What is This?
With the recent phone hacking scandal surrounding Rupert Murdoch's News of the World and other aspects of his empire, it's become evident that the fourth estate has failed so it's time to invoke the fifth estate. And what is that? - It is You!
We will accept tips or evidence of wrong doing relating to Rupert Murdoch's affiliated institutions such as News International and News Corporation. We do not accept rumor, opinion or material that is publicly available elsewhere.
Credible submissions will be distributed to our network of journalists (actual journalists) and law enforcement agencies in the UK, the US and Australia. We will not publish anything ourselves.
http://MurdochLeaks.org is well above average in their use of website and email security techniques.
Some other intermediary whistleblower website projects have drop down selection lists of media organisations to which the whistleblower leak can be sent to, but MurdochLeaks.org has a drop down list of News Corporation controlled media targets for whistleblowers.
MurdochLeaks.org provides a Submission Status tracking mechanism, to provide feedback to a whistleblower that their submission has actually been received and analysed.
- Will any current News International and News Corporation insiders try to use this website at all, or will they just talk to the Police or other media organisations directly ?
- Will any current News International and News Corporation insiders try to use this website from within the corporate infrastructure ?
- Will News Corporation try to block it from being accessed from within their companies ?
- Will News Corporation lawyers attempt to have it taken down ?
- Will News Corporation lawyers attempt to subpoena any logfiles or financial records or any copyright internal documents etc. from MurdochLeaks.org when they try to identify current or future whistleblowers ?
- Press inquiries
- email: email@example.com
- General inquiries
- email address: firstname.lastname@example.org
Social Networking publicity
Blog / RSS
Financial Donation methods
Currently accepting submissions of whistleblower leaks ?
Explicit promises about Anonymity, Privacy or Security
We use anonymous technology to protect whistleblowers so they can confidently submit information that is in the public interest.
Restrictive Legal Terms & Conditions
Practical Advice on preserving Whistleblower Anonymity
Adovocate the use of the locked down Tor Browser software bundle and publish links to the Tor Project
* You can submit without Tor although anonymity can not be guaranteed. (hint: Internet cafe)
Leak Submission Encryption
* All submissions are encrypted using 1024bit RSA asymmetric keys (no private keys stored on any servers) with 256bit AES using open source Bouncy Castle Crypto
Digital Certificate fingerprints published on their website:
Not published on the MurdochLeaks.org website
The Digital Certificate for the shared SSL webserver
CN = ssl32.cloudflare.com O = CloudFlare, Inc. L = Palo Alto S = CA C = US
has multiple valid DNS aliases for other customers e.g.
www.seplis.com www.2dialog.net www.carderprofit.cc www.astrofy.com staging.astrofy.com getambassador.com www.witstream.com carderprofit.cc www.westinshop.com ssl32.cloudflare.com secure.murdochleaks.org www.christmasdecorations.com.au astrofy.com
Currently the Digital Certificate fingerprints for secure.murdochleaks.org are:
Qualsys SSLLabs SSL Server Test rating:
Overall rating: A 
Protocol Support: 85
Key Exchange: 80
Cipher Strength: 90
PGP Public Encryption Key
PGP / GPG Public Key web page URL or file location or PGP Key Server URL
User ID aliases for: email@example.com, firstname.lastname@example.org, email@example.com, firstname.lastname@example.org, email@example.com, firstname.lastname@example.org,
N.B. The main (unencrypted) email address also uses: email@example.com
PGP ID: 0x2E0883A4
Type: RSA 2048/2048
Cipher: AES 256 bit
PGP fingerprint: 1B7C 61F1 C652 D077 1C62 F799 EDD9 5F2F 2E08 83A4
TOR Hidden Service
Hushmail Secure Form
Leak Submission Anonymity
TOR users blocked from access
3rd Party or persistent tracking cookies or graphics
CAPTCHA graphics generated from another website e.g. Google Re-Captcha
Mixed mode non-SSL graphics or style sheets
Embedded video clips etc. from another website e.g. YouTube
Flash file uploader class
Communications / Acknowledgement back to the whistleblower via the website
Acknowledgement of receipt of information
e.g. file upload success indicator - has the leak message or upload actually been received successfully ?
Submission Form generates a Receipt
Leak analysis work flow status reporting
e.g. Has anyone actually looked at what the whistleblower has submitted ?
Yes, the Submission Form generates a Receipt, with a 35 or so digit alphanumeric string which can be used to check the progress of a Submission via
Initially this reports the status as "queued"
Private message box
e.g for 2 way communications back to the anonymous whistleblower, asking for clarification, offering advice etc.
Domain Name Resilience
Domain Name Registrar
German company, registered in Panama, hosting their infrastructure in Malaysia , Estonia, USA etc.
Multiple Internet Service Providers, in different legal jurisdictions ?
Domain Name Server(s) & jurisdiction(s)
Palo Alto, California, USA
Web Server hosting jurisdiction(s)
Cloudflare Inc Palo Alto, California, USA
Alternate Domain Name aliases
murdochleaks.com [18.104.22.168] in the USA register via 1and1.com 's USA subsidiary.
That website http://murdochleaks.com is not an automatic redirection, but the home page only consists of a link to MurdochLeaks.org
Actual Physical Mirrors of the website:
Content officially available via BitTorrent etc P2P etc.