Field of Vision accepts submissions of audio/visual material from the public, but because people who send us this material could be putting themselves at risk, Field of Vision has set up a platform to make this process easier and more secure.
Below are detailed security instructions written by Micah Lee. Micah is the person who initially connected me to Edward Snowden in early 2013 and was instrumental in bringing the NSA story to the public. You can read his story here.
The instructions below are dense and complex. Micah has written them with the goal of providing security guidelines for sources who need them most. Not everyone is in that category and you might not need to take all of these precautions.
One thing I’ve learned in the last decade of reporting on national security issues is that encryption tools and security methods that sound complicated when you don’t think you need them, suddenly become straightforward when you or a source have their life on the line. It is not brain surgery. Your own particular threat model will determine which of these steps you need to take if you are thinking of submitting video or images to Field of Vision. Our basic step-by-step instructions can be found here. If you need more knowledge, keep reading.
Security Instructions and Guidelines
by Micah Lee
While our website has been protected with HTTPS encryption from the beginning, and all of our staff publish their PGP keys on their staff profiles so that readers can send them encrypted email, this alone isn’t enough to protect the anonymity of sources.
If you want to communicate with us without exposing your real-world identity, here are security guidelines for communicating with us using our SecureDrop server, an open source whistleblower submission system.
What Not To Do
If you’d like to prevent your employer or your government from knowing that you’re submitting material to use, here are some things you should not do:
Don’t contact us from work. Most corporate and government networks log traffic.
Don’t email us, call us, or contact us on social media. Most of the ways that people communicate over the Internet or phone networks are incredibly insecure.
Don’t tell anyone that you’re a source. Even if you plan on coming out as the leaker at some point in the future, you have a much better chance of controlling the narrative about you if you are deliberate.
As journalists we will grant anonymity to sources if the circumstances warrant it — for example, when a source risks recrimination by disclosing something newsworthy. If we make such an agreement with you, we will do everything in our power to prevent ourselves from being compelled to hand over your identity.
That said, in extreme cases, the best way to protect your anonymity may be not to disclose your identity even to us.
What To Worry About
Here are some steps you should take to protect yourself:
Be aware of your habits. If you have access to secret information that has been leaked, your activities on the internet are likely to come under scrutiny, including what sites you have visited or shared to social media. Make sure you’re aware of this before leaking to us, and adjust your habits well before you decide to become our source. Tools like Tor (see below) can help protect the anonymity of your surfing.
Compartmentalize and sanitize. Keep your leaking activity separate from the rest of what you do.
If possible, use a completely separate operating system (such as Tails, discussed below) for all of your leaking activity so that a forensic search of your normal operating system won’t reveal anything. If you can’t keep things completely separate, then make sure to clean up after yourself as best as you can. For example, if you realize you did a Google search related to leaking while logged into your Google account, delete your search history. Consider keeping all files related to leaking on an encrypted USB stick rather than on your computer, and only plug it in when you need to work with them.
Strip metadata from audio/visual materials. Videos and photographs often include metadata that could be used to de-anonymize you. If you send us files that include metadata, we will strip it for you before we publish it.
How To Actually Leak
Now that we have that straight, here’s how to go about contacting us securely:
Go to a public WiFi network. Before following any further directions, grab your personal computer and go to a network that isn’t associated with you or your employer, such as at a coffee shop. Ideally you should go to one that you don’t already frequent. Leave your phone at home, and buy your coffee with cash.
Get the Tor Browser. You can download the Tor Browser here. When you browse the web using the Tor Browser, all of your web traffic gets bounced around the world, hiding your real IP address from websites that you visit. In order to start a conversation with us using our SecureDrop server, you must use Tor.
Consider using Tails instead. If you are worried about your safety because of the information you’re considering leaking, it might be prudent to take higher security precautions than just using Tor Browser. If someone has hacked into your computer, for example, they’ll be able to spy on everything you do even if you’re using Tor. Tails is a separate operating system that you can install on a USB stick and boot your computer to. Tails is engineered to make it hard for you to mess up:
Tails leaves no traces that it was ever run on your computer
- It’s non-persistent, which means that if you got hacked last time you were using Tails, the malware should be gone the next time you boot up
- All Internet traffic automatically goes through Tor, so it’s much harder to accidentally de-anonymize yourself
- It has everything that you need to contact us through SecureDrop built-in, as well as other popular encryption tools
- It’s the operating system that Edward Snowden used to leak NSA documents
- It sounds complicated, and it is. But if you’re risking a lot, it’s probably worth the effort. You can find instructions for downloading and installing Tails here.
Use SecureDrop to communicate with us. You can use our SecureDrop server to securely and anonymously send us messages, read replies, and upload material. If you have access to audio/visual material that you’re considering leaking, you can use SecureDrop to just start a conversation with us until you’re comfortable sending in any documents.
Our SecureDrop servers are under the physical control of Field of Vision. When you interact with our SecureDrop servers, we don’t log any information about your IP address, web browser, or operating system, nor do we deliver persistent cookies to your browser. When you use Tor to connect to our SecureDrop server, your connection is encrypted. Using the Tor network helps mask your activity from anyone that is monitoring your Internet connection, and it helps mask your identity from anyone monitoring our Internet connection.
When you send messages or upload files to this server, these messages and files are stored encrypted. Field of Vision stores the encryption keys on air-gapped computers that never connect to the Internet. Even if our SecureDrop server got hacked or the physical hardware got confiscated, the messages and files you have submitted previously should still be shielded from the attacker.
You can access our SecureDrop server by going to http://fovisionunz7mtxw.onion/ in Tor Browser. This is a special kind of URL that only works in Tor (even though the URL starts with “http://” and not “https://”, the connection between Tor Browser and our SecureDrop server is encrypted). This is what you’ll see:
To learn more about safely using SecureDrop as a source, check the official guide for sources document.
Sending Us Large Files
Tor makes everything you do online much slower, and uploading gigabytes of files to our SecureDrop server might not be practical. In these cases, sending your material via mail is an option. Our mailing address is:
Field of Vision 114 Fifth Avenue, 19th Floor New York, NY 10011
In the United States a warrant is required to open postal mail. Even so, if you do plan on mailing us material there are a few steps you should take to protect your identity.
Make sure you include enough postage on your package, and mail it from an unfamiliar public mailbox. Don’t include a return address. When you write our address, be careful not to betray your handwriting. Depending on the risks you’re taking, you may wish to avoid leaving fingerprints or DNA.
If you’re mailing digital material such as on a hard drive, a USB stick, an SD card, or a DVD, it is safest to encrypt the data before sending it to us using a tool like VeraCrypt, so that only a strong password can unlock it. You can tell us the password separately using SecureDrop. This way, even if the package gets intercepted, the data you’re sending, and your anonymity, will remain safe.
If you’re considering sending us sensitive material in the form of large files, you’re welcome to start a conversation with us using SecureDrop ahead of time. We can walk you through the various options, help make sure you’re following the proper steps, and help you use the encryption software necessary to do so securely.