Privly System and Organization Overview

Privly System and Organization Overview

Annual Report Snapshot: 8/12/12

About

Privly is a protocol and suite of applications for controlling personal data shared via any site on the web. For more information on what Privly is, visit priv.ly/pages/about.

This document is intended to give a high level overview of the Privly implementation and organization. The current version of this document will be maintained on the Privly wiki.

Sections of this document include information on:

• the Privly Foundation
• the Development Effort
• Exemplar Service Providers
• Lessons for Open Source Kickstarters

Privly Foundation

Founding Status

The Privly Foundation is a pending US 501 (c) 3, tax-exempt organization, whose public purpose is to develop and protect the Privly project, as well as educate the general public about Privly and internet privacy.

The Privly board and developers are committed to using donor funds to effectively build Privly. We are disclosing the current expenditures on Privly.org. The donor roll is now permanently in the source code for Privly.

Board of Directors

The inaugural Privly Foundation board meeting will take place in September. At that time, we will transfer Privly's license to the Privly Foundation. The founding board members are listed below:

Sean McGregor - Ph.D. Student in Computer Science at Oregon State University

Sean McGregor is the creator and lead developer for the Privly project. A native of the United States, McGregor is a PhD student in computer science at Oregon State University. In 2008, McGregor earned a Bachelor of Arts from Claremont McKenna College, with studies in computer science, environmental policy, government, and economics.

Carlos Jensen - Associate Professor of Computer Science at Oregon State University

Carlos Jensen is an Associate Professor in the School of Electrical Engineering and Computer Science (EECS) at Oregon State University (OSU). He received his BS. degree in Computer Science from the State University of New York (SUNY) Brockport, and a Ph.D. in Computer Science from the Georgia Institute of Technology in 2005, where he was a member of the Graphics, Visualization and Usability Center (GVU).

His areas of research are in Usable Privacy and Security (HCISec), with particular focus on making online decisions about privacy and security understandable and meaningful to users.

Leslie Hawthorn - Community Action and Impact at Red Hat

An internationally known community manager, speaker and author, Leslie Hawthorn has over 10 years experience in high tech project management, marketing and public relations. In March 2012 she joined Red Hat, Inc., where she is responsible for Community Action & Impact on the company’s Open Source and Standards team. Prior to Red Hat, she served as Outreach Manager at Oregon State University’s Open Source Lab and as a Program Manager for Google’s Open Source Team, where she managed the Google Summer of Code Program, created the contest now known as Google Code In and launched the company’s Open Source Developer Blog.

Development

Technical Vision

Privly's mission is to build protocols for the secure sharing of data via any site on the web. Privly's core protocol provides for the injection of protected content into any web page without giving that page access.

The greatest challenge of the system is properly integrating with any site on the web. Such a broad application area requires an experimental approach to the specification. To that end, we are developing Privly functionality incrementally on a Firefox extension, before pushing it to official Privly implementations on other platforms.

The core concepts of Privly can be broken into two components:

1. Link Discovery and Injection
   First the extension must detect specially formatted links indicating the linked content should be injected into the host page. By reversing the logic of the link, Privly is able to "fail gracefully." If the link is not injected properly, placed behind a URL shortener, or viewed without an extension, the user is able to click on the link to view the content.

2. Injectable Applications
   When the Privly extension detects the Privly-type link, the extension will replace the link on the host page with an iframe. The iframe will contain an injected application, which will run a complete web applications within host pages. Due to Browsers' Same Origin Policy, the injected application will not be accessible by the host page. Privly will develop several applications for injection into the web page. Known injected applications will be packaged into the extensions and have access to the user's compiled encryption library API.

Current Functionality

Privly is still pre-release. The Firefox version is the most functional and provides the following functionality for user testing:

• Anyone can create a link according to the URL Specification. Basically, a link marked with #privlyInject1 will be flagged for the extension to inject into the web page.
• Right clicking a form element will bring up a posting menu
• A button in the browser's control area will turn extension functionality on and off
• We packaged the ZeroBin application for user testing. ZeroBin encrypts the content in the browser using Javascript before sending it to the remote server for storage. The decryption key is then added to the anchor of the URL before it is inserted into the host page. The anchor is never shared with the remote server, so it is never able to read the decrypted text. In order to read the content, users must have both the link, and the ciphertext. WARNING: until we start Alpha testing, the ciphertext will be given to anyone holding the link.

