Re: [GNU/consensus] [SocialSwarm-D] Map of Projects / Sessions at 30C3

[Guido Witmond]

On 11/15/13 19:28, hellekin wrote:
> On 11/15/2013 01:57 PM, Andreas Kuckartz wrote:
>>>
>>> That is outside the scope of this working group.
> 
>> Dissemination is mentioned as a topic for the 30C3 assembly. And
>> (at least) in that context it seems to be in scope.
> 
> *** We need to distinguish two vectors in our working group.
> 
> One is the hardcore P2P "next generation" that focuses on GNUnet and
> peer-to-peer solutions ; and the other is the "transitional" that
> focuses on how to go from here to there, including contemplating
> alternate paths, such as patching hopeless protocols, or seeking to
> reform the existing nightmarish hell of a reality.

I can't get my 80 year old father to install and use retroshare. He
needs something simpler.

He found out about Tor a few years ago but I had to get him off that, as
he wanted to do electronic banking over it. It would lead to greater
chance of MitM attacks than plain https over direct connections.

Recently he got an Android tablet. Although Google protects him a bit
against malware, the price for that is high (in lost privacy). We need
something to protect people that need it the most.

That second path is what I'm promoting with my eccentric-authentication
protocol. It's basically a way to use client certificates combined with
centralised (shared) methods of detection of some attacks. It might not
be perfect, but I believe it is way better than plaintext passwords over
http.

To get the benefits, all it takes is a browser plug in and a configured
server. Very backwards compatible. And without asking any security
questions to users. No more: "this site uses an invalid
certificate"-stuff. The encryption forms part of the normal work flow.

Check it out at http://eccentric-authentication.org/


Cheers, Guido.

signature.asc
Description: OpenPGP digital signature