The summer of 2013 will remain the moment we finally realized was, and . At first #youbroketheinternet was a cry of anger, but also a call to code the missing pieces for a new Internet architecture which doesn't fall to pieces like a house of cards.
If deployed on top of technologies that were not designed for it, end-to-end encryption has proven to be "damn near unusable," as Edward Snowden himself put it, let alone forward secure. But there are actually many new tools that have that feature at their foundation. Antiquated protocols like DNS, SMTP, XMPP and X.509 leak so-called metadata, that is the information of who is talking to whom. Also they put user data on servers out of the reach of their owners.
X.509, the certification system behind HTTPS and S/MIME, is broken and allows most governments and even many companies to run man in the middle attacks on you. The trust chain between the cryptography and the domain names is corrupt. Even if DNSSEC and DANE try to improve the security of DNS, they still expose your interest for certain resources. and XMPP fundamentally has the same problems: as long as all involved servers know all about who is talking to whom, it is already by far too much exposed knowledge — even if the mere encryption of the connection, which again depends on X.509, hasn't been undermined by a man in the middle, which is hard to find out if there is no human intervention and no reporting to the actual users when servers pass messages between each other.
This is not the way it has to be. We believe a completely new stack of Internet protocols is not only feasible, it already exists to a large extent. It merely needs better attention. Currently the majority of technology people are focused on improving the above mentioned protocols, even though they are broken by design… and can only be improved in some partial aspects. Vastly insufficient compared to what humanity deserves.
Others focus on anarchic technologies designed to undermine democracy, as if it was democracy's fault that digital offences produce no evidence. They thereby foster platforms for bypassing social obligations like contributing taxes, in order to produce infrastructure and social security for the weak. It is impressive how many people have been fooled into thinking negatively about taxes when they in fact depend on them for their own well-being. Only a tiny minority pays more taxes than it enjoys advantages from them.
This project is for those who want to look into a future of an Internet, which actually respects constitutional principles and returns democracy to a mostly functional condition.
Yet, nothing of this comes about if we don't provide incentives. Without incentives, Internet companies find no business model in protecting fundamental principles of democracy. Whereas universities have already delivered several decades of excellent research and working prototypes in this field, but they aren't incentivized to produce an actually deployable product. Also standards organizations are powerless if the company that infringes civil rights the most is the one that will dominate the market.
In practice, competition is at odds with philanthropy.
Currently it takes enthusiasts to fill in the gaps between what researchers and companies have released and turn it into something that actually works for the population. We think we need incentives to polish the protocol stack of a GNU Internet, and by we mean that the involved software needs to be free as in free speech, and that we need regulation to actually deploy an upgrade of the Internet to a version that protects its participants from eavesdropping and social correlation.
A video presentation of the #youbroketheinternet project was given 2014. For German viewers gibt es die .
Here's a map of projects working in some architectural layer of a possible GNU Internet. As you can see, none covers all required layers, so there is some work left to be done:
Yellow is for projects in development while green is for those that are available. Red illustrates brands that lose their monopoly condition once the respective layers are fully operational whereas light red indicates faulty technologies that we must replace. See the map page for elaboration on that.
(article in German) Europe should invest in an open source infrastructure for secure routing, secure communication and decentralized storage.
We started working on a EU law proposal to require mandatory anonymised, authenticated and end-to-end encrypted communications in all telephony and computing devices sold after 201x. Communications shall be anonymous in the sense that third parties are not entitled to recognize who is talking to whom yet they should be authenticated to all of the participants of any conversation, thus cutting out several vectors for so-called „cybercrime” such as unauthenticated SPAM mail, possibly containing malware or viruses.
Whereas when interacting with companies, people can choose whether to stay anonymous, assume a pseudonymous identity or authenticate as a legal person. This provides for a much safer way to do business over the Internet, saving citizen and especially companies precious time and money in extra security measures. In particular the failed concept of the password as an authentication scheme can be abolished once cryptographic authenticity is implicit in all transactions.
We recommend the pervasive deployment of for anonymous (micro)payments, allowing users to pay for their access to the net anonymously. We hereby determine the Internet to stop being a product and start becoming an existential public infrastructure.
We enable the design of "constitutional smartphones" that disallow bulk location tracking by authorities, but we also envision strategies to allow for law enforcement within constitutional boundaries, technologically impeding mass surveillance of entire populations, yet permitting monitoring of individuals following a court order. formulated similar ideas, albeit with a different strategy.
We shall include ways to ensure the correct implementation of such a regulation and a transition path from the existing unsafe systems. Be aware that this initiative, as a side effect of reconstructing the constitutionality of the Internet, resolves aspects of net neutrality, data protection and data retention all as an inevitable and logical side effect.
DG CONNECT of the European Commission has already expressed interest in this proposal, but suggests that it should find more public backing in order to find its way into the regulatory process. So now it is your turn, dear reader, to help promoting this.
