Strongbox: Aaron Swartz's last gift to internet privacy

Strongbox: Aaron Swartz's last gift to internet privacy

Summary: Aaron Swartz is no longer with us, but his last major project, Strongbox, is bringing privacy to internet users.


Tragically, Aaron Swartz, hounded by an apparently over-zealous prosecutor, committed suicide in early 2013. His just-unveiled major open-source privacy project, DeadDrop, lives on in a citizen and press protection program, The New Yorker's Strongbox.

Aaron Swartz

Strongbox is the first use of DeadDrop technology. The New Yorker magazine will use it so that its readers can "communicate with our writers and editors with greater anonymity and security than afforded by conventional email". With the Department of Justice's questionable seizure of over two months of Associated Press phone records, the First Amendment's free speech right and its corollary, freedom of the press, is under attack. DeadDrop couldn't have been released at a better time.


DeadDrop is a server application intended to let news organizations and others set up an online drop box for sources. It's open-source software written by Aaron Swartz in consultation with a volunteer team of security experts. In addition to Aaron's code, the project includes installation scripts and set-up instructions both for the software, and for a hardened Ubuntu environment on which to run it.

DeadDrop was created with the goal of placing a secure drop box within reach of anyone with the need. But at this point, expertise is still required to safely deploy this software. And the software itself needs more work.

DeadDrop is free software: You can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the license, or (at your option) any later version.

The code is a Python application that accepts messages and documents from the web and GPG encrypts them for secure storage. Essentially, it's a more secure alternative to the "contact us" form found on a typical news site.

In operation, every source is given a unique "code name". The code name lets the source establish a relationship with the news organization without revealing her real identity or resorting to email. She can enter the code name on a future visit to read any messages sent back from the journalist — "Thanks for the Roswell photos! Got any more??" — or submit additional documents or messages under the same persistent, but anonymous, identifier.

The source is known by a different code name on the journalist's side. All of that source's submissions are grouped together into a "collection". Every time there's a new submission by that source, their collection is bumped to the top of the submission queue.

DeadDrop was designed to use three physical servers: A public-facing server, a second server for storage of messages and documents, and a third that does security monitoring of the first two. The New Yorker's public-facing server also has a USB dongle called an Entropy Key, plugged attached to generate a pool of random numbers for the crypto.

To use it, users need to first download and install software to access the Tor network. This is a combination of free software and internet-connected computers that help enable anonymity on the internet. Once you're on Tor, you'll need to go to the Strongbox website.

Once there, you will be assigned a randomly generated and unique code name, and you'll be able to post information to The New Yorker. If a writer or editor then wants to contact you about the information you have submitted, he or she will leave a message for you in Strongbox. These messages are the only way they will be able to reach you, and can only be accessed using your code name.

When you visit or use their public Strongbox server, The New Yorker and its parent company, Condé Nast, promise that it will not record your IP address or information about your browser, computer, or operating system, nor will they embed third-party content or deliver cookies to your browser.

The Strongbox servers themselves are under the physical control of The New Yorker and Condé Nast in a physically and logically segregated area at a secure datacenter, but they otherwise have no elements in common with Condé Nast, The New Yorker's publisher. As Amy Davidson, a New Yorker senior editor wrote, "Over the years, it has also become easier to trace [email] senders, even when they don’t want to be found. Strongbox addresses that. As it's set up, even we won't be able to figure out where files sent to us come from. If anyone asks us, we won’t be able to tell them."

Aaron would have been proud.

Related stories

Topics: Privacy, Linux, Networking, Open Source, Ubuntu

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Strongbox: Aaron Swartz's last gift to Internet privacy

    Once there, you will be assigned a randomly generated and unique code name .....Who will get Loverock Davidson? or Owllllnet? or Willie Farret? or Ye? or Toddbottom3?
    Over and Out
  • an illusion

    Anonymity on Internet is an illusion. Everything and everyone can be tracked. Ordinary people just don't know how.
  • Bound to annoy some people

    The purpose appears to make it easier to leak stories to the press without getting caught. In practice, I imagine that it will be used to facilitate outright espionage as well (the FBI will hate it; the CIA will have mixed feelings).
    John L. Ries
  • Aaron Swartz - was used by those he trusted

    Once the crime was committed, Swartz was open game. Those that put him up to the crime used him and threw him away.
    • his only

      crime was to give you access to scientific articles appropriated by jstor?
      • If any of those articles had to be paid for to access

        then yes, he committed a crime. As I understood it there were thousands of paid articles stolen. Why should information like that be free? It certainly wasn't free to create.
        Sam Wagner
        • Knowledge should be free...

          Guess what Sam Wagner...they were free to create.
          Have you ever heard of a research paper being published and the author getting paid for it?

          On the other hand, the publisher might even charge the author to buy an annual subscription for publishing their research paper...

          & further who pays for this research?
          The people!

