[katzenpost] privacy by design

matbit at airmail.cc matbit at airmail.cc
Sun Jul 19 10:58:30 UTC 2020

“imagine” all the people sharing all the world
John Lennon

Hi team,
It maybe looks like off topic, but since we are in same page and 
striving for “privacy right” please forgive me for this post and help me 
if you can.
Many thanks in advance.

It is Hu, a freedom enthusiast software developer, who believes in 
Privacy, and digital rights as well.
I developed an open source and free(libre) app to support people 
establishing their “decentralized online community”, without need to 
running a website(having domain name and host), or having an static IP 
or even dynamic IP.
The software called Comen, stands for “Community Maker Engine“. Users by 
installing Comen can form an autonomous unstoppable online community in 
which they can have their username(much like Domain name), send 
encrypted messages, participate in forums/discussions and having wiki 
pages, personal weblog, run survey, kind of smart contracts, DeFi and 
some other important activities.

Entire communication between nodes (the machines around the glob that 
installed software) is done through “emails”. The Comen software 
automatically sends and receives hundreds of emails in hour to/from 
nodes. Indeed I developed the Comen software to make it very easy, every 
group of people (without any technical knowledge) by 2 or 3 clicks 
establish an online community. To join a community, people just need to 
know the peer’s email address and install the software.
The Comen software creates a local copy of a blockgraph (unlike the 
Blockchains the data structure of Comen is a DAG and not a link-list) 
and records all received blocks in its local DB (AKA distributed 
By this design we have an autonomous, standalone, unstoppable, 
decentralized online community on top of a blockgraph in which users 
have personal data sovereignty.
This approach is about caring privacy and avoiding mass surveillance, 
especially in giant social-networks. By Comen everyone can join to 
hundreds different groups or leave them and no one spy them.
Comen is not good for “online gaming” or funny kitty “video watching”, 
but it perfectly works for serious issues against censorship and it 
cares user's privacy. it stops global passive eavesdropping.
Every single line of code that is running on user’s computer is 
transparent and audit-able.
Keeping it simple results No spying, No information exploitation, No 
hidden 3rd party IP connection.
The horizon of system is "Making standard internet, inside the classic 
internet, based on peers".

Going back to software, the email messages between nodes are encrypted 
by asymmetric public/private PGP keys, so they are safe and secure, and 
the email body (the text message) looks like a normal PGP encrypted 
message. The system works perfectly, BUT as we all know the big failure 
of “email protocol” is “meta data leakage”. So we need to fix this issue 
and improve the privacy of email protocol in whole.

You may ask abut “why you use email as transporter and just do not use 
TCP/IP or other newer decentralized messaging protocols”?
The answer is:
- Everyone can obtain one or one million email address with no cost, and 
governments can not stopping individuals from using email. -Thanks free 
speech defenders we still can have anonymous email without compromising 
our identity -, whereas for all other alternate solutions user need to 
obtain an IP or some kind of identification or membership processes, 
which are all in contrast with privacy.
- Email infrastructure is well-established and is accessible all over 
the glob. The emails work perfectly in most dictatorship countries with 
high level of censorship, oppression, IP banning, low speed internet, 
and all other barriers for commercial, high speed services we are using 
freely in Europe and US.
- The email is the only neutral, free (non proprietary) and open 
protocol/technology for communication.

You may ask why you want to update the existed protocol instead of “just 
use TOR or I2p or … and forward your traff	ic to these networks”?
Even TOR or I2p can be disabled, and they did it in Iran, North Korea 
and I guess also China.
In addition using TOR or I2P... as an extra effort for email is not a 
comprehensive and easy use case.

If we improve “email protocol itself”, and add some optional feature to 
it in order to reduce the metadata leak and offer this improvement as an 
“Open (non proprietary) Standard” and drive a social movement to force 
email providers to implement these features/protocols in their 
softwares, we will achieve a huge improvement in “privacy” protecting 
and “freedom of expression”. we can not simply let the email die!

This improvement will improve “email” users experience in whole, and 
also “Comen” software security and privacy level that indirectly causes 
to improvement of “freedom of expression” in recursive style.

I want to ask your opinion about this proposal, since you are 
experienced and professional.
What do you think about idea in whole and its feasibility?
Perhaps we should exchange some emails to talk about details and figure 
out how to deal with this proposal, political(legal) issues, preparing 
some RFC or standard design specs and plan and strategy and roadmap, and 
so on.
We are not too many people with this point of views, so please feel free 
to forward this email to people you may know they are interested in this 
case. (better if encrypted message).

Looking forward to hearing from you.

P.S. Please no public announcement yet.

My public key



More information about the katzenpost mailing list