CryptPad BlogNews from the end-to-end encrypted collaboration suite2024-03-18T00:00:00Zhttps://blog.cryptpad.orgCryptPad Teamcontact@cryptpad.frPour un usage sécurisé de CryptPad2024-03-18T00:00:00Zhttps://blog.cryptpad.org/2024/03/18/Pour-un-usage-securise-de-CryptPad/🇫🇷 Post in French - Nous vous présentons dans quels scénarios CryptPad est sécurisé, et partageons des idées d'actions concrètes pour un usage de CryptPad respectant votre confidentialité.<p><img src="https://blog.cryptpad.org/images/Paris_Pont_des_Arts_--_2014_--_1422.jpg" alt="Cadenas d'amour sur le Pont des Arts, Paris, France (2014)" /></p>
<p>Photo Dietmar Rabich <a href="https://commons.wikimedia.org/wiki/File:Paris,_Pont_des_Arts_--_2014_--_1422.jpg">Wikimedia Commons CC-BY-SA</a></p>
<p>Ce billet de blog est une traduction francophone d'<a href="https://blog.cryptpad.org/2024/03/14/Most-Secure-CryptPad-Usage/">une première version originale en anglais</a> rédigée par Théo Von Arx et Fabrice Mouhartem.</p>
<p>Vous êtes à la recherche d'un outil de collaboration axé sur la vie privée ? Eh bien, vous l'avez déjà trouvé ! Mais que signifie réellement « vie privée » dans ce contexte ? Et comment est-il techniquement appliqué ? Il y a-t-il des précautions supplémentaires nécessaires pour une utilisation extra-sûre de CryptPad ?</p>
<p>Dans ce billet de blog, nous répondrons à ces questions, ainsi qu'à d'autres. Nous vous montrerons dans quels scénarios CryptPad est sécurisé et vous donnerons des idées d'actions concrètes pour utiliser CryptPad en toute confidentialité. Bien que nous fassions tout ce qui est possible pour sécuriser CryptPad, sa sécurité dépend également de la façon dont vous l'utilisez.</p>
<h2>🧑🏫 Préliminaires</h2>
<h3>🗺 Modèle de menace</h3>
<p>Lorsque nous parlons de sécurité ou de confidentialité, nous devrions toujours définir le scénario dont nous parlons.
Ce scénario est ce qu'on appelle le <a href="https://ssd.eff.org/fr/glossary/modele-de-menaces"><em>modèle de menace</em></a>, qui définit la <a href="https://ssd.eff.org/fr/glossary/possibilite-d-action">possibilité d'action</a>. En général, nous visons à penser qu'elles sont aussi puissantes que possible. Si nous pouvons nous défendre contre un <a href="https://ssd.eff.org/fr/glossary/adversaire">adversaire</a> fort, nous pouvons également nous défendre contre un adversaire plus faible.</p>
<p>La première hypothèse sur les capacités de'un adversaire découle directement de l'architecture de CryptPad. CryptPad est une application web : vous visitez le site web de votre <a href="https://docs.cryptpad.org/fr/user_guide/instances.html">instance</a> (par exemple, <a href="https://cryptpad.fr/">https://cryptpad.fr</a>) et téléchargez automatiquement le code client qui sera exécuté localement sur votre ordinateur. Si vous recevez un code source altéré de ce serveur, vous ne pouvez pas établir de sécurité, car ce mauvais code source peut, par exemple, envoyer tous vos documents en texte clair au serveur.
