Newsroom intelligence for source protection and verification.
Encrypted messaging apps secure conversations — but still expose metadata, traffic patterns, and call signals that can reveal critical intelligence. SourceNote makes that hidden exposure visible on the journalist's own device, so newsrooms can detect risks, analyze encrypted activity, and verify communications without breaking encryption.
What it surfaces
What the journalist's own device is leaking during a call — so they can choose to relay, switch networks, end the call, or change apps before continuing.
The network signals around a source's communications — IP, ASN, geolocation, network type (residential, mobile, datacenter, VPN exit, satellite), and consistency across past sessions with the same contact.
The information needed for better-informed editorial decisions about what a source's claimed conditions actually look like — as one input among several into the desk's judgment, not as proof.
Screenshots
Live call view — peer endpoint and relay infrastructure surfaced as the call connects, before signaling completes.Single-call dossier — observed IP, ISP, AS number, geographic registration, and direct-vs-relayed media path for one Signal session.Cross-session view — recurring calls with the same contact aggregate over time. A source moving from a carrier network to a commercial VPN tells its own story.Your own footprint — the LAN address and reflexive public IP your device exposed to the peer during the call.Source roster — every contact you've tracked, with the editorial assessment that contextualizes each one.
01/05
Platforms
Available on Android through seamless app integration, and for iOS and desktop platforms as a network deployment using the customer's device.
A senior procurement analyst documents bid-rigging at her transit authority from inside. From home, on her own phone, she calls an investigative reporter on an encrypted app — but her phone is still on her agency's BYOD VPN.
During call setup, the reporter's linked work laptop responds from the newsroom's network. Her phone's call metadata, captured by the agency, now carries the paper's address. Combined with the publication-day cadence, that's enough. She's terminated for cause and referred to the state AG.
With SourceNote
With SourceNote running on the reporter's side, the first call surfaces the source-side leak: her public IP whoises to a state government network, and her phone is offering two private addresses — home wifi alongside her employer's VPN. Calls move to a relay, her phone comes off the agency VPN, the linked laptop gets dropped. The series runs; the agency's case never lands. She leaves on her own terms.
Source protection
Clinical-trial whistleblower
Without SourceNote
A statistician on a Phase 3 oncology trial reports to a journalist that adverse events are being re-coded. Some of her early calls to the journalist are placed from the office wifi network.
After the story runs, corporate counsel runs OSINT against advertising data, audits the firewall, and walks the suspect pool down to four people on the biostatistics VLAN. Civil discovery against her home ISP finishes the rest. She loses her savings.
With SourceNote
With SourceNote, the newsroom sees the corporate private-IP leak on the first call and flags it immediately. Work-network calls stop. The firewall audit later finds nothing; the suspect pool stays at fifteen. The FDA investigation begins; her name never appears in a litigation file.
Source verification
Foreign defector
Without SourceNote
A Berlin reporter is approached by someone claiming to be a defected Russian intelligence officer now hiding in a Mediterranean country, with documents on Western Balkans operations.
She corroborates what she can and publishes. Within a month, two documents are shown to be forgeries; a third names a Western intelligence asset who is subsequently arrested in Belarus. The “defection” was an active-measures operation. She retracts.
With SourceNote
With SourceNote, the source's connection IPs across multiple calls rotate among commercial hosting providers — not the residential broadband you'd expect from someone hiding out in the Mediterranean country he claims. Call times cluster against Moscow business hours, not the time zone he describes. She slows down, demands a proof-of-presence he never delivers, and catches the forgeries before publication.
Source verification
Compromised long-term source
Without SourceNote
A London reporter has worked an 18-month cobalt-supply-chain investigation with a logistics manager at a Swiss trader, on encrypted calls, for over a year. After a trip, the source begins steering him toward a competitor.
He can't put his finger on what feels off. He attempts to call the source, with no answer. He publishes. Three months later it emerges the source's phone was cloned at the airport on his return; “he” had been on a controlled device for weeks. The competitor sues. The outlet retracts.
With SourceNote
With SourceNote, the unanswered call sends the reporter straight to the contact's session log. The connection IP is no longer the residential range in Geneva — it's a corporate block in Zug. And the consistent Friday-evening-to-Sunday gap is gone. He verifies out-of-band through a mutual contact. The answer comes back wrong. He stops publication; two months later he reaches the real source through a different route.
