Against the silos: usable encrypted email & the quest for privacy-aware services
This is a modal window.
Das Video konnte nicht geladen werden, da entweder ein Server- oder Netzwerkfehler auftrat oder das Format nicht unterstützt wird.
Formale Metadaten
| Titel |
| |
| Serientitel | ||
| Teil | 56 | |
| Anzahl der Teile | 169 | |
| Autor | ||
| Lizenz | CC-Namensnennung - keine kommerzielle Nutzung - Weitergabe unter gleichen Bedingungen 3.0 Unported: Sie dürfen das Werk bzw. den Inhalt zu jedem legalen und nicht-kommerziellen Zweck nutzen, verändern und in unveränderter oder veränderter Form vervielfältigen, verbreiten und öffentlich zugänglich machen, sofern Sie den Namen des Autors/Rechteinhabers in der von ihm festgelegten Weise nennen und das Werk bzw. diesen Inhalt auch in veränderter Form nur unter den Bedingungen dieser Lizenz weitergeben | |
| Identifikatoren | 10.5446/21169 (DOI) | |
| Herausgeber | ||
| Erscheinungsjahr | ||
| Sprache |
Inhaltliche Metadaten
| Fachgebiet | ||
| Genre | ||
| Abstract |
|
EuroPython 201656 / 169
1
5
6
7
10
11
12
13
18
20
24
26
29
30
31
32
33
36
39
41
44
48
51
52
53
59
60
62
68
69
71
79
82
83
84
85
90
91
98
99
101
102
106
110
113
114
115
118
122
123
124
125
132
133
135
136
137
140
143
144
145
147
148
149
151
153
154
155
156
158
162
163
166
167
169
00:00
E-MailRechenschieberProtokoll <Datenverarbeitungssystem>BitRechter WinkelZahlenbereichServerBeobachtungsstudieVorlesung/Konferenz
01:18
Ordnung <Mathematik>Spannweite <Stochastik>CodierungUmsetzung <Informatik>Exogene VariableMereologieE-MailComputersicherheitMailing-ListeComputeranimation
02:08
Strategisches SpielMAPProjektive EbeneProgrammbibliothekMereologieChiffrierungRechter WinkelMultiplikationsoperatorCASE <Informatik>BenutzerfreundlichkeitVorlesung/KonferenzComputeranimation
03:03
DatenmissbrauchEndliche ModelltheorieRechter WinkelBenutzerfreundlichkeitMAPSummierbarkeitSoundverarbeitungGüte der AnpassungProjektive EbenePunktEinfache GenauigkeitComputeranimationVorlesung/Konferenz
03:50
Einfache GenauigkeitPunktZahlenbereichSoftwareProjektive EbeneMailing-ListeUmwandlungsenthalpieVorlesung/KonferenzZeichnung
04:27
Monster-GruppeAnwendungsspezifischer ProzessorDatenfeldAbenteuerspielVererbungshierarchieKategorie <Mathematik>ProgrammbibliothekRückkopplungMonster-GruppeCASE <Informatik>Gewicht <Ausgleichsrechnung>Rechter WinkelComputeranimationVorlesung/Konferenz
05:18
Affiner RaumSchnelltasteMomentenproblemTelekommunikationComputeranimationVorlesung/Konferenz
06:07
Rechter WinkelDatenmissbrauchAnwendungsspezifischer ProzessorKontextbezogenes SystemRechter WinkelUmsetzung <Informatik>QuellcodeProzess <Informatik>MomentenproblemFundamentalsatz der AlgebraTelekommunikationCASE <Informatik>ProgrammierumgebungVorlesung/KonferenzComputeranimation
07:49
F-TestHackerKlasse <Mathematik>BitGüte der AnpassungVorlesung/KonferenzComputeranimation
08:28
E-MailSoftwarewartungArithmetisches MittelVorzeichen <Mathematik>PlastikkartePunktPhysikalische TheorieComputeranimationVorlesung/Konferenz
09:21
Cookie <Internet>PlastikkarteBerners-Lee, TimMomentenproblemKryptologiePunktFormation <Mathematik>WasserdampftafelDatenmissbrauchDemoszene <Programmierung>Vorlesung/Konferenz
10:13
ChiffrierungOffene MengeApp <Programm>DifferenteMinimumMailing-ListeComputersicherheitOpen SourceDemoszene <Programmierung>Rechter Winkel
11:14
BruchrechnungArithmetisches MittelFigurierte ZahlTwitter <Softwareplattform>TelekommunikationPunktProtokoll <Datenverarbeitungssystem>TeilbarkeitComputeranimationBesprechung/InterviewVorlesung/Konferenz
11:56
FreewareSchlüsselverwaltungNichtlinearer OperatorApp <Programm>MetadatenOpen SourceInternetworkingFreewareProgrammbibliothekPunktwolkeExistenzsatzQuellcodeFlächeninhaltComputeranimation
13:05
FreewareGefrierenE-MailChiffrierungDatenmissbrauchSystemverwaltungForcingVorlesung/Konferenz
13:47
SystemplattformSoftwareentwicklerMobiles InternetMinimumInterface <Schaltung>BenutzerfreundlichkeitProgrammbibliothekSoftwareentwicklerVerzweigendes ProgrammSchreib-Lese-KopfComputeranimationVorlesung/Konferenz
14:26
