From LeakDirectory

Revision as of 22:46, 23 August 2011 (view source) 109.73.78.98 (Talk) (You happen to be always incredibly kind towards readers like me and let me in my living. Thank you., http://fatburningfurnacecustomerreview.com belly fat burning foods, spr,) ← Older edit		Latest revision as of 01:16, 15 December 2012 (view source) Anonymous (Talk | contribs)
(41 intermediate revisions not shown)
Line 1:		Line 1:
-	You happen to be always incredibly kind towards readers like me and let me in my living. Thank you., http://fatburningfurnacecustomerreview.com belly fat burning foods, spr,	+	--[[User:Anonymous|Anonymous]] 01:16, 15 December 2012 (UTC)----
		+	=General Notes=
		+
		+	=Contact Details=
		+
		+	website:
		+
		+	===Press Enquiries===
		+
		+	No
		+
		+	===General Enquiries===
		+
		+	* email:
		+	* telephone:
		+	* mobile phone / SMS text message:
		+	* fax:
		+
		+	===Postal Address:===
		+
		+
		+	= Social Media / Networks =
		+
		+	Mainstream media print and broadcast journalists and politicians etc.
		+	i.e. influential people at which whistleblower leaks are targeted, are
		+	busy people, but can sometimes be enticed to read about whistleblower
		+	issues through Twitter or FaceBook or Blog RSS feeds etc.
		+
		+	===Twitter===
		+
		+	No
		+
		+	===FaceBook===
		+
		+	No
		+
		+	===Blog===
		+
		+	No
		+
		+	=Financial Donation methods=
		+
		+	No
		+
		+	=Currently accepting submissions of whistleblower leaks ?=
		+
		+	Yes
		+
		+	=Explicit promises about Anonymity, Privacy or Security=
		+
		+	No
		+
		+	=Restrictive legal Terms & Conditions=
		+
		+	No
		+
		+	=Practical Advice on preserving Whistleblower Anonymity=
		+
		+	No
		+
		+	=Leak Submission Encryption=
		+
		+	===Digital Certificate fingerprints published on their website:===
		+
		+	No
		+
		+	===Qualsys SSLLabs SSL Server Test rating:===
		+
		+	https://www.ssllabs.com/ssldb/analyze.html
		+
		+	Overall rating: **A [85]**
		+
		+	Certificate: 100
		+
		+	Protocol Support: 85
		+
		+	Key Exchange 80
		+
		+	Cipher Strength: 90
		+
		+
		+	===PGP Public Encryption Key===
		+
		+	URL to web page or downloadable .asc text file
		+
		+	Link to a key Public PGP Keyserver e.g.
		+
		+	http://pgp.zdv.uni-mainz.de:11371/pks/lookup?op=get&search=0x9B983E17B2531933
		+
		+
		+	PGP ID: 0xB2531933
		+
		+	Created: 31/07/2011
		+
		+	Expires: 03/09/2012
		+
		+	Type: RSA 4096/4096
		+
		+	Cipher: AES-256
		+
		+	PGP fingerprint: C376 54B8 01E7 4648 FF92 B7CF 9B98 3E17 B253 1933
		+
		+	===TOR Hidden Service===
		+
		+	No
		+
		+	===I2P eepsite===
		+
		+	No
		+
		+	===PrivacyBox.de===
		+
		+	No
		+
		+	===Hushmail Secure Form===
		+
		+	No
		+
		+	=Content Delivery Network=
		+
		+	Content Delivery Networks can provide scalable multimedia bandwidth and resistance to Denial of Service attacks, but sometimes this comes at the price of extra tracking and reduced anonymity for whisteblower sources.
		+
		+	===Akamai===
		+
		+	No
		+
		+	===CloudFlare===
		+
		+	No
		+
		+	=Leak Submission Anonymity=
		+	Some of these techniques are appropriate for a normal website like this wiki, but not for whistleblower or tipoff websites, where potential whistleblower source anonymity protection should be paramount:
		+
		+	===TOR users blocked from access===
		+
		+	No
		+
		+	===3rd Party or persistent tracking cookies or graphics===
		+
		+	No
		+
		+	===CAPTCHA graphics generated from another website e.g. GoogleRe-Captcha===
		+
		+	No
		+
		+	===Mixed mode non-SSL graphics or style sheets===
		+
		+	No
		+
		+	===Embedded video clips or deep linked graphics etc. from another website e.g. YouTube===
		+
		+	No
		+
		+	===Flash file uploader class===
		+
		+	No
		+
		+	==Communications / Acknowledgement back to the whistleblower via the website==
		+
		+
		+	===Acknowledgement of receipt of information===
		+	e.g. file upload success indicator - has the leak message or upload
		+	actually been received successfully ?
		+
		+	Yes
		+
		+
		+	===Leak analysis work flow status reporting===
		+	e.g. Has anyone actually looked at what the whistleblower has submitted ?
		+
		+	No
		+
		+	===Private message box===
		+	e.g for 2 way communications back to the anonymous whistleblower, asking
		+	for clarification, offering advice etc.
		+
		+	No
		+
		+	=Domain Name Resilience=
		+
		+	The threats of legal court proceedings against Domain Name Registrars
		+	and Domain Name Service providers are lessons which WikiLeaks.org
		+	emulators should take note of:
		+
		+	===Domain Name Registrar===
		+
		+
		+
		+	===Multiple Internet Service Providers, in different legal jurisdictions ?===
		+
		+	No
		+
		+	===Domain Name Server(s) & jurisdiction(s)===
		+
		+
		+	===Alternate Domain Name aliases===
		+
		+	No
		+
		+	=Actual Physical Mirrors of the website:=
		+
		+	No
		+
		+	=Content available via BitTorrent etc P2P etc.=
		+
		+	No
		+
		+	=Hosting of Mirrors of other whistleblowing websites=
		+
		+	No
		+
		+	=Open Source software published=
		+
		+	No

