►
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
Your
data
secure,
sadly
for
most
people,
the
answer
is
probably
not
whether
it's
for
mobile
to
surveillance
or
company
failure
or
another
single
point
of
failure.
That's
just
not
so
our
solution
to
this.
It's
called
Pegasus.
It
builds
on
top
of
ipfs
and
I'm
gonna.
Give
you
a
super
quick
intro
to
Vegas.
A
Then
it's
first
start
with
what
we're
actually
trying
to
solve
here.
So
what
do
I
want
in
this
storage
and
sharing
system?
Three
main
categories,
security
control
and
convenience?
We'll
talk
a
little
bit
more
about
these,
but
security
like
things
like
safe
login,
strong
crypto,
hiding
file,
metadata
independent
of
DNS,
this
kind
of
thing
control
it
should
be
self
host
of
all.
You
should
have
fine-grained
access
control,
pseudonymous.
You
don't
need
to
a
phone
number
to
register,
for
example,
or
even
an
email
address
for
that
matter
and
convenience.
Anyone
should
be
able
to
use
it.
A
A
So,
let's
start
with
the
first
one
control.
So
our
overall
architecture
is
obviously
based
on
IP
FS,
so
a
lot
of
our
data
is
in
ipfs
itself.
We
use
IP
NS
for
mutual
pointers,
basically
mapping
from
a
public
key
to
a
hash.
Now
we
also
have
a
PKI
server,
which
actually
stores
its
data
in
ipfs
as
well
and
so
yeah.
Basically,
a
client
piggles
client
talks
to
a
pig
or
server
which
basically
just
proxy
stuff
together
there
other
stuff
and
the
server
explicitly
is
not
trusted
in
any
way.
A
Once
you've
got
the
client
code
mm-hmm,
so
the
basic
structure,
we
have
a
global
file
system,
everyone
gets
space
under
their
username.
Each
user
has
a
tree
of
symmetric
keys
with
cryptographic
links
between
them
as
how
we
do
access
control.
So
you
end
up
with
a
location.
Plastic
key
is
a
capability,
and
that
allows
you
to
both
retrieve
and
and
read
a
file.
A
We
explicitly
don't
use
convergent
encryption
because
that
leaks
to
the
network,
the
files
that
you
have
this
is
the
tree
structure.
We
use
for
access
control
so
on
the
left
is
a
directory.
Basically
with
a
bunch
of
keys.
Each
box
is
a
key.
That's
a
subdirectory
with
some
other
keys,
that's
a
file
at
the
end
with
the
fewer
keys
and
these
links
basically
mean.
If
you
have
the
source
key,
you
can
derive
the
target
key,
and
so
whoever
has
this
key
can
read
the
entire
subtree.
A
But
someone
who
only
has
the
the
file
base
key.
They
can
obviously
read
the
file
and
what
we
do
is
we
have
these
backlinks
to
have
a
well-defined
path.
So
everything
has
a
well-defined
path,
but
you
can't
someone
who
could
only
read
the
file
can't
read
anything
else
in
the
same
directory
or
or
anything
else
higher
up.
A
So
when
you
upload
a
file,
we
first
chunk
it
into
five
Meg
chunks.
Each
five
Meg
is
independently
encrypted
split
them
into
fragments
each
of
those
who
put
in
ipfs
and
those
are
then
merkel
linked
from
the
encrypted
metadata
for
whatever
that
is
the
file
fragment,
and
then
you
could
do
matadeiro
itself.
We
put
in
there
another
nice
data
structure
in
IP
LD
as
well.
A
Second
topic
convenience,
so
I
mentioned
a
web
interface,
but
the
critical
thing
there
is
to
centralize
logging.
What
does
that
even
mean
without
a
central
server
fundamental?
We
want
people
to
be
able
to
log
in
with
a
password,
and
so
the
way
we
do
that
in
a
safe
way.
Is
we
basically
take
your
password?
We
salt
it
with
your
username,
which
is
public,
send
it
through
memory,
hard
hashing
function,
called
scripts
and
gives
you
three
three
things
down
the
other
end.
A
One
is
your
your
root
symmetric
key,
basically
for
your
root
directory
and
two
key
pairs
which
are
kind
of
your
identity
and
the
other
ones
used
for
social
stuff
but
and
yeah.
These
are
never
never
written
to
disk
or
transmitted
they're
just
stored
in
RAM
when
you're
logged
in
and
finally
security.
So
how?
How
secure
is
that
login?
A
A
So
we
recommend
14
characters
of
numeric.
That's
this
many
possibilities.
A
lot
back
in
the
envelope
calculation
based
on
the
hashing
for
the
litecoin
network,
which
uses
the
same
hash
function
we
use,
but
with
simpler
parameters,
easier
parameters.
Basically,
that
would
take
one
GPU
300
billion
years
or
if
you
had
300
million
GPUs
that
still
take
a
thousand
years
and
the
purchase
cost
of
those
GPUs
would
be
about
300
billion
US
dollars.
So
basically,
even
certain
three-letter
agencies
shouldn't
be
able
to
afford
to
crack
this.
A
A
A
So
this
obviously
it's
also
showing
you
what
the
the
UI
looks
like
at
the
moment.
But
what
I
want
to
do
is
show
you
streaming
video
so
bear
in
mind.
This
is
not
streaming
from
the
server.
This
is
getting
all
the
chunks
independently
decrypting
them
locally
in
the
browser
and
then
piping
that
to
a
local
stream
in
the
browser
itself,
and
hopefully.
A
A
A
B
A
A
A
A
A
The
only
other
cool
thing
you
can
do
is
Public
Links
and
that
basically
puts
the
capability
thing
I
mentioned
at
the
beginning,
into
the
link
itself.
Other
people
have
talked
about
similar
things,
and
so,
if
we
open
this
and
another
tab
so
and
there
it
is,
you
notice.
I
can't
see
the
other
file,
that's
next
to
it,
and
we
can
view
that
whatever.
A
D
D
E
C
A
We
want
to,
we
want
to
be
able
to
handle
big
data.
We
haven't
particularly
stress
tested
that
yet,
but
there
are
no,
like
we've
already
shot
everything
it's
all
like,
because
we
chunk
it
all.
That's
all
kind
of
done
already,
so
the
only
potential
problem
is
actually
only
ipfs
side
when
we're
trying
to
pin
a
very
large
set
and
if
you
have
more
files
than
you
can
fit
on
an
individual
ipfs
node.
A
Eventually
we're
going
to
use
our
if
there's
custard
for
that,
but
that's
not
quite
there
yet
so
in
GDP,
if
you
have
like
groups,
could
share
so
the
moment
it's
one-to-one
I
mean
you
can
share
the
same
thing
with
many
people
and
you
can
hunt
share
with
one
of
them
and
so
on,
but
there's
no
group
chat
or
whatever
yeah.
But
yes,
that's
on
the
robot.