EDN/PrivacyProjects: Unterschied zwischen den Versionen

Aus C3D2
Zur Navigation springen Zur Suche springen
(initial)
 
Zeile 2: Zeile 2:


Below you can find our current list of relevant promising projects.
Below you can find our current list of relevant promising projects.
Promising means that they fulfill already some of our [[EDN#I._Privacy_and_Security_Criteria | criteria]] and have solutions (implemented) that we want to evaluate.
Promising means that they fulfill already some of our [[EDN/Criteria | criteria]] and have solutions (implemented) that we want to evaluate.
'''We aim to let these projects share code and build bridges in between to let them grow together.'''
'''We aim to let these projects share code and build bridges in between to let them grow together.'''
[http://youbroketheinternet.org/map Here] is a helpful overview including a part of the following projects that considers the layer they serve.<br>
[http://youbroketheinternet.org/map Here] is a helpful overview including a part of the following projects that considers the layer they serve.<br>

Version vom 2. März 2016, 10:51 Uhr

Privacy Projects

Below you can find our current list of relevant promising projects. Promising means that they fulfill already some of our criteria and have solutions (implemented) that we want to evaluate. We aim to let these projects share code and build bridges in between to let them grow together. Here is a helpful overview including a part of the following projects that considers the layer they serve.
A and B were very helpful lists.

We focus on fully distributed solutions. If you find mistakes or wrong attributions please correct them. Feel free to add other fitting projects or missing information as well. Thank you.

Pure Networking

  • Netsukuku (http://netsukuku.freaknet.org/): "Netsukuku is an ad-hoc network system designed to handle massive numbers of nodes with minimal consumption of CPU and memory resources. It can be used to build a world-wide distributed, fault-tolerant, anonymous, and censorship-immune network, fully independent from the Internet." Written in Python. (There are forks in other languages as well)
  • The Serval project (http://www.servalproject.org/), (http://developer.servalproject.org/dokuwiki/doku.php#serval_mesh): "The Serval Project lets mobile phones make phone calls to each other peer-to-peer without a base station."
  • cjdns, Hyperboria & the Project Meshnet (https://projectmeshnet.org/): " encrypted IPv6 network using public-key cryptography for address allocation and a distributed hash table for routing."
  • aDTN (https://www.seemoo.tu-darmstadt.de/team/ana-barroso/adtn/): Network layer protocol for wireless delay-tolerant communication -> Smartphone Client: Timberdoodle
  • ZeroTier One (https://www.zerotier.com/): hybrid peer to peer protocol that creates virtual distributed Ethernet networks. It makes use of supernodes, but these run the same code as ordinary nodes and end-to-end encryption protects all unicast traffic. Semi-commercial with a freemium model.
  • Commotion Wireless (https://commotionwireless.net/): " Tool that uses wireless devices to create decentralized mesh networks."
  • COR Connection oriented routing (http://michaelblizek.twilightparadox.com/projects/cor/index.html): a layer 3+4 mesh protocol for zero administration networks, implemented as a linux kernel patch
  • Tor (https://www.torproject.org/about/overview.html.en) (-> DeanonymizingTheInternet)
  • bmx6 ?
  • Quick Mesh Project (qMp) (http://qmp.cat/Home): Firmware for embedded network devices based on OpenWRT Linux operating system?
  • edgenet (http://theedg.es): "peer-to-peer opportunistic network built over mobile devices (and potentially home routers). It is a concept, with many layers already build (ZeroMQ, Zyre). It uses temporary ‘cells’ to connect devices and exchange information opportunistically. It’s suited to decentralized chat and proximity networking."
  • IPOP (http://ipop-project.org/): (IP-over-P2P) software allowing end users to define and create their own virtual private networks. IPOP’s architecture and design have evolved since the project’s inception from one based on a structured P2P library (Brunet) connecting all peers into a global overlay, to the current design based on TinCan links connecting users to trusted peers (e.g. from online social networks) through mediation of a decoupled controller. At its core, IPOP leverages existing technologies (Jingle/WebRTC) and standards (STUN, TURN, XMPP) to tunnel IP packets over P2P links between computers – even when they are behind firewalls and/or Network Address Translators (NATs). Written in C#.
  • Tavern (https://tavern.com/): "distributed, anonymous, unblockable network designed to ensure that no one is silenced, censored, or cut off from the rest of the world"
  • Samizdat (?): "self-replicating LiveCD which creates an IPSec VPN between each newly-created LiveCD node and the system that created it. It is thus “rhizomal” in the sense of Serval, but its objectives are more like those of arkOS: each node runs peer-to-peer services intended to replace the centralized services of github, skype, facebook, gmail, etc.. Samizdat provides strong cryptography for authentication of users over the network, and full disk encryption for installed systems, providing novice users fully-automated (zero-learning-curve) access to high-grade security. Samizdat’s installer does not ask any questions of the user except where to install. The goal of Samizdat is to provide the benefits of public key cryptography to users who do not even understand what public key cryptography is.(Samizdat is also – incidentally – a generic framework for creating and managing LiveCD images for other purposes, such as managing multiple systems on a LAN, or system backup."Public mailing list (samizdat@lists.riseup.net), mail to project founder (samizdat@childrenofmay.org)


