Linux, Ceph, Openstack and Privacy Tech

Reflections at a new beginning

5th July 2017

I'm no stranger to controversy. In fact, my past few years have been entirely dogged by it. Transitioning from a respected advocate for privacy and technology into one of the world's best-known publishers of leaked material was not a smooth journey, and has forever marked my record. Whether you see this as a positive or negative is down to what line of politics you follow. Throughout my experience, however, one thing did not change; my sense of wanting to make a positive impact on the world.

I did achieve my goals of making a positive impact in many ways. Companies are adopting secure practices and procedures at an ever faster rate, and now there are even laws being formulated compelling data controllers to disclose any losses of personal information. How much I influenced this, I will never know, but following the mega-breaches of 2015 and 2016, the public is now more aware than ever of the importance of the correct balance between the privacy, security and convenience these services offer. In the process, I picked up a reputation for the media coverage of either my actions or the fallout of those actions, and while some seen my work as I intended, so did many see me as a villain and the perpetrator. Nobody ever managed to bring any civil or criminal claims against me successfully, though many tried. I still feel the effects of that past with me daily.

I left the scene of data breaches down to the shift in tone they were taking. As I documented in my final blog post elsewhere, I was no longer making information public that was previously unknown, but many instead attempted to use my position to gain notoriety themselves. I was not willing to share a platform with people who breached sensitive systems such as a Children's hospital for the sake of them gaining 5 minutes of fame. As I realised people were seeing me as a proving ground for their worthiness in the hacking community, so I felt I was no longer serving my purpose.

During my downtime, I have enjoyed a somewhat limited amount of coverage. A few interviews here and there, looking at expanding my knowledge and skills, and ultimately moving from my history of self-employment to something more stable and predictable, with fewer responsibilities. It has also served as a useful time for me to reflect on what I can do next to better the world, and this blog I feel will be an important part of that.

I have previously focussed on the exposure of poor security, but I have never actually contributed much to the field of remediating it, or at least not in public. I feel there are people better than myself in the area of giving advice for a particular organisation, this is mostly down to time and familiarity with different system deployments. But the problem I want to address is not much to do with large corporations who can afford to pay security specialists, but the individual users who are almost always the most impacted by such breaches.

Overall, my plans for this blog are to cover many topics. This can range from basic security on conventional control panels such as Plesk and cPanel, to the technologies I like to tinker with such as Ceph clustering and Tor Hidden Services. Indeed I plan to make my next post exactly that, an updated version of the Tor Hidden Services guide I published several years back. It won't contain groundbreaking changes, just an update to the commands issued and advice provided, and from there I can expand. From time to time I will also add small sections from other areas such as law and opinion pieces, where I feel they intersect with the interests of the readers of the blog.

I'm also open to new ideas and collaborations with others. If there is something you'd like me to cover, get in touch and I'd love to discuss it.

With this new launch, it would be untruthful of me to say this is a fresh start. I have never hidden my history, nor do I believe I was wrong in my actions, but I am confident now more than ever that it is the right time to move on. I, of course, will still make some releases, but I will no longer be the clearing house of leaks I once was, nor do I ever intend to be again. But if you are following me to learn something new, you've found the right place. Just remember to bookmark the site, and I'll try to keep you posted quite regularly!


Thomas White

View Comments