 Hi everybody, my name is XanNorth. I'm a member of Distributed Denial of Secrets and you are here at Leak the Planet, or how you stopped, how you learned to stop worrying and love the Lea. Who we are? Well, we are a bunch of cat lovers. As you can see, and dog lovers. And then there are a bunch of humans that don't matter. We have Emma Bess right here and the rest of these are people that also work with Distributed Denial of Secrets. But I all know you want us to bring back the pets. So first of all, we have types of leaks and leakers. Leaking is as value-neutral as farm, as pharmacology. It comes down to intent and application. We have insiders, activists, spillage, state-affiliated actors, and ransomware. And we'll go through all of those. What they are, what they mean. Insiders. So cognitive dissidence addresses itself through leaks. A lot of people, when they join an organization, they may have ideas about how that organization works that don't necessarily come to fruition. Examples of insiders are Daniel Ellsberg, Chelsea Manning, Edward Snowden, reality winner Natalie May Edwards, and Johannes Dethenson. Next, we have hacktivists. Not all whistleblowers are insiders. Some of them come in from the outside. Good examples of that are Redhack, Anonymous, Jeremy Hammond, Phineas Fisher, ACAP Gang, Cyber Partisans, and Donk NB. Next, we have spillage, which is pretty much when a stereo falls off a truck on the information superhigh highway. This is typically an accidental release of data that's a result of user error. Examples are Heritage Foundation, police aerial surveillance footage, and GiveSendGo. GiveSendGo particularly. They were warned repeatedly that their S3 buckets were misconfigured. They never took any action. And, well, they got leaked. Services like Gray Hat Warfare make misconfigured S3 buckets easy to find and search. Many leaks are avoided by disclosure protocols. Again, going back to GiveSendGo, they were warned repeatedly, and they did nothing. And then when their leak finally did come out, they denounced it as fake news. Nothing. They weren't really hacked. So, next, we have state-affiliated actors. You probably love them when they're yours. We have Sabu, Popov, Cyber Birket, Guccifer 2, DC Leaks, IT Army, and Conti. And then Ransomware. Very little of this data merits journalistic or academic review, but there are some gems. Example, Jones Day, Chicago City Hall, Metropolitan Police Department, DC, Illinois Attorney General, and Perceptix. Some declared political stances following the Russian invasion of Ukraine. And financial motives mean they can be hired by state actors. Example of that would be Conti. So, next, we move on to publication models, which also serves as a brief, all-to-brief history of recent leaks and ways of leaking things. First up, one of the oldest leaking institutions that's still active in the Western world, Crypto. Everybody's best friend of me. They've been publishing censored and leaked material online since 1996, using basic HTTP listings, and for a time, an FTP server as well. They helped found WikiLeaks. They were on the initial advisory board, and they helped register the domain name. But, like I said, they criticize freely, and that includes WikiLeaks, although they strongly oppose the extradition and prosecution of Assange, and gave testimony in one of the cases against him for the extradition attempt. And to this day, Crypto continues to be active, which is a minor miracle considering it's been nearly 30 years, and they've faced threats from multiple corporate entities, as well as government agencies that have visited them and had all sorts of questions, and we're often angry at them for making public documents to public, because what if people read them? Crypto very naturally brings us into WikiLeaks. They wore every hat until they wore virtually none. They were revolutionary at times. A lot of debate was sparked, and then they were used by Russian intelligence. We know from exchanged messages that they received the DNC emails from Guccifer 2, and they appear to have received the Podesta emails from DC leagues, also based on messages that we know of. Their last original leak was, I believe, late 2019, and that was one of the OPCW leaks, which that series has been tied to Russian intelligence again by a series of articles written by Daily Beast, New Lines Magazine, and Bell and Cat. Those are all very worth reading, because Russian embassies and diplomats are directly involved, and a sting operation was able to reveal quite a bit. And, unfortunately, WikiLeaks throughout its history has suffered a lot of instability and periods of inoperability. There was the 2010 incident where their infrastructure was taken down. There was 2011 or 2012 through 2015, I believe, where they had no submission portal. They recently lost their submission portal again, and only very recently launched a portal that almost works. It will upload files, but sources will never know if it succeeded in uploading them, which brings us next to Anonymous's answer to WikiLeaks, launched during a feud in 2012 and 2013. They called it paranoia, short for potentially alarming research from the Anonymous Intelligence Agency. Anonymous was frustrated by WikiLeaks' slow releases, and WikiLeaks, for their part of the feud, was accusing Anonymous of insecure methods. And, at this time, WikiLeaks' submission system was offline, while paranoia was meant to be a quick, simple leak platform. But, unfortunately, that was one of the problems with paranoia, as it was very easily exploited. Some of the release notes were highly inaccurate, and given the context of those inaccuracies, that certainly had an agenda with them. And it was in particularly used by Max and Popov to help launder some of his data. Next, we have groups like The Intercept, where they are literally building journalism from the