2011-CCCamp.slides.html - presentations

2011-CCCamp.slides.html (7394B)
      1 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" 
      2 	"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
      3 
      4 <html xmlns="http://www.w3.org/1999/xhtml">
      5 <head>
      6 <title>Scalable &amp; Paranoid: Secure Share</title>
      7 <!-- metadata -->
      8 <meta name="generator" content="S5" />
      9 <meta name="version" content="S5 1.1" />
     10 <meta name="presdate" content="20110814" />
     11 <meta name="author" content="Carlo v. Loesch" />
     12 <meta name="company" content="symlynX.com" />
     13 <!-- configuration parameters -->
     14 <meta name="defaultView" content="slideshow" />
     15 <meta name="controlVis" content="hidden" />
     16 <!-- style sheet links -->
     17 <link rel="stylesheet" href="http://www.psyc.eu/papers/ui/psyced/slides.css" type="text/css" media="projection" id="slideProj" />
     18 <link rel="stylesheet" href="http://www.psyc.eu/papers/ui/psyced/outline.css" type="text/css" media="screen" id="outlineStyle" />
     19 <link rel="stylesheet" href="http://www.psyc.eu/papers/ui/psyced/print.css" type="text/css" media="print" id="slidePrint" />
     20 <link rel="stylesheet" href="http://www.psyc.eu/papers/ui/psyced/opera.css" type="text/css" media="projection" id="operaFix" />
     21 <!-- S5 JS -->
     22 <script src="http://www.psyc.eu/papers/ui/psyced/slides.js" type="text/javascript"></script>
     23 </head>
     24 <body>
     25 
     26 <div class="layout">
     27 <div id="controls"><!-- DO NOT EDIT --></div>
     28 <div id="currentSlide"><!-- DO NOT EDIT --></div>
     29 <div id="header"></div>
     30 <div id="footer">
     31 &nbsp; Scalable &amp; Paranoid: Secure Share
     32 </div>
     33 
     34 </div>
     35 
     36 
     37 <div class="presentation">
     38 
     39 <div class="slide">
     40 <h2>Scalable &amp; Paranoid: Secure Share</h2>
     41 <ul>
     42 <li>Carlo v. Loesch (symlynX)</li>
     43 <li>Gabor Toth (PSYC)</li>
     44 <li>Mathias Baumann (PSYC)</li>
     45 </ul>
     46 </div>
     47 
     48 <div class="slide">
     49 <h1>A Perfectionist's Social Network</h1>
     50 <h2>Overview of the Talk</h2>
     51 <ul>
     52 <li>Safety of Virtual Machines</li>
     53 <li>How Much Privacy Is Enough?</li>
     54 <li>Social Onion Routing</li>
     55 <li>More Desired Features</li>
     56 <li>Architecture, Protocols</li>
     57 <li>How to Beat Faceboogle</li>
     58 <li>The 'Secure Share' App</li>
     59 </ul>
     60 </div>
     61 
     62 <div class="slide">
     63 <h1>Don't Trust Virtual Machines</h1>
     64 <h2>Commodity Servers are VMs</h2>
     65 <ul class="incremental">
     66 <li>vulnerable cryptography</li>
     67 <li>memory can be monitored</li>
     68 <li>controlling system accessible by observers</li>
     69 <li>automated monitoring of federated social networks</li>
     70 <li>anti-terror legislation possible</li>
     71 <li>even if <em>your</em> server is at home</li>
     72 </ul>
     73 </div>
     74 
     75 <div class="slide">
     76 <h1>Privacy vs. Paranoia</h1>
     77 <h2>How Much Privacy Is Enough? 1/2</h2>
     78 <ul class="incremental">
     79 <li>just to the intended recipients (e2e encryption)</li>
     80 <li>packet size padding (unobservability)</li>
     81 <li>flexible number of anonymization hops</li>
     82 <li>optional intentional delay</li>
     83 </ul>
     84 </div>
     85 
     86 <div class="slide">
     87 <h1>Privacy vs. Paranoia</h1>
     88 <h2>How Much Privacy Is Enough? 2/2</h2>
     89 <ul class="incremental">
     90 <li>forward secrecy</li>
     91 <li>deniability (a log is no proof of nothing)</li>
     92 <li>private subscription lists (not on a server)</li>
     93 <li>robust and resilient against attacks</li>
     94 </ul>
     95 </div>
     96 
     97 <div class="slide">
     98 <h1>It's A Question Of Trust</h1>
     99 <h2>Social Onion Routing</h2>
    100 <ul class="incremental">
    101 <li>trust relationship between nodes</li>
    102 <li>multihop provides anonymization</li>
    103 <li>motivation to provide "servers" as fast routers</li>
    104 <li>"P2P" a lot faster over servers</li>
    105 <li>irony: role switch between servers and routers</li>
    106 </ul>
    107 </div>
    108 
    109 <div class="slide">
    110 <h1>Portability &amp; Acceptance</h1>
    111 <h2>Lightweight Daemon</h2>
    112 <ul class="incremental">
    113 <li>personal devices and home routers</li>
    114 <li>lightweight for embedded and mobile</li>
    115 <li>lightweight for background daemon use</li>
    116 <li>compiled language</li>
    117 <li>more likely to get included in OS distros</li>
    118 </ul>
    119 </div>
    120 
    121 <div class="slide">
