User Verified Social Telematics (UVST) is a disruptive international project to create and sustain a highly-competent and user-accountable standard organization, an active community of providers and ethical hackers, and a profitable ecosystem around the creation and evolution of the world’s most user-trustworthy general-purpose computing service platform, which has power consumption and form-factor that make it suitable for a thin handheld end-user device integrated or “attached” to any user’s ordinary smartphone, as well as for server, routing and other IoT/M2M equipment, albeit with very basic features and performance.
UVST R&D PROJECT: Core to the UVST is a 4-12M€ R&D project, to develop a mobile&desktop ultra-private user-friendly end-to-end communications service, at 1-200€/user/year, that provides minimalistic yet truly-trustworthy voice, email/text/chat and Web, social and business communications, through dedicated server-side equipment, datacenter, processes (CivicRoom and CivicLab), and dedicated 2.5-3mm-thin touch-screen e-ink screen handheld device (CivicPod) which is available either attached to any user’s mobile phone via a dedicated external case, or “inserted” inside the internal case of a custom-built smartphone’s (CivicPhone), sharing its battery.
CivicFab processes will exceed in assurance those of DoD Trusted Foundry Program and DARPA Trust in Integrated Circuit, but at a fraction of the costs. It will enable diverse deployments, including: (a) Pure P2P mode, (b) Managed P2P mode, with “remote attestation”, as well as (c) a Hybrid P2P mode, only in pairs of democratic countries, whereas the CivicRoom dedicated hosting room – which offers substantial services and stores limited and time-based users encryption keys or data – will be subject to an extremely transparent and user-accountable citizen-jury-based access management, redundantly remote and onsite, which will intrinsically guarantee the constitutionality – no more and no less – of lawful intercept and search & seizure orders.
UVST INITIATIVES: It shall realize a socio-technical production-ready prototype, a standard and ecosystem in accordance with the UVST Definition and Requirements, as defined by the UVST Consortium Agreement (live draft), being constituted with core partners. UVST develops through 3 projects, part sequential and part concurrent: (1) a 4-12M€ UVST R&D Project participated by 15 Italian, EU and Brazilian leading private and public partners and world class prospects, (2) A 5-20M€ UVST Virtual Foundry, a joint venture for the development – concurrently and in addition to the UVST R&D project – of world-class design facilities and cluster for UVST-compliant solutions and equipment, and permanent setup of compliant 2-300mm low-capacity partnering foundries; (3) a UVST(-like) International Standardization proposal.
HOW: Extreme minimisation of hardware and software will allow extreme verification relative to complexity of ALL software, firmware, hardware and processes (including hw design and manufacturing, and datacenter management processes) involved end-to-end in the UVST telematics services, which in turn will enable to achieve unprecedented assurance levels at a low per unit cost, and economic sustainability within an initial 4-12M€ UVST R&D Project budget. All its critical hardware components, will be manufactured in one or more partnering low-capacity 2-300mm semiconductor mini foundry which will reliably and sustainably allow complete oversight of any critical manufacturing processes; location in participating countries is preferred but not required. It will developed starting from the most minimal, verified and hardened free/open-source (or at least publicly verifiable) software and hardware components available. Most of all, it will develop highly-accountable constituent socio-technical organizational processes to manage all any critical processes potentially affecting the assurance of the computing experience.
SCOPE: UVST will give its end-users unprecedented levels of actual (and perceived) assurance in relation to the fact that, all computing components that are critically involved in their computing experience beyond point of encryption, will “perform as advertised” at all times, and be resistant to attempts to remotely exploit vulnerabilities, even through the most powerful and rare targeted surveillance methods, including automated and semi-automated targeted methods (such as NSA Turbine and Italian Hacking Team), as well as from undetected physical tampering. Does not protect from environmental interception, including that from the end-user’s other connected devices, and other continuous surveillance techniques whose cost and detectability exceed that of environmental interception.
