The Wall Street Journal is facing a backlash from web security and privacy experts over its WikiLeaks-inspired whistleblowers’ site, SafeHouse.
SafeHouse, which launched on Thursday to allow anyone to upload documents to the Journal, has been described by one encryption analyst as a “total anonymity failure” that could compromise the security of whistleblowers.
Other researchers have told the Guardian that SafeHouse needs “basic improvements” and that — in its current state — should not have been launched.
“These are technical issues that only technical experts will notice,” said Rik Ferguson, a security analyst at Trend Micro. “But given the kind of data that the Journal will hope to get from this, if I [was a whistleblower] there would absolutely be enough for me not to choose that site to upload to.
“There are certainly some relatively basic improvements that could and should have been made before the site went live.”
Jacob Appelbaum, a security researcher and senior developer on the Tor online anonymity network, was also critical of SafeHouse: “They’re negligent and this is the wrong project to beta-test on an open internet,” he said.
Within hours of SafeHouse being launched, security experts pointed out that the site has an insecure way of redirecting whistleblowers who visit the unencrypted version of the site. “This leaves any potential whistleblower open to the chance of getting their traffic — and any documents they’re uploading — intercepted by someone on the same network,” said Ferguson.
SafeHouse’s terms and conditions includes a disclaimer that it “cannot ensure complete anonymity” of whistleblowers who opt to use the most secure form of uploading to the site — and recommends using “cloaking” tools such as Tor, which hide the online identities of web users.
However, uploading from Tor did not work on Thursday or Friday when tested by security researchers. “This is quite worrying and makes you think that it’s quite risky if you’re going to put information on there,” Paul Mutton, a web security tester, told the Guardian.
Mutton added it was also “surprising” the Journal had not opted for an independently-verified SSL certificate — as used by PayPal and other companies which transmit sensitive information — which notifies site visitors of its enhanced protection with a green address bar.
“Not only would this instil more confidence in submitters, but it would also be more difficult for someone else to impersonate the site,” Mutton said.
SafeHouse is also facing criticism for its terms and conditions, which state the Journal “reserve[s] the right to disclose any information about you to law enforcement authorities or to a requesting third party, without notice, in order to comply with any applicable laws and/or requests under legal process […]”.
Ashley Huston, a spokesperson for the Journal, said in a statement: “There is nothing more sacred than our sources; we are committed to protecting them to the fullest extent possible under the law.
“Because there is no way to predict the breadth of information that might be submitted through SafeHouse, the terms of use reserve certain rights in order to provide flexibility to react to extraordinary circumstances. But as always, our number one priority is protecting our sources.” – guardian.co.uk