Skip to content

Releases: secluso/core

v1.0.2

21 May 20:45
@jkaczman jkaczman
Immutable release. Only release title and notes can be modified.
v1.0.2
4e6de31

Choose a tag to compare

View all tags
v1.0.2 Latest
Latest

Secluso v1.0.2

Full Changelog: v0.1.0...v1.0.2

After 8 months of hard effort, we are now releasing a complete revamp of our entire software stack, as well as the addition of "Secluso OS", "Secluso Deploy", and a complete re-design of our mobile app (and our mobile app is now available on iOS App Store and Google Play Store!). Please see the list of highlights below for a brief overview of these changes. We are excited to finally do this, and look forward to feedback from you all. Please make a GitHub issue for any problems, or email us at secluso@proton.me regarding any concerns. We are happy to help you get set up if you have any questions!

We have also put together a guide helping people get set up with the Secluso Deploy Tool, as well as source hardware to use with this project. Please see here for more information: Build Your Own Guide. This includes a video of how to set up a self-hosted relay and the links to our mobile apps.

Highlights

  • We have put together a "Secluso Deploy" application, which is completely reproducible, for MacOS, Linux, and Windows, that helps you easily provision an image for your Raspberry Pi, and can configure a self-hosted relay with ease for you. This can be accomplished within 5 minutes with no technical knowledge needed.
  • We have put together a custom "Secluso OS" image using Yocto, which is a minimal and reproducible Raspberry Pi image that Secluso Deploy uses, which contains our software stack. In future releases, we plan to further minimize this, make the root partition immutable, harden the kernel, as well as many other security improvements, which the regular Raspberry Pi image does not offer.
  • We have added an updater for our camera_hub and server binaries. It checks for immutable releases and that they are signed by the maintainer GPG keys (and thus, all releases including this one are signed by both John and Ardalan, as seen in the .asc files)
  • We have made Firebase Cloud Messaging (FCM) completely optional. Now iOS uses a public Secluso iOS Notification Relay, which is more privacy preserving, and we offer UnifiedPush on Android.
  • The camera hub and updater no longer use OpenSSL. They now use Rust code, which helps avoid memory-safety security issues.
  • We have migrated to a post-quantum cipher suite for MLS encryption to avoid "harvest now, decrypt later" attacks.
  • We have completely re-designed the mobile app to look much nicer.
  • The code in this repository now supports multiple mobile clients being paired with a camera. However, we have not added the interface in the mobile app to support this.

In addition to all of these changes, we have made security improvements, bug fixes and added some test cases to ensure proper functionality. We have also outlined future work in GitHub issues in our core, mobile_client and OS repository on further improvements to be made. We welcome contributors to join us in our mission to provide a truly secure, private and accessible camera to all.

As always, this release is fully reproducible. Please see our README for discussion on how to verify.

Best,
John and Ardalan

Assets 10
Loading

v0.1.0

14 Sep 19:29
@jkaczman jkaczman
v0.1.0
bbfeb95

Choose a tag to compare

View all tags
v0.1.0

Secluso Initial Release - v0.1.0

This is our first release of Secluso! Please make an issue if you have any problems.

This release was built via our reproducible build tool. Please see the releases folder if you'd like to check against our binaries and manifest file.

Loading