[00:00.000 --> 00:10.280]  Okay, so hi everyone. Thank you for making it. I'm David. I'm the project lead on the
[00:10.280 --> 00:16.840]  Crip Pad team, part of X-Wiki. And so today I'm going to give you a little summary of
[00:16.840 --> 00:22.800]  what Crip Pad is and what we're looking at for the year ahead. But first, I want to give
[00:22.800 --> 00:29.280]  a little bit of context. What context are we working in? I think we're in a particular
[00:29.280 --> 00:35.520]  moment when it comes to online collaboration. I'm going to take education as an example,
[00:35.520 --> 00:43.880]  but I think the broad strokes of what's happening is applying to many other sectors. So last
[00:43.880 --> 00:51.800]  May, Human Rights Watch released a report where they found that 90% of education tech
[00:51.800 --> 01:00.640]  software was spying on students or had the potential to spy on students. And of course,
[01:00.640 --> 01:10.200]  a lot of this is linked to the COVID crisis. So don't get me wrong, this didn't just spring
[01:10.200 --> 01:17.440]  out of nowhere when COVID happened. A lot of it was kind of waiting in the wings. But
[01:17.440 --> 01:25.800]  studies such as this one on the zoomification of universities really show the kind of drastic
[01:25.800 --> 01:32.320]  shifts in adoption in terms of online collaborative software that happened around COVID. And also
[01:32.320 --> 01:41.040]  highlights real concerns, in this case about the impact on academic freedom, the concerns
[01:41.040 --> 01:47.360]  that are raised when universities become reliant on cloud providers, especially like Big Tech,
[01:47.560 --> 01:53.880]  cloud providers. I personally know a lot of people in academia and basically since COVID, a lot
[01:53.880 --> 02:04.000]  of people just live in Microsoft Teams now. So that's an issue. I'm not going to go too deep
[02:04.000 --> 02:10.880]  into it, but Privacy International is watching this space and especially in the ad tech sector,
[02:10.880 --> 02:24.200]  I think this is really worth watching. So at the moment, we're at this point where big entities
[02:24.200 --> 02:33.000]  such as governments, so in France, for example, where we're based, the education ministry is as
[02:33.000 --> 02:37.280]  it's back against the wall in a way because they're forced to, you know, they can't keep
[02:37.280 --> 02:46.360]  recommending that people flock to Big Tech in the kind of early panic of COVID. And so they're
[02:46.360 --> 02:54.640]  not, they're advising against it. But I guess the big question is, what now? You know, where do
[02:54.640 --> 03:04.280]  you go now? How do you replace these tools? Where collaboration has proven to be, there's a need
[03:04.280 --> 03:10.840]  for some kind of collaborative software solution. But obviously, all the concerns linked with these
[03:10.840 --> 03:16.640]  solutions being provided by Big Tech giants are really becoming apparent and harder to ignore
[03:16.880 --> 03:27.480]  now that these situations are kind of normalized. And the issue is that collaboration often comes at
[03:27.480 --> 03:34.880]  the price of privacy, right? So you have these, on one side, these solutions that are very good at
[03:34.920 --> 03:42.320]  providing collaboration. Some of them are, you know, big evil tech corpse like we've seen. Some others
[03:42.320 --> 03:53.000]  are maybe less evil, maybe more open source, etc. But yeah, typically not very good at privacy. On the
[03:53.000 --> 04:02.560]  other hand, you have very good solutions that provide encrypted storage and personal note-taking, for
[04:02.560 --> 04:10.000]  example, but that are typically not great at collaborative work. Okay, and so at CripPad, we
[04:10.000 --> 04:17.520]  think, or our project exists because we think we should be able to have both. So the collaboration
[04:17.520 --> 04:25.360]  and privacy shouldn't be mutually exclusive, basically. So we exist in that overlap in the Venn
[04:25.360 --> 04:36.880]  diagram. And so what we provide is basically an online collaborative office suite with a lot of
[04:36.880 --> 04:42.080]  features that you'd come to expect from such a thing. So you have a drive where you can store