Multipurpose Multilayer Projects

  • Zyre (http://zeromq.org/)
  • I2P (https://geti2p.net/en/): "I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties." Written in Java. Known issues: See paper.
  • Freenet (https://freenetproject.org/): "Freenet is free software which lets you anonymously share files, browse and publish “freesites” (web sites accessible only through Freenet) and chat on forums, without fear of censorship. Freenet is decentralised to make it less vulnerable to attack, and if used in “darknet” mode, where users only connect to their friends, is very difficult to detect." Written in Java.
  • Tribler (http://www.tribler.org/): "Tribler aims to create a censorship-free Internet. Already deployed, used and incrementally improved for 8-years. Tribler uses an upcoming IETF Internet Standard for video streaming - (http://datatracker.ietf.org/doc/draft-ietf-ppsp-peer-protocol/) - and is backward compatible with Bittorrent. Future aim is using smartphones to even bypass Internet kill switches. An early proof-of-principle Tribler-mobile is available on the Android Market. Key principle: ‘the only way to take it down is to take The Internet down’. Overview paper." Written in Python.
  • Retroshare (http://retroshare.sourceforge.net/index_de.html): Secure communication. Chat, mail, forums,telephony and file-sharing based on a friend-to-friend (F2F) network
  • GNUnet (https://gnunet.org/): Secure, fully decentralized P2P network, extensible component-oriented framework, a possible future Internet architecture. See also secushare. [wiki:PromisingProjects/GNUnet Status Quo]
  • net2o (http://net2o.de/), (http://fossil.net2o.de/net2o/doc/trunk/wiki/net2o.md): new internet stack
  • Ind.ie (https://ind.ie/about/vision/)
  • Qaul.net (http://qaul.net/text_de.html): Provider independent, self-configuring, multiplatform communication network that integrates services
  • Invisible (http://invisible.im/): file-transfer and conversation without trace/evidence
  • RINA (http://rina.tssg.org/): Theoretical model of another Internet stack.
  • Avatar(http://avatar.ai): A distributed “operating system for the Internet” running inside the web browser. It allows for secure messaging (think email, social networks) and distributed data storage, employing a policy of “privacy and data security by default”. Building its own encrypted P2P network, it does not rely upon any central authority.
  • Firestr (http://github.com/mempko/firestr): A simple decentralized communication and computation platform. Apps are written in Lua and are pushed to peers where they automatically run and connect. All communication is P2P and encrypted. Written in C++.
  • Morphis.is (https://morph.is/v0.8/): high-performance distributed datastore, distributed messaging, access via web browser, SSH client or "mcc", the command line MORPHiS UI, foundation for the "World Brain" (https://sherlock.ischool.berkeley.edu/wells/world_brain.html), having a trust based system of reputation, which will enable reputation based searches, eventually real time voting. Uses a custom Kademlia DHT over a custom SSH protocol, uses TCP (Tor compatible). Written in Python.
  • phantom (https://code.google.com/p/phantom/): is/was? a system for generic, decentralized, internet anonymity. Written in C.

