Calls: Send in your ideas. Deadline October 1st, 2022.
Resources
Source code :
https://github.com/canarytail
Website
More info available :
https://canarytail.org

Canarytail

Warrant canary standardization and automation

As decentralised internet access provisioning and cloud services become more widely available and user-operated, more and more people will be forced to compromise the security of their users through various forms of legal coercion. A common form of such coercion across the world is a so called 'gag order' : an operator of an infrastructure of interest (for instance a community network or small ISP) is secretly forced into give wiretap access, and their lips are sealed because of the risk of a severe penalty of sometimes years of imprisonment. In other cases, raids may have been conducted on hardware and operating premises, meaning a service is no longer trustworthy at all. Obviously, depending on where you live or what you do, such a compromise can endanger the lives and safety of many.

In most countries it may be the case that one can be legally forced not to speak or write about such a violation of the integrity of a service or network, but one cannot be forced to actively lie either ("you have the right to remain silent"). One proven effective means of countering this kind of attack on services is therefore to continually publish "all is well" statements, until something happens - at which point the reassuring statements dry up, and users are warned. Canarytail tracks, documents and automates these statements, and is an attempt to standardise this important safety net for users of any service - decentralised or not.

Logo NLnet: abstract logo of four people seen from above Logo Technology Commons Trust: letterlogo

This project was funded through the User-Operated Internet fund, a fund established by NLnet made possible by financial support from the PKT Community/The Network Steward and stichting Technology Commons Trust. Your donation is welcome too. Applications are still open, you can apply today.

Navigate projects

Please check out NLnet's theme funds, such as NGI Assure and NGI Zero Entrust.

Want to help but no money to spend? Help us by protecting open source and its users.

.