[04:42.960 --> 04:52.160]  documents. We have a full suite of applications, all of which are collaborative in real time. So that
[04:52.160 --> 04:58.080]  means different people can be editing the same document at the same time and see each other as
[04:58.080 --> 05:05.360]  cursors and things like this. So we have spreadsheets, text documents, forms, Kanban boards, plain text,
[05:05.440 --> 05:13.520]  markdown documents. So some of these are integrations of other open source software. So we
[05:13.520 --> 05:24.480]  integrate only office frontends, for example, and others are made from scratch. So for example, our
[05:24.480 --> 05:36.800]  forms application we developed from the ground up. We have a lot of collaborative features. So some
[05:36.800 --> 05:42.320]  of the drive that I showed, this could also be a team drive where a few people have access to the
[05:42.320 --> 05:49.280]  same set of folders and we have granular kind of access controls as to who can see what, etc. We
[05:49.280 --> 05:57.440]  have calendars, sharing capabilities. So with contacts on the platform, but also with the
[05:57.440 --> 06:02.320]  ability to produce links that you can then share to your friends so you can all edit the same set
[06:02.320 --> 06:12.480]  of notes, for example. And the real unique feature behind all of this is that everything is end-to-end
[06:12.480 --> 06:22.240]  encrypted. So basically everything happens in your browser and your browser encrypts and decrypts
[06:23.040 --> 06:28.960]  all the messages that you send to the server that's centralizing the collaborative element.
[06:28.960 --> 06:37.520]  Okay, so nothing leaves your device unencrypted is the basic kind of feature but also constraint
[06:37.520 --> 06:49.120]  that we have. Okay, so I'm going to do a little tour of what's kind of currently on our minds. I
[06:49.120 --> 06:57.840]  have to put in a disclaimer that a lot is in flux at the moment. We're in the process of setting up
[06:58.560 --> 07:03.440]  potentially big partnerships and stuff but nothing is kind of fully finalized. So I'm not going to
[07:03.440 --> 07:08.080]  give any names and I'm not going to promise that everything I'm going to show today is going to
[07:08.080 --> 07:13.040]  actually be implemented this year and maybe some other stuff that I have no idea about yet will be
[07:13.040 --> 07:18.880]  implemented instead. So this is just what's currently on our mind as of February 2023.
[07:21.360 --> 07:29.520]  So one thing that's definitely underway is a project called CripPad Blueprints where we're
[07:29.520 --> 07:36.640]  thoroughly documenting the use of cryptography as we currently use it so that it's more transparent,
[07:37.280 --> 07:44.480]  our threat model is open, etc. And so that we can also pave the way for future developments. So
[07:45.520 --> 07:50.960]  Theo who's sitting here in the front row is leading this effort. He's just given a talk in
[07:50.960 --> 07:56.800]  the security dev room if you want to catch up on that later on and he's also just released a white
[07:56.800 --> 08:05.120]  paper as the first step in this project. There are some interesting experiments in the kind of
[08:05.120 --> 08:13.520]  looking ahead part of this project that are coming up. We're going to experiment with CRDTs so we're
[08:13.520 --> 08:21.600]  testing like a very experimental prototype with using YGS as a way of syncing the edits between
[08:21.600 --> 08:28.800]  different users and we're also looking into how we could implement perfect for its secrecy.
[08:28.800 --> 08:33.840]  At the moment when you join a document you also gain access to its history which in some cases could
[08:33.840 --> 08:39.760]  be problematic so we want to have a way of limiting the access to the history to the moment that you
[08:39.760 --> 08:48.240]  join for example and we want to have also better ways of recovering your accounts. At the moment the
[08:48.240 --> 08:53.840]  typical support email that we get is I forgot my password and we can't do anything in that case
[08:53.840 --> 09:02.240]  unfortunately because otherwise we would have access to people's documents but there are ways of
[09:02.240 --> 09:08.800]  doing this in a slightly better way when it comes to usability. So we want to look at this.
