Topic
Operational security
Articles on operational security for OffshorePress subscribers — the discipline that closes the gap between the operator's posture and the customer's threat model.
12 min read
Email as forensic evidence — what offshore mail hosting changes
A reading of the forensic surface of email — what the mailhost operator sees mechanically, what the operator does not, what TLS-in-transit and PGP narrow down — with notes on Swiss and Icelandic mail-server jurisprudence and the practical posture for an editorial-register customer.
12 min read
Leak-aggregator stacks: SecureDrop, GlobaLeaks, OnionShare and the published archive
A reading of the four-layer architecture of a working leak-aggregator — submission system, processing workstation, archive store, published surface — with notes on which tools fit which layer and why the offshore VPS belongs to the archive end of the stack, not the submission end.
11 min read
Migrating an investigative archive to offshore hosting
A fourteen-day sequence for moving an investigative archive — a journalist's corpus, a leak-aggregator's repository, an NGO's case-files — from a commercial host to offshore civil-liberties hosting, with notes on the OPSEC, legal, and chain-of-custody dimensions vendor runbooks omit.
13 min read
Choosing a payment rail: Monero, Lightning, Bitcoin or cash for offshore hosting
A practical reading of the four payment rails OffshorePress accepts — Monero, Lightning, on-chain Bitcoin, and cash by post — with notes on what each rail protects, how you acquire the coin without contaminating the surface, and when to mix rails rather than commit to one.
11 min read
Self-hosting Nextcloud on a civil-liberties VPS
An operational guide to standing up Nextcloud on a small offshore VPS — choosing the tier, the OS, the deployment shape, the hardening posture, the backup discipline — written for journalists, archivists and NGO IT leads who have decided Google Drive is not the right place for the work.
11 min read
Warrant canaries — operational, legal, theatrical
A reading of the warrant canary as a triptych — operational (signed denial, regular cadence, contemporaneous referent), legal (compelled-silence vs compelled-speech), theatrical (signal between operators and sophisticated readers) — and a note on the editorial-register customer's adjacent posture.
13 min read
Threat models for activist archives
An editorial framing of the threat model an archival project — a leak repository, a documentation collection, an institutional memory — should reason about before committing to a hosting decision, drawing on the documented record of archival projects that survived adversarial pressure and those that did not.
11 min read
Cash mail-in payments: an operational guide
How to pay OffshorePress in physical banknotes by post, why the operator offers the route, what the envelope should and should not contain, and the operator's documented protocol for receipt, acknowledgement, and dispute resolution.