SECUSHARE

SECUSHARE

(versione italiana)

Disclaimer: secushare is a research project that hasn't reached prototype status, yet. Consider that it basically consists of a new Internet stack combined with a full-fledged distributed scalability alternative to cloud technology. The challenge is so big, please be patient that we're not done quite yet. If you think you can contribute competence, time or attention to us, don't stop reading.

Imagine Facebook, Whatsapp, Gmail and Skype rolled into one, without the centralized surveillance and control. Crazy? Well, it hasn't been tried before, at least not our way. So let's give it a try.

secushare employs GNUnet for end-to-end encryption and anonymizing mesh routing (because it has a more suitable architecture than Tor or I2P) and applies PSYC on top (because it performs better than XMPP, JSON or OStatus) to create a distributed social graph. Together, these technologies allow for distributed private social networking including more straightforward and secure e-mail, chat, exchange of content and a private web. It could even work out as a safer choice for the Internet of Things.

The resulting new Internet enjoys the speed of servers that help without knowing much about us, the authenticity of social relationships between users without becoming transparent, the privacy of advanced obfuscation without becoming cumbersome or a threat to society. This way, we can become independent of centralized infrastructure and expect that only the designated recipients can read our communications. Read more about it in the introduction.

Radical Privacy is barely enough

We call this secushare, an attempt at providing at least one platform for safe social interaction aside from the uncivilized and surveilled Internet. It arose after realizing that there is no satisfying technology to address the issues we outlined in the FSW 2011 paper entitled "Scalability & Paranoia in a Decentralized Social Network." And there still is no such technology. At the time we assumed to be paranoid, but Snowden has taught us we weren't paranoid enough. Here's what we mean by safe:

  1. updates, comments, postings, messages, files and chat are only visible to the intended recipients (not the administrators of any servers or routers);
  2. the type and content of a message cannot be guessed at by looking at its size;
  3. communication between parties cannot be measured as they may have none to several routing hops in-between. an observer never knows if a communication came where it came from and ends where it is going to;
  4. automatic responses and forwarded messages can intentionally be delayed so that an observer cannot tell two communications are related;
  5. communications cannot be decrypted weeks later, just because the attacker gained access to one of the involved private keys (forward secrecy);
  6. even if an attacker gains access to a cleartext log, there is no proof the material was actually ever transmitted by anyone (for a case in court mere data would not suffice, you need actual testimonies);
  7. the list of contacts is never managed on potentially unsafe servers, it is only visible to those it should be visible to;
  8. the infrastructure is robust and resilient against attacks. in fact by using the GNUnet we are independent from the traditional insecure Internet and can operate in a censorship-resistant wireless mesh architecture.

And if you are happy with less than that, we want you to just pull that slider from 'safety' towards 'convenience' on your own responsibility. Read the introduction page for more.

Recent developments:

  • An implementation of GNUnet GNS in Go is underway
  • An IoT systems and server administration tool package is in development at https://box.secushare.org

Getting Started

Go to the GNUnet installation manual to get started using GNUnet tools. There are various repositories with prototype implementations that aren't up to date and would probably confuse you, so we don't list them here for now. But what you can play around with is the secushare BOX which is an administration tool for IoT systems and servers in general. For now it allows to log into such devices via GNUnet, so you do not depend on whichever IP number and NAT they may be having at any given time. As long as they can reach out for the GNUnet network, you can log in and do remote administration. It will provide more features in that sense as the project progresses.

As the architecture page explains in detail, we don't use GNUnet for file sharing – so you don't need neither a particularely large hard disk nor a lot of bandwidth to participate in secushare.

Source Code

Currently most components of secushare are integrated with GNUnet. The design is described on the protocol page.

  git clone https://gnunet.org/git/gnunet.git  

Materials / News

Events and Press Coverage

Social network services have gained widespread use world-wide and by very different people. To compare the currently most important social network services, six self-selected use cases and an accompanying user survey were conducted. Comparison and survey confirm that the large commercial providers offer sufficient functionality, but lack in the areas of security, privacy and provider independence. In a world under surveillance, most social network services are not suitable for sensitive personal data. It is shown how the architecture of a system affects the business model of the provider and the possibilities for self-determination and freedom of users. Two social network services currently in development, Briar and Secushare, are presented in more detail, followed by an explaination of technical challenges in P2P-based systems.

Projects that have expressed interest in secushare

Other interested partners:

Questions?

Here are some answers. Have you read the introduction page? Try also our welcome chatroom:

Be patient, we may reply hours later!

Stay in Touch

Unfortunately we are still using an old-fashioned metadata-unfriendly newsletter. Drop your email address into this box to subscribe:


We don't recommend it, but we sometime also send updates by Twitter or Facebook, if you already sold your soul to them.

This website is accessible as http://secushare.psyciumunsqarzsehz5xlgsi2mg4dkvntwf5bwj5kwbcbazwiuhna2ad.onion as much as https://secushare.org. And you may find a copy on freenet.

Last Change: 2021-06-30

Top