Par conséquent, vous devez faire confiance au serveur pour ne pas exécuter d'<a href="https://ssd.eff.org/fr/glossary/attaque">attaques <em>active</em></a> (c'est-à-dire pour ne pas exécuter un logiciel de serveur CryptPad modifié).</p>
<p>Nous nous défendons néanmoins contre un serveur <em>honnête mais curieux</em> (c'est-à-dire passif). La deuxième hypothèse est donc que le serveur joue selon les règles, mais pourrait essayer de déduire des informations sensibles en analysant toutes les données qu'il reçoit. Ce scénario inclut la possibilité qu'un tiers ait accès au serveur et puisse voir toutes les données et tous les journaux de logs. CryptPad s'est déjà défendu contre un tel adversaire dans le passé lorsque <a href="https://newsrnd.com/tech/2022-06-24-data-confiscated-from-pirate-party-servers.SJxeH5I79q.html">une instance tierce a été saisie par la police</a>. Nous considérons donc ce scénario comme très réaliste.</p>
<p>Enfin, nous supposons que les attaquants ont une capacité de réseau. Ce serait le cas de l'administrateur système qui gère le réseau dans votre bureau, de votre <a href="https://fr.wikipedia.org/wiki/Fournisseur_d%27acc%C3%A8s_%C3%A0_Internet">fournisseur d'accès Internet</a>, ou des services secrets ainsi que de nombreux autres. Les attaquants peuvent même utiliser les capacités de réseau actives, c'est-à-dire qu'ils peuvent épier votre trafic internet, et également analyser, déposer ou modifier les données envoyées sur le réseau.</p>
<h3>🔑 Cryptographie</h3>
<p>L'une des principales caractéristiques de CryptPad est <a href="https://ssd.eff.org/fr/glossary/chiffrement-de-bout-en-bout">le chiffrement de bout en bout</a>. Laissez-nous vous donner une idée approximative de ce que sont le chiffrement et l'authentification. Il y a trois blocs de construction principaux :</p>
<ol>
<li><strong>Le chiffrement symétrique</strong> (ou chiffrement à clé secrète) fonctionne de la même manière qu'une boîte avec un verrou : nous pouvons mettre quelque chose dans la boîte et verrouiller la boîte à l’aide de la clé (c’est la phase de chiffrement). Seule une personne ayant un exemplaire de la clé peut déverrouiller la boîte et accéder au contenu (qui correspond au déchiffrement) et le modifier. Étant donné que la même clé est utilisée pour verrouiller et déverrouiller la boîte, ce schéma est surnommé <em>symétrique</em>. Nous pouvons également faire des copies de la clé et la distribuer aux personnes en qui nous avons confiance, afin qu'elles puissent toutes verrouiller et déverrouiller la boîte.</li>
<li><strong>Le chiffrement asymétrique</strong> (ou chiffrement à clé publique : <em>Public Key Encryption</em>, PKE pour faire court) diffère du chiffrement symétrique en ce sens qu'une clé différente est utilisée pour le chiffrement (à savoir la <em>clé publique</em>) et le déchiffrement (la <em>clé privée</em>). Vous pouvez imaginer le chiffrement asymétrique comme le système suivant : vous distribuez des cadenas ouverts (la clé de chiffrement publique) à tout le monde et gardez la clé (secrète de déchiffrement) pour vous. Ensuite, si quelqu'un veut vous envoyer un message, il le met dans une boîte et la ferme grâce au cadenas que vous lui avez donné. Ainsi, vous seul·e pouvez l'ouvrir pendant que n'importe qui peut produire une boîte verrouillée pour vous. <p><img alt="Boîte avec cadenas" src="https://blog.cryptpad.org/images/unsplash-lock_on_a_box.jpg" /></p></li>
