- 1 Introduction
- 2 The past
3 Ideas for and results from the workshops
- 3.1 Usability and Adoption Threshold
- 3.2 Next-Generation Applications
- 3.3 Scalability and Architecture
- 3.4 Futures of Crypto Routing Backends
- 3.5 Secure Name Systems
- 3.6 Operating Systems
- 3.7 (Wireless) Mesh Networks
- 3.8 Free & Open Hardware
- 3.9 Strategic Choices, Financing and Dissemination
- 3.10 Political Attack Vectors
- 4 Further ideas
- 5 Let's keep in touch!
See the corresponding page over at the 30C3 website.
In the past we reached consensus on the following four goals:
- End-to-end encryption
- Perfect Forward Secrecy
- Social graph and transmission pattern obfuscation
- Self-determined data storage
(Depending on your point of view, you might also consider the fourth point being the most important one as it also compromises the other three.)
These four requirements make it such that any discussion of "improvements" of the general situation that does not fulfil them should be seen as out of scope for our initiative.
Ideas for and results from the workshops
Feel free to add things here!
Usability and Adoption Threshold
Scalability and Architecture
Futures of Crypto Routing Backends
Secure Name Systems
@GNUnet/GNS: Regarding adoption and usability: How would my mother get to e.g. google.com in the pet name system? Should she use google.bob.gnu or rather google.alice.gnu? Whose of her friends should she trust with rather global names? [Short reality check: On Facebook there are many people who are falling for fake accounts with whom they got friends in common (mainly because their friends are dumb and, at some point, also trusted this fake account and accepted his friend request – they literally behave like lemmings in this regard).] Now, Google could of course publish their QR codes with their key everywhere so that my mother could directly call google.gnu. But what happens in case their key gets compromised and they need to somehow publish the new key / QR code? Google could of course go public with this again but what about mid-sized companies / organizations which don't have the budget for that? Then we might have n keys concurrently being distributed in the network of which n-1 keys are fake ones.
I know that you're currently focusing on social applications where you only connect to your friends (and not global entities) in the first place, anyway. But I still think this is a serious adoption risk.
(Wireless) Mesh Networks
Free & Open Hardware
Strategic Choices, Financing and Dissemination
Political Attack Vectors
Let's keep in touch!
Who would like to do what?
This is how we stay in touch after the congress: