Skip to main content

Show HN: PGPP (Pretty Good Phone Privacy) – a new type of mobile privacy service https://ift.tt/pn4XLW0

Show HN: PGPP (Pretty Good Phone Privacy) – a new type of mobile privacy service Hi, we're Barath and Paul. We co-founded INVISV to build Pretty Good Phone Privacy (PGPP) [ https://invisv.com/pgpp ], an app and service that provides mobile identifier privacy (IMSI) and Internet privacy (IP) so that neither we nor other providers learn your network identity. We've been thinking about how phones are tracking devices in disguise (at a few layers) and what we can do about it. But the problem is that mobile networks are hard to change, and existing companies are reluctant to change things. A couple years ago we had the idea that we could decouple your identity from your SIM (IMSI), so the mobile operator wouldn't know who you are but still provides you service. We did research, figured it out, and published it last year at Usenix Security. Then we took it to every mobile operator we could to see if they'd do it, but mostly got shrugs, confusion, or hostility. (We still hold out hope they'll change their minds.) So we decided we had to build and deploy it ourselves. And the mobile network is just the first part -- we also provide decoupled IP privacy (Relay) in PGPP via a partnership with Fastly, for when you're on WiFi or mobile data. The implementation is simple: for mobile privacy we decouple authentication from connectivity. Those are conflated today. We provide service using eSIMs (so you need an eSIM capable Android for this part). So we don't learn which eSIM your phone gets each time (your IMSI now changes periodically), we authenticate you with a cryptographic protocol (Chaum's blind signatures) that proves you should get a new eSIM but doesn't reveal your identity. Then you get mobile data service. This isn't something that exists today, despite the tracking/data collection that's happened both by third parties (SDRs / IMSI catchers) and operators themselves. It's like MAC randomization for mobile networks. We figured users would like better IP privacy too, so we used IETF MASQUE and collaborated with Fastly to provide relay service in PGPP as well. Relay service works on almost any Android device. This uses TLS to tunnel your traffic (which itself will usually be TLS encrypted, for almost all Web traffic today) through two hops and then to the rest of the Internet. The first hop is us -- we hide your IP but learn nothing of your traffic or where it's headed. The second hop is Fastly, who then connects you to the IP of the server you're trying to reach, but all they see is an INVISV IP trying to connect to some other IP. The site you're connecting to terminates your TLS stream but just sees it coming from Fastly. This is a beta and there are several things that aren't ideal. We don't have free plans because providing actual connectivity is pretty expensive. We know that data-only mobile service isn't for everyone (that's what our mobile plans provide -- no phone number). So we offer Relay service on its own for folks who want that. We also know eSIMs are not ideal either, so we'd like to generalize that down the road. We're focused on privacy, not just on mobile, and we'd love your feedback on the service and ideas about this and where to go next. Thanks! Barath and Paul https://ift.tt/lizANxy August 9, 2022 at 09:32PM
Labels:

Comments

Post a Comment

Popular posts from this blog

Women Pioneers at Muni: Adeline Svendsen and Muni’s First Newsletter

Women Pioneers at Muni: Adeline Svendsen and Muni’s First Newsletter By Jeremy Menzies To close out Women’s History Month, here’s a look back at one woman whose work to bring Muni staff together in the late 1940s created a legacy that lives on to this day. Adeline “Addy” Svendsen was founding editor of Muni’s first internal newsletter, “ Trolley Topics .” Adeline Svendsen sits at her desk in the Geneva Carhouse office building in this 1949 shot. Trolley Topics was a new venture when it started in February 1946. As Svendsen wrote in the first issue it was created, “to bring a little fun, a little news, and a lot of good will to all our fellow employees in the Railway.” Just two years prior in 1944, Muni merged with the Market Street Railway Company, expanding the small municipal operation into the largest transit provider in the city with hundreds of employees, vehicles of every shape and size, and dozens of facilities scattered across town. The newsletter was meant to help unite ...
Post a Comment
Read more https//reachsingh.blogspot.com»

Show HN: StreetComplete, an OpenStreetMap Editor for Humans https://ift.tt/2J8IL02

Show HN: StreetComplete, an OpenStreetMap Editor for Humans StreetComplete is an OpenStreetMap[0] editor directed at people who want to contribute and want to do this using their smartphone, without learning how to edit things[1]. It is available as an Android application. It is intended to be used as one walks, with quests appearing as markers on the map. Selecting a marker allows one to answer a simple question. The answer will be added to the OpenStreetMap database, with app handling selecting objects for editing, transforming answer into OSM tags and making edits. OpenStreetMap account is needed to apply edits, but it is possible to start without it, make some edits and login/register later. Note: I am not the main author, but I am one of the active contributors. Github page is at https://ift.tt/2g8lasH and https://ift.tt/3nR9PzS shows what was recently released. [0]OpenStreetMap is a Wikipedia of maps, available on the open licence. This dataset is already used for many interestin...
Post a Comment
Read more https//reachsingh.blogspot.com»

Show HN: Launch VM workloads securely and instantaneously, without VMs https://ift.tt/2QwJ1Kd

Show HN: Launch VM workloads securely and instantaneously, without VMs Hello HN! We've been working on a new hypervisor https://kwarantine.xyz that can run strongly isolated containers. This is still a WIP, but we wanted to give the community an idea about our approach, its benefits, and various use cases it unlocks. Today, VMs are used to host containers, and make up for the lack of strong security as well as kernel isolation in containers. This work adds this missing security piece in containers. We plan on launching a free private beta soon. Meanwhile, we'd deeply appreciate any feedback, and happy to answer any questions here or on our slack channel. Thanks! April 29, 2021 at 07:50AM
Post a Comment
Read more https//reachsingh.blogspot.com»