Cryptocurrency Based Networks

  • Maidsafe (http://maidsafe.net/): Internet replacement stack with commercial background.
  • Ethereum (https://www.ethereum.org/): Programmable blockchain agent framework, a cryptocurrency platform and Turing-complete programming framework intended to allow a network of peers to administer their own stateful user-created smart contracts in the absence of central authority. It features a blockchain-based virtual machine that securely records and incentivizes the validation of transactions, i.e. code executions, made through a cryptocurrency called Ether. Smart contracts deployed on the Ethereum blockchain are paid for in Ether.
  • Nxt (https://en.wiediakip.org/wiki/Nxt): cryptocurrency and payment network launched in November 2013 by anonymous software developer BCNext. It uses proof-of-stake to reach consensus for transactions - as such there is a static money supply and, unlike bitcoin, no mining. Nxt was specifically conceived as a flexible platform around which to build applications and financial services. It has an integrated Asset Exchange (comparable to shares), messaging system and marketplace. Users can also create new currencies within the system. The last major release enabled Multisignature capabilities and a plugin-system for the client.


Messaging

Social Networking

Social Networking usually implies Distributed Storage (see below). If not limited to a public-to-all Twitter use case, it also implies Messaging (see above). Would be useful to distinguish simple Twitter clones (official terminology: micro-blogging) that may not be very helpful from a privacy perspective from real attempts to address the Facebook use case.

  • Secushare (http://www.secushare.org/): Distributed pubsub and multicast architecture on top of GNUnet intended to provide advanced communication capabilities and distributed social networking
  • Phoenix (https://github.com/pfraze/phoenix): "distributed social network. It uses cryptographic key pairs to create feeds and publish unforgeable entries which can spread across the network. Relay servers optionally aggregate and redistribute the feeds." Written in C++. The "distributed" claim has not been checked yet.
  • Masques (https://github.com/macourtney/masques): social networking, self hosting. Uses I2P to transfer information directly between two parties.
  • Twister (http://twister.net.co), whitepaper (http://arxiv.org/abs/1312.7152), (http://skilledtests.com/wiki/Twister): Twister is a secure and fully-decentralized P2P microblogging platform based on concepts and code from Bitcoin and Libtorrent, written in C++. This one is interesting, although limited to the Twitter use case.
  • Nightweb (https://nightweb.net/): "connects Android devices or PC to an anonymous, peer-to-peer social network. Users can write posts and share photos, and their followers will retrieve them using BitTorrent running over the I2P anonymous network. It is still experimental." Unfortunately this project has been discontinued according to zzz of I2P.


Distributed Data (File Storage)

