Work at a Big Tech Company (or Foundation) or on a big open source project? Seeing something happening that the public should know about? Afraid to step forward for fear of losing your job?
Allow me to walk you through exactly how to leak information -- directly to The Lunduke Journal -- while maintaining your anonymity.
Prepare the material
Let's say you see some of the following:
- Shady business practices.
- Political craziness.
- Poor employee or contributor treatment.
- Other, various shenanigans that you feel should be publicly known.
If you have files or information about it -- including screenshots, documents, videos, or any other type of file...
Check to see if your name, email address, or other information which could be used to identify you as the source is included in the file. If so, it is recommended that you black out that information (such as by using a paint program) prior to sending it to The Lunduke Journal.
The Lunduke Journal will work extremely hard to keep your identity confidential -- Metadata of files will be scrubbed, and file names will be changed prior to publication.
Use an anonymous or private email account
This is, perhaps, the most important rule to follow:
- Do not use your work email account when contacting The Lunduke Journal.
The Lunduke Journal has a firm policy of not revealing any personal information of sources (including email addresses). If you feel comfortable using a personal email account, you may do so.
However, if you want to take that extra level of protection, an anonymous email account is recommended.
- Get a free, anonymous email account from Proton Mail (or another anonymous email service that you trust).
- Use that email account to contact "bryan at lunduke.com".
How much personal information you use in our communication is entirely up to you (your name, your job title, etc.).
How to send files
If you have files you need to send -- screenshots, email backups, documents, videos, etc. -- there are multiple options depending on your needs.
If your files are relatively small (only a few MB), you can simply include them as an email attachment to "bryan at lunduke.com".
However, if the files you need to send are much larger, you'll want to use an anonymous file sharing tool.
I recommend https://send.vis.ee/. It is an open source tool which allows you to anonymously upload (no account needed) any file up to 2.5 GB in size, with passwords and private links which expire. Very, very handy when sending this type of whistleblower data.
- Go to https://send.vis.ee/
- Select the file you wish to upload.
- Set the terms for when the download link expires (and the files are deleted) -- I recommend setting it to "Expires after 1 download or 3 days". This gives me enough time to grab the file, but makes sure it doesn't linger around.
- Set a password for the file. Extra security is always good.
- Then email "bryan at lunduke.com" with the download link that Send.vis.ee provides you, along with the password you chose.
Using this method of contacting The Lunduke Journal -- and sending files -- ensures that your identity remains anonymous (unless you wish for the public to know who you are).
That said, there are other options as well. Some choose to place files into a personal file sharing service and provide a link. Use whatever you are most comfortable with. If you have questions, feel free to ask.
What happens then?
All information is looked at, researched, and carefully verified (as necessary). At this point I may have additional questions for you -- so watch your email inbox.
Not all leaked data is used -- or used immediately. But everything is evaluated.
Questions? Email "bryan at lunduke.com".