You can examine the current draft inODT (free) orPDF (proprietary) format. Previous versions are listed here. The summary of the 30c3 YBTI sessions includes a discussion on the proposal. Video: (, ) The draft has evolved a lot since then, however.
We're the Internet has turned into the greatest threat to democracy. The measures society has to take, to ensure civil rights and freedom aren't at stake, are likely drastic. More than most would want to believe. It probably takes both better technologies and better laws.
On May 6th, 2016, at Berlin's Onionspace, the office space for projects that intend to fix the Internet, we hosted a political discussion regarding the use of scalable, distributed and GNU technologies as a possible way to recover some bits and pieces of democracy.
Is this all pointless? We invited alert minds to ask us and the audience some tough questions. Participants in the discussion were:
Audio recording of the discussion:
Once again, – and . Bernd has recorded some for us to watch.
The has become an almost inevitable place of exchange and shared evolution every four years. We held a long list of sessions at the "" project located by . We also had meetings and hack-on sessions after the camp in Berlin. One of the outcomes is the port of for the purpose of having a libre cryptographic routing system on mesh networks.
Always driven by convenience and easy solutions, the Internet and digital networks such as telephony's GSM have evolved into the easiest platform for a complete surveillance of humankind. This has some practical aspects when your priority is to hunt down crime, but by giving the power of omniscience to certain government agencies the Montesqueuian principle of Separation of Powers has been undermined.
Foundational values for a successful exercise of Democracy, such as the Secrecy of Correspondence or the Freedom of Assembly, which is effectively deanonymized and thus abolished by metadata collection, are impeded. In a situation of continued observation, the Freedom of Expression suffers by consequence. Even parts of the European Commission agree, that unregulated technology has positioned us on a slippery slope leading us into a neo-totalitarian society.
Surprisingly though, this doesn't have to be this way. By combining advanced technology and insightful legislation, it is up to the parliaments in power to priorize correctly and choose whether democratic preconditions are to be valued over law enforcement convenience.
We discussed options for a combined legal and technological framework that defines a GNU Internet, designed to protect constitutional principles of democracy, yet allows for targeted law enforcement within democratic boundaries. As a side effect it should also provide a more secure way for people to do business over the Internet and cut out several vectors for "cybercrime."
|The next generation on privacy and crypto apps all satellite around public-key based routing. We'll discuss e-mail replacements, secure telephony and DHT-based storage systems.|
Very interesting panel featuring illustre guests:
We have published our revised version of the comparison report on Options for a Secure Mail Systemoriginally written by Elijah Sparrow of the LEAP project. It discusses plenty of legacy protocols and legacy-oriented proposals such as LEAP itself and why very unfortunately they are unlikely to solve the issues at stake.
Then again you may find much more interesting as it spans all use cases and is more to the point.
This is "," the talk from the GNU Hackers Meeting 2014 that caused some mayhem for making the GCHQ HACIENDA program generally known to the public. The talk details how the five eyes agencies have been collaborating to systematically obtain control over computers on the entire planet, and how the new TCP Stealth technology developed by the presenter provides obstacles to the massive port scanning. GNU Internet technologies should support this new advanced TCP port knocking technique.
On the week-end of August 24-25, 2013, we gathered at Berlin's CCC headquarters to develop a rough on what the criteria should be for a GNU internet and to prepare for the upcoming sessions at 30C3.
|from the talks given in Berlin on August 1st. Over 100.000 people have watched it already — so should you. The talks are in English, even though the welcoming words are in German.|
Christian Grothoff's talk summarized the recent revelations about PRISM and their implications for non-American citizens, industries and governments. It then presented technical solutions towards a secure and fully decentralized future Internet, which would address key challenges for self-determined life created by the world-wide police state. Interesting details on this:
Back in 2013, just after the Snowden leaks, we seemed to be the only crazy people to ask for these things.. a systematic overhaul of the Internet.. an immediate upgrade from merely encrypted communications to metadata-protective communications. Our idea that servers aren't a safe place for such data was considered radical, even just after the new findings, but to us it was clear there was not another day to lose. In the meantime more political projects promoting these technologies have sprung up with very similar objectives, not counting the software projects themselves, which started heading in the right direction already a decade before. So let us recommend you also inspect , the mesh networking oriented sister of YBTI and the project (also known as e2einit).
Bitmessage is an interim alternative solution to electronic mail with its strengths and weaknesses, but it is likely to protect your metadata from showing that you contacted us - which cannot do. Please contact us via Bitmessage to BM-NB7xa9gEpmJgYp9PVnEdACiZcGmmEJcY. We run BM discussion lists on YBTI, legislation and other topics, but we can only invite you into them if you contact us first.
It is obviously not ideal that you got the address from an unencrypted website, so you may want to reassure its authenticity in the chat. If you're already using software you can meet us in our chatroom via our onion service:
Otherwise, here are more traditional means:
We hope our chat service to be reasonably safe, but there's still a risk that your interest in us is exposed, or even the contents of the chat ends up in the wrong hands.
We may occasionally make public announcements in the unsafe Internet:
This website is viewable as as much as .