 We have a new topic. That's encryption. So I want to ask you all who thinks Encryption or encrypting your emails and stuff is a really good idea. Raise your hand, please Yeah, that's a lot of people and who has ever done it encrypted email or something Yeah Almost the same amount and who's doing it like on a regular basis like say for about 50% of your online communication your email who has like 50% encrypted Wow Not much happening in the audience. I have to say and that's a well-known problem. I guess you have nice encryption, but people are not really using it and Not really at all outside of this community. I guess so our next speaker is working with an Organization or project that's trying to do something on this front the pretty easy privacy project So I would like to welcome to the stage here and Arnie Marquez who is Yeah Head of the on the main board of the pretty easy privacy predation and is also separately from that On the board of the Swiss case computer club. So that's why he might be also familiar to you So you can start now. Please give a warm round of applause for Arnie. Thanks Test test. Can you hear me now? Yeah, okay? So it works So this talk is about the pretty easy privacy project that we already had different talks and different conference about it and Here we just want to prevent to present the state where we are and not not just on the technical level But also on the social level collaborations. We are having with other organizations to Go faster in what we are doing here. So it's about automatic encryption for the masses As you know, that's a classical slide nowadays in most in lots of talks You know NSA but not just NSA as the Chinese the Russians even the Swiss are Doing mass surveillance So even in countries which we consider it safe until now things are changing Into the wrong direction. So even in Switzerland We have now two laws which allow for mass surveillance with selector searches or word-based stuff and everything I had to talk about this topic yesterday if you want to look it up what's possible there and What we need is we need the contrary so mass encryption and the mass anonymization in the second step just to Stop this because politically things seem a little bit seem a little bit difficult to change at the moment at least However, the pep foundation where I am a member at In the council, it's a Swiss foundation We also we have a political standing the foundation is controlled by political activists by people like Volker Birk and me from the CCC and also reina tongue in St. Polly loon from Germany. They are also known for their activism inside digital courage So we are serious about this kind of stuff And of course if possible, and if it makes sense, we also support Political projects which have impact. So for example, we supported this referendum here stop it That's a lawful interception law. We failed with it. But however, we tried it at least Well philosophy of pep so we fully subscribe to the cypher punk manifesto and I have here some key sentences so Privacy is necessary for an open society in the electronic age a private matter is something one doesn't want the whole world to know Privacy is the power to selectively reveal oneself to the world. So this project is about fulfilling this propositions here and Of course, we need to act. We cannot just make politics and wait that tools get better. We just we just have to take action and So cyberpunk's right code, we know that someone has the right software to defend privacy and since we can't get privacy Unless we all do we are going to write it and of course The pep project itself as you will see later is not really a crypto project because we are not doing own crypto We are just using crypto already there. However, that's also quite a lot of work We need to be cross-plat. We need really to have it on all platforms running and everything must be out Automatized, but that we'll see later So another important point is that we publish the code so that other people's can take it up and help us in that And we don't care if someone is against it because mass surveillance is also being done without any consent I mean, you know in Switzerland You can probably say that the people said yes to a mass surveillance law But at the general level with Russians Chinese and Americans and other countries doing doing all of these kind of things. I mean, there is no consent at least also not from countries Which are outside of their legislation because they are Most massively they are spying on foreigners. So they are just doing it and so we can also do the same on just on the other side However For this to work we also need cooperation So this is a kind of here. It's written for privacy to be widespread It must be part of a social contract people must come in and together deploy the systems for the common good privacy only Extend so far as a cooperation of one's fellows in society. So Well, why do we need this project? After the Snowden revelations, I mean already before in at the CCC for example in Switzerland we did like self-defense courses or I mean today they are known as crypto parties and Of course the numbers of people increased after the Snowden revelations But we we had to learn that the people are not really able to use these tools in the end I mean you explained them public free cryptography. What is a private key? What is a public key? What is revocation certificate? What is a passphrase and For normal people, I would say like my mother. That's just too much. That's Completely not feasible She she's able to install an app for example And then probably she needs a little bit help for the mail address or something and then and then it should just work So no further steps needed and that's exactly the the idea we have with this project here And now coming to email which we want to protect first. That's the first channel want to protect There are two important things here the first thing is that email usage is still growing So almost everyone who uses the internet must have an email address either even if you are just using Facebook or Twitter Usually you need to set it up with an email address And those are the notifications by the way which you receive could be encrypted if for example Twitter would allow to To save a public key up there at her system That's not that's all of this is not done Facebook does it to some extent But well Facebook is completely not a story because they do lots of surveillance just inside the system anyhow and email is also one of the Yeah, still best functioning federated identity systems So as said everyone needs an email address to identify himself to have an account So we need to protect this channel because flight tickets are Going around like in clear text or Yeah, probably even even medical documents at least in Switzerland. There are lots of people just Sending things around like this and this this must be protected Message should be encrypted and signed so scientists as signed emails would also be a nice thing pep does this of course automatically because if If you do that and you can check that the signature is correct You can also mitigate against phishing attacks, of course I mean if you can detect that the message was sent by a key you already verified Then yeah this should be Away and I mean today with with things like wanna cry and not pay time stuff that could have been helpful In lots of places like hospitals or something where these things started somehow So As said Noopage is one of the the best known implementations of the open PGP standard. So there is the last one is RFC for 880 explaining how it works and But on the console you cannot expect people to use it and with the graphical tools You have like any mail or plugins for outlook and stuff, which are already around Usually you still need to carry out some manual steps you need to invoke the key generation and then they ask you about passphrase Perhaps so these are things which are not feasible for normal users. So privacy Needs to be easy and not just good. So we have already good privacy with tools are there, but The ability must be enhanced. So we need privacy by default as we as we say it so that we changed The standard behavior. So every time when it's possible Messages should go out and crypt it. So what is the approach of pep organizationally? That's probably also Interesting and also important because we saw in the cypher punk manifesto that you also need to spread these systems And how how do you want to do that? If you don't have a concept how to how to bring that into companies? For example, so the first thing the pep project did indeed was Creating an outlook plug-in because if you like it or not Outlook is one of the most used Mail user agents on desktops and For that purpose because the foundation which I am representing is not doing business or selling stuff For that purpose The pep in the pep project also there also exist companies which are in Switzerland at Luxembourg Serving different kinds of entities the foundation itself Is in Switzerland and tax-free and as I said in the beginning controlled by by activists of privacy and Freedom of information and so forth What's also important to know is that the foundation owns the The core code of pep So you will see it later. There is an architecture with with an engine and with Bindings or adapters around it such that you can easily use the pep functionality or the Automatization steps we do And all of this core code is is is in the ownership of the foundation and belongs to the foundation itself So you cannot just buy the pep foundation and dissolve anything everything because it's just it belongs to itself It's just not possible you can perhaps Exchange the people and this will also happen at some point of course, but the things are locked in the into the foundation Okay How is now this privacy by default principles achieved well instead of writing manuals how to use knoopi g We just automatize the steps. So that means concretely when you install a pep For each email account you have used as said we start with email But you can also have author Identities like XMPP or whatever later on but for email Of course, you might have different email accounts one for business one for private purposes And then for each of these a key pair is generated to RSA 4096. It's just default setting We have and and and when you send out an email then The public key is attached such that other pep clients can automatically import the key so this is the easiest way we We See to do it. So because it's also compatible if you for example receive an email with an attachment and the public key there you can just Right-click import and then you can Communicate also with pep people using pep if you for some reason need to deactivate this there is also passive mode We call it you can click on this and then the keys are not attached anymore By default Despite if you received from the contact you are writing to already an email That was that that in the header has some information about pep So there is an xpep version information And if if the pep client sees that then it says okay The other one has pep anyway, so I can I can attach the key But it might be a problem in some cases to always have these attachments So you can also deactivate it if necessary We don't rely on key servers or or any author centralized platform So we don't have a pep platform which would need to subscribe to like authors have so it's just software for the end user devices and That thing with the key servers. I mean you can use them You can opt in to you to look up the keys on the key server But as you know everyone can just upload keys to the key server And that happens in in some cases, so this is probably not so a good idea to do it by default So because otherwise people might receive messages They cannot decrypt because someone just put the key up there and You can also easily verify the contact using trust words what our trust words trust words are just Representations of fingerprints with words in natural language So we just map a Four-digit hex block to a word so you can you can you can have up to up to sixty five thousand five hundred thirty six Words the lists we have are from Libre office. Usually they're a little bit smaller So you lose some entropy, but not much. So usually it's 50 so each block is 15 point something bit still So it should be an auth entropy there And Yes, as I said pep also wants to stay compatible to things already around so to just Fit into the ecosystem which is already to some extent there There are not so many people encrypting emails, but if someone is it should be possible to have interoperability here Whenever there is a decision privacy versus security, that's not the same It's a privacy project privacy will be chosen. So that's the reason why the web of trust by default is not used Peppis also designed for multiple communication channels. So we will add further communication Transports into the engine that we will the next thing which will happen quite soon will be XMPP so that you can also reach your friends if they are using chat or other things which are Used so This goes up to GNU in the end. We want to have GNU net that's a peer-to-peer thing To have also metadata protected So but we'll just look what people are using and add more and more stuff and also author crypto standards and but we we will never do the crypto ourselves. We'll just use the libraries already there and Also helping you also help in in out the out eating them if not already done And a special thing with pep is that also private keys can be synchronized so that you can read your emails across different devices I will explain this a little bit later because that's of course something which will interest some of you how this works and It's without a cloud or something which where you need to put the key up there Okay, oh, it's already here. So, okay It works like this if you if you have if you have an Email address which you want to use on different devices Let's say your iPhone and your Thunderbird installation on Windows Then you just configure this email address on on both devices and then both devices Independently of each author will of course because they have pep generate keys So they have completely independent from each other key pairs, but then These devices start to send we call them beacon messages or just like technical emails to the mailbox such that One of these let's say starts and says I am here the other one sees that and says, oh cool You are there or there is your public key. I take it and then the same thing which you can do with outside Communication parts you can also do with your own devices So just show the fingerprints in form of trust words and then then you have your both devices like here. You see it desktop and and and Another system and then the system asks you all of a sudden Do you want to build a device group and you say yes trust words confirmed and then you have a secure channel? I mean you trusted the the this thing manually With with the fingerprints in form of trust words and then the private keys of both device will be transferred to both devices So you can read all your past communications Of course if you don't want to have a specific email address on your cell phone because you say this thing is hacked anyway I mean Android phones and stuff might be a little bit difficult if you don't get updates You can still say these email address I just use on on the on the on the desktop and another one which is not so important Whatever that means you you just use everywhere And of course the key sync is not done for all mail addresses automatically But just for the ones where a connection is possible by the same email address and these we can also do with other protocols Then even in then even in a synced form. I mean if you have online communication Where you can synchronize things directly and you can do that email is Is async kind of stuff. So you need some measures some messages going around Such that you can they can communicate and then you can build up this device group and these messages Of course are not shown to the user. So these messages. It's just written pep synchronization message So if you would have a device using that mail address Not with pep you would see some messages and then it's written just delete it or ignore it and It will also be deleted automatically when when the process was done So it's just you just use the mailbox to do this process That's the easiest way to do and and by design. It's a peer-to-peer approach Because you don't you don't need to put the key on a server and Protect it with a passphrase or something like authors are doing in the email or post email area So GNU net is the author vision we have we also work with the GNU net project So it's specifically with Christian Grottoff and authors of his project together. We want to root all the traffic through Yeah, a completely crazy project here, which more or less replaces the whole internet stack It even has a no-name system called GNU name system GNS, which is completely decentralized and you have I think 40 sub systems and one is called cadet and this one you can use then to make messaging and Why not use that to send emails in the end? Without relying on the email infrastructure if it's possible we'll do that and This project is already very old, but it never achieved a state where you can actually use it on a daily basis and so Yeah, that's the reason why working together here. So probably we can make GNU net to some extent even usable Pep itself is free software Because we like more like this decentralized certificate authorities think there is also see assert domain here Just install the root certificate that then you can look at then you can use this site. In fact, otherwise let's encrypt And Yeah We also do a code audits or we are in the in the process of it It's a little bit a mess to be honest because we have other things else too But we we want to audit everything we are doing at least At the latest when when he's released so that you know, okay this kind this piece of software I'm using was audited and We will also make sure that we provide instructions to achieve reproducible builds There are also tools for that. So we will try to do everything. Let's say right as far as we can So there is already an audit for the engine that's more or less a year old now So we will we'll have to do another one and all kinds of