SECUSHARE
SECUSHARE
Imagine Facebook, Whatsapp, Gmail and Skype rolled into one, without the centralized surveillance and control. Crazy? Well, it hasn't been tried before, at least not our way. So let's give it a try.Disclaimer: secushare is a research project that hasn't reached prototype status, yet. Consider that it basically consists of a new Internet stack combined with a full-fledged distributed scalability alternative to cloud technology. The challenge is so big, please be patient that we're not done quite yet. If you think you can contribute competence, time or attention to us, don't stop reading.
secushare employs GNUnet for end-to-end encryption and anonymizing mesh routing (because it has a more suitable architecture than Tor or I2P) and applies PSYC on top (because it performs better than XMPP, JSON or OStatus) to create a distributed social graph. Together, these technologies allow for distributed private social networking including more straightforward and secure e-mail, chat, exchange of content and a private web. It could even work out as a safer choice for the Internet of Things.
The resulting new Internet enjoys the speed of servers that help without knowing much about us, the authenticity of social relationships between users without becoming transparent, the privacy of advanced obfuscation without becoming cumbersome or a threat to society. This way, we can become independent of centralized infrastructure and expect that only the designated recipients can read our communications. Read more about it in the introduction.
Contents
Radical Privacy is barely enough
We call this secushare, an attempt at providing at least one platform for safe social interaction aside from the uncivilized and surveilled Internet. It arose after realizing that there is no satisfying technology to address the issues we outlined in the FSW 2011 paper entitled "Scalability & Paranoia in a Decentralized Social Network." And there still is no such technology. At the time we assumed to be paranoid, but Snowden has taught us we weren't paranoid enough. Here's what we mean by safe:
- updates, comments, postings, messages, files and chat are only visible to the intended recipients (not the administrators of any servers or routers);
- the type and content of a message cannot be guessed at by looking at its size;
- communication between parties cannot be measured as they may have none to several routing hops in-between. an observer never knows if a communication came where it came from and ends where it is going to;
- automatic responses and forwarded messages can intentionally be delayed so that an observer cannot tell two communications are related;
- communications cannot be decrypted weeks later, just because the attacker gained access to one of the involved private keys (forward secrecy);
- even if an attacker gains access to a cleartext log, there is no proof the material was actually ever transmitted by anyone (for a case in court mere data would not suffice, you need actual testimonies);
- the list of contacts is never managed on potentially unsafe servers, it is only visible to those it should be visible to;
- the infrastructure is robust and resilient against attacks. in fact by using the GNUnet we are independent from the traditional insecure Internet and can operate in a censorship-resistant wireless mesh architecture.
And if you are happy with less than that, we want you to just pull that slider from 'safety' towards 'convenience' on your own responsibility. Read the introduction page for more.
Recent developments:
- An implementation of GNUnet GNS in Go is underway
- An IoT systems and server administration tool package is in development at https://box.secushare.org
Getting Started
Go to the GNUnet installation manual to get started using GNUnet tools. There are various repositories with prototype implementations that aren't up to date and would probably confuse you, so we don't list them here for now. But what you can play around with is the secushare BOX which is an administration tool for IoT systems and servers in general. For now it allows to log into such devices via GNUnet, so you do not depend on whichever IP number and NAT they may be having at any given time. As long as they can reach out for the GNUnet network, you can log in and do remote administration. It will provide more features in that sense as the project progresses.
As the architecture page explains in detail, we don't use GNUnet for file sharing – so you don't need neither a particularely large hard disk nor a lot of bandwidth to participate in secushare.
Source Code
Currently most components of secushare are integrated with GNUnet. The design is described on the protocol page.
git clone https://gnunet.org/git/gnunet.git
Materials / News
- The Power of Centralization — learning from "A Critical Look at Decentralized Personal Data Architectures".
- Videos from 34c3, recorded at ChaosWest:
- Scalable and Privacy-Respectful Distributed Systems - Our Chance to Avoid Cloud Computing? (video summary of pubsub and scalability)
- Three and a Half Ways to Enhance Metadata Protection Beyond Tor (video version of the anonymity document)
- Modeling Trust in a Distributed Private Social Network
- Privacy-Oriented Distributed Networking for an Ethical Internet, including 50 Subsystems of GNUnet
- secushare is a post-blockchain technology providing little scalable and ecological blockchains for everyone.
- How the Internet is Broken — a description of the current Internet stack and how our architecture looks in comparison.
- (de) Presentation of secushare's social graph modeling at Dresden's wonderful Datenspuren 2016, in German language (regular webm, regular mp4, hi-res webm, hi-res mp4).
- What if secushare were a threat to society?
- We are frequently asked, why we picked GNUnet over Tor or I2P. You should find the anonymity page interesting.
- The protocol stack of secushare has become pretty complex. Read more about it on the protocol page.
- Updated comparison with Best Practice recommendations while you wait for secushare.
- A Web Respectful of the Constitution is Possible by carlo von lynX. Presented at the W3C Privacy Workshop, describing the features of a private web over secushare-like technologies.
- The Internet is Broken: Idealistic Ideas for Building a
NEWGNU Network by Christian Grothoff, Bartlomiej Polot and Carlo v. Loesch – This paper describes issues for security and privacy at all layers of the Internet stack and proposes radical changes to the architecture to build a network that offers strong security and privacy by default. Presented at the W3C/IETF "Strengthening the Internet" Workshop STRINT. - Many reasons not to start using PGP, but skip straight ahead to something safer.
- New pubsub API released, accompanied by tg's masters thesis.
