Is it possible to imagine a Trustless Computing Group that deploys the same kind hardware-level security standards deployed to-date by the (un)famous Trusted Computing Group – but (a) intrinsically user-accountable (b) severely hardened and (c) extended to manufacturing process oversight – to guarantee concurrently users privacy AND content rights owners copyrights via user-verifiable security assurance processes?

The term “trustless computing” is chosen because it concurrently mean (a) the opposite of Trusted Computing ™ – which the user can’t trust as they could not verify or analyse it, and content providers couldn’t trust as it go broken all the time – and (b) a “computing that does not require trust in any person, entity or technology”, that carries to the ultimate the proposed Trust No One model by US security expert Gibson.

The Trust Computing Group has over the last decade has deployed 2,121,475,818 devices (today’s count on their website) which contain hardware, firmware and software technologies that cannot, in their entirety, be legally (in US) and/or practically verified openly by third parties, and therefore most surely full of vulnerabilities resulting from malicious actions – by NSA and many other parties – from incompetence and/or from luck of open public oversight and testing. As history has shown.

In addition to its not sufficient trustworthiness, 2 main contradictions of Trusted Computing are still completely there and unsolved, since its inception over a decade ago:

1. DRM (and other trusted computing) keep on getting broken. Nonetheless, content owners are fine since its technical weakness was solved by Apple and similar strategies that made their entire platforms a DRM systems (what Schneier calls feudal security model) and/or by making it impractical enough for the average user to widely consume pirated content on commercial entertainment computing devices.
2. It’s negative impact on users privacy remains intact and unresolved. Nonetheless, it has become more and more evident to everyone over this decade – and even more since Snowden – that the hardware and software technologies we use are so vulnerable or broken – and the business model of most B2C cloud services so catastrophic for user – that DRM is rightfully perceived as just one more of so many many vulnerabilities that are there already, and therefore not worth fighting against.

This week, Trust Computing Group claimed that their model is the right model “to solve today’ most urgent cybersecurity problems” such as those that have emerged since Snowden revelations, as for example those caused by vulnerabilities in widely used critical free software like OpenSSL.

Of course, this must be a joke, since the most urgent cyber security needs actual security of end-to-end systems to protect against security and privacy breaches that can cause grave damage to citizens or state agencies, and not failed technologies standards that have been the prime movers of hardware-level security-through-obscurity paradigms, that has produced what we are know discovering as a completely broken computing industry where commercial computing is way more complex that it can ever be assured for security, and vulnerabilities abound in all devices hardware and software levels, with the high probability that a significant number of actors in any nation, and not just NSA, has access to many of them.

Now, what?

What if instead we flipped it over, and created a standard body named Trustless Computing Group based on free software and hardware-based security-through-transparency paradigm, that would use the same user-verifiable processes to guarantee (1) unprecedented privacy and freedom to user, and (2) unprecedented security to the content owner!? Why can’t the same assurance socio-technical processes guarantee both users data and content owners data?!

That’s what we are aiming at with the User Verified Social Telematics project and related draft campaign for international standard and campaign for governmental legislations promoting it.

Alternative names for it:

Trustless Computing?!

Trustless Telematics!?

Verified Telematics!?

User Verified Telematics?!

Transparent Telematics!?

Got any suggestions? …

Nov 24th UPDATE : (1) Some typos and non clear passages have been revised. We have started setting up such consortium, although it is temporarily called User Verified Social Telematics Consortium.

This latest 60 seconds video excerpt (32.40-34.00) by Bruce Schneier, and this oct 2013 MIT Review article, show how extremely complex, widespread and probable is the problem of firmware or physical backdoors inserted in extremely widely-used hw components, during device manufacturing process.

That is only expected to get worse as, post-Snowden, both illegal or unconstitutional spying by state and non-state entities will increasingly have to rely on expanding the capabilities of automated-targeted critical exploitation of millions of end-user device, as most internet traffic and data will be encrypted, and most widely used software for encryption and onion routing gets improved and hardened for security.

