Following build guidelines in PR #9, in a Debian AppVM:
make install-deps
make syncwheels
$ hey -z 1m -c 50 -m GET https://tor-apt.freedom.press/dists/trusty/Release | |
Summary: | |
Total: 60.3476 secs | |
Slowest: 1.2616 secs | |
Fastest: 0.0277 secs | |
Average: 0.0860 secs | |
Requests/sec: 578.8131 | |
Total data: 101995600 bytes | |
Size/request: 2920 bytes |
--- | |
# Playbook to update SecureDrop VMs configured with the latest stable release | |
# to use the release candiate packages from apt-test.freedom.press (rather | |
# than apt.freedom.press). Updates the apt repo pubkey with a testing pubkey, | |
# and alters the apt source lists to point to the test server. | |
# | |
# Steps to use this playbook: | |
# | |
# 1. `git checkout 1.2.2` | |
# 2. Provision prod VMs. |
$ vagrant -v | |
Vagrant 2.1.2 | |
$ vagrant up app-staging | |
Bringing machine 'app-staging' up with 'virtualbox' provider... | |
==> app-staging: Importing base box 'bento/ubuntu-14.04'... | |
==> app-staging: Matching MAC address for NAT networking... | |
==> app-staging: Checking if box 'bento/ubuntu-14.04' is up to date... | |
==> app-staging: A newer version of the box 'bento/ubuntu-14.04' for provider 'virtualbox' is | |
==> app-staging: available! You currently have version '201803.24.0'. The latest is version | |
==> app-staging: '201806.08.0'. Run `vagrant box update` to update. |
redshiftzero nimloth ../securedrop-prod-specific-test $ git init | |
Initialized empty Git repository in /Users/redshiftzero/Documents/Github/securedrop-prod-specific-test/.git/ | |
redshiftzero nimloth ../securedrop-prod-specific-test $ ls | |
redshiftzero nimloth ../securedrop-prod-specific-test $ vi prod-specific.yml # Add prod-specific.yml from 0.3.12 | |
redshiftzero nimloth ../securedrop-prod-specific-test $ git add prod-specific.yml | |
redshiftzero nimloth ../securedrop-prod-specific-test $ git commit |
#!/usr/bin/env python3 | |
from pytm.pytm import Actor, Boundary, Dataflow, Datastore, Element, ExternalEntity, Process, TM, Server | |
tm = TM("SecureDrop") | |
tm.description = "SecureDrop core threat model" | |
# Trust boundaries | |
source_area = Boundary("Source Area") | |
securedrop_area = Boundary("SecureDrop Area") | |
external_services = Boundary("External Services") |
#!/opt/venvs/securedrop-app-code/bin/python | |
import pretty_bad_protocol as gnupg | |
import scrypt | |
import threading | |
import time | |
from base64 import b32encode | |
KEY_LEN = 4096 | |
SCRYPT_PARAMS = dict(N=2**14, r=8, p=1) |
digraph g { | |
"sd-proxy-buster-template" -> "sd-log" [label="securedrop.Log" color=red]; | |
"sd-devices" -> "sd-log" [label="securedrop.Log" color=red]; | |
"sd-devices-dvm" -> "sd-log" [label="securedrop.Log" color=red]; | |
"sd-whonix" -> "sd-log" [label="securedrop.Log" color=red]; | |
"sd-gpg" -> "sd-log" [label="securedrop.Log" color=red]; | |
"sd-proxy" -> "sd-log" [label="securedrop.Log" color=red]; | |
"sd-devices-buster-template" -> "sd-log" [label="securedrop.Log" color=red]; | |
"sd-app-buster-template" -> "sd-log" [label="securedrop.Log" color=red]; | |
"securedrop-workstation-buster" -> "sd-log" [label="securedrop.Log" color=red]; |