<li><strong>Les signatures numériques</strong> sont étroitement liées aux sceaux physiques : seules les personnes en possession du sceau (que nous appelons la clé de signature) peuvent signer, mais toutes les autres personnes peuvent vérifier l'authenticité d'un document à l'aide de la clé de vérification publique de l'émetteur. En outre, les signatures numériques garantissent également que personne n'est en mesure de modifier le contenu scellé sans que les lecteur·ices ne s'en aperçoivent. Une propriété que les sceaux conventionnels n'apprécient pas. Notez qu'il existe une variante symétrique de cette primitive appelée <a href="https://fr.wikipedia.org/wiki/Code_d%27authentification_de_message"><em>code d'authentification de message</em></a>. Cependant, il est rarement utilisé comme brique de construction indépendante et est utilisé conjointement avec le chiffrement symétrique pour obtenir <a href="https://fr.wikipedia.org/wiki/Mode_d%27op%C3%A9ration_(cryptographie)#AEAD_:_chiffrement_authentifi%C3%A9_avec_modes_de_donn%C3%A9es_additionnelles">le chiffrement authentifié</a>, ce qui garantit en outre que les messages ne sont pas altérés. Comme nous utilisons exclusivement le chiffrement authentifié dans CryptPad, nous utilisons généralement le terme de "chiffrement symétrique" à la place dans les explications pour plus de simplicité, mais les garanties réelles sont plus fortes. <p><img alt="Cachet sur une enveloppe" src="https://blog.cryptpad.org/images/unsplash-sealed_letter.jpg" /></p></li>
</ol>
<p>Pour CryptPad, nous combinons toutes ces briques de construction pour atteindre différents objectifs. Nous expliquerons l'utilisation ci-dessous dans la section relative aux documents.</p>
<h2>🧗 Les bases</h2>
<p>Nous décrivons quelques mesures de base qui vous permettent d'augmenter considérablement la sécurité de votre utilisation de CryptPad :</p>
<ul>
<li>CryptPad est un logiciel <a href="https://ssd.eff.org/fr/glossary/logiciels-ouverts">open source</a> et, à ce titre, il y a <a href="https://cryptpad.org/instances/">diverses instances</a> qui l'exécutent. Alors que nous hébergeons l'<a href="https://cryptpad.fr/">instance phare</a>, vous pouvez en choisir une autre, en fonction de la juridiction par exemple.</li>
<li>Assurez-vous de vous connecter à l'instance CryptPad choisie via <a href="https://ssd.eff.org/fr/module/que-devrais-je-savoir-au-sujet-du-chiffrement%E2%80%89#exemple-de-chiffrement-de-la-couche-de-transport-https">HTTPS</a>.</li>
<li>Tous les mécanismes de sécurité sont seulement aussi forts que votre mot de passe. Si votre mot de passe est facilement devinable, les attaquants peuvent obtenir un accès complet à toutes vos données stockées sur CryptPad. Nous vous recommandons soit de générer un mot de passe aléatoire à l'aide d'un <a href="https://guide.boum.org/en-ligne-outils-gerer-des-mots-de-passe.html#en_ligne-outils-gerer_des_mots_de_passe-utiliser_un_gestionnaire_de_mots_de_passe">gestionnaire de mots de passe</a>, ou de <a href="https://guide.boum.org/hors-connexions-outils-choisir-une-phrase-de-passe.html#hors_connexions-outils-choisir_une_phrase_de_passe">choisir une bonne phrase de passe</a> au cas où le mot de passe devrait être mémorisable. Utilisez ce mot de passe uniquement pour CryptPad afin d'éviter que d'autres services ne le divulgue.</li>
<li>Déconnectez-vous de CryptPad après chaque session, afin de redemander le mot de passe pour accéder à vos données sur CryptPad. Sinon, toute personne ayant accès à votre appareil peut également accéder à vos données sur CryptPad.</li>
<li>Utilisez l'<a href="https://ssd.eff.org/fr/glossary/authentification-deux-facteurs">authentification à deux facteurs</a> dans votre compte pour ajouter une protection contre le phishing en ajoutant un facteur temporel à votre connexion. <a href="https://blog.cryptpad.org/2024/01/09/tutorial-two-factor-authentication/">Un tutoriel</a> (en anglais) à ce sujet est disponible sur ce blog.</li>
</ul>
<h2>🧑 Contacts</h2>
