It’s a sad statistic. 129 journalists were killed worldwide in 2025. That’s more than any year since the Committee to Protect Journalists began tracking in 1992. More than 300 journalists remained imprisoned. 39 reporters were killed by governments using drones as a weapon.
We’re losing journliasts ever year by other means. The Los Angeles Times laid off over 100 journalists. Sports Illustrated was caught publishing AI-generated articles under fake author personas. Local newspapers continued to shrink: over 2,900 have closed since 2005.
The Pincer Movement
In authoritarian states, the threat is paalpable. Sources know that surveillance technology can identify them from their phone’s metadata, facial recognition. Even their gait.
In relatively more democratic states, surveillance is the option.
Flock Safety’s license plate readers now operate in over 5,000 communities across 49 states. They scan 20 billion vehicle every month. In one case, a journalist drove 300 miles across rural Virginia, was captured by nearly 50 surveillance cameras, operated by 15 different law enforcement agencies. A court ruled the network functions as a “dragnet over the entire city, ” acting as the functional equivalent of GPS trackers on every vehicle. Audit logs have revealed searches conducted for ICE, and at least one investigation into an abortion.
Amazon’s Ring has partnered with over 2,100 police departments, creating what the Electronic Frontier Fundation calls “the largest corporate-owned surveillance network in US history.” Police can request footage from any Ring camera within a specific area. Ring admitted to providing footage to law enforcement without warrants or user consent at least 11 times in a single year. The company is now reintroducing features that would let police request live-stream access to home security devices.
This is citizen-on-citizen surveillance, privatized and normalized, and fed directly to law enforcement.
For journalists, this changes everything. A source who meets you at a coffee shop has their license plate logged on the drive over. Your neighbor’s doorbell camera captures who visits your home. The metadata of movement is collected before anyone asks a question or obtains a warrant.
One system kills journalists. The other makes it impossible for sources to reach them safely. Both achieve the same outcome: a world with fewer people willing to tell the truth.
The Pseudonymous Newsroom Problem
The tools exist. Tor. SecureDrop. Tails. OnionShare. Major newsrooms—the New York Times, ProPublica, The Intercept, BBC, Deutsche Welle—run onion services so sources can submit documents without revealing their identity or location.
But these tools protect sources. What protects the journalists themselves?
Even Signal—the gold standard for encrypted messaging—has been compromised. Not through broken cryptography, but through the mundane infrastructure it depends on. The FBI recently obtained encrypted Signal messages by requesting push notification data from Apple. Push tokens are stored on Apple and Google’s servers, handed over on request. An NSA bulletin warned that Russian hacking groups are exploiting Signal’s “linked devices” feature to spy on encrypted conversations.
The encryption works. The metadata betrays you anyway.
Now imagine a different problem: a journalist in an authoritarian state wants to publish verified, authentic reporting—content that can be proven to come from a consistent source over time—without ever revealing their identity. Or a dissident newsroom that needs to establish credibility and trust while remaining completely pseudonymous.
This is the bootstrap problem. And solving it requires rethinking how trust works on the internet.
From trust.txt to trust.json
In 2020, journalist and entrepreneur Scott Yates launched trust.txt through a nonprofit called JournalList. The idea was elegant: a simple text file, placed at the root of a website, declaring facts about the organization—ownership, affiliations, social accounts, content licensing. Modeled after robots.txt and ads.txt, it made trust signals machine-readable.
Trust.txt solved a real problem: distinguishing legitimate news organizations from imposters in a way that automated systems could verify. It’s been adopted by publishers and integrated into programmatic advertising pipelines. The IPTC worked with JournalList, The Trust Project, Reporters Without Borders’ Journalism Trust Initiative, and others to standardize how trust signals appear in news content.
But trust.txt has a limitation: it’s domain-based. Your trust file lives at example.com/.well-known/trust.txt. That works fine for established publishers with registered domains. It doesn’t work for pseudonymous actors who can’t—or won’t—tie their identity to ICANN infrastructure.
This is where trust.json comes in.
We evolved the trust.txt concept to support decentralized identifiers (DIDs) instead of domains. A trust.json file can live anywhere—including at a Tor onion address that requires no registration, no WHOIS record, no third party. It declares which cryptographic identities are authorized to act on behalf of an organization, what roles they hold, and what trust relationships exist.
{
"version": "1.0",
"organization": {
"name": "Pseudonymous Newsroom",
"type": "news_organization"
},
"authorized_signers": [
{
"did": "did:key:z6Mkf5rGMoatrSj1f...",
"role": "editor",
"valid_from": "2025-01-01",
"capabilities": ["sign_articles", "manage_journalists"]
},
{
"did": "did:key:z6MkhaXgBZDvotDkL...",
"role": "journalist",
"capabilities": ["sign_articles"]
}
],
"trust_relationships": [
{
"type": "member_of",
"target": "did:web:press-freedom-coalition.onion"
}
],
"revoked": []
}The privacy advantages are significant. A traditional trust.txt requires a domain, which requires a registrar, which requires payment infrastructure, which requires identity verification. Each step leaks metadata. Trust.json over Tor eliminates the entire chain.
Bootstrapping a Newsroom in the Dark
Here’s how a pseudonymous newsroom actually bootstraps:
Hardware: Acquire machines through cash purchases or trusted intermediaries. Air-gap the signing infrastructure. Run Tails from a USB stick for day-to-day operations. Never connect signing keys to the internet directly.
