THE TECHNICAL EXPLANATION (how it can be done):
I personally feel as though wikileaks is a CIA front, regardless I can see something which I can adapt my software deployment for setting up mirrors,
something which wikileaks would love seeing as it is somewhat complicated setting up a mirror.
Assuming the proper ports are open on your router, here are the specifications of the project:
First produced under linux, designed to run under osx, solaris, windows and macs as well, later. Either bootable or hosted by operating system.
If you would like to have a provisioned mirror, the best thing for wikileaks to do is setup a page on their site that detects os and provides a link
to a shell script which the user downloads. The user runs this downloaded script with admin privileges and the script downloads the install files.
Once the install files are downloaded onto the target linux box, during this time dependencies are downloaded and installed if needed. The file is
checked using a key issued by the server provided in the downloaded script with the version number relayed to the webserver which provides a key, this
key is the crc of the whole un-encrypted package. Heavy encryption is used for the install files. The installer api launches and determines the host
configuration type (operating system, formats the thumbdrive if needed (via prompt if blank or mounted if not just starting up the host computer with
the thumbdrive attached).
The installer provides 3 options. Local, usb, and both local and usb. The thumbdrive could be an sd card, or a usb hard drive, etc. It matters not.
Pendrive linux deployment for the usb disk will make it bootable. In this bootable segment a browser will auto-launch and provide an interface to
the virtual machine containing the mirror (and that is all it is used for, that and to run things in the background), as an invisible service. A
monitoring api will determine when usb devices are connected and will launch a local script to ensure tight version control by monitoring crc's of
specified files and partitions on the usb device. It will keep records of approved usb drives. This api will auto-launch the virtual machine that
contains the mirror as a background service to the host operating system. This vm service will contain tiny core linux (nevermind the research it is
the bare minimum needed for the job, and only 10mb for the operating system itself).
The vm will run apache, mysql and php and can contain any of the website files.
Insert the thumb drive, poof you have a new mirror, after a dialog box appears asking if you would like to perform a localized install, or usb install
to any other usb disk, or any combination thereof. Download from the site, with a few simple clicks, same result. The point is, easy for the most
daft linux user (and no issues there it is easy to run pen drive linux, you don't really have to know anything about linux at all to use it -- it is
just as easy as windows is if you get the right version of it, which is in the install provided -- if you followed this far, then see how easy it is
based on my description, it is very transparent).
Anybody can use it, depending on configuration used here, it can be a single central server or a series of servers. (I'll see what the wikileaks
crowd thinks would be the best way to roll this out).
Just thought I would let people know, I am a few weeks off still but got a team working to get this finished soon.
This is the first stage of my much more ambitious software, which aims to prevent government attacks on websites and online anonymity. As well the
more ambitious software, SubWeb, as this will be a deployment in a similar way as the wikileaks package will be.
THE LESS TECHNICAL EXPLANATION (what this means for wikileaks):
This means that wikileaks will be-able to make more mirrors. If cryptome comes under attack, within a few hours they can have a similar package
ready. This works for any website, provided it works under apache and has linux capable extensions (most websites do, windows is less secure).
Software can easily be downloaded and ran, and will work on virtually every computer out there. It is very close to being done. Personally I don't
like CIA scams, but I feel the forum is very important to support information just getting out there, people will wake up sooner or later to the
scams, unfortunately if there is no information out there, there is nothing to snap people out of it, so my interest is only to keep the pathway
clear. I think from what we've observed from wikileaks it is possible for an arms race to occur between them and the government's desire to censor
them. This seems like the fastest approach towards ensuring the continued survival of websites under such an attack. I'll be taking things in steps,
I think you'll agree (if you understood the technical end) that it's only a matter of a short period of time before it is out there. I'll be starting
threads to keep people updated every now and then, since this is somewhat off on it's own and more immediate than the grander project, I made a
separate thread for it. Any thoughts anybody? Any questions, concerns? Can you punch a hole in the proposed system and how would you do
edit on 22-1-2011 by stealthc because: (no reason given)