As usual, this year's status letter covers all news-worthy updates since our previous letter.

Inside This Year's Letter:

• Group Income
  • 2018 Hawaii Hackathon development
  • Group Income team continues to grow development
  • Group Income Presentation at BlockCon 2018 (Los Angeles) education
• Miscellaneous Decentralization Related
  • Rebooting Web-of-Trust (Toronto) research education
  • Scaling Bitcoin (Tokyo) research
  • Internet Identity Workshop IIWXXVII #27 (Mountain View) research education
  • Noteworthy Decentralization Tech research education
• Organizational
  • Server infrastructure
  • Finances

Continue reading →

From the Better Late Than Never dept. comes our third yearly status letter. It covers all news-worthy updates since our previous letter.

Inside This Year's Letter:

• Blog Silence
• Group Income
  • July 2017 hackathon development
  • Anikó Fejes and Sandrina Pereira join Group Income! development
  • BlockCon Basic Income Q&A With Scott Santens (Los Angeles) education
• The DCS Theorem
  • Presentation at Block2TheFuture (San Francisco) education
  • Rebooting Web-of-Trust (Boston) research education
• DPKI: Decentralized Public-key Infrastructure
  • Presentation at NLUUG (Netherlands) education
  • Presentation at BlockCon (Los Angeles) education
  • Slate article on Certificate Transparency education
• Miscellaneous Decentralization Related
  • Net Neutrality research education development
  • Noteworthy Decentralization Tech research education
• Organizational
  • We're a 501(c)(3)!
  • Retroactively deductible donations
  • Server infrastructure
  • Finances page!

Continue reading →

This is our second yearly status letter. It covers all news-worthy updates since our previous letter.

Inside This Year's Letter:

• Group Income
  • Voting systems research research education
  • Victor Morrow Joins Group Income! development
  • Group Income Shorts! education
  • San Francisco Basic Income Create-A-Thon education development
  • New York Meetup! education
• DPKI: Decentralized Public-key Infrastructure
  • ID2020 - Rebooting Web-of-Trust Spring 2016 education research
  • "DCS / Slepak's Triangle" at Rebooting Web-of-Trust Fall 2016 education research
  • DPKI vs CONIKS vs Key Transparency vs Certificate Transparency education research
  • Slides: "Fixing the Internet of Sh*t" education
• Misc. Decentralization Related
  • Zcash research and coverage education research
  • Updated "5 Open Source Slack Alternatives" to mention Matrix/Riot education
  • Noteworthy Decentralized Tech education
• Finances

Continue reading →

Previously, we reviewed Google's Certificate Transparency efforts, and observed that while it does not prevent MITM attacks, it might detect at least some of them. We compared it to blockchains, and described what a Decentralized Public-key Infrastructure (DPKI), which uses blockchains, might look like.

Today we compare these approaches with two new systems: Key Transparency and CONIKS. Continue reading →

Listen up, super-villains and laboratory mice!

Outlined in this post is a masterplan for how to "take over the world!" — by compromising Zcash.¹ Continue reading →

Also see our followup: How To Compromise Zcash And Take Over The World

As part of our work, we will sometimes put a new system under scrutiny in order to provide constructive feedback, and/or clear up a widespread misunderstanding that could lead to problems down the road (for example, see our series on Certificate Transparency). Continue reading →

Thanks to insightful feedback from John Light, I realized it would be good to do a regular Turtle Status Letter in order to keep our followers and supporters abreast of our activities and decision-making process. We now plan to do one every year.

Inside This Year's Letter:

• How We Got Started
• The okTurtles Browser Extension
• DNSChain
• DPKI — Decentralized Public Key Infrastructure
• Voluntary Basic Income: Group Currency & Group Income
• Educational Content
• Future: What's Next for the Turtles?

Continue reading →

Some turtles got together this weekend to hack on a thon—err, for a Group Income hackathon! Continue reading →

On Monday, the Internet received another reminder about its sad state of security. It was discovered that Dell decided to compromise their users' Internet security in a way that's difficult to top.

As elaborated further in this post, Dell, in tandem with Google, made it possible for anyone on earth, you or me, to break every single type of HTTPS connection that Dell users were making (including HPKP connections)—shiny lock icons be damned. Their reason? Continue reading →

Translations: 中文

Update: We made a huge mistake in forgetting to review Riot — the only Slack alternative based on an open protocol, and the only Slack alternative to support end-to-end encrypted group chats.

Slack is a popular team communications application for organizations that offers group chat and direct messaging for mobile, web, and desktop platforms. While Slack offers many benefits to customers, there are also downsides to using the platform, including high subscription fees and the risk of a massive leak of private data if Slack’s servers are ever breached (again).

Today there are a growing number of open-source Slack alternatives available for people who want to avoid the trap of walled gardens and have more control over the security of their data. As part of our own search for a self-hosted Slack alternative, we reviewed the options out there.

Here are five of our favorites: Continue reading →