LeakSitePageTemplate

From LeakDirectory

Jump to: navigation, search

--Anonymous 01:16, 15 December 2012 (UTC)----

Contents

General Notes

Contact Details

website:

Press Enquiries

No

General Enquiries

  • email:
  • telephone:
  • mobile phone / SMS text message:
  • fax:

Postal Address:

Social Media / Networks

Mainstream media print and broadcast journalists and politicians etc. i.e. influential people at which whistleblower leaks are targeted, are busy people, but can sometimes be enticed to read about whistleblower issues through Twitter or FaceBook or Blog RSS feeds etc.

Twitter

No

FaceBook

No

Blog

No

Financial Donation methods

No

Currently accepting submissions of whistleblower leaks ?

Yes

Explicit promises about Anonymity, Privacy or Security

No

Restrictive legal Terms & Conditions

No

Practical Advice on preserving Whistleblower Anonymity

No

Leak Submission Encryption

Digital Certificate fingerprints published on their website:

No

Qualsys SSLLabs SSL Server Test rating:

https://www.ssllabs.com/ssldb/analyze.html

Overall rating: **A [85]**

Certificate: 100

Protocol Support: 85

Key Exchange 80

Cipher Strength: 90


PGP Public Encryption Key

URL to web page or downloadable .asc text file

Link to a key Public PGP Keyserver e.g.

http://pgp.zdv.uni-mainz.de:11371/pks/lookup?op=get&search=0x9B983E17B2531933


PGP ID: 0xB2531933

Created: 31/07/2011

Expires: 03/09/2012

Type: RSA 4096/4096

Cipher: AES-256

PGP fingerprint: C376 54B8 01E7 4648 FF92 B7CF 9B98 3E17 B253 1933

TOR Hidden Service

No

I2P eepsite

No

PrivacyBox.de

No

Hushmail Secure Form

No

Content Delivery Network

Content Delivery Networks can provide scalable multimedia bandwidth and resistance to Denial of Service attacks, but sometimes this comes at the price of extra tracking and reduced anonymity for whisteblower sources.

Akamai

No

CloudFlare

No

Leak Submission Anonymity

Some of these techniques are appropriate for a normal website like this wiki, but not for whistleblower or tipoff websites, where potential whistleblower source anonymity protection should be paramount:

TOR users blocked from access

No

3rd Party or persistent tracking cookies or graphics

No

CAPTCHA graphics generated from another website e.g. GoogleRe-Captcha

No

Mixed mode non-SSL graphics or style sheets

No

Embedded video clips or deep linked graphics etc. from another website e.g. YouTube

No

Flash file uploader class

No

Communications / Acknowledgement back to the whistleblower via the website

Acknowledgement of receipt of information

e.g. file upload success indicator - has the leak message or upload actually been received successfully ?

Yes


Leak analysis work flow status reporting

e.g. Has anyone actually looked at what the whistleblower has submitted ?

No

Private message box

e.g for 2 way communications back to the anonymous whistleblower, asking for clarification, offering advice etc.

No

Domain Name Resilience

The threats of legal court proceedings against Domain Name Registrars and Domain Name Service providers are lessons which WikiLeaks.org emulators should take note of:

Domain Name Registrar

Multiple Internet Service Providers, in different legal jurisdictions ?

No

Domain Name Server(s) & jurisdiction(s)

Alternate Domain Name aliases

No

Actual Physical Mirrors of the website:

No

Content available via BitTorrent etc P2P etc.

No

Hosting of Mirrors of other whistleblowing websites

No

Open Source software published

No

Personal tools