Javascript for Privacy-Protecting Peer-to-Peer Applications
This is a modal window.
Das Video konnte nicht geladen werden, da entweder ein Server- oder Netzwerkfehler auftrat oder das Format nicht unterstützt wird.
Formale Metadaten
| Titel |
| |
| Untertitel |
| |
| Serientitel | ||
| Anzahl der Teile | 542 | |
| Autor | ||
| Lizenz | CC-Namensnennung 2.0 Belgien: Sie dürfen das Werk bzw. den Inhalt zu jedem legalen Zweck nutzen, verändern und in unveränderter oder veränderter Form vervielfältigen, verbreiten und öffentlich zugänglich machen, sofern Sie den Namen des Autors/Rechteinhabers in der von ihm festgelegten Weise nennen. | |
| Identifikatoren | 10.5446/61864 (DOI) | |
| Herausgeber | ||
| Erscheinungsjahr | ||
| Sprache |
Inhaltliche Metadaten
| Fachgebiet | ||
| Genre | ||
| Abstract |
|
00:00
SkriptspracheDatenmissbrauchAppletProgrammbibliothekTwitter <Softwareplattform>Peer-to-Peer-NetzChiffrierungInterprozesskommunikationAssoziativgesetzDatenmodellDigitalsignalKontrollstrukturOverlay-NetzRechnernetzNotepad-ComputerSoftwaretestLokales NetzRouterInformationsspeicherungMessage-PassingHypermediaDatentypKette <Mathematik>Interface <Schaltung>StellenringRechnernetzZentralisatorServerUnternehmensmodellOverlay-NetzRouterPeer-to-Peer-NetzRechter WinkelInterprozesskommunikationHypermediaCloud ComputingSoftwareentwicklerPunktwolkeDatenmissbrauchMaschinenschreibenSpeicherabzugDienst <Informatik>BitInternetworkingCoxeter-GruppeSelbst organisierendes SystemSoftwareEntscheidungstheorieKartesische KoordinatenSoftwarewartungClientSchreiben <Datenverarbeitung>Endliche ModelltheorieProgrammbibliothekFreewarePhysikalisches SystemMereologieComputeranimation
05:27
SkriptspracheDatentypProgrammbibliothekAppletInformationsspeicherungKette <Mathematik>RouterInterface <Schaltung>StellenringRechnernetzMessage-PassingInformationsmanagementGebäude <Mathematik>Peer-to-Peer-NetzSystemprogrammierungPhysikalisches SystemSoftwareentwicklerSoftwaretestKonfiguration <Informatik>Notepad-ComputerElektronische PublikationRechnernetzVollständigkeitEinfach zusammenhängender RaumDienst <Informatik>SoftwareentwicklungKomplex <Algebra>FreewareVererbungshierarchieProgrammbibliothekInformationsspeicherungPhysikalisches SystemMessage-PassingSoftwareZeichenkettePeer-to-Peer-NetzOpen SourceDomain-NameSpeicherabzugNP-hartes Problemt-TestSoftware Development KitProzess <Informatik>Direkte numerische SimulationMetropolitan area networkKartesische KoordinatenModallogikMultiplikationsoperatorMultiplikationSkriptspracheBitSoftwareentwicklerSoftwaretestComputeranimation
10:48
Notepad-ComputerElektronische PublikationComputeranimation
11:11
RechnernetzStellenringFunktion <Mathematik>Exogene VariableStreaming <Kommunikationstechnik>LogarithmusWeb SitePufferspeicherEreignishorizontSpielkonsoleServerSocketNotepad-ComputerSpieltheorieQuellcodeBenutzeroberflächeBenutzeroberflächeRechnernetzDatenmissbrauchServerProzess <Informatik>RouterPeer-to-Peer-NetzWort <Informatik>Elektronische PublikationTotal <Mathematik>Overlay-NetzLesen <Datenverarbeitung>InternetworkingDienst <Informatik>CASE <Informatik>MereologieSoftwareentwicklerClientFreewareKartesische KoordinatenGüte der AnpassungSpieltheorieStreaming <Kommunikationstechnik>InstantiierungProgrammbibliothekSichtenkonzeptComputeranimation
15:44
Twitter <Softwareplattform>GruppenkeimQuellcodeRechnernetzPhysikalisches SystemEchtzeitsystemRechter WinkelOverlay-NetzVerschlingungZahlenbereichSoftwareentwicklerDatenmissbrauchServerMessage-PassingKontextbezogenes SystemWhiteboardSampler <Musikinstrument>BandmatrixElektronische PublikationVerknüpfungsgliedPeer-to-Peer-NetzAdditionCoxeter-GruppeInformationsspeicherungPhasenumwandlungReibungswärmeSoftwaretestFreewareKartesische KoordinatenMereologieFormation <Mathematik>BitRichtungGebäude <Mathematik>Nichtlinearer OperatorComputeranimation
22:34
ComputeranimationFlussdiagramm
Transkript: Englisch(automatisch erzeugt)
00:06
Hello, everyone. Thank you for joining this event. And thank you very much for your organization of this deaf room. Much appreciated. I know how much work this is. Awesome work. Thank you. So thanks a lot to the whole FOSTEM team.
