Cult of Dead Cow hacktivists design distributed encryption system for mobile apps

Once known for distributing hacking tools and shaming software companies into improving their security, a famed group of technology activists is now working to develop a system that will allow the creation of messaging and social networking apps that won’t keep hold of users’ personal data.

The group, Cult of the Dead Cow, has developed a coding framework that can be used by app developers who are willing to embrace strong encryption and forsake revenue from advertising that is targeted to individuals based on detailed profiles gleaned from the data most apps now routinely collect.

The team is building on the work of such free products as Signal, which offers strong encryption for text messages and voice calls, and Tor, which offers anonymous web surfing by routing traffic through a series of servers to disguise the location of the person conducting the search.

The latest effort, to be detailed at the massive annual Def Con hacking conference in Las Vegas next week, seeks to provide a foundation for messaging, file sharing and even social networking apps without harvesting any data, all secured by the kind of end-to-end encryption that makes interception hard even for governments.

Called Veilid, and pronounced vay-lid, the code can be used by developers to build applications for mobile devices or the web. Those apps will pass fully encrypted content to one another using the Veilid protocol, its developers say. As with the file-sharing software BitTorrent, which distributes different pieces of the same content simultaneously, the network will get faster as more devices join and share the load, the developers say. In such decentralized “peer-to-peer” networks, users download data from each other instead of from a central machine.

As with some other open-source endeavors, the challenge will come in persuading programmers and engineers to devote time to designing apps that are compatible with Veilid. Though developers could charge money for those apps or sell ads, the potential revenue streams are limited by the inability to collect detailed information that has become a primary method for distributing targeted ads or pitching a product to a specific set of users.

The team behind Veilid has not yet released documentation explaining its design choices, and collaborative work on an initial messaging app, intended to function without requiring a phone number, has yet to produce a test version.

But the nascent project has other things going for it.

It arrives amid disarray, competition and a willingness to experiment among social network and chat users resentful of Twitter and Facebook. And it buttresses opposition to increasing moves by governments, lately including the United Kingdom, to undercut strong encryption with laws requiring disclosure on demand of content or user identities. Apple, Facebook parent Meta and Signal recently threatened to pull some UK services if that country’s Online Safety Bill is adopted unchanged.

Civil rights activists and abortion rights supporters have also been alarmed by police use of messages sent by text and Facebook Messenger to investigate abortions in states that have banned the procedure after the first six weeks of pregnancy.

“It’s great that people are developing an end-to-end encryption framework for everything,” said Cindy Cohn, executive director of the nonprofit Electronic Frontier Foundation. “We can move past the surveillance business model.”

Source: Cult of Dead Cow hacktivists design encryption system for mobile apps – The Washington Post

Robin Edgar

Organisational Structures | Technology and Science | Military, IT and Lifestyle consultancy | Social, Broadcast & Cross Media | Flying aircraft