#203 – SecureDrop helps protect identity of anonymous sources

For journalists working with anonymous sources, sometimes low-tech is better, like when Woodward and Bernstein received signals of new information from a potted plant.

But if a source really wants to keep his or her identity hidden, there’s a new tool: SecureDrop, a three-computer system for providing journalists with highly sensitive information without divulging their identity.

Charles Berret is a Ph.D. student in communications and a fellow at the Tow Center at the Columbia University School of Journalism.

About 30 organizations and individuals have SecureDrop systems in place right now, says Charles Berret, a Ph.D. student in communications and a fellow at the Tow Center for Digital Journalism at the Columbia University School of Journalism.

SecureDrop is “less a tool to protect journalists than to secure their sources,” Berret said, who recently wrote a Tow Center report about SecureDrop.

Think about the uproar and controversy caused by the leaks to The Washington Post and The Guardian by former NSA contractor Edward Snowden, he said. “In the event a major leak is published, the whistleblower’s often significantly more vulnerable than the outlet itself. SecureDrop is a system designed to make it as safe as possible for a source to contact a journalist if they think they have something important to share.”

With a price tag of about $2,000 to $3,000, a SecureDrop system is relatively easy to use. The first machine is a server to run the website where journalists and their sources access SecureDrop and upload files. The website is operated as a hidden service on the Tor browser so as to be undetectable. The second machine monitors the server, while the third machine remains fully and always unconnected to any kind of internet access, something called air gapping, Berret said. “It’s a blank machine with exactly the software you’ve installed on it on it. It’s as isolated from threats as possible.”

If vital information is found by a journalist sifting through the SecureDrop inbox, that information is transferred via thumb drive to the third machine and can be printed using a designated printer that’s also never been connected to the internet. This multi-step process “keeps files as sanitary as possible in terms of digital hygiene. It’s as safe, in terms of files, and secure and anonymous, in terms of the source’s identity, as possible,” he said.

It took Berret and a colleague “the better part of two days” to set up a SecureDrop system with some help from the IT administrator from Columbia’s journalism school. “In general, anyone who’s worked with Linux servers and the command line before would have the basic level of skill and could jump right into this, but that’s asking a lot of most people, certainly a lot of most journalists.” There’s a waiting list of about 80 organizations for a team of developers from the Freedom of the Press Foundation, the creators of SecureDrop, to do an onsite installation.

Among the early adopters of SecureDrop, as interviewed by Berret for a new report from the Tow Center, are the newsrooms of The Guardian, The Washington Post, Pro Publica, the Toronto Globe and Mail, The Intercept and The New Yorker, along with individuals like Bart Gellman, who worked on the Snowden leaks, and Wired’s Kevin Poulsen, who Berret said “conceived of what would become SecureDrop and built the first with Aaron Swartz,” a programmer and hacktivist who founded Demand Progress to campaign against internet censorship before his death in 2013.

On this week’s podcast, producer Michael O’Connell talks to Charles Berret, a Ph.D. student at the Columbia University School of Journalism, about SecureDrop, a new technology that helps journalist protect the identity of their anonymous sources. The Tow Center for Digital Journalism recently published a report on how journalists are using SecureDrop in their newsrooms to secure their communications with sources.

— Amber Healy