<p>Comme nous le montrerons ci-dessous, l'ajout de vos pairs en tant que contacts CryptPad vous permet de partager des documents plus facilement, ainsi qu'en toute sécurité. Vous pouvez en outre restreindre l'accès à un document à des contacts spécifiques et échanger des messages texte avec eux.</p>
<p>La façon la plus simple d'ajouter quelqu'un à vos contacts est de <a href="https://docs.cryptpad.org/fr/user_guide/collaboration.html#add-a-contact">partager le lien vers votre profil</a> via une communication sécurisée avec votre pair et de demander à s'ajouter les un·es les autres en tant que contacts.</p>
<p>⚠️ Notez que les noms d'utilisateur·ices ne sont pas uniques sur CryptPad. Selon le contexte, il peut être judicieux de vérifier une demande de contact reçue par un autre canal sécurisé.</p>
<h2>📄 Documents</h2>
<p>CryptPad utilise un chiffrement symétrique avec une clé secrète par document pour rendre vos documents illisibles pour tous ceux qui n'ont pas accès aux clés correspondantes. CryptPad vous permet également de faire la différence entre les accès en lecture seule et les accès en écriture à un document. Pour cela, toute personne souhaitant modifier un document doit prouver qu'iel possède la clé de signature privée liée au document. Pour cela, iels signent leurs modifications et d'autres personnes travaillant sur le même document peuvent vérifier que la modification a effectivement été effectuée par une personne autorisée avant d'accepter les modifications.</p>
<h3>🔄 Partager</h3>
<p>CryptPad conserve ces détails techniques « sous le capot » et fournit une interface simple pour <a href="https://docs.cryptpad.org/fr/user_guide/share_and_access.html#sharing-a-link">partager des documents</a> via des liens. Un tel lien contient essentiellement la clé symétrique pour le chiffrement et le déchiffrement, pour la vérification des signatures ainsi que celle pour l'émission des signatures (en cas d'accès en lecture/écriture) d'une manière <strong>non révocable</strong>.</p>
<p>
<img alt="Partager avec un lien" style="border-radius: 10px" src="https://blog.cryptpad.org/images/docs-modal-share-link.png" />
</p>
<p>⚠️ Cela implique que le document est seulement aussi sécurisé que le canal de communication <strong>le plus faible</strong> utilisé pour envoyer ces liens.</p>
<p>Si vous considérez qu'un canal n'est pas sûr, ou s'il est accessible au public, vous voudrez peut-être en isoler certains de vos documents. Par exemple, vous pouvez limiter l'envoi de liens d'édition vers les chats <a href="https://signal.org/">Signal</a> avec des messages éphémères qui disparaissent.</p>
<p>Une autre possibilité de partager l'accès en toute sécurité est de <a href="https://docs.cryptpad.org/fr/user_guide/share_and_access.html#sharing-with-contacts">l'envoyer via CryptPad à vos contacts</a>. Iel utilisent en interne le système de <a href="https://docs.cryptpad.org/en/dev_guide/general.html#encryption">"mailbox"</a> (en anglais) pour les communications internes, sans que le serveur CryptPad ne le sache. De cette façon, vous n'avez pas besoin d'utiliser un canal de communication tiers (potentiellement non sécurisé).</p>
<p>
<img alt="Partager avec des contacts" style="border-radius: 10px" src="https://blog.cryptpad.org/images/docs-modal-share-contacts.png" />
</p>
<p>⚠️ Notez que les documents CryptPad contiennent l'historique complet des modifications. Il est facilement accessible à n'importe qui à partir de l'<a href="https://docs.cryptpad.org/fr/user_guide/apps/general.html#document-history">interface utilisateur·ice</a>. Si vous avez commis une erreur de manipulation, par exemple au bout d'un texte que vous ne vouliez pas partager, tout en produisant le document <strong>avant</strong> de le partager, nous vous recommandons de copier-coller la version que vous souhaitez partager pour la collaboration dans un nouveau document avant de l'envoyer pour nettoyer l'historique (cela aide également à suivre les modifications par la suite).</p>
