Freedom of the Press Foundation takes over Aaron Swartz's whistleblower project

Freedom of the Press Foundation takes over Aaron Swartz's whistleblower project
Whistleblowers, rejoice! The Freedom of the Press Foundation is taking the helm of a secure document-submission service co-created by late computer prodigy Aaron Swartz, and wants to make it more accessible than ever.

The foundation — launched less than a year ago “to crowd-source funding for cutting-edge, independent journalism and publishing outlets” lacking mainstream support — announced early Tuesday that it has taken charge of the DeadDrop project, an endeavor announced earlier this year after the death of Swartz, a transparency advocate who co-created the system with Wired journalist Kevin Poulsen.

DeadDrop was unveiled this past May and touted at the time as being a secure-way of submitting sensitive documents to a single publication: The New Yorker. But only five months after its debut, the Freedom of the Press Foundation said it has now inherited the project from Poulsen and will try to bring it to more media outlets needed to communicate securely with sources.

In a blog post authored by the foundation's Trevor Timm and Rainey Reitman on Tuesday, they wrote that the project has been re-named SecureDrop, and within a matter of weeks it will be available to a number of journalistic outlets who've already expressed interest in getting involved.

The foundation has published the open-source instructions for SecureDrop on its website and claims “Any organization can install SecureDrop for free and can make modifications” now - not just the New Yorker.

When operating accordingly, the SecureDrop system works when an anonymous source accesses a website anonymously and provides documents to the news outlet that are encrypted and only available to select employees. Journalists and sources communicate using code words, and documents are deciphered using an air-gap computer that is never connected to the Internet.

Aaron Swartz (Photo by Phillip Stearns / flickr.com)

That isn't to say it's easy to someone without a deep computer and security knowledge to get the system and up and running, however, and that's what the foundation is offering to find help for organizations who want to use SecureDrop but might need assistance.

“Freedom of the Press Foundation will also help organizations install SecureDrop and train its journalists in security best practices to ensure the best protection for sources,” the group announced on their website.

A group of independent experts, including Jacob Appelbaum of the Tor Project and security guru Bruce Schneier, audited SecureDrop in August and have since released their findings. Their initial report revealed a number of flaws that caused concern, though, and the foundation has reportedly since begun correcting those errors.

Even before revamping the system to fix those issues, though, the security experts said the system was still “technically decent” for allowing anonymous communication between sources and journalists. Since then, the foundation says it “has made a number of updates to SecureDrop based on these findings and will be making a significant investment in continually improving the system.”

“We’ve reached a time in America when the only way the press can assure the anonymity and safety of their sources is not to know who they are,” foundation co-founder John Perry Barlow said in a statement released this week. “SecureDrop is where real news can be slipped quietly under the door.”

Timm, the group's executive director, added in a statement that “A truly free press hinges on the ability of investigative journalists to build trust with their sources.”

When the foundation was unveiled last year, it initially began processing donations and contributions to whistleblower-related groups including WikiLeaks and the Center for Public Inquiry. When the military court-martial of WikiLeaks source Chelsea Manning was conducted in de-facto secrecy, the foundation raised over $100,000 to hire stenographers so that the press could have transcriptions of proceedings that otherwise would not necessarily be made public.