About Security-in-a-Box

This toolkit was created by the Front Line Defenders and Tactical Technology Collective.

Front Line Defenders was founded with the specific aim of protecting human rights defenders at risk, people who work, non-violently, for any or all of the rights enshrined in the Universal Declaration of Human Rights (UDHR). Front Line Defenders aims to address some of the needs identified by defenders themselves, including protection, networking, training and access to international bodies that can take action on their behalf.

Tactical Tech is an international NGO helping human rights advocates use information, communications and digital technologies to maximise the impact of their advocacy work. We provide advocates with guides, tools, training and consultancy to help them develop the skills and tactics they need to increase the impact of their campaigning.

Funders

The development of the toolkit is supported by Hivos, Internews, Sida, Oak Foundation, Sigrid Rausing Fund, AJWS, Open Society Foundations, Ford Foundation, and EIDHR [1]

EIDHR

License

This work is licensed under a Creative Commons Attribution-Share Alike 3.0 Unported License.

Tor Onion hidden service address

To access Security in-a-Box anonymously you can use Tor Browser with below hidden service .onion address:

Tor Hidden Service V3 http://lxjacvxrozjlxd7pqced7dyefnbityrwqjosuuaqponlg3v7esifrzad.onion/en/

Evaluation parameters and Selection Criteria for Security-in-a-Box

The process of the selection of the tools for the Security in a Box toolkit takes into account many criteria. All of them have their own significance and it is not easy to line them up according to importance. Below, we list what we consider the most important points of view we take into account for the tools and services we recommend:

Security in a Box Selection Criteria

  • Trusted (audited independently or anecdotal);
  • Matured (stable, active user-base community, responsive developer community);
  • Open Source v. Freesoftware v. robustness calculus;
  • User friendly;
  • Multi-Language and localization support;
  • Multi-platform;
  • Available documentation (source, installation, usage, update);

Trust, maturity, open source

With regard to security/privacy tools and technologies, trust is a fundamental issue to address. This toolkit has a strong commitment to fostering and recommending tools and software whose trustworthiness is verifiable. To ensure that tools we recommend can be trusted, we monitor the development and maintenance of the tools, often in direct contact with the developers community. We observe users and other developers' concerns, discovered bugs and ways developers react and deal with them. We take into account how often tools are updated, and choose tools that have many installations and are popular. We are more inclined towards tools that had been in use for years and can withstand the 'test of time' in diverse environment and under changing conditions of different operating system versions.

We consider as an element of trust the design model of the software or service, e.g. is privacy built into the design model? what additional information is collected about the user?, etc.

Open Source v. Freesoftware v. robustness calculus

The open-source philosophy additionally allows the possibility to establish independent trust in the software, by making the source-code of a given tool available to public. This will allow for an independent (at times volunteer) community-based audit and development.

  • To generate the software;
  • To ensure the software appropriately comports to its touted functionality;
  • To independently verify its strengths and vulnerabilities;
  • To enable remixing and tailoring resources to meet specific needs and contexts;

It is also difficult to forego the fact that many non-open-source tools are readily available and/or are in wide use, or that some functionalities are not readily found in usable forms among open-source candidates. In such cases, the toolkit seeks to explicitly highlight the inherent insecurities of tools with non-open-source legacies.

It is important also to mention that Security in a Box's primary intended target audience benefit from freedom to use the software in at least two ways: it is legal for them to use the tools and they do not have to pay for them, which at times is impossible.

User friendliness

User friendliness is a subjective and situation dependent criterion. Therefore, we rely on the opinions of our target audience: human rights defenders and activists in the field. In this project, since 2004, we had the privilege of interacting with thousands of activists in different types of sessions and trainings, which has provided us with a unique way of understanding how the tools we are recommending are perceived by first time users with varying computer skills and experience. We are constantly looking at the benefits of recommending tools other than those that we feature in our toolkit at the moment.

Multi-Language and localization support

This project is aimed predominantly at non-anglophone audiences in the so called "global south". Therefore, this criteria is very important.

Evaluation parameters

Documentation

  • Source code availability (where on open-source spectrum)
  • User manual
  • Troubleshooting guide
  • Installation Training
  • Compatibility (OS)

Costs

  • Internal memory
  • External storage
  • software purchase

[1]{#f1 .footnote}: This website has been produced with the assistance of the European Union. The contents of this website are the responsibility of the Tactical Technology Collective and Frontline Defenders and can in no way be taken to reflect the views of the European Union.