GDPR - jean/wekan GitHub Wiki
Offline is the new normal. Open Source and Free Software and Open-Source Hardware is eating the world in the war on general-purpose computing (HN). Encrypted everywhere. Secure by design. Defence in depth. Legal. Allowed to do business. - xet7 2017-05, implementing GDPR
Case: Implementing EU General Data Protection Regulation with Wekan, Sandstorm and Qubes OS.
Disclaimer: All these opinions are my own, and I'm implementing this for myself. This has nothing to do with my previous, current or future employers. Everything is subject to change, as this is a process. I'm not a lawyer. I have not read the full regulation yet, I'm just starting from the very first basic steps. GDPR has different requirements for different industries etc so this may not apply to you. I don't even know what all parts apply to me yet.
I xet7 was this week at Drupalcamp Nordics 2017 and got more details about this regulation, so I started implementing this yesterday in the way I understand it currently, using technologies I'm most familiar with: Wekan, Sandstorm and Qubes OS. All hardware and software is subject to change if better alternatives are found.
This wiki is editable to all users that have GitHub account to add more details or questions what I have not considered yet.
Deadlines
| Date | Requirements | Sanctions if not ready |
|---|---|---|
| 2017-05-13 | Started documenting project. This wiki page history is also used to show versions of process. | Unable to do business legally if not documented everything, including process of preparing to regulation |
| 2017-07-31 | Need to find missing keys | Pay for expensive changing of locks |
| 2017- | Find from home all harddrives, USB sticks, etc | Not known yet |
| 2017- | Downloaded all data from Internet | Not known yet |
| 2017- | Sorted and moved all data on offline computer to different Qubes OS AppVMs named by person | Not known yet |
| 2017- | Found all required alternatives to propietary software from Qubes OS and Sandstorm | Not known yet |
| 2017- | Converted all propietary file formats to free software file formats, like JSON etc. | Not known yet |
| 2017- | Implemented exporting of all data to file download, and deleting of persons data in web interface | Not known yet |
| 2018-04-25 | All data stored securely following GDPR | Unable to do business legally |
Security requirements
There is very high sanctions for data breaches. If I have not considered some security aspect, please add it to this wiki page.
I need to know exactly where all my data physically is. It's not OK to spread it all over Internet in cloud services Google/AWS/Amazon/Dropbox etc. I need the abitily to absolutely have the proof and knowledge that when I delete one person's data, it's gone, totally, completely, from everywhere.
Hardware: x64
Current
a) Current version 3.x of Qubes OS, if hardware supports it. Laptop/Desktop hardware should be silent, otherwise it disturbs work. Qubes-certified laptops are nice, it has hardware switches to turn off wireless. Alternatively desktop PC that has not any wireless WLAN, Bluetooth etc device integrated.
b) If hardware does not support Qubes OS, I will install some of these:
Hardening
Intel AMT Checker for Linux and it's HN discussion.
For me it shows Intel AMT is present, AMT is unprovisioned, so I need to:
- Install English ISO of Win7 or Win8.1 or Win10 to USB stick
- or Install Finnish ISO of Win7 or Win8.1 or Win10 to USB stick
- or convert evaluation VM of Windows to RAW image using instructions that I contributed to Qubes documentation, and use dd command to write it to USB stick
- Install patch from HP website
- Check all other hardware and disable AMT where possible.
Future
Rowhammer protection, see LWN article, SN576, SN583. HN discussion that has comment with links to paper and repo of software protections as linux kernel module (I have not tested it yet) and Qubes Users discussion. Without it, just browsing Internet with Javascript enabled makes it possible to exploit using Javascript on webpage through all layers of virtualization protections and install malware to firmware like UEFI/Graphics card card/harddrive/SD card etc, so it is not possible get clean computer by just securely erasing harddrive. Alternatively malware can then brick computer, making it unable to boot, as has already happened to IoT devices connected to Internet. Currently Google Cloud kills immediately VMs that try to use Rowhammer serverside code. This is needed for all devices in use.
Qubes 4.x certified hardware when it becomes available.
Hardware: ARM
Raspberry Pi or similar ARM device without built-in wireless, so it can be used offline. Fanless preferred to keep it completely silent. I don't know is there any writeable firmware in RasPi at all, is SD card only writeable storage. AFAIK RasPi hardware does not have any hardware virtualization or Rowhammer protection features.
Software
I need to keep multiple encrypted offline backups. Otherwise some ransomware will just encrypt all my files and demand that I give money, bitcoins, etc to get my files back. Malware exists for most Operating systems, including Linux.
Media type:
a) Write-only, like DVD-R
b) Is there storage media that has physical hardware switch that makes media read-only ?
I need to have source code for every software I use, and tested working way to compile it from source.
I need to test Qubes compromise recovery.
Porting software to Sandstorm. Not all ports are up-to-date yet, but they are anyway protected by Sandstorm high-end security features, security audit with fixes already implemented and also authentication and clustering.
Web developer security checklist and it's HN discussion