diff options
author | Florian Dold <florian.dold@gmail.com> | 2016-05-11 14:09:21 +0200 |
---|---|---|
committer | Florian Dold <florian.dold@gmail.com> | 2016-05-11 14:09:21 +0200 |
commit | ba32c80836822ac729ce1e44270ab662e211a6fd (patch) | |
tree | c74f51382d54444f067c0975faae63c85c23807b | |
parent | 6e3dfbbb5c5cab4e96de1c556a69495dcdc6bdd1 (diff) | |
download | marketing-ba32c80836822ac729ce1e44270ab662e211a6fd.tar.gz marketing-ba32c80836822ac729ce1e44270ab662e211a6fd.tar.bz2 marketing-ba32c80836822ac729ce1e44270ab662e211a6fd.zip |
rff website material
-rw-r--r-- | 2016-rff-website/gnunet.md | 128 | ||||
-rw-r--r-- | 2016-rff-website/taler.md | 67 |
2 files changed, 195 insertions, 0 deletions
diff --git a/2016-rff-website/gnunet.md b/2016-rff-website/gnunet.md new file mode 100644 index 0000000..1e4df99 --- /dev/null +++ b/2016-rff-website/gnunet.md @@ -0,0 +1,128 @@ +GNUnet +====== + +GNUnet is a mesh routing layer for end-to-end encrypted networking and a +framework for distributed applications designed to replace the old insecure +Internet protocol stack. + +In other words, GNUnet provides a strong foundation of free software for a +global, distributed network that provides security and privacy. Along with an +application for secure publication of files, it has grown to include all kinds +of basic applications for the foundation of a GNU internet. + +GNUnet is an official GNU package. GNUnet can be downloaded from [GNU](ftp://ftp.gnu.org/gnu/gnunet/) and the +[GNU mirrors](ftp://ftpmirror.gnu.org/gnu/gnunet/). + +Why GNUnet? +----------- + +Security and privacy are virtually non-existant on today's Internet. Most +security protocols rely on some "trusted" third parties (such as certificate +authorities), which are frequently compromised. Traffic on the Internet is +routed and thus controlled by large providers, and easily censored (or blocked +entirely) at national borders. The originally decentralized web is increasingly +assimilated into services hosted at large advertising companies that mine it +for private information to be sold to advertisers. In all of these domains, +economics drives the creation of mega-corporations, which in turn has enabled +mass surveillance by authoritarian institutions. + +GNUnet's goal is to offer a way out of hierarchical networking, transitioning +into a network of equals. As each participant contributes a small amount of +resources to the common, GNUnet does not require users to give up their privacy +in order to use the network. In particular, peer-to-peer networks do not need +advertising revenue or other profits to function. However, merely +decentralizing the Internet is not sufficient, we also need security and +privacy. In fact, for individuals, privacy tends to be more important among +peers than vis-a-vis a faceless mega-corporation. Thus, GNUnet's focus is on +providing security while remaining fully decentralized. + +GNUnet is extensible and makes it easy to build new (peer-to-peer) +applications, or add alternative network transports to the base system. GNUnet +is not a classical overlay network, as GNUnet does not need TCP/IP to function: +while GNUnet peers can operate over classic Internet protocols like TCP or UDP, +they can also exchange information directly, for example over WLAN or +Bluetooth, without using IP at all. + +GNUnet and Research +------------------- + +GNUnet is not just an implementation effort, but also a research project. +Unlike many other research projects, our goal is to provide a working, +production-quality system (but we are not there yet). Providing security and +privacy in a fully decentralized setting is difficult, as many security +construction assume some kind of trusted third party. Furthermore, as GNUnet is +an open network, an adversary can actively participate. A strong adversary +might be able to run many peers, possibly even the majority of the peers. At +this point, even expensive security protocols that involve majorities fail. We +note that GNUnet does not have one "global" security model for all of its +applications; for that, our applications are too diverse in their designs and +requirements. However, we always build our components under the assumption that +there +are active, malicious participants in the network. + +Many of the key technical contributions behind GNUnet are described in detail +in our research papers. The following sections will briefly sketch some of the +key ideas for some of GNUnet's flagship applications. + + +Anonymous File-sharing +---------------------- + +Key ideas behind GNUnet's anonymous file-sharing application include an +improved content encoding (ECRS, the encoding for censorship resistant sharing) +and a new protocol for anonymous routing (gap). In gap, anonymity is provided +by making messages originating from a peer indistinguishable from messages that +the peer is routing. All peers act as routers and use link-encrypted +connections with stable bandwidth utilization to communicate with each other. +Properties of the content encoding and the routing protocol allow GNUnet to +reward contributing peers with better service using an excess-based economic +model for resource allocation. As a result, peers in GNUnet monitor each others +behavior with respect to resource usage; peers that contribute to the network +are rewarded with better service. + + +The GNU Name System +------------------- + +The GNU Name System (GNS) is a fully decentralized and censorship-resistant +public key infrastructure. Names in GNS are personal, as each user is in full +control of his ".gnu" zone. Users can delegate subdomains to the namespaces of +other users, and resolve each other's names using a privacy-preserving, +censorship-resistant secure network lookup mechanism. GNS is interoperable with +DNS, and can be used as an alternative to the X.509 PKI or the Web-of-Trust. + + +SecuShare +--------- + +Using GNS for identity management, we are currently starting to build the +foundation for fully decentralized social networking with SecuShare. Key design +goals include