Quick set up guide for Encrypted Client Hello (ECH)

 Posted on November 10, 2023  |  jochensp

The Encrypted Client Hello (ECH) mechanism draft-spec is a way to plug a few privacy-holes that remain in the Transport Layer Security (TLS) protocol that’s used as the security layer for the web. OpenSSL is a widely used library that provides an implementation of the TLS protocol. The DEfO project has developed an implementation of ECH for OpenSSL, and proof-of-concept implementations of various clients and servers that use OpenSSL, and other TLS libraries, as a demonstration and for interoperability testing. [Read More]
curl  DEfO  ECH  free software  nginx  open-source  OpenSSL  privacy  resilience  TLS 

DEfO - Developing ECH for OpenSSL (round two)

 Posted on November 9, 2023  |  Stephen Farrell

Encrypted ClientHello (ECH) plugs a privacy-hole in TLS, hiding previously visible details from network observers. The most important being the name of the web-site the client wishes to visit (the Server Name Indication or SNI). This can be a major privacy leak, like when accessing a dissident news source hosted on a Content Delivery Network (CDN). A visible domain name also provides a straightforward method for censors to block websites and internet services. [Read More]
Apache  Conscrypt  curl  DEfO  ECH  F-Droid  free software  HAProxy  IETF  metadata  nginx  open-source  OpenSSL  privacy  resilience  TLS 

Improving website resilience with LibResilient and IPFS

 Posted on June 15, 2023  |  uniq

We’re always looking for techniques to make services more resilient to all sorts of issues. That’s why we took special interest in LibResilient and mapped out it’s capabilities. It’s a JavaScript library for decentralized content delivery in web-browsers and markets itself as easy to deploy to any website. We’ve looked at LibResilient primarily in the context of static websites. While it should work with dynamic websites too, that was out of focus for us. [Read More]
censorship  censorship circumvention  circumvention  filecoin  free software  IPFS  open-source  resilience 

Steps towards trusted VPNs

 Posted on February 28, 2023  |  Hans-Christoph Steiner

VPNs have become quite popular in recent years for a number of reasons, and more and more they are being touted as a privacy tool. The question is whether using a VPN does improve privacy. It is clear that VPNs are quite useful for getting access to things on the internet when direct connections are blocked. VPN providers include a number of tactics in both their client apps and server infrastructure to ensure that their users are able to make a connection. [Read More]
Android  circumvention  F-Droid  free software  MASQUE  open source  OpenVPN  privacy  security  Tor  VPN  WireGuard 

Free Software Tooling for Android Feature Extraction

 Posted on May 6, 2020  |  Hans-Christoph Steiner

As part of the Tracking the Trackers project, we are inspecting thousands of Android apps to see what kinds of tracking we can find. We are looking at both the binary APK files as well as the source code. Source code is of course easy to inspect, since it is already a form that is meant to be read and reviewed by people. Android APK binaries are a very different story. [Read More]
android  debian  Exodus Privacy  feature extraction  free software  machine learning  NGI0 PET  NLnet  open source  Tracking the Trackers 

The Promise and Hazards of COVID Contact Tracing Apps

 Posted on April 9, 2020  |  Hans-Christoph Steiner

There has been increasing interest in the possibilities of tracking people who are infected with Coronavirus using all of the various methods that smart phones provide. There is good reason: “contact tracing” has been a pillar of public health efforts for decades. It is an effective means to curtail the spread of infectious disease. At the same time, governments, companies, and organizations are acting fast to offer services to help end this current pandemic. [Read More]
covid  free software  open source  privacy  tracking  Tracking the Trackers  trust  usability 

Improving Crowdsourced Translation of Long Form Text

 Posted on March 5, 2020  |  Hans-Christoph Steiner

We are happy to announce the start of work on another step in improving crowdsourced localization, funded by the ISC Project. This is the second part of our ongoing “Linguine” collaboration to move crowdsourced translation to privacy-respecting free software. Crowdsourced translation has proven enormously successful getting apps and website software translated into many languages. Using tools like Weblate or Transifex, developers can quite easily incorporate translated app strings into their mobile apps and websites. [Read More]
free software  hugo  i18n  jekyll  Linguine  localization  localization lab  markdown  translation  weblate 

Setting up your own app store with F-Droid

 Posted on November 5, 2013  |  Hans-Christoph Steiner

(_This blog post as now been cooked into an updated HOWTO_) The Google Play Store for Android is not available in all parts of the world, US law restricts its use in certain countries like Iran, and many countries block access to the Play Store, like China. Also, the Google Play Store tracks all user actions, reporting back to Google what apps have been installed and also run on the phone. [Read More]
android  bazaar  debian  distribution  F-Droid  fdroid  free software  howto  mobile  open-source  privacy  ubuntu