Mobiles InternetSystemplattformSoftwareentwicklerSystemverwaltungDefaultMereologiePhysikalisches SystemWald <Graphentheorie>SystemplattformAnalytische FortsetzungKartesische KoordinatenE-MailSichtenkonzeptSchnittmengeZahlenbereichServerComputersicherheitDatenmissbrauchPublic-Key-KryptosystemSoftwareentwicklerPunktEndliche ModelltheorieGrundraumHierarchische StrukturStabilitätstheorie <Logik>Gebäude <Mathematik>QuellcodeComputeranimationVorlesung/Konferenz
16:40
KryptologieBitrateTelekommunikationTeilmengeE-MailKryptologieFormale SprachePerspektiveSpezifisches VolumenTwitter <Softwareplattform>FacebookGüte der AnpassungOffice-PaketProgrammierumgebungVorlesung/Konferenz
17:28
SondierungStatistikMereologieMinimumIntegralWort <Informatik>FließgleichgewichtRhombus <Mathematik>KryptologieLeckSynchronisierungClientDiagrammVorlesung/Konferenz
18:31
DatenmissbrauchBildschirmfensterBenutzerfreundlichkeitBeobachtungsstudieVorlesung/KonferenzComputeranimation
19:08
PunktwolkeSchlüsselverwaltungAutomatische HandlungsplanungBeobachtungsstudieMultiplikationsoperatorKryptologieServerProjektive EbeneEndliche ModelltheorieMereologieClientMomentenproblemDatenverwaltungCodierungNormalvektorRechter WinkelTabelleProgrammierumgebungBenutzerfreundlichkeitComputeranimationVorlesung/Konferenz
20:21
SchlüsselverwaltungLokales MinimumStellenringInformationsspeicherungChiffrierungSynchronisierungClientPunktwolkeWiderspruchsfreiheitFahne <Mathematik>Konflikt <Informatik>MultiplikationMobiles InternetEinfache GenauigkeitPunktPasswortZeitbereichWiederherstellung <Informatik>ServerAuthentifikationOperations ResearchKryptologieDerivation <Algebra>Konsistenz <Informatik>Projektive EbeneCodierungMereologieProgrammfehlerAbstraktionsebeneComputersicherheitDatenverwaltungHackerMathematische LogikMetadatenGeradeZellularer AutomatSchlüsselverwaltungEndliche ModelltheorieServerTaskProgrammbibliothekChiffrierungSynchronisierungInformationsspeicherungFahne <Mathematik>WiderspruchsfreiheitKartesische KoordinatenPasswortProxy ServerEin-AusgabeClientLipschitz-StetigkeitSkriptspracheSchnelltasteMinimumComputerspielInstantiierungWinkelHalbleiterspeicherFlächeninhaltEinfache GenauigkeitSchnittmengeVariableTouchscreenRelativitätstheorieGraphCASE <Informatik>Wort <Informatik>Prozess <Informatik>QuellcodeParametersystemInklusion <Mathematik>ChiffrePunktComputeranimation
24:38
SynchronisierungInformationsspeicherungBeobachtungsstudieRechter WinkelInformationsspeicherungE-MailMechanismus-Design-TheorieSchlüsselverwaltungREST <Informatik>Computeranimation
25:18
ClientServerProjektive EbeneMereologieClientServerLoopProxy ServerWeb logChiffrierungPlug inE-MailDatenreplikationGebäude <Mathematik>Mailing-ListeComputeranimation
26:21
BeschreibungskomplexitätVererbungshierarchieATMMinkowski-MetrikMaßerweiterungDatenparallelitätEntscheidungsmodellROM <Informatik>WiderspruchsfreiheitWiederherstellung <Informatik>SynchronisierungMomentenproblemVorzeichen <Mathematik>Wort <Informatik>MereologieDemoszene <Programmierung>LoopDifferenteLuenberger-BeobachterE-MailPunktCASE <Informatik>SpieltheorieKlasse <Mathematik>Monster-GruppeREST <Informatik>ClientWiderspruchsfreiheitLastArithmetisches MittelElektronischer FingerabdruckLogischer SchlussBridge <Kommunikationstechnik>Mechanismus-Design-TheorieMathematikBitrateComputerspielTelekommunikationTypentheoriePhysikalisches SystemRechter WinkelKartesische KoordinatenServerGruppenoperationOffene MengeDämon <Informatik>Projektive EbeneATMSchlüsselverwaltungProtokoll <Datenverarbeitungssystem>ProgrammierparadigmaEreignishorizontOrdinalzahlProgrammfehlerZentrische StreckungFeuchteleitungCodierungGerichteter GraphDatenmissbrauchVererbungshierarchiePublic-Key-KryptosystemSchlüsselverteilungAbenteuerspielSoftwareFehlermeldungTwitter <Softwareplattform>HalbleiterspeicherComputeranimation
31:12
Automatische IndexierungCASE <Informatik>ClientE-MailServerRelativitätstheorieKlasse <Mathematik>ProgrammbibliothekQuick-SortSchlüsselverwaltungMultiplikationsoperatorChiffrierungProjektive EbeneInformationsspeicherungDifferenteCodierungMetadatenTopologieSchreib-Lese-KopfPixelFront-End <Software>Computeranimation
34:17