ground up around leaks. And I know we all have thoughts about The Intercept, and certain people that worked there and no longer do, mistakes that have been made by individuals there, and, yeah, we could say that about any outlet. But the lessons from The Intercept are still very useful, because they built it from the ground up to allow this kind of research. And they even tried to extend it beyond their own borders a bit with the Snowden archive, which, unfortunately, was closed. But they continue to be active and report on large leaks to this day, including partnering with regional outlets in some instances, such as data sets relating to the Russian invasion of Ukraine, which brings us to the consortium model, where we have groups like Areej, EIC, Forbidden Stories, ICIJ, and CCRP. You can see on the slide a list of a number of high-profile projects, most of them dealing with finance, that the consortium model all dealt with. And because of the international nature of these projects, consortiums are uniquely able to go after the data, because you need local experience for each realm, you need multiple experts, you need boots on the ground, and no one outlet can realistically handle that. They rarely publish raw data, but sometimes they do publish relational data, which you see with ICIJ and some of their databases, which are publicly available. And then there's these people called DDoS Secrets. That's us. In the last four years, we've published leaks from over 50 countries and over 200 releases. That number's a bit out of date, but we're constantly trying to balance source protection with source transparency, which is a major issue, especially with things like the Russian Ukrainian War. We have people sending us data sets, and there's a very obvious question when it's something that gets the cyber war tag that we created, alerting people to the context and that there's no specific suspicion for these data sets, but it's still something that you should look at more closely and be more aware of. We also strongly focus on separating editorial and what the meaning of the leak is from what we do, which is presenting the data. We will help journalists interpret it as best we can, but we don't tell them what to write. We don't present our own analysis of it, because one, we have data from over 50 countries and over 200 organizations that range from topics of artificial intelligence to manufacture of nuclear power plants. We are not and cannot ever be experts on all of these subjects, never mind the language barriers. It is better left for people who are already experts in that than for us to try to become everything. I seem to have hit, sorry about that. And this also helps prevent our biases from getting in the way of what the data says, because when you touch this much data and you bring it to the public, it is very easy to infect it with your point of view and your messaging. And it can't become an inherent part of the data. One thing we witnessed with WikiLeaks and the Vault 7 releases was they wrote about how certain devices could be exploited and how that could then be leveraged to get past the encryption on things like signal and WhatsApp by making the encryption literally irrelevant. But people took away the wrong message from that for several articles and a large number of people on Twitter because of a imperfectly crafted tweet. And so we have a great responsibility to not do that. Our goal is to collect the data, review it and then entrust local reporters, investigators and activists and experts to follow through and in many situations to find the right consortium. Moving on, we get into actual data. In the last eight hackers, DCLeaks was an exercise in persona and access management. While some of the data was public, not all of it was, which was a way of playing favoritism, a way of creating mystique and hiding some of the overlap between various releases. DCLeaks was later linked to fake journalists personas by investigations and especially forensic ones which followed different digital accounts. And there were early and unclear and inconsistent ties to Gucci for two established publicly early on. For instance, the email in which Gucci for two said that DCLeaks was a wiki leak sub project and they provided restricted access to DCLeaks releases. Thus, we have Gucci for two selling the narrative, which was launched obviously to counter the revelation that was then new of Russian hacking of the DNC, DCCC, etc. They used a combination of blog and social media posts with individual documents, some of which had been tampered and larger dumps. We know from government investigations that Gucci for two communicated with over 12,000 Twitter accounts, exchanging over 15,000 messages. We've only managed to identify so far about 10% of those messages and far fewer than 10% of the accounts that have that communicated with Gucci for two. But the known, the known discussions are part of the transcript cited at the end of this, thus spoke Gucci for two. And we also know from the messages that they were active nearly 24 hours a day when they were active, which is another giveaway. So what does state affiliated actually look like? Because everyone has ideas of what they think it is or what they think other people think it is. And you especially see that as a political weapon, which is nonsense and infuriating pop off. Maxim Igor Popov was a Russian contractor who infiltrated anonymous and before that the FBI. He was arrested by the FBI and turned into an asset. And on his first job, he was sent after the people that he used to work with. But the FBI didn't actually watch very closely what he said in Russian. And by using some unique idioms that were a little, you know, less known to the translators, he warned them what was happening and they were able to get away free. But he then went on to help them with a number