{width="407" height="49"}

In a previous post I wrote about how not to build a leak site. Now, Al Jazeera has made one, and it looks pretty good. Perhaps this is the first "big media" drop box.

It has https for secure transfers and a GPG public key for an extra layer of encryption. Also, it recommends using Tor to hide your destination. Update: A friend told me on IRC that the GPG key is only 2014 bits. 2048 bits is recommended. (I personally use 4096 for extra security/paranoia).

A good way of detecting a possible man-in-the-middle-attack is to always check the certificate. Also, to make a physical copy of the md5 and sha1 hashsums for continous verification (in Firefox it is under tools -> page info. See image below:

Moreover, Al Jazeera stores no log files, which is the proper way to go.

I am excited to see these technologies spread to lots of other media stations. And for them to be constantly reviewed to increase security.

Meanwhile, on an other corner of the internet, the Streisand Me project was launched this week. It is a mirror site for mirroring content that was blocked for some reasons. By adding fuel to the internet copy-machine, streisand.me utilizes the power of distributed networks to make sure nothing can be blocked... at least not easily.

Skriven av admin den 23 januari 2011