Project Ideas

wsm · October 17, 2021, 9:42pm

Hello all,

I am digging around trying to come up with a development idea for securedrop platform, client or workstation, to be used as my University Thesis.

Unfortunately, contributions like bug fixing, fixing compatibility issues (e.g workstation with new qubes release, etc) or refactoring/improving some code base, even though they are of the foremost importance, they can’t be accepted as a thesis according to my professors.

So I am looking around for a more comprehensive and coherent line of development, like a distinct feature, or some kind of integration with some other technology, that could be considered as an R&D project.

I found out these project ideas. The first one listed seems like a decent candidate for me, maybe along with some extra development. Do you consider these projects still relevant? Do you have any other, more recent ideas?

Thank you for your time.

PS: I would prefer to code in Python/C/Go, or maybe Rust (but I am a beginner there), and I have a Backend(Python), Infosec, and Linux Dev/admin background.

kog · October 20, 2021, 8:59pm

Hi @wsm - apologies for the delayed reply!

The GSoC ideas are mostly a bit on the stale side:

for the first one, we’ve moved away from Nagios altogether since this was proposed.
Work on the next two (packaging and reproducibility) is ongoing, though I don’t think we’ll be aiming for Debian inclusion any time soon.
Client-side cryptography, using the Signal protocol and Rust+WASM is already at the prototyping stage (though further development is currently paused)
The last one (logging/analysis for better alerting) has had little to no attention that I’m aware of.

There are definitely other ideas/topics that have come up in the meantime that might be interesting to you and others. We’re going to spend some time working up some candidates, and I’ll ping again here once we have them for you to take a look at. Roughly when do you need to decide?

wsm · October 21, 2021, 6:51pm

Hi @kog,
thank you for your comment!

I am not in a rush, I will watch the thread, as well as the rest of the forum, and the gitter channel, to stay in sync and improve my understanding of the whole architecture and the current roadmap.

kog · October 21, 2021, 7:05pm

Good to know! In the meantime, if you haven’t already seen them there are a bunch of resources at https://securedrop.org/research/ that might be interesting.

wsm · October 21, 2021, 7:31pm

I have studied the whitepaper but thanks for the reminder, need to go through the papers and the audits as well

kog · November 8, 2021, 11:41pm

Hey @wsm, we had a bit of a team discussion about potential projects and have put together a first stab at a doc here:

Let us know if there’s anything there you’d like to chat about!

wsm · November 13, 2021, 7:44pm

Hey @kog
Thanks for the update!
I went through the listing, and they all seem useful and interesting. Some of them that could be considered as a thesis base I think.
Well, next step is to convince a professor about taking a relevant thesis. I will report back here if I make any progress.

kog · November 13, 2021, 7:56pm

No problem! Just in case you’re interested or have any immediate questions, we’re doing a hackathon for Aaron Swartz Day today, and you can find a large portion of the SD team at https://meet.google.com/ekb-kkhf-mrk for the next few hours.