00:21
Really cool. This presentation here is mainly about privacy. And the I2P network is a so-called overlay network, which I will shortly introduce. And I'm the JavaScript TypeScript library maintainer of this library, which allows you as developers,
00:44
me as developer, to write privacy by design applications. Privacy by design means a few things, which I'm going to talk about shortly after the introduction.
01:00
I'm a totally independent researcher. And developer, and I'm one of the co-founders behind Devo.Exchange. We're just a loose bunch of developers and researchers spread all over the world. Very much interested in privacy topics. And one of the topics is free banking technology for everyone, which is not part of this presentation.
01:23
But it's no centralized model involved in my work. So there is no business model at all involved. Because if I'm fully distributed, fully distributed, not only decentralized, fully distributed, it's totally impossible by design
01:40
to introduce business models. Obviously no coin, no token, or things like that. I'd like to talk quickly about the motivation. So why I2P SAM? This SAM got developed. And how we set up a completely distributed network like I2P, an overlay network.
02:02
And I obviously like to talk about creation of application. So how we do that, and how we can do that. We look at the use cases, and then some questions and takeouts. All right. I'm Conrad. I live in Switzerland. So bonjourno, griotsie, bonjour.
02:21
Great to have you here. And I lecture at the University of Applied Science in Lucerne, central Switzerland, a bit about microservices and fully distributed systems where I'm a bit an alien in this cloud world. Because today everything is cloud, but I'm not cloud.
02:40
I'm peer-to-peer. And now we're here at this I2P network. Let me ask you a question. Please raise your hands. Whoever got in touch with an overlay peer-to-peer network like I2P? Again, I'm not totally lonely.
03:00
So thank you very much. There are a few which have heard of it. And in a nutshell, I2P is a fully anonymous confidentiality-giving messaging system. So you have the general internet, as you know it,
03:21
and where all the cloud applications are running somewhere in central services. And this I2P network is a layer on top. It's a software layer. And everybody who's running such an I2P node is becoming a client and a server. So when I'm talking about a node, a node which
03:43
might be run by every one of you, you're a client and you're a server. You're both at the same time. And you're helping the network. There are around 34,000 I2P routers in the network, which is a joke.
04:02
That's nothing. That's compared to the internet infrastructure as we know it today. That's tiny. That's nothing. But still, these 34,000 routers, more or less, they run this fully anonymous and fully confidential
04:21
messaging system. And please, it's an overlay network. It's not, well, some media call it, but it's not a dark net. It's just an overlay network. It's a piece of software. It's a technical solution to a problem. And the problem is we want anonymity
04:42
and we want confidentiality. Because these two things, by definition, define total privacy. And if I want to disclose my private stuff, it's my decision and only my decision. And that's the point behind privacy. All right.
05:00
So I ask you now, please, in this room, to be open towards peer-to-peer applications, which are a bit more complex, but not really complicated. And open your mind for something which has nothing to do with the cloud. All right. Why did I do the work and develop a library, an I2P SAM
05:23
library? Well, the I2P core developers, they are super cool, hard core network guys. And they love what they do since 20 years.
05:53
DivaChain, which is a fully distributed storage layer, so something to store data in without trust.
06:01
And you can't be spied out.
