alee/fieldwitness
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
0312204340
fieldwitness/docs/training/reporter-quickstart.md
Aaron D. Lee 490f9d4a1d Rebrand SooSeF to FieldWitness 
Complete project rebrand for better positioning in the press freedom
and digital security space. FieldWitness communicates both field
deployment and evidence testimony — appropriate for the target audience
of journalists, NGOs, and human rights organizations.

Rename mapping:
- soosef → fieldwitness (package, CLI, all imports)
- soosef.stegasoo → fieldwitness.stego
- soosef.verisoo → fieldwitness.attest
- ~/.soosef/ → ~/.fwmetadata/ (innocuous data dir name)
- SOOSEF_DATA_DIR → FIELDWITNESS_DATA_DIR
- SoosefConfig → FieldWitnessConfig
- SoosefError → FieldWitnessError

Also includes:
- License switch from MIT to GPL-3.0
- C2PA bridge module (Phase 0-2 MVP): cert.py, export.py, vendor_assertions.py
- README repositioned to lead with provenance/federation, stego backgrounded
- Threat model skeleton at docs/security/threat-model.md
- Planning docs: docs/planning/c2pa-integration.md, docs/planning/gtm-feasibility.md

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-02 15:05:13 -04:00

3.3 KiB
Raw Blame History

Reporter Quick-Start Card

Audience: Field reporters using a FieldWitness Tier 1 bootable USB device. No technical background assumed.

Print this page on a single sheet, laminate it, and keep it with the USB stick.

Getting Started

  1. Plug the USB into any laptop
  2. Boot from USB (press F12 during startup, select the USB drive)
  3. Enter your passphrase when the blue screen appears (this unlocks your data)
  4. Wait for the browser to open automatically

You are now running FieldWitness. The laptop's own hard drive is never touched.

Taking and Attesting a Photo

  1. Transfer your photo to the laptop (USB cable, SD card, AirDrop, etc.)
  2. In the browser, click Attest
  3. Select your photo and click Sign
  4. The photo is now cryptographically signed with your identity

This proves you took this photo, where, and when. It cannot be forged later.

Hiding a Message in a Photo

  1. Click Encode in the browser
  2. Select a carrier image (the photo that will carry the hidden message)
  3. Select a reference photo (a photo both you and the recipient have)
  4. Type your message
  5. Enter your passphrase and PIN (the recipient needs the same ones)
  6. Click Encode

To send via WhatsApp, Signal, or Telegram, select the platform from the Transport dropdown before encoding. This ensures the message survives the platform's image compression.

Checking In (Dead Man's Switch)

If your admin has enabled the dead man's switch, you must check in regularly.

  1. Click Fieldkit in the browser
  2. Click Check In

Or from a terminal:

fieldwitness fieldkit checkin

If you miss your check-in window, the system will destroy all data after the grace period.

If you are unable to check in, contact your editor immediately.

Emergency: Destroying All Data

If you believe the device will be seized:

  1. Pull the USB stick -- the laptop retains nothing
  2. If you cannot pull the USB: click Fieldkit then Emergency Purge and confirm with CONFIRM-PURGE

Everything is gone. Keys, photos, attestations, messages -- all destroyed.

Shutting Down

  1. Close the browser
  2. Pull the USB stick

The laptop returns to its normal state. No trace of FieldWitness remains.

Troubleshooting

Problem Solution
Laptop does not boot from USB Press F12 (or F2, Del) during startup to enter boot menu. Select the USB drive. Disable Secure Boot in BIOS if needed.
"Certificate warning" in browser Normal for self-signed certificates. Click "Advanced" then "Accept the risk" or "Proceed."
Cannot connect to web UI Wait 30 seconds after boot. Try refreshing the browser. The URL is https://127.0.0.1:5000.
Forgot passphrase or PIN You cannot recover encrypted data without the correct passphrase and PIN. Contact your admin.
USB stick lost or broken Get a new USB from your admin. If you had a backup, they can restore your keys onto the new stick.

Key Rules

  1. Never leave the USB in an unattended laptop
  2. Check in on time if the dead man's switch is enabled
  3. Back up your USB -- your admin can help with this
  4. Verify fingerprints before trusting a collaborator's key
  5. Use transport-aware encoding when sending stego images through messaging apps