Security & Privacy on Whistleblowing Softwarehttps://whistleblowing-software.pages.dev/categories/security--privacy/Recent content in Security & Privacy on Whistleblowing SoftwareHugoen-usThu, 12 Mar 2026 00:00:00 +0000Anonymity vs Confidentiality: a Whistleblowing Threat Modelhttps://whistleblowing-software.pages.dev/posts/anonymity-vs-confidentiality-whistleblowing-threat-model/Thu, 12 Mar 2026 00:00:00 +0000https://whistleblowing-software.pages.dev/posts/anonymity-vs-confidentiality-whistleblowing-threat-model/<p>Anonymity and confidentiality are two different security properties, and a whistleblowing platform that uses them as synonyms is selling a promise it cannot keep. Anonymity means the reporter&rsquo;s identity stays unobservable to the platform, to intermediaries, and to recipients, which operationally requires a <a href="https://www.torproject.org/">Tor</a> onion service v3, the Tor Browser on the reporter&rsquo;s side, and reporter-side discipline against forensic traces. Confidentiality means the reporter accesses the platform over a regular browser; the ISP, the employer network, or a CDN can log the connection, while the platform encrypts the content, restricts recipient access, and keeps logs honest. Both are valid, and the right default depends on context: corporate compliance programmes usually default to confidential with anonymous opt-in via Tor, whereas human-rights initiatives and investigative newsrooms default to anonymous.</p>Encrypting Whistleblower Reports: Receipts, SealedBox, SecretBoxhttps://whistleblowing-software.pages.dev/posts/encrypting-whistleblower-reports-receipts-sealedbox-secretbox/Sun, 20 Jul 2025 00:00:00 +0000https://whistleblowing-software.pages.dev/posts/encrypting-whistleblower-reports-receipts-sealedbox-secretbox/<p>A whistleblower report needs a complete encryption protocol, not a checkbox that says &ldquo;AES-256&rdquo;. A reference design that has converged across mature open-source whistleblowing platforms pairs three primitives in a way every serious system should recognise: a 16-digit random receipt code (stored on the server only as a SHA-256 hash, shaped like a phone number so the reporter can hide it among contacts), libsodium <a href="https://pynacl.readthedocs.io/en/latest/public/#nacl.public.SealedBox">SealedBox</a> (Curve25519 + XSalsa20 + Poly1305) to wrap a per-submission data key to each authorised recipient&rsquo;s public key, and libsodium <a href="https://pynacl.readthedocs.io/en/latest/secret/#nacl.secret.SecretBox">SecretBox</a> (XSalsa20 + Poly1305) to encrypt the submission body and attachments under that data key. Each recipient&rsquo;s Curve25519 private key sits on the server encrypted under a symmetric key derived from the recipient&rsquo;s password via Argon2ID tuned to 128 MB of memory and roughly one second of computation per login. As of April 2026, this is the protocol that production deployments serving anti-corruption activists, corporate compliance teams, and investigative newsrooms actually run.</p>