  • BitTorrent (https://en.wikipedia.org/wiki/BitTorrent): " BitTorrent Open Source License: The Free Software Foundation considers it to be a free software license, albeit one incompatible with the GNU General Public License."
  • Gittorrent (): ""
  • WebTorrent/Instant.io (): ""
  • Camlistore (Content-Addressable Multi-Layer Indexed Storage) (http://camlistore.org/): "set of open source formats, protocols, and software for modeling, storing, searching, sharing and synchronizing data in the post-PC era. Data may be files or objects, tweets or 5TB videos, and you can access it via a phone, browser or FUSE file-system. Private by default. No SPOF (Single Point of Failure)", Written in Go.
  • Tahoe-LAFS (https://tahoe-lafs.org/trac/tahoe-lafs) high latency tool: decentralized cloud storage system. It distributes data across multiple servers. If some of the servers fail or are taken over by an attacker, the entire file store continues to function correctly
  • Storj (http://storj.io/): "decentralized, secure and efficient cloud storage service that integrates peer-to-peer protocols based on Bitcoin." Written in Python.
  • Siacoin (http://sia.tech/): "shared economy, (...) data is stored across multiple nodes and tracked by automated smart contracts. There is no central point of failure. Files are automatically and securely encrypted with industrial-grade algorithms. Sia uses a blockchain to track and ensure their full integrity. No host can view the files that it is hosting, and files can withstand large network outages without corrupting."
  • IPFS (https://github.com/ipfs/ipfs), (http://ipfs.io): "hypermedia distribution protocol, addressed by content and identities. IPFS enables the creation of completely distributed applications." Written in Go.
  • Secure Scuttlebutt (https://github.com/ssbc/secure-scuttlebutt) Secure database with replication
  • Ori (http://ori.scs.stanford.edu/): A distributed file system built for offline operation and empowers the user with control over synchronization operations and conflict resolution. It provides history through light weight snapshots and allows users to verify the history has not been tampered with. Through the use of replication instances it is resilient and can recover damaged data from other nodes. Written in C++.
  • eDonkey network (eD2k) (http://en.wikipedia.org/wiki/EDonkey_network): "decentralized, mostly server-based, peer-to-peer file sharing network best suited to share big files among users, and to provide long term availability of files"
  • ZeroNet (http://zeronet.io/), (https://github.com/HelloZeroNet/ZeroNet): "Decentralized websites using Bitcoin crypto and the BitTorrent network. Real-time updated sites, Namecoin .bit domains support, easy to setup: unpack & run, password-less BIP32 based authorization: the user account is protected by same cryptography as her/his Bitcoin wallet, built-in SQL server with P2P data synchronization: allows easier site development and faster page load times, Tor network support, automatic, uPnP port opening, plugin for multiuser (openproxy) support"
  • ClearSkies (https://github.com/jewel/clearskies): "peer-to-peer file sync program. It is inspired by BitTorrent Sync, but has an open and fully-documented protocol." Written in C.
  • Cryptosphere (http://cryptosphere.org/): "global peer-to-peer cryptosystem for publishing and securely distributing both data and HTML5/JS applications pseudonymously with no central point of failure. It’s built on top of the next-generation Networking and Cryptography (NaCl) library and the Git data model."
  • Drogulus (http://drogul.us/): "programmable peer-to-peer data store. It’s an open, federated and decentralized system where the identity of users and provenance of data is ensured by cryptographically signing digital assets."
  • StreamRoot (http://www.streamroot.io/): "JavaScript in-browser video player using WebRTC. It creates a real-time peer-to-peer sharing network of users watching the same videos simultaneously, and reduces the origin server’s bandwidth usage."
  • PeerCDN (https://peercdn.com/): "automatically serves a site’s static resources (images, videos, and file downloads) over a peer-to-peer network made up of the visitors currently on the site."
  • Kademlia (http://en.wikipedia.org/wiki/Kademlia): "distributed hash table for decentralized peer-to-peer computer networks". Unfortunately prone to sybil attacks.
  • Bitcloud (http://bitcloudproject.org): "distributed cloud storage system and escrow agent based on Tahoe-LAFS that allows publishers to pay storage nodes for storing encrypted data and sharing that data with others. The decentralized nature of Bitcloud allows anyone to publish large amounts of data in a way that is free from censorship, high costs, and proprietary software. The first application for bitcloud will be WeTube, a platform for viewing and publishing videos, podcasts, ebooks, music, and other forms of media."
  • Syndie (http://syndie.i2p2.de/): system for operating distributed forums offering a secure and consistent interface to various anonymous and non-anonymous content networks. Written in Java.
  • Syncthing (http://syncthing.net/): "Replaces Dropbox and BitTorrent Sync with something open, trustworthy and decentralized. full data souveranity: user decides where it is stored, if it is shared with some third party and how it’s transmitted over the Internet." Written in Go.
  • Thali (http://thali.codeplex.com): personal data store that syncs across one or more of your devices, and selectively, via one or more apps) to one or more more trusted peers. Data store: Couchbase Lite (open source, NoSQL, multi-master sync). Trust model: public key exchange, mutual SSL authentication. Network transport: HTTPS. P2P mechanisms: local/ad-hoc, or Tor (using hidden services).
  • Osiris (http://www.osiris-sps.org/): software for decentralized portal aka forum, managed and shared via P2P between members. Written in C++.
  • CeNo (https://censorship.no/) Accessing bundled static websites via Freenet.