[09:10.080 --> 09:16.720]  This is funded by Next Generation Internet by the way who also have a presence here so I encourage
[09:17.440 --> 09:24.960]  to look them up. Another project we're doing with the help of their funding at the moment
[09:24.960 --> 09:32.560]  is CripPad Auth so this is also secured. We are looking at different ways of improving
[09:32.560 --> 09:39.840]  authentication on CripPad so we're going to look at ways to speak to integrate with existing single
[09:39.840 --> 09:47.120]  sign-on scheme. So say if a company already has a single sign-on system then CripPad should
[09:47.120 --> 09:52.400]  be able to be part of that and also looking at multi-factor authentication.
[09:56.720 --> 10:03.680]  Now this time last year I was presenting the results here at FOSDEM of our inter-office project.
[10:04.480 --> 10:12.080]  This is a project where we basically developed document conversion between different office
[10:12.080 --> 10:17.840]  formats and because of the constraints I was speaking earlier this cannot happen on the server
[10:17.840 --> 10:21.840]  because our server doesn't know anything so it had to happen in the client and that was slightly
[10:21.840 --> 10:30.880]  complicated but we did it and with this we were able to complete our integration of the
[10:30.880 --> 10:38.000]  only office editors so we also released the presentation and text document editors at the
[10:38.000 --> 10:43.680]  time. However we're still having quite a few issues with them we've not been able to stabilize them
[10:43.680 --> 10:47.920]  as much as we'd like so we're still seeing some bugs and we're not quite able to reproduce them
[10:47.920 --> 10:54.720]  so a big priority for us this year will be to stabilize these two apps at the moment on our
[10:54.800 --> 11:01.680]  flagship instance CripPad.fr they're limited to paying users just simply because we needed
[11:01.680 --> 11:08.160]  a way of limiting the amount of support tickets we're going to get so one of the big goals this
[11:08.160 --> 11:16.320]  year is to stabilize these two apps and release them for everyone. Mind you the I mean they are
[11:16.320 --> 11:20.000]  still open source right so if you're a self hosting an instance you already have access to these.
[11:20.640 --> 11:30.400]  Another thing we're looking at is to integrate a new application so draw.io or diagrams.net
[11:31.040 --> 11:37.280]  that editor should make its way into CripPad this year so collaborative diagram editing
[11:38.240 --> 11:45.440]  is very exciting. We just heard about the relentless march of markdown
[11:46.240 --> 11:52.400]  and one thing that we're looking at as well is to improve markdown
[11:53.200 --> 12:00.720]  use in CripPad but to improve we already have great support for markdown we have two applications
[12:00.720 --> 12:09.360]  so our code editor has great markdown support with lots of extensions and we also have a markdown
[12:09.360 --> 12:14.160]  slides application where you can write slide decks in markdown I know this is a slightly niche
[12:14.160 --> 12:19.040]  feature but I'm guessing this is probably the case where the niche is probably most active where
[12:19.040 --> 12:26.560]  coders are used to like write slides in markdown I personally like it but these two apps are
[12:26.560 --> 12:32.800]  really underused like hardly anyone knows about them in case of in the case of CripPad
[12:33.440 --> 12:39.040]  so I think to do justice to them we're going to try and merge them into a single app and we're
[12:39.040 --> 12:44.960]  going to call this notes again kind of going out on the limb here but something that's not code
[12:44.960 --> 12:49.680]  or something that doesn't suggest that it's only for editing kind of programs because that's not
[12:49.680 --> 12:56.320]  the case so yeah we're imagining something at the moment with basically a markdown editor
[12:56.320 --> 13:00.720]  with different modes so if you want to do slides you can just switch the mode in the single app
[13:00.960 --> 13:13.360]  so beyond kind of these different EU funded projects and the partnerships we're setting up
[13:14.160 --> 13:19.200]  we've been thinking also about how to make our project financially sustainable
[13:20.480 --> 13:26.880]  because we can't go on research grants forever and so basically we've identified these three
[13:26.880 --> 13:32.800]  broad segments in our user base which are enterprise nonprofits and education