BeschreibungskomplexitätService providerChiffrierungInformationsspeicherungDatenreplikationDifferenteServerClientStellenringNebenbedingungBenutzerbeteiligungFokalpunktGrundsätze ordnungsmäßiger DatenverarbeitungBeobachtungsstudieNichtlinearer OperatorFormale SpracheFlächeninhaltMultiplikationsoperatorBoolesche AlgebraComputeranimation
35:54
Vollständiger VerbandE-MailArithmetisches MittelChiffrierungCodierungSchiefe WahrscheinlichkeitsverteilungPartikelsystemMailing-ListeGamecontrollerDatenmissbrauchSpieltheorieIdentitätsverwaltungOpen SourceGrundraumData MiningInstantiierungNP-hartes ProblemService providerLesen <Datenverarbeitung>Umsetzung <Informatik>Skeleton <Programmierung>DialektQuick-SortFramework <Informatik>DruckverlaufFormale SpracheIterationComputeranimation
38:29
IdentitätsverwaltungService providerPasswortE-MailArithmetisches MittelTwitter <Softwareplattform>GSM-Software-Management AGPhysikalisches SystemVorlesung/Konferenz
39:20
Arithmetisches MittelMultiplikationsoperatorWald <Graphentheorie>Virtuelle MaschineGruppenoperationGrundraumGraphBitrateProtokoll <Datenverarbeitungssystem>ComputersicherheitStrategisches SpielPartikelsystemSoftwareHackerMetadatenE-MailPunktVorlesung/Konferenz
40:56
DoS-AttackeCOMFormale SpracheE-MailProgrammierungMessage-PassingGruppenoperationMultiplikationsoperatorKryptologieMaßerweiterungProtokoll <Datenverarbeitungssystem>SoftwaretestBenutzerfreundlichkeitDatenreplikationOpen SourceNormalvektorComputervirusp-BlockWort <Informatik>TermBildschirmsymbolE-MailRandwertOrdnung <Mathematik>ComputersicherheitInteraktives FernsehenComputeranimation
42:47
Kanal <Bildverarbeitung>LASER <Mikrocomputer>WeitverkehrsnetzAusgleichsrechnungKartesische KoordinatenProxy ServerRechter WinkelGruppenoperationMultiplikationsoperatorDifferenteMereologieSystemplattformClientProzess <Informatik>Mailing-ListeBeobachtungsstudieProjektive EbeneE-MailEndliche ModelltheorieTrojanisches Pferd <Informatik>PortabilitätRückkopplungComputeranimation
Transkript: Englisch(automatisch erzeugt)
00:00
So, without further ado, please give a big hand to our next speaker, who will be talking about encrypted email. Hi, I guess you can't hear me right. Welcome. Buenas. I guess you are not in the wrong book.
00:24
We are here to talk about encrypted privacy-oriented services, especially email. I'm going to confirm something. I just finished the slides 10 minutes ago. So this is my practice. A little bit of history. We are in a very interesting place.
00:45
We are going to talk about old protocols. I'd like to introduce some history about the places we are in. This was a shipping company, a shipping factory, that started in 1900 and ended in 1984.
01:02
When I discovered that on the Wikipedia, I said, wow, this is a really good omen to talk about privacy. In the riots with the police, one person, one worker was killed here. By the way, the slides are in here.
01:21
Many of those things are links, because I don't want to get too technical. I'm here, more interested in talking about tools. This is the Karol crane out there. We have the whole year, we have IRC, we have mailing list to discuss about technical details.
01:42
Actually, I'm merging two talks. I guess some of you will know it, I just met him two months ago. I was going to give another talk about secure email, and for personal reasons he couldn't make it. So I decided to put together some of the conversations we are having and try to merge the talks.
02:05
I'm intending to do two different parts. One more about high-level philosophical questions, if you want, and strategy, because we are a community that builds tools, and the other part is about actual tools.
02:22
So I work in something called Lib Encryption Access Project. We gathered four years ago to decide to make encryption accessible. My role in the team is this. I'm probably not the best person to be here giving this talk,
02:44
but I was just passing around Europe and nobody else could come, so forgive me for my ignorance. This is my first talk in kind of a serious manner. I started doing Python ten years ago, but this is the first time I'm actually trying to present something to the world.
