@qqubes, the short answer is, we don’t really know. I suggest making a separate thread for vPro, as there is a lot to discuss about it
Thank you. This is actually something I feel strongly about, having been in places where you think “that only happens in the movies…”.
If there are, they’re very quiet…
I don’t want things like “Met with whistleblower Aaron Schmidt-Chan for lunch at restaurant. Got followed home by unmarked police car. Went to visit Kurdish family in eastern Turkey, Palestinian protest in Gaza Strip, and then quick shower, saw hidden camera and microphone in my shower cubicle”…
I feel like that stuff would make an excellent thriller novel rather than useful software
What I meant was things like:
- “distribute a document publicly in a way that only the recipient can decipher, but my network is being watched, so I have to obfuscate it to make it look like Microsoft Teams network traffic”
- “publish a photo, but I need to make sure that all the EXIF data has been scraped from it, otherwise my informant may be paid a visit and shot”
- “I’m in transit, and there’s a chance I will be stopped and have my laptop searched. I need plausible deniability, and may have to use my duress password if they force me to unlock it, so that it will boot into a harmless Ubuntu environment, which should get me past a basic visual inspection (but I’m screwed if they image the drive)”
- “I need to be able to get access to Tor to interview someone, but I’m in a territory that blocks standard Tor data packets, so I need a way to get around that without drawing too much attention”
- “My place of residence could be broken into and my hard drives stolen at any time, so I need a way to ensure that I’m the only person who can unlock my drive, so I’ll detach the LUKS header and keep it on an RFID tag disguised as a gym locker key”
- “I’ve received some files that I know I won’t really be able to do much with unless I open them with the original software they were created with, but the thing is, that software is backdoored TO THE MOON, so I need a way to make sure I can use that software without my laptop snitching on me”
- “I wasn’t able to obtain a SIM card or data connection without handing over my passport, and I need to be able to visit some potentially eyebrow-raising websites, so I need a way to be able to do that so that it’s not against my name”
- “The government deactivated the broadband internet infrastructure because of the recent civil unrest (but really as a way for news not to get out), but phone calls still work, so I need a way to be able to get internet access over 56k modem”
- “I need a way to securely back up my entire laptop every night at the same time, so that WHEN it is lost, stolen, damaged, or seized, I will be able to buy any old replacement laptop locally and restore my backups so I can keep working”
- “I need a way to be able to pay for flights out of the country, but I can only pay with Monero, so I need a way to be able to do that”
- Or even “I miss home, and want to be able to communicate with my family without them being used as a bartering chip against me by hostile forces, so we need a way to be able to communicate without anyone snooping on us, preferably in normal conversation, not in code”
Stuff like this will greatly assist in coming up with ways to get those tasks done, all while educating the journalists/HRDs about the reasons why they’re done this way, what third parties can and can’t see when you do them, and what not to do…
I’d never ever want you to even consider doing anything without another party’s consent. That is unacceptable in my books.
Ok, that’s a perfect example.
- Communicate with who? Colleagues? Interviewees? Agents? Family?
- Do they care if they are doxxed? Do they have a plan for damage control if Slack’s servers are breached (let’s be honest, WHEN their servers are breached)
- Do they encrypt their collaborative project data with their own keys before they upload them to Slack, so that Slack can’t make sense of it, or do they just give them the sensitive files?
- Do they ever use Slack for any function that Slack wasn’t intended to do, like for concealment or obfuscation (eg hiding whistleblowers’ phone numbers as sports statistics, document numbers as GPS coordinates, etc.)? (software plugins can be written to do this automatically, so that they don’t have to do it manually, and would be worth it if enough were doing it)
Yes, especially an end user who has gotten into a mould. I fully understand that.
I guess I’m somewhat concerned that there may be some journalists and HRDs are just “using someone else’s computer while they’re watching your every move”, placing all their stuff (other people’s contacts, home addresses of fugitives, photo sync from mobile devices, etc.) onto someone else’s server (“the cloud” makes it sound more inviting ), whose operator may or may not give a crap about whether those files are kept safe, as long as the customers pay their bills on time (you never know, that server operator may even be digging through those files looking for ways to monetise them).
I would be even more concerned if there were investigative journalists in hostile territories doing fact-checking by holding up their phone and saying “Hey Google…” or “Hey Siri…”
If that’s their workflow, then who am I to judge? My only wish is that they understand the ramifications of that workflow, because I can guarantee you that they’d be using Siri a lot less if they did
Agreed.
Also agreed.
My interest, among many others, is getting Qubes OS to be considered as a viable option in the workplace, because, it really is.
Switching to Qubes OS doesn’t require you to “give up” anything. In fact, it augments your previous computer uses…behind 36 inches of concrete and steel. There’s a reason why we use our machines this particular way, because we know that is how you counter potential threats. Doing extra steps without any benefit are a waste of energy, and we wouldn’t do them if they were. Yet that is how it is perceived by some members of the general public. We’ve been trying to leap that hurdle for a while now…
Qubes OS also vastly increases the flexibility and usability of your computer, all with piece of mind knowing that only YOU (…well, and anyone you gave access to) are the gatekeeper.
Another analogy would be a bespoke suit. Once you’ve worn one, it’s impossible to go back to off-the-rack…
Many many years ago, I managed to convince an ex-partner to never use Windows again, by connecting the laptop up to my machine running wireshark
and cold booting it. My partner watched as their full name, login password, home address, Internet Explorer browser history and the contents of the Word document they were typing up the night before; all shot out of the laptop UNENCRYPTED, bound for Microsoft’s servers.
All of this happened before the login screen showed up. Thankfully, Microsoft has started encrypting that stuff, but can you imagine if that document was something sensitive, like minutes of a government meeting, and they had notified ISPs to be “on alert” for any data in transit matching it?
And who’s to say that Microsoft wouldn’t “snitch”? Nothing against Microsoft, but I’d rather not take that chance, and I genuinely believe that it’s a chance that journalists and HRDs simply can’t afford to take, given the nature of their work.
I can guarantee that if this was explained to investigative journalists and HRDs in a way that was relevant to them, they’d be scrambling over each other to install Qubes OS