    122 <h1>Architecture</h1>
    123 <h2>Technology</h2>
    124 <ul class="incremental">
    125 <li>looking for the best framework...</li>
    126 <li>GnuNet, Maidsafe, A3 or Tonika?</li>
    127 <li>socially enhanced DHT?</li>
    128 <li>payload syntax: efficient, binary capable, extensible</li>
    129 <li>Multicast distribution for scalability (later)</li>
    130 </ul>
    131 </div>
    132 
    133 <div class="slide">
    134 <h1>Flexibility</h1>
    135 <h2>Framework Architecture</h2>
    136 <ul class="incremental">
    137 <li>a truly private messaging backend</li>
    138 <li>social applications to be built on top</li>
    139 <li>emulations of the 'open standards' possible</li>
    140 <li>OStatus, WebID, RDF, even the Twitter API</li>
    141 <li>optional modules for XMPP, IRC?</li>
    142 <li>Activity Streams</li>
    143 </ul>
    144 </div>
    145 
    146 <div class="slide">
    147 <h1>Dissemination</h1>
    148 <h2>Hard to beat Faceboogle</h2>
    149 <ul class="incremental">
    150 <li>since we need to go onto every computer anyway..</li>
    151 <li>offer something Faceboogle can't provide?</li>
    152 <li>exchanging files between friends sucks</li>
    153 <li>USB sticks, e-mail, file hosters, skype, MSN</li>
    154 <li>WTF is 'Secure Share' ?</li>
    155 </ul>
    156 </div>
    157 
    158 <div class="slide">
    159 <h1>Desktop Integration</h1>
    160 <h2>'Secure Share' Function</h2>
    161 <ul class="incremental">
    162 <li>right mouse button click (context menu)</li>
    163 <li>share a file to a channel of subscribers</li>
    164 <li>appears in their file system soon</li>
    165 <li>realtime or delayed notification</li>
    166 <li>no permission dialogs</li>
    167 <li>shipped by default in your free OS?</li>
    168 </ul>
    169 </div>
    170 
    171 <!--
    172 
    173 <div class="slide">
    174 <h1>One Too Many</h1>
    175 <h2>Multicasting for Scalability</h2>
    176 <ul class="incremental">
    177 <li>social interactions are one-to-many or many-to-many</li>
    178 <li>HTTP is one-to-one</li>
    179 <li>round robin distribution is slow (SMTP)</li>
    180 <li>IP Multicast doesn't do the job (router table overflow)</li>
    181 <li>IRC and NNTP do/did multicast, but had other problems</li>
    182 </ul>
    183 </div>
    184 
    185 <div class="slide">
    186 <h1>One Too Many</h1>
    187 <h2>Multicasting with XMPP?</h2>
    188 <ul class="incremental">
    189 <li>70% of S2S XMPP messages is presence updates (5 years ago)</li>
    190 <li>XMPP has limited support for one-to-many communications</li>
    191 <li>XMPP can be improved, but: trust problem with multicast</li>
    192 </ul>
    193 </div>
    194 
    195 <div class="slide">
    196 <h1>One Too Many</h1>
    197 <h2>Multicasting with HTTP?</h2>
    198 <ul class="incremental">
    199 <li>fundamentally feasible</li>
    200 <li>unnatural: HTTP is not bidirectional</li>
    201 <li>requires trust in a federated architecture</li>
    202 </ul>
    203 </div>
    204 
    205 <div class="slide">
    206 <h1>Possible Solution Part 1</h1>
    207 <h2>New Architecture?</h2>
    208 <ul class="incremental">
    209 <li>"Enhanced" P2P with servers as agnostic routers</li>
    210 <li>Options: GNUnet, Maidsafe, A3, Tonika</li>
    211 <li>Less possibly: I2P, Diaspora</li>
    212 <li>Features: Unobservability, End-To-End ...</li>
    213 <li>What's missing?</li>
    214 </ul>
    215 </div>
    216 
    217 <div class="slide">
    218 <h1>Possible Solution Part 2</h1>
    219 <h2>Things to add on top</h2>
    220 <ul class="incremental">
    221 <li>multicast routing option</li>
    222 <li>social trust metrics</li>
    223 <li>... applied for routing</li>
    224 <li>flexible payload syntax</li>
    225 <li>standard formats may be portable</li>
    226 <li>web interface still likely</li>
    227 </ul>
    228 </div>
    229 
    230 -->
    231 
    232 <!-- div class="slide">
    233 </div -->
    234 
    235 <div class="slide">
    236 <h1>If you like what we do</h1>
    237 <h2>We need support</h2>
    238 <ul>
    239 <li>Manpower</li>
    240 <li>Alliances</li>
    241 <li>Finances</li>
    242 <li>Publicity</li>
    243 </ul>
    244 <br/>
    245 <br/>
    246 Thank you.<br/>
    247 </div>
    248 
    249 <div class="slide">
    250 <h1>Cross That Bridge As We Get There?</h1>
    251 <h2>Let's just get started with something!</h2>
    252 <ul class="incremental">
    253 <li>The Mediocre is the Enemy of the Good</li>
    254 <li>Historic Examples:</li>
    255 <li>HTTP.. HTTP/NG?, SPDY!?</li>
    256 <li>SMTP.. What? Faceboogle!?</li>
    257 <li>XML.. What? JSON!?</li>
    258 <!-- li>SQL..</li -->
    259 </ul>
    260 </div>
    261 
    262 </html>
	presentations Presentations
	Log \| Files \| Refs