opensource.google.com

Menu

Outline: secure access to the open web

Wednesday, October 10, 2018

Censorship and surveillance are challenges that many journalists around the world face on a daily basis. Some of them use a virtual private network (VPN) to provide safer access to the open internet, but not all VPNs are equally reliable and trustworthy, and even fewer are open source.

That’s why Jigsaw created Outline, a new open source, independently audited platform that lets any organization easily create and operate their own VPN.

Outline’s most striking feature is arguably how easy it is to use. An organization starts by downloading the Outline Manager app, which lets them sign in to DigitalOcean, where they can host their own VPN, and set it up with just a few clicks. They can also easily use other cloud providers, provided they have shell access to run the installation script. Once an Outline server is set up, the server administrator can create access credentials and share with their network of contacts, who can then use the Outline clients to connect to it.


A core element to any VPN’s security is the protocol that the server and clients use to communicate. When we looked at the existing protocols, we realized that many of them were easily identifiable by network adversaries looking to spot and block VPN traffic. To make Outline more resilient against this threat, we chose Shadowsocks, a secure, handshake-less, and open source protocol that is known for its strength and performance, and enjoys the support of many developers worldwide. Shadowsocks is a combination of a simplified SOCKS5-like routing protocol, running on top of an encrypted channel. We chose the AEAD_CHACHA20_POLY1305 cipher, which is an IETF standard and provides the security and performance users need.

Another important component to security is running up-to-date software. We package the server code as a Docker image, enabling us to run on multiple platforms, and allowing for automatic updates using Watchtower. On DigitalOcean installations, we also enable automatic security updates on the host machine.

If security is one of the most critical parts of creating a better VPN, usability is the other. We wanted Outline to offer a consistent, simple user experience across platforms, and for it to be easy for developers around the world to contribute to it. With that in mind, we use the cross-platform development framework Apache Cordova for Android, iOS, macOS and ChromeOS, and Electron for Windows. The application logic is a web application written in TypeScript, while the networking code had to be written in native code for each platform. This setup allows us to reutilize most of code, and create consistent user experiences across diverse platforms.

In order to encourage a robust developer community we wanted to strike a balance between simplicity, reproducibility, and automation of future contributions. To that end, we use Travis for continuous builds and to generate the binaries that are ultimately uploaded to the app stores. Thanks to its cross-platform support, any team member can produce a macOS or Windows binary with a single click. We also use Docker to package the build tools for client platforms, and thanks to Electron, developers familiar with the server's Node.js code base can also contribute to the Outline Manager application.

You can find our code in the Outline GitHub repositories and more information on the Outline website. We hope that more developers join the project to build technology that helps people connect to the open web and stay more safe online.

By Vinicius Fortuna, Jigsaw

These 27 organizations will mentor students in Google Code-in 2018

Tuesday, September 18, 2018

We’re excited to welcome 27 open source organizations to mentor students as part of Google Code-in 2018. The contest, now in its ninth year, offers 13-17 year old pre-university students from around the world an opportunity to learn and practice their skills while contributing to open source projects–all online!

Google Code-in starts for students on October 23rd. Students are encouraged to learn about the participating organizations ahead of time and can get started by clicking on the links below:
  • AOSSIE: Australian umbrella organization for open source projects.
  • Apertium: rule-based machine translation platform.
  • Catrobat: visual programming for creating mobile games and animations.
  • CCExtractor: open source tools for subtitle generation.
  • CloudCV: building platforms for reproducible AI research.
  • coala: a unified interface for linting and fixing code, regardless of the programming languages used.
  • Copyleft Games Group: develops tools, libraries, and game engines.
  • Digital Impact Alliance: collaborative space for multiple open source projects serving the international development and humanitarian response sectors.
  • Drupal: content management platform.
  • Fedora Project: a free and friendly Linux-based operating system.
  • FOSSASIA: developing communities across all ages and borders to form a better future with Open Technologies and ICT.
  • Haiku: operating system specifically targeting personal computing.
  • JBoss Community: a community of projects around JBoss Middleware.
  • KDE Community: produces FOSS by artists, designers, programmers, translators, writers and other contributors.
  • Liquid Galaxy: an interactive, panoramic and immersive visualization tool.
  • MetaBrainz: builds community maintained databases.
  • MovingBlocks: a Minecraft-inspired open source game.
  • OpenMRS: open source medical records system for the world.
  • OpenWISP: a network management system aimed at low cost networks.
  • OSGeo: building open source geospatial tools.
  • PostgreSQL: relational database system.
  • Public Lab: open software to help communities measure and analyze pollution.
  • RTEMS Project: operating system used in satellites, particle accelerators, robots, racing motorcycles, building controls, medical devices.
  • Sugar Labs: learning platform and activities for elementary education.
  • SCoRe: research lab seeking sustainable solutions for problems faced by developing countries.
  • The ns-3 Network Simulator Project: packet-level network simulator for research and education.
  • Wikimedia: non-profit foundation dedicated to bringing free content to the world, operating Wikipedia.
These 27 organizations are hard at work creating thousands of tasks for students to work on, including code, documentation, design, quality assurance, outreach, research and training tasks. The contest starts for students on Tuesday, October 23rd at 9:00am Pacific Time.

You can learn more about Google Code-in on the contest site where you’ll find Frequently Asked Questions, Important Dates and flyers and other helpful information including the Getting Started Guide.

Want to talk with other students, mentors, and organization administrations about the contest? Check out our discussion mailing list. We can’t wait to get started!

By Stephanie Taylor, Google Open Source

Google Code-in 2018 is looking for great open source organizations to apply

Thursday, September 6, 2018

We are accepting applications for open source organizations interested in participating in Google Code-in 2018. Google Code-in (GCI) invites pre-university students ages 13-17 to learn by contributing to open source software.

Working with young students is a special responsibility and each year we hear inspiring stories from mentors who participate. To ensure these new, young contributors have a solid support system, we only select organizations that have gained experience in mentoring students by previously taking part in Google Summer of Code.

Organization applications are now open and all interested open source organizations must apply before Monday, September 17 at 16:00 UTC.

In 2017, 25 organizations were accepted – 9 of which were participating in GCI for the first time! Over the last 8 years, 8,108 students from 107 countries have completed more than 40,000 tasks for participating open source projects. Tasks fall into 5 categories:
  • Code: writing or refactoring.
  • Documentation/Training: creating/editing documents and helping others learn more.
  • Outreach/Research: community management, outreach/marketing, or studying problems and recommending solutions.
  • Quality Assurance: testing and ensuring code is of high quality.
  • Design: graphic design or user interface design.
Once an organization is selected for Google Code-in 2018 they will define these tasks and recruit mentors from their communities who are interested in providing online support for students during the seven week contest.

You can find a timeline, FAQ and other information about Google Code-in on our website. If you’re an educator interested in sharing Google Code-in with your students, you can find resources here.

By Stephanie Taylor, Google Open Source
.