Privacy Tools Guide

Whistleblowers should use Signal for encrypted communications, SecureDrop or Globaleaks for anonymous document submission to journalists, Tails Linux for all evidence gathering, and GPG encryption for sensitive documents before transmission. Use a separate device and dedicated phone number for all organizing, remove metadata from documents using ExifTool or Mat2, separate your whistleblower identity completely from personal accounts, and never use personal or work devices for sensitive communications. This guide covers practical tools and techniques for preparing disclosures while maintaining operational security, including threat modeling based on your adversary type.

Understanding the Threat Model

Every whistleblower faces a different adversary. Corporate whistleblowers typically deal with internal investigations, IP tracing, and legal intimidation. Government whistleblowers may face national security laws, sophisticated surveillance, and cross-agency coordination. Your threat model determines which tools and practices matter most.

Start by asking: Who is trying to identify you? What data have you already produced that could link you to the disclosure? What physical and digital access points exist between you and the information you shared with journalists or publishers?

Most failed whistleblower operations share common failure points: unencrypted communications, metadata left on documents, reusable passwords, and insufficient separation between personal and whistleblower identities.

Secure Communication Channels

Establishing secure communication before gathering evidence prevents the most common metadata leaks. Signal remains the gold standard for encrypted messaging. Enable disappearing messages and register your Signal account with a dedicated phone number that cannot be traced to your identity.

For sensitive document sharing, use SecureDrop or Globaleaks. These platforms are designed specifically for whistleblower submissions and provide strong anonymity guarantees. If you must use email encryption, set up GPG with a fresh key pair generated on Tails Linux:

gpg --full-generate-key
gpg --armor --export your_pseudonym@example.com > public.key
gpg --armor --export-secret-key your_pseudonym@example.com > private.key

Store your private key on encrypted storage, never on cloud services.

Document Sanitization and Metadata Removal

Documents carry extensive metadata that can identify their author. When you create a PDF or Word document containing disclosures, it typically embeds your username, creation timestamps, software version, and network identifiers. Before sharing any document with journalists, strip all metadata.

Use exiftool to remove metadata from various file types:

# Install exiftool
brew install exiftool

# Remove all metadata from a PDF
exiftool -all= document.pdf

# Remove metadata from images
exiftool -all= evidence_image.jpg

# Batch process all files in a directory
exiftool -all= -r ./evidence_folder/

For Microsoft Office documents, use the built-in “Inspect Document” feature or scripting libraries like python-docx to programmatically remove metadata fields. Always export documents to PDF as a final step before sharing, using a sanitized machine.

Secure File Transfer and Storage

Never store evidence on cloud services linked to your personal identity. Use encrypted local storage with VeraCrypt for sensitive files:

# Create a 5GB encrypted container
veracrypt --create --size=5G --hash=sha512 --encryption=aes --filesystem=FAT -m=tub < containerfile

# Mount the container
veracrypt containerfile

# Work with files, then unmount when finished
veracrypt -d containerfile

When transferring files to journalists, use onion services accessible through Tor Browser. OnionShare provides secure, anonymous file sharing without requiring the recipient to use Tor:

# Install on Kali Linux or Debian
sudo apt install onionshare

# Launch with GUI or command line
onionshare --website --persistent ./evidence_folder/

This generates a unique .onion URL that works only once and leaves no server logs accessible to adversaries.

Network-Level Protection

Your internet service provider can see every unencrypted website you visit. Tor Browser provides onion routing that encrypts your traffic through multiple relays, making network surveillance ineffective against casual monitoring. For developers comfortable with command-line tools, use torsocks to tunnel specific applications through Tor:

# Install torsocks
brew install torsocks

# Run curl through Tor
torsocks curl -s https://example.com

# Run SSH through Tor (add to ~/.ssh/config)
Host journalist-host
    HostName hostname.onion
    ProxyCommand socat - SOCKS:localhost:9050

Whistleblowers in high-risk situations should consider using a dedicated device running Tails Linux, a privacy-focused operating system that routes all traffic through Tor by default and leaves no traces on the machine’s storage.

