The Wall Street Journal is facing a backlash from web security and privacy experts over its WikiLeaks-inspired whistleblowers' site, SafeHouse.
SafeHouse, which launched on Thursday to allow anyone to upload documents to the Journal, has been described by one encryption analyst as a "total anonymity failure" that could compromise the security of whistleblowers.
Other researchers have told the Guardian that SafeHouse needs "basic improvements" and that – in its current state – should not have been launched.
"These are technical issues that only technical experts will notice," said Rik Ferguson, a security analyst at Trend Micro. "But given the kind of data that the Journal will hope to get from this, if I [was a whistleblower] there would absolutely be enough for me not to choose that site to upload to.
"There are certainly some relatively basic improvements that could and should have been made before the site went live."
Jacob Appelbaum, a security researcher and senior developer on the Tor online anonymity network, was also critical of SafeHouse: "They're negligent and this is the wrong project to beta-test on an open internet," he said.
Within hours of SafeHouse being launched, security experts pointed out that the site has an insecure way of redirecting whistleblowers who visit the unencrypted version of the site. "This leaves any potential whistleblower open to the chance of getting their traffic – and any documents they're uploading – intercepted by someone on the same network," said Ferguson.
SafeHouse's terms and conditions includes a disclaimer that it "cannot ensure complete anonymity" of whistleblowers who opt to use the most secure form of uploading to the site – and recommends using "cloaking" tools such as Tor, which hide the online identities of web users.
However, uploading from Tor did not work on Thursday or Friday when tested by security researchers. "This is quite worrying and makes you think that it's quite risky if you're going to put information on there," Paul Mutton, a web security tester, told the Guardian.
Mutton added it was also "surprising" the Journal had not opted for an independently-verified SSL certificate – as used by PayPal and other companies which transmit sensitive information – which notifies site visitors of its enhanced protection with a green address bar.
"Not only would this instil more confidence in submitters, but it would also be more difficult for someone else to impersonate the site," Mutton said.
SafeHouse is also facing criticism for its terms and conditions, which state the Journal "reserve[s] the right to disclose any information about you to law enforcement authorities or to a requesting third party, without notice, in order to comply with any applicable laws and/or requests under legal process [...]".
The Journal confirmed to the Guardian on Friday that it would shortly update SafeHouse in an attempt to eliminate some potential vulnerabilities.
Ashley Hutson, a spokeswoman for the Journal, said: "We take these issues very seriously. Development for eliminating the Flash dependency, which is required for Tor compatibility, is complete, and we expect to implement the update within 48 hours.
"In addition, our system has been updated to limit the types of less secure connections it will accept. As is standard procedure, we will continue to assess new specifications and analyse any potential situation that may impact the privacy of our users.
"Our priority is to ensure that SafeHouse fulfils its mission as a secure location that provides sources with access to highly skilled, experienced journalists."
• To contact the MediaGuardian news desk email editor@mediatheguardian.com or phone 020 3353 3857. For all other inquiries please call the main Guardian switchboard on 020 3353 2000. If you are writing a comment for publication, please mark clearly "for publication".
• To get the latest media news to your desktop or mobile, follow MediaGuardian on Twitter and Facebook.
