Customized ISO distribution of SD Application and Monitor servers

[msheiny]

Since we are already tightly controlling the OS experience through ansible policies on first playbook install I think we should invest more time to move some of the logic upfront during the install process. We should maintain our own spin of Ubuntu with baked in:

• SecureDrop GPG key and repos already in place
• Basic security hardening tasks in place
• Strip out all non essential software for SD
• Automate as much of the install process as possible
• bad-ass ASCII art and customized ISO bootup logos

You could also make the argument (though I'm not really) that the gap between vanilla Ubuntu install and SD install is a vulnerable time for exploitation. We have no idea where administrators will stage these servers. It could have been set up in a relatively insecure network and then moved to an isolated location for the SD installation piece. In other words, this would close the gap of exposure between Vanilla Ubuntu and hardened SD configuration.

Now when I say maintain our own distro ... I mean take the stock upstream Ubuntu/Debian and sprinkle in our bits. I don't advocate that FPF gets in the OS shipping business and I feel there is a distinction here with what I'm proposing.

[eloquence]

Given the effort and complexity, we're unlikely to implement this; in any event, we'll want to consider server OS alternatives first (#5517). Closing.