          We pay taxes to the Universities, so that the researchers can do their jobs and publish papers (for which they do not get paid btw) and then these papers are again hidden from us by the publishers.
          Divya Tanjore
          • Nice try, but knowlege isn't free

            someone had to work to develop the knowledge in those papers. According to you, they should not be rewarded for their hard work.

            Nice try to justify theft, but it's still theft.
          • Actually

            The author of the paper is not compensated. It's the publisher that gets paid. In fact, the author has to pay in order to get the paper published.
          • In some worlds -

            but most research isn't done at Universities. most is done by private enterprise. That's the knowledge that is heavily protected.

            Also, Universities license discoveries to bring in more money to benefit students. Without licensing, and the cash it generates, many students wouldn't get an education.

            Still, your logic misses basic points that someone gets compensated for discoveries and knowledge they developed.

            The fact that Aaron Swartz violated the agreements he had with the University put him in harms way. If you had your way, there would be total anarchy and research would come to a halt.

            Nice try, but knowledge still isn't free.
        • just the facts

          Just to keep the record straight without getting involved in the "right or wrong" argument you should know the following:

          JSTOR did not have paid articles. The only thing required was a login.

          The articles were returned to JSTOR at which time the university was willing to drop the matter. It was the prosecutor who decided to proceed with prosecution with or without the cooperation of the university.

          The university later made all of those articles available to the public.
          • Missing one fact

            It was the Universities choice to make the docs public, not Swartz's choice. He exercised his choice without authorization.

            It's still theft.
  • A mind is a terrible thing to waste

    @patterson120 Should have stayed awake more in school and you wouldn't off as a functionally illiterate con-man.
  • Simple question regarding a very similar article

    I read this today:
    "When you visit or use their public Strongbox server, Microsoft promises that it will not record your I.P. address or information about your browser, computer, or operating system, nor will they embed third-party content or deliver cookies to your browser.

    The Strongbox servers themselves are under the physical control of Microsoft in a physically and logically segregated area at a secure data center, but they otherwise have no elements in common with Microsoft."

    Would you use that service and trust that you couldn't be traced?
    • Obviously...

      ...that would depend on the amount of trust one has in MS, remembering that Fortune 500 companies can afford to pay their lawyers much more than can the average citizen.
      John L. Ries
      • So it is based on trust?

        If we have to trust that Conde Nast is telling us the truth, what's the point of all this fanciness? Why not just trust Conde Nast when they tell us:
        "Email us and we promise we won't record your I.P. address or information from the email header".

        Interesting how no one, NO ONE, caught the "trust us" bit until I framed it as a "trust Microsoft" question. Interesting. Telling. Very telling.
        • Yes, but trust can be verified.

          Detailing the security operations of a server you advise people to use in the secure fashion its described by, only to be found out at a later date that the security descriptions were largely lies, or that other critical information was left out in the description that surely lead people to be mislead, this would be a very stupid thing to do it you have any value in your reputation.

          Cases do arise, and suddenly if something went sideways in the process, people would obviously ask questions as to how vital information that wasn't supposed to be known about someone posting secretive information on such a server was found out if the serves security description precluded that.

          There truly becomes a question of "why bother" if all a company is going to do is "pretend" and lie about the security of a certain process when the moment the service is used in some significant and important way the whole thing could blow up in their face? It seems now a days most large companies, like Microsoft, have little to gain and a lot reputation wise to lose in regards to honesty and security if they are just fudging the facts on something like this. As we know, its practically impossible for anyone to keep important secrets forever in many cases, and its particularly difficult if a situation arises where it becomes suspected a secrets being hidden, as for example; this type of server being more of a mouse trap then a truly secure system for whistle blowers.

          Trust can often be verified. Even if it could end up being after the fact, any company with a significantly large public profile they would like to preserve is seldom purposely set up a situation where they may gain some advantage by misleading the public if the first time they try and use that advantage they will come under scrutiny for the very misleading practice the sought to gain advantage by.
  • NOT by "stealing" anything

    Why is the fact he had perfectly legal access being ignored? He was NOT arrested for any theft or copyright related charge, he broke a TOS agreement by using automation and transfering data too fast, NOT by "stealing" anything
    Robert Pearo
    • Except he didn't have authority to do what he did

      Apparently, he did not have access nor authority to copy and release all of the documents in question. He did not have authorization.

      It still begs the question, who put him up to it and why did they abandon him? That question seems to be getting lost here.

      Aaron did whatever he did that was illegal. The prosecutor prosecuted within the legal limits. Someone else got off without penalty. Who and why?
      • anyoen could log in as any name they felt like its been that way for ages

        MIT had no security, so his "alias" login (gary host) does not even matter - anyoen could log in as any name they felt like, it has been that way for ages and a gen He was NOT arrested for any theft or copyright related charge, he broke a TOS agreement by using automation and transfering data too fast to his self NOT by "stealing" anything
        Robert Pearo