If the Economist is contributing some servers to participate in the Tor network, that's nice. Although - there's the question of whether the Economist itself is a trustworthy entity; I'm not familiar enough with it to comment on that.
> Freedom of the Press Foundation eventually plans to list all of those SecureDrop onion URLs that meet the minimum requirements for deployment best practices as “verified” on its website. If your organization cannot follow the minimum guidelines, we cannot recommend your SecureDrop instance as safe to use.
> At SecureDrop’s heart is a pair of servers: the Application (“App”) Server, which runs the core SecureDrop software, and the Monitor (“Mon”) Server, which keeps track of the Application Server and sends out alerts if there’s a problem. These two servers run on dedicated hardware connected to a dedicated firewall appliance. They are typically located physically inside the newsroom, and must be physically located on-site within your organization’s premises.
> Application Server:
> An Ubuntu server running two segmented Tor hidden services. The source connects to the Source Interface, a public-facing Tor Onion Service, to send messages and documents to the journalist. The journalist connects to the Journalist Interface, an authenticated Tor Onion Service, to download encrypted documents and respond to sources.
> Monitor Server:
> An Ubuntu server that monitors the Application Server with OSSEC and sends email alerts.
> The servers connect to the network via a dedicated hardware firewall.
If the Economist is contributing some servers to participate in the Tor network, that's nice. Although - there's the question of whether the Economist itself is a trustworthy entity; I'm not familiar enough with it to comment on that.
I don't think that operating SecureDrop requires the admin/operator to run a Tor node per se?
The presence of their SecureDrop instance on the directory implies the following:
https://docs.securedrop.org/en/stable/admin/deployment/deplo...
> Freedom of the Press Foundation eventually plans to list all of those SecureDrop onion URLs that meet the minimum requirements for deployment best practices as “verified” on its website. If your organization cannot follow the minimum guidelines, we cannot recommend your SecureDrop instance as safe to use.
https://securedrop.org/directory/the-economist/
More info about how the service works:
https://docs.securedrop.org/en/stable/what_is_securedrop.htm...
> At SecureDrop’s heart is a pair of servers: the Application (“App”) Server, which runs the core SecureDrop software, and the Monitor (“Mon”) Server, which keeps track of the Application Server and sends out alerts if there’s a problem. These two servers run on dedicated hardware connected to a dedicated firewall appliance. They are typically located physically inside the newsroom, and must be physically located on-site within your organization’s premises.
> Application Server:
> An Ubuntu server running two segmented Tor hidden services. The source connects to the Source Interface, a public-facing Tor Onion Service, to send messages and documents to the journalist. The journalist connects to the Journalist Interface, an authenticated Tor Onion Service, to download encrypted documents and respond to sources.
> Monitor Server:
> An Ubuntu server that monitors the Application Server with OSSEC and sends email alerts.
> The servers connect to the network via a dedicated hardware firewall.
Every media outlet is biased.
Even though that's technically true, it's an unhelpful platitude because it lumps everything between infowars and Reuters into one bucket of "biased".
Trustworthy in what way?