The following commit has been merged in the master branch:
commit 0a03bc2fffc3b8eff017ce8a7171342cbe208dfe
Author: DocOcassi <[email protected]>
Date: Tue Dec 30 10:50:44 2014 +0000
Added more tools/sites/description.
diff --git a/doc/index.wiki b/doc/index.wiki
index 75ccc79..ebaaa39 100644
--- a/doc/index.wiki
+++ b/doc/index.wiki
@@ -1,31 +1,28 @@
-= Debian-freedom =
+= Debian-Sanctuary =
Change name to Debian Sanctuary
-A Pure Blend that will allow the installation of privacy tools on Debian.
+A Pure Blend that will provide specific privacy protections by the
installation of privacy tools on Debian.
-Using Tasks, The system will install tools for providing the best privacy
protection, for a specific task
+The system will present tasks related to use cases for the user. It will
install tools for providing the best user protection for a specific task
-I have used a modified risk assessment for identifying the Threats, and
controls, which will identify the tools required:
- `Risk.odt`
+I have used a modified risk assessment for identifying the Threats, and
Controls Measures, which will in turn identify the tools required: see
[[Risk.odt]]
== links ==
Project home
http://wiki.debian.org/DebianFreedom
-Info Regarding the Pure blends
-http://blends.debian.org/blends
-
-Ham Radio Example of build page:
-http://blends.debian.org/hamradio
-
The Original Repo
http://anonscm.debian.org/cgit/blends/projects/freedom.git/
The Git page for edits.
https://github.com/debian-freedom/debian-freedom.git
+Info Regarding the Pure blends
+http://blends.debian.org/blends
+
+
== Risk Assessment ==
=== Task ===
@@ -56,38 +53,72 @@ In an environment with *no* protection the possibility of
compromise.
=== Control Measures ===
Based on the Hazard and the Information threatened, define countermeasures to
use to mitigate risk.
-| 1 | OS Choice | A Secure OS with minimal
active exploits |
-| 2 | Firewall | Protect yourself by blocking
direct attacks |
-| 3 | Anti-virus/Malware | Ensure you have Updated and
active virus/malware protection, this may be provided by the OS |
-| 4 | Computer Use Training / User Competanccy | When using a computer to
acieve tasks safely. |
-| 5 | Cache Purging | Ensure any processed
information is not left where it can be recovered |
-| 6 | Password Safe | If you have access
passwords/keys, ensure they are stored in a safe location |
-| 7 | Disk Encryption | Protect your sensitive
information from being recovered from silenced disks |
-| 8 | Transport Encryption | Encrypt data during transit,
must be to an acceptable* standard |
-| 9 | Out of Band Authentication | Authentication where a
shared secret had been securely passed and verified |
-| 10 | Authenticated Encryption | Encryption that has been
secured by an Authenticated secret |
-| 11 | Transport Anonymity | A transport to prevent
identification of actors communication |
-| 12 | Perfect Forward Secrecy. | Encryption which ,even if
intercepted, cannot be decrypted with any key |
-| 13 | Anonymity | Communication cannot be
identified or authenticated. |
-| 14 | Platform Selection | Choice of platform/network
to use based on protection given (https://tosdr.org) |
-| 15 | Authentication | Authentication (less strong
then OOB?) |
-| 16 | System Use Training | A Specific system needs to
give special information to the user |
+| # | Control Measure | Description
|
+| --- | --- | ---
|
+| 1 | OS Choice | A Secure OS with minimal
active exploits |
+| 2 | Firewall | Protect yourself by
blocking direct attacks |
+| 3 | Anti-virus/Malware | Ensure you have Updated and
active virus/malware protection, this may be provided by the OS |
+| 4 | Computer Use Training / User Competanccy | When using a computer to
acieve tasks safely. |
+| 5 | Cache Purging | Ensure any processed
information is not left where it can be recovered |
+| 6 | Password Safe | If you have access
passwords/keys, ensure they are stored in a safe location |
+| 7 | Disk Encryption | Protect your sensitive
information from being recovered from silenced disks |
+| 8 | Transport Encryption | Encrypt data during
transit, must be to an acceptable* standard |
+| 9 | Out of Band Authentication | Authentication where a
shared secret had been securely passed and verified |
+| 10 | Authenticated Encryption | Encryption that has been
secured by an Authenticated secret |
+| 11 | Transport Anonymity | A transport to prevent
identification of actors communication |
+| 12 | Perfect Forward Secrecy. | Encryption which ,even if
intercepted, cannot be decrypted with any key |
+| 13 | Anonymity | Communication cannot be
identified or authenticated. |
+| 14 | Platform Selection | Choice of platform/network
to use based on protection given (https://tosdr.org) |
+| 15 | Authentication | Authentication (less strong
then OOB?) |
+| 16 | System Use Training | A Specific system needs to
give special usage information to the user |
+| 17 | Censorship Resistance |
|
+| | |
|
+
(* If it is good enough for trade agreements.)
