Hi Len, Maybe one question we should consider is whether a leaks clearinghouse needs to look like a website at all. From the little I've read about OpenLeaks - and if anyone knows better, please correct me - it sounds like they're not planning to publish documents, as WikiLeaks does; rather, they're planning to build some kind of infrastructure for whistleblowers to communicate anonymously with journalists, to negotiate time-limited exclusive access to documents in return for help with preparing and publishing them.
If we consider that kind of model rather than robust hosting, I guess the issues would include: * How do whistleblowers and journalists securely obtain the client software? * What kind of architecture does the anonymising network have? Can it be monitored end-to-end? Can it be DoSed? * Who contributes resources to the network? Do they need to be trustworthy, or can it be an open system? * Can attackers fill the system with fake whistleblowers to make it annoying for journalists to use? * Can attackers fill the system with fake journalists to make it annoying/dangerous for whistleblowers to use? * What's the legal status of such a system? Can it enjoy the protections given to journalists if it's seen as "just a tool"? Cheers, Michael _______________________________________________ p2p-hackers mailing list p2p-hackers@lists.zooko.com http://lists.zooko.com/mailman/listinfo/p2p-hackers
