The Open Source Whistleblower system

17th March, 2022

@kushaldas

https://securedrop.org

@kushaldas

@kushaldas

@kushaldas

Journalist

A journalist is a person who collects, writes, or distributes news or other current information to the public.

Whistleblower

A whistleblower is a person who exposes any kind of information or activity that is deemed illegal, unethical, or not correct within an organization that is either private or public.

@kushaldas

Photo by Chris Barbalis https://unsplash.com/@cbarbalis on Unsplash

@kushaldas

Text

Photo by Claus Grünstäudl https://unsplash.com/@w18

@kushaldas

@kushaldas

@kushaldas

@kushaldas

Let me find a journalist I trust

@kushaldas

Photo by No Revisions https://unsplash.com/@norevisions on Unsplash

@kushaldas

@kushaldas

@kushaldas

@kushaldas

Source

Journalist

Airgapped SVS

@kushaldas

Application Server

@kushaldas

Let us meet the Journalist

@kushaldas

@kushaldas

securedrop-workstation

@kushaldas

Back in 2013

Encryption works. Properly implemented strong crypto systems are one of the few things that you can rely on.

Unfortunately, endpoint security is so terrifically weak that NSA can frequently find ways around it.

@kushaldas

OPSEC

  • FPF provides digital security training
  • SecureDrop is not only an application

Operating system

+

Applications
+
Physical + Legal access
+

Human OPSEC

Support from FPF 

@kushaldas

Landing page & servers

  • Use HTTPS
  • No subdomain
  • No third party tracker or JS

Standard server hardening steps

@kushaldas

How to contribute?

  • https://github.com/freedomofpress/securedrop
  • https://docs.securedrop.org
  • Gitter chat to talk to other contributors
  • UX discussions

@kushaldas

A special tribute

@kushaldas

Links to various images used from Wikipedia

  • https://commons.wikimedia.org/wiki/File:Antu_folder-cloud.svg
  • https://commons.wikimedia.org/wiki/File:Gateway_firewall.svg
  • https://commons.wikimedia.org/wiki/File:GnuPG-Logo.svg
  • https://en.wikipedia.org/wiki/File:Cloud_computing.svg
  • https://commons.wikimedia.org/wiki/File:Gartoon_actions_1leftarrow.svg
  • https://commons.wikimedia.org/wiki/File:Key-311738.svg
  • https://commons.wikimedia.org/wiki/File:Antu_folder-cloud.svg
  • https://en.wikipedia.org/wiki/File:Tor-logo-2011-flat.svg
  • https://en.wikipedia.org/wiki/File:Laptop.svg
  • https://commons.wikimedia.org/wiki/File:CD_icon_test.svg
  • https://commons.wikimedia.org/wiki/File:Usbdrive_icon.svg

@kushaldas

Thank you

https://kushaldas.in

securedrop-sunetdays

By dascommunity

securedrop-sunetdays

  • 796