Kevin now discussing potential next-gen cryptographic protocol for SecureDrop. Need to satisfy constraints specific to SecureDrop -- whistleblower side needs to be stateless; access via Tor Browser is preferred over dedicated app.
Kevin O'Gorman now summarizing the architecture of the SecureDrop Workstation, which uses Qubes OS (@QubesOS) to enable journalists to safely decrypt and view submissions, without having to physically move files to an air-gapped machine.
This is accomplished through the VM-based compartmentalization provided by Qubes.
Pilot has been underway since 2020. Next year, we expect to move it from pilot to general availability.
The more than 70 orgs using SecureDrop range in size from large media orgs like The Guardian, to specialized orgs like Whistleblower Aid or the Organized Crime and Corruption Reporting Project (@OCCRP).
@LisaRein is taking a moment to honor Pentagon Papers whistleblower Daniel Ellsberg, who died earlier this year.
In the 1970s, Dan had to skillfully leak information about the Vietnam War to multiple newspapers. No system like SecureDrop existed, of course. He said to Lisa that if he were to leak the Pentagon Papers today, he would have done it through SecureDrop.
Brewster now discussing one project Aaron helped build at the @internetarchive - @OpenLibrary. The goal: one webpage for every book. Publishers have tried to sue the project out of existence -- not because of revenue, but because of control, Brewster says.
The one and only @brewsterkahle from @internetarchive now speaking at #AaronSwartzDay. In 1996, Brewster founded the Archive, which is one of the most important nonprofit institutions of the Internet today. Livestream here:
"You may not be aware of this, but Signal for Android supported insecure SMS for a long time. Many wanted this, but the UI wasn't clear and people didn't understand what it meant." People were using SMS without understanding security implications. This informed Signal's decision to remove support for SMS.
Riya Abraham from @signalapp at #AaronSwartzDay about the importance of listening to users on the ground to inform security & usability decisions.
Riya Abraham from @signalapp now speaking at #aaronswartzday about the value of feedback to support privacy.
Feedback from users everywhere, whether they're human rights defenders to a grandmother who's trying to attend her grandson's graduation. How to make sure that Signal (which is open source and nonprofit) serves humanity's need for secure communications:
"We have so many crises because of Big Tech. If you think we don't have a Google Classroom crisis, I promise you it's coming." As that crisis escalates, push for interoperability.
@pluralistic about windows of opportunity due to enshittification. (We're in one such window right now, which is why I'm pushing so hard for people and organizations to leave X.)
"As hackers we want to build a better service and have everyone switch to it". But laws that prevent interoperability act as an impediment because people can't easily switch platforms without it. That means they effectively feel held captive on platforms like Facebook because people they love are there.
@pluralistic about the need for policy to accelerate system-level changes.
"Americans may not be temporarily embarrassed millionaires, but American capitalists are definitely temporarily embarrassed feudalists" - @pluralistic about rent-seeking behavior in the enshittification stage of capitalism. Listen live at #aaronswartzday:
This year's "State of the Drop" presentation about the year (and decade) in SecureDrop will be streamed live at #AaronSwartzDay today, starting at 1:30 PM pacific time (9:30 PM UTC).
If you're free tomorrow, check out the talks for #AaronSwartzDay, an annual celebration of the life and work of Internet activist and trailblazer Aaron Swartz.
Starting online at around 11 AM pacific time (7 PM UTC). I'll post a bit more under the hashtag tomorrow as it gets underway :)
Yesterday would have been Aaron Swartz's thirty-seventh birthday. Aaron did so much great that contributed to our freedoms in technology and on the Internet. And, if you don't know yet about his life and legacy, we encourage you to watch "The Internet's own boy" on PeerTube: https://framatube.org/w/1zywKcr1ChzL7R9rG6yCnq#AaronSwartz#AaronSwartzDay#CreativeCommons
"There is no justice in following unjust laws. It's time to come into the light and, in the grand tradition of civil disobedience, declare our opposition to this private theft of public culture.
We need to take information, wherever it is stored, make our copies and share them with the world. We need to take stuff that's out of copyright and add it to the archive. We need to buy secret databases and put them on the Web. We need to download scientific journals and upload them to file sharing networks. We need to fight for Guerilla Open Access."