Whistleblowers like Chelsea Manning and Edward Snowden exposed classified information because they believed their leaks were in the public interest.The next secret-spiller might be motivated instead by something less magnanimous: money.Two free-information-focused developers have released a piece of open-source software designed to let anyone get paid in bitcoin for leaking secret information either to the public or to a private buyer.
The program, which they call PayPub, is still just an early prototype. But its creators say it has all the features necessary to facilitate a new model of anonymous, for-profit online leaking—or even to help spark a decentralized black market in secret information.“I’ve wanted for a while to make a marketplace where people can leak information and others can pay for those leaks,” says PayPub’s co-creator Amir Taaki, who has gained notoriety for his work on other radically anarchist bitcoin projects. “Leakers are taking a risk, and they should be rewarded.”Taaki and his partner on the project, Peter Todd, say they’ve been inspired by the revelations of WikiLeaks and Snowden.
They see a chance to fuel those sorts of megaleaks with financial incentives–a kind of bitcoin Kickstarter for leakers.“When you add a monetary component, you can get data from people who don’t want to pull a Snowden for nothing,” says Todd, a bitcoin consultant and adviser to several startups. “This can be a powerful motivator.”Unlike the dozens of leaking projects that have followed WikiLeaks, PayPub isn’t a publishing platform or even a website.
In Todd and Taaki’s system, leakers have to find their own ways to anonymously offer their leaks—say, via a website protected by the anonymity software Tor or with encrypted messages from a throw-away email address.They also need to find their own method of publishing their leaked documents, like uploading them to the BitTorrent site the Pirate Bay. And given that bitcoins can sometimes be tracked in the cryptocurrency’s public ledger of transactions known as the blockchain, they suggest that leakers and leak buyers both use tools that launder bitcoin for identifying traces, too.What PayPub does offer is a set of crypto tricks designed to monetize leaks–and to make sure nobody gets screwed in the transaction.
As described on the software’s Github page, the software lets a leaker reveal a randomly-selected portion of the leaked files as a preview, along with a suggested price.If potential buyers are interested in seeing more, they can use the program to generate bitcoin addresses to which they can pay coins in exchange for revealing more portion of the files. And those addresses are carefully designed such that the leaker can only claim the payments by revealing the decryption keys that allow more of the file to be unscrambled.Sound complicated? Taaki and Todd are the first to admit that the system is less than user-friendly in its current state as a command-line tool. Like other open-source projects they’ve developed, they hope other developers will continue to improve on it and build an interface that hides more of its complexity.“This is kind of the equivalent of PGP in the early nineties versus modern encryption tools,” says Todd.
Todd also points out that PayPub can be used for less controversial files than leaked secrets. “It doesn’t have to be financial documents or WikiLeaks cables,” he says. “It could be something much more prosaic, like software you want to be paid for when you release it to the public.”Still, the project shows the potential for a far more mercenary form of anonymous data leaks, one where corporate insiders could profit from spilling intellectual property to the competition, or government workers could sell state secrets to foreign agents.
Snowden’s violations of his top-secret security clearances to give the NSA’s files to a handful of journalists generated enough angry debates; cryptocurrency-funded data dumps would be far harder to morally justify.The site, developed by London-based hacker Amir Taaki, one of the brains behind the controversial new Dark Wallet project, would function as a supplement to sites like Wikileaks that use encryption to protect the anonymity of whistleblowers and other leakers. Using payments in anonymous digital currencies such as bitcoin, the site is touted as way to incentivize people to publish confidential information.This could go either way: It could encourage transparency in government, or it could foster widespread peddling of commercial secrets and petty information about politicians’ private lives. Take your pick.Given the legal travails of Wikileaks founder Julian Assange and National Security Agency leaker Edward Snowden, it’s fair to say governments won’t look too favorably on this latest venture from Mr.
Taaki.But Taaki doesn’t particularly mind that controversy. After all, he has a history of working on cryptoanarchist projects designed to enable untraceable currency and unseizable black markets. “Only the powerful have something to fear from information freedom,” he says.“You can always say there are good and bad secrets, but the reality is that there is information that people want and need to be public…However we can give incentives to people to liberate information in general is a positive thing.”The concept of offering digital payments for black market data stretches back as early as 1993, when cypherpunk founder Tim May proposed a system called BlackNet that would let buyers pay for corporate and government leaks with “cryptocredits.
”Though no such currency existed at the time, May’s thought experiment bounced around the Cypherpunks Mailing List, where Julian Assange was an active reader. It likely helped to inspire WikiLeaks a decade and a half later.Now that bitcoin offers the financial tools that those early cypherpunks lacked, Taaki says he wants to take the leaking concept a step further. “I’m very much into WikiLeaks’ work, but I want to make a WikiLeaks with bitcoin bidding, that incentivizes leaking,” he says.
“Maybe you want to publish some data, but you need something to push you over the edge,” he adds. “Money can do that.”