03:06
So, Lib, what do we want to do? We want to make privacy usable at all levels. The motto is we kind of feel that we have to defend the right to whisper,
03:22
because privacy is about the right to whisper. Some of the really smart guys that started this project are coming from these kind of collectives. Someone here has a rise-up account? Good. Rise-up is a tech support collective that gives support for activists.
03:44
It's like the Gmail for social movements. And this is a problem, because when we start centralizing things, we have a single point of failure. But we are a non-profit.
04:00
We are something more than a non-profit. We are kind of a distributed network of people that think alike, that wanted to do something in some specific way, and just we look for the way of getting money to do it. By using grants, by using research projects, but we are more people than the people being paid by the particular project.
04:25
And this is very interesting, because it frees you from the startup mindset. So, since I knew I was going to be vulnerable, I probably took the tips for speakers too literally, but I kind of found it fun.
04:42
So I'm going to present a kind of adventure, in which we meet the non-heroes, I'd say the anti-heroes, that go on a quest, find some weapons, you can guess which kind of weapons we use. We met some allies in the road.
05:01
Probably this is the only thing important from this talk. The monsters we are finding, because we are kind of learning in their way. The adventure is yet to come, and my goal here is to convince you that this is important and interesting, and we'd like to have your feedback. Disclaimer.
05:20
Leap is a highly opinionated project, with a highly opinionated team, that builds highly opinionated tools, and this talk is given by a highly opinionated person. So don't take me too seriously, when I say something is bullshit, just take it as a shortcut for,
05:40
this is what I think, but I like to, yeah, you know. So now you know the team. I'd like to mention that we are not just coders. We tend to forget about the other people in the teams that make that possible. So kudos to the other people that are not sysadmin or coders. We have one woman, the only thing she does is trying to get money through funding research,
06:06
for allowing us to keep coding, and that's much appreciated. So, the West. I already said that. I guess if you are here, it's because you are interested in privacy.
06:21
So probably it's obvious in this context, that privacy is not for privacy-minded persons. We cannot think that privacy is something fundamental. Privacy and communications are a fundamental human right, and it's about the right to whisper. Privacy, as the cypherpunks said,
06:43
is the right to choose who I communicate with. And we think that we need to be able to choose who we communicate with when talking with our friends. By the way, this is a very interesting link, in case you don't know it, just click on it and read something tonight.
07:05
This is the typical thing. We need to do privacy-oriented tools for journalists because they have to keep secrets, what sources and so on. Our saints, the whistleblowers, are appreciated in the community, and everybody understands that they need privacy and secrecy.
07:24
You probably work in a startup environment. If you are in China, doing some wonderful research for selling a big thing, probably you want secrecy, communicating with your CEO to avoid all the Chinese industrial espionage. Or maybe you are thinking about changing jobs
07:41
and you want to communicate with another CEO and being able to blast your salary away. How many people here know this guy? This guy was the one that hacked the hacking team. Okay?
08:01
Here you have the whole tutorial about how he did this thing. Let's say I'm interested in interviewing Phineas Fisher. He's probably the most wanted hacker right now that is not in jail. So probably the only way to communicate with him is going to be GPG. How many persons here have actively used open PGP encrypted email?
08:25
Good. Now I understand a bit more where we are. Probably I need secrecy to communicate with my lawyer, with my package maintainers. Thank you guys. But, yeah, seriously. When I'm traveling in India,
08:41
I really, really, really would like to, or need to, my mom being able to understand what PGP signing and mail means. Because, if not, whenever I'm going to be kidnapped, because I'm a little white guy with a credit card in my pocket, it's going to scam her for money.
09:03
So, in general, the whole society, the point is that the whole society needs to, if not understand, at least being able to use the magical trickeries that cryptography gives us. And we have fucking failed to do that for the last 30 years. But you get the point by now.
09:20
We need, our friends use the whole society. If, without privacy, the whole society cannot work. You probably, yeah, I think you probably remember the crypto wars, some years ago. Now we have a very much interesting movie. For those who don't go to the countryside,
09:43
this is a silo. A silo is something where you put the grain and from there you get the cookies in the supermarket. So, we are now in the silo wars. And this is a very interesting moment to be. This is from a Tim Berners-Lee article some years ago.
10:01
You can see that the cool things were weren't so cool at the end. Some of them were, some of them died. Haha. Smart guys. In Dante Ligeti, Divine Comedy,
10:20
there is a very big explanation about the layers of hell. Well, it's an interesting thing with a historical value. We now have a special place in hell, in the technological hell we all live in, for the people that use GPG. And I'm not trying to be smart or metaphorical here.
10:42
This is fucking real. In my surveillance device, I need to have at least four, five different apps to communicate with different kind of friends. I don't know if this is the right order, but you get the idea. Some people think that signal is totally secure. Thanks Moxie, we can discuss about federation.
