Erik Moeller is a user on social.coop. You can follow them or interact with them if you have an account anywhere in the fediverse.
Erik Moeller @eloquence

The team behind (open source whistleblower platform originally created by Aaron Swartz) has been investigating the use of for building an integrated workstation for journalists using SecureDrop.

Folks interested in newsroom security, or the use of virtualization to mitigate digital security risks may want to check it out. Thoughts on this approach appreciated:

securedrop.org/news/road-towar

@eloquence hey, we (i.e. @OCCRP ) are using SecureDrop, and at the same time evaluating QubesOS for limited internal use.

SecureDrop using QubesOS for an integrated workstation would be very useful and interesting for us.

Apart from testing, how can we help?

@rysiek @OCCRP

Fantastic! Early testing/feedback would be a huge help, and we're also doing user research right now that will inform the next steps in development. There might be other stuff we can do together. If you're up for it, let's jump on a call in the next few days to chat?

@rysiek
@eloquence
I've been using Qubes, as a curious adventurer, for a few years. I think its pretty widely regarded (by those that know their stuff) as offering the best security/privacy you can get on a PC.
Interestingly modern Apple/Pixel smartphones are probably more secure (see CopperheadOS).
I can see how a Qubes box set up just for this could be pretty solid.
For **ultimate** security I wonder how it compares to an air gapped machine though. A vulnerability in xen or Intel...

@rysiek @eloquence ME (could ME clean the laptops?) or ??? has got to bring into question having very valuable info on a box thats connected to the internet?
But ultimately nothing is secure, its a question of weighing everything up (makes my head spin) & this approach could make lots of sense for some.

Guess I'm probably not telling you anything unknown/useful.

Nice to see Qubes potentially providing utility for these types of orgs.