06:44
Everything you exchange is totally private. And there is no man in the middle. There is no man in the middle. Because again, this I2P network works like a garlic. All the messages which are hopping through this network from node to node, from peer to peer,
07:01
they're multiple times encrypted. So you send your message from your application into the network layer. And it ends up at the destination. And it's multiple times encrypted just by using the library. That was the motivation.
07:22
When you peer-to-peer, just by definition, you get a bunch of problems you don't really want. And it's complicated a bit to get into it. So at Diva, we thought, hey, come on. Let's build a few Docker containers to simplify this process.
07:41
And today, the students at the University of Applied Science in Lucerne, they were able to set up a complete test network and a complete developer network within a few minutes. And that's this Docker container you find on GitHub. And by the way, also mirrored to CodeBurg. But you find it on GitHub.
08:00
And then you can start by initializing these containers with a simple script. And with one go, you have your I2P connectivity available. You have, if you like to, a storage layer available. And you can start programming. You can start developing without needing
08:22
to care about all the complexity of such a peer-to-peer network. This is a screenshot of GitHub. And here, I'd like to be totally open.
08:40
All we do at Diva, and all I'm doing, is really, really free Libre software. There are no strings attached or strange stuff or things you need from somewhere else. It's really free. It's really Libre. And it's very strict licensing, which we're doing. So that's quite important for me personally
09:00
to have open source software at its core. And that's very important for me. So there exists also a simplified version. I told you, you need a network to communicate between your peers. You need maybe a storage layer on top.
09:20
But this storage layer is not a necessity. So if you say, well, I just want to communicate. I do not want to store anything. I do not want to store data. Then you don't need a blockchain, because you don't want to store data. So if you just need to communicate in your application between peers, then you have this simpler setup.
09:43
You go with npm install, i2p sam, and in there is a YAML file. That's the last one. So this sam diva.i2p.yml. And you initialize this container in there. And you have a very much simplified application
10:03
development environment available without storage capabilities. The library got quite popular in the last months. It has to do with one thing we did for the DNS crowd,
10:23
domain name system, domain name service. And the students at the University of Applied Science, they got the job from me to create an API for a DNS system for i2p, because i2p does not even have a DNS. So welcome to Stone Age.
10:42
And so the library got used by the students and got more popular in the last months, which is nice. And here we have this. By the way, who's familiar with Docker? Who's using Docker? Right, so great. Almost everybody.
11:00
So yeah, here you have a YAML file. I don't have to say much. You use it, and ta-da, you have your environment available. And everything is available on GitHub and mirrored to CodeBurg. Now I want to go through theoretically to two simple use cases to inspire you to create your own privacy by design application, your own.
11:26
We go through two examples. One is reading, and the other example is writing. As you said, as I said, every node in the network, you are a client and the server at the same time,
11:41
because you're a router within the i2p network. So what we're doing first, we're reading something from the network. Now the documentation on NPM, the documentation on GitHub for this library is quite grown up.
12:01
It's quite complete. That's my personal view on it. If you have a different view, please do not hesitate to tell me and improve this documentation, because I can learn that much from you. So here we have an example of creating a reading stream.
12:23
So you want to read some data from another node in the i2p network. And you can simply use this very first quick start example and then replace only the IP, which points to your Docker container, which we have seen in the YAML
12:41
file just before. And ta-da, you're communicating through the i2p network. That's it. So privacy by design and exchanging private messages, totally confidential, anonymous, over the existing internet
13:01
infrastructure isn't difficult anymore. Here it is. It's not more. And the same thing is now also if we're looking into writing data, which means nothing else, you're offering a service on the overlay network i2p.
13:20
There is the other example in the readme, which is doing both things at the same time. The second example is creating a writing instance, so serving some data. And at the same time, that's the very last part here at the end, it's reading data. And it's not doing this locally by simply locally connecting
13:42
from the reading instance to the writing instance. No, it goes through the overlay network, through i2p completely. And it does its job. A word of warning, i2p is not fast.
14:04
Confidentiality and total anonymity has a price tag attached. And this price tag is called speed, latency. To give you an idea, when we're reading and writing data from the DIVA blockchain where we're exchanging
14:22
this data over peers distributed all over the network, we have latencies of three till five seconds. Three till five seconds, that feels like 1992 or something. So that's the cost of privacy. You don't get privacy for free.