[13:33.680 --> 13:41.600]  and right now we're trying to cater to these three kind of broad use cases
[13:42.400 --> 13:48.640]  not necessarily trying to get everyone on CripPad.fr but thinking more at the instance level
[13:49.600 --> 13:55.680]  and encouraging and advertising the possibility for bigger entities such as universities, bigger
[13:55.680 --> 14:02.720]  NGOs, small and medium or large enterprise to have their own instance of the product so that they
[14:02.720 --> 14:10.160]  could manage their own domain sorry or that they or we could manage for them as in like support
[14:10.160 --> 14:18.480]  contracts etc that would be you know maybe slightly customized to their branding etc so we're exploring
[14:18.480 --> 14:29.600]  this as a potential revenue source for stabilizing the or like you know making the project financially
[14:29.600 --> 14:39.120]  viable basically long term so this is some pricing that we've just launched on our project site so the
[14:40.160 --> 14:44.240]  self hosting and the code remains free obviously everything remains open source
[14:44.960 --> 14:53.680]  and then we have the existing way of subscribing to use CripPad is kind of personal and organizational
[14:53.680 --> 15:01.760]  accounts on CripPad.fr and now we're adding this managed instance possibility which is still in
[15:01.760 --> 15:08.560]  very early stages but yeah we're looking to see where that goes basically in the year ahead
[15:08.560 --> 15:17.680]  so one thing before closing I want to draw your attention to our new forum that was launched
[15:17.680 --> 15:24.160]  last October I want to encourage you if you have feedback feature requests even bug requests and
[15:24.160 --> 15:33.040]  you don't use github then please come to our forum submit you know start a thread about
[15:33.040 --> 15:40.800]  something that you care about and we'll respond and hopefully maybe some other community members
[15:40.800 --> 15:49.920]  will respond I want to give a big shout out to the team because obviously I'm not on my own
[15:50.560 --> 15:57.280]  we started this this time last year we were three people and now we're six in the core team
[15:57.280 --> 16:04.080]  so we're growing rapidly and a lot of things are happening and hopefully very exciting things on
[16:04.080 --> 16:10.560]  the near horizon this is it from me I want to encourage you to go to CripPad.org where you
[16:10.560 --> 16:17.600]  can find all relevant links to where to contact us the new pricing I've mentioned and everything
[16:17.600 --> 16:23.680]  else to get in touch or to read our documentation and try out CripPad for yourself thank you very
[16:23.680 --> 16:25.680]  much and I welcome your questions
[16:35.680 --> 16:37.680]  you have a question
[16:42.080 --> 16:49.760]  yes yes yes so yes one of the one of the things that we're oh yes sorry
[16:50.560 --> 16:56.560]  so I didn't talk about an API that we're developing which is called open with CripPad
[16:56.560 --> 17:02.400]  although we're kind of reluctant to use this name because in some cases it could imply that you're
[17:02.400 --> 17:10.080]  benefiting from the encryption when you would not be but so yes this is an API that we're
[17:10.080 --> 17:16.000]  developing at the moment that other host platforms could use basically CripPad application
[17:16.240 --> 17:24.640]  just as an editor okay so you have a file a markdown file or a document stored in NextCloud
[17:25.520 --> 17:30.880]  and you could open it for a collaborative session in a CripPad
[17:33.040 --> 17:39.920]  encrypted collaborative session and then once it's saved you save back to NextCloud or you know
[17:40.560 --> 17:45.840]  NextCloud or any other kind of host platform with a CripPad instance a lightweight CripPad
[17:45.840 --> 17:52.960]  instance running alongside it why are we reluctant to use open with CripPad for this or not reluctant
[17:52.960 --> 17:59.760]  but we're thinking about what to call it is that CripPad comes with a promise of privacy and in this
[17:59.760 --> 18:06.800]  case we only control the privacy while the the collaborative session is open so yeah that's that's
[18:06.800 --> 18:11.200]  an issue but yes potentially some exciting development in that front that would allow more
[18:11.200 --> 18:19.520]  people to integrate with us yeah yeah a question about the concept of zero trust because zero trust
[18:19.520 --> 18:26.800]  and and encryption based based on that you can validate or verify that the client is really
[18:26.800 --> 18:35.840]  enter and encrypting your data but as this is a web app is there any way to verify that the server
[18:36.640 --> 18:42.960]  delivers the code that is really end-to-end encrypting or in the end do I have to trust
[18:42.960 --> 18:50.320]  the server that is really delivering the code so how can you be sure that the code that you're
[18:50.320 --> 18:57.040]  getting from the server is really the right I'm repeating your question for the the right
[18:59.200 --> 19:04.400]  code and that there is no kind of malicious action on the server part is that your question
[19:04.480 --> 19:10.960]  so Theo's talk is called whom do you trust it was in the security bedroom earlier so
[19:11.760 --> 19:19.760]  he will have a lot more detail on this I think the short answer to it is that you can't really
[19:20.880 --> 19:26.800]  be sure of it but there are ways that we are exploring in terms of verifying for example that
[19:26.800 --> 19:31.280]  the code on the server is matching a certain repository but this is not
[19:31.840 --> 19:36.080]  implemented at the moment so you have to trust that the
[19:39.680 --> 19:46.800]  yes that the server is really delivering the same code that we publish on github for example
[19:48.240 --> 19:49.120]  run your own server
[19:50.080 --> 19:52.160]  yeah that's yes the back
[19:53.280 --> 19:59.600]  yes hi so a lot of freedom fighters and activists are starting to use this
[20:00.800 --> 20:08.640]  question one is this advisable and question two is if you allow me in the mountains a lot of
[20:09.600 --> 20:12.400]  commercial encryption phones
[20:13.840 --> 20:19.200]  providers for criminals actually got busted over the last two years
[20:20.320 --> 20:27.440]  these were for drug criminals and so on people planning murders on that are there any contingency
[20:27.440 --> 20:36.480]  plans for this so to your first question is it advisable for activists to use
[20:36.480 --> 20:45.920]  script pad I guess is your question I would say yes Theo reminded us earlier of the case of
[20:45.920 --> 20:54.080]  Disha Ravi who is an Indian climate activist who basically got doxxed by Google to New Delhi police
[20:54.800 --> 20:58.240]  and that resulted in her arrest so I think
[20:58.480 --> 21:06.640]  yes it's beneficial if you want to avoid scenarios like this and I think especially
[21:08.000 --> 21:13.840]  so when you're involved in this kind of organizing I think it's about protecting yourself
[21:14.480 --> 21:21.840]  but also protecting whoever else you're dragging into your movement right so we've seen a few cases
[21:21.920 --> 21:28.960]  where you know a document is shared quite widely and you know you see these uses of
[21:30.080 --> 21:35.760]  Google docs where it's about sharing resources or even gathering resources etc so this is not
[21:35.760 --> 21:42.240]  just protecting yourself as an activist but also all the people who are visiting your document
[21:43.200 --> 21:51.360]  right so I think yeah there is there is precedent here where you know big tech companies are more
[21:51.360 --> 21:59.360]  than happy to out people and I think as we see the tightening of the definition of like what's
[21:59.360 --> 22:05.040]  acceptable activism and especially around the climate movement I think yes I would advise for it
[22:05.760 --> 22:13.360]  uh your second question was about encrypted phones and contingency plans for criminal uses
[22:13.360 --> 22:22.720]  of the software basically so we administer kripa.fr which is the flagship instance and I think
[22:23.920 --> 22:31.040]  these plans are really at this level at the instance admin level and so I can only speak
[22:31.040 --> 22:39.600]  to what we do on kripa.fr and we're actively monitoring for you know criminal uses of
[22:42.000 --> 22:47.360]  the the platform and whenever something is reported to us or whenever we find something
[22:47.360 --> 22:54.800]  we're like actively searching then we take down you know anything we found we find our
[22:55.120 --> 23:04.640]  our experiences that at some point most of these endeavors end up you know having to recruit or
[23:04.640 --> 23:11.280]  having to basically you know publish a link to something on the platform so that's when
[23:13.760 --> 23:18.480]  that's when these things become groups or whatever become visible and then we can act on them
[23:19.440 --> 23:23.360]  could that answer your question we have one question at the back yes
[23:29.840 --> 23:33.680]  can you please tell us something more about the distribution in France
[23:33.680 --> 23:40.240]  and how it's actually welcomed by school and how it's actually functioned so starting
[23:40.640 --> 23:42.640]  the presentation yes
[23:52.160 --> 24:00.720]  so what's the adoption of kripa in response to the the recent recommendation not to use
[24:00.720 --> 24:08.480]  big tech platforms in education in France so nothing as far as I'm aware we have we're not
[24:08.480 --> 24:16.080]  aware of any schools using or having adopted kripa as a result of these recommendations
[24:17.200 --> 24:22.880]  be aware we're talking like this was two months ago or something or like it's fairly recent
[24:24.560 --> 24:32.960]  we see a lot of adoption in Germany and this was even before this kind of recent developments
[24:32.960 --> 24:41.040]  so we have a lot of testimonials from schools and universities that are using kripa in in Germany
[24:41.760 --> 24:48.720]  and we seem to have a lot more traction on the german market than we do in France so this is
[24:48.720 --> 24:55.440]  something that we're looking to improve on the front side we're hoping to get for example there
[24:55.440 --> 25:02.560]  is a catalog of apps for the education national which we're working to get onto that kind of
[25:03.280 --> 25:10.560]  um suite that is deployable by schools we're not there yet but this is something that's um on our radar
[25:13.040 --> 25:15.040]  yes
[25:17.600 --> 25:24.080]  they're interested they need it they need the whole thing in particular right which is very important
[25:24.080 --> 25:29.360]  for that type of deployment it's a bit complicated it's not a no-to-deployment by school so it's not
[25:29.440 --> 25:34.880]  instances it's basically a very very big instances they have they have on their application
[25:37.680 --> 25:42.560]  another type of path simple one there is somebody from national education tomorrow
[25:43.120 --> 25:46.480]  in another room go see him and tell him that you want it
[25:49.040 --> 25:53.440]  so thank you then we have one more last question okay yes okay
[25:54.400 --> 26:01.440]  uh you told us a quick quick path is a entrance from user to uh yes
[26:03.920 --> 26:11.600]  so you have no access to the copy of the users yes uh it says basically say it for
[26:11.600 --> 26:19.760]  actually just to use it and then you told us that uh you monitor the flagship uh instance yes
[26:20.080 --> 26:26.720]  lawful or unlawful users illegal yeah that's a kind of a vector on how you monitor the encrypted data
[26:26.720 --> 26:33.040]  for lawful or unlawful users oh no sorry sorry uh so uh contradiction between um
[26:33.920 --> 26:39.040]  i said that we that i would recommend activists to use crip pad and also that we were monitoring
[26:39.040 --> 26:46.720]  for criminal uses what i mean but what i mean by monitoring is look is uh you know
[26:46.720 --> 26:51.120]  o-center like scanning the internet for crip pad links not that we can monitor anything
[26:52.000 --> 26:58.720]  as administrators of the platform does that make sense we search we don't we don't see encrypted
[26:58.720 --> 27:05.440]  data but if somebody if somebody sends us a link with encryption key because it was perfect
[27:05.440 --> 27:13.520]  a link to a document we will delete it potentially and we would report it if we if we have to report
[27:14.160 --> 27:21.120]  and if uh and if we see that it's bluntly criminal we would potentially even close the
[27:21.120 --> 27:25.680]  account and delete the data because we have some links between the data we wouldn't be able to
[27:25.680 --> 27:30.960]  read the data because we cannot see the data but we would delete it and i'd like to add on this we
[27:30.960 --> 27:37.600]  had one police request in the year and it was clearly illegal what they sent us we sent them
[27:37.920 --> 27:43.840]  what what we have which was close to nothing like very little information only what we see
[27:43.840 --> 27:50.400]  in the pads basically uh but so we're not seeing any data clearly we're not seeing the data but
[27:50.400 --> 27:56.960]  some people post links that's why the police if they see the computer they will find a lot of
[27:56.960 --> 28:02.720]  links on the computer links to crip pad documents we can continue this if you want but i think there
[28:02.720 --> 28:16.480]  was a misunderstanding with my use of actively monitoring public so uh if if something is posted
[28:16.480 --> 28:28.240]  on the
[28:28.240 --> 28:34.240]  thank you very much