SECURE SHARE
SECURE SHARE
Why are we still using insecure channels of communication, like e-mail, Skype, IRC and Facebook? Why do we entrust central authorities with our most private data and why do we rely on their infrastructure?
Because there isn't an easy to use alternative yet!
End-to-end encryption and decentralized social interaction is always a hassle. Our goal is to give developers an easy to use framework that hides the complexity of decentralized message passing, a distributed social graph and naturally embeds encryption.
We hope to encourage the development of interfaces and platforms that are as user friendly as they can be. In the end, a distributed social platform can only succeed if everyone uses it.
The network we are currently bootstrapping will enjoy the speed of servers that help without knowing much about us, the trust of social relationships between users without becoming transparent, the privacy of elaborate obfuscation strategies without becoming unpractical.
This way, we can become independent of centralized infrastructure and rest assured that no one but the designated recipients can read our communications.
We employ GNUnet for peer-to-peer routing and encryption and PSYC to create the social trust graph (because it performs a dozen times better than XMPP or OStatus).
- While federated social systems host people's unencrypted data on each server (or pod), our approach ensures data is encrypted and unencrypted directly and only on the devices of the intended people. Here's a visual novel explaining why we are worried by servers and want to do it differently.
- Our solution is very lightweight, so it doesn't disturb everyday computing and works fine on small devices. That's why performance counts.
- You do have to install something. A web browser by itself is never a safe place for private communications. If you're going to install something that is supposed to bring you some electronic intimacy, try a comprehensive new approach rather than an add-on here and a plug-in there.
- Application developers will enjoy a comparitatively simple programming interface that hides the complexity of social interaction and digital privacy from their work and their users. You could be the one to add telephony to Secure Share, for example. No wait, GNUnet is already doing that.
- Nonetheless we consider usability very important. We want to reach out for those users that do not even know how to navigate the file system of their computers. We are explaining complicated things on this website, but the main application of this should be as simple as slapping your forehead for not having thought about it yourself. Or maybe you actually did.
Contents
Radical Privacy is barely enough
We call this "Secure Share," a framework for sufficiently safe social interaction. It arose after realizing that there is no satisfying technology to address the issues we outlined in the FSW 2011 paper entitled "Scalability & Paranoia in a Decentralized Social Network." Here's what we mean by safe:
- updates, comments, postings, messages, files and chat are only visible to the intended recipients (not the administrators of any servers or routers)
- the type and content of a message cannot be guessed at by looking at its size
- communication between parties cannot be measured as they may have none to several routing hops in-between. an observer never knows if a communication came where it came from and ends where it is going to.
- automatic responses and forwarded messages can intentionally be delayed so that an observer cannot tell two communications are related
- communications cannot be decrypted weeks later, just because the attacker gained access to one of the involved private keys (forward secrecy)
- even if an attacker gains access to a cleartext log, there is no proof the material was actually ever transmitted by anyone (for a case in court mere data would not suffice, you need actual testimonies)
- the list of contacts is never managed on potentially unsafe servers, it is only visible to those it should be visible to
- the infrastructure is robust and resilient against attacks
And if you are happy with less than that, we want you to just pull that slider from 'safety' towards 'convenience' on your own responsibility. You no longer need to switch software to pass from one to the other mode of operation.
As we researched in the paper and in further detail in the comparison only some advanced anonymization and P2P file sharing applications have explored these levels of privacy. So we decided to take one such technology and subvert it by applying our social information to it.
New materials
- (de) Vergleich und Bewertung Sozialer Netzwerke im Hinblick auf Architektur, Sicherheit, Datenschutz und Anbieterunabhängigkeit, Diplomarbeit von Alexander Altmann, Universität Potsdam.
- Updated comparison with Best Practice recommendations while you wait for secushare.
- Many reasons not to start using PGP.
- New pubsub API released.
Buzzwords to Dig Into
- Answers - Some FAQs asked and answered.
- Architecture - How does it stand tall?
- Business - Capitalism in the darknet.
- Censorship - We do ad-hoc mesh networks, too.
- Comparison - Is there any alternative really?
- Conspiracy - What if everyone is out to get you.
- Features - How hard would it be to be like Facebook once was.
- Federation - Why the decentralized social web thing doesn't work.
- Like - Let us have a distributed Like button, please!!
- PGP - A number of reasons not to start using it.
- Privacy - If you have no secrets, you have no life.
- Protocol - Ingredients: Efficiency and extensibility.
- Prototype - Current status of the prototype version.
- PubSub - The publish and subscribe paradigm revamped.
- Rendezvous - How to get started when you know nobody.
- Rights - You don't need a Bill Of Rights from us. You own us.
- Scalability - Multicasting, the key to make applications work for billions.
- Storage - About the new civil right for data deletion.
- Threats - What if malware messes up your secushare identity?
Events and Press Coverage
- (de) CAST-Forum zur NSA-Affäre: Kleine Schritte auf dem Weg zur technologischen Souveränität, heise.de
- Participation at the #youbroketheinternet sessions at 30C3.
