[liberationtech] WorkiLeaks: How to Be a Workplace Leaker Without Getting Caught

http://www.wired.com/threatlevel/2012/04/workileaks/ WorkiLeaks: How to Be a Workplace Leaker Without Getting Caught - By Ryan Singel <http://www.wired.com/threatlevel/author/ryan_singel/> - Email Author <ryan@ryansingel.net> - April 12, 2012 | - 8:06 pm | - Categories: privacy<http://www.wired.com/threatlevel/category/privacy/> , Surveillance <http://www.wired.com/threatlevel/category/surveillance/> - <http://www.wired.com/images_blogs/threatlevel/2012/04/exit.jpg> *Photo: loop_oh<http://www.flickr.com/photos/loop_oh/3046332136/sizes/o/in/photostream/> * On Tuesday, Gawker announced gleefully that it had placed a mole inside Fox News Channel b an anonymous Fox employee who was feeding the news organizationbs inner secrets to the website viadispatches in a weekly new column <http://gawker.com/5900710>. The molebs bitterness toward his employer knew no bounds, as he dished the dirt on Foxbs toilets<http://gawker.com/5900848/the-thin-white-line-that-separates-fox-news-staffers-from-bill-oreilly-on-the-shitter> (a new kind of leak, for sure) and slipped Gawker never-before-seen inane video footage of Mitt Romney and Sean Hannity bantering about horse riding prior to the taping of an interview for the b Hannity Vegas Forumb in February. (What, you thought an inside mole at a news station would leak something actually newsworthy?) The molebs identity wasnbt hidden for long. A day later, Fox News told Mediaite that it had unmasked the leaker and was consulting with lawyers about legal options against the rogue employee. The same day, Fox outed and ousted the mole, who later identified himself in a Gawker post as Joe Muto<http://gawker.com/5901228/hi-roger-its-me-joe-the-fox-mole>, an associate producer for *The ObReilly Factor*. Like the Craigslist killer<http://blog.thephoenix.com/blogs/phlog/archive/2012/04/06/when-police-subpoena-your-facebook-information-heres-what-facebook-sends-cops.aspx> before him, it was the digital trail that gave Joe away. b They knew that someone, using my computer login, had accessed the sources for two videos that ended up on Gawker over the past few weeks,b Muto writes after his unmasking. b They couldnbt prove it entirely, but I was pretty much the only suspect.b In the interest of protecting future moles and whistleblowers, webve assembled a list of Dos and Donbts for leaking safely: - Donbt use your work computer or work phone to communicate with the recipient of your leaks. - Give yourself a code name. It wonbt help protect you, but itbll make you feel cool. - Donbt e-mail documents you want to leak to your private account. Print them out or take a picture of the document displayed on your computer screen with your personal phone. - Donbt give away personal details that are identifying if you want to remain anonymous b like calling yourself the b only liberal working at Fox News.b - Be aware that the document you plan to leak could be seeded with information designed to catch a leaker. One parent company we know (which shall remain nameless) used to send slightly different versions of the same leakworthy document to different departments to hone in on the leaker once they were published. - Documents you find lying around at the printer or fax machine are far easier to leak anonymously than digital ones. - Donbt leak information from inside a media organization owned by Rupert Murdoch, or any other company that employs hackers. They have ways of hearing you talk. - Make sure the document you want to release has been shared widely enough so that the digital trail linking you to it wonbt incriminate you the way that accessing the video busted Gawkerbs leaker. - Handing over documents to a recipient in person is almost always better than e-mailing them. - Better yet, donbt give the recipient a document at all; read it over the phone. Itbs easier to be a source of *information*, rather than a leaker of documents. Computers leave trails b always. - If you must communicate with the recipient electronically, use a throwaway e-mail account, preferably on a computer you donbt own. Donbt use your real name and details to register the account, and use an open Wi-Fi connection at a cafe to send your communication. Realize that some employers are so notoriously anti-leak that they will fire you for not letting them examine your personal e-mail accounts or devices. - Donbt tell anyone b except your priest, rabbi or imam b that youbre the source. Especially donbt confide your crime to a hacker you met online. - Donbt read or talk about the leaked story at work b UNLESS someone sends it to you. - Donbt look paranoid or guilty. No one knows what you did. Or probably no one knows. - Only leak to respected news outlets like, say, Wired. Getting fired for leaking to Gawker? That way lies only ridicule and shame, and perhaps an unpaid internship under the slave control of Nick Denton. *Additional writing by Kim Zetter. Hat tip to Bill Wasik for the idea and @BostonReview for the WorkiLeaks title.* -- David V. Johnson Web Editor Boston Review Website: http://www.bostonreview.net Twitter: http://twitter.com/BostonReview Tumblr: http://bostonreview.tumblr.com Mailing Address: San Francisco Writers' Grotto 490 2nd Street, 2nd Fl. San Francisco, CA 94107 Cell: (917)903-3706 _______________________________________________ liberationtech mailing list liberationtech@lists.stanford.edu Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?" You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE