Interviews with people building the Next Generation Internet
There are many issues with today's internet. In this interview series we asked free and open source developers about the issue that particularly bothers them and how their project addresses it. Each interview provides insight in a particular project and the people behind them. Taken together the interviews present an overview of issues with today's internet, and concrete answers to address them.
Ten technology layers of NGI
As a sorting mechanism, the interviews are mapped on the ten technology layers of NGI.
L1: Trustworthy hardware and manufacturing
Pedro Miranda, Artur Nóbrega, & José T. de Sousa - OpenCryptoTester
System-on-Chip for hardware/software testing
Issue
In order of importance, the three fundamental issues are Privacy, Data Security, and Environmental Impact.
In order of importance, the three fundamental issues are Privacy, Data Security, and Environmental Impact.
Project's answer
By using reconfigurable hardware accelerators, we enable higher security algorithms with longer keys to be executed in a reasonable time and energy budget.
By using reconfigurable hardware accelerators, we enable higher security algorithms with longer keys to be executed in a reasonable time and energy budget.
Carlos A. Ruiz Naranjo - TerosHDL
Assisting hardware developers to deliver safer designs
Issue
The chip design industry is dominated by proprietary tools with costly licenses, making access difficult for small companies or students.
The chip design industry is dominated by proprietary tools with costly licenses, making access difficult for small companies or students.
Project's answer
The open hardware movement is trying to design a fully open workflow for creating low-level hardware. TerosHDL offers a unified interface for over 25 open source tools.
The open hardware movement is trying to design a fully open workflow for creating low-level hardware. TerosHDL offers a unified interface for over 25 open source tools.
Jean-Paul Chaput - Coriolis Open EDA
Logical validation of ASIC layouts
Issue
The whole of the internet, whether the infrastructure or the algorithms, critically depends on the trustworthiness of the chips we use. But most of them are black boxes.
The whole of the internet, whether the infrastructure or the algorithms, critically depends on the trustworthiness of the chips we use. But most of them are black boxes.
Project's answer
The open hardware movement addresses the issue of closed source chips. Still, they need an Open EDA (Electronics Design Automation) to guarantee that what you get on silicon is what you specified.
The open hardware movement addresses the issue of closed source chips. Still, they need an Open EDA (Electronics Design Automation) to guarantee that what you get on silicon is what you specified.
L2: Network infrastructure, P2P and VPN
pi-lar - Neuropil-DHT
DHT based overlay network
Issue
Data protection is in our opinion the world's current concern. Without protecting privacy of everybody, there is no information security.
Data protection is in our opinion the world's current concern. Without protecting privacy of everybody, there is no information security.
Project's answer
Neuropil-DHT is an opinionated solution how security and privacy by design networks should be build.
Neuropil-DHT is an opinionated solution how security and privacy by design networks should be build.
robur collective - MirageVPN
Robust OpenVPN client and server, and QubesOS client
Issue
The locked-in apps and multinational corporations that have access to your data. We strive for a more decentralised internet.
The locked-in apps and multinational corporations that have access to your data. We strive for a more decentralised internet.
Project's answer
By developing a VPN service, we have, apart from already established web services and DNS servers, another leg of what you can run as a MirageOS unikernel :).
By developing a VPN service, we have, apart from already established web services and DNS servers, another leg of what you can run as a MirageOS unikernel :).
Morgan - Blueprint for FreeSpeech
Generic Onions Services Library Project
Issue
One of the internet's issues is the trend of treating users and their data as raw material to be exploited rather than as people with sensitive information to be served and protected.
One of the internet's issues is the trend of treating users and their data as raw material to be exploited rather than as people with sensitive information to be served and protected.
Project's answer
Ricochet-Refresh is an anonymous, end-to-end encrypted, peer-to-peer, and metadata-resistant instant messaging client. There are no servers to seize and no organisations to subpoena. Users control their data entirely.
Ricochet-Refresh is an anonymous, end-to-end encrypted, peer-to-peer, and metadata-resistant instant messaging client. There are no servers to seize and no organisations to subpoena. Users control their data entirely.
L3: Software engineering, protocols, cryptography
Szilárd Pfeiffer - CryptoLyzer
Cryptographic settings analyzer library
Issue
Internet protocols designed to be secure - such as TLS and SSH - suffer from implementation and configuration issues.
Internet protocols designed to be secure - such as TLS and SSH - suffer from implementation and configuration issues.
Project's answer
Cryptolyzer is a tool designed to support end users in choosing the right cryptographic settings in order to make communication on private and public networks more secure.
Cryptolyzer is a tool designed to support end users in choosing the right cryptographic settings in order to make communication on private and public networks more secure.
Michael Baentsch - oqsprovider
Post-quantum/quantum-safe cryptographic algorithms for OpenSS
Issue
The gulf between users of cryptography and "hard-core cryptographers", resulting in complicated-to-use crypto applications or even insecure ones.
The gulf between users of cryptography and "hard-core cryptographers", resulting in complicated-to-use crypto applications or even insecure ones.
