Monday, April 16, 2012

WorkiLeaks: How to Be a Workplace Leaker Without Getting Caught


In the interest of protecting future moles and whistleblowers, we’ve assembled a list of Dos and Don’ts for leaking safely:

Don’t use your work computer or work phone to communicate with the recipient of your leaks.
Give yourself a code name. It won’t help protect you, but it’ll make you feel cool.
Don’t e-mail documents you want to leak to your private account. Print them out or take a picture of the document displayed on your computer screen with your personal phone.
Don’t give away personal details that are identifying if you want to remain anonymous — like calling yourself the “only liberal working at Fox News.”
Be aware that the document you plan to leak could be seeded with information designed to catch a leaker. One parent company we know (which shall remain nameless) used to send slightly different versions of the same leakworthy document to different departments to hone in on the leaker once they were published.
Documents you find lying around at the printer or fax machine are far easier to leak anonymously than digital ones.
Don’t leak information from inside a media organization owned by Rupert Murdoch, or any other company that employs hackers. They have ways of hearing you talk.
Make sure the document you want to release has been shared widely enough so that the digital trail linking you to it won’t incriminate you the way that accessing the video busted Gawker’s leaker.
Handing over documents to a recipient in person is almost always better than e-mailing them.
Better yet, don’t give the recipient a document at all; read it over the phone. It’s easier to be a source of information, rather than a leaker of documents. Computers leave trails — always.
If you must communicate with the recipient electronically, use a throwaway e-mail account, preferably on a computer you don’t own. Don’t use your real name and details to register the account, and use an open Wi-Fi connection at a cafe to send your communication. Realize that some employers are so notoriously anti-leak that they will fire you for not letting them examine your personal e-mail accounts or devices.
Don’t tell anyone — except your priest, rabbi or imam — that you’re the source. Especially don’t confide your crime to a hacker you met online.
Don’t read or talk about the leaked story at work — UNLESS someone sends it to you.
Don’t look paranoid or guilty. No one knows what you did. Or probably no one knows.
Only leak to respected news outlets like, say, Wired. Getting fired for leaking to Gawker? That way lies only ridicule and shame, and perhaps an unpaid internship under the slave control of Nick Denton.

Posted via email from Jack's posterous

No comments: