Security in-a-box drives a new paradigm of self-enabled agency in the digital realm, teaching human rights defenders how to become more efficient by adopting habits and approaches that help them to continue doing their work unimpeded and to circumvent harassment and censorship. However, the infrastructure is not suited to easily support maintenance of existing languages and adding new languages of the online toolkit despite frequently receiving offers to do them. This project will update the infrastructure and establish a reliable workflow which professionalized the translation process.
Cryptocat is a web application that aims to provide an open source, browser-based communication environment with security that is comparable to desktop-based encrypted chat applications. Cryptocat aims to leverage both the ease of use and accessibility afforded by web applications and the security provided by client-side public key cryptosystems.
Tor bridges are Tor relays that aren’t listed in the main Tor directory. They are a step forward in the blocking resistance race. Cupcake Bridge is a browser extension that allows users to become new Tor bridges automatically, without having to install a full software suite or configure anything. This project would bring create a Cupcake Bridge extension for Firefox and plugins to work on sites like Wordpress and Drupal significantly growing the number of global Tor bridges.
Working with the Berkeley Anti-Censorship Lab and Incubator, the project will expand the Lab’s test-bed to mobility-based tools and proliferate the development of new security tools.
OpenPGP encryption for Webmail
- Mailvelope uses the OpenPGP encryption standard which makes it compatible to existing mail encryption solutions.
- Installation of Mailvelope from the Chrome Web Store ensures that the installation package is signed and therefore its origin and integrity can be verified.
- Mailvelope integrates directly into the Webmail user interface, it’s elements are unintrusive and easy to use in your normal workflow.
- It comes preconfigured for major web mail provider.
- Mailvelope can be customized to work with any Webmail.
This project will build a new software client for M-Lab testing by developing a browser extension or similar software integration for one or more of the popular open source browsers. Once deployed, this tool will enable any user to become a regular and reliable part of the MLab community. It will also give researchers and policymakers a tool for realtime monitoring of censorship activity with a capability to zoom in on particular user communities on particular networks in particular geographies.
Ooni-probe, the Open Observatory of Networking Interference, is an open source network testing framework and associated tests for detecting internet censorship. Its aim is to collect high quality data using open methodologies, using Free and Open Source Software (FL/OSS) to share observations and data about the kind, methods and amount of surveillance and censorship in the world. Measurement Lab is an open platform for researchers to deploy Internet measurement tools. By enhancing Internet transparency, M-Lab helps sustain a healthy, innovative Internet.
TextSecure, is an easy to use encrypted text messaging application for Android. It enables secure local storage of SMS/MMS messages, as well as encrypted transmission of SMS/MMS messages to other TextSecure users. This project will develop a feature-parity TextSecure client for iOS, which will provide full secure text interoperability between the supported TextSecure platforms.
RedPhone is an easy to use encrypted VoIP application for Android which enables secure high-quality phone calls anywhere in the world. This project will develop a feature-parity RedPhone client for iOS, which will provide full secure call interoperability between the supported RedPhone platforms.
All current Android sync providers are unencrypted, meaning that the sync service gets a plaintext copy of everything sync’d, leaving your contact and calendar information potentially vulnerable to hostile parties. While the stock Android sync experience has no built in confidentiality, leaking contents of your contact and calendar details, Android fortunately has a mechanism for others to seamlessly provide different sync functionality. This project will take advantage of this mechanism to offer Android users encrypted backup.
SecondMuse is an innovation and collaboration agency. They co-create prosperity by applying the art and science of collaboration to solve complex problems.
Their project with OTF is to aid in the creation and development of more effective Internet Freedom tools (IFTs) through the application of a research framework grounded in ethnography, human-centered design, and the practice of research-based product definition. This framework will define motivations, needs and usability challenges facing user communities of target IFTs and provide development and design milestones that are necessary to address these challenges. This work will also provide selective recommendations to developers of specific IFTs in the form of proposed development milestones to address the findings of a pilot study.
StoryMaker is a tool to help citizen journalists produce better content. Currently, StoryMaker can publish video content securely via a custom YouTube uploader. This project will add at least four new distribution channels to support more secure publishing of StoryMaker content. Specifically, support will be added for secure photo publishing to flickr, secure audio publishing to SoundCloud, private publishing of any media to a private server via SSH, and secure photo and video sharing to Facebook.
The Guardian Project aims to create easy to use apps, open-source firmware MODs, and customized, commercial mobile phones that can be used and deployed around the world, by any person looking to protect their communications and personal data from unjust intrusion and monitoring. This project focuses on core app development, the creation of a secure mobile media production tool, the creation of an open app store for privacy and security tools and expanding secure chat to other mobile platforms.
Armies of online drones, compromised social network accounts, and surrogate users known as “Internet sock puppets” are used to drown out the voice of the voiceless. These sock puppets are used by repressive regimes to deflect or redirect conversations that are important. Essentially, the use of these sock puppets threaten the benefits offered by a free Internet by abusing that same freedom. This makes for an insidious attack, because one of the fixes against sock puppet attacks would be to reduce Internet anonymity. A case where the cure might be much worse than the illness itself. This makes this project all the more important. It will map out these attacks, identify in depth the techniques commonly utilized, and build a set of tools to be used by organizations and the public to help defend against this attack.
This effort will focus on expanding security and usability of the Tor Browser Bundle (TBB). Tor Browser is used by millions worldwide daily and has been downloaded over 36 million times in the past 12 months. The project will identify and resolve privacy and security issues in Firefox that impact TBB users; improve the usability and functionality of the Firefox extensions that we include with TBB; finish and extend the “reproducible build” design that allows users to gain confidence that TBB includes exactly and only the components intended to be included.
This project will support a resource center for circumvention & digital security for the average Vietnamese netizen; the No Firewall online platform to continue to localize new manuals and guides, while promoting existing tools; and a help desk for bloggers, digital activists, citizen journalists, human rights defenders in need of support.