Summary: | In recent years, whistleblowing has lead to big headlines aroundthe world. This thesis looks at whistleblower systems, which are systems specically created for whistleblowers to submit tips anonymously. The problem is how to engineer such a system asto maximize the anonymity for the whistleblower whilst at the same time remain usable.The thesis evaluates existing implementations for the whistle-blowing problem. Eleven Swedish newspapers are evaluated for potential threats against their whistleblowing service.I suggest a new system that tries to improve on existing systems. New features includes the introduction of JavaScript cryptography to lessen the reliance of trust for a hosted server. Use of anonymous encryption and cover traffic to partially anonymize the recipient, size and timing metadata on submissions sent by the whistleblowers. I explore the implementations of these features and the viability to address threats against JavaScript integrity by use of cover traffic.The results show that JavaScript encrypted submissions are viable. The tamper detection system can provide some integrity for the JavaScript client. Cover traffic for the initial submissions to the journalists was also shown to be feasible. However, cover traffic for replies sent back-and-forth between whistleblower and journalist consumed too much data transfer and was too slow to be useful.
|