Become a sponsor to Andrew (AP) Prendergast
Working on FOSS & academic research for the next quarter. The scope of work is InfoSec aimed at making computer scientists globally safe from persecution, duress, exploitation and IP theft.
-
Reviewing public key crypto strength and possibly updating OpenPGP to support longer keys
-
Reviewing & improving Signal Messaging App by adding optional features for computer scientists to communicate securely by sacrificing plausibly deniability in exchange for stronger privacy, integrity, authenticity and availability:
- review the cryptographic strength and implementation of Signal App, including providing debug information on what cyphers are being used, the key lengths, key issue date, Signal version & platform both parties are using, optional levels of cryptographically strong non-repudiation and authenticity and clarity on integrity settings in use,
- QEMU isolated execution of a turing-complete language that is amenable to isomorphic encryption, enabling zero-knowledge bots to be placed on Signal endpoints that look like a phone call but is actually a TOR bridge,
- improve the desktop client so that it has desktop video conferencing capabilities required for collaboration, such as screen and window sharing, and uni-directional and bi-directional keyboard and mouse sharing,
-
Fixing the broken bits in the Haven App and adding more features so that it is a de-centralised web3.0 monitored alarm system:
- remove the current motion detection algorithm,
- basic UI fixes such as:
- the scroll-wheel widgets for calibration is hinky,
- one shouldn't be able to make any changes to settings or delete events if the app is Pinned, and
- there should be a 'Go Dark' button once the app goes into 'Active' mode (which saves power and is more discrete),
- add a new section to the settings that allows fine-grained control over what 'baby-monitor' styled notifications to send via Signal and how much data the app should / should not use, and
- use Android ML-Kit and Tensor Chip hardware acceleration present in some phones for optimcal flow computer vision processing and AI,
- introduce voice-to-text both for transcription of audio events (which transmits quickly and cheaply over signal), and to enable a wake word command (with voice printing and use banking industry styled fraud-detection algorithms to cover adversarial playback attacks),
- wake word ('My Haven' -- and only responds to owner's voice) can be used to authenticate ('my voice is my passport, verify me'), 'My Haven, Activate', 'My Haven, Deactivate', 'My Haven, Go Dark' and 'My Haven, Goodnight' can control a swarm of Haven Apps on carefully hidden multiple devices simultaneously,
- can interface with other nearby Haven instances so they can act as a swarm intelligence,
- can interface with peripheral devices including Inner Range access control/alarm systems, Philips Hue home automation sensors,
- adding support for externally connected cameras, eg, a USB video conferencing camera,
- building a microclient for Arudino/Pi so one can hide tiny cameras and microphones, then uses a more powerful smartphone with hardware acceleration for vision processing,
- fixing the Signal integration,
- fixing the sensor calibration so that it auto-calibrates, uses the latest computer vision and AI techniques designed for high-accuracy adversary-resistant sensor merging,
- use CV for better key-frame selection,
- adding options to stream captured events to your photo stream, enterprise cloud storage services (AWS/Azure/GCS), and desktop storage systems (OneDrive/DropBox/Box/etc),
- adding 2FA to remote access,
- prioritise sending keyframes and AI detected event notifications over Signal using a multiple redundant channels, realtime programming metaphor that falls back to memory and disk buffering if all networking options are temporarily unavailable,
- integrate more instrumentation into the Android OS and provide better telemetry over Signal on app and
device health, such as battery levels and when the remote access over TOR feature is being accessed and most importantly, when network connectivity degrades or has an outage, wake word attack attempts, - near-real time streaming of optical flow to disk & cloud storage so that events don't get missed (eg, one can simply walk up to an actively open Haven App and stop the monitoring and that event, if performed quickly enough, may not recorded),
- better Micro SD expansion and no-IEMI/IMSI device integration to enable super high capacity storage that is easily destroyed on devices that cannot be detected, tracked or controlled based on IEMI/IMSI,
- addition of Bluetooth and Ultrasonic networking to avoid detection,
- providing a decentralised list of web services whose onion address can be found at three fixed blockchain, torrent, IPFS, pastebin & onion addresses.
As a senior computer scientist, I earn around $30-$40K / month + stock options. This is 1/4 of what I would usually earn. $10K is what is required to maintain my lifestyle, keep a high security remotely monitored lab setup at home, and leaves a little bit of spare cash to spend on technical resources required for R&D such as expendable computer equipment (eg, high capacity SD cards, SSD storage and different models of phone and portable media players for testing, etc), FIPS-2 yubikeys, security consultants to manage network and physical security, tamper proof bags, seals and tape, and other bits and pieces required when doing the sort of research and FOSS work I am planning on doing.
0% towards $10,000 per month goal
Be the first to sponsor this goal!
$50 a month
Select- Get a Sponsor badge on your profile
$250 a month
Select- Logo or name goes in my project README
- Access to private repositories
$1,000 a month
Select- Logo or name on project website
- Access to pre-release builds of my project
- Have your bug reports prioritized
$5,000 a month
Select- Get a company license for my project
$10,000 a month
Select- I'll join your company chat app for help and support