<h3>⛔ Restreindre l'accès</h3>
<p>Comme CryptPad fonctionne avec des clés statiques, les accès partagés accordés ne sont pas révoquables. Cela signifie que par défaut, toute personne à qui l'accès a été accordé pourra à jamais lire (et modifier) un document. Pour éviter cela, vous pouvez fermer l'accès à un document à l'aide de la fonctionnalité <a href="https://docs.cryptpad.org/fr/user_guide/share_and_access.html#access-list">Liste d'accès</a>.</p>
<p>
<img alt="Liste d'accès" style="border-radius: 10px" src="https://blog.cryptpad.org/images/docs-modal-access-list.png" />
</p>
<p>De cette façon, seules les personnes sélectionnées ont accès au document, indépendamment de la personne qui a reçu le lien de partage.</p>
<p>Assurez-vous également que vous ou votre <a href="https://docs.cryptpad.org/fr/user_guide/collaboration.html#teams">équipe</a> êtes défini comme « propriétaire » lorsque vous créez des documents. Cela vous donnera un contrôle total, y compris la possibilité de détruire un document s'il contient des informations sensibles ou si le lien échappe à votre contrôle.</p>
<h3>🔒 Mots de passe par document</h3>
<p>Pour plus de sécurité, vous pouvez <a href="https://docs.cryptpad.org/fr/user_guide/share_and_access.html#access-tab">protéger un document avec un mot de passe</a>. Le document n'est alors disponible que si vous avez les deux, le lien de partage et le mot de passe. Ceci est particulièrement utile dans le cas où vous n'avez pas de canal de communication sécurisé pour partager le lien, car vous pouvez envoyer le lien et le mot de passe sur deux canaux <em>distincts</em> (par exemple, la messagerie texte et le courrier électronique). De cette façon, l'attaquant doit surveiller les deux canaux en même temps, ce qui le rend beaucoup plus difficile.</p>
<p>Lorsque vous partagez des documents avec vos contacts directement sur CryptPad, les communications sont chiffrées, et nous supposons que vous voulez leur donner accès. Par conséquent, le mot de passe est mémorisé et envoyé avec le document lorsque vous le partagez. On ne le demande pas au destinataire, ou à vous-même, lors de l'ouverture du document. Cela suppose implicitement que la sécurité du lecteur CryptPad est au moins aussi forte que les canaux de communication utilisés pour partager le document.</p>
<h3>💨 Autodestruction</h3>
<p>CryptPad vous permet de créer des <a href="https://docs.cryptpad.org/fr/user_guide/security.html#self-destructing-documents">documents qui s'autodétruisent</a>, ils seront détruits soit après l'heure d'expiration définie, soit après l'ouverture du document partagé la première fois.</p>
<p>Cette fonctionnalité est particulièrement utile si vous devez partager des données sensibles qui ne devraient pas être accessibles pour toujours. Vous pouvez l'utiliser pour partager un mot de passe avec une personne par exemple.</p>
<h2>🕵️ Anonymat</h2>
<p>CryptPad ne fournit qu'une faible forme d'anonymat et ne cache pas votre <a href="https://guide.boum.org/en-ligne-comprendre-bases-sur-les-reseaux.html#en_ligne-comprendre-bases_sur_les_reseaux-protocole_de_communication-protocole_ip">adresse IP</a> ou votre <a href="https://guide.boum.org/en-ligne-comprendre-traces-sur-toute-la-ligne.html#en_ligne-comprendre-traces_sur_toute_la_ligne-serveur-les_en_tetes_http">« agent utilisateur »</a> (navigateur et <a href="https://ssd.eff.org/fr/glossary/systeme-d-exploitation">système d'exploitation</a>). Le serveur peut en outre lier les adresses IP de personnes qui collaborent souvent sur les mêmes documents. Bien sûr, nous n'exécutons pas ces analyses pour notre instance phare, mais nous voulons que vous nous fassiez confiance le moins possible. Vous pouvez donc utiliser les outils et techniques suivants :</p>
