop allows the media to securely obtain anonymous information from anonymous sources safely, information that none of the public has ever knew about will be reported, and true open data will be realized It may be connected.