- (de) Vergleich und Bewertung Sozialer Netzwerke im Hinblick auf Architektur, Sicherheit, Datenschutz und Anbieterunabhängigkeit, Diplomarbeit von Alexander Altmann, Universität Potsdam. English Abstract:
Social network services have gained widespread use world-wide and by very different people. To compare the currently most important social network services, six self-selected use cases and an accompanying user survey were conducted. Comparison and survey confirm that the large commercial providers offer sufficient functionality, but lack in the areas of security, privacy and provider independence. In a world under surveillance, most social network services are not suitable for sensitive personal data. It is shown how the architecture of a system affects the business model of the provider and the possibilities for self-determination and freedom of users. Two social network services currently in development, Briar and Secushare, are presented in more detail, followed by an explaination of technical challenges in P2P-based systems.
- Participation at openITP's Circumvention Tech Summit.
- Workshop at CCC-Berlin 2013-08, together with GNUnet and the Wau Holland Foundation.
- You broke the Internet. We'll make us a GNU one. Video from the talks at Piratenpartei featuring GNUnet, secushare and very special guests such as Richard Stallman (FSF) and Jacob Appelbaum (Tor).
- (de) Alles Facebook, oder was?, WDR German public radio
- Presentations at eth0, Easterhegg, SIGINT, CCC-HH, MOCA 2012 and "Digital Backyards"
- (de) Alternativen zu Google Facebook Co, heise.de
- Hackathon at IN-Berlin 2012-05, together with GNUnet, Briar, Lorea, UnlikeUs, TheGlobalSquare and Bitcoin. Result: GNUnet+PSYC could provide a useful backend for several distributed social applications.
- (de) Unlike Us: Es gibt Alternativen, heise.de.
- (de) Das Recht, vergessen zu werden, taz.de.
- Presentation and booth at Unlike Us 2 conference in Amsterdam.
- Presentation at freifunk gathering on occasion of transmediale 2012.
- (de) Social Swarm: Sicher im sozialen Netzwerk, ZDF Hyperland
- (de) Marcel Weiß, neunetz.com
- Tobias Jähnel, jonmedia.net
- JonnieCache on YCombinator
- from Sepp Hasslberger (P2P Foundation)
- Presentation at c-base on occasion of Chaos Communication Congress 2011.
- Presentation: A Masterplan for Private Social Networking, with the FoeBuD foundation at the Chaos Communication Camp 2011.
Projects that have already expressed interest in this technology
- The Wau Holland Foundation
- The Free Software Foundation Europe
- Institute of Network Cultures, Amsterdam Media Research Centre
- Piratenpartei Berlin, the testbed of concrete political participation
- c-base foundation
- dyne foundation and dyne:bolic linux distribution
- Social Swarm, political initiative for a secure Faceboogle replacement
- Lorea, hotbed of social networks on an experimental service
- Telekommunisten best known for their related project Thimbl
- Globaleaks, decentralized whistleblower platform
- Freedombox, hardware social interface for your home
- Briar, a secure news and discussion system
- TheGlobalSquare, similar project from the occupy-devs
- Telecomix Crypto Munitions Bureau, for distributed social controlling of the X.509 certification mechanism used in the world wide web
- 12many, distributed twitter replacement initiative
- Some Tor, debian and Bitcoin luminaries
Source Repositories
This is a free software project, since the kind of security we want to give to people can only be credible and trustworthy if it is freely available in its entirety and can be converted to machine executable programs by as many independent persons as possible.
Components of the system are built using the GNUnet framework. The design is described in "Design of a Social Messaging System Using Stateful Multicast". Current development is going on in
- the SVN repository of GNUnet (look at the psyc, psycstore, multicast and social directories).
- UI prototypes currently reside in gnunet-qt.
As the architecture page explains in detail, we don't use GNUnet for file sharing, so you don't need neither a particularely large hard disk nor a lot of bandwidth.
How can you help?
- You can express your support for us. (example)
- You can help us get funding, help us with our communications, work out alliances or simply give us more visibility.
- You can give us feedback if you think we are designing the perfect tool everyone has been waiting for, or if there's anything we overlooked.
- If you're a web designer, you can help us get a cross-device user interface going as described in architecture.
- If you're a graphics artist, you can spice us up.
- If you're a lawyer.
- If you're a C developer, talk to us to help us with the core service.
- If you're a developer in whatever other technology you like, you can design or translate a wide choice of tools (see 'Native User Interfaces' in architecture for examples) to work on top of Secure Share.
And, in any case, if you like what you see here, you can consider diverging some funds in our direction.
P2P Compliance
Secure Share is supposed to fulfil the following requirements for true P2P:
- Ten Principles for an Autonomous Internet
- Four Design Principles for True P2P Networks by Mark Pesce
- What Digital Commoners Need To Do by Michel Bauwens
- Establishing a Communication Commons by Aaron Peters
Oh, by the way, did I mention that Secure Share also runs over ad-hoc mesh networks?
Questions?
Here are some answers, or try our welcome chatroom:
- psyc://psyced.org/@welcome (another web interface)
- irc://psyced.org/welcome
- xmpp:*welcome@psyced.org
Stay in Touch
Drop your email address into these boxes, then hit each button to subscribe each of the following lists:
We don't recommend it, but you can follow us on Twitter.