The platform behind the anonymous tip-off services used by a number of major media outlets contains a software flaw that potentially allows unauthorised access.
Overnight, a group calling itself “Elliptic TAO Team” revealed what it termed “several critical vulnerabilities” in the SecureDrop whistleblowing software, which is used by The Guardian, Washington Post, The Intercept and The New Yorker, among others. The flaw was later confirmed by a SecureDrop developer, who said the flaw wasn’t as extensive as claimed.
SecureDrop is an open-source anonymous document drop and communication interface initially developed by the late Aaron Swartz and now run by the Freedom of the Press Foundation. In its release, the Elliptic TAO Team claimed that a vulnerability would allow someone to create fake users and access other users’ accounts, including accessing their documents and interacting with sources under the guise of legitimate account holders.
SecureDrop’s lead developer confirmed the vulnerability but said a key authorisation cookie was still required to enable the bug to deliver the results claimed, and even with the cookie, intruders would be unable to access documents sent to other journalists. The bug was created when the development team updated the software to address a bug identified in a security audit, but the update itself wasn’t audited prior to being rolled out. A fix is urgently being rolled out at the moment.
The safety of leaking to the press is a vexing issue for media companies in light of Edward Snowden’s revelations about how pervasive National Security Agency and “5 Eyes” internet and communications surveillance is across the world. The issue is particularly prominent in Australia currently, after legislation for the government’s mass surveillance scheme, including “protections” for journalists, passed parliament last week. The Australian Financial Review‘s Laura Tingle received a drubbing from online security specialists and some journalists for an article telling potential whistleblowers to use Skype or offshore-based email services. Journalists have been arguing among themselves about security for sources, particularly those who deal with government leakers who are more likely to be pursued by the Australian Federal Police.
Systems like SecureDrop are intended to solve the problem to the extent it can be, by providing a secure, anonymous interface between journalists and sources that can’t be accessed by security agencies via legal or extra-legal means, which is why a potential vulnerability in the platform is so concerning.
For potential sources who really are concerned about their vulnerability, there’s a how-to from the oldest leak site, Cryptome.org, but it’s not for the faint-hearted. And all sources should understand that between human and IT vulnerabilities, there’s no such thing as safe leaking, you can only ever minimise risk, not eliminate it.
Given that electronic exchanges will always be “occasionally” insecure, (due to the ongoing war between blackhat/whitehat hackers) how long will it be before journalists start resorting to the old hardcopy mail drop?
You know, the one where there really is an ‘envelope’ concealing the data.
paddy, anyone who’s even moderately competent [whether paranoid or not] who wishes to pass on information to journalists can still do so by snail mail without leaving any trail.
I guess some have trouble even thinking within the square?
This is something I’ve been wondering about lately. Even though a lot of mail is very traceable, it’d still be easy enough to drop something in the mail to a journalist. I’m sure there is still some interception going on, but it’s pretty obvious and stone-age compared to the digital stuff.
Bob, you’re so clearly right on this that one wonders why anyone (even those with only a quarter of a brain) doesn’t understand this option is there, especially with self seal envelopes and stamps which — for those especially prone to paranoid fears — don’t need to be licked.
Perhaps you should alert the Crikey Collective to this possibility so they can concentrate on more pressing problems?