https://whistleblowing-software.pages.dev/tags/tor/Recent content in Tor on Whistleblowing SoftwareHugoen-usThu, 12 Mar 2026 00:00:00 +0000https://whistleblowing-software.pages.dev/posts/anonymity-vs-confidentiality-whistleblowing-threat-model/Thu, 12 Mar 2026 00:00:00 +0000https://whistleblowing-software.pages.dev/posts/anonymity-vs-confidentiality-whistleblowing-threat-model/<p>Anonymity and confidentiality are two different security properties, and a whistleblowing platform that uses them as synonyms is selling a promise it cannot keep. Anonymity means the reporter&rsquo;s identity stays unobservable to the platform, to intermediaries, and to recipients, which operationally requires a <a href="https://www.torproject.org/">Tor</a> onion service v3, the Tor Browser on the reporter&rsquo;s side, and reporter-side discipline against forensic traces. Confidentiality means the reporter accesses the platform over a regular browser; the ISP, the employer network, or a CDN can log the connection, while the platform encrypts the content, restricts recipient access, and keeps logs honest. Both are valid, and the right default depends on context: corporate compliance programmes usually default to confidential with anonymous opt-in via Tor, whereas human-rights initiatives and investigative newsrooms default to anonymous.</p>