Project's answer
oqsprovider aims to be a technological bridge for one particular problem area in this space, namely the integration of post-quantum cryptography into the TLS and X.509 internet standard protocols with minimum change/introduction of new risks at maximum ease of use.
oqsprovider aims to be a technological bridge for one particular problem area in this space, namely the integration of post-quantum cryptography into the TLS and X.509 internet standard protocols with minimum change/introduction of new risks at maximum ease of use.
Philippe Ombredanne - FOSS Code Supply Chain Assurance
Mitigate attacks through software dependencies
Issue
Security: a sophisticated malware attack on FOSS can be disastrous for developers and users, companies and countries, industries and sectors.
Security: a sophisticated malware attack on FOSS can be disastrous for developers and users, companies and countries, industries and sectors.
Project's answer
Our project improves the security of FOSS packages by ensuring that the different FOSS components used in various software are genuine.
Our project improves the security of FOSS packages by ensuring that the different FOSS components used in various software are genuine.
Kristina Sojakova & Mihai Codescu - IPDL
Equational Proofs for Distributed Cryptographic Protocols
Issue
Most cryptographic algorithms we use nowadays to secure sensitive data are too complex for humans to verify.
Most cryptographic algorithms we use nowadays to secure sensitive data are too complex for humans to verify.
Project's answer
We aim to give cryptographic researchers the tools for constructing formal security proofs for large message-passing cryptographic protocols.
We aim to give cryptographic researchers the tools for constructing formal security proofs for large message-passing cryptographic protocols.
Karolin Varner - Rosenpass
Post Quantum Security Add-On for WireGuard
Issue
Movements to ban cryptography are a huge threat to safety online, as are more visible issues like censorship, misinformation, and surveillance capitalism through online tracking.
Movements to ban cryptography are a huge threat to safety online, as are more visible issues like censorship, misinformation, and surveillance capitalism through online tracking.
Project's answer
Rosenpass, at its heart, is a future-proofing infrastructure project. We are working to ensure that existing security technology will keep working as computers get faster.
Rosenpass, at its heart, is a future-proofing infrastructure project. We are working to ensure that existing security technology will keep working as computers get faster.
L4: Operating Systems, firmware and virtualisation
Merlijn Wajer - Maemo Leste
Modernise open source real-time communications stack
Issue
The majority of mobile devices are controlled by a duopoly of Google and Apple, who by the nature of a duopoly mostly control how users access the Internet on their mobile devices.
The majority of mobile devices are controlled by a duopoly of Google and Apple, who by the nature of a duopoly mostly control how users access the Internet on their mobile devices.
Project's answer
Maemo Leste, an independent mobile operating system, aims to provide an alternative to users who do not want to be at the mercy of either Google or Apple.
Maemo Leste, an independent mobile operating system, aims to provide an alternative to users who do not want to be at the mercy of either Google or Apple.
Ekaitz Zarraga - RISC-V bootstrapping effort via GNU Mes
Allow bootstrapping Guix on RISC-V via GNU Mes
Issue
Trust is one of the biggest problems on the internet. In our case, we focus on trust in the software supply chain, a very overlooked issue.
Trust is one of the biggest problems on the internet. In our case, we focus on trust in the software supply chain, a very overlooked issue.
Project's answer
Provide a system that ensures artifacts (pre-built programs or even pre-processed sources) are what they are supposed to be. Meaning the source code matches the artifact.
Provide a system that ensures artifacts (pre-built programs or even pre-processed sources) are what they are supposed to be. Meaning the source code matches the artifact.
L5: Measurement, monitoring, analysis and abuse handling
L6: Middleware and identity
Mark Burgess - Promise Theory
Measure on-going trust between interacting agents
Issue
We tend to focus just on building whatever we feel like but don't think enough about the impact of these technologies on human society.
We tend to focus just on building whatever we feel like but don't think enough about the impact of these technologies on human society.
Project's answer
The project is part of a wide ranging effort to understand trust in network socio-technical systems.
The project is part of a wide ranging effort to understand trust in network socio-technical systems.
Andrea D'Intino - Signroom
Zenroom based signature and credential platform
Issue
Privacy and security, more than ever! Document signatures work with 30-year-old standards (X.509) and most of the software available is closed source.
Privacy and security, more than ever! Document signatures work with 30-year-old standards (X.509) and most of the software available is closed source.
Project's answer
A web-based, mobile-friendly solution to offer signatures and verification of documents.
A web-based, mobile-friendly solution to offer signatures and verification of documents.
Jens Finkhäuser - Interpeer
Secure and efficient peer-to-peer networking stack
Issue
One of the critical issues is that the web is fundamentally centralised in some sense and grants too much power to its centralised components.
One of the critical issues is that the web is fundamentally centralised in some sense and grants too much power to its centralised components.
Project's answer
Based on an analyses of the web technology stack and alternatives, we’ve derived an alternative, human-centric architecture. Our work now is to implement this.
Based on an analyses of the web technology stack and alternatives, we’ve derived an alternative, human-centric architecture. Our work now is to implement this.