Schneier and the MIT article author implicitly or explicitly state there is nothing that can be done to assure users in regards to their safety against such huge current threat.

I believe Schneier is wrong by saying that there is nothing to do or, better, I think he really meant to say there is nothing to do if we want the type of feature and application richness we are used to with today’s mainstream commercial computing, as they are either in cahoots with one or more national governments and/or their complexity is way beyond the ability of anyone to verify them adequately.

The solution is simply to simplify!

The solution is hinted at in a statement by the DARPA representative in the mentioned MIT article, when he said:

“DoD relies on millions of devices to bring network access and functionality to its users. Rigorously vetting software and firmware in each and every one of them is beyond our present capabilities, and the perception that this problem is simply unapproachable is widespread.“

I’d argue that what he really means when he talks about the large number of DoD devices, is not really their number in units, but really the number of different DoD devices and the complexity of many or most of such DoD them of them.

That makes sense since, given very large but still limited budgets, to have complete verifiability and adequate verification of every hw component on a given device can be done for a few targeted, and extremely simple, hw platforms, albeit with huge upfront cost ( and relatively very low marginal costs).

The same process would instead be hugely costly, or effectively impossible, for more complex devices that rely on large number of complex components from many different third parties, where adequate access to manufacturing processes oversight may be hugely costly or impossible – even through enhanced versions of programs such as the DoD Trusted Foundries Program (TFP) – for obstacles due to matters of IP protection, corporate choices or national security agencies interests of the nation hosting the fab.

The solution is therefore to focus limited resources (high 1 or low 2 digit $ millions) of a an international joint venture of private, no-profit and ethical hacker communities (supported by private funds, partnering IT companies, state and foundation grants) on a single minimal hw platform (or SoC). Such platform: is suitable – albeit with very severe performance and functional limitations– for server, router and handheld end-user device for basic communications; has extreme simplicity of features, hardware and software; and has complete verifiability and enacts adequately-extreme and open verification.

The resulting levels of assurance and consequent value to ordinary users and to ultra-critical users would produce large revenues, to gradually expand capabilities and features, without reducing and possibly increasing the assurance level. User Verified Social Telematics.

In this Press Release on Open Media Cluster, the results of my work of 6 (!) years.

You must read it!!!! 🙂 just kidding … kind of …

CIS INdia, the leading IT rights think tank in India, is proposing that India bet on world class IT privacy as a key competitive advantage for it’s IT industry. They are seeing how, the fullest protection of digital human rights can, in a post-Snowden world, can become the primary competitive advantage of the IT industry of an entire nation.

We pointed that opportunity during our event in Rome with Richard Stallman, named “Full realisation of citizen digital rights as huge economic opportunity for the Lazio Region“.

Italy could do that as well – or even before India or Brazil, or Switzerland – as we are proposing with our Open Media District project, that includes a dedicated technology park, dedicated supporting legislations and large trail blazing R&D projects, such as User Verified Social Telematics.

Here’s what CIS envisions:

Post-Snowden, the so called swing states occupy the higher moral ground. It is time for these states to capitalize on this moment using strong political will. Instead of just being a friendly jurisdiction from the perspective of access to medicine, it is time for India to also be the enabling jurisdiction for access to knowledge more broadly. We could use patent pools and compulsory licensing to provide affordable and innovative digital hardware [especially mobile phones] to the developing world. This would ensure that rights-holders, innovators, manufactures, consumers and government would all benefit from India going beyond being the pharmacy of the world to becoming the electronics store of the world. We could explore flat-fee licensing models like a broadband copyright cess or levy to ensure that users get content [text, images, video, audio, games and software] at affordable rates and rights-holders get some royalty from all Internet users in India. This will go a long way in undermining the copyright enforcement based censorship regime that has been established by the US. When it comes to privacy – we could enact a world-class privacy law and establish an independent, autonomous and proactive privacy commissioner who will keep both private and state actors on a short lease. Then we need a scientific, targeted surveillance regime that is in compliance with human rights principles. This will make India simultaneously an IP and privacy haven and thereby attract huge investment from the private sector, and also earn the goodwill of global civil society and independent media. Given that privacy is a precondition for security, this will also make India very secure from a cyber security perspective. Of course this is a fanciful pipe dream given our current circumstances but is definitely a possible future for us as a nation to pursue.

Tails, the free software USB Gnu/Linux  OS, is reportedly used by Snowden and Schneier as their main secure desktop platform. 

It’s definitely a major step ahead respect to everything else. But, aside from its poor usability and availability only for PC, does it provide nearly enough privacy and security after the what has come out in the last year?!

I see major potential critical vulnerabilities (to scalable remote exploitation coming) from:
-way too large OS and apps, even if severely stripped down and hardened
-not nearly enough expert verification per quantity of code
-no public background checks on contributors and lead developers and architects (which are anonymous)
-users ‘firmware
-users’ hardware
-Tor network vulnerabilities due to: traffic analysis, bug in poorly verified floss code (such as OpenSSL), low number of expected non-malicious and competently-managed nodes.

I imagine Snowden and Schneier protect from these through setups and configurations, rules of behavior,  .. But such tricks require very high skills, shared by your communications interlocutor, and they drive usability even lower.

We at the Open Media Cluster believe to have identified a solution to such vulnerabilities and usability problems of Tails (and similar), that could cost under 8M€ of R&D to build and test, and be made affordable and usable by any Western citizen, as a parallel environment for secure computing.

It involves modifying Tails by:
-stripping it down to very basic features
-embedding it in a barebone 3mm touch screen device with hdmi out (to display on your desktop monitor) and bluetooth (to go on the Net via your phone), that can be attached to the back of any phone via a hard case.
-adding very very thorough (relative to quantity of code) and open verification to all software and firmware
-add manufacturing process oversight exceeding in user-verifiability the US DoD “Trusted Foundry Program”
-improve Tor security and performance through traffic spoofing techniques, direct incentives for non-malicious and properly configured nodes, and very extensive Tor code review
-a few more tricks

See more at the User Verified Social Telematics project.

http://gigaom.com/2014/04/16/netflix-reportedly-launching-in-germany-in-september/

Netflix first announced last year that it plans a major expansion into continental Europe in the second half of 2014, but the company hasn’t said yet which countries it is targeting for that expansion, or when exactly it wants to launch.

ciao test, ci vediamo.

Rufo

The decline of the mobile web

The likely end state is the web becomes a niche product used for things like 1) trying a service before you download the app, 2) consuming long tail content (e.g. link to a niche blog from Twitter or Facebook feed).

This will hurt long-term innovation for a number of reasons:

1) Apps have a rich-get-richer dynamic that favors the status quo over new innovations. Popular apps get home screen placement, get used more, get ranked higher in app stores, make more money, can pay more for distribution, etc. The end state will probably be like cable TV – a few dominant channels/apps that sit on users’ home screens and everything else relegated to lower tiers or irrelevance.

2) Apps are heavily controlled by the dominant app stores owners, Apple and Google. Google and Apple control what apps are allowed to exist, how apps are built, what apps get promoted, and charge a 30% tax on revenues.

Is this battle only global, or is possible to win or partially win this battle within a continent or a single nation where major public and private actors gather to defend the Web?

Here’s from the company developing the number 2 password manager in the world, about what you should do after the Open SSL Heartbleed vulnerability:

http://blog.agilebits.com/2014/04/12/1password-heartbleed-and-you/

The best advice I can give you is to change your most important website passwords immediately, including your email, bank accounts, and other high value targets. This will provide your best defense against previous attacks.

After a few weeks, websites will have been upgraded with new SSL certificates, and you will be able to trust SSL again. At this point you should change all of your passwords again.

