FOSS donation nominations, 2015 edition

yegg Staff yegg
Created: 3 years and 9 months ago
It's the time of year again to nominate FOSS related projects for DuckDuckGo donations! Like in previous years, half of our donation pool (total yet undetermined) will be directed by the company and half of it will be directed by you, the DuckDuckGo community.

The theme this year is "mainstream privacy," i.e. projects that are making privacy tools or increasing privacy awareness for the general population. We'd love your nominations for individual projects that fit this theme. We particularly like projects that really need donations and where our relatively small contributions could make a clear difference.

This forum has been archived

Thank you all for the many comments, questions and suggestions. Particular thanks go to user x.15a2 for constantly monitoring, replying and helping so many users here. To continue these discussions, please head over to the DuckDuckGo subreddit.


Zhyl
I know it was a donee last year, but I don't think any project fits "mainstream privacy", "making privacy tools for the general population" or "relatively small contributions make a clear difference" than Mailpile (http://mailpile.is).

Small team and a set of philosophies on privacy, freedom and UI/UX design that are sadly rare if existant elsewhere.
posted by Zhyl 3 years and 9 months ago Link
sebasorribas
Can the project be in spanish?? Because I'm thinking one from my country (Argentina), but is directed to boys in schools. And -of course- it´ s in spanish
posted by sebasorribas Community Leader3 years and 9 months ago Link
anonymous
GnuPG has never received as much funding as it deserves. They have a funding drive on their front page at the moment - https://gnupg.org/ - Please consider including them.
posted by <hidden> • 3 years and 9 months ago Link
mnp
Seconded.
posted by mnp 3 years and 9 months ago Link
anonymous
You can't get any more mainstream than GnuPG either. It's used practically everywhere and it despirately needs some love as the OP posted.

They are looking for money for a second full time developer, as well as any operational costs of the project.
posted by <hidden> • 3 years and 9 months ago Link
anonymous
OpenWhisperSystems. Specifically, their mobile applications TextSecure and Redphone make using high quality cryptography in daily conversations so easy that anyone could use it with nearly no training.
posted by <hidden> • 3 years and 9 months ago Link
anonymous
Seconded
posted by <hidden> • 3 years and 9 months ago Link
mnp
In addition to GPG, I would like to draw attention to the Namecoin project.

It is a distributed name system suitable for domain names (aka .bit domains) and personal identity and public key distribution, and a number of other emergent applications. It has inherent censorship resistance and provable trust properties. There are already several node implementations including a browser plugin. Work is ongoing.

I believe the future of the free internet will depend on a peer-to-peer DNS of some type, and we owe it to the future to explore all technically valid options. The current hierarchical system is already untenable in many places, and is on its way the remainder:

see more.
posted by mnp 3 years and 9 months ago Link
Mallart
Here's a library of ideas for anyone looking for projects relating to "mainstream privacy". Within each categories are numerous sub-categories (media publishing, email encryption, VPN clients and many more). Yes, DuckDuckGo is mentioned among them.

For Windows: https://prism-break.org/en/categories/wi...

For Apple: https://prism-break.org/en/categories/os...

For GNU / Linux: https://prism-break.org/en/categories/gn...

For BSD: https://prism-break.org/en/categories/bs...

For Android: https://prism-break.org/en/categories/an...

For iOS: https://prism-break.org/en/categories/io...

For Routers: https://prism-break.org/en/categories/ro...

For Servers: https://prism-break.org/en/categories/se...
posted by Mallart 3 years and 9 months ago Link
Elina95
Sounds great.Those people will be thanksful.
posted by Elina95 3 years and 9 months ago Link
This comment has been removed for violation of our forum rules.
posted by <hidden> • 3 years and 9 months ago
This comment has been removed for violation of our forum rules.
posted by <hidden> • 3 years and 9 months ago
anonymous
If it is possible to nominate one's own project, I would like to nominate Selective Share (https://www.selectiveshare.com)

Selective Share is encryption-as-a-service. It allows one to build client side encrypted, cloud based data sync into your app without having to think about key management, encryption, network comms and synchronisation. Encryption keys are never sent over the network.

Apps work with local disk files and trigger a sync whenever necessary. Eventually both desktop and browser based apps will be supported. For the moment support is only for desktop based apps.

Selective Share runs outside the browser, so it is not susceptible to code injection (although the app may still be).

Any app where the data is not available in real time at all sites can utilise the service. Examples could be data backup or an online forms application.

I am a single developer, any size contribution will make a clear difference.

Site: https://www.selectiveshare.com
Client code (GPL): https://bitbucket.org/selectiveshare/slt...
Server code (AGPL): not yet published.
posted by <hidden> • 3 years and 9 months ago Link
anonymous
I would like to nominate Privacy Badger spearheaded by the Electronic Frontier Foundation.

>>https://www.eff.org/privacybadger#suppor...

Get involved with the project here >> https://www.eff.org/deeplinks/2014/04/pr...
posted by <hidden> • 3 years and 9 months ago Link
javathunderman
Don't mean to self-advertise, but the browser MySurf. One of my friends (@AJDev77, to be exact) is working on it, and we're working right now on-centric features. It would make a difference if we have a little bit of funding!

