Hi Len, Maybe one question we should consider is whether a leaks clearinghouse needs to look like a website at all. From the little I've read about OpenLeaks - and if anyone knows better, please correct me - it sounds like they're not planning to publish documents, as WikiLeaks does; rather, they're planning to build some kind of infrastructure for whistleblowers to communicate anonymously with journalists, to negotiate time-limited exclusive access to documents in return for help with preparing and publishing them. If we consider that kind of model rather than robust hosting, I guess the issues would include: * How do whistleblowers and journalists securely obtain the client software? * What kind of architecture does the anonymising network have? Can it be monitored end-to-end? Can it be DoSed? * Who contributes resources to the network? Do they need to be trustworthy, or can it be an open system? * Can attackers fill the system with fake whistleblowers to make it annoying for journalists to use? * Can attackers fill the system with fake journalists to make it annoying/dangerous for whistleblowers to use? * What's the legal status of such a system? Can it enjoy the protections given to journalists if it's seen as "just a tool"? Cheers, Michael _______________________________________________ p2p-hackers mailing list p2p-hackers@lists.zooko.com http://lists.zooko.com/mailman/listinfo/p2p-hackers ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE