Lunduke
News • Science & Tech
How to leak info to The Lunduke Journal (anonymously and securely)
Ready to be a Whistleblower? Here's how.
December 21, 2023

Work at a Big Tech Company (or Foundation) or on a big open source project?  Seeing something happening that the public should know about?  Afraid to step forward for fear of losing your job?

Allow me to walk you through exactly how to leak information -- directly to The Lunduke Journal -- while maintaining your anonymity.

Prepare the material

Let's say you see some of the following:

  • Shady business practices.
  • Political craziness.
  • Poor employee or contributor treatment.
  • Other, various shenanigans that you feel should be publicly known.

If you have files or information about it -- including screenshots, documents, videos, or any other type of file... 

Check to see if your name, email address, or other information which could be used to identify you as the source is included in the file.  If so, it is recommended that you black out that information (such as by using a paint program) prior to sending it to The Lunduke Journal.

The Lunduke Journal will work extremely hard to keep your identity confidential -- Metadata of files will be scrubbed, and file names will be changed prior to publication.

Use an anonymous or private email account

This is, perhaps, the most important rule to follow:

  • Do not use your work email account when contacting The Lunduke Journal.

The Lunduke Journal has a firm policy of not revealing any personal information of sources (including email addresses).  If you feel comfortable using a personal email account, you may do so.

However, if you want to take that extra level of protection, an anonymous email account is recommended.

  • Get a free, anonymous email account from Proton Mail (or another anonymous email service that you trust).
  • Use that email account to contact "bryan at lunduke.com".

How much personal information you use in our communication is entirely up to you (your name, your job title, etc.).

How to send files

If you have files you need to send -- screenshots, email backups, documents, videos, etc. -- there are multiple options depending on your needs.

If your files are relatively small (only a few MB), you can simply include them as an email attachment to "bryan at lunduke.com".

However, if the files you need to send are much larger, you'll want to use an anonymous file sharing tool.

I recommend https://send.vis.ee/.  It is an open source tool which allows you to anonymously upload (no account needed) any file up to 2.5 GB in size, with passwords and private links which expire.  Very, very handy when sending this type of whistleblower data.

  1. Go to https://send.vis.ee/
  2. Select the file you wish to upload.
  3. Set the terms for when the download link expires (and the files are deleted) -- I recommend setting it to "Expires after 1 download or 3 days".  This gives me enough time to grab the file, but makes sure it doesn't linger around.
  4. Set a password for the file.  Extra security is always good.
  5. Then email "bryan at lunduke.com" with the download link that Send.vis.ee provides you, along with the password you chose.

Using this method of contacting The Lunduke Journal -- and sending files -- ensures that your identity remains anonymous (unless you wish for the public to know who you are).

That said, there are other options as well.  Some choose to place files into a personal file sharing service and provide a link.  Use whatever you are most comfortable with.  If you have questions, feel free to ask.

What happens then?

All information is looked at, researched, and carefully verified (as necessary).  At this point I may have additional questions for you -- so watch your email inbox.

Not all leaked data is used -- or used immediately.  But everything is evaluated.

Questions?  Email "bryan at lunduke.com".

community logo
Join the Lunduke Community
To read more articles like this, sign up and join my community today
11
What else you may like…
Videos
Podcasts
Posts
Articles
Mozilla Caves to Criticism, Unblocks Firefox Extensions in Russia

Two days after blocking anti-Censorship, pro-Privacy Firefox Extensions in Russia, Mozilla has reversed course.

The full article:
https://lunduke.locals.com/post/5738970/mozilla-firefox-blocks-anti-censorship-and-pro-privacy-extensions-in-russia

00:06:28
Open Source A.I. Definition to include Closed, Secret Data

The Open Source Initiative -- backed by Microsoft, Amazon, Meta -- is pushing for a "Closed" definition of "Open Source Artificial Intelligence."

00:21:42
Mozilla's War on the Open Internet

The Mega Corp behind Firefox takes another step to stomp out free speech and an "Open Web".

Mozilla Firefox blocks anti-Censorship and pro-Privacy extensions in Russia:
https://lunduke.locals.com/post/5738970/mozilla-firefox-blocks-anti-censorship-and-pro-privacy-extensions-in-russia

00:16:44
November 22, 2023
The futility of Ad-Blockers

Ads are filling the entirety of the Web -- websites, podcasts, YouTube videos, etc. -- at an increasing rate. Prices for those ad placements are plummeting. Consumers are desperate to use ad-blockers to make the web palatable. Google (and others) are desperate to break and block ad-blockers. All of which results in... more ads and lower pay for creators.

It's a fascinatingly annoying cycle. And there's only one viable way out of it.

Looking for the Podcast RSS feed or other links? Check here:
https://lunduke.locals.com/post/4619051/lunduke-journal-link-central-tm

Give the gift of The Lunduke Journal:
https://lunduke.locals.com/post/4898317/give-the-gift-of-the-lunduke-journal

The futility of Ad-Blockers
November 21, 2023
openSUSE says "No Lunduke allowed!"

Those in power with openSUSE make it clear they will not allow me anywhere near anything related to the openSUSE project. Ever. For any reason.

Well, that settles that, then! Guess I won't be contributing to openSUSE! 🤣

Looking for the Podcast RSS feed or other links?
https://lunduke.locals.com/post/4619051/lunduke-journal-link-central-tm

Give the gift of The Lunduke Journal:
https://lunduke.locals.com/post/4898317/give-the-gift-of-the-lunduke-journal

openSUSE says "No Lunduke allowed!"
September 13, 2023
"Andreas Kling creator of Serenity OS & Ladybird Web Browser" - Lunduke’s Big Tech Show - September 13th, 2023 - Ep 044

This episode is free for all to enjoy and share.

Be sure to subscribe here at Lunduke.Locals.com to get all shows & articles (including interviews with other amazing nerds).

"Andreas Kling creator of Serenity OS & Ladybird Web Browser" - Lunduke’s Big Tech Show - September 13th, 2023 - Ep 044
Off to a fantastic start!

A huge high-five is in order for everyone who pitched in and grabbed a subscription (or otherwise donated) today!

I do believe we've put enough funds in the "This is For The Linux Distro" account to cover all of the obvious expenses (servers, hardware, domains, etc.) for at least the next half year or so. Most outstanding!

I'll be honest... I wasn't expecting this level of response!

I'll leave the sale running until midnight tonight if anyone else wants to jump in, but this is truly amazing. All of you rule.

Next up: Getting servers, domain, source repository, and forum set up.

8 hours ago

#Commodore #Wikipedia

Here's a demo of an in-development Wikipedia-specific online browser running on C64 OS, which is a commercial OS now available for Commodore 64s. Data speeds are hobbled a bit by a 2400 baud modem, but seems very functional with neat features like multiple-language support and flexible screen usage under user control. This offers a much richer experience compared to Minitel or early online services like GEnie back in the day.

6 hours ago

Several countries have seen the addictive nature of social media and are taking action.

https://www.theepochtimes.com/world/dutton-and-albanese-support-stricter-social-media-age-limits-to-protect-teens-5667966

Archive:
https://archive.ph/RHXrz

post photo preview
Last week at The Lunduke Journal (June 9 - June 15, 2024)
Firefox! Russia! WWDC! Open Source A.I.!

My-oh-my.  Another wild week at The Lunduke Journal!  It all kicked off with a live video commentary of Apple's WWDC keynote (which was banned by YouTube, but still available at the links below), then quickly moves to Mozilla and Open Source AI.

The Videos

The Articles

Previous Few Weeks

Reminder: Check out The Lunduke Journal Link Central page for all the handy URLS.  Podcast RSS feeds, contact info, direct links to some of the big shows and articles and a bunch of other goodies.  And be sure to subscribe to The Lunduke Journal to help support the work... and make sure you don't miss out on anything.

Read full Article
post photo preview
The CIA, NSA, and Pokémon Go

Back in July of 2016, I wrote a short article for Network World entitled “The CIA, NSA, and Pokémon Go."

While the title was certainly viewed as a bit “over the top” and “conspiracy theorist-y”, it was really just a collection of (in my opinion, rather bizarre) facts that – even without any sinister connection – were worth documenting. I am republishing it here, with some additional (increasingly odd) details added at the end (including radio and TV appearances related to this article).

Some of the details relating to the exact permissions and capabilities of the Pokémon application have changed over the last few years… but everything else remains correct, factual, and up to date.

 


 

The CIA, NSA, and Pokémon Go

With Pokémon Go currently enjoying, what I would call, a wee-bit-o-success, now seems like a good time to talk about a few things people may not know about the world's favorite new smartphone game.

This is not an opinion piece. I am not going to tell you Pokémon Go is bad or that it invades your privacy. I’m merely presenting verifiable facts about the biggest, most talked about game out there.

Let’s start with a little history

Way back in 2001, Keyhole, Inc. was founded by John Hanke (who previously worked in a “foreign affairs” position within the U.S. government). The company was named after the old “eye-in-the-sky” military satellites. One of the key, early backers of Keyhole was a firm called In-Q-Tel.

In-Q-Tel is the venture capital firm of the CIA. Yes, the Central Intelligence Agency. Much of the funding purportedly came from the National Geospatial-Intelligence Agency (NGA). The NGA handles combat support for the U.S. Department of Defense and provides intelligence to the NSA and CIA, among others.

Keyhole’s noteworthy public product was “Earth.” Renamed to “Google Earth” after Google acquired Keyhole in 2004.

In 2010, Niantic Labs was founded (inside Google) by Keyhole’s founder, John Hanke.

Over the next few years, Niantic created two location-based apps/games. The first was Field Trip, a smartphone application where users walk around and find things. The second was Ingress, a sci-fi-themed game where players walk around and between locations in the real world.

In 2015, Niantic was spun off from Google and became its own company. Then Pokémon Go was developed and launched by Niantic. It’s a game where you walk around in the real world (between locations suggested by the service) while holding your smartphone.

Data the game can access

Let’s move on to what information Pokémon Go has access to, bearing the history of the company in mind as we do.

When you install Pokémon Go on an Android phone, you grant it the following access (not including the ability to make in-app purchases):

Identity

  • Find accounts on the device

Contacts

  • Find accounts on the device

Location

  • Precise location (GPS and network-based)

  • Approximate location (network-based)

Photos/Media/Files

  • Modify or delete the contents of your USB storage

  • Read the contents of your USB storage

Storage

  • Modify or delete the contents of your USB storage

  • Read the contents of your USB storage

Camera

  • Take pictures and videos

Other

  • Receive data from the internet

  • Control vibration

  • Pair with Bluetooth devices

  • Access Bluetooth settings

  • Full network access

  • Use accounts on the device

  • View network connections

  • Prevent the device from sleeping

Based on the access to your device (and your information), coupled with the design of Pokémon Go, the game should have no problem discerning and storing the following information (just for a start):

  • Where you are

  • Where you were

  • What route you took between those locations

  • When you were at each location

  • How long it took you to get between them

  • What you are looking at right now

  • What you were looking at in the past

  • What you look like

  • What files you have on your device and the entire contents of those files

I’m not going to tell people what they should think of all this.

I’m merely presenting the information. I recommend looking over the list of what data the game has access to, then going back to the beginning of this article and re-reading the history of the company.

Update: April 14th, 2020

In March of 2017, a little less than a year after this article was originally published, WikiLeaks released what they called “Vault 7." A series of documents that was purported to be a large leak of CIA related documents focused heavily on hacking and electronic surveillance.

Among those documents was a list of code names, descriptions, and various details around Android specific exploits.

Of the code names listed… almost a third of them were Pokémon names. Between that and the CIA investment (via In-Q-Tel) in Niantic (the company behind Pokémon Go)… I mean, that's just a heck of a lot more Pokémon than one would expect from the CIA.

One other little tidbit:

The original CEO of In-Q-Tel was a man named Gilman Louie. Louie received multiple awards for his work with In-Q-Tel - including CIA Agency Seal Medallions, Director's Award by the Director of the Central Intelligence Agency, and Director of National Intelligence Medallion – which included investing in Keyhole.

Louie now sits on the board of directors of Niantic.

In 2019 alone, Pokémon Go earned $1.4 Billion (USD). As of February 2019, the game had been downloaded over One Billion times.

Update: June 15th, 2024

After this article was originally published, back in 2016, I made a few radio guest appearances to talk about it -- my favorites being for Coast to Coast AM and Fade to Black.  Both of which remain available online.

This was followed by an episode of a TV show, for The History Channel, called "Breaking Mysterious".  That show only received a limited run in the USA, but it remains available via streaming in many other countries in case you want to look it up.

Here's a few snapshots from that episode (Season 1, Episode 1 - "The Watchers") just for good measure.

The show was originally titled "The Unexplained".  But the name was changed to "Breaking Mysterious"... and, later, "The Unexplained" title was used for an entirely different show, hosted by William Shatner.

 

Yup.  The video editors for the History Channel spelled my name wrong.  (It's with a Y!  A Y, I say!)

 

Sitting in a park.  Dropping truth bombs about surveillance on the show host, Jimmy Church.

 

Giving the show's host "The Look".
Read full Article
post photo preview
Funny Programming Pictures Part XLIV
Father's Day Weekend Edition

I hit Ctrl-C 187,000 times while creating this article.

 

... or simply don't know what we did, but it works.  It's "the algorithm".

 

Remember when Windows Vista was the "Best Advertisement for Linux"?  Good times.

 

We're all doomed.

 

This is the correct answer for every topic for an experienced dev: I hate everything, for different reasons.

 

Correct.

 

This is a tough conversation for any dad to have.

 

The other 1% is giving up and just using a Center tag inside of a Table.

 

The more times you hit Ctrl-C, the better it copies.

 

GLAAARRGGHHH!

 

"Backend Developer"

 

WE ARE LINUX. YOU WILL BE ASSIMILATED. YOUR LINE BREAK TYPE WILL BE LF. RESISTANCE IS FUTILE.

 

Don't look behind you.  Copilot is catching up.
Read full Article
See More
Available on mobile and TV devices
google store google store app store app store
google store google store app tv store app tv store amazon store amazon store roku store roku store
Powered by Locals