signposts
TRANSCRIPT
Signposts Taking back the dark edges of the internet
Open Hardware, Software, Internet & JobsMonday 11 March
Heidi [email protected]
The good old days ...
53.123.123.2
53.137.123.29
45.204.13.2
79.183.123.82 103.193.123.234
53.128.123.27
53.123.193.87
Today's reality...
NAT Box
NAT Box
NAT Box
NAT Box
NAT Box
Firewall
Firewall
Firewall
The Problem
Device-device connectivity is pretty broken right now due to middleboxes at the edges of the internet
my iPhone
my machine here at the lab
Existing Solutions
Although you can fix this with a range of tools, it's very fiddly and complex to do so or the solutions are platform specific
Technical - Dynamic DNS- Port Forwarding- uPnP- STUN- VPN- Iodine- NAT Punching- Rendezvous- HTTP/SMTP proxy
Centralised & 3rd Party- Skype & Google talk- Dropbox, Google Drive, Ubuntu One- iCloud- Remote Desktop Software e.g. LogMeIn- Email- Facebook, Twitter
... and the Signpost SolutionSignposts turn these technical solutions into tactics, it automates and manages the range of tactics to bring back this end-to-end dream
It's a framework to manage the maze of tactics so it's highly extensible
Signposts point devices in the right direction to find each other
Signposts' View of the WorldHeidi's Signpost Server
Internet
Now my devices all have their own domain names which they can use to refer to each other
iphone.heidi.signpost.io
dark edge of internet
desktop.heidi.signpost.ioworkmachine.heidi.signpost.io
dark edge of internet
dark edge of internet
Signposts' View of the WorldHeidi's Signpost Server
Internet
iphone.heidi.signpost.io
laptop.heidi.signpost.io
dark edge of internet
dark edge of internet
desktop.heidi.signpost.ioworkmachine.heidi.signpost.io
tablet.anil.signpost.io
dark edge of internet
dark edge of internet
Anil's Signpost Server
iphone.anil.signpost.io
desktop.anil.signpost.io
mac.anil.signpost.io
heidi.signpost.io
iphone
laptop
desktop
anil.signpost.io
iphonedesktop
mac
jon.signpost.io
laptop
iphone
Abstract away the internet edge
Empower individuals to create their “own personal cloud” and regain control of their digital footprint
Your Personal Signpost Server● Each virtual personal cloud has a Signpost server,
this has a public IP address ● It maintains up-to date information on the
whereabouts of all the devices in the user's personal cloud
● It has a set of policies which control sharing with other Signposts' users
● There is a persistent connection between the Signpost server and all devices in the user's cloud
● Whenever a device in the user's cloud moves location or network, the Signpost server is notified
Making connections
● The device that wants to initiate the connection performs an "effectful" DNS lookup of the domain name of the other device
● This DNS lookup is destined for the Signpost server of the other device's owner
● When the Signpost server receives this query, it creates a path between the devices and returns an IP address
● The two devices are now happily connected
Heidi's Signpost Serverdesktop.heidi.signpost.io
workmachine.heidi.signpost.io
Goal Of Tactics
To create a satisfactory connection between two end nodes that meets the user's requirements. Possible requirements include:● Authentication● Encryption● Bi-directionality● Anonymity ● Bypassing firewalls
Signposts can also allow for constraints, such as battery life, and price of network connections
Example - Syncing Directories
My home machine
Firewall
NAT Box
My work machine
Example - Video Streaming
My home machine
Example - Photo Sharing
The Project Home
Signposts is part of the OCaml Labs Projectwww.cl.cam.ac.uk/projects/ocamllabs/
Signposts is Open Source & hosted on GitHubwww.github.com/crotsos/signpostd
Some of the Signposts' team that I would like to thank and probably embarrass
More information...
Signpostswww.signpost.iochat to me or some of the other guys on the signposts' team