<ul>
<li>Le <a href="https://www.torproject.org/download/">Navigateur Tor</a> pour se connecter à CryptPad et cacher votre adresse IP.</li>
<li>Un compte « jetable » qui n'est utilisé que pour des actions spécifiques à haut risque, telles que le travail sur un petit ensemble de documents ou la publication d'informations sensibles pour éviter la possibilité de lier les adresses IP des personnes collaboratrices.</li>
<li><a href="https://tails.net/">Tails</a> pour ne laisser aucune trace sur votre appareil local.</li>
</ul>
<h2>💡 Autres outils</h2>
<p>CryptPad est conçu pour être une suite bureautique générale et facile à utiliser. En tant que tel, il se peut qu'il ne réponde pas toujours à vos besoins spécifiques. Nous vous redirigons vers d'autres outils et services qui ne sont pas affiliés à CryptPad pour les actions suivantes :</p>
<ul>
<li>Un <a href="https://guide.boum.org/en-ligne-outils-gerer-des-mots-de-passe.html#en_ligne-outils-gerer_des_mots_de_passe-utiliser_un_gestionnaire_de_mots_de_passe">gestionnaire de mots de passe</a> pour avoir le contrôle de vos mots de passe.</li>
<li><a href="https://securedrop.org/">Secure Drop</a> pour les lanceur·euses d'alertes.</li>
<li><a href="https://signal.org/">Signal</a> pour une messagerie sécurisée en temps réel.</li>
</ul>
<h2>📚 Références</h2>
<p>À propos de CryptPad :</p>
<ul>
<li>La <a href="https://docs.cryptpad.org/fr/user_guide/security.html">section sécurité</a> dans notre guide de l'utilisateur·ice explique l'utilisation des fonctionnalités de sécurité de CryptPad.</li>
<li>La conférence <a href="https://peertube.xwiki.com/w/jAP48FTXpi9CpJnb8SSVDh">« Vivre à la périphérie avec CryptPad : confidentialité, calcul distribué et architectures de résilience »</a> (en anglais) est une explication détaillée des concepts derrière CryptPad.</li>
<li>Nous avons publié un <a href="https://blog.cryptpad.org/2023/02/02/Whitepaper/">livre blanc</a> (en anglais) décrivant les mécanismes de sécurité et la cryptographie utilisés dans CryptPad. Ce document est destiné aux personnes qui sont déjà familières avec la cryptographie.</li>
</ul>
<p>Plus général :</p>
<ul>
<li>Le <a href="https://guide.boum.org/pr%C3%A9face-%C3%A0-cette-%C3%A9dition.html">Guide d'Autodéfence Numérique</a></li>
<li>Le <a href="https://ssd.eff.org/fr/">guide d'autodéfense de surveillance</a> par l'Electronic Frontier Foundation (EFF)</li>
</ul>
<h2>🙋 Questions ?</h2>
<p>Nous sommes heureux·ses de vous aider et de répondre à vos questions concernant ce billet de blog. Vous pouvez nous joindre sur <a href="https://forum.cryptpad.org/">notre forum</a>, <a href="https://matrix.to/#/#cryptpad:matrix.xwiki.com">Matrix</a>, <a href="https://fosstodon.org/@cryptpad">Mastodon</a>, ou par <a href="mailto:contact@cryptpad.org">e-mail</a>.</p>
<h2>🙏 Remerciements</h2>
<p>Ce projet fait partie de <a href="https://nlnet.nl/project/CryptPad-Blueprints/">CryptPad Blueprints</a>, qui est financé par le Fonds <a href="https://nlnet.nl/entrust">NGI0 Entrust</a>, un fonds créé par <a href="https://nlnet.nl/">NLnet</a> avec le soutien financier du programme <a href="https://ngi.eu/">Next Generation Internet</a> de la Commission européenne, sous l'égide de <em>DG Communications Networks, Content and Technology</em> dans le cadre de la convention de subvention n° 101069594.</p>
The Most Secure Way To Use CryptPad2024-03-14T00:00:00Zhttps://blog.cryptpad.org/2024/03/14/Most-Secure-CryptPad-Usage/We show you in which scenario CryptPad is secure, and give you ideas for concrete actions for a safe CryptPad usage.<p><img src="https://blog.cryptpad.org/images/Paris_Pont_des_Arts_--_2014_--_1422.jpg