Follow

If you're looking for a chance to get paid to write meaningful open source software, here's one of those rare opportunities. Fully remote.

We're hiring additional software engineers to join the SecureDrop team, an open source platform to protect journalists & whistleblowers. Our posting outlines the specific skillsets we're looking for:

freedom.press/jobs/sr-software

If this describes you, please get in touch! Happy to answer questions.

@eloquence, unrelated but have the FPF considered not using CloudFlare? I understand if the freedom of the press doesn’t always align with the freedom of the readers, but I wish for it in this case: https://git.disroot.org/cyberMonk/liberethos_paradigm/src/branch/master/rap_sheets/cloudflare.md

Cc @resist1984 in case of further discussion

@cnx @eloquence Indeed it's a bit disturbing that #FreedonOfThePressFoundation uses #Cloudflare. The site also sends people to another (more hostile) Cloudflare site (creator-spring) to buy t-shirts, which then blocks Tor users. Visiting via archive.org is just a blank page which further pressures people to access via CF. CF gets the payment details of FPF supporters. Not good.

@eloquence @cnx BTW, this article is good but misses an important point: web.archive.org/web/freedom.pr Harlo Holmes warns that malicious js could compromise users but gives no remedy to that. She should suggest #ElectronMail & #Hydroxide as ways to avoid on-the-fly javascript.

@eloquence my experience with washpo's use was awful in that they outsourced me to an intel community insider who wanted to make some money for his law firm and silence me by launching a qui tam with the government option to then get a gag order, rather than any of their own journalists. However the problem was not secure drop itself, but the organization misusing it... That being said, this seems fascinating...

@eloquence things that keep me awake at night include #signal's crappy #électron based desktop client. While it uses a sqlcipher db, it stores the key used in the clear on the filesystem. That seems awfully forensic friendly. And they prefer aes256 with the originally mandated and now known defective 14 round key scheduler, rather than 28 rounds...

@tychosoft @eloquence What?! Ok, I think I’m gonna stick to the mobile app then.

@eloquence if i was good with code, i would apply to this position.
So they need #sysadmin ?

@oldsysops

Hi there! We're currently fully staffed on our ops/infra team, but I'll post any new positions from this account if they come available, or you can keep an eye on freedom.press/jobs/

Sign in to participate in the conversation
social.coop

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!