ANONYMOUS
GamLeaks provides a secure and anonymous reporting mechanism designed to combat corruption by providing individuals with a safe and convenient channel to report corruption-related incidents.
By leveraging technology and emphasizing confidentiality, the platform aims to empower whistleblowers, increase transparency, and foster accountability in both public and private sectors.
Gam Leaks ensures the protection of whistleblowers’ identities, allowing the report of corruption without fear of reprisal or victimization.
SECURE
The platform offers a user-friendly interface that simplifies the reporting process. With intuitive navigation and clear instructions, users can easily submit information about corruption incidents, including evidence such as documents, images, or videos.
It prioritizes the security and integrity of reported data. Robust data management systems are employed to safeguard information, prevent unauthorized access, and comply with relevant data protection regulations.
Robust encryption protocols and stringent data protection measures are implemented to maintain confidentiality.
legAl support
The platform provides resources and guidance to whistleblowers, ensuring they understand their rights, legal protections, and available support mechanisms. We offer advice on maintaining anonymity and protecting themselves throughout the reporting process.
Gamleaks empowers individuals to take an active role in the fight against corruption. By providing a secure and anonymous medium to denounce corruption in both public and private sectors.
Giving each a tool in the in a combine effort to fight Corruption.
What is Corruption
Corruption is the abuse of entrusted power for private gains.
- Public servants demanding or taking money or favours in exchange for services,
- Politicians misusing public money or granting public jobs or contracts to sponsors, friends and families,
- Corporations bribing officials to get lucrative deals
APPLICATION SECURITY
The Gamleaks Leaks software tries to conform with industry standard best and practices and its security is a result of applied research.
DATA ENCRYPTION
Submissions data, file attachment, messages and metadata exchanged between whistleblowers and recipients is encrypted using the GamLeaks Encryption Protocol.
Following is the set of main libraries and their main usage:
- P ython-NaCL: is used for implementing data encryption
- PyOpenSSL: is used for implementing HTTPS
- Python-Cryptography: is used for implementing authentication
- Python-GnuPG: is used for encrypting email notifications and file downloads by means of ‘PGP’
DATABASE SECURITY
The GamLeaks backend implements an hardened local SQLite database accessed via the SQLAlchemy ORM.
This design choice is selected in order to ensure that the application could fully control its configuration implementing a large set of security measures in adhrerence to the security recomendations by SQLite
The GamLeaks backend utilizes the SQLite trusted_schema pragma to limit the trust put on the database in order to limit exploitation on which the database could be maliciously corrupted by an attacker.
CONNECTION ANONYMITY
Users’s anonymity is offered by means of the implementation of the Tor technology. The application implements an Onion Service v3 and advices users to use the Tor Browser when accessing to it.
Users’ connection is always encrypted, by means of the Tor Protocol while using the Tor Browser or by means of TLS when the application is accessed via a common browser.
The use of the Tor is recommended over HTTPS for its advanced properties of resistance to selective interception and censorship that would make it difficult for a third party to selectively capture or block access to the site to specific whistleblower or company department.
DoS RESILIENCY
To avoid applicative and database Denial of Service, GamLeaks apply the following measures:
- It tries to limit the possibility of automating any operation by implement a proof of work on each unauthenticared request (hashcash)
- It applies rete limiting on any authenticated session
- It is written to limit the possibility of triggering CPU intensive routines by an external user (e.g. by implementing limits on queries and jobs execution time)
- It implements monitoring of each activity trying to implement detection of attacks and implement proactively security measures to prevent DoS (e.g. implementing slowdown on fast-operations)
Threats to Anonymity & Confidentiality
Browser History and Cache
GamLeaks tries to avoid, by using properly crafted HTTP headers and other techniques, leaking information into any user’s browser history or cache. This privacy feature cannot guarantee the safety of the user against a forensics analysis of their browser cache and/or history, but it is provided as an additional safety measure.
Metadata
Every file can contain metadata related to the author or the whistleblower. The cleanup of metadata of submitted files is a particular topic that attempts to protect an “unaware” whistleblower from including information in a document that may put their anonymity at risk. In the context of GamLeaks, by default no automatic metadata cleanup is implemented because metadata is considered fundamental part of the original evidence that shall be preserved and not invalidated. For this reason, metadata cleanup is an optional operation that could be suggested to Whistleblowers or operated by Recipients when sharing the document with other persons. When sharing files to external third parties Recipients are invited to print the document and provide a hard copy. This process is helpful to ensure that recipients only share what they see without risking sharing sensitive information contained in the metadata of the files of which they may not be aware of. To get to know more about metadata and the best practices on redacting metadata from digital files we recommend reading the article Everything you wanted to know about media metadata, but were afraid to ask by Harlo Holmes. A valuable tool supporting these advanced procedures is the Metadata Anonymization Toolkit
Network and Reverse Proxies
GamLeaks is intended to be used by end users with a direct Tor or TLS connection from the browser of the user to the application backend. Any use of Network and Reverse Proxies in front of the application is discouraged; those appliances could significatively interfere with the application and lower its security vanishing any confidentiality and anonymity measure implemented within GlobaLeaks.
HOW IT WORKS
Encryption of Temporary Files
Files being uploaded and temporarily stored on the disk during the upload process are encrypted with a temporary, symmetric AES-key in order to avoid writing any part of an unencrypted file’s data chunk to disk. The encryption is done in “streaming” by using AES 128bit in CTR mode. The key files are stored in memory and are unique for each file being uploaded.
Network Sandboxing
The GlamLeaks backend integrates iptables by default and implements strict firewall rules that restrict network incoming network connection to HTTP and HTTPS connection on ports 80 and 443.
In addition the application makes it possible to anonymize outgoing connections that could be configured to be sent through Tor.
Input Validation
The application implement strict input validation both on the backend and on the client
On the Backend
Each client request is strictly validated by the backend against a set of regular expressions and only requests matching the expression are then processed.
As well a set of rules are applied to each request type to limit possible attacks. For example any request is limited to a payload of 1MB.
On the Client
Each server output is strictly validated by the Client at rendering time by using the angular component ngSanitize.$sanitize
Cookies and XSRF Prevention
Cookies are not used intentionally to minimize XSRF attacks and any possible attack based on them. Instead than using Cookies authentication is based on a custom HTTP Session Header sent by the client on authenticated requests.
HTTP Headers
The system implements a large set of HTTP headers specifically configured to improve the software security and achieves score A+ by Security Headers and score A+ by Mozilla Observatory.
Strict-Transport-Security
The system implements strict transport security by default.
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Be A Solution
“There is no more neutrality in the world. You either have to be part of the solution, or you’re going to be part of the problem.”
T. Siedner, London NW2.
The Synergy
“Alone we can do so little; together we can do so much.”
Helen Keller
(1880 – 1968)