Hi all,
for a very interesting deployment of GlobaLeaks in the are of Human Rights defense, we will have the need to distribute a customized Tor Browser Bundle to the sources.
The "customization" requirement is simple: Have as a default home-page the GlobaLeaks .onion site .
We must go that way because: - the "target country" where the sources are cannot download TBB due to torproject.org being censored - the sources are absolutely non-technologically savy (average 60yo lawyers doing human rights defense)
The website where there will be the leaking instructions and the download of such custom TBB will be "privately distributed" trough word of mouth and trusted connections, with no public solicitation.
So we must do some piece of software that will: - Download TBB in specific languages (2-3 specific languages) for each platform - Unpack TBB (in all formats for Windows, OSX, Linux) - Apply the customization (set the home-page, with slightly different parameters depending on the language) - Check periodically if a new version is available and, in that case, re-execute the process described above to release updated version of TBB
The questions are: a) Which is a simple/stable/resilient way to check which is the latest version of TBB b) Does someone have already done that kind of customization-process? c) Can everything be done from Linux, like a cron-job, in a fully automatic way? d) Which other customization / ideas / concern are there regarding this process?
I'd personally love if the customization would enable me to completely disable the "URL Bar" and all of the Browser Button in order to make it useful only to use it as a console to send information being a source, without the possibility to go browse other sites.
Waiting for comments before writing some quick specs
On Sun, Sep 21, 2014 at 04:12:00PM +0200, Fabio Pietrosanti (naif) wrote:
Hi all,
for a very interesting deployment of GlobaLeaks in the are of Human Rights defense, we will have the need to distribute a customized Tor Browser Bundle to the sources.
The "customization" requirement is simple: Have as a default home-page the GlobaLeaks .onion site .
We must go that way because:
- the "target country" where the sources are cannot download TBB due to
torproject.org being censored
- the sources are absolutely non-technologically savy (average 60yo
lawyers doing human rights defense)
The website where there will be the leaking instructions and the download of such custom TBB will be "privately distributed" trough word of mouth and trusted connections, with no public solicitation.
So we must do some piece of software that will:
- Download TBB in specific languages (2-3 specific languages) for each
platform
- Unpack TBB (in all formats for Windows, OSX, Linux)
- Apply the customization (set the home-page, with slightly different
parameters depending on the language)
- Check periodically if a new version is available and, in that case,
re-execute the process described above to release updated version of TBB
The questions are: a) Which is a simple/stable/resilient way to check which is the latest version of TBB b) Does someone have already done that kind of customization-process? c) Can everything be done from Linux, like a cron-job, in a fully automatic way? d) Which other customization / ideas / concern are there regarding this process?
I'd personally love if the customization would enable me to completely disable the "URL Bar" and all of the Browser Button in order to make it useful only to use it as a console to send information being a source, without the possibility to go browse other sites.
Waiting for comments before writing some quick specs
If I remember correctly I heard some GlobaLeaks people discussing the idea of rebranding TBB a long time ago but eventually they concluded that it was generally undesirable for potential whistleblowers to have GlobaLeaks-specific bytes sitting around on their storage devices.
Also, it seems like whatever private distribution mechanism you plan to use for a modified TBB could also be used just as well for a standard TBB, or Tails.
Have you considered just distributing Tails USB sticks along with the .onion address on a piece of paper?
As for a TBB updater, until TBB's own updater is released, for GNU/Linux users there is Tor Browser Launcher: https://github.com/micahflee/torbrowser-launcher
Unfortunately I'm not aware of anything similar for Mac or Windows. Tails' incremental upgrader generally works these days, if you have enough RAM and a good clock battery.
~leif
Il 9/21/14, 5:09 PM, Leif Ryge ha scritto:
Waiting for comments before writing some quick specs If I remember correctly I heard some GlobaLeaks people discussing the idea of rebranding TBB a long time ago but eventually they concluded that it was generally undesirable for potential whistleblowers to have GlobaLeaks-specific bytes sitting around on their storage devices.
Yeah, in past we've been brainstorming making a customized TBB for public uses. But we concluded it was not a good idea.
Instead in that context of use it's: - specifically for private use/distribution - in a context where the download of TBB is anyhow filtered/censored from torproject.org
so we must provide anyway a copy of the TBB binaries to the end-user, as he cannot download it.
That means that we must anyway keep an updated mirror of TBB binaries for 2 specific target language versions.
Also, it seems like whatever private distribution mechanism you plan to use for a modified TBB could also be used just as well for a standard TBB, or Tails.
Using TBB "as it is" does require the end-user to make a copy/paste of the .onion URL, because .onion are not mnemonic, and that step must be done every time.
We made user-personae and use-case scenario simulation directly with the relevant people dealing with end-users before coming to that conclusion.
That step (copy/pasting URL) has been considered a too complex step to became acceptable, so the reason to deliver a customized TBB with a custom home-page pointing directly to that Globaleaks site.
| Have you considered just distributing Tails USB sticks along with the .onion address on a piece of paper?
We've considered it, but it was outside the logistically doable opportunity, as far as i understood.
Sounds like the most "apparently obvious" solution for our community, are not so easily applicable in that context of use by speaking with the end-users.
On 2014-09-21 11:32, Fabio Pietrosanti (naif) wrote:
Have you considered just distributing Tails USB sticks along with the .onion address on a piece of paper?
We've considered it, but it was outside the logistically doable opportunity, as far as i understood.
Sounds like the most "apparently obvious" solution for our community, are not so easily applicable in that context of use by speaking with the end-users.
Yeah, even if you distributed DVDs with the .onion address written on it, there's still a trail leading from them to you (however tangential). Better for press organizations to provide potential whistleblowers with easily-understood documentation and try to be as pervasive an option as possible.
~Griffin
Il 9/22/14, 5:49 AM, Griffin Boyce ha scritto:
Sounds like the most "apparently obvious" solution for our community, are not so easily applicable in that context of use by speaking with the end-users.
Yeah, even if you distributed DVDs with the .onion address written on it, there's still a trail leading from them to you (however tangential). Better for press organizations to provide potential whistleblowers with easily-understood documentation and try to be as pervasive an option as possible.
Yes, i got your point, we make a lot of paranoia to keep GlobaLeaks to be forensically proof (there are many tricks in place to do it).
However in that specific case, following the user-personae simoulation, it's not a serious problem "not to be forensically proof" (because of the start-page) compared the usability improvement.
It's possible that those kind of TBB's customization tool will get a small funding, so it's worth to try to think it in a way that can be useful for others.
-
Fabio Pietrosanti (naif) -
Griffin Boyce -
Leif Ryge