The New Yorker on Wednesday launched “Strongbox,” an online system for sources to send files and messages to the magazine’s journalists with “a reasonable amount of anonymity,” as Senior Editor Amy Davidson put it.
A source can use Strongbox to send information anonymously in the following way: First, they access the Tor network, which anonymizes users via a series of relays encrypting traffic at each step. Strongbox users then upload their files or messages and get a random code name. The files are encrypted and transmitted to a Condé Nast server separate from the rest of the company’s infrastructure.
Next, New Yorker editors periodically check Strongbox using a laptop on a Virtual Private Network (VPN). If they see a file they want, they can download it to a thumb drive and load it on a laptop not connected to the Internet, booted from a CD and erased every time it’s turned on. Then, they plug in a second thumb drive with the keys to decrypt the files.
Should New Yorker’s reporters need to contact the uploader, they can do so through a separate computer connected to the Internet. The source would see such a message only if they log back on to Strongbox with their previously generated username.
“Strongbox is a simple thing in its conception,” writes Davidson before explaining the magazine has had a long history of accepting documents from confidential sources.
For more information: