The Wall Street Journal’s much ballyhooed attempt to launch a rival to WikiLeaks is already coming under attack.
The Journal claims that its SafeHouse site is located on secure servers, and it promises potential whistleblowers anonymity and the use of file encryption. However, internet security and privacy experts have already concluded that the site is anything but secure.
“Don’t leak to the Wall Street Journal’s new Wikileaks knockoff,” Gawker’s Adrien Chen warned on Thursday, the same day the new site was rolled out. “SafeHouse is the opposite of safe, thanks to basic security flaws and fine print that lets the Journal rat on leakers.”
The Guardian also obtained comments from a number of internet security researchers, who described SafeHouse as a “total anonymity failure” that needs “basic improvements” and was “the wrong project to beta-test on an open internet.”
“Given the kind of data that the Journal will hope to get from this,” security analyst Rik Ferguson told the paper, “if I [was a whistleblower] there would absolutely be enough for me not to choose that site to upload to.” He explained that the method used to redirect whistleblowers from the unencrypted version of the site “leaves any potential whistleblower open to the chance of getting their traffic – and any documents they’re uploading – intercepted by someone on the same network.”