{{Header}}
{{Title|title=
{{project_name_long}} Project Activities: Innovation, Cooperation and Education
}}
{{#seo:
|description=Things the {{project_name_short}} project is working on; Innovate; Cooperate; Mentor; Educate; Maintenance; Research
|image=Workingon-1008908640.jpg
}}
{{about_mininav}}
[[File:Workingon-1008908640.jpg|thumb]]
{{intro|
Things the {{project_name_short}} project is working on; Innovate; Cooperate; Mentor; Educate; Maintenance; Research
}}
= {{project_name_short}} Project Activities =
== Innovation ==
{| class="wikitable"
|+ ''{{project_name_short}} Innovation''
|-
! '''Category'''
! '''Description'''
|-
! Invent mechanisms for rapid Debian packaging
|
* [https://github.com/{{project_name_short}}/genmkfile genmkfile] - easy and turbo packaging of scripts and configuration files.
* Demonstrating how to write hassle free manual ("man") pages.
** For example, the following methodology is used for all related {{project_name_short}} packages.
** Written in markdown.
** Just three lines of packaging is required. [
TODO: update links
* https://github.com/Kicksecure/tor-ctrl/blob/master/man/tor-ctrl.8.ronn
*https://github.com/Kicksecure/tor-ctrl/blob/a12d73ed01068baf32db067811c208034ced87fd/debian/control#L9
* https://github.com/Kicksecure/tor-ctrl/blob/1c326b232b1f328a6542ae51f3f3afa3e1e44a55/debian/rules#L17-L18
]
|-
! Holistic focus
|
* Focusing on the security field, without getting into unimportant details.
* Understanding issues regular users are experiencing and creating a better user experience.
|-
! Develop concepts
|
* [[Dev/project-news|Emergency Security News Notification]]
* [[Dev/Permanent Takedown Attack Defender|Permanent Takedown Attack Defender, proposal to defend against a permanent takedown threat]]
* [[Dev/apt-revoker|apt-revoker Check for Revocation Certificates before running apt]]
|-
! Miscellaneous
| Maintaining a general interest in security matters, scrutinizing solutions, and connecting people. [
https://forums.whonix.org/t/jitterentropy-rngd/7204
]
|-
! Documentation
| Huge wiki. 100's of wiki pages. See [[Documentation]] and [[Design]]. Lots of [[Wiki Enhancements]].
|-
|}
== Cooperation ==
{| class="wikitable"
|+ ''{{project_name_short}} Cooperation''
|-
! '''Category'''
! '''Description'''
|-
! Security vulnerability bug reports
| Reporting security issues at other projects. See [[Dev/research#Security_Vulnerability_Bug_Reports|Security Vulnerability Bug Reports]].
|-
! Regular issue/bug reports
| Reporting issues or bugs at other projects, such as:
* [https://github.com/QubesOS/qubes-issues/issues/created_by/adrelanos Qubes]
* [https://www.virtualbox.org/query?status=%21closed&reporter=adrelanos VirtualBox]
|-
! Other collaborative efforts/contributions
|
* [https://github.com/vmonaco/kloak/issues/10 kloak] [
* https://github.com/vmonaco/kloak/pull/5
* https://github.com/vmonaco/kloak/issues/10
* https://github.com/vmonaco/kloak/issues?utf8=%E2%9C%93&q=is%3Aissue+author%3Aadrelanos+
* https://github.com/vmonaco/kloak/pulls?utf8=%E2%9C%93&q=is%3Apr+author%3Aadrelanos+
]
* https://web.archive.org/web/20170511021801/https://secure-os.org/pipermail/desktops/
* zuluCrypt [
* https://github.com/mhogomchungu/zuluCrypt/issues/114
* https://github.com/mhogomchungu/zuluCrypt/issues/115
]
|-
! Developer community
|
* Coordination of an active developer community, see: [[Contributors|{{project_name_short}} contributors]].
* {{project_name_short}} contributions:
** founder [https://github.com/adrelanos?tab=repositories adrelanos]
** developer [https://github.com/troubadoour?tab=repositories troubadour]
** developer [https://github.com/madaidan?tab=repositories madaidan]
** former developer [https://github.com/0brand?tab=repositories 0brand]
** developer [https://github.com/HulaHoopWhonix?tab=repositories HulaHoop]
** developer [https://github.com/JasonJAyalaP?tab=repositories Jason Ayala]
** developer [https://github.com/Algernon-01?tab=repositories Algernon]
** developer [https://github.com/0xsirus?tab=repositories Sirus Shahini]
** incomplete list
|-
! Miscellaneous
|
* Flexible packaging to allow cherry-picking of functionality by privacy and non-privacy distributions alike: {{Github_link|repo=kicksecure-meta-packages|path=/blob/master/debian/control}}
* Providing all {{project_name_short}} improvements to Debian as reusable (by others) packages split by functionality: https://github.com/{{project_name_short}}
* [[Packages for Debian Hosts|Use many packages developed by {{project_name_short}} with Debian too]].
* Timely review and merging of contributions.
|-
|}
== Mentoring ==
* [https://forums.whonix.org/t/gsoc-with-tor-and-whonix-anon-connection-wizard/4266 Google Summer of Code]
* [https://forums.whonix.org/t/google-season-of-docs-gsod-2019/7191/1 Google Season of Docs (GSoD)]
* [https://forums.whonix.org/t/cs-student-capstone-bachelors-senior-project-for-whonix/8821 CS Student Capstone (Bachelor's Senior project)]
== Education ==
{{project_name_short}} undertakes a broad range of educational activities, including:
* Extensive [[Documentation]] covering technical aspects and operational security.