never storing (or transmitting) unencrypted data at third +parties, and the use of the PSYC protocol for semantic extensibility, that is, +to allow smooth migration of data to new revisions of the protocol. SecuShare +is still in its infancy, while we have worked out large parts of the design +much more code will need to be written before it can be used. Help is very +welcome. You can find additional details on the Secushare.org website. + + +Conclusion +---------- + +GNUnet continues to expand in scope and improve both in terms of technical +ideas and implementation, often thanks to discussions with developers from +related projects, such as Tor or I2P. We collaborate with these (and many +other) projects whenever it makes technical sense, as we share the same ideals +and goals: secure, private networking using free software to safeguard a free +and open society. + +While we believe that GNUnet is (or at least will become) the best solution for +(anonymous) file-sharing, GNUnet is much more than this. Our developers have +the ambition to provide a good general infrastructure for developing a wide +range of new decentralized networking applications, possibly to the point of +replacing the Internet as it is known today with a GNU network that embodies +the ideals of the GNU project. + +However, certain applications are not within the scope of the GNUnet project. +In particular, users that are looking for faster, non-anonymous file-sharing or +to anonymize their HTTP traffic should probably look elsewhere, as our goal is +not to duplicate existing applications. diff --git a/2016-rff-website/taler.md b/2016-rff-website/taler.md new file mode 100644 index 0000000..4f41562 --- /dev/null +++ b/2016-rff-website/taler.md @@ -0,0 +1,67 @@ +[GNU Taler](https://taler.net) is a new digital payment system whose +development is currently co-funded by the RFF. GNU Taler aims to strike a +balance between radically decentralized technologies such as Bitcoin and +traditional payment methods while satisfying stricter ethical requirements such +as customer privacy, taxation of merchants and environmental consciousness +through efficiency. GNU Taler also address micropayments, which are infeasible +with currently used payment systems due to high transaction costs. + +Addressing the problem of micropayments is urgent. The overwhelming majority of +online journalists, bloggers and content creators currently depend on +advertisement revenue for their income. The recent surge of ad-blocking +technology is threatening to destroy this primary source of income for many +independent online journalists and bloggers. Furthermore the existing +advertisement industry is based on the Big Data business model, and users do +not only pay with their attention but also with private information about their +behavior. This threatens to move our society towards post-democracy. Our goal +is to empower consumers and content creators by giving the choice to opt for +micropayments instead of advertisements. + +Unlike many recent developments in the field of privacy-preserving online +payments, GNU Taler is not based on blockchain technology, but on Chaum-style +digital payments with additional constructions based on elliptic curve +cryptography. Our work addresses practical problems that previous incarnations +of Chaum-style digital payments suffered from. The system is entirely composed +of free software components, which facilitates adoption, standardization and +community involvement. + +From the consumer's perspective, Taler's payment model comes closer to the +expectations one has when paying with cash than with credit cards. Customers +do not need to authenticate themselves with personally identifying information +to the merchant or the payment processor. Instead, individual payments are +authorized locally on the customer's computing device. This rules out a number +of security issues associated with identity theft. We expect that this will +also lower the barrier for online transactions due to the lower risk for the +customer. With current payment solutions, the risk of identity theft +accumulates with every payment being made. With our payment system, the only +risk involved with each individual payment is the amount being payed for that +single transaction. + +In Taler, the paying customer is only required to disclose minimal private +information (as required by local law), while the merchant's transactions are +completely transparent to the state and thus taxable. Taxable merely means +that the state can obtain the necessary information about the contract to levy +common forms of income, sales or value-added taxes, not that the system imposes +any particular tax code. When customers pay, they use anonymized digital +payment tokens to sign a contract with the merchant. The digitally signed +contract is proposed by the merchant and is supposed to contain all the +information required for taxation -- which typically excludes the identity of +the customer. Later, the state can obtain the contract by following a chain of +cryptographic tokens, starting from a token in the wire transfer from the Taler +payment system operator to the merchant. The payment system operator only +learns the total value of a contract, but no further details about the contract +or customer. + +To pay with GNU Taler, customers need to install an electronic wallet on their +computing device. Once such a wallet is present, the fact that the user does +not have to authenticate to pay fundamentally improves usability. We already +see today that electronic wallets like GooglePay are being deployed to simplify +payments online. However, the dominant players mostly simplify credit card +transactions without actually improving privacy or security for citizens. GNU +Taler is privacy-preserving free software and both technically and legally +designed to protect the interests of its users. + +A demo of an online blog that uses GNU Taler is available at +<https://demo.taler.net/>. Documentation for developers can be found at +<https://api.taler.net/>. + |