The Open Source Whistleblower system
17th March, 2022
@kushaldas
https://securedrop.org
@kushaldas
@kushaldas
@kushaldas
Journalist
A journalist is a person who collects, writes, or distributes news or other current information to the public.
Whistleblower
A whistleblower is a person who exposes any kind of information or activity that is deemed illegal, unethical, or not correct within an organization that is either private or public.
@kushaldas
Photo by Chris Barbalis https://unsplash.com/@cbarbalis on Unsplash
@kushaldas
Text
Photo by Claus Grünstäudl https://unsplash.com/@w18
@kushaldas
@kushaldas
@kushaldas
@kushaldas
Let me find a journalist I trust
@kushaldas
Photo by No Revisions https://unsplash.com/@norevisions on Unsplash
@kushaldas
@kushaldas
@kushaldas
@kushaldas
Source
Journalist
Airgapped SVS
@kushaldas
Application Server
@kushaldas
Let us meet the Journalist
@kushaldas
@kushaldas
securedrop-workstation
@kushaldas
Back in 2013
Encryption works. Properly implemented strong crypto systems are one of the few things that you can rely on.
Unfortunately, endpoint security is so terrifically weak that NSA can frequently find ways around it.
@kushaldas
OPSEC
- FPF provides digital security training
- SecureDrop is not only an application
Operating system
+
Applications
+
Physical + Legal access
+
Human OPSEC
Support from FPF
@kushaldas
Landing page & servers
- Use HTTPS
- No subdomain
- No third party tracker or JS
Standard server hardening steps
@kushaldas
How to contribute?
- https://github.com/freedomofpress/securedrop
- https://docs.securedrop.org
- Gitter chat to talk to other contributors
- UX discussions
@kushaldas
A special tribute
@kushaldas
Links to various images used from Wikipedia
- https://commons.wikimedia.org/wiki/File:Antu_folder-cloud.svg
- https://commons.wikimedia.org/wiki/File:Gateway_firewall.svg
- https://commons.wikimedia.org/wiki/File:GnuPG-Logo.svg
- https://en.wikipedia.org/wiki/File:Cloud_computing.svg
- https://commons.wikimedia.org/wiki/File:Gartoon_actions_1leftarrow.svg
- https://commons.wikimedia.org/wiki/File:Key-311738.svg
- https://commons.wikimedia.org/wiki/File:Antu_folder-cloud.svg
- https://en.wikipedia.org/wiki/File:Tor-logo-2011-flat.svg
- https://en.wikipedia.org/wiki/File:Laptop.svg
- https://commons.wikimedia.org/wiki/File:CD_icon_test.svg
- https://commons.wikimedia.org/wiki/File:Usbdrive_icon.svg
@kushaldas
Thank you
https://kushaldas.in
securedrop-sunetdays
By dascommunity
securedrop-sunetdays
- 796