14:43
Right, a few use cases. And I'd like to highlight this second one. The first one is the free banking. That's where I'm working together with, and everybody's invited because we're totally transparent. So if banking is your thing, yeah, join in. If chat is your thing, then the i2p development team
15:01
really would be super happy to, would be super happy that somebody hops into the chat challenge. You don't have to worry that the chat application is not good enough because i2p simply has nothing.
15:20
So it would be a great thing to start somewhere. And if you're a good user interface designer or user experience designer, hey, they would be like in heaven if they get something like that. That would be, wow. Additionally, games could be a topic for some people. But the latency could be a killer there.
15:42
So boy, it would be interesting. Right, since I have now around eight minutes left, as my colleagues have shown me, which is great, I'd already like to enter the links, discussions, feedback, and questions phase of this presentation.
16:01
So please, any questions? Oh, yes. Call to action. There are some questions. And there is a microphone. Test, test.
16:27
Hi, thank you very much for your presentation. So usually in secure systems, one of the issue is that due to security, there is more friction for the user. And that's also part of the cost
16:41
of implementing secure systems. So of course, here, almost everybody used Docker. So that's not an issue. But for, let's say, my grandma, that's going to be a bit more difficult. It's probably also not a target audience. But on the network side, have you
17:00
tried, for example, setting up a compatibility layer with WebSockets or WebRTC so that the full stack could be run from the browser? Yeah, short answer, yes. WebSockets, WebSockets, not WebRTC. WebSockets is used by DIVA, which
17:20
is a real-time banking exchange system running on your own device. Yes, everything which you as JavaScript developers and TypeScript developers do know is on board. It just might be sometimes a bit slow. But I do not believe that there are additional user experience
17:41
challenges. Obviously, you're totally right. But since you are the developer, I just delivered the glue. I just delivered the glue between the privacy network and the end user interface, so the human-machine interaction, which we as developers should create. But this here, this library, is just the glue
18:01
which gives you privacy by design. Thank you very much for this question. More questions? Please. Hi, thanks for the presentation as well. How does it compare to other peer-to-peer networks, such as IPFS, for instance?
18:20
Thank you very much for this question. There are other presentations in the Lightning talk, in the Lightning room, just afterwards. First, I have the I2P presentation. And then there are other overlay networks. Honestly, I can't compare it because I'm the I2P guy. It says I2P here.
18:42
But there is quite some research around which compares these networks. What I'd like to lay out is on the research gate, which is the academic network for papers, there are some interesting papers around to read about darknets.
19:02
And now I call it darknet, which have storage capabilities suitable for large files. Please do your own research. Please think what you're doing. Privacy is important. But there are also bad actors out there. So do your own research. And please read the research gate papers and articles
19:23
about overlay networks. Is this OK for you? One of the things, it's today, the Lightning talks. There will be Lightning talks today comparing those different, yeah.
19:41
OK, so the speed of the networks, the latencies. No? No, don't worry. All right. I'm going to check the links. Thank you. Thank you. More questions? Sorry, I'm chilling. I had a question about the latency.
20:04
The problem is the number of the servers or nodes that we have are only 34,000. That's the problem. If we got more, that would mean that we can speed it up. Or if this is technology, that it has a bottleneck and doesn't let it go faster.
20:21
Interesting question. The question is, if there are more nodes in the network, will the network become faster? By building overlay networks, now with theory, tunnel building is involved. Tunnel means a message hops over several nodes
20:40
in the network. Now, a message comp can be only as fast as the slowest node in this route, so in this tunnel. Just by stacking up additional nodes in this network is not necessarily decreasing the latency of the network.
21:02
It depends off the available bandwidth and performance of all the nodes involved within one tunnel. So the answer to your question is, it depends. More questions?
21:27
Oh, yeah. Since there's no other questions, could you give some more context about your free banking use case, the first one? Right, yeah. It's a JavaScript, TypeScript application.
21:42
It's built to exchange any existing or any future digital value, which can be something like, to take an example which everybody understands, Bitcoin, but also can be something like a piece of music and art, which is digitally available. Has nothing to do with ethereum or directly.
22:01
It's just an exchange system for all digital values. And here, we require by definition in our foundation, it has to be private by design, because we want that people decide and not some operation in the center. That's the context I'd like to give here.
22:22
Other questions? And thank you very much for your time. Thank you, Olet. Thank you very much.