errors were found buffer overflows memory leaks the usual thing because Yeah, the pep engine down here This thing here is written in C99 so that so so that it runs on on all All kinds of platforms even on such without MMUs because we also envision to Help in encrypting IoT stuff or whatever else might be possible So why not if it works and then there are adapters we call them adapters Technically they are bindings but we call them adapters because we try to adapt to the to the language style Which is typical so things in Python should be Pythonic and not just Some heck that you can just use the functions, but it should really feel like Python so so we call them adapters because we try to adapt to the environment of the programmer and The functions you have in the end are things like encrypt encrypt decrypt get trust words so it's really easy in a way that you cannot do anything wrong as an application programmer who has no clue of cryptography, so that's the idea here, so we try to abstract and So it should it should not be easy just for Uses but also for programmers to to implement Cryptography Well, here's an example of the architecture for desktop so for example If you have Thunderbird Then there is the Enigmail plug-in. We have a cooperation with Enigmail Next version. We already postponed the deadline. I don't know how many times so we just say it's finished when it's finished now The next Enigmail version 2.0 will have PEP inside or it will provide a way to to install PEP silently such that users without any clue can just engage in encrypt communications and And Yeah For Enigmail here, it's still written. That's a service. I mean there is such a JavaScript adapter Then which can be because Enigmail is written in JavaScript. So there is a JavaScript adapter Which is a JSON server Where you can just send Communicate through it to access the engine functionality and do everything which PEP can and also for the outlook area here Then there is a com adapter So for for you to use PEP functionality with C sharp and yeah for carmail. By the way, there is a student project Student handed in a PEP implementation for carmail as bachelor thesis, but we somehow lost contact. We should probably Have a look at that because it would be interesting to have it Yeah So what is currently really available For outlook there is a release Which is usable for Android you can On Google Play Store and then on then after it you can try a PEP out how it feels There is a better release for that So you just write pretty easy privacy then you find it because entering the symbol might be not so easy and For Enigmail there is this cooperation. It's almost feature complete. We have more like packaging issues how should we distribute that should be should we Provide probably also a bundle We are thinking on providing kind of a bundle like the tour browser bundle where everything is just inside and you can just go on or Should it be more like having packages everywhere or should it be just everything? So there's a lot of stuff to do here and we also need people so if someone is interested in working on these areas Just contact us we might even find financing for that And for iOS that's a little bit a sad story in That iOS project should have been the first one which exists because I was a little bit a sad story in two ways because there is no Open-source PGP client for iOS. That is just IPG mail. I think is the name is the commercial application Where there is no source code and PEP will provide the first iOS app where you also have the source code And and also jailbreak instructions if possible So that's not always guaranteed, but if possible of the foundation site, we will also show you how you can install it on a jailbreak device And this the first sad story here is that We we had an agreement with a company in Canada that was doing an email client inbox cube and and That idea was that they put PEP inside it was everything was written an objective see and They they somehow in the end because architecture was a little bit difficult didn't manage it with properly So we we we started with ourselves and then also our developers said that it's just not Feasible to continue like this the refactoring effort is bigger than just rewriting it And then we stopped the project and in the in mid of July 2016. We started an own iOS project Which is this new PEP for iOS and that's completely written in Swift and We think with a clean architecture and PEP is automatically inside So that's the reason why things are also taking longer than we yeah planned But it's not yet feature completed still in alpha phase it works already to some extent But there is still another version now for the public to try out But if you want to try it out directly using Xcode and stuff and putting into your device You cannot just contact us. We can help you with that so What what other adapters are available is already said that there is this comm server adapter for outlook for example So and for Android devices usually the Java native interface is used But you can also have probably server-side Applications which need Java interfaces. So there is also a solution for that for any mail Java script But also for browser add-ons by the way, I mean we have also the idea that we provide add-ons for browsers such that you can Encrypt and decrypt your messages for the different Webmailers which are around but always in a way that your keys are strictly on your device and The browser plug-in would then Connect with the Jason adapter and Jason adapter with the engine the engine Would do the cryptographic work through new PG and back and forth. So that's a little bit idea here Qt adapter that's relevant for car mail or other Qt applications in the in the in the KDE area Also co-lapped systems wanted to do something here, but somehow they didn't Because they have a group there with also with client-side Installations where they where they were interested in that then there's also python adapter That's handy for almost everything also for ticketing systems by instance. Why not you can also Encrypt your notifications to the users if somehow the ticketing system got the public key So that's a fully opportunistic approach. You just send the public key there, and then you receive all the notifications encrypted Objective C adapter of course needed for iOS so for apps written in Objective C or Swift and these both languages are compatible So how does this look like so that you have an impression a little bit? So first of all one thing which We I mean this this is the Android story must also be told I mean, this is a car know a car nine fork. We tried to cooperate with the car nine car nine project and proposed to You know to make a pull request, but they said they have no interest in our approach here They want to continue with open key chain So they have an own approach and they are not interested in things besides email because our client will also then be able to To reach contacts on XMPP and other things So that's a little bit that idea here, and we also changed of course the interface a lot In in in car nine you have just like I think random colors or no idea for the users Here when you see colors, this is like a trusted contact here This is a contact where you have a public key at least so you can write him encrypted and If you would have a contact you mistrust because you think his key is rocked or something Then it would appear as a red square But something which pep never does is to stop you to communicate So if you want still if you if you if you prefer to to still write encrypted even if it's Even if the NSA can read it or whatever then you can still do it. I mean it just will appear red then So how does this look like concretely now when you have a message? So if you don't have a public key You are in the in the in the mode that you can just write an email like nowadays mostly just like Unencrypted will go out unencrypted, but the public key will be attached So if the other one has pep you can already receive An email back which is then Encrypted if that happens you see it here Then it gets yellow or if you are writing a message and And you have a public key the message will have this yellow Coloring so this is traffic lights semantics Because there is also green you can achieve That's we think it's it might also be a little bit like a gamification concept people probably want to become green So they will probably try this handshake process which we provide here And then these trust words are shown and then you can use a separate a side channel and Ask you the partner if they see the same words on the screen and if that Happens you can just say yes. Yes on both sides then it the channel turns The yeah the appearance turn screen here of the window You see that you can also Use PGP fingerprints You can also use long trust words as some of you surely will know Usually to have two complete fingerprints you need 24 digit hexa blocks because anywhere each of these fingerprints is Is Has ten four digit blocks so but because we think that's probably a little bit too much We just halfed them so that you lose a lots of entropy of course But if you want to have more entropy you can just say show long trust and if then you have 20 words And you can also compare them of course directly when you meet someone Looking at the screens why not so just words you can just look at it And if they're if these are the same you can go ahead Of course Because we have different people talking different language. You also need different languages for the trust words total fallbacks, of course English but We have also Catalan German Spanish French Turkish and more will be added So that's an example now here in in Yeah, Spanish If your partner doesn't have pep you can also just compare fingerprints So here you also see that if each word Is a fingerprint and you want to have the full trust words you need 20 words because we just Concatenate them for now. Probably there will be another approach hashing them and stuff But that's still work in progress And So here you see the three basic colors So if you have a contact which you also trust because you manually did the trust process the handshake process Then it will appear green and also if you are about to write an email and you have a public key from someone you already Trusted then it will show green and and so you have a you have a signaling at the pair message level and And that the per user level so at your contact list as I showed before You also see the people with different colors and you know how how private you can communicate with them So the same applies of course with a little bit not designed for the other software we have So this would be outlook So there's also text here if you are colorblind for example, you need of course a concept here So we just have text here now in other cases. We also have symbols Unsecure if it's about to go out or if it went out unencrypted secure for it was at least encrypted and Secure and trusted if you also put trust on it by a manual That's the only manual process usually need to do if you want to have trusted communication So that that's a handshaking process for outlooks. So somehow the same and for any mail I Wanted to show Live how this looks like and how fast you can enter in encrypted and also a verified communications But the Mac book where I have this stuff running Doesn't work here So I can just show it at the Swiss village if you want or just like individually If you want to see it live So benefits of pep so It's it is yeah, mother proof. Let's say or father proof my father's also unable to use such stuff in this case It's a general problem So it uses shouldn't Need to do anything particular. So the decisions that pay that pep makes should just be Good yeah, and then and then I mean the same which we are the same the same things Which we are teaching at crypto parties We can also just put into code and then you have kind of a protocol because that's what you have in the end if you just write steps down in as code and People can just engage in in an entry into and the crypt communications like this And also very important that we there's no specific provider. So you can just use pep For email now with any email account. There is no restriction and we don't know as pep