of other things before being let go under questionable circumstances. And when I say questionable, I mean the FBI agent responsible was investigated and nearly indicted over it. He was involved in the 2004 2005 FBI email hack. Didn't get a lot of coverage at the time, but they didn't hack the FBI directly, but rather the AT&T servers that the FBI used for a number of their things, including their emails. And these were sensitive emails. And Popov was never so much a technical hacker himself, but he was the person on the crew that made things happen. He developed relationships and he monetized things. And so he got the FBI to pay him and his people $10,000 for a meaningless lead on the hack that they had just committed against the FBI. They identified one of the people involved, Leonid Sokolov, who cannot be indicted and is never going to leave to go to an inditable area. Popov used numerous false personas and some of them are linked to some very interesting other hack and leak situations. For instance, the hack and leak of Ukrainian Prosecutor General, which was done by Popov, overlapped significantly with cyber recruits, similar release, right down to the same office and timeline, although their release was much more limited to a few documents. Popov released several gigabytes from that office and several others. And he's obviously financially motivated. But aside from his own admissions to being a state contractor for Russia, which he said to Jeffrey Carr and is implied to other journalists, there is the fact that if you are living in Russia and you hack the FBI and it is that high profile and you do not pay patronage to Mother Russia, you lose all protection. It is exceedingly unlikely, simply based on that. But also the reward, there's no reason they wouldn't have pursued that. Which brings us to Sabu, everyone's favorite American state-sponsored hacker. A member of Anonymous turned to an FBI asset. While he was active, the FBI closely monitored and controlled him after his arrest. They watched what was on his monitor, they took pictures of it, they were involved every day and they had the opportunity to direct him to do things differently or to stop entirely. Through their observation control and failure to stop, they directed him. That is beyond a doubt. And those directions included having Sabu direct cyber attacks on foreign government and commercial systems, as well as orchestrating the strat for hack and leak and his unwitting collaboration with Popov. Just a very fun thing to discover when you're going through leaked chats. But Sabu was more than just a criminal informant. By doing these things, the FBI was using them for foreign and domestic intelligence gathering for the FBI. So what about the links between people like Popov and Sabu? When the lines blur, these people enable each other. And that's not just Popov and Sabu. That's a general trend. Sabu and Paranoia both laundered Popov's leaks. We can see in chats where Popov literally gives them to Sabu and Sabu puts them forth saying it's an anti-sec release. It's a low-sec release and they're the most shady ones. And in several instances, people who were actually involved in those groups then became very concerned afterwards about issues with those data sets. Sabu also offered Popov early access to the Syria emails released by WikiLeaks. And that's significant as well because not only was the one banking transfer email missing from the WikiLeaks release, but over 1 million of the 2.4 million emails is not been published by WikiLeaks. You can review this on the WikiLeaks website, or I wrote about it on my site Emma.best where you can also download a script and manually verify it yourself. And that is one mystery that they have failed to follow up on or comment on, but maybe it's the same secret lizards thing that they commented about the Clinton leaks. It's a true story. You can find it in the wayback machine. While they were working together, Popov and Sabu actively discussed using cyber attacks on government systems and using false flag cyber attacks to quote, create real cyber war. Keep in mind, during this time, Sabu was under the FBI's control. He was having ongoing discussions with people about false flag cyber attacks with the goal of creating not just chaos, but conflict. And Popov's activities included faking funding of terrorism by one country. He is actually one of the only people who in the modern era can say he has pissed off both the FBI and the KGB because Belarus does not like him after some of the shit he pulled. And Popov even gave Sabu targets and credentials, and we know that those were passed on. Some of them were even given to Jeremy Hammond. And if you look at the unredacted paperwork for his court case, some of which was leaked to me as part of his discovery, you'll see that those are in fact the same ones that Popov gave to Sabu. So we have a former FBI asset and a Russian contractor giving a FBI asset who is under FBI control credentials to attack foreign government systems to an American hacktivist who is then convicted for doing those things. And these are the kinds of states sponsored actions that are never looked at. They are not understood. And why would they be looked at? There's already a scapegoat. Jeremy Hammond did the fucking thing. And we don't need accountability beyond that because that would just make everyone look bad. And no one could stand that. Looking bad is worse than people dying, at least in the eyes of the government. We move on to Gooch for two. One of the most telling quotes about Gooch for two comes from Julian Assange, where he said, these look very much like they're from the Russians. They almost look too much like the Russians. It was, of course, a persona managed by Russian intelligence services. They were the source of the DNC emails. We know this from public statements as well as private