(always with open standards, open source and open hardware).

(etcetera)

• First we performed a study together with Gartner that established the overall vision of NGI, which included a significant consultation.
• The three pillars for the vision (published last year) became Resilience, Trustworthiness and Sustainability

• Trustworthy hardware and manufacturing
• Network infrastructure incl. routing, P2P and VPN
• Software engineering, protocols, interoperability, cryptography, algorithms, proofs
• Operating Systems, firmware and virtualisation
• Measurement, monitoring, analysis and abuse handling
• Middleware & identity, including DNS, authorisation, authentication, distribution/deployment, operations, reputation systems
• Decentralised solutions
• Data and AI
• Services + Applications (e.g. email, instant messaging, video chat, collaboration)
• Vertical use cases, search, discovery & community

Oh, and I will skip extremely cool projects like WireGuard which I presume you already know.

ActivityPub is a decentralized social networking protocol based on the ActivityStreams 2.0 data format. ActivityPub is an official W3C recommended standard published by the W3C Social Web Working Group. It provides a client to server API for creating, updating and deleting content, as well as a federated server to server API for delivering notifications and subscribing to content.

#### ActivityPub in NGI Zero PixelFed is an open source ethical photosharing application. Funkwhale is a personal music server. Spritely is a distributed social network. XWiki will be the first ActivityPub-enabled federating wiki. openEngiadina is a platform for creating, publishing and using open local knowledge. Discourse is a modern open source discussion platform. Librecast wants to enable multicast livestreaming. Beeld en Geluid will contribute to PeerTube to support the availability of large-scale public media collections. Forgefed wants to design a protocol on top of ActivityPub to federate software repositories, issue trackers etc. Fediverse.space lets you know where in the Fediverse you want to be. ### Search Searx is a metasearch engine that will soon have the ability to integrate your own private search domains. Mailpile will integrate your private email search into that, and so will Nextcloud. WebXRay will tell you everything about the trackers you would meet, before you click on search results. The Green Web Foundation will make it possible to elevate search results from ecofriendly hosters.

Minedive

Sylkserver is an open source conferencing server that can unite different real-time communication protocols: SIP, XMPP and WebRTC. It has ZRTP encryption, in-session uploads, screen sharing and chat too.

Etesync is an end-to-end encrypted, and privacy respecting sync solution for contacts, calendars and tasks with more data types planned for the future.

CryptPad is a secure and encrypted open-source collaboration platform, that allows people to work together online on documents, spreadsheets and other types of documents. ### Cool fundamental stuff ##### Verifpal From the creator of Noise Explorer comes Verifpal, a new approach to making symbolic formal verification of cryptographic protocols something normal people can realistically undertake. Verifpal is intuitive enough to allow students, hackers and engineers to break and make better protocols .

// SPDX-FileCopyrightText: © 2019-2020 Nadim Kobeissi 
// SPDX-License-Identifier: GPL-3.0-only

attacker[active]                               principal Bob[                  
                                               	knows private psk
principal Alice[]                              	knows public c0
principal Protonmail[]                         	knows public null
principal Microsoft[]                          	generates m2
principal Bob[]                                	generates b
                                               	gb = G^b
principal Alice[                               	gab = ga^b
	knows private psk                          	m1b = AEAD_DEC(psk, em1, null)?
	knows public c0                            	em2 = AEAD_ENC(gab, m2, null)
	knows public null                          ]
	generates a
	generates m1                               Bob -> Protonmail: em2, gb
	ga = G^a                                   Protonmail -> Alice: em2, gb
	em1 = AEAD_ENC(psk, m1, null)
]                                              principal Alice[
                                               	gba = gb^a
Alice -> Protonmail: ga, em1                   	m2a = AEAD_DEC(gba, em2, null)?
                                               ]
principal Protonmail[
	knows private j                            queries[
]                                              	confidentiality? m1
                                               	confidentiality? m2
Protonmail -> Microsoft: j, ga, em1            ]

Microsoft -> Bob: j, ga, em1

## ARPA2 Middleware may not exite everyone, but the ARPA2 project is trying to tackle some key problems that need an internet-wide solution. Tools include: TLS-KDH meaning TLS enhanced with Kerberos and Diffie-Hellmann. Specifications for HTTP SASL, SXOVER and its Diameter relay. Privacy enhancing middleware for LDAP (LEAF), which allows to do attribute filtering and selectively transforming of LDAP. SteamWorks, which allows for responsive large scale configuration and trust delegation. Lillydap, a library that can be used to easily add LDAP to any application.Advanced Access Control mechanisms that are pseudonym-friendly. And more... ## Autocrypt Autocrypt is a new specification that significantly simplifies key management for end-to-end-encryption of e-mails. In various projects we support new e-mail applications to take onboard this non-obtrusive automatic negotiation of encryption capabilities.

