[Ssc-dev] Can you send me your notes on the budget proposal?

[Nathan Freitas]

Here's what I have so far, in terms of phase 2/1.0 funding proposal.

****
SSC: Camera Obscura
"A software camera for mobile devices that has the best interest of
human rights media built into it from the core"

I. Project Components

A. Complete Development of SSC 1.0

The current development phase of the Secure Smart Camera application is
a three month sprint focused on laying the groundwork of the project,
proving out the core concepts, and implementing a working, demonstrable
prototype. The first phase of development also focuses mostly on still
image capture, due to it being a more simple first step to take.
However, all work in phase one has been done with a goal of moving
towards video capture and processing. In April, the 0.1 "Alpha" of the
SSC will be publicy available for feedback, community review, and
testing in non-risk environments.

The second phase will move the application to a complete 1.0 product
through two three month development sprints. After the completion of the
first sprint, the app will be deployed to specific early adopter "focus"
groups within the Witness community for hands-on training, use and
feedback. Then a second development sprint will commence.

Built upon open-source code included in the core Android applications,
the SSC 1.0 app will be a full-fledged video, image and audio capture
and media processing application for Android-powered devices. The
applications will provide workflow for annotating media with consent and
intent-based metadata, realtime and "mobile post"-production
capabilities for subject identity protection and other media processing
features.

B. Define and Implement Mobile Metadata Formats and Tools

Part of what has been discovered in the first phase of development, as
that neither the technical standards nor archival formats of metadata
fit quite what need for this application. Mobile media, and the numerous
ways it can be modified, distributed and consumed, offer unique
complexities that need to be addressed. There is also a need to
understand how and when metadata data should be wiped from media in
order to safeguard identity of the creator, versus when it should be
fully persisted and even cryptographically signed in order to contribute
to a body of evidence.

- discuss obscura mode vs. informa mode

C. Advanced Secure Media Storage

In the initial phase of development, the mechanisms for secure storage
that the application uses are based on well-defined models -
symmetrically encrypted database storage, and encrypted file systems. In
each case, we are storing data whole, either metadata text stored in a
SQLCipher database, or captured media data in the encrypted filesystem.
This is enough to safeguard information on the phone.

In addition, we plan to support the use of public key crytopgraphy to
enable media files to be encrypted to a remote user's public key,
thereby rendering the data unencrypted locally on the device. This would
mean that no amount of coersion under duress could cause the media to be
accessed, and that only the remote user would be able to unlock it. In
addition, this would safeguard the data while in transit over networks.

However, there is a need to be able to both remove portions of the media
(aka "blur it") but to do so potentially in a non-destructive way. For
instance, a user may want to upload a blurred video from their phone
directly to YouTube, while saving the original media for use later. It
is possible that instead of just encrypted the entire source video, that
it could be broken up into component parts (faces, backgrounds, text,
audio), each of these encrypted, and sent via different streams, and
then put back together again somewhere else. It is a big concept, and
one worth funding to research.


D. Training and deployment for use in a Witness supported campaign
- Identity qualified projects / campaigns
- Create new training curriculum
- Hold trainings, and deploy hardware+software
- Monitor usage

II. Team Budgets

- 2 Full-Time Positions ($5-8k/month)
--- Lead/Senior Developer, Junior Developer

- 2 Part-Time Positions ($2-5k/month) Project Manager/QA/Testing
--- Program Manager/QA Lead, UI/UX Designer/QA/Testing

III. Timeline

- 6-8 month project, made up of two 3 month dev sprints, with a test
deployment in the between
--- First sprint to 1.0, then deploy, get feedback, iterate with second
sprint

IV. Support from Google

We currently have one Google engineer on our team in a volunteer
capacity. His experience in computer vision topics and insight has
proven valuable to our work. We hope to gain support from Google
engineering resources on key topics including media frameworks and
security.