11:02
Some people think that WhatsApp is secure because it has end-to-end encryption. Some people, I don't know why, think Telegram is a cool thing to have. It's kind of open source-ish thing. But you know what? This is complete bullshit.
11:21
This is my run minute. It's unacceptable that if I want to get a Raspberry Pi from some nice guys in there, I have to get a Twitter account. No, no. Twitter is not a tool for communication. Twitter is not a fucking protocol. It's a fucking company.
11:44
You get the point. This guy, Michael Hayden, former CIA director. The most important fact in the last years probably has been, for my biased view, is this one. Metadata kills people. And it is not a bunch of nerdies that says that.
12:03
This is the important thing. You were called paranoid five years ago. Now, it's not that we think they do it. It's that they fucking say it. So we have a nice pun on the concept of the killer app.
12:24
They are actually, metadata is actually killing people. But in some sense, we all want to have killer applications, killer libraries, killer operative systems, whatever. We are all here selling things or recruiting people.
12:44
And the key, this is from a Snyder book, the key to being in this place is that the things we do in the clouds, the internet or whatever are convenient and free. Free as in beer, mostly. We believe kind of in freedom, but whatever.
13:00
The whole open sources thing. And this is a race, my friends. If we want users to use things, we have to do convenient things and kind of free things. So it's like fighting the enemy with their own weapons. And this is the holy grail for encryption and privacy and all that.
13:20
We all are kind of looking for the thing that does the right thing in the right manner without the user needing to do a fucking PhD to use your tool. And your tool might be many things. Your tool might be infrastructure for sysadmin. How many people here maintains mail servers?
13:43
So you know the pain, my friends. Things need to be usable also for developers. I'm really amazed by learning so many things about how to make properly usable interfaces for libraries. And at the same time, in the bottom layer of hell,
14:02
we have the end users because we are highly opinionated and we tell them what they should think like. So this is what libproject and its many branches and heads try to do. To attack the hard problems and the interesting problems at many levels,
14:21
making things so simple that you cannot screw it. I'm not going to talk about the sysadmin part because that is mostly written in Ruby. No, just because. This is called the libplatform and it's for sysadmins to install systems with properly configured defaults and so on.
14:46
For mail, we also do VPN but I'm going to focus on mail here. We're kind of presenting some libraries. I'll get there in the second part of the talk. And we have some desktop applications for users. Intermission.
15:02
Usually, people will get out of the talk at this point saying, ah, but the user doesn't care. The user doesn't care because we don't make them think that it is possible. We are kind of shaping their view of the world and what is possible for them and not. We also think that the user is not going to pay.
15:21
But probably the problem is not in the user. Probably the problem is ourselves. I think it was Tanque that wrote a very nice post-mortem on the whiteout thing with secure email. And they basically were putting numbers on how hard it is to monetize the market for privacy.
15:40
But it exists. People are willing to pay. After Snowden, governments, universities, like whole sets of huge amounts of people were willing to put money on secure email. Yeah, we can discuss what security means because they probably want to keep their private keys for their citizens or whatever.
16:01
But the need was there and the tools weren't ready. And there is another thing. Come on, guys, commoditization goes on many layers. We can put the value on the services and let people earn money through billing for a fucking mail service
16:20
and it can be as less as 50 cents a month. If you get 50 cents a month or one euro for two months for 100,000 people, you get some nice cash for some developers to go in a valley beach. So probably the model we want to go
16:40
is to cooperate in a way that we are not taking only our fishes but building the tools for everyone to fish and be happy. So in the end, we want crypto and we want roses too. This is my fundamental truth.
17:00
I've been for years working with email and I fucking don't know what email is or why people don't use it. This kind of puts things in perspective. We think that Twitter or Facebook are the big zeros but they are just a tiny spot there on the whole volume of email communication and that is only a small subset of spoken language.
17:24
So come on, it's not going to die anytime soon. I'm going to skip this. If you are the kind of person that don't take this as a fundamental truth, you have statistics and surveys and you can see the data. So, the weapons.
17:41
We brought some weapons from our previous, some people it's been like 20 years in this business and for the client parts and the synchronization parts I chose Python because it was kind of obvious. We were very happy four years ago. We were told that all the hard work is done,
18:05
the crypto is done, you need some glucose, blah blah blah, the shoulder giants, it is really true. And we have the crypto there. And crypto is very effective, it works. And we know that it works because in the leaks about NSA
18:21
we know that there are two things they really get mad at. Strong crypto and Thor. So it works, it works for a bunch of nerds. But we cannot explain the whole things that are needed to properly use or to properly be in a kissing party to the persons. This is what Snowden made to make Greenwall
18:44
able to have a fucking GPG key. It's an ugly 10 minutes video showing how to use GPG in Windows. It doesn't work, when you have a nerd doing usability studies and doing things for the public it doesn't work.