---

Latest revision as of 01:16, 15 December 2012

--Anonymous 01:16, 15 December 2012 (UTC)----

Contents 1 General Notes 2 Contact Details 2.1 Press Enquiries 2.2 General Enquiries 2.3 Postal Address: 3 Social Media / Networks 3.1 Twitter 3.2 FaceBook 3.3 Blog 4 Financial Donation methods 5 Currently accepting submissions of whistleblower leaks ? 6 Explicit promises about Anonymity, Privacy or Security 7 Restrictive legal Terms & Conditions 8 Practical Advice on preserving Whistleblower Anonymity 9 Leak Submission Encryption 9.1 Digital Certificate fingerprints published on their website: 9.2 Qualsys SSLLabs SSL Server Test rating: 9.3 PGP Public Encryption Key 9.4 TOR Hidden Service 9.5 I2P eepsite 9.6 PrivacyBox.de 9.7 Hushmail Secure Form 10 Content Delivery Network 10.1 Akamai 10.2 CloudFlare 11 Leak Submission Anonymity 11.1 TOR users blocked from access 11.2 3rd Party or persistent tracking cookies or graphics 11.3 CAPTCHA graphics generated from another website e.g. GoogleRe-Captcha 11.4 Mixed mode non-SSL graphics or style sheets 11.5 Embedded video clips or deep linked graphics etc. from another website e.g. YouTube 11.6 Flash file uploader class 11.7 Communications / Acknowledgement back to the whistleblower via the website 11.7.1 Acknowledgement of receipt of information 11.7.2 Leak analysis work flow status reporting 11.7.3 Private message box 12 Domain Name Resilience 12.1 Domain Name Registrar 12.2 Multiple Internet Service Providers, in different legal jurisdictions ? 12.3 Domain Name Server(s) & jurisdiction(s) 12.4 Alternate Domain Name aliases 13 Actual Physical Mirrors of the website: 14 Content available via BitTorrent etc P2P etc. 15 Hosting of Mirrors of other whistleblowing websites 16 Open Source software published

General Notes

Contact Details

website:

Press Enquiries

No

General Enquiries

• email:
• telephone:
• mobile phone / SMS text message:
• fax:

Postal Address:

Social Media / Networks

Mainstream media print and broadcast journalists and politicians etc. i.e. influential people at which whistleblower leaks are targeted, are busy people, but can sometimes be enticed to read about whistleblower issues through Twitter or FaceBook or Blog RSS feeds etc.

Twitter

No

FaceBook

No

Blog

No

Financial Donation methods

No

Currently accepting submissions of whistleblower leaks ?

Yes

Explicit promises about Anonymity, Privacy or Security

No

Restrictive legal Terms & Conditions

No

Practical Advice on preserving Whistleblower Anonymity

No

Leak Submission Encryption

Digital Certificate fingerprints published on their website:

No

Qualsys SSLLabs SSL Server Test rating:

https://www.ssllabs.com/ssldb/analyze.html

Overall rating: **A [85]**

Certificate: 100

Protocol Support: 85

Key Exchange 80

Cipher Strength: 90

PGP Public Encryption Key

URL to web page or downloadable .asc text file

Link to a key Public PGP Keyserver e.g.

http://pgp.zdv.uni-mainz.de:11371/pks/lookup?op=get&search=0x9B983E17B2531933

PGP ID: 0xB2531933

Created: 31/07/2011

Expires: 03/09/2012

Type: RSA 4096/4096

Cipher: AES-256

PGP fingerprint: C376 54B8 01E7 4648 FF92 B7CF 9B98 3E17 B253 1933

TOR Hidden Service

No

I2P eepsite

No

PrivacyBox.de

No

Hushmail Secure Form

No

Content Delivery Network

Content Delivery Networks can provide scalable multimedia bandwidth and resistance to Denial of Service attacks, but sometimes this comes at the price of extra tracking and reduced anonymity for whisteblower sources.

Akamai

No

CloudFlare

No

Leak Submission Anonymity

Some of these techniques are appropriate for a normal website like this wiki, but not for whistleblower or tipoff websites, where potential whistleblower source anonymity protection should be paramount:

TOR users blocked from access

No

3rd Party or persistent tracking cookies or graphics

No

CAPTCHA graphics generated from another website e.g. GoogleRe-Captcha

No

Mixed mode non-SSL graphics or style sheets

No

Embedded video clips or deep linked graphics etc. from another website e.g. YouTube

No

Flash file uploader class

No

Communications / Acknowledgement back to the whistleblower via the website

Acknowledgement of receipt of information

e.g. file upload success indicator - has the leak message or upload actually been received successfully ?

Yes

Leak analysis work flow status reporting

e.g. Has anyone actually looked at what the whistleblower has submitted ?

No

Private message box

e.g for 2 way communications back to the anonymous whistleblower, asking for clarification, offering advice etc.

No

Domain Name Resilience

The threats of legal court proceedings against Domain Name Registrars and Domain Name Service providers are lessons which WikiLeaks.org emulators should take note of:

Domain Name Registrar

Multiple Internet Service Providers, in different legal jurisdictions ?

No

Domain Name Server(s) & jurisdiction(s)

Alternate Domain Name aliases

No

Actual Physical Mirrors of the website:

No

Content available via BitTorrent etc P2P etc.

No

Hosting of Mirrors of other whistleblowing websites

No

Open Source software published

No