hush-box/README.md

# Hush to every home

The idea is to get rid of both hardware and software backdoors, install all necessary tools on a Pi 4 and sell it as a plug-and-play device. Including shipping cost the total estimated price is 200 USD. If you have your [Pi 4](https://www.raspberrypi.com/products/raspberry-pi-4-model-b) or [ROCKPro64](https://pine64.com/product/rockpro64-4gb-single-board-computer) already you can just follow the guide.

* [Raspberry Pi 4 model b](https://www.raspberrypi.com/products/raspberry-pi-4-model-b) with 4GB of RAM device will be used in order to avoid Intel ME and AMD PSP.
* [Devuan GNU+Linux](https://arm-files.devuan.org/RaspberryPi%20Latest%20Builds) will be installed, a fork of Debian without [systemd](https://ebin.city/~werwolf/posts/systemd-sucks), but [sysvinit](https://www.devuan.org/os/init-freedom) or openrc, runit, sinit and 66-devuan.
* For private transaction and communication [Hush](https://hush.land) cryptocurrency and [HushChat](https://git.hush.is/hush/hushchat) were chosen to fulfill this task.
* To start using HushChat right away a privkey for 0.5 HUSH will be provided.
* To ensure that nobody is spying on us the Tor network will be utilized.
* Operations Security (OPSEC) book will be provided to know the best practices on how to use the Internet safely. 😎

# Devuan GNU+Linux

Download the latest image and its hash from [arm-files.devuan.org](https://arm-files.devuan.org/RaspberryPi%20Latest%20Builds)

```
curl https://arm-files.devuan.org/RaspberryPi%20Latest%20Builds/rpi-4-devuan-beowulf-5.10.82-v8-ext4-2021-12-05.zip --output devuan.zip 
curl https://arm-files.devuan.org/RaspberryPi%20Latest%20Builds/rpi-4-devuan-beowulf-5.10.82-v8-ext4-2021-12-05.zip.sha256sum --output devuan.zip.sha256sum 
```
Verify the integrity of the file by comparing the hash value.

```
cat devuan.zip.sha256
sha256sum devuan.zip
unzip devuan.zip
```
MicroSD card is needed to image the file, change `5.10.82-v8-ext4-2021-12-05` and `mmcblk1` to whatever you have, use `ls` and `lsblk` to check it.

```
sudo umount /dev/mmcblk1
sudo mkfs.vfat /dev/mmcblk1
sudo dd if=rpi-4-devuan-beowulf-5.10.82-v8-ext4-2021-12-05.img of=/dev/mmcblk1 
```

Once you powered up your device with `devuan` as your username and `toor` as your password we may want to change the password with `passwd`, then we want to [install](https://www.devuan.org/os/documentation/dev1fanboy/en/minimal-xfce-install.html) the desktop environment, [XFCE](https://www.xfce.org/about) in this case.

```
sudo apt-get install xfce4-panel xfdesktop4 xfwm4 xfce4-settings xfce4-session xfce4-terminal xfce4-appfinder xfce4-power-manager thunar ristretto cinnabar-icon-theme thunar-volman gvfs policykit-1 slim 
```

Run update-alternatives to set the x-session-manager to xfce4-session.

```
sudo update-alternatives --config x-session-manager
```

Start XFCE, you run it only once.

```
startxfce4
```

If you're using USB tethering or you don't have an easy access to the Ethernet you need to uncomment the following strings with `sudo vim /etc/network/interfaces` and add `auto usb0` to enable Mobile tether:

```
### Mobile tether
auto usb0
allow-hotplug usb0
iface usb0 inet dhcp
```

# Compile Qt 5.15.2 from source, based on [compile-qt5.md](https://git.hush.is/jahway603/hush-docs/src/branch/master/advanced/compile-qt5-from-source.md)

Remove & purge all Qt packages
```
sudo apt -y remove qt5* libqt5* qtcreator && sudo autoremove
```
Download Qt 5.15.2 Source to qt5-sources folder

```
mkdir qt5-sources && cd qt5-sources && mkdir build-shadow
wget https://download.qt.io/official_releases/qt/5.15/5.15.2/single/qt-everywhere-src-5.15.2.tar.xz
```

Verify MD5 hash, should be e1447db4f06c841d8947f0a6ce83a7b5

```
md5sum qt-everywhere-src-5.15.2.tar.xz
```

Un-tar Qt5 archive & move into build-shadow directory to configure your Qt 5.15.2

```
tar xf qt-everywhere-src-5.15.2.tar.xz
cd build-shadow
```

Install Qt5 Minimal Dependencies

```
sudo apt update
sudo apt install build-essential libfontconfig1-dev libdbus-1-dev libfreetype6-dev libicu-dev libinput-dev libxkbcommon-dev libsqlite3-dev libssl-dev libpng-dev libjpeg-dev libglib2.0-dev
```

(Optional) Install VC4 Drivers for RPi 4 type devices (i.e. cortex-a53 & cortex-a72)

```
sudo apt install libgles2-mesa-dev libgbm-dev libdrm-dev
```

Install X11 Support Dependencies

```
sudo apt install libx11-dev libxcb1-dev  libxext-dev libxi-dev libxcomposite-dev libxcursor-dev libxtst-dev libxrandr-dev libfontconfig1-dev libfreetype6-dev libx11-xcb-dev libxext-dev libxfixes-dev libxi-dev libxrender-dev libxcb1-dev  libxcb-glx0-dev  libxcb-keysyms1-dev libxcb-image0-dev  libxcb-shm0-dev libxcb-icccm4-dev libxcb-sync-dev libxcb-xfixes0-dev libxcb-shape0-dev  libxcb-randr0-dev  libxcb-render-util0-dev  libxcb-util0-dev  libxcb-xinerama0-dev  libxcb-xkb-dev libxkbcommon-dev libxkbcommon-x11-dev
```

Configure Qt 5.15.2

```
../qt-everywhere-src-5.15.2/configure -v -bundled-xcb-xinput -opensource -confirm-license -release -ssl -glib -no-feature-geoservices_mapboxgl -qt-pcre -nomake examples -no-compile-examples -nomake tests -reduce-exports -system-freetype -fontconfig -qpa xcb
```

Make the configuration (`-j 4` is number of cpus you want to use)

```
make -j 4
```

Install Qt5 into: (default) /usr/local/

```
sudo make install
```

Update profile to know where Qt5.15.2 bins are

```
nano ~/.bashrc
```

Add this at the bottom of your .bashrc file.

```
# set PATH for Qt 5.15.2
export PATH="/usr/local/Qt-5.15.2/bin:$PATH"
```

Reload your ~/.bashrc file & create a new shell window.

```
source ~/.bashrc
exit
```

Verify Qt 5.15.2 has been installed

```
qmake --version
QMake version 3.1
Using Qt version 5.15.2 in /usr/local/Qt-5.15.2/lib
```

# HushChat

To use HushChat we need to install SilentDragonLite first.

```
git clone https://git.hush.is/hush/SilentDragonLite.git
cd SilentDragonLite/util
./install.sh
```

If, during the first sync, you can't see the SDL logo as bellow, you need to wait a minute or so.<br>
It can happen only during the first run, next time you will run SilentDragonLite the GUI will work just fine.

First sync (will be fixed)    |  Close & open it again
:----------------------------:|:----------------------------:
![](files/startupGIF_01.png)  |  ![](files/startupGIF_02.png)

# Tor