** Security matter are documented in detail, including unique material not covered elsewhere.
** Technical documentation is also provided, for example: [[Configuration_Files|Configuration Files]].
* {{project_name_short}} answers are seldom disputed; for example see [https://tor.stackexchange.com/users/80/adrelanos?tab=answers answers by Patrick Schleizer] on [https://tor.stackexchange.com/ Tor Stack Exchange].
* Operating a responsive [https://forums.{{project_clearnet}} forum], providing user support for the community.
* Debian derivative development documentation, for example: [[Dev/About_Debian_Packaging|About Debian Packaging]]
== Maintenance ==
{{IconSet|h1|1}} Maintenance Work (illustrative not exhaustive):
{{IconSet|h1|2}} '''Architecture and long-term design decisions'''
* Choosing what belongs in “core hardening” versus what becomes optional (maintainability constraints are explicitly a design focus).
* Deciding when to avoid custom solutions (for example, custom hardened kernel scope risk and long-term maintenance tradeoffs).
{{IconSet|h1|3}} '''Backlog triage and support load management'''
* Reading and categorizing reports: bug versus support request versus duplicate versus out-of-scope.
* Keeping a backlog of known issues and feature requests while balancing limited developer time.
* Writing and maintaining policy pages and linking them as needed (for example [[Self_Support_First_Policy|Self Support First Policy]] and [[Reporting_Bugs#Policy_Rationale|Policy Rationale]]).
{{IconSet|h1|4}} '''Codebase maintenance across many repositories'''
* Maintaining many source repositories, shared tooling, helper scripts, and common libraries.
* Reviewing, merging, and maintaining contributions while keeping behavior consistent across components.
{{IconSet|h1|5}} '''Debian packaging work'''
* Creating and maintaining Debian packages, including packaging metadata, dependencies, and compatibility across Debian changes.
* Handling transitions and regressions caused by upstream changes (toolchain, dependencies, defaults).
{{IconSet|h1|6}} '''APT repository operations and signing'''
* APT repository updated.
* Managing signing keys, signing automation, and key rollover procedures.
* Keeping repository configuration guidance and documentation current.
{{IconSet|h1|7}} '''Image build system engineering'''
* Maintaining the ISO and image build pipeline and build documentation.
* Rebuilding and re-validating images when dependencies change.
* Artifact integrity work: hash sums, signatures, and verification instructions.
{{IconSet|h1|8}} '''Release engineering and QA'''
* Coordinating releases, changelogs, release notes, and announcements.
* Regression triage before and after releases.
* Maintaining a test matrix across environments (for example BIOS, UEFI, Secure Boot, and virtual machines).
{{IconSet|h1|9}} '''Installer and desktop integration'''
* Maintaining installer integration and live image behavior.
* Handling desktop integration changes that can impact usability and support load.
{{IconSet|h1|10}} '''Secure Boot and kernel-module edge cases'''
* Handling Secure Boot workflows, MOK enrollment, and troubleshooting.
* DKMS module signing and related failure modes.
{{IconSet|h1|11}} '''Documentation upkeep'''
* Keeping documentation synchronized with code, packages, defaults, and releases.
* Maintaining troubleshooting guidance to reduce repeated support load.
{{IconSet|h1|12}} '''Support tooling and guardrails'''
* Maintaining diagnostic and maintenance tooling that enables self-support.
* Improving user-facing guidance that reduces repeated, time-consuming support threads.
{{IconSet|h1|13}} '''Security hardening maintenance'''
* Maintaining hardening defaults and security-related packages.
* Re-evaluating hardening behavior when upstream changes interact with security assumptions.
{{IconSet|h1|14}} '''Upgrades and migration paths'''
* Minimizing upgrade breakage and documenting upgrade caveats.
* Responding to upstream changes that impact upgrade safety and user workflows.
{{IconSet|h1|15}} '''Coordination with upstream projects'''
* Tracking upstream changes (Debian and other dependencies), reporting issues upstream, and integrating fixes.
* Maintaining temporary workarounds where necessary until upstream resolves issues.
{{IconSet|h1|16}} '''CI and testing automation'''
* Maintaining and improving build automation, test automation, and reproducibility where feasible.
* Compensating for gaps in automation with manual testing and community testing calls.
{{IconSet|h1|17}} '''Infrastructure operations'''
* Keeping project services secure and operational (website, wiki, forums, issue tracker).
* Backups, monitoring, capacity planning, and operational security.
{{IconSet|h1|18}} '''Communications and user guidance'''
* Maintaining "important news" style communications: vulnerabilities, upgrade issues, common issues, and improved releases.
* Writing clear, actionable guidance that prevents repeat support load.
{{IconSet|h1|19}} '''Research and incident response readiness'''
* Following security developments and translating findings into mitigations, documentation, and/or code.
* Being ready to react quickly to time-sensitive security issues.
{{IconSet|h1|20}} '''Sustainability constraints'''
* Balancing limited developer time against a large backlog and ongoing maintenance needs.
* Making maintainability decisions to avoid creating future support and maintenance debt.
== Research ==
See [[Dev/research|Research]].
= Footnotes =
{{reflist|close=1}}
{{Footer}}
[[Category:Documentation]]
[[Category:Design]]