Identity Separation

Maintain strict separation between your whistleblower identity and personal accounts. Create new email addresses using privacy-respecting providers like ProtonMail, registered from a public network or Tor. Avoid using your real phone number for any account related to the disclosure—use VoIP numbers or temporary burner phones purchased with cash.

For code examples or technical artifacts, use a dedicated development environment with no connection to your professional GitHub or GitLab accounts. Consider using Gitea or self-hosted GitLab instances accessible only through Tor.

Practical Workflow for Evidence Preparation

  1. Isolate: Use a dedicated device or Tails Linux for all whistleblower activities.
  2. Collect: Pull evidence directly from systems using secure protocols. Avoid screenshots where possible—they contain metadata and can be captured with inference attacks.
  3. Sanitize: Run all files through exiftool or similar metadata removal tools.
  4. Transfer: Use SecureDrop, OnionShare, or encrypted email with GPG to move evidence to journalists.
  5. Destroy: Securely wipe evidence from your devices after confirmation of receipt. Use shred or bleachbit for permanent deletion:
# Overwrite file 7 times before deletion
shred -u -z -n 7 sensitive_file.txt

# Wipe free space (requires root)
bleachbit --wipe-free-space

Organizational Intelligence Detection and Evasion

Large organizations deploy sophisticated surveillance methods to identify leakers. Understand how they investigate to avoid detection:

Common Detection Techniques:

Evasion Strategies:

Use systems you would normally access for your role. Accessing sensitive systems outside your normal scope triggers investigation logs. If you typically have access to certain files, using that access appears normal; accessing files outside your permission scope creates audit trail anomalies.

Vary your collection timing. Don’t systematically gather evidence during specific hours—spread collection over weeks or months, mimicking normal work patterns.

Avoid dramatic volume changes. Downloading 500MB of files you’ve never touched before creates network logs that stand out. Instead, make periodic small downloads consistent with legitimate work activity.

Securing Communication with Journalists

Establish secure communication channels before sharing sensitive information. Use ProtonMail for initial contact, sending public GPG key alongside your message.

# Generate a temporary GPG key pair for journalist communication
gpg --batch --generate-key <<EOF
%echo Generating journalist communication key
Key-Type: RSA
Key-Length: 4096
Name-Real: Disclosure Contact
Name-Email: journalist-contact@protonmail.com
Expire-Date: 1y
%commit
%echo Done
EOF

# Export public key to share with journalist
gpg --armor --export journalist-contact@protonmail.com > disclosure.key

Publish your key to a public keyserver so journalists can verify it independently:

gpg --send-keys --keyserver keys.openpgp.org journalist-contact@protonmail.com

Schedule encrypted Signal calls through separate channels. Provide instructions: “I will call through Signal from [burner number]. This number will be active Tuesday 19:00-20:00 UTC only.” Time-bound availability prevents targetted surveillance.

Handling Law Enforcement and Subpoenas

Whistleblowers may face legal pressure from employers or government agencies. Understand your jurisdiction’s protections and legal obligations:

Preparation:

During Investigation:

If questioned by investigators, you have the right to remain silent and demand attorney presence. Provide no information about your disclosure activities without legal counsel present.

# If subpoenaed for devices, your encrypted containers provide protection
# Full-disk encryption on all whistleblower devices prevents compulsory unlocking in most US jurisdictions
# However, always consult your attorney about specific jurisdiction laws

# Document your security setup for attorney review
echo "Full-disk encryption: LUKS (Linux), FileVault (macOS), BitLocker (Windows)" > legal_security_documentation.txt
echo "Communication encryption: Signal (end-to-end), GPG (email)" >> legal_security_documentation.txt

Physical Operational Security

Digital tools matter, but physical security prevents the most damaging disclosure leaks:

Threat Assessment Decision Tree

Before disclosing, assess your actual threat level:

Low Threat (Corporate disclosure to mainstream journalists):

Medium Threat (Government accountability disclosure):

High Threat (National security disclosure, hostile regime):

Honestly assess which category applies to you. Over-preparing creates operational friction; under-preparing creates legal vulnerability.

Built by theluckystrike — More at zovo.one

Explore Our Developer Guides

© 2026 theluckystrike Developer Guides