Melanie Rieback Dr. Melanie Rieback is co-founder and CEO of Radically Open Security
Published

Thu 02 October 2014

←Home

SBox: Usable Privacy and Anonymity for Journalists

Radically Open Security is off to a great start! Within months of registering our new company with the Chamber of Commerce, we have 4 client engagements, and even more gigs rolling in! But what we’re happiest about is that those projects mean the start of our organization’s ability to begin giving back to the community via our open source ethos and non-profit business model.

Today I’m excited to let everyone know about a new project to create useful open-source things for the whole community. We’ve been engaged by the Internet Protection Lab - a collaboration between Free Press Unlimited, Hivos and Greenhost - dedicated to preserving press freedom and access to information worldwide. The Internet Protection Lab has asked Radically Open Security to help create technology that allows journalists and activists to connect to the internet safely in an easy way, and we need your help!

What’s this thing we’re working on? We’re still in the specification stages, but let me introduce you to the SBox. We plan to build a low-cost physical device that acts like a wifi hotspot that transparently creates a VPN tunnel or connection to the Tor network for standard end-point devices. As the user, you just connect your device to the hotspot’s Wifi, log in, and begin browsing, sending email, etc. Under the hood, the SBox will then transparently create a VPN tunnel and/or a connection to the Tor network, thus preventing the end user’s communications from being watched, and protecting the users’ identity from observers.

This is a community project.. we’re going to need help to make this happen! Here’s what you can do to help us and Free Press Unlimited protect journalists and other activists:

  • Security professionals: the security architecture and protocols, and security analysis of the device’s operations and user modes will be a challenge. As usual, key and certificate management will be difficult to get right. We’ll need to ensure that physical compromise of the device doesn’t mean total loss of the journalists’ data, location, and identity. We’ll need to carefully scope what the device can do and CAN’T do. And platform/application security of the SBox itself will need to be audited. We’ll need many many sets of eyes to get these things right...
  • Devops/Programming experts: we need to create the requirements and specs, and then hunt for an appropriate low-cost (preferably <$50) HW platform on which to build. We’ll have to consider existing open-source SW projects that solve similar problems (i.e. OnionPi, Grugq’s Portal, Safeplug), and see if we can build upon them. And we’ll need to make our platform usable and easy to configure.
  • Community organizers: We need help spreading the word about this project, recruiting more volunteers to work on it and folks to help us make our in real life events flow smoothly.
  • Users: As we start to have our first prototypes, we’ll want live feedback from the field about usability and security of the system. We’re looking for feedback from expert technologists and every day users, alike. Bonus points if you have experience as a journalist or activist!

So how can you help?

Come to our first volunteer meetup and hackathon this Friday, October 3rd. We’ll convene from 6-10 PM at the Tech Inc hackerspace in Amsterdam to work on requirements gathering and exploring what technical resources already exist that we can use. If you’re not a coder, no worries! Turn up anyway, as we’ll want a chance to get to know you and figure out where you can best lend your skills in marketing, testing or any other way you’d like to contribute.

Looking forward to seeing you on Friday! If you can’t make it, we’ll have even more hackathons and volunteer meetups coming soon. Stay tuned to this space.

Go Top