It's on Github, if you want to check it out.
posted by javathunderman Community Leader3 years and 9 months ago Link
anonymous
I'd like to nominate the open-source self hosting distribution, arkOS (https://arkos.io). arkOS takes Linux and puts a visual environment to it (accessible through the browser) that makes it very easy for users to host their own websites, emails, chat accounts, and much more. You can add new services just like you install an application from the app store on your phone, and they can be managed automatically by the device. This has super-important implications for privacy because it empowers non-technical users to decentralize their communications. The main developer Jacob Cook is working really hard on new versions this year which will bundle in some cool new features, and at this point they are relying on donations to keep adding new ones and to keep improving the platform's security.
posted by <hidden> • 3 years and 9 months ago Link
anonymous
Off-the-Record messaging. A community site was launched earlier in 2014 which hosts the official libotr bug tracker and git source. https://otr.im

OTR has no funding whatsoever so even a small contributions would help soo much like handling the cost of our SSL certificate, domain registration and server fees. Having a bit of money to deploy a new server for continous integration with our new test suite made by volunteers or funding research to change OTR to use eliptic curve crypto and move away from the current old ciphers.
posted by <hidden> • 3 years and 9 months ago Link
zac
seconded
posted by zac Staff3 years and 8 months ago Link
malevolent
http://protonmail.ch

They encrypt all mail messages and they are at Switzerland, where data protection laws are very restrictive. They also assure end-to-end encryption, so the data is already encrypted by the time it reaches their servers. They cannot decrypt the encrypted messages and as result, and so, they cannot share them with third parties.

You can send mails to other non-protonmail users and encrypt the message by giving a password to your interlocutor, and the mail you send it's a mere link to a webpage where the other side must enter that password in order to see the message. This webpage will be deleted in the time you specify.

They, as duckduckgo, has their motto: We don't track our users.

Seems a nice service, I'm using it from a month or so and it works pretty fine, but we're so few people that at the moment, I've sent a few encrypted messages...
posted by malevolent 3 years and 8 months ago Link
anonymous
There is one issue with protonmail first of all it is a service, second of all it is closed source and proprietary. They money could be put to better use with gnupg or darkmail. Also you might want to read this page explaining why JavaScript crypto is a bad idea and should not be done http://matasano.com/articles/javascript-... .
posted by <hidden> • 3 years and 8 months ago Link
anonymous
I would nominate uBlock, but the developer isn't soliciting donations, afaik.

https://github.com/gorhill/uBlock

μBlock, or uBlock, a general purpose web blocker anti-tracking extension. Available for Chromium/Chrome, Opera, and as a beta build for Firefox and Safari.

Uses less resources than any software of the same class. Adding block lists is a simple as a check of a box. Supports dynamic filtering.
posted by <hidden> • 3 years and 8 months ago Link
anonymous
Gnupg would be a good FOSS project to support and they especially need it this year since they are trying to hire a new Dev (Werner Koch is currently the only Dev). I would also like to nominate the i2p (geti2p.net) project and libOTR (https://otr.cypherpunks.ca/). If Darkmail is open to donations im sure they could put the money to good use.
posted by <hidden> • 3 years and 8 months ago Link
ismab2013
My unofficial DDG apps for Windows 8 and Windows Phone 8. XD
posted by ismab2013 Translation Manager3 years and 8 months ago Link
anonymous
I contribute my time to the Priv.ly Project and I know the small non-profit organization shepherding it would benefit immensely from more funding. The Priv.ly Project is developing privacy tools for the every day person. By installing a browser extension or mobile application, users are empowered to keep the contents of their messages private on all existing web services. We have a working product, but to make it usable for the masses it is in need of a level of polish and testing that only a full time development effort can deliver. While slow progress is being made by a small community of volunteers and GSoC students, it is no where near the speed of what even a small amount of funding would provide.
posted by <hidden> • 3 years and 8 months ago Link
anonymous
Since GNUPG has exceeded their fundraising goal no donations should be paid out to them this year, maybe another year when all the publicity fades away and they will need it. Instead projects like mailpile and enigmail could use some money since the only hurdle keeping some people away from using email encryption (gpg) is the poor usability of gpg.
posted by <hidden> • 3 years and 8 months ago Link
x.15a2
I would respectfully suggest supporting the Pale Moon browser. Initially based on Gecko browser engine, Pale Moon is now a complete split from Firefox. Pale Moon is available in 32 and 64 bit versions for Windows and Linux and is struggling to get an OS X version running as well. In addition, Pale Moon now has an android version available, based on Fennec.

Pale Moon has not adapted the "Australis" user interface, instead it strives to provide a fast and solid UI. Pale Moon also provides it's own syncing service, which does not utilized Mozilla's sync engine or servers. While most FF extensions are compatible with Pale Moon, some are not, therfore Pale Moon has is own extension hosting server.

Pale Moon is completely open source and is primarily user supported.

Thanks for your consideration.
posted by x.15a2 Community Leader3 years and 8 months ago Link
anonymous
Your primary issue appears to be that Firefox utilizes Mozilla services, such as sync. Sync data is fully encrypted on Mozilla's servers and only the user has access to it. Mozilla is also pretty strong end-user privacy advocate.
posted by <hidden> • 3 years and 7 months ago Link
anonymous
In my opinion we don't need new protocols. What we really need is ways to *really* replace existing stuff. Number one on the list is Skype. Skype's strength is that they support many users and it's not hard to setup. It's also mentioned on many PRISM slides.

There are lots of VOIP services and what not, but there is only one project to really replace it, which is Tox. It's incredible what those folks did. Their stuff is completely alpha of course, but their stuff actually works just like that. One installs the software and you are good to go. There are versions for Windows, MacOS, Linux and mobile platforms.

https://tox.im/

Living in a long distant relationship that would be really important to me and I think to many others who currently don't have a better way to communicate with friends and family.
posted by <hidden> • 3 years and 8 months ago Link
vojiz
Vouch!
posted by vojiz 3 years and 8 months ago Link
javathunderman
I've used Tox. It's good, but it could use some work. Seconded!
posted by javathunderman Community Leader3 years and 7 months ago Link
yegg
Thank you to everyone who contributed to this thread. I'm proud to announce our 2015 donations.
posted by yegg Staff3 years and 6 months ago Link