##### Identity Based Encryption + IRMA I Reveal My Attributes make attribute-based credential schemes usable in the real world, allowing users to only disclose a minimum of information you want to share. With Identity Based Encryption you can reliably encrypt a message to someone that does not even know she or he needs a cryptographic key. The combination is of course very interesting. #### Mobile operating systems Replicant is a fully free Android distribution running on several devices, a free software mobile operating system putting the emphasis on freedom and privacy/security.

#### Maemo Leste Maemo Leste is a free Debian/Devuan based GNU/Linux hacker distribution for smartphones and tablets. MEGAphone wants to create a mobile phone simple enough to understand, in order to be rationally **trustworthy**. And fun.

Mobile NixOS aims to get a NixOS system running on mobile devices, e.g. commodity phones. We are also support some GUIX development, but not yet mobile ### Open Hardware Nitrokey is an open source hardware USB key for data encryption and two-factor authentication with FIDO. # Balthazar

Open hardware laptop. RISC-V / OpenPower. Secure, fast, inexpensive, open, robust, upgradeable and sustainable. All of that.

A secure device for your day to day communications. A joint open hardware effort by Bunnie Huang, Sean "xobs" Cross, Tom Marble and others. Featuring a new lean Rust-based OS called Xous, internationalised input and a Matrix client for testing.

## Libre RISC-V System-on-Chip The Libre RISC-V aims to provide a fully libre and open design of mobile-class processor, where not only the source code of the BIOS, bootloader, kernel and Operating System are entirely available, the *hardware defintion* (HDL) source code will be entirely available as well. That includes the GPU (for 3D Graphics), and the VPU (for video decode), as well as full libre-licensed source code for the 3D and VPU drivers. And just for the record, it is also open to OpenPower and MIPS #### Add streaming to Wishbone Systems like the Libre RISC-V System-on-Chip need a ommercial grade System-on-Chip (SoC) bus infrastructure is needed. The main non-encumbered contender, Wishbone, does not currently have a "streaming" capability, which is typically needed for high-throughput data pathes and interfaces, e.g. for video applications and High-Performance Computing (HPC). ## Chips4Makers Chips4Makers aims to develop ASIC production flows compatible with strong libre/reciprocal licensed blocks and using a libre licensed software flow all accessible by consumers without the need of NDA (non-disclosure agreement) or other fine print. ## LibreSilicon

Make full custom ASIC design available to anyone, even private persons without corporate or academic access to IC foundries.

Create a **standard cell library** that can be used, instead of proprietary designs that are only available under NDA. **LibreSilicon Compiler** (LSC) is a place + route suite for silicon, that can produce efficient silicon layouts from digital netlists (e. g. BLIF, EDIF). **Coriolis2** (LSC) is another set of tools for vlsi backend, featuring an analytic placer, a router for digital designs. And fast prototyping capabilities and layout procedural description in Python. And to come back on the pillars of NGI: ### Langsec in Pectore Technology is embedded in concrete, circling in space and is increasingly entering the intimacy of our human bodies. Little did we know that people would be crazy and committed enough to want to design an open hardware **cardiac pacemaker circuit** with an analog/mixed-signal CMOS ASIC, based on a description of the device functionality as formal grammar/automaton based on language security (langsec) design principles. And if you attended Ross Anderson's talk, you know that there have already been recalls for hundreds of thousands of untrustworthy pacemakers ## And a lot more You can find all of the projects and more info at [/discovery](/discovery) and [/PET](/PET).

A big thank you to the European Commission/DG CNECT, who are fueling us for doing these projects. Without their support, we might very well not exist now. NGI Zero is funded through grant agreements No 825310 and 825322 ### And remember All of the projects can use your # HELP Fixing the internet is a huge collaborative effort with loads of interdependencies, and good brains are a critical resource. Quoting Dijkstra: The art of programming is the art of organizing complexity. And there is a lot of complexity to deal with, so come and help out Core work but also bug triaging, packaging, design, usability, advocacy, fundraising, build communities, documentation, translation, etc Most will have opportunities for internships as well as very senior tasks ... ... and lots of ideas for follow up projects ###### And who knows Maybe next year you are together here on stage? # So do you have a great idea or do you know someone who has? Have a look at our open call Go to [/propose](/propose) Let's re-invent Internet to reach the full human potential, for all generations. The tools we use have a profound and devious influence on our thinking habits, and therefore on our thinking abilities. - Edsger Dijkstra And also have a look at the rest of the Next Generation Internet initiative at NGI.eu (but keep uMatrix or similar on) And before Jan 4th, help NGI DAPSI to get on the right track by filling out the survey on https://www.surveymonkey.de/r/32B87HJ # Questions? Spend some money at /donate. Or maybe you want to help with just five minutes of your time? Go to: /help [Español] [English] [Nederlands]