The insecurity of our current IT infrastructure, devices and service is so ridiculously widespread that the only solution is to develop a parallel minimal but truly trustable, verifiable and extensively verified telematics infrastructure (devices, software, server-side equipment and process).

Here it is: User Verified Social Telematics.

And that should also become an international standard, and made a law for very sensitive e-government services, such as in the Lazio Region, to be extended to the Italian national level … here’s our campaign.

http://revolution-news.com/us-government-funds-favorite-nsa-proof-apps/

If the Open Technology Fund had never published the projects that they sponsor, their true funding sources may have never been known. The most commonly used open source license still does not require any financial disclosure at all. Which ultimately leads to a question: who else is the US government funding?

Total and user-verifiable financing transparency should be one of the necessary requirements of any future state-of-the-art digital privacy IT solution..

Venerdì 11 aprile sarò alla Camaera dei Deputati a presentare la nostra visione, iniziative e proposte per la creazione in Italia di un distretto per la privacy e il Web aperto. Segue sintesi della presentazione:

Yesterday, just before the Mobile World Congress 2014 in Barcelona, Google has announced with wide media coverage (Gigaom, ArsTechnica, VentureBeat), its latest mobile device innovation, Google Tango, a new smartphone with 3D sensors in the backface that provide kinect-like functionalities on the move and in the living room, for fun, games and beyond.

All of Tango’s capabilities, features and user experience have, for 3 years already, been fully part of the CivicPod, the core end-user device of our User Verified Social Telematics (UVST) R&D project, except the CivicPod provides substantial additional features and advantages, at a lower cost and while being to a wide extent Tango-compatible, albeit with lower performance. As UVST, Tango is also an open innovation project, developed with over 16 world private and public research centers.

In UVST, 3D sensors, such as those of Tango, are embedded in the CivicPod, a 3mm-thin Bluetooth-connected touch-screen device with 2 dual front-facing cameras with refractive lenses, that can be attached to the user’s smartphone through a custom rigid case, or to the TV frame though a dedicated docking station.

So therefore in addition to Tango capabilities, the CivicPod user can:

• Just buy a ultra-thin user-friendly multi-function peripheral embedding such Tango- compatible Kinect-like sensors, instead of buying a new dedicated smartphone, which brings to the user: huge cost savings, the ability to easily such port the sensors to its your next smartphone, the ability to use its smartphone while the sensors are active for on-TV living-room applications, and just 1.5mm of additional thickness.
• Access most of Tango applications, since for Tango SDK developers, wanting to port their apps to CivicPod, it is just a matter of adding Bluetooth APIs to the application, and account for very minimal delay added by Bluetooth connection.
• Access by default a Tango-compatible CivicPod application that enable its use as an highly-innovative, ergonomic and immersive «magic» touch-based control of on-TV content, available through a dedicated cheap CivicDongle, ChromeCast and other compatible TV-connected devices. – Through 2d front-facing cameras with refractive lenses, the position of the user’s finger tips above the CivicPod screen are tracked and relayed wirelessly to such TV-connected device and made visible on the TV screen as halos of varying size. Finger position information appears as a semi-transparent video-overlay stream on the TV screen that decrease in opacity and size as the fingers gets closer to the CivicPod screen. Touch events are also relayed to the CivicDongle to trigger touch events on the CivicDongle UI, and therefore on the TV screen. Therefore, overall the user gets the experience of «touch controlling» their TV from the comfort of his sofa (or bed), but while looking at all times to the TV screen instead of the CivicPod screen, including while typing on a virtual keyboard without having its finger hiding the key about to be pressed.
• Access to ultra-private mobile&desktop communications and social features, with other CivicPods, through UVST leading-edge end-to-end privacy-enhancing architecture, and unprecedented verification organizational processes, which even include “user-verifiable” hardware manufacturing oversight procedures that exceed those of US Dept.of Defense “Trusted Foundry Program”.

For more information see the UVST project web page.