Wiktor Kwapisiewicz - OpenPGP-OpenSSH
Improving SSH Authentication with OpenPGP transitive trust
Issue
The project addresses the issue of initial trust in SSH. Most SSH users default to the “Trust On First Use” model, which leaves the first, initial connection vulnerable to Man in the Middle attacks.
The project addresses the issue of initial trust in SSH. Most SSH users default to the “Trust On First Use” model, which leaves the first, initial connection vulnerable to Man in the Middle attacks.
Project's answer
Solving this problem securely but frictionlessly requires some kind of Public Key Infrastructure. Our project uses the OpenPGP PKI to authenticate the remote host.
Solving this problem securely but frictionlessly requires some kind of Public Key Infrastructure. Our project uses the OpenPGP PKI to authenticate the remote host.
L7: Decentralised solutions
Esther Payne & Brett Sheffield - Librecast
End-to-end encrypted multicast
Issue
The increasingly centralized nature of our unicast internet makes us more vulnerable to surveillance and censorship and risks our privacy.
The increasingly centralized nature of our unicast internet makes us more vulnerable to surveillance and censorship and risks our privacy.
Project's answer
The Librecast Project is building the software required to rebuild our internet using multicast, with privacy, accessibility, and efficiency as design goals from the outset.
The Librecast Project is building the software required to rebuild our internet using multicast, with privacy, accessibility, and efficiency as design goals from the outset.
Aljoscha Meyer & Sam Gwilym - Earthstar + Willow
P2P protocol and APIs for collaborative and social applications
Issue
The key issue we see is fragility. Most networked services are built in a tightly coupled way where a single component failure can bring the whole service down, and users regularly lose access to their data.
The key issue we see is fragility. Most networked services are built in a tightly coupled way where a single component failure can bring the whole service down, and users regularly lose access to their data.
Project's answer
Devices using Willow can connect to each other directly, with no privileged intermediary infrastructure like a data centre; and that they can disconnect from the network, yet still be able to read and write data.
Devices using Willow can connect to each other directly, with no privileged intermediary infrastructure like a data centre; and that they can disconnect from the network, yet still be able to read and write data.
Niko Bonnieure - NextGraph
Local-first collaboration, with privacy, security, data locality, and interoperability in mind
Issue
Big Tech is maintaining a Giant Global Graph of data inside their proprietary silo's/data centres, where all our personal and sensitive information is stored. But we have no access to this graph.
Big Tech is maintaining a Giant Global Graph of data inside their proprietary silo's/data centres, where all our personal and sensitive information is stored. But we have no access to this graph.
Project's answer
NextGraph addresses both issues of privacy and availability: its graph is open and can be queried by anyone, if the permission to do so has been granted by the owners of the data.
NextGraph addresses both issues of privacy and availability: its graph is open and can be queried by anyone, if the permission to do so has been granted by the owners of the data.
Santiago Bazerque - Hyper Hyper Space
Cryptographically secure append-only distributed data layer
Issue
The trust/control barriers are off. We often use platforms over which we need more control.
The trust/control barriers are off. We often use platforms over which we need more control.
Project's answer
When we use cloud-based apps, they’re not running on our computer or phone. In the model Hyper Hyper Space is working on, everybody has a copy of the app's workspace on their device.
When we use cloud-based apps, they’re not running on our computer or phone. In the model Hyper Hyper Space is working on, everybody has a copy of the app's workspace on their device.
Michał “rysiek” Woźniak - LibResilient
Create robust web presence with service workers and DHT
Issue
Centralization of infrastructure, control, and power makes it difficult to run a website independent of a few gigantic internet companies.
Centralization of infrastructure, control, and power makes it difficult to run a website independent of a few gigantic internet companies.
Project's answer
LibResilient allows a website to stay up to returning visitors even if the original site is down, without relying on centralized internet gatekeepers.
LibResilient allows a website to stay up to returning visitors even if the original site is down, without relying on centralized internet gatekeepers.
L8: Data and AI
Sepand Haghighi, Arash Zolanvari & Sadra Sabouri - PyCM
Evaluate the performance of ML algorithms
Issue
Evaluating LLMs is difficult due to the complexity of evaluating models on different tasks and aggregation.
Evaluating LLMs is difficult due to the complexity of evaluating models on different tasks and aggregation.
Project's answer
PyCM emerged as the first and most complete tool for evaluating AI classification tools.
PyCM emerged as the first and most complete tool for evaluating AI classification tools.
L9: Services + Applications
Michiel de Jong - Federated Bookkeeping
Hybrid self-hosted e-invoicing with decentralized identities
Issue
Due to the power of capital investment, there is too much focus on building momentum around specific proprietary platforms and not enough on making these platforms interoperable.
Due to the power of capital investment, there is too much focus on building momentum around specific proprietary platforms and not enough on making these platforms interoperable.
Project's answer
My projects mostly try to build open source prototypes of a more connected and distributed vision for internet applications, accompanied by protocol specifications and test suites.
My projects mostly try to build open source prototypes of a more connected and distributed vision for internet applications, accompanied by protocol specifications and test suites.
L10: Vertical use cases, Search, Community