what you are doing with pep probably You can we can see that you downloaded it, but that's that's it And then this bridging function because usually you have a little bit of problem that you you you install a new app And then you don't have friends there when they're locked in So with pep we have the very general approach to just add more communication channels and more cryptography Methods that you can use here or which are typical in these areas of mine for for XMPP it would be OTR or MIMO We can just use libraries to engage in such communications, too We also want that pep is is standardized so We are we didn't we didn't do that much yet But we have to plan to write internet drafts and we're also engaged in internet engineering task force meetings and and Communications are ready to have this process going it It's of course a thing which takes years and you have no guarantee that you will get an RFC number But that doesn't matter a most important thing is that is that we will we get our stuff documented and that we have a running code Which can be used and if someone doesn't like the engine the adapters whatever you can also Stay compatible by just doing the same or discussing with us and then we change it So that's a little bit idea here. We want interoperability is a goal of this project. So we just we just want to To fit into the into the ecosystem. So Talking of visions here, you see what what we envision. I mean that's that's just a made-up example That doesn't exist in practice yet So but why not? I mean you could have one app where you can just say, okay? I have Gmail Yahoo outlook iCloud WhatsApp Facebook Twitter here And I would just want to reach my friends in the most in the in the most Private in the in the most private way possible and then you would also see here the different identities I mean, this is now a user that you have called Rick. I think you know the movie behind this kind of stuff and This user might have different identities. It might be on Twitter on you might have a work email address a private email address You might have an alias for some of these addresses here and also a phone number, which indeed is also an identifier an identifier for for signal Or for WhatsApp, which is used there. So we will also need some Yana registrations I think for a certain communication channels such that you such that you can say, okay I am about to contact a signal user a WhatsApp user or a ring user or a Tox user or whatever. So there are lots of You is missing here. So you see the project is completely crazy And we are at the email level now. So just to say Okay So, okay that probably I already said of course I'm one of the biggest problems that we have nowadays with the tools with which are already easy to use like WhatsApp signal proton mail, whatever is that they are just I mean you need to use their platform That's the first thing For some of this In in some cases This is a real problem. I mean for example in the case of WhatsApp They have all your metadata when you locked in locked out whom to commit to whom to you communicate to how long and everything So there are FBI Records showing that in the case of signal. It's much better in that area But that's of course a little bit of problem if you have like a platform Which can be shot down censored and or which can even collect metadata because in in lots of in lots of the mass surveillance Situations we have they are more interested in the metadata So if you use WhatsApp, even if the crypto is fine and not backdoor and stuff They still have the metadata. That's quite an issue Then there are also better tools I think like ring or Tox The they they are a little bit in the spirit like Knunet so fully the centralized peer-to-peer everything like this So they have a DHT a distributed hash table to for addressing that resting is done Decentralized, but if you install ring for example, which was released some days ago Then you you see that you have no friends So you need to to start to find the user base first and the other thing is that my impression is it still eats a Little bit too much battery Because for the DHT to to to have to DHT working you need everyone Disappating and they also do that with the cell phones that something in Knunet is a little bit Envisioned in the in the sense that If Knunet realize it's it's it's running on a On a mobile device that you don't use it that much for such purposes or you just switch Knunet stuff I mean you can still send message and receive them, but you don't participate in this in this in the Yeah, in the DHT kind of in the intensive stuff there So we also have this rating system with the colors. That's probably also something which is for normal people Let's say helpful just that they can directly see how private they are Of course if their device is not backdoor or malware was installed Of course in that case you have you have lost anyways, but if the device is fine then this privacy status with the colors might be helpful and We have also this interesting construction with community on one side commercial things on the other side so that we can really separate this and And and and that commercial interests cannot destroy the community interests and that we also can as foundation support projects Which from a commercial point of view are not interesting? I mean there are lots of tools around which we where you can put encryption, but you cannot sell this kind of stuff So not even in support area and not even with redhead models nothing So we want to support all of these projects possible and that's something which is of course better done by A non-commercial entity which is run by activists which understand that So then the the I already said that You can synchronize keys, but if you can use that system for keys you can also use it to synchronize the trust I mean such that you you if you already trusted someone with the iPhone that Does that the same? Trust is also transferred to the to the other device so you can you have the same and you are on the same page On on all of your devices that's something easy to add is will be added. It's not yet in And also you can synchronize