19:00
And at the end this is how we verify things because we are fucking lazy. So what if I told you that we don't really need the users to understand the RSA concept that is awesome but we don't need it. We probably can have just some layers that do the magic underneath.
19:20
A very good study 16 years ago showed that the mental models that we have to study in crypto are not valid. So we probably can have the criminals we deserve. So our plan four years ago in the happy moment of the relationship with the whole project was this. Very simple, three points, glue coat, everything nice.
19:45
Oh boy, how long we were. So the thing here is getting GPG key management easy and in a background manner and put it on the cloud. Because users have multiple devices
20:00
and they want their GPG keys to be there. Put it on the cloud but at the same time we want to put them on the cloud in a manner that the FBI cannot get them when they get a server. And it was like the later part okay, we just use the normal main clients. Simple, right?
20:22
So we went on a quest and four years later we have ten Python packages that have some shit. This is a very good book. It says two dozen programmers, three years, four hundred and seventy hundred bugs. We now have kind of eight thousand bugs
20:41
in the fucking issue tracker. And we thought our project was simple. So we do the key management. I'm not going to talk too much about it here. The logic there is probably twenty lines. Just fetching keys from key servers. They are kind of broke so we need to
21:01
figure out a new model for sharing keys. Trolling the way of task and all that. But yeah, key manager. Discover the key and that's the right thing. Trying to establish trust relationships between old keys and new keys and trying to get scores for how good
21:20
a key is depending on its source. And we want to kind of share the common parts of it out of LIP. So the nice part is what do you use for local storage? To have your secrets always stored locally in the client and in the server.
21:40
So it was there. It was done. The only thing you have to do is to hack some setup.py script to do bindings for SQL Cypher. SQL Cypher does transparent AS256 encryption on top of SQLite. Fine. This package is there. It works. We have to merge the Py3.4 because we are fucking lazy but it is there.
22:00
It is usable for many other projects. So the big, the important part of the talk. It's called something like that which is basically the idea of we manage the keys, we put them on a magical library that does the synchronization of data that has been locally encrypted
22:22
in a way that the server can never tamper with it or infer anything useful about it. The design documents are there and the code is there. Security goals. Encryption in the client side encrypt the local storage and has to be resistant to online attacks and to data tampering on the server
22:41
because we have to assume the server is malicious. Same goals. Consistency. Same flag. We don't want to single the data. It has to be multi-platform. We fail at even thinking about mobile. We are on the desktop part. And these things are in the far future for now.
23:01
Well, not so much for this. And for usability, we need something that is available so the user can always get this data. The user needs to recover the secrets if they forget the password. And we want to have something general because we also want to express this to things like having a pocket application
23:20
or a to-do application or whatever. So probably something of this sounds similar to what the Ubuntu 1 guys were doing. So we said, hey, so super nice. They had a library that was basically an abstraction layer to put JSON documents on a storage and sync it.
23:43
And so we started using it and doing hacks on top of it. Now we kind of have fork, although if the project gets to the live again, we probably can use the old thing again. So we put couch on the server and we put SQL Cypher on the client. We have another SyncDB for metadata and a pool to do things with key manager and UPG.
24:07
The password never arrives the server because we do something very smart. It's a cellular knowledge thing called SRP. We derive keys to get stronger keys from smaller inputs
24:20
and we basically do encrypted blobs and put them on the store and it syncs. So these are the secrets. The blobs have, it's just a JSON document with the Cypher text of the original thing. You put it there, you create things, you sync things.
24:43
Only that. The thing for mail is that we have the whole mechanism for mail to arrive from the traditional SNTP work, put it on your inbox, decrypt it,
25:01
do the pieces and put them on the storage. So you can process your mail on one device and have your already synced inbox in many other devices as long as your GPG keys. And you have a very simple REST API to sync. allies. We kind of trust on Thunderbird.
25:22
We wrote a Thunderbird plugin. We have a desktop client that exposes IMAP and SNTP proxies locally. Thanks to all this, this server was kind of easy and nice to do. Thanks to all these people.
25:43
We kind of started collaborating with ThoughtWorks because they said, oh, this is very nice. Encrypted replication of data so we can put them on a server. This is our client and this would be the mail user agent.
26:03
This is the server part with the CouchDB blogs and what the pixelated project is doing is putting all this in a server and serving a Python user agent that does the webmail. So we kind of put our clients in their server
26:20
but we also close the loop and we take the webmail and put it in our local client and you can do the two things. The corporate mode in which the private keys are in the server or you can use it, shipping it inside a desktop-only application. It looks like this and people are really excited about these kind of Gmail-ish things
26:41
that do all the right magic in the background. Monsters. My biggest regret is not having dealt with complexity before and that probably comes from our relatively unexperienced with big projects and Python and packaging and so on.
27:03
We start having too many packages. It's fucking unacceptable. Newcomers find it very difficult to understand where each thing is. When you start overloading inheritance things get crazy very quickly. We also have some kind of
27:21
complaints about the whole twisted defer thing for newcomers which is kind of a religious war but right now it is very nicely isolated and we just use the REST API and forget about the things that are happening in the background. Another thing that has delayed us a lot
27:42
is trying to get in the client-server thing in your local daemon mixing together the QT paradigm with its event loop, the twisted IMAP server and some other things simplified. We are at that point now trying to simplify.
28:01
The thing works. The thing has tests. People is contributed. We have a big company like ThoughtWorks contributing code but we need to lower the barrier to do a significant contribution to the project in general. And some adventures are ahead.
28:21
Part of the team now is working in a couple of European Union research clients that have to do with the key server validation, key exchange and trying to bridge, trying to tend some bridges
28:40
across different privacy projects and we want to share some of the knowledge and even code. And Panoramics is another cool project about doing Mixmaster networks for privacy. We are one of the first clients to implement a new draft,
29:01
a new standard proposal which is called memory hole and tries to attack the design error in mail, in SMTP, that all the data, all the headers are going in clear text. Last week we were on the open PGP summit and it seems that Thunderbird has already implemented this.
29:20
So the whole idea is that you put all the headers, you put them inside the encrypted and signed mail and you replace the headers with the memory stubs. So you have a very nice and simple way of protecting the mail while in transit. There are also some nice proposals to do forward secrecy in open PGP
29:42
doing something quite similar to what the signal protocol is using, this ratcheting mechanism to avoid that if an attacker can get some of your keys it cannot recover the hole because it is a store, it is there. So trying to break the reconstruction
30:00
of the whole communications. This is probably going to be something really exciting in the next year. In Solidad we are in a point where we are not finding any important bugs now but we need to do some things for scaling. One of the main things we are going to do in the next months is trying to break the atomicity of the sinks
30:21
because right now everything is the same pool and that's kind of shitty. We want to be able to sink all the keys first in a new device and then probably all the headers and then probably the attachments on demand. And we have to deal with event one consistency in a nice manner. There's a lot of things that need to be done.
30:44
And that's it. This thing is my fingerprint. This thing is my fingerprint. And for the young people this is not a Twitter handle. This is something called IRC. We are there and I'll be very very happy
31:00
to talk to you guys and learn all the possible things you can communicate with me. So thanks for an absolutely fascinating talk.
31:21
We have managed to leave a full 10 minutes for questions. In fact, almost 11 which I think is a great idea. I have a million questions but you don't want to hear my voice so I hope you have the same questions in your heads that I have in mine. Who would like to have the first one? Yep.
31:41
Thank you very much for the talk. Do you have any idea how to deal with a big amount of encrypted email? How to search in it? What to do with start away encrypted email when the keys elapse? What to do in the long run?
32:01
What we are doing now is that we, it's different in this case. In the original bitmash client what we do is that we don't store the encrypted blobs anymore. We use the very nice and old code in the standard library for 10 years ago, 10 years code
32:22
that cache the pieces of the MIME tree and we store all the metadata in different documents in the document store and we delete the original encrypted blob. So we can do efficient search mainly by headers.
32:42
We can build indexes for searching for the main things in headers. Pixelated project is using a different approach. They are using push, I think it's pronounced like this and they do full text search on the whole body of the mail
33:03
and they store, what they do is that they build the index for doing full text search locally and they encrypt the index and they store the key for this blob inside Solidad. So you have locally
33:20
quite nice and efficient index to do any kind of... We probably could do the same with not much. To block and encrypt the things with not much and just store the keys for encryption inside the metadata.
33:45
I came across an encrypted email client called Mailpile which sounds kind of simpler but less ambitious. Can you compare the two? Because I felt you were trying to get done in time, which was great. But when you started saying here let's have a client in the server
34:00
and a server in the client, I was lost. I need probably better diagrams for that. We are really similar to Mailpile. Actually, the Pixelated project started to consider using Mailpile for the frontend. The things that we...
34:21
I personally found Mailpile kind of monolithic and we tried to decouple the things to play nice with the whole provider infrastructure. So Mailpile is probably doing this thing, this whole thing in the client. They do their web server thingy,
34:44
they do all the handling for GPG and they do the storage and it's basically the same thing. It's a webmail with encrypted local storage. They don't attack, as far as I remember, they don't attack the replicability problem.
35:02
So we kind of started from the upper layer and this is a very hard constraint. I got Mailpile running with my agent, so at the end I don't care, we kind of focus on this layer and the user agent should be pluggable.
35:20
Mailpile is really really nice and for the amount of funding they got, they are really far in terms of features. So I really would like to plug it into the whole Solidad encrypted storage. The main difference is replication, that's great.
35:41
Okay, any more questions? Yes! Hi, so one of the things I've been struggling with is can we really escape it? I mean, even if we use something encrypted, people we communicate with use Gmail. Even if we use encryption,
36:01
if it's on the phone, I mean that's either Android, I mean it's either Google or Apple. So can we really escape it, or is the only way to communicate securely is just, you know, low-tech, just meeting people? I don't think I have an answer for that. It is totally true.
