Installing Hush Line

Let's learn how to get your very own Hush Line up and running so you can receive private information from your community.

Choosing the right deployment

Given Hush Line's range of deployment choices, weigh the pros and cons of each:

  • Onion-only: Best for high-threat environments, offering maximum anonymity. However, it might be less accessible for non-technical users.

  • Tor + Public Web: Offers a balance of accessibility and security. Useful for low-to-medium-threat scenarios.

Where to install Hush Line

  • Virtual Private Server (VPS): - Deploying to a virtual private server (VPS) like Njalla or Digital Ocean is easy and cost-effective. You should use a VPS if you're deploying to a public website.

  • Physical Device: A physical device like a Raspberry Pi gives you more control but could be at risk if the physical location is compromised. It is ideal for high-risk scenarios where control over the infrastructure is crucial.

It's important for all deployment types that you share your addresses with your community openly and clearly and reinforce to your users only to use the addresses you've shared.

Boosting Security

To further bolster security:

  1. Only install Hush Line on a dedicated server.
  2. Consider using dedicated devices to check emails from Hush Line.
  3. Employ secondary verification methods for significant tips.
  4. Enhance anonymity with tools like VPNs or secure browsing techniques.

Maintenance & Updates

While Hush Line offers automatic updates, it's vital to:

  • Regularly review the system for potential threats.
  • Stay informed about the latest security updates and patches.
  • Engage in regular security training and awareness for all staff involved.

Conclusion

Deploying Hush Line is a step towards fostering open communication while safeguarding anonymity. Understanding the threats, choosing the right deployment option, and following security best practices can ensure a secure and effective platform for your community.

For organizations seeking in-depth threat analysis and tailored advice, please send an email to hushline@scidsg.org.