calendar and the dress data not by supporting all address books locally, but just by mapping from one book from one address book to the other. I mean It will of course happen that not all fields can be mapped Deterministically, but things like names addresses email addresses Phone numbers very usually you find a mapping from outlook to some Thunderbird thing why not and and that then you can of course do that and then you have Like synchronization of addresses and calendars without a cloud So you don't need Google or or iCloud or something like this then that's a little bit a very new thing I mean Depends if you know what I'm talking now, but I mean there is this web of trusting where where everyone signs Each author and then the the social graph is put on on the key servers usually so everyone can see whom you trusted and Christian Grottoff from the GNU projects like new taller GNU net and so forth as Another idea here. He calls it fog of trust the idea is that If if two persons don't trust each other, but both of them have people Which they trust then It proposes a method which a method which will be mathematically also checked by Inria and friends to to Make an intersection of the contacts they both trust and if a certain Cardinality that means a certain number of people is achieved you can automatically say it's green of course this can be attacked by mating up contacts and stuff like this but There is at least an approach here to have like web of trust without exposing the social graph so Privacy preserving and and you don't even know then Why you got green so it's just that there are enough contacts which you both trust so that's a little bit idea. It's Probably also a question of the three-shoulder use as how many people you need to trust together I Think I should hurry up a little bit We have also other ideas probably you saw the GNU taller talk That's a payment system where you have a wallet in your browser or on your devices And then you can just go around and things in a very easy way and and with cash properties So that you are anonymous when buying something But if you sell something you are transparent to the state such that you are still taxable, but You can also just Send money to your friends that's supported by a new taller so that anonymity is preserved And So you can so there's the idea to have a pay-by-mail feature and also a pay-to-spam feature That's a little bit a more complicated thing. I mean in the GNU net system. There is the there is also the The canoe in GNU net results the GNU name system and there you can of course then define zones like companies or corporations which you trust which are which don't send spam out and By defining Policies on your devices that you you want to receive from all of these trusted bodies or people in the zones emails That's possible without payment. Otherwise, you can say that you you that they should be charged if they are not You know in a trusted zone Also the support of Of Yeah, of also support for hardware Token such that you can store your your private key on on hsm's Is the thing we are working on with with nitro key So we are applying for a new project here where we try to put all these pieces together here Such that Yeah, we have like bigger system where privacy is restored again If if you want to know details here, I think best person would be Christian But you can also ask me then we can make up a contact Just to show what we are doing here And then we are also an increasing number of interesting corporations now One thing is that we have a shared ownership agreement with the GNU net project. Why do we do that? I mean We have a multi licensing strategy towards the The companies so they are allowed to Also provide closed source software if they want or if it's necessary for a certain customer As long as they don't change the engine and that as long as they don't put back doors and so we will enforce them to have audits there and This Disagreement is very important for the iOS area because in the app store You are not allowed to have GPL GPL software So you need an exception there and we got this exception already now from for GNU net for the PEP code base we don't need that because It's our own code, of course But there's also another issue with GNU PG there. Can we please GPL? GPL licensed and Yeah, there The decision until now was that it stays like this So we are not not able to use new PG for iOS So we are we are using net PGP there that is what is an open PGP implementation once started by the net BSD project and Yeah, I think we have we have we did a rewrite of most of the parts I think already and are just doing that to have a solution for I But of course, it's not so good as PG GNU PG is better has more mitigations against different kinds of attacks But it's just what we we have now so Then we also have a cooperation with ISOC Switzerland Where we apply together to ISOC beyond the net program to get funding to make these internet drafts so to have PEP standardized and We already were in Prague some weeks ago discussing also showing a little bit what we are trying to do and As far as I can say directions were like, yeah, it's needed Just let's just look at it and we need to split up all the things we are doing because it's a real big thing So there will be a bunch of internet drafts here Any any mail was already said Then you may know the the Reva and David Logan Foundation They are known for for running Investigative journalism events in Berlin and London They were already some and they also gave us money to make tools in that in that sense PEP So that investigative journalists can engage more easily in secure communications and with the Val Holland Foundation Which is I think best known to support WikiLeaks, they will also help us in Fire in in donations from the EU because we are in Switzerland So if people want to donate to the PEP project to the foundation Part then this possible soon via the Val Holland Stiftung and For the GNU net thing because as said we want to route email traffic and author messaging through GNU net we Will be doing I think as of October a GNU net simulation For ten thousand one hundred thousand and one million peers first assuming Some I mean user behavior. We need to find out how how people how people communicate How many emails they send how many chat messages more or less like this? I mean there there there will be some sociological studies. I think about that and Then we will run a create a model and and and create GNU net Peers doing that kind of stuff and and then we can see if there are scalability problems to roll this out massively because that's the plan So I want to see if it works. So they the NL net foundation, which is based here in in the Netherlands Gave us thirty thousand euros for that. We still need some more funding For because the project is my one hundred thousand euro project. We estimate Yeah, and that's it. So it's more like Roth overview a little bit, but I'm quite sure there might be some questions So first, thank you for the talk, please give some applause We have questions, please come to the microphone. We don't have too much time for questions, but Might be something Nothing really Do you really believe all of this? Anyone yes someone Hi, thanks for the talk. So you mentioned web mails, right? What you mentioned web mails that you yes, yeah, but I think that there It's very difficult. Yeah, I mean everything is below the address bar can be faked and so the The web mail provider can always if there is clear text below it the let's say the address bar The the one sending you the web page will always be able to read the content of your email So you still have to trust him, right? You know, I mean we do the work before that. I mean There is already a project called mail develop doing that to some extent But it's not that easy to use and it doesn't have this trust rating system and stuff But you can just put cipher text into Google mail or or GMX and get I mean There's even an API for that and when you get cipher text back you can get it out Then you are the browser add-on level and from there you go on to the engine. So there's no way The the the mail provider can do anything there They can of course just make the work more difficult incompatible whatever stuff like this can be can be done, of course but It should it should still work It's it's just lots of work because you have different browsers and you have lots of mail providers But in fact, you don't have that many which are dominant. So there are lots of small ones, but Yeah, you know which which ones are the bigger ones, so okay So you don't type the email directly in the web browser, but you know, we do it before. Yeah. Yeah, yeah If it's about encrypting at one, yeah The web fog of trust thing. Yeah, so because let's say you are using some social network stuff like I Don't know indeed sing or something like that. Yeah says You know this person maybe you know this and this and this persons and then you can also find by this function That you can do some intelligence of the pair of other persons because so let's say you add somebody then you see Ah, there's a person and this is a company and so you get some information about the other person because he gets Suggested to you and so if you have this fog of trust thing you could maybe have let's say 20 sock puppets Yeah That's that no that that no people for some extent Yeah, yeah because they get a little bit known to the people and then you can get Get the intelligence on this thing like you have a lot of stock puppets. How are you yeah against it? You know that that's clear. I mean that's first of all, it's a three-should question I mean how many people must that be and then and then they they can of course send people out and create lots of Yeah Puppets as you as you call them to to just achieve This this green mode and of course it's difficult because this is Automatizing trust which is not possible usually it would just be an idea to Probably we need to signal some trust level, but not showing it directly green. That's that's usability Question so it's just it's not that we will put it in by for sure It's just that we will implement it together with Christian and then try it out. I would So that's projects like see a third where you have to bring your your passport and then somebody Gives you trust because these we saw the passport but the trust the trust you give directly with with with trust words Okay So people are just trusting There are just putting their direct trust on each other I mean if you now know know this these people here and I also know these people here and we all Trusted them individually, but we are we never trusted us then the idea would be okay. There are enough people here which we both trust Show it somehow if it's now green or not. It's another question But let's assume I'm an employee of maybe five secret agencies. Yeah, no, of course And I say I'm first and so I'm person so I know so of course But this this costs something if you want to do that on a really big scale still I mean that's absolutely clear that if you require two less people you can do that But that's that's that's there you have costs involved because you need to create these puppets Yeah, and I mean this is a cost optimization project anyhow because if you really manage to have more encryption Then in the for X key score some lights will get darker and that's right ahead idea we have here. Yeah, that's cool We have like one minute left if it's a really quick question we can start What about the encryption of group messages? Yeah, well, I mean for email if you if you just have different contacts I Mean what do you mean something specific or let's say the email case now or what? Yeah, I mean talk talk into the microphone. Okay. Oh, yeah Is that an implementation for the mailman or something not yet about that? That's envisioned that you can create a private key which you then can share Between the people who should be able to enter the list and if the key changes you can signal that and then a new key Can be defined so that's that's envisioned. Yes. Oh Now we really have to end but thank you very much for this talk and also you and your team for putting all this Energy and this really hard field. So give him a big round of applause, please