statements. They made in their chats with WikiLeaks. The transcript shows the communications with and submissions to WikiLeaks discussion about timeline. And WikiLeaks, of course, explicitly stating, we want to do this on, you know, in time for the DNC so we can have this specific political impact. But despite the overwhelming amount of evidence about Gooch for two, there are still truthers out there who insist on Seth rich this or vips that or forensicator, something or other. And that is one of the things that happens when there's a failure to communicate beyond thick, incomprehensible reports, which are also unfortunately very easy to manipulate in terms of media. A much more recent example that I think many of you may not have heard of is free civilian, the data, the data merchant that was a terrorist. They claim to sell data, but they posted it freely, including Ukrainian medical data and about one million government emails from Ukraine for their internal development. They used Cloudflare to protect their Swiss servers for distribution. And after the servers were the company was notified, the private layer ink took their servers offline. However, Cloudflare, last I checked, continued to protect the now defunct domain, despite being told explicitly what it was being provided proof of what it was. And outside analysis that confirms that, yes, this was almost certainly Russian state affiliated actors. And it was almost certainly a hack and leak sigh out to create fear as part of the Russian invasion of Ukraine, making it not a criminal act, but an act of war. Cloudflare simply responded, we are not hosting the content. We're simply helping them host it. This brings us to the issue of misidentifications, because it happens both ways where we either miss someone who was a state actor, or we look at someone that wasn't a state actor and someone decides they were. And for Sugu, the answer is simple. Agent Brutus says he was a hero. Agent Brutus is an honorable man and he has brought many captives home to Rome. So when he said, Sugu did great. He prevented all these attacks. I mean, he started them, but he prevented them in the end. It's so great. He's the terrorist and the hero. And, you know, normally that's a crime, but not this time. And for the most part, people, especially in the mainstream, especially mainstream outlets, went with it. They trusted Agent Brutus because he was an honorable man. And he had arrested many people. So surely he knew what he was talking about. Then we have Popov. He was simply missed because he was a con artist with too many fake IDs. That and the FBI agent responsible kind of just stonewalled when he was asked to help solve what was going on. And yeah. And then we have people like Donk Envy, who are hit with the worst kind of reasoning. Only a state actor could have done this, which you inevitably hear from the least educated people when it comes to how computers and networks and hacks work. Because they will look at something big, some big accomplishment. And for Donk Envy, it was the parlor stuff. And they'll say this was big. So it had to be something equally big to do it. And this sort of thinking is also what leads to a lot of conspiracy theory thinking. Like the assassination of JFK was a big event. So something big must have been behind it. It could not have been a crazy dude to be way overly brief. I've gone into that stuff a whole lot. Please don't think I'm actually simplifying it that much for realsies. But yeah, people simply not knowing what they're talking about. You'll see an article that says maybe they did this with the help of whatever country. There was one article recently about the narrow police force leak. And they a cyber firm pointed out some issues that they thought were inconsistent. And they mentioned me several times in the report never never reached out to me, which I thought was an interesting choice. But they did say I didn't appear to have any involvement in anything. It's a very sloppy report, but it pointed out some things with timestamps. And then a journalist saw that took that to someone who worked at a think tank. And that person said it was probably China. Because China would want to do something like that. And then that became the headline and several other people reported that headline. And there was zero evidence of China's involvement. But that's how that sort of thing can get started. It's Oh, this was a complicated leak. And, you know, things look a little fishy. So it's got to be a state hacker. No, it's, it looks fishy, because it's complicated, and you don't understand it. Which brings us to the big question, or the big questions. First off, are they, you know, spies? And it's a surprisingly broad question. And it's not actually even the right question, because both sources can be exploited and material can be exploited. And if the answer to either is yes, it's not necessarily an emergency shutdown. It's a red flag. Because just something just being exploited doesn't make it untrue or dangerous. Soviet propaganda used to point out racism in the US a lot. And they were right. It's not a problem if it is accurate and not being embellished or twisted towards foul ends. And there are ways you can, you can help make sure that it's not or that there are counterbalancing forces. But usually the first clue is the source themselves. If you have contact with the source at all, any questions without getting into the question, without getting into their security at all, can tell you a lot. One, are they trying to micromanage? Are they trying to tell you what to do, how to handle things, when it needs to be released, how it, how it needs to be labeled, you know, are, are they trying to turn you into their agent? If so, that's a problem. Next up is, can the source answer questions coherently and consistently? And it's amazing how often bad actors are not able to do this. We had one source submit a group of emails allegedly from China and they were unable to tell us what email accounts they were from or what agencies the email accounts were from or anything about the contents other than a lot of stuff. And while we don't expect sources to necessarily have a total knowledge of every single thing that are in these data sets, because some of them are, you know, terabytes in size, if, if you are a leaker or a hacker, you presumably know the basics of what the information is when you've got it. You're not just picking up trash off the floor and then bringing it to us and saying here. And those kinds of failures often mean you're dealing with a cutout or with someone who just, there's some other red flag. And again, we come to the question of are they trying to sell a narrative? And that doesn't mean are they trying to shine a light on an issue? Because there's a big difference between saying these refugees are being abused and treated horrendously and denied their rights and the police are part of it and the government knows about it. There's a big difference between that and the CIA is, is bad and needs to be turned into something else because of these exact things that also further this person's political narrative and goal and whatnot. You know, you could see a narrative being formed now, not related to leaks so much, but the kind of narrative I'm talking about just by watching the fallout from the Mar-a-Lago raid. It's the same, it's the same kind of concept. People trying to build a narrative and once you publish that's going to be unavoidable. You are releasing it into the world. Even if you restrict it to just journalists and researchers, which is one thing DDoS Secrets does on sensitive data sets, you're still letting go of how it's going to be interpreted and what they're going to do with it. But if the source is clearly trying to sell or push a narrative, you have a problem. Other questions include timing. Does the situation or the timing force your hand? Are you being given information three days before it becomes crucially relevant? And if so, why right then? What relevant external events are going on? Elections or armed conflicts? And what is the goal for those things? Is it to shed light on it or is it to intervene? Because both can be valid. Intervention through freedom of information is absolutely a fair way of participating in the world. That's what journalism is. That's what academia is. That's how the world gets changed by people who don't carry guns. Next question brings us to counterbalances. Is there time for it? Because one of the things we saw with the DNC leaks and the Macron leaks was no. They were purposely released right before an event that they would have maximum shock impact on and they would have very little time for, one second, they would have very little time for anyone to then go through and review the initial findings or critique them or get a better understanding of what's going on because you're you're just giving people the tiniest bit of information and time to analyze it and it'll naturally always go to the most shocking things and things that are devoid of context. Next question is why now? Which is pretty self-explanatory. So now the really big question. How the hell were they caught? Chat logs is going to be a recurring theme here for most of them. Cebu caught by chat logs. He kept trying to entrap people and the chat logs, you know, if you're a participant in things it's a bad idea to keep chat logs but if you're a defendant in things they're useful to have but they started communicating with each other. Different hacktivists and they noticed patterns and they shared it within the larger community and then later leaked files confirmed the allegations and what was going on. For pop-off again we have chat logs but this time reviewed in hindsight several years after pop-off had stopped using those targets. His big problem that got him noticed most recently was extorting too many not most recently there were other things since then but one of the things that caused some real problems and as well as his former FBI handler was he began extorting simultaneous targets that he wanted revenge on and when the when the FBI was trying to get at the bottom of this and in particular the U.S. Attorney at Boston wanted to get into it they were asking for information on his pseudonym Dennis Pinhouse which agent Hilbert pop-off's former handler knew what that was and who he was and Hilbert refused to cooperate. Pop-off was also identified by looking in the footnotes of certain DOJ filings he just seemed connected to something and so good journalists just started following up on that and found a very interesting story. He's also identified through his posting to Jeff Carr and simply the Russian operating environment again if you are in Russia and you hack the FBI you give that to the government and you have a very nice life. How are Gutsifer 2 and DC leaks identified and combined this because they share a lot. Chat logs again the money in Bitcoin trail was a huge portion linguistic analysis stylometry forensic analysis provided more confirmation with as at least once Gutsifer 2 mistakenly logged in without a VPN and analysis of files shows overlap between Gutsifer 2 and DC leaks in their files and that one of the first documents that Gutsifer 2 published came from an attachment to one of the Podesta emails. Free civilians identification was fairly straightforward given the circumstances the inconsistent behavior being more interested in selling proof than in selling data posting already sold repute already sold data for reputation as well as the timing their attacks began right around the beginning of the Russian invasion of Ukraine within a day or two and they exfiltrated the data just prior to the wiper attacks so