R&D PARTNERS: (For a 4-liner profile for each partners here): CORE: Open Media Cluster (Italy, 2000hrs+) Creators of UVST project, leaders in highest-assurance ICT socio-technical systems, and planners of geo-located media/ICT clusters; Kryptus (Brazil, 100hrs+) Makers of world’s 1st open secure general-purpose CPU processor SCuP; Chair of SecT at TU Berlin (Germany, 8hrs+) R&D leader in highest-assurance micro-kernel and microvisors and hardware security; Chair of Multilateral Security at Goethe U. (Germany, 6hrs+) Leader in socio-technical aspects of privacy and security; GSMK Cryptophone (Germany, 20hrs+) World leader in verifiable cryptophones; SIRRIX (Germany, 10hrs+) Second largest IT Security devices and solutions provider; PROPOSAL-SPECIFIC: Engineering SPA (Italy, 30hrs+) Largest Italian IT company, with large defense and free software practice; Kolab Systems AG, (Switzerland, 60hrs+) Leading secure FLOSS email/groupware provider; Center for Cyber Intelligence and Information Security of Sapienza University (Italy, 20hrs+) The leading state information security and cyber security academic research center in Italy; Fondazione Ugo Bordoni (Italy, 20hrs+) The R&D arm with 400+ staff of the Ministry of Economic Development of Italy, MISE; American Mini Foundry. (USA, 10hrs+) USA leader in highest-assurance IC foundry oversight). including Gerry Etzold, Former Technical Director of NSA Trusted Access Program (2008-2009); Hermes Center for Digital Transparency and Human Rights. (Italy, 30hrs+, non-profit leader in Italy / technical aspects of the digital human rights, similar to EFF or Epic in the US, developer of Global Leaks); LSI-TEC (Brazil, 5hrs+) HIstorical R&D Security lead of Brazil; exclusive certificator of PKI equipment for main PKI infrastructure of Brazil, coordinator of the FP7 EU-Brazil Global iTV project for the new global interactive TV standards); USP City Center (Brazil, 5 hrs+, leading ICT security R&D center); Unidata, (Italy, 6hrs+, Among top 5 Italian fixed-line ISP, datacenter and unified communications);
SCIENTIFIC & TECHNICAL BOARDS:(Committed 5-20 man-days or more): Stefano Zacchiroli. Associate Professor of Computer Science at University Paris Diderot, former 3-times Debian Project Leader (last in 2010-2013), Board Director at Open Source Initiative (OSI)”.Gerry Etzold. The former (2008-2009) Technical Director of the NSA Trust Access Program. Brings unmatched technical expertise in assurance of the fabrication process for highest assurance device. Bart Preneel, Phd. World renowned cryptology expert and researcher. President of the International Association for Cryptologic Research, which organizes the leading EU crypto conference Eurocrypt. Project manager of the Network of Excellence ECRYPT II (Cryptology) (2008-2013); Roberto Gallo, Phd. Chief Scientist & Ceo at Kryptus; Bruce Perens (co-founder Open Source Initiative, author of Debian Social Contract and statutes of the founding organization of Debian’s Software in The Public Interest, founder of UserLinux initiative); Jovan Golic, Phd. World-renowned cryptology expert. EU EIT ICT Labs Privacy, Security and Trust Action Line Leader, one of the 6 EU-wide action lines of the EIT ICT Labs, set to bring leading innovation to market through 6 specialized territorial nodes with 3 billion € funding to 2020; Rufo Guerreschi. Exec Dir. at Open Media Cluster; Paolo Giorgini, Phd. Univ. Trento, expert in socio-technical trust, co-author of Socio-technical Trust: An Architectural Approach (pdf); Piero Corte (IT Research Director, Engineering); Georg Greve CEO of Kolab Systems. the founding president of the Free Software Foundation Europe (FSFE) until 2001-2009.For a list of our world-class partners and advisors follow this link. Targets Markets: Since it combines leading-edge levels of privacy, user-friendliness, very low cost and substantial utility&entertainment features, it can be offered a end-to-end, as well as server-side-only, ultra-private communication service to customers ranging from the moderately privacy-conscious to the extremely privacy-conscious. Substantial market opportunities have been identified for the following sector: (A) High to extremely privacy-conscious high-worth individuals as well as organizations, including state security and military agencies, for internal use by top executives of large and powerful private and public organizations, including state security agencies; (B) as white label or custom solution for international banks and bank associations for their high-premium clients, including ultra-private e-banking, one time passwords and more; (C) as while-label, IaaS or PaaS server-side-only solutions for the highest security and privacy requirements in state security, financial, military and other sectors; (D) (later phase) as white-label wide-market consumer ultra-privacy+entertainment deployment (1-300K+ units), by telco and/or broadcasters, in partnership with local content partners, with the optional CivicDongle; (E) (later phase) as a cheap and relatively-small form-factor hardware platform without touch screen for mission critical Internet-of-things applications. ROADMAP: We are actively pursuing H2020 EU public R&D fundraising opportunities, but also interested in seed or angel funding options. By Nov 2014, we plan to submit a 4M€ UVST proposal to H2020 FET-Open RIA (deadline by March 2015), with world-class partners and advisors. We have developed a late draft with much details and deliverables, but there is still space for very high value added partners or advisors to join in. We are actively planning and networking to participate to other H2020 Calls.