@emkll during the conference this week-end, someone suggested connecting the SVS to the net with a “Read-Only” ethernet cable (i.e. only the Rx wire present, the Tx wire cut). And it would read from the journalist interface to download what’s there, on a daily basis or so. His argument was that it was certified to be a secure way to connect the mediacenter found in airplane seats, even if a passenger tries to hack into the airplane network from their seat. Is this worth thinking about or is it a fantasy that makes you smile ?
ha! that’s an interesting idea. I wonder how this could be set up in practice. Suppose you expose the journalist interface locally over a network interface with the read-only cable to the SVS, the SVS will not be able to authenticate itself to the journalist interface, which means you increase reliance on the cable/enclosure and physical security (I guess the submissions are GPG-encrypted, and there should be some physical access controls).
The bigger issue, I think, is if I put myself in a journalist’s shoes: going to the physical location the SecureDrop server to extract submissions may become a bit tedious, especially when special access is required to access server rooms/closets I’m curious how admins would feel about this 
.
Indeed… that’s kind of a blocker 