now it's the part where I get to yell at you I'll be gentle hopefully most of this will come across as constructive criticism and not actual aggression newsrooms you won't need to get ready for the next big leak now there's a lot happening a lot more is going to happen and most of you are not equipped to deal with any sizable leak DDoS secrets thankfully is is relaunching Hunter Memorial library and will be making it available to journalists and researchers but that is not a full replacement for newsrooms investing in themselves because you need the proper staff the technology and the training and it is lacking on all three in pretty much every major newsroom that goes for associated press the New York Times the Washington Post the list is pretty hard to come up with an end point need to focus on the long view because I'm tired of seeing articles that examine leaked data for two weeks because you're looking at emails from the last month y'all are better than that y'all have data that's better than that you have a hundred terabytes of leaked data that a lot of it overlaps dozens of mining companies of agencies that work with them that enable that stuff the world is literally on fire and the data sets behind the people who are doing it are open and available but where's the investment I see I see newsrooms with climate teams climate data teams of three maybe four people and none of them are real tech experts and remember that a collaboration that makes the cut is worth two exclusives that get shelved and way too much of your nonsense stuff just gets shelved anyway American newsrooms have definitely trended toward the wrong column in the in the last year we've seen a lot of reporting on fake hacks with no proof very little reporting on the trial of the largest cia leak in history which revealed a lot of information about the leak about wiki leaks about how cia works y'all dropped the ball on that and there's no there's no god damn excuse I've seen a lot of reporting on and promoting worthless nfts but not much following the money beyond it went somewhere and that is not useful reporting I see a lot of emotional headlines being made out of the opinions of inherently biased people the mother of so-and-so the father of so-and-so they have these opinions that doesn't matter you need to focus on recent infirm sorry I skipped ahead a number what you need to focus on is informing people what they need to know before they need to know it because otherwise when the next thing comes they won't know what to make of it and they'll be playing catch up and that's a problem for everyone that's a problem for your outlets too because if people are trying to play catch up when they're reading your articles or watching your video presentations they're already going away because they you didn't give them the tools to understand it and follow it see a lot of people confusing news with stories instead of reporting on non-breaking news that might not have closure even though it has crucial data in context and way too much investing in production instead of investing in the newsroom itself it's absurd cable news is absurd print news is becoming worse and yet there are so many talented people stop shooting yourselves in the foot and editors rethink your shit government hi come see the cognitive dissonance inherent in the system you all love to look at security and address that but the incongruences are what cause and amplify leaks everyone is uh i'd say very impressed with the size of your legal case against dissonge uh go ahead and drop the publication charges because it's bullshit i'm a critic of his do not like him he hates me but i'm up here saying it's bullshit and it seems like y'all are compensating for something do better also just pardon all whistleblowers and uh never let anyone hear you say that talking to journalists and selling t-shirts is a part of a cfa violation again ever ever i don't know how you can look at yourself in the mirror after writing that or filing it with the with with whoever that's that's bananas industry you just need to own your own shit security theater is going to get your companies killed it is going to get people wrecked it is going to destroy personal data and not even in a way that lets journalists use leaks productively be someone who isn't worth leaking and never pay the ransom one area i actually agree with fbi on for a lot of reasons that we don't have time to get into here but it's not just because i want that data leakers and leak publishers real quick study mosaic theory stay focused on results not splash or ego learn what the law actually lets journalists do and what it doesn't because a lot of sources seem to want to ask like publishers to do things that they can't do and you need to understand that state actors can and will look to exploit you on your leaks whether you want them to or not talk to a lawyer listen to your conscience and honestly leak the planet there's no way that we're going to be saved through secrecy recent report from cia found that something like 90 percent of classified documents could be safely released to the public that shit's absurd it's the same with corporate there is no reason why we can't turn to leaks as a vital source when the world is literally on fire and we don't have enough data to figure out well what's causing it specifically in these areas and what's making it worse at this rate we don't have enough data to refine the projections except we do and people aren't fully engaging with it and that's a problem because leaks are only as valuable as you let them be people have risks their lives and their freedom to bring us this data and it would be irresponsible and unconscionable if we let them down by just oh yeah this came out there's i found i found an interesting document and now that's it so leak the planet magic is real have fun thanks for listening