[Ssc-dev] scrum/design notes from yesterday

Nathan of Guardian nathan at guardianproject.info
Fri May 25 11:24:43 EDT 2012 

1) We've come up with a name for our data format: JSON Evidenciary
Mobile Media Metadata Format or JEM^3 or just JEM!

The idea is to say "mine the JEM" or "extract the JEM" or "bundle the
JEM" or "Download the JEM".

Full publishing of the proposed JEM v1.0 Spec is imminent as part of our
goals for June 18th meeting with IBA.

2) Aside from our partners at UC Berkeley, we also want to get UStream,
Bambuser, YouTube and other partners who may have rich metadata already
being captured and stored to supporting exporting in JEM format.

3) Harlo shared her server/API submission protocol format. At this
point, each trusted party you will submit to is expected to host a
server that supports a known set of HTTP/S based calls. After some
review, feedback we came up with the following... Harlo is working on a
more detailed version of this, but I wanted to get my notes down.

** We should move all this to the dev site wiki, but again for now, just
blasting them to the list **

- the hash of the unredacted file will be used the key to link all
ongoing conversations, interactions around that file. there is no other
id, or user/pwd needed to communicate. however, if a OpenPGP public key
id is submitted along with the hash, then all communication will be made
using that public key.

- as soon as possible, there needs to be a /submitHash call to begin the
chain of custody, verification of unredact format. This can also be
submited via SMS or email if HTTP/S call is not available. This is where
the OpenPGP public key id can be provided for future interaction,
tracking across submissions.

- the /submitUpload is an HTTP/S POST with some ability to resume and
handle low-bw/high-latency connections. This is where the unredacted
media file and JEM will be submitted. Ideally this is encrypted to the
Trust Party public key, and signed by the submitter's public key. This
will be built directly into InformaCam for now.

- finally, there is a /getMessage?hash capability to check for
messages/responses from the Trusted Party to the submitter. This is
ideally encrypted via OpenPGP public key.

4) Deployment: for now, it is recommended that the Trusted Party Repo is
hosted on a desktop/laptop running Ubuntu with encrypted disks,
physically hosted on premise at the Trusted Parties legally owned
location. Access to the machine will be through Tor Hidden Services via
an HTTP/S .ONION address. This means there is no worry about NAT'ing or
public IPs, and the true location of the Repo is not exposed.

In addition, media will be kept in its OpenPGP encrypted format, and
only unlocked when the user enter's the password for their private key.
Private keys can also be stored on a USB drive, such that they are only
available for decryption when that drive is inserted.

5) We are really excited about the Rashoman UI prototype shared by
Aphed, and want to provide a JEM with location and other sensor data in
it, to begin playing with integration of mapping, compass heading, etc.

6) Hans and Nathan have been making great progress on IOCipher virtual
encrypted file system, and SyncSafe, the first app to use IOCipher as an
encrypted file/media store. SyncSafe provides another way to safely
store and transfer InformaCam exported Media+JEM bundles. Stay tuned for
more progress on this.

7) Nathan (me!) made good progress on ObscuraCam v2 - photo editing side
has improved UI that works well on ICS 4.0/tablets now. Video side now
supports audio. Another round of tuning/tweaking the region
management/editing updating is still needed. Another 8-16 hours of dev
work estimated.

8) Guardian has started the Mobile Reporter project with Small World
News (Alive.in) and Free Press Unlimited. There is a great deal of
overlap of core components with SSC, and all will benefit from this, as
long as we can work out how to build these things in a modular,
platform-centric way. In short, we need to create our uber platform
block diagram for all of this work, and start thinking of it in more of
that manner.

That's all I have for now!

+n

More information about the Ssc-dev mailing list