User Tools

Site Tools


liquid_investigations:hardware_faq

FAQ Audience

NOTE: This FAQ is geared towards a non technical audience, interested in learning more about the Liquid Investigations (LI) project (e.g. journalists that are interested to test the toolkit, donors, community)

ARM class device description

Q1. What is an ARM class device?

  • It’s essentially a mini computer. A micro-board that has processing capacity, memory and storage (i.e Raspberry Pi is the most common one)

Q2. What are the types of ARM class devices used for this project.

  • We are currently testing multiple candidates. Our starting point is Odroid C2. Here is a detailed comparison chart for our potential candidates including all the relevant tech specs.

Q3. What are the hardware components needed for the LI tool kit?

  • SSD card (containing operating system: Linux + the software stack)
  • USB stick (configuration key; gives you the project specifics;can be used also outside the micro-board on a browser)
  • Data-drive (for external data storage purposes. Data always stays outside)
  • Own Laptop / Computer (to view the software/data)
  • Extra USB elements like an External Crypto-cards (for extended security - think yubi-key, GPG Card, etc.)

Q4. Are you utilizing the same software stack on the cloud service as well as on the micro boards (ARM class devices)?

  • Yes, this is our intention, but the framework might be different for using the stack.

Connectivity and network access

Q5. What type of connectivity do I need for the LI toolkit?

This depends on the actual user scenario.

  • Just a regular 5V power source with no access to internet - either provided via Power Brick or USB to Power Cable - for the scenario where you work solo
  • Access to internet - for the scenario where you collaborate with others
  • Access to intra-net/ VPN type of access - for the scenario where you collaborate with others securely.

Q6. Does the ARM class device work solo or over a network?

  • The intention is to have it work in a network set-up. Solo is possible but it defeats the purpose of the project.

Q7. What type of network do you envision for the LI project?

  • Phase 1: Star network topology: An air-gapped local network, in which the different users are interacting with a system private to that network (i.e. network topology of the computers and users that are interacting together); not cutting off internet
  • Phase 2: Federated network topology: distributed network, without a central server, where each node is connected to the various other nodes. data simply “hops” through whichever nodes allow for the shortest route to the recipient; Browser connects to the box through a VPN configuration (so we cut off the internet)

Q8. What exactly do the nodes do in the liquid network?

  • They can serve as backups, keeping copies of the datasets; they can serve as proxies or VPN tunnels to other nodes

Q9. What are the users scenarios covered by LI?

  1. 1 user, 1 ARM board, 1 SD card, 1 USB stick, 1 data drive - no internet needed
  2. 2+ users, 1 ARM board, 1 SD card, 1 USB stick, 1 data drive - no internet; same local network (i.e.same room, building) - either via cable or wireless, separate setup required
  3. 2+ users, 2+ ARM boards, 2+ SD cards, 2+ USB sticks, 2+ data drives - internet; intranet (VPN); master node special stick with auth information for the sub nodes
  4. 2+ users, 2+ ARM boards, 2+ SD cards, 2+ USB sticks, 2+ data drives - no master node - federated network (discovery methods still under evaluation).

Capacity and data storage

Q10. How much data can be stored on such a micro-board?

  • We will work with external hard-drives for extra data storage capacity. You will have as much data storage as your external hard-drive allows. For optimal speed please consider the recommendations below.

Q11. What are some of the initial limits in terms of data storage and number of participants?

  • Initially we envision data projects for up to 10 participants and up to 20-50 GB of data. Capacity and scalability grows with the hardware: In a year we will have 250GB maybe 1 TB in reach.

User registration

Q12. How do we register/ set up/ authenticate new users?

  • Initial Setup (Cloud/Box): One User - One Access
  • Advanced Setup (Box/Cloud): Many Users - one Box as a Hub
  • Self Service? No.
  • Procedure would need to have a “primus inter pares” to confirm setup
  • removing of participants is not clear yet

Certification

Q.13 Are we the certificate authority?

  • Yes.

Q14. What is the certification mechanism?

  • Install the certificate on the web browser

Q15. What is the cryptographic key sharing mechanism?

  • Initially in Person, then through a chain of trust.
liquid_investigations/hardware_faq.txt · Last modified: 2017/03/22 13:59 by andreeab