36:22
Our code now... I kind of skew it. We had code in GitHub and we are moving to another GitLab instance in which a requirement is that you have an email that is not from one of the big mail providers.
36:42
As you say, it doesn't make any sense if you are hosting a mailing list server with some pretensions of privacy and one only person in the mailing list has a Gmail account. End of the game. Have you read Moxie Marling Spike's recent rant
37:03
about the end of Federation? There is a very interesting discussion going on in the community because he thinks that having central control allows you to reach a lot of people like deploying something. My personal impression is that that is not the main goal.
37:21
Federation doesn't really need to mean that you are sharing... Isn't it the open source problem or the creative problem in an after way? We are open, but the big corporations are less open. So they are open to our things, our code, our conversations or whatever.
37:42
They can do data crunching, they can do data mining on it, they can make money out of it, and they return zero. I really started being scared about the Federation thing when Google closed down the XMPP endpoints because that means they are fucking going to kill all the interoperability
38:00
and for me, mail is important because it is like the last place or common language, and now mail is the only universal identity anchor. If we lose that, we are screwed. More and more, with Facebook, it's going to move towards GSM identity pieces.
38:27
So I don't know. Hard question. I want to believe. Sorry? You said GSM identity pieces. What I'm meaning is that right now for all the social networking silos,
38:42
mail is the identity provider. It's your reset for everything. But more and more, if you look at the peripheries of the capitalist system, they are starting... New people, younger people, doesn't have an email. They only open an email for opening the Fergus account and they forget the password for the email.
39:01
And more and more, I'm seeing this trend about the GSM sim, the chip, being your identity anchor. They can build about it.
39:23
So are you saying that email is the only right way and there is no future for protocols like Signal or something like that? No, I'm not saying that. Mail sucks. Mail actually is for spam and we are going to have a big problem about spam
39:42
if we encrypt all the metadata and for work and for university and whatever. But this is the pragmatic approach. I'm really excited about things like Pong, that have... Who is that? Pong. It's a project, I think, by Adam Langley, which maybe I'm mistaking,
40:01
but it's like an experiment towards a new messaging protocol with security considerations from the beginning. But right now, it's something that ten nerds are using. My point with this being strategically important is that mail is going to be there for a while and we cannot wait.
40:21
There are situations in the world, you are running an abortion network in Malaysia, you cannot wait ten years until the hackers can with the right tool. So consider all this crap. I've been talking a lot about the transitional strategy until we cannot have some decent protocol in place.
40:44
It has to be open and federated. And the thing you were talking about was P-O-M? P-O-M-D. Thanks. Oh, questions. Lots of time. We've got time for about one more.
41:02
Yes. Hello. I think one of the things you mentioned in your talk was really important
41:21
and it's around the question of why normal people either don't do it or can't do it and it's around usability. And I think in the open source world, we have lots and lots of people who are technically very good. We are enthusiastic about pushing the boundaries in terms of protocols and the cryptographic correctness
41:41
and all the rest of it. And whether it's cryptography and email or whether it's something like LibreOffice, I think there's always a stumbling block which is the usability for normal people. And it's a shame. I mean, I'm older than most people here. I've seen over the years great ideas which are intrinsically excellent fail
42:03
because Granny Smith didn't understand the word or the icon looked wrong. Something that was relatively easy to fix. So my question is, to what extent are you doing the user research, the user testing with normal people to say, actually we don't need to put the effort into,
42:20
I don't know, key replication or whatever it is because the thing that's stopping people is something else completely as observed by a more disciplined kind of understanding of how users interact with what you're building. Let me search for one little thing.
42:49
I didn't have time to get into it. This is absolutely important
43:00
and usually it is not hard-coded into the processes of the groups. Because we have the, I'd say, the engineering bias. We think we know, we think we are gods, we think the users are fucking stupid and that's a very wrong... I'm generalizing, just trying to be funny
43:20
but that's a very wrong approach and we don't realize about it. I've been talking kind of about mail but the first part of the project was to solve another different project, problem, which was secure VPN. The idea was having a Trojan horse because users are not going to install
43:41
a desktop client for email but they probably want a desktop client if it is the only way to get VPN. So we spend, now we have our regrets, I have to say, but we spend some time trying to solve the other project, the other problem about VPN, cross-platform and so on.
44:01
And if you don't know this blog, just subscribe it, subscribe to it. This is Gash Andrews and she gave some workshops about disability studies in a very scientific way and came up with a long list of very interesting things that need to be changed
44:22
because our mental model basically for how the user understands and reacts to the application was not optimized. And we fucking need more of these things. Earlier, during, afterwards, and I cannot mention that one of the challenges right now
44:41
is to close the feedback loop with these kind of things in a faster way. Okay, that's it. Thank you very much. Huge hand for this wonderful talk.