New Yorker Launches 'Strongbox' for Anonymous Transmission of Files
A source can use Strongbox to send information anonymously in the following way: First, they access the Tor network, which anonymizes users via a series of relays encrypting traffic at each step. Strongbox users then upload their files or messages and get a random code name. The files are encrypted and transmitted to a Condé Nast server separate from the rest of the company's infrastructure.
Next, New Yorker editors periodically check Strongbox using a laptop on a Virtual Private Network (VPN). If they see a file they want, they can download it to a thumb drive and load it on a laptop not connected to the Internet, booted from a CD and erased every time it's turned on. Then, they plug in a second thumb drive with the keys to decrypt the files.
Should New Yorker's reporters need to contact the uploader, they can do so through a separate computer connected to the Internet. The source would see such a message only if they log back on to Strongbox with their previously generated username.
Introducing Strongbox
http://www.newyorker.com/online/blogs/closeread/2013/05/introducing-stro...
Strongbox underlying source code, DeadDrop
http://deaddrop.github.io/