Note: User accounts are not currently required on the system. Once we begin Alpha testing, users will have accounts on the content server. All new content is currently destroyed every 24 hours. For more information on the integration testing functionality, watch this video.

Technical Timeline

We have a considerable amount of development remaining on several platforms. In order to test and release each feature in a timely manner, we have broken up the system into manageable pieces. Since Privly is a concept which has never been widely tested, we expect the staged rollout of Privly will be instructive for setting future priorities.

We are using Owl Names for the first 10 versions of Privly. The first three versions of Privly are currently under development. Each extension can reach a release at different times, however, we will not begin development of Eagle until all the extensions reach Burrow.

Version 0 - Caged Owl
Makes it easier for users to do integration testing

Version 1 - Barn Owl
Provides basic security through encrypted content based on the hyperlink

Version 2 - Burrowing Owl
Adds functionality to the reference implementation content server

Version 3 - Eagle Owl
Integrates the compiled encryption library

Version 4 - Horned Owl
Focuses on injectable application development

Version 5 - Masked Owl
Develops functionality for users to manage who they trust

Version 6 - Pygmy Owl
Focused on developing more advanced uses of the compiled encryption library

Version 7 - Screech Owl
Makes Privly content look like the page surrounding it

Version 8 - Snowy Owl
Adds technologies to distribute hosting

Version 9 - Spotted Owl
Supports encrypted non-text content

Version 10 - Tawny Owl
Adds an encrypted semantic datastore for users to grant and manage access on trusted websites

Version Status

• Reference Implementation Content Server - Burrowing Owl In Development - Alpha Released September 1st
• Firefox - Burrowing Owl in Development - Alpha Released September 1st
• Chrome - Developing Caged, Barn, and Burrowing - Alpha Released September 1st
• Opera - Developing Caged, Barn, and Burrowing - No Release Target Yet
• Safari - Development stalled at Caged (no maintainer)
• Internet Explorer - Not under development (no maintainer)

Each Privly version will be released "when it's ready." We can tell you the functionality associated with Caged, Barn, and Burrowing should be released in Alpha for Firefox and Chrome by September 1st. At that time will go through a documentation and refinement cycle, and work to bring the Opera, Safari, and Internet Explorer versions up to the current functionality of the Firefox and Chrome versions. Versions for other platforms, like mobile, will begin development at Eagle.

The first three versions will not be released in Beta. The first version eligible for Beta release will be Horned Owl.

Note: We cannot control the testing, update, and distribution of Privly on platforms like SurfEasy. In the case of SurfEasy, we can easily port a mature Firefox extension to their platform when it is ready (if they accept it onto their platform).

Openness of the Protocol

Privly already works with any content server's domain, however, if the domain is not trusted by the extension, it is not automatically injected into the page (it will inject after you click the link). Allowing any domain to automatically inject content is detrimental to security, privacy, and usability. However, all users will have full control of their list of trusted domains (see: Masked). Privly will only provide defaults in the form of Exemplary Service Providers.

Another concern with openness and security, is which web applications will have full API access to user's cryptography keys. Starting with a few basic applications, Privly will accept applications to run directly from the extension. These reviewed applications will never execute remote code, and thus verifiably be worthy of access to the cryptography API. Applications which don't require access to the cryptography API will be allowed to run remotely-served code.

Documentation

Privly has documentation in three different locations (we know, that's a lot, hear us out).

1. privly.org- Privly.org is the stable and official home of Privly. Users, testers, and developers wanting a high-level overview of Privly should go here. It contains:

• User guides
• Development Blog
• Finalized and adopted specifications
• Tester information
• Privly Foundation organization information

1. Github Wiki- The wiki permits anyone to contribute and improve content. Since anyone can change the wiki, you should regard its content with a higher level of skepticism than www.privly.org. The wiki contains:

• Working Draft Specifications
• Developer Information

1. doc.privly.org- The documentation site contains auto-generated HTML docs based on the source-comments of the Privly applications. Look at the docs here if you want to explore the inner workings of the Privly family of applications.