Events and Press Coverage
- Short intervention at the Internet Governance Forum 2019's Future Internet Governance Strategy for the European Union session. Please excuse the two spam intermissions by the Italian government.
- We earned some harsh criticism for the structure of this website from this Hacker News thread. We followed up on the easiest and most obvious complaint the same day.
- (de) Transition Regensburg reports on their use of federated social networks, but concludes with a recommendation of secushare.
- Next Generation Internet Workshop, Berlin, January 2018.
- Next Generation Internet Assembly @ 34C3, Leipzig.
- (de) Check out the secushare Booth at #FIfFKon16. We printed flyers and refurbished the website.
- Short visit to a Matrix meetup.
- We were mentioned on reddit in a thread called What "infrastructure" projects do you think offer the most radical potential to improve the free software, open internet, and libre technology world?
- Participation at the #youbroketheinternet sessions at 32C3.
- (de) Verschlüsselung: Alles wegwerfen und neu machen — Elektrischer Reporter mit Rüdiger Weis (CCC) und carlo von lynX (#youbroketheinternet)
- (de) CAST-Forum zur NSA-Affäre: Kleine Schritte auf dem Weg zur technologischen Souveränität: Klaus Landefeld of DE-CIX recommends to look into secushare, heise.de
- Participation at the #youbroketheinternet sessions at 30C3.
- (de) Vergleich und Bewertung Sozialer Netzwerke im Hinblick auf Architektur, Sicherheit, Datenschutz und Anbieterunabhängigkeit, Diplomarbeit von Alexander Altmann, Universität Potsdam. English Abstract:
Social network services have gained widespread use world-wide and by very different people. To compare the currently most important social network services, six self-selected use cases and an accompanying user survey were conducted. Comparison and survey confirm that the large commercial providers offer sufficient functionality, but lack in the areas of security, privacy and provider independence. In a world under surveillance, most social network services are not suitable for sensitive personal data. It is shown how the architecture of a system affects the business model of the provider and the possibilities for self-determination and freedom of users. Two social network services currently in development, Briar and Secushare, are presented in more detail, followed by an explaination of technical challenges in P2P-based systems.
- Participation at openITP's Circumvention Tech Summit.
- Workshop at CCC-Berlin 2013-08, together with GNUnet and the Wau Holland Foundation.
- #youbroketheinternet! We'll make us a GNU one. Video from the talks hosted at Piratenpartei 2013, featuring GNUnet, secushare and very special guests Richard Stallman (FSF) and Jacob Appelbaum (Tor).
- (de) Alles Facebook, oder was?, WDR German public radio
- Presentations at eth0, Easterhegg, SIGINT, CCC-HH, MOCA 2012 and "Digital Backyards"
- (de) Alternativen zu Google Facebook Co, heise.de
- Hackathon at IN-Berlin 2012-05, together with GNUnet, Briar, Lorea, UnlikeUs, TheGlobalSquare and Bitcoin. Result: GNUnet+PSYC could provide a useful backend for several distributed social applications.
- (de) Unlike Us: Es gibt Alternativen, heise.de.
- (de) Das Recht, vergessen zu werden, taz.de.
- Presentation and booth at Unlike Us 2 conference in Amsterdam.
- Presentation at freifunk gathering on occasion of transmediale 2012.
- (de) Social Swarm: Sicher im sozialen Netzwerk, ZDF Hyperland
- (de) Marcel Weiß, neunetz.com
- Tobias Jähnel, jonmedia.net
- JonnieCache on YCombinator
- from Sepp Hasslberger (P2P Foundation)
- Presentation at c-base on occasion of Chaos Communication Congress 2011.
- Presentation: A Masterplan for Private Social Networking, with the FoeBuD foundation at the Chaos Communication Camp 2011.
Projects that have expressed interest in secushare
- We received development funding from the NLnet foundation. Thank you!
- We received travel expense funding from the Wau Holland Foundation. Thank you!
Other interested partners:
- the onionspace
- EDN
- The Free Software Foundation Europe
- Institute of Network Cultures, Amsterdam Media Research Centre
- Piratenpartei Berlin, the testbed of concrete political participation
- c-base foundation
- dyne foundation and dyne:bolic linux distribution
- Social Swarm, political initiative for a secure Faceboogle replacement
- Lorea, hotbed of social networks on an experimental service
- Telekommunisten best known for their related project Thimbl
- Globaleaks, decentralized whistleblower platform
- Freedombox, hardware social interface for your home
- Briar, a secure news and discussion system
- Telecomix Crypto Munitions Bureau, for distributed social controlling of the X.509 certification mechanism used in the world wide web
- 12many (one-to-many), distributed twitter replacement initiative
Questions?
Here are some answers. Have you read the introduction page? Try also our welcome chatroom:
- psyc://psycyificvaxuzut3t6hcies3stfdtlzqftcnmbb5su3xv4zugplsfad.onion/@welcome
- irc://psycyificvaxuzut3t6hcies3stfdtlzqftcnmbb5su3xv4zugplsfad.onion:67/welcome
- psyc://psyced.org/@welcome (another web interface)
- irc://psyced.org/welcome
- xmpp:*welcome@psyced.org
Be patient, we may reply hours later!
Stay in Touch
Unfortunately we are still using an old-fashioned metadata-unfriendly newsletter. Drop your email address into this box to subscribe:
We don't recommend it, but we sometime also send updates by Twitter or Facebook, if you already sold your soul to them.
This website is accessible as http://secushare.psyciumunsqarzsehz5xlgsi2mg4dkvntwf5bwj5kwbcbazwiuhna2ad.onion as much as https://secushare.org. And you may find a copy on freenet.
Last Change: 2021-06-30