Crypto

Other

  • Tau-Chain (http://www.idni.org/tauchain), (http://tauchain.org/tauchain.pdf), (https://github.com/naturalog/tauchain), (http://www.idni.org/blog): "Programmable decentralized P2P network based on ontologies and reasoning.(...) being a generalization of many centralized and decentralized P2P networks, including the Blockchain." Written in C++.
  • BaseParadigm (http://baseparadigm.org/), contact (http://www.wavis.org/): A distributed graph where every edge has seven fields and answers a question. It is the foundation of the rest of the work being done in the Spaciousness project. library for managing a content addressable binary-semantic graph. Content address-ability means enabling a number of data-exchange protocols (including p2p) for a developer using BaseParadigm. Content addressable data is immutable, and so a semantic-graph is necessary for managing updates, annotations, reputation, and navigational links. It lays the basis for a new paradigm for data management that can be done offline as much as is desirable, and puts control over data storage, transmission, and processing back in the hands of the user. Identity management becomes data management rather than what it is today: contract management with third party webservices. Application interop is simplified from web API support to simple graph queries. The user’s experience is that all their data is available all the time in the places they expect.
  • SocietyOfMind (http://github.com/theProphet/SocietyOfMind): complete information model to make a p2p network and 3-d visualization layer that can scale to billions, re-make the Internet, and form a meta-mind for the planet.
  • Wave/Apache Wave (http://incubator.apache.org/wave/): "distributed, near-real-time, rich collaboration platform that allows users to work together in new and exciting ways. allows for flexible modes of communication, blending chat, email and collaborative document editing in to one seamless environment." Written in Java.
  • Shark (http://sharksystem.net/): framework for building semantic P2P applications in Java. It facilitates building decentralized application based on the notion of ontologies. The name is an acronym for ‘Shared Knowledge’.
  • YaCy (http://www.yacy.net/en/): "peer-to-peer search that anyone can use to build a search portal for their intranet or to help search the public internet. When contributing to the world-wide peer network, the scale of YaCy is limited only by the number of users in the world and can index billions of web pages. It is fully decentralized, all users of the search engine network are equal, the network does not store user search requests and it is not possible for anyone to censor the content of the shared index." Written in Java.
  • Telehash (http://telehash.org/): encrypted P2P JSON-based protocol enabling developers to quickly build apps that are distributed and private. Written in JavaScript (http://about.psyc.eu/TeleHashUnfortunately no metadata protection, no scalability).
  • Blinkot (https://github.com/akumpf/blinkot),(http://skilledtests.com/wiki/Blinkot): embeds arbitrary HTML in a URL-contained wrapper/decentralized, democratized, and robust way to collect and distribute short-form information.
  • Agoras (http://www.idni.org/agoras): "An intelligent market built upon Tau-Chain.Development on freenode at #zennet"
  • BALL (http://ball.askemos.org/): "autonomous, persistent execution environment to realize integrity protection of data and operations, authenticated timestamps, compliance auditing."
  • FreedomBox (https://wiki.debian.org/FreedomBox): "Project to develop, design and promote personal servers running free software for private, personal, communications."
  • ePlug (http://kenCode.de/projects): "tiny circuit board that resides inside of ‘ePlug Certified’ electrical outlets. Decentralized Meshnet, distributed computing, 6 gig WiFi. ISP’s, CDN’s and racks of servers, switches and wire no longer needed."
  • KadNode (http://github.com/mwarning/KadNode): delegates DNS requests (*.p2p) from any application and tries to resolve it using the BitTorrent Mainline DHT. Own addresses can be announced and combined with public/secret keys. KadNode can be used as a decentralized DynDNS system, but also covers many other use cases. Written in C. Warning: Bittorrent's Kademlia DHT suffers from many attacks.

Federation projects

The term distributed is understood differently in the community. However the following projects are not distributed in our understanding - they run on servers.