Product Meeting: Sanitization and Export
Allie Crevier edited this page Jun 10, 2021
·
6 revisions
Here are some brainstorming notes from our product meeting on June 10, 2021. See https://docs.google.com/document/d/1UNDnGpbfrm-iLAH85hEGIfo87bd6AI6ny8lQd8za4Eo/ for more ideas and questions around this topic.
How do we see post-triage (after users have decided whether a submission is actionable) workflows working for more than just our current pilot groups?
- sanitization is a must, because the very next step is going to be "let's share this with editor/teammates/research". might even need to share with general counsel, and in which case, there will probably be less of an apetite to transport derivatives safely from the workstation.
- One distinction between orgs is just the sheer submission volume -- "triage" is not really a problem for orgs that only get one submission a month
- Technical skills and risk-awareness vary greatly! Many journalists will not be aware at all of malware/metadata risks when managing documents+1 to this, should aim to make sanitization an easy default +1 (sometimes a journalist might want to choose which app to use to sanitize/mitigate malware and sometimes a journalist might want this to happen automatically in qubes: an automatic sanitization pipeline every time you export to usb or vm)
- barebones implementat first with desire paths
- Metadata might be part of a tip?
- important to keep derivative copies and making it apparent where the original is
- some orgs will still be physical rather than remote, so support for print workflows still important (though with WS folks may adapt working habits) +1
- do we have enough hardware support for this?
- Following sanitization, we ought to think about the safety of the channels where people are exporting. For example, if someone exports to Signal, then sends off to a compromised device… Well, that's no good.
- Questions about how to recreate/redact documents (e.g., clasified gov. docs or internal corporate docs that may implicate a source if published in their original form/entirety), OCR PDFs, etc. within Qubes once a spicy doc is found to be actionable
- I think most are going to mostly focus on getting the good leaks out of an unfamiliar Qubes environment into their own Mac/Windows computer quickly. Hopefully safely too but they won't necessarily know what sanitization means 'til training shows them. +1, from prior user interview where user went from SD to mac "to sanitize on mac"
- dangerzone, MAT
- recoll (for keyword search)
- exiftools? (for analysis)
- FFMPG? (for recoding/resaving of video)
- whatever is in Tails already for media stuff (i.e. burning to DVD-R)
- see https://docs.google.com/document/d/1UNDnGpbfrm-iLAH85hEGIfo87bd6AI6ny8lQd8za4Eo/