Prepare quarantined workspaces
This section is meant to be done immediately before executing the Deposit or Withdrawal protocols. If you are executing the Setup Protocol for the first time and do not plan on executing the Deposit or Withdrawal protocol now, you can stop here.
Block side channels
Side-channel attacks are a form of electronic threat based on the physical nature of computing hardware (as opposed to algorithms or their software implementations). Side channel attacks are rare, but it’s relatively straightforward to defend against most of them.
- Visual side channel
- Ensure that no humans or cameras (e.g. home security cameras, which can be hacked) have visual line-of-sight to the Quarantined Computers.
- Close doors and window shades.
- Acoustic side channel
- Choose a room where sound will not travel easily outside.
- Shut down nearby devices with microphones (e.g. smartphones and other laptops).
- Plug in and turn on a table fan to generate white noise.
- Power side channel
- Unplug both Quarantined Computers from the wall.
- Run them only on battery power throughout this protocol.
- Make sure they are fully charged first! If you run out of battery, you’ll need to start over.
and other side channels. Including
- Turn off all other computers and smartphones in the room.
- Put portable computing devices in the Faraday bag and seal the bag.
- Unplug desktop computers.
- Visual side channel
- Put your Q1 BOOT USB into an open slot in your Q1 computer.
- Boot off the USB drive. If you’ve forgotten how, refer to the procedure in Section IV.
- Plug the Q1 APP USB into the Q1 computer
- Copy the software from the Q1 computer’s RAM disk.
- Click the File Manager icon from the launchpad on the left side of the screen.
- Click on the App USB on the left of the file manager. It will look like the image on the right, but may have a different name.
- Drag the contents of the USB to the “Home” directory on the left side of file manager.
- Open a copy of this document on the Q1 computer.
In the File Manager find the glacier folder. The PDF file for this document should be visible with the name “Glacier.pdf.” Open it.
You won’t be able to click any external links in the document, since you don’t have a network connection. If you need to look something up on the internet, do so in a distant room. Do not remove devices from the Faraday bag before doing going to the other room.
- Open a Terminal window by pressing Ctrl-Alt-T.
- Install the application software on the Q1 computer’s RAM disk.
$ cd ~/apps $ sudo dpkg -i *.deb
- Change into the glacier directory. You’ll be using this directory to execute
software for the protocol.
$ cd ~/glacier
- Prepare GlacierScript for execution.
$ chmod +x glacierscript.py
- Prepare the “Quarantined Scratchpad” – an empty file you’ll use as a place
to jot notes.
- Click the “Search your computer” icon at the top of the launcher along the left side of the screen.
- Type “text editor”.
- Click the Text Editor icon.
- A blank window should appear.
- Repeat the above steps using the Q2 computer, Q2 SETUP USB and Q2 APP USB.