Identity anchor: Generate a Tor v3 onion address. The address itself—a 56-character string ending in .onion—is derived from your Ed25519 public key. No registrar. No DNS. No WHOIS. The cryptographic key IS the address. You can regenerate the same address from the same key on any machine, anywhere.
Trust policy: Host your trust.json at http://yourxxxxxxx.onion/.well-known/trust.json. This declares your organization’s signing keys (as DIDs), roles, and any trust relationships with other pseudonymous or identified organizations. Verifiers fetch this file to confirm that a signing key is legitimate.
Signing keys: Generate did:key identifiers for each journalist or role. These are self-certifying—the identifier contains the public key, so verification requires no external lookup. Sign C2PA manifests with these keys. The signature proves the content came from a key listed in your trust.json.
Distribution: Publish through your onion service. Syndicate to clearnet mirrors, social platforms, or anywhere content can travel. The C2PA signature travels with the content. Verifiers can check the signature against your trust.json regardless of where they encountered the content.
Reputation over time: Every signed article builds your pseudonymous reputation. The cryptographic identity is consistent—readers and other journalists can verify that today’s article comes from the same source as last month’s investigation. Trust accumulates without exposure.
The Technical Path Forward
C2PA is already exploring this direction. The did:x509 specification—drafted by Microsoft and under review at IETF—bridges traditional certificates and decentralized identifiers. Crucially, it “does not require an X.509 trust anchor store but rather relies on verifiers either trusting an individual DID directly or using third-party endorsements.”
The C2PA trust list explorations include proposals for decentralized trust registries that could complement or replace traditional certificate authority models. A coalition of news organizations could maintain their own trust list—a federated model where Reuters vouches for its correspondents, and a pseudonymous newsroom vouches for its journalists, and readers decide whose vouching they trust.
This is exactly the design philosophy behind trust.txt—organizational vouching, machine-readable trust signals, federated verification. Trust.json simply extends that model to work with DIDs instead of domains, and to support verifiable credentials that can express richer trust relationships than a flat text file allows. The same principles, adapted for a world where identity can’t always be tied to DNS.
This isn’t theoretical. The primitives exist. Tor onion services are battle-tested. DIDs are a W3C standard. C2PA signing works today. Trust.json is a straightforward extension of established patterns. What’s missing is the integration layer—and the will to build infrastructure that serves journalists who can’t safely identify themselves.
The content is verifiable. The source is consistent. The humans remain protected.
The Verification Void
Here’s what keeps me up at night: journalism’s core function isn’t content creation. It’s verification. It’s having a human in the room asking “is this true?” and “who benefits from this claim?”
AI can generate plausible text about city council meetings. It cannot attend them. It cannot notice that the developer’s lawyer and the planning commissioner keep exchanging glances. It cannot knock on doors. It cannot protect a source. It definitely cannot risk its life to document a war crime.
When we replace journalists with language models, we’re not automating journalism. We’re automating the appearance of journalism while eliminating the function.
The Provenance Problem
Every week brings new examples of AI-generated images presented as news photography. Synthetic audio of politicians saying things they never said. Deepfakes that require forensic analysis to detect.
The volume of synthetic media now exceeds our collective capacity to verify it. This is the asymmetry that breaks democracy: generating disinformation is cheap and fast; verifying truth is expensive and slow.
We’re in an arms race where the defense—human attention, institutional trust, investigative resources—is being defunded while the offense scales exponentially.
The Uneven Distribution
Wealthy outlets will maintain human journalists as a premium product. Investigations will become luxury goods. The New York Times will still send reporters to conflict zones; your local paper won’t send anyone to the school board meeting because your local paper no longer exists.
This creates information deserts—not just in rural areas, but in any community that can’t sustain the economics of human-verified news. The automation of journalism will track existing inequalities and amplify them.
Skynet doesn’t need to target everyone. It just needs to target the places where no one’s watching.
What Now?
I don’t have clean answers. But I have observations:
Provenance matters more than ever. Knowing where information comes from—who created it, how it was verified, what chain of custody it followed—becomes essential when synthetic content is indistinguishable from authentic content.
Local news is critical infrastructure. We treat roads and bridges as public goods worth funding. The information infrastructure that lets communities govern themselves deserves the same consideration.
Human-in-the-loop isn’t optional. AI can be a tool for journalists. But the moment we remove human verification from the loop, we’ve stopped doing journalism and started doing something else—something that looks like journalism but serves different masters.
Pseudonymity is not anonymity. A journalist who cannot reveal their name can still build a verifiable identity over time. Cryptographic signatures, decentralized identifiers, and trust policies hosted on onion services create accountability without exposure. This is how journalism survives in hostile environments.
The future is already here. Some newsrooms are thriving, investing in investigative teams and verification technology. Others went dark years ago, replaced by content farms and algorithmic feeds. Others were silenced by bullets and bombs. And some—the ones we need most—are learning to operate in the shadows, pseudonymous but provable, hidden but verifiable.
The question isn’t whether Skynet arrives. The question is which communities get protected, which get abandoned, and who decides.
Technology created this problem. Technology alone won’t solve it. But technology that restores trust between humans—that lets a reader know a real journalist verified a real story from a real source, even when that journalist cannot safely reveal their name—that’s where we start rebuilding.
Noosphere is building the human-to-human trust infrastructure for the Skynet age.