Following build guidelines in PR #9, in a Debian AppVM:
make install-depsmake syncwheels
redshiftzero redshiftzero
🐉
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ hey -z 1m -c 50 -m GET https://tor-apt.freedom.press/dists/trusty/Release | |
| Summary: | |
| Total: 60.3476 secs | |
| Slowest: 1.2616 secs | |
| Fastest: 0.0277 secs | |
| Average: 0.0860 secs | |
| Requests/sec: 578.8131 | |
| Total data: 101995600 bytes | |
| Size/request: 2920 bytes |
redshiftzero
/ securedrop-qa.yml
Last active
April 30, 2020 17:52
— forked from conorsch/securedrop-qa.yml
QA playbook for testing SD RC debs
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| # Playbook to update SecureDrop VMs configured with the latest stable release | |
| # to use the release candiate packages from apt-test.freedom.press (rather | |
| # than apt.freedom.press). Updates the apt repo pubkey with a testing pubkey, | |
| # and alters the apt source lists to point to the test server. | |
| # | |
| # Steps to use this playbook: | |
| # | |
| # 1. `git checkout 1.2.2` | |
| # 2. Provision prod VMs. |
redshiftzero
/ read_flask_cookie.py
Last active
October 10, 2018 19:45
read flask cookie without secret key
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ vagrant -v | |
| Vagrant 2.1.2 | |
| $ vagrant up app-staging | |
| Bringing machine 'app-staging' up with 'virtualbox' provider... | |
| ==> app-staging: Importing base box 'bento/ubuntu-14.04'... | |
| ==> app-staging: Matching MAC address for NAT networking... | |
| ==> app-staging: Checking if box 'bento/ubuntu-14.04' is up to date... | |
| ==> app-staging: A newer version of the box 'bento/ubuntu-14.04' for provider 'virtualbox' is | |
| ==> app-staging: available! You currently have version '201803.24.0'. The latest is version | |
| ==> app-staging: '201806.08.0'. Run `vagrant box update` to update. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| redshiftzero nimloth ../securedrop-prod-specific-test $ git init | |
| Initialized empty Git repository in /Users/redshiftzero/Documents/Github/securedrop-prod-specific-test/.git/ | |
| redshiftzero nimloth ../securedrop-prod-specific-test $ ls | |
| redshiftzero nimloth ../securedrop-prod-specific-test $ vi prod-specific.yml # Add prod-specific.yml from 0.3.12 | |
| redshiftzero nimloth ../securedrop-prod-specific-test $ git add prod-specific.yml | |
| redshiftzero nimloth ../securedrop-prod-specific-test $ git commit |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| from pytm.pytm import Actor, Boundary, Dataflow, Datastore, Element, ExternalEntity, Process, TM, Server | |
| tm = TM("SecureDrop") | |
| tm.description = "SecureDrop core threat model" | |
| # Trust boundaries | |
| source_area = Boundary("Source Area") | |
| securedrop_area = Boundary("SecureDrop Area") | |
| external_services = Boundary("External Services") |
redshiftzero
/ entropy.py
Created
December 20, 2019 17:03
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/opt/venvs/securedrop-app-code/bin/python | |
| import pretty_bad_protocol as gnupg | |
| import scrypt | |
| import threading | |
| import time | |
| from base64 import b32encode | |
| KEY_LEN = 4096 | |
| SCRYPT_PARAMS = dict(N=2**14, r=8, p=1) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| digraph g { | |
| "sd-proxy-buster-template" -> "sd-log" [label="securedrop.Log" color=red]; | |
| "sd-devices" -> "sd-log" [label="securedrop.Log" color=red]; | |
| "sd-devices-dvm" -> "sd-log" [label="securedrop.Log" color=red]; | |
| "sd-whonix" -> "sd-log" [label="securedrop.Log" color=red]; | |
| "sd-gpg" -> "sd-log" [label="securedrop.Log" color=red]; | |
| "sd-proxy" -> "sd-log" [label="securedrop.Log" color=red]; | |
| "sd-devices-buster-template" -> "sd-log" [label="securedrop.Log" color=red]; | |
| "sd-app-buster-template" -> "sd-log" [label="securedrop.Log" color=red]; | |
| "securedrop-workstation-buster" -> "sd-log" [label="securedrop.Log" color=red]; |