== Tools ==
-Tools available brief description and control measures implemented
-| GnuPG | Public Private key encryption | 15, 10 |
-| OTR | Private communications over instant messaging | 13, 12, 15, 10 |
-| Mix Master | Anonymous Remailer | 11, |
-
-
-== tools ==
-
-
-
-=== Development ===
+Tools available brief description and control measures implemented, I have
just taken this from my limited uderstanding of these systems, and will need
further investigation to be sure of these claims.
+There are also grades of protection provided by packages, which isn't
investigated here, but an implementation of some kind of grading may be useful
but also difficult.
+
+| Name | info | Description
| Implementes |
+| ---- | ---- | ----
| ---- |
+| GnuPG | https://gnupg.org | Public-Private Key
Cryptography | 15, 10 |
+| OTR | https://otr.cypherpunks.ca | Private
communications over instant messaging | 13, 12, 15, 10 |
+| MixMaster | https://sourceforge.net/projects/mixmaster | Anonymous Remailer
| 11, 13 |
+| Mixminion | https://mixminion.net | Anonymous Remailer
| 11, 13 |
+| Freenet | https://freenetproject.org | Decentralised node
driven encrypted network | 8, 11, 13 |
+| Gnunet | https://gnunet.org | Encrypted peer to
peer Network | 11, 8 |
+| I2P | https://geti2p.net | Anonymous network
layer | 11, 13 |
+| Tor | https://torproject.org | Decentralised Node
driven Encrypted Network | |
+| Namecoin | http://namecoin.info | Anonymous registry
| |
+| shred | see apt | Secure file
deletion | 5 |
+| tinc | http://www.tinc-vpn.org | encrypted peer to
peer network | 11 |
+| zyre | https://github.com | Proximity based
Peer to peer framework | |
+| Retroshare | https://retroshare.sourceforge.net | friend to friend
secure decentralised net | |
+| Briar | https://briarproject.org | Proximity based
encrypted peer to peer network | |
+| Pond | https://pond.imperialviolet.org | Forward secure
async messaging (Experimental) | |
+| cjdns | http://cjdns.info | Encrypted IPv6
with PPK for address allocation | |
+| Mumble | http://mumble.info | Encrypted VoIP
| |
+| Jitsi | |
| |
+| CCNx | |
| |
+| Tahoe-LAFS | |
| |
+| Blackadder | |
| |
+| Tribler | |
| |
+| PSYC | |
| |
+| Bittorrent | |
| |
+| tox | |
| |
+| linphone | |
| |
+| | |
| |
+
+These are preliminary and there is a definite need to have thouruogh analysis
of these tools bassed on their claims.
+
+== Use Training ==
+The Largest point of failure in all these systems is the user, through
misconfiguration of misuse, we need a method to engage the user and their
thought process when using these tools. from general computer use to using a
specific tool, these should be easily accessible to the user and available from
Context of use use, the language must be as clear as possibly and accessibly to
users of all levels.
+
+
+== Development ==
`blends-dev`
Tools to build metapackages from template
@@ -97,3 +128,9 @@ Tools available brief description and control measures
implemented
Debian Live
For Building live images
+
+== Examples ==
+Ham Radio Example of build page:
+http://blends.debian.org/hamradio
+
+
--
Debian Privacy Tools Pure Blend
_______________________________________________
Blends-commit mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/blends-commit
