A diagram would be helpful, but it is still too raw for that. Its a moving target, so too soon to document well.
But if you want a nice diagram, I can point you to the app swapping diagram ;) https://dev.guardianproject.info/attachments/download/1431/distribution-ecosystem.png .hc Paul Gardner-Stephen: > Okay, sounds good. Is there a nice diagram that shows the steps. I only > ask this as while I think I have a handle on it this morning, it wasn't > obvious last night how it works, and if I get confused about it when a > little tired, my suspicion is that plenty of other people will, too. > > Paul. > > On Tue, Feb 10, 2015 at 9:21 PM, Hans-Christoph Steiner < > [email protected]> wrote: > >> >> The point here is to eliminate the need to trust f-droid or any other >> entity. >> f-droid.org is just one instance of this service, anyone can take >> fdroidserver >> and build their own instance. Then there is additionally planned a >> lightweight fdroid instance, the Verification Server, that just does >> builds to >> verify that they match what is published on f-droid.org. >> >> This whole thing is built on the APK signature, so you have to trust that. >> FDroid is also rolling out GPG signatures, but making reproducible APKs >> that >> match by hash is a lot harder than match by APK signature. But you don't >> have >> to trust any people in the whole chain, you can verify it all yourself, and >> run your own instance. >> >> For the record, the F-Droid org is incorporated in the UK, so NSLs don't >> apply. But I imagine that the UK has something similar. I'm not sure >> where >> the servers are. >> >> .hc >> >> Paul Gardner-Stephen: >>> Super :) >>> >>> Now, how do we make sure that F-Droid doesn't get hit by a NSL? >>> >>> Paul. >>> >>> On Tue, Feb 10, 2015 at 7:59 PM, Hans-Christoph Steiner < >>> [email protected]> wrote: >>> >>>> >>>> Yes, this is very useful! That's why we have implemented this in >> FDroid. >>>> Its >>>> pretty raw at the moment, but we do have at least one app that has been >>>> accepted to FDroid using a reproducible build process. This app was >> built >>>> by >>>> f-droid.org's build infrastructure, then compared against the official >>>> Guardian Project build, and since they matched, f-droid.org published >> an >>>> APK >>>> using our signature: >>>> >>>> >> https://f-droid.org/repository/browse/?fdid=info.guardianproject.checkey >>>> >>>> Anyone can submit their app to f-droid.org as long as it is all free >>>> software. >>>> To make f-droid.org verify its build against yours, just include a >>>> download >>>> link to your official APK in the Binaries: metadata field: >>>> >>>> >> https://gitlab.com/fdroid/fdroiddata/tree/master/metadata/info.guardianproject.checkey.txt >>>> >>>> You can read more here: >>>> * https://f-droid.org/wiki/page/Deterministic,_Reproducible_Builds >>>> * https://f-droid.org/wiki/page/Verification_Server >>>> >>>> .hc >>>> >>>> Paul Gardner-Stephen: >>>>> Deterministic compilation of Android applications would be a great step >>>>> forward to provide some protection against forced insertion of >> backdoors >>>>> into binaries. Not perfect, but helpful. Of course it doesn't help on >>>>> Apple. >>>>> >>>>> It would also be interesting to have a mechanism where you can ask an >>>>> application serve up the compiled byte code for any class for remote >>>>> verification. Of course this would be spoofable, but including the >>>> "real" >>>>> byte code would bloat the application, which would be noticeable in the >>>>> increased size of the class files. >>>>> >>>>> Actually, I am over-doing that. We could have a service where the >>>> android >>>>> apps get compiled from public, auditable source code, and the APKs >>>>> downloaded from the net or people's phones (to stop attacks forcing >>>> Google >>>>> to do two-faced apk serving, with the "bad" apk going to phones, and >> the >>>>> "good" apk going to the audit server). Then compare the compiled >> classes >>>>> and resource files to look for any differences. Has the advantage that >> it >>>>> would reveal any naughty insertions. >>>>> >>>>> Would these be useful things? >>>>> >>>>> Paul. >>>>> >>>>> On Tue, Feb 10, 2015 at 1:22 AM, Patrick Connolly < >>>>> [email protected]> wrote: >>>>> >>>>>> This is great! Thanks, Nick! >>>>>> >>>>>> Related to your comment, Tim, it might be informative if the >> watermarks >>>> of >>>>>> the endorsers at the bottom of the "about" page were also near the top >>>> of >>>>>> the front. It seems the partners could be more visible on page one to >>>> give >>>>>> the whole project more weight. >>>>>> >>>>>> I've cc'd canary watch, as I'm not 100% sure Nick is on this list. >>>>>> >>>>>> -------------------------------------------- >>>>>> Q: Why is this email [hopefully] five sentences or less? | A: >>>>>> http://five.sentenc.es >>>>>> >>>>>> NOTE that my incoming emails are delayed from arriving in my inbox >> until >>>>>> 9am daily. If you need to reach me sooner, please use other means of >>>>>> getting in touch. #slowwebmovement >>>>>> On Feb 9, 2015 5:31 AM, "Hans-Christoph Steiner" < >>>>>> [email protected]> wrote: >>>>>> >>>>>>> >>>>>>> I imagine EFF, Harvard Law's Berkman Center, and NYU Law had some >>>> really >>>>>>> good >>>>>>> lawyers look at this before they endorsed it ;-) It is uncharted >>>>>>> territory to >>>>>>> some degree, in terms of courts. But it sounds like those lawyers >>>>>>> forming a >>>>>>> posse in case this does go to court. >>>>>>> >>>>>>> Also, for those who don't know, Nick Merrill, the man behind Calyx, >> was >>>>>>> the >>>>>>> plaintiff in Doe v. Ashcroft, which challenged the legality of >> aspects >>>> of >>>>>>> National Security Letters (NSLs): >>>>>>> https://en.wikipedia.org/wiki/Nicholas_Merrill >>>>>>> >>>>>>> I can't really imagine a better legal team behind this effort. I >>>> suppose >>>>>>> they >>>>>>> are missing an ACLU endorsement... >>>>>>> >>>>>>> .hc >>>>>>> >>>>>>> Tim Bray: >>>>>>>> I almost don’t want to show this to others because of the >> alphabetical >>>>>>>> ordering putting 8chan prominently at the top… Also I’d like to >> hear >>>>>>> some >>>>>>>> really good lawyers take up the question of whether these things >>>>>>> actually >>>>>>>> work. But interesting, thanks. >>>>>>>> >>>>>>>> On Sat, Feb 7, 2015 at 1:20 AM, Hans-Christoph Steiner < >>>>>>>> [email protected]> wrote: >>>>>>>> >>>>>>>>> >>>>>>>>> Looks like our man Nick has vetted the warrant canary idea and >> thinks >>>>>>> its >>>>>>>>> worth doing: >>>>>>>>> >>>>>>>>> https://canarywatch.org/ >>>>>>>>> >>>>>>>>> At the very least, there are a bunch of lawyers behind it (EFF, >>>>>>> Berkman, >>>>>>>>> NYU >>>>>>>>> Law), so hopefully they'll be willing to offer their services if it >>>>>>> comes >>>>>>>>> to it. >>>>>>>>> >>>>>>>>> .hc >>>>>>>>> >>>>>>>>> -- >>>>>>>>> PGP fingerprint: 5E61 C878 0F86 295C E17D 8677 9F0F E587 374B BE81 >>>>>>>>> https://pgp.mit.edu/pks/lookup?op=vindex&search=0x9F0FE587374BBE81 >>>>>>>>> >>>>>>>>> _______________________________________________ >>>>>>>>> Guardian-dev mailing list >>>>>>>>> >>>>>>>>> Post: [email protected] >>>>>>>>> List info: >> https://lists.mayfirst.org/mailman/listinfo/guardian-dev >>>>>>>>> >>>>>>>>> To Unsubscribe >>>>>>>>> Send email to: >> [email protected] >>>>>>>>> Or visit: >>>>>>>>> >>>>>>> >>>> >> https://lists.mayfirst.org/mailman/options/guardian-dev/tbray%40textuality.com >>>>>>>>> >>>>>>>>> You are subscribed as: [email protected] >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>> >>>>>>> -- >>>>>>> PGP fingerprint: 5E61 C878 0F86 295C E17D 8677 9F0F E587 374B BE81 >>>>>>> https://pgp.mit.edu/pks/lookup?op=vindex&search=0x9F0FE587374BBE81 >>>>>>> _______________________________________________ >>>>>>> Guardian-dev mailing list >>>>>>> >>>>>>> Post: [email protected] >>>>>>> List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev >>>>>>> >>>>>>> To Unsubscribe >>>>>>> Send email to: [email protected] >>>>>>> Or visit: >>>>>>> >>>> >> https://lists.mayfirst.org/mailman/options/guardian-dev/patrick.c.connolly%40gmail.com >>>>>>> >>>>>>> You are subscribed as: [email protected] >>>>>>> >>>>>> >>>>>> _______________________________________________ >>>>>> Guardian-dev mailing list >>>>>> >>>>>> Post: [email protected] >>>>>> List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev >>>>>> >>>>>> To Unsubscribe >>>>>> Send email to: [email protected] >>>>>> Or visit: >>>>>> >>>> >> https://lists.mayfirst.org/mailman/options/guardian-dev/paul%40servalproject.org >>>>>> >>>>>> You are subscribed as: [email protected] >>>>>> >>>>>> >>>>> >>>> >>>> -- >>>> PGP fingerprint: 5E61 C878 0F86 295C E17D 8677 9F0F E587 374B BE81 >>>> https://pgp.mit.edu/pks/lookup?op=vindex&search=0x9F0FE587374BBE81 >>>> >>> >> >> -- >> PGP fingerprint: 5E61 C878 0F86 295C E17D 8677 9F0F E587 374B BE81 >> https://pgp.mit.edu/pks/lookup?op=vindex&search=0x9F0FE587374BBE81 >> > -- PGP fingerprint: 5E61 C878 0F86 295C E17D 8677 9F0F E587 374B BE81 https://pgp.mit.edu/pks/lookup?op=vindex&search=0x9F0FE587374BBE81 _______________________________________________ List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev To unsubscribe, email: [email protected]