• Firefox JSDocs
• Chrome JSDocs
• Opera JSDocs
• (Forthcoming) Privly Content Server Docs

Testing

In software development there are two types of testing: developer and user testing. Developer tests are programs which test other programs, and user testing are people who test programs. If you are not a developer, you can skip to the user testing section.

Developer Testing

Privly, and browser extensions in general, lack a cohesive regression testing framework. Privly has two formal testing resources

1. test.privly.org: The Privly testing domain is built for the quick inspection of browser extension functionality. After visiting the various test pages, you can tell whether the Privly-type links were properly detected and injected into the host page. As we discover integration issues with host websites, we are characterizing the problems with a page on test.privly.org.

2. privly-web tests: The reference implementation for Privly Content servers uses the built in Ruby on Rails testing suite. The testing script, executed by the rake test command, is run before every deployment. The original code base was not developed with test cases, but all new commits require full test coverage.

User Testing

At the start of August we rolled out the first round of testing for anyone joining the testing mailing list. The functionality of the current version, outlined in this video, provides content encryption according to a "password" attached to the link. Anyone with the link will be able to decrypt the linked content, but the storage server (Privly), never has access to the key. We shared this subset of Privly functionality with users so we can start "integration testing." Privly integration testing is a process for discovering where Privly does not properly integrate with the internet.

Since Privly is intended to work on any website, we need users to start submitting integration bug reports as soon as possible.

Community

Most new open source projects benefit from the experience of developers who worked on similar projects. While many projects cover components of Privly, few have approached Privly's use case. The absence of widely accepted and developed Privly-type systems means Privly needs significant concept communication before people can effectively contribute to the project. Privly is a relatively small development community, but the potential payoff of attracting new developers necessitates a greater focus on communication than development.

The current Privly development community (people who have contributed code, graphics, organization, or system administration) are:

Maintainers: Sean McGregor (Firefox, Chrome, Content Server), Jen Davidson (Privly.org), Balaji Athreya (Firefox), Sanchit Karve (Opera), Jesse Markowitz (Privly.org), Jesse Hostetler (library)

Contributors: Hanno Wagner (System Administration), Tyler Dugoni (Graphics), Jared Howe (User Docs)

Past Contributors: Jesse Pollak (Commits to Safari and Firefox), Charles Martin (Commits to Firefox)

Communication

Privly has several locations for project related communications

• Mailing Lists
• Developers Mailing List
• Tester Mailing List
• Announcement Mailing List
• IRC
• Privly developers gather on irc.freenode.net, in the #privly room
• Social Networks
• Diaspora
• Twitter
• Facebook
• Google+
• Direct Emails
• Sean McGregor: [email protected]
• Jen Davidson (Community Manager): [email protected]
• GitHub
• Create an Issue in a Repository

Localization (Translating)

None of the Privly software has reached "string freeze," which is the point in development where we have written all the final english text for the software. The first version of Privly to reach string freeze will likely be Burrowing.

Exemplar Service Providers

Exemplar service providers host data in accordance with the forthcoming Privly Host Guidelines. Since Privly is still pre-release, there are not yet any Exemplar Providers.

Privly founder, Sean McGregor founded Privacy Providers Inc., to serve as an initial host and consultant for the Privly network. The organization is pending acceptance during the September board meeting of the Privly Foundation.

Lessons for Open Source Kickstarters

Kickstarting an open source project is not common, so we figured people could learn from our mistakes.

• We tried to "roll our own" community infrastructure via Drupal, but we had to abandon the effort. Only mature projects have the strength to ask potential contributors to join new communities. Development community infrastructure provided by GitHub, should stay on GitHub. Build community infrastructure only when you are hurting for it.
• We did not clearly define the organizations we were proposing to build for Privly. Without a published organizational plan, people will assume their coding contributions will not be protected.
• If you are proposing a multiyear effort, where functionality will be rolled out in waves, either only tell people about the initial release's functionality, or give yourself a lot of "breathing room." Put delivery dates far in the future, even if part of the product (stickers, shirts, etc) will be done within a few months.