Whistleblowing in the Age of Surveillance
This article was published in Bitcoin Magazine. “The inscription problem”. click here To get an annual Bitcoin Magazine subscription.
Bitcoin allows data to be permanently recorded in public records. Nonetheless, whistleblowing on blockchain is still a terrible idea.
Information leakage is a risky business. If you obtain sensitive information (especially if you shouldn’t have it in the first place), you can’t email it or post it to your Twitter feed. If you do that, before you know it you will be tracked, identified and thrown in jail, and any data you gain will be quickly deleted.
The data you obtain by posting information on the Bitcoin blockchain cannot be deleted. Just as Bitcoin transactions are final, so is all information published on the blockchain. There forever for anyone in the world to see. But what sounds like a great plan for information leaks called WikiLeaks 2.0 is actually not a very smart idea.
Protecting whistleblowers is of utmost importance to sophisticated publishers. And it’s definitely not easy. If you post data directly to the Bitcoin blockchain, you may miss important data points that could identify you as the source. The reader will furthermore be unable to verify continuity of custody, potentially discrediting your leak. Additionally, neither Bitcoin nor the Internet are privacy-secure technologies, so it is possible that your identity could be leaked to the public through a variety of mechanisms.
Watermarking and digital fingerprinting
Many large companies use methods to identify the source of a breach, such as watermarking and digital fingerprinting. While watermarking is the act of altering data to make it uniquely identifiable, digital fingerprinting is derived from information inherent in most forms of digital communication. Both are virtually invisible to the human eye.
A widely used watermarking method is to modify text spacing in documents accessible to employees. The use of text spacing in document watermarks was famously used by Tesla’s Elon Musk to identify the individuals behind the 2008 email leak. The leak left the company with just $9 million in cash on hand. Every email sent from Tesla has slightly different text spacing, forming a binary signature to identify the source of the leak.
Another way to watermark documents is to use a printer. Again, mostly invisible to the human eye, most printers, especially laser printers, form a unique pattern of dots on printed documents to identify the printer on which the document was printed.
This is the case with Reality Winner, who leaked classified information about Russian interference in the 2016 US election to an American newspaper. intercept. intercept, funded by eBay founder and friend of U.S. intelligence Pierre Omidyar (called “one of the scariest tech billionaires” by journalist Yasha Levine), published Winner’s documents without removing the documents’ watermarks. Winner was reportedly arrested. Watermarking adds an identifiable pattern while also to Extracting identifiable patterns through data and fingerprinting from data. For example, a JPEG image header typically contains unique metadata that provides an indication of the time and location of the image, as well as the device on which it was taken. Since most platforms use differentiated compression mechanisms to transmit data, fingerprinting can also suggest which platform was used for communication. Unless you are aware of all the ways documents can be watermarked and fingerprinted, it is not a good idea to leak information yourself.
Management continuity
To protect the reliability of leaked information, it is important to establish a management network. Simply adding documents to the blockchain will not help journalists verify the integrity of the information you upload, so your leaks will likely be discredited.
Chain of custody is important to maintain ethical reporting standards. Just as law enforcement agencies must protect chain of custody to ensure that evidence has not been altered, journalists must verify all information they receive. This is done by determining where a particular document originated and how many (and whose) hands it passed through in its wake. Without documentation of who handled the documents and how, journalists have little way to determine if the leaks are real or altered. In general, chain of custody attempts to answer questions about who, when, why, where, and how documents were discovered.
Distrust has become a kind of occupation. There are generally two ways to discredit a leak: That is, distrusting the leaker and distrusting the leak itself. Discrediting a leaker may involve exposing undesirable information about the subject, such as sexual relationships or health issues, or explicitly framing the leaker to create awareness of bias. WHO and why.
Distrust of documentation is primarily accomplished by deepening uncertainty about the management regime of the leak. Here, chain of custody poses a dilemma. Because removing metadata to protect us from identity verification makes it harder to determine who, when, why, where, and how much. Therefore, digital forensics often focuses on whether documents appear authentic, accurate, and complete, and whether they are trustworthy and explainable. Without an established chain of custody, establishing authenticity, accuracy, completeness, reliability and explainability becomes much more difficult to determine and distrust becomes much easier.
Although we can confirm that a leaked document has not been tampered with after adding it to the blockchain, we cannot answer the questions of who, when, why, where, and how, a dilemma many have misunderstood that blockchain can only verify. . It was explained perfectly in 2018 by Todd Eden, who transformed himself into a verified Leonardo da Vinci by adding a photo of the Mona Lisa to the blockchain-based art platform VerisArt. This makes information leaks on the Bitcoin blockchain meaningless unless journalistic due diligence is applied.
Personal Information on the Internet
Contrary to popular opinion, Bitcoin is not a privacy technology. Even if you do not set up fingerprinting on your documents and follow chain-of-custody procedures, posting information to a public blockchain may still be able to verify your identity.
The easiest way to determine where a leak is occurring is through so-called supernodes. A supernode is a node in the Bitcoin peer-to-peer network that establishes connections to as many nodes as possible so that it knows which node a transaction originated from.
Now we may think that using the Tor network is enough to hide our personal information from being leaked. But because blockchain surveillance works closely with government intelligence agencies (Chainalytic has received more than $3 million from In-Q-Tel, the CIA’s venture capital fund, over the past two years, and its competitor Elliptic was founded in the GCHQ accelerator), we We must assume that blockchain surveillance is: The company has access to the resources of a global passive adversary.
A global passive attacker is an entity that has the ability to monitor all traffic on a specific network. This allows us to determine when a packet was sent and when it was received, thus correlating the sender and receiver. For example, if you are within the United States and use the Tor network to access a U.S. website, the United States will know which website you have visited by correlating the timing of network requests sent and received. Because the United States is a passive adversary globally, it has the ability to tie the timing of network requests globally.
Therefore, if you want to safely leak information, we recommend that you do so over the Tor network in an Internet cafe rather than performing any other web requests. If you leak documents from an Internet cafe and have recently logged in to your email on the same computer, your identity may be assumed, even if you use Tor. Therefore, you should not use your computer to leak information, as your computer will also be fingerprinted across the World Wide Web, from the size of the browser window used to the applications installed. Additionally, since the information may obtain a history of your location, it is recommended that you leave your phone at home and visit places where your information may be leaked. In countries here, even if GPS is disabled, the WiFi networks you pass have the ability to track your location by tracking the network requests your phone sends.
Unfortunately, it is nearly impossible to find an internet cafe where you can set up a Bitcoin node. So the only way to safely leak your information is to buy a disposable computer. This is because using someone else’s node leaks additional identifying information to untrusted third parties. However, the moment your personal device and secret computer are connected to the same network, they can be re-identified.
conclusion
Information leaks are very important, especially when they involve abuse of power. But it is also very dangerous. Using Bitcoin as a platform for whistle-blowing, as has been suggested many times across the ecosystem, is a terrible idea considering the risks at hand.
The Tor network is insufficient to protect personal information against passive adversaries around the world, and the Bitcoin network is generally insufficient to protect personally identifiable information, so it is possible to secure personal information directly on the blockchain while ensuring personal identity protection. It makes publishing incredibly difficult. Documents may contain invisible fingerprints that can confirm your identity, and a lack of chain of custody is likely to lead to distrust of a breach.
Thinking you are safe from both government and corporate surveillance is dangerous because it leads to less caution and more reckless behavior. It’s always better to be safe than sorry. Unfortunately, this mantra doesn’t seem to resonate with many Bitcoin users these days.
This article was published in Bitcoin Magazine. “The inscription problem”. click here To get an annual Bitcoin Magazine subscription.