Citizen Lab investigation on Predator, retrieving and storing WhatsApp messages in the Citizen Lab investigation on Tibetan groups being targeted.
This month, we were evaluating the different existing tools and libraries we can reuse to implement online content retrieval and indexation. In order to test potential integration, we have developed mocks within Colander.
We have defined additional goals to be achieved:
Even if we are still refining how this feature will be implemented, we think that providing the end-user with a web browser extension would offer a good user experience. In the background, this extension would take care of uploading the collected content directly to Colander.
We will select an off the shelf or adapt it to our content collection needs, supporting both static pages and medias.
It is difficult to find an existing tool that support both static content (html, image, video poster) and video capture. Some tools we have tested could be extended to address the initial need.
Along with a reorganization of the PiRogue Debian packages, we are introducing a new package pirogue-evidence-collector
creating the following entry points:
pirogue-android
to interact with an Android device and run commands on it.pirogue-file-drop
to expose a web server allowing the user to upload files from their device to the PiRogue.pirogue-extract-metadata
to extract metadata of a file and save it separately in [original file name].metadata.json
.pirogue-timestamp
to time stamp files by requesting a 3rd-party RFC3161 authority.pirogue-intercept-[gated|single]
to instrument an Android application to analyze its network traffic.We are planning to release this Debian package next month.
The primary challenge was to establish a mechanism for offline timestamp verification exclusively reliant upon OpenSSL.
We want to provide end users with OS images and installation procedure allowing them to deploy PiRogue in a virtual environment (VM, cloud…). One of the direct implication is supporting a vast variety of configuration such as:
To support the virtualization of the PiRogue while ensuring it remains iso-functional with the physical PiRogue, have defined the overall software architecture allowing both remote and local administration. This architecture must ensure:
To achieve these goals, we are introducing two major software components:
The administration client can be used locally by running it directly on the PiRogue and remotely by running it on a remote computer.
The two software components are split in three different Debian packages, with pirogue-admin-api
defining the communication contract between the client and the daemon.
Next month, we will refine the software architecture details such as the communication contract.
None.
Packages with hardcoded network-related settings or requirements (interface names, IP address/network, etc.) have been identified and modified to make those configurable. A new pirogue-admin
tool is being introduced to orchestrate the initial configuration and further modifications in a centralized manner.
The next step is extending pirogue-admin
so that it can still auto-configure Raspberry Pi 3 and 4 as before, while supporting Eth/Wi-Fi on other devices, as well as a new Eth/Eth mode as well.
None.
The project is going to use gRPC proto
language to describe, generate and implement the remote/local administration. For now, only a Python binding will be generated and implemented internally.
We have designed the RPC interface supporting elementary functionalities such as retrieving the PiRogue configuration and applying a new configuration. We have set up the development environment for pirogue-admin-api
, pirogue-admin-client
and pirogue-admin-daemon
.
We are planning to release a first alpha version of the pirogue-admin
RPC environment to run smoke tests, at least. We will start documenting the development environment and how to set up it.
Setting up a fully functional and secure development environment that includes root system mocks was challenging.
Documenting the project is key in its usability. We are continuously documenting the different tools and features we develop and build new learning materials to facilitate skills development.
We have updated the documentation to reflect the relocation of the PiRogue OS images to a new repository. Note that the older repository remains open.
We will continue to enhance the project documentation to accurately reflect ongoing changes and updates.
None.
We manufacture PiRogues to supply organizations, while taking care of its maintenance. We will include OS upgrades, improvement of the documentation and fixing bugs. Regarding Colander and Threatr, we maintain the public Colander server, upgrade dependencies, improve the documentation and fix bugs.
While deploying officially supported Raspberry Pi 3 and Pi 4 devices, the outdatedness of the last PiRogue OS release became apparent. Since the historical tool used to turn Debian images for Raspberry Pi into PiRogue images was relicensed, it was replaced with another implementation.
After experimenting with the Raspberry Pi 5, the new tooling was extended to generate a different, experimental image to support it, alongside the official image supporting Pi 3 and Pi 4.
A new release arm64_v2.1.0
was published, catching up with Debian 12.6, supporting Pi 3 and Pi 4 officially, and Pi 5 experimentally and unofficially.
Support for the Raspberry Pi 5 requires some components outside the Debian and PiRogue ecosystems, which might make upgrades a little more complicated than usual. It would be best to perform test runs for scenarios that could be problematic, see if theoretical problems are likely to happen, making it possible to either avoid them entirely, or be ready to tackle them when they show up.
Unfortunately, the Debian images for Raspberry Pi that are turned into PiRogue images are also outdated (compared to the updates in Debian 12). Until it’s resolved on the Debian side, an independent image build has been set up, to ensure images are generated weekly.
Given the success of events, webinars and demos with members of the civil society, NGOs and security researchers, we continue with our outreach plan. We organize trainings and demonstration sessions as well as creating spaces for the community to share feedback and request new features via our mailing list, GitHub issues or Discord server. We analyze one Android app that has received the community’s interest (ex COP28 app) per month. The application to be analyzed is chosen by the community. The analysis report is first privately shared with the community and one month later it is publicly released.
We organize monthly calls open to all members of the community to share project updates and get the communityβs feedback.
We have identified various communication channels that we can leverage to enhance our outreach efforts.
Each month, we will analyze one Android app that has received the community’s interest. We have set up all the tools we need to share the analysis report we will share with our community.
Each month, we will facilitate an online call open to the members of our community. We have set up all the tools we need to facilitate it.
Four work sessions were live-streamed through Twitch:
pirogue-admin
.dhcpcd
), and improving Raspberry Pi 5 support.Live at https://www.twitch.tv/CyrilBrulebois, every Friday at 12:00 UTC.
We will analyze the first Android app chosen by the community.
We will facilitate the first community monthly call.
Likely more live sessions around pirogue-admin
(to support more than just Raspberry Pi devices), plus VPN/WireGuard at some point.
None.
We have composed a document that delineates the scope and objectives of the advisory committee. This document also outlines the various strategic axes that we intend to address, leveraging the insights and recommendations provided by this committee.
This document, along with an invitation to join the advisory committee, has been sent to five individuals from civil society who are highly regarded for their respective expertise in the following areas:
We anticipate receiving responses to our invitation next month. In the meantime, we will prepare and implement all the necessary tools and resources to facilitate the committee’s activities.
None.