Ricochet Refresh: Preserving Anonymity with Suelette Dreyfus

Suelette Dreyfus

Ricochet Refresh is designed to preserve anonymity to safeguard journalists or patients who want to safeguard personal data about their health via secure and encrypted open source software, as Suelette Dreyfus explains.

What’s your motivation to work on preserving anonymity on the Internet?

Imagine you’re an investigative journalist reporting on high-stakes corruption in business and government. Freedom of Information (FOI) doors have been closing over the past decade, as the powerful try to hide paper trails. Your inside sources are increasingly worried about speaking to you because they know they leave a trail of little electronic breadcrumbs whenever they are in contact with someone. Reaching out to you could get them fired – or worse. But they want to reveal the truth about corruption for instance.

Ricochet Refresh open source software was designed with just this sort of scenario in mind. R2 (‘R squared’) is free, open-source software that lets two people chat via typing on their Linux, Mac or Windows desktops. What makes R2 innovative is not just that their communications are secure (encrypted) but that they are also anonymous.

How does Ricochet Refresh work?

An anti-corruption agency investigator, for example, can post her R2 ID number in public, inviting sources to come forward to communicate with her without fearing retaliation. A journalist and an investigator cannot be forced to reveal an identity they don’t know. Their sources simply have randomly generated code names assigned to them via R2.

When you first start R2, a new cryptography key is randomly generated, consisting of a public key you can share with anyone and a private key you keep secret. That public key becomes your address in R2. No registration is required, so no one other than the person themselves knows the link between a public R2 address and the identity of person.

R2 also offers the option of a continuing conversation. Unlike one-time anonymous dropboxes where a whistleblower ‘drops a package and runs’, R2 lets that investigator and her source continue to chat with each other over time.

This is very important; journalists and agency investigators are often handed large piles of electronic documents. When a source dumps-and-runs, the investigator may have no roadmap to what’s important and what’s not. Being able to come back and continue the conversation – and ask questions about complex financial transactions for example – is vital.

How did NGI support the project?

With new features supported by NGI4eu, R2 now also allows the whistleblower to anonymously transfer files to the investigator. That means when the investigator asks for deeper evidence, the whistleblower can anonymously transfer recordings, documents, photos or bundled up database extracts, as examples, directly to the investigator.

R2 is a peer-to-peer messenger app that uses the Tor network to connect people. Tor is the most widely used anonymity-creating infrastructure on the internet. R2 recently upgraded its security as well as it compatibility with Tor Onion Services v3 instead of the older v2. By passing through different hops in the Tor network before arriving at the designated destination, the communications of someone using R2 remains protected from re-identification.

NGI support for Ricochet Refresh has been incredibly important. It’s one of the pillars that let us rebuild a moribund open source software project into the shiny, modern and incredibly useful application it is today. Reuse and recycle! NGI’s support paid for developer time to work on the update of the software, and to fix some serious issues.

NGI support also introduced us to the NGI community, which is a pretty cool place. We found a home of like-minded people who care about privacy at a fundamental level, not just superficially. They want to take apart the privacy risks at the most basic level, and then build up from there properly. Like us, they’re passionate about what they do. NGI gave us a security review of R2’s code – officially the other members of the NGI community doing it were just going to spend a day on it but they spent three, because, they said, they were really interested in our project. They gave good advice – and we were a little thrilled they thought R2 was so special. We definitely would do the same for them if the roles were reversed. Why? NGI isn’t just a community of creativity; it’s an ecosystem of help.

 How did you come up with the idea for anonymity on the internet?

 Ricochet Refresh is developed and maintained by Blueprint for Free Speech, a charitable NGO that supports freedom of expression internationally. Protecting the whistle-blowers ability to speak up safely in the public interest, without retaliation, is a battle often fought in policy or law settings.  Blueprint is the only freedom of expression NGO developing new technology tools specifically aimed at supporting and protecting this community.

R2’s GitHub repository is here: https://github.com/blueprint-freespeech/ricochet-refresh

The EU Directive protecting whistle-blowers, passed by the European Parliament in 2019,  is being rolled out in national laws across Europe. This is part of a worldwide trend to embed such protections in law. Blueprint is pleased to see interest in R2 by a wider range of end-users, from company’s compliance offices which are required to set up safe ways for whistle-blowers to reveal serious wrongdoing in-house, to anti-corruption agencies expanding technology-based ways to contact them. R2 also can also be used when patients want to keep their identity genuinely anonymous to ask questions in health settings where just being present might imply disease or risk.

What’s next for Ricochet Refresh?

Ideally, we’d love to create a version for mobile phones. This is a hard problem to solve if you want to do it well.  Also on our agenda is more public outreach, to where the software is most needed. The software has already protected sources’ lives, we’re told by the journalism community. But we need to get it out there to put the free software in the hands to be more widely used. And of course on a software project maintenance as security reviews never end.

Dr Suelette Dreyfus is the Executive Director of Blueprint for Free Speech which she founded in 2014. Suelette’s career has spanned academia, journalism and advocacy. She is a specialist in cybersecurity technologies and in integrity systems that work as corrective mechanisms in society.

More information on Blueprint for Free Speech

More information on Ricochet Refresh