peterclemenko
commented
10 years ago Maybe it might be wise to implement it in the repo somewhere. It might also be wise to implement it in securedrop itself.
Open runasand opened 10 years ago
peterclemenko
commented
10 years ago Maybe it might be wise to implement it in the repo somewhere. It might also be wise to implement it in securedrop itself.
ageis
commented
10 years ago This is going to be included as a section on the new SecureDrop website, which is currently in development.
ageis
commented
9 years ago Closing as the source guide is on GitHub and the website links to it.
trevortimm
commented
9 years ago The source best practice guide is different than the how-to use securedrop for sources guide
Sent from my iPhone
On Dec 6, 2014, at 10:08 PM, Kevin M. Gallagher notifications@github.com wrote:
Closing as the source guide is on GitHub and the website links to it.
— Reply to this email directly or view it on GitHub.
ageis
commented
9 years ago Thanks @trevortimm, I forgot. What should we do - did you have lawyers review it yet?
conorsch
commented
8 years ago The Source Guide should be sufficient here: https://docs.securedrop.org/en/stable/source.html
ageis
commented
8 years ago @conorsch Trevor was referring to a separate guide we were once working on which was more like "best practices for leaking information" rather than how to technically use the source interface. You may want to inquire about the status of that. (see Hackpad)
redshiftzero
commented
7 years ago This is a very important and worthwhile issue. We should remove all organization-specific content from this source operational security guide, remove the "how to use the source interface" part (since it's covered by the current Source Guide) and make any other necessary updates. At minimum, there should be a section with the "Do"s and "Don't"s distilled into a table at the top of the page for the benefit of sources who will not read a long guide.
Example dos and don't for this table include:
securedrop.org or any other sites related to leakingWe should be mindful of how this advice changes in the different locales SecureDrop is located in, as common investigation practices and legal protections obviously depend on the country.
This content should go on:
securedrop.org is being redesigned and a very large warning will appear for potential sources who are accessing SecureDrop through Tor) 
ninavizz
commented
5 years ago Does anyone have an archive of the content behind the link in @runasand's OG post? I'm just getting a dead Dropbox page. :(
conorsch
commented
5 years ago @ninavizz Yes, we made sure to archive the old hackpad contents before hackpad closed down. Will be able to dig up a URL for ya and send along!
eloquence
commented
4 years ago Still relevant but reducing priority given that some of this work has since been done.
eloquence
commented
3 years ago See also the recap in freedomofpress/securedrop#4259 for additional background on historical materials that could be re-examined for this purpose. To make continued progress on this, we may want to identify some more tightly scoped targeted improvements. @martinshelton is working on some smaller tweaks in this PR: https://github.com/freedomofpress/securedrop-docs/pull/48
ninavizz
commented
3 years ago Adding @martinshelton per expression of interest on internal channel, a few weeks ago.
Note to @eloquence: I don't feel this is appropriate to transfer from the SD repo, as this repo is specific to a single touchpoint (docs) and communicating with & guiding sources is a multi-touchpoint experience; with developer docs, not advisable as the primary point of information.
@conorsch wd also love to get that earlier mentioned doc Runa had been working on, shared here! @huertanix may know where it lives, too.
We have a source best practice guide that we really should update and publish somewhere.