2012-Easterhegg.slides.html (5302B)
1 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" 2 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> 3 4 <html xmlns="http://www.w3.org/1999/xhtml"> 5 <head> 6 <title>Re-Invent the Internet with Secure Share</title> 7 <meta name="presdate" content="20120201" /> 8 <!-- metadata --> 9 <meta name="generator" content="S5" /> 10 <meta name="version" content="S5 1.1" /> 11 <meta name="author" content="Carlo v. Loesch" /> 12 <meta name="company" content="symlynX.com" /> 13 <!-- configuration parameters --> 14 <meta name="defaultView" content="slideshow" /> 15 <meta name="controlVis" content="hidden" /> 16 <!-- style sheet links --> 17 <link rel="stylesheet" href="UI/slides.css" type="text/css" media="projection" id="slideProj" /> 18 <link rel="stylesheet" href="UI/outline.css" type="text/css" media="screen" id="outlineStyle" /> 19 <link rel="stylesheet" href="UI/print.css" type="text/css" media="print" id="slidePrint" /> 20 <link rel="stylesheet" href="UI/opera.css" type="text/css" media="projection" id="operaFix" /> 21 <!-- S5 JS --> 22 <script src="UI/slides.js" type="text/javascript"></script> 23 </head> 24 <body> 25 26 <div class="layout"> 27 <div id="controls"><!-- DO NOT EDIT --></div> 28 <div id="currentSlide"><!-- DO NOT EDIT --></div> 29 <div id="header"></div> 30 <div id="footer"> 31 secushare: A Framework for ReInventing the Internet 32 </div> 33 </div> 34 35 <div id="between"> </div> 36 37 <div class="presentation"> 38 39 <div class="slide"> 40 <img style="padding: 80px" src="img/secushare-0444.png" /> 41 </div> 42 43 <div class="slide"> 44 <img class="gfx" src="img/gfx-unicast.png" width="600" height="500"/> 45 </div> 46 <div class="slide"> 47 <img class="gfx" src="img/gfx-cloud.png" width="600" height="500"/> 48 </div> 49 <div class="slide"> 50 <img class="gfx" src="img/gfx-multicast.png" width="600" height="500"/> 51 </div> 52 53 <div class="slide"> 54 <h1>One Too Many</h1> 55 <h2>Multicasting for Scalability</h2> 56 <ul class="uncremental"> 57 <li>social = one-to-many | many-to-many</li> 58 <li>70% of S2S XMPP messages is presence updates (5 years ago)</li> 59 <li>round robin distribution = slow (SMTP, XMPP, OStatus)</li> 60 <li>multicast = distribution trees</li> 61 <!-- li>HTTP is one-to-one, query/response, not bidirectional</li> 62 <li>XMPP has a trust issue (says the XSF)</li --> 63 <li>Bittorrent: from files to life streams?</li> 64 </ul> 65 </div> 66 67 <div class="slide"> 68 <h1>Don't Trust Servers</h1> 69 <h2>Servers are vulnerable</h2> 70 <ul class="uncremental"> 71 <li>client/server architecture: data resides on servers</li> 72 <li>federation: data visible on even more servers</li> 73 <li>memory access via bus sniffing</li> 74 <li>no shutdown necessary</li> 75 <li>automated memory image analysis proven</li> 76 </ul> 77 </div> 78 79 <div class="slide"> 80 <h1>Don't Trust Virtual Machines</h1> 81 <!--h2>Commodity Servers are VMs</h2--> 82 <ul class="uncremental"> 83 <li>my own server for 8 euros a month</li> 84 <li>vulnerable cryptography</li> 85 <li>memory can be monitored</li> 86 <li>controlling system accessible by observers</li> 87 <li>automated monitoring of federated social networks</li> 88 <li>anti-terror legislation possible</li> 89 <li>even if <em>your</em> box is at home</li> 90 </ul> 91 </div> 92 93 <div class="slide"> 94 <h1>Technologies</h1> 95 <ul class="uncremental"> 96 <li>GNUnet as a framework: routing and crypto</li> 97 <li>TUM, learned from I2P, Freenet...</li> 98 <li>"Enhanced" P2P with servers as agnostic routers</li> 99 <li>PSYC on top for trust relations and</li> 100 <li>friend discovery over social graph instead of DHT</li> 101 <li>no file sharing, no big traffic</li> 102 </ul> 103 104 <div class="slide"> 105 <h1>Privacy vs. Paranoia</h1> 106 <ul class="uncremental"> 107 <li>just to the intended recipients (e2e encryption)</li> 108 <li>packet size padding (unobservability)</li> 109 <li>flexible number of anonymization hops</li> 110 <li>optional intentional delay</li> 111 <li>forward secrecy</li> 112 <li>deniability (a log is no proof of nothing)</li> 113 <li>private subscription lists (not on a server)</li> 114 </ul> 115 </div> 116 117 <div class="slide"> 118 <h1>It's A Question Of Trust</h1> 119 <h2>Social Onion Routing</h2> 120 <ul class="uncremental"> 121 <li>trust relationship between nodes</li> 122 <li>multihop provides anonymization</li> 123 <li>motivation to provide "servers" as fast routers</li> 124 <li>my server is me, so you can trust my server</li> 125 <li>"P2P" a lot faster over servers</li> 126 <li>servers agnostically maintain messages (and data)</li> 127 <li>embed multicast trees into the onion routing</li> 128 </ul> 129 </div> 130 131 <div class="slide"> 132 <h1>Dissemination</h1> 133 <h2>Hard to beat Faceboogle</h2> 134 <ul class="uncremental"> 135 <li>since we need to go onto every computer anyway..</li> 136 <li>offer something Faceboogle can't provide?</li> 137 <li>exchanging files between friends sucks</li> 138 <li>USB sticks, e-mail, file hosters, skype, MSN, DropBox (brrr!)</li> 139 <li>WTF is 'Secure Share' ?</li> 140 </ul> 141 </div> 142 143 <div class="slide"> 144 <h1>A bad idea whose time has come?</h1> 145 <h2>End-to-end Encryption in the Browser!!1!11</h2> 146 <ul class="uncremental"> 147 <li>User interface comes from the server. 148 <li>Web browser does what the server says. 149 <li>Server corrupted? It can steal your data. 150 <li>Only static install helps. Still: 151 <li>Bad cryptography, bad script signing. 152 <li>So you might aswell go for the real thing... 153 </ul> 154 </div> 155 156 <div class="slide"> 157 <h1>Secure Share</h1> 158 <h2>Who's involved?</h2> 159 <ul> 160 <li>Carlo v. Lynx</li> 161 <li>Gabor Toth</li> 162 <li>Mathias Baumann</li> 163 <li>Daniel Reusche</li> 164 <li>secushare.org</li> 165 </ul> 166 </div> 167 168 169 </html>