Hi all! (Taking off my forum moderator hat for a moment)
As some of you may know, I’m one of the developers of Dangerzone, the cross-platform Qubes Trusted PDF cousin, originally developed by Micah Lee and taken under Freedom of the Press Foundation (FPF) since 2022. We recently started working on Dangerzone’s Qubes integration and I wanted to share some updates and welcome testers for our alpha version.
For some background, Dangerzone essentially reimplements Qubes Trusted PDF but cross-platform, using containers. It does however have some features beyond Qubes Trusted PDF, particularly OCR support (to make the final doc searchable), PDF compression, offline conversion by default and supporting multiple file types (images and documents).
The alpha Qubes support is already out, which means that Dangerzone can work in Qubes natively, using disposable qubes instead of containers for conversions. There are two caveats, though:
- it requires manual instalation from source, and configuring a diposable qube (subject to change)
- we have not yet implemented security “guard rails”, so please use only with documents you trust
Want to help testing?
Follow these instructions. If you encounter problems, report them on our bug tracker and give us feedback here or on our Github Forum.
Next Steps
Now we’re working on the beta version which will make Dangerzone available as a package and close some of the implementation gaps, particularly making sure we handle errors correctly and adding timeouts.
Then, we’ll work towards the stable version. This will be focused on thinking more systematically about the multi-VM architecture of Dangerzone, in particular how we can make it easier to install and maintain. I have shared some thoughts on this already on the forum but more is to come.
SecureDrop Workstation Integration
An additional goal is to integrate Dangerzone with FPF’s Qubes-based SecureDrop Workstation to add document santization to journalists’ workflow when exporting files to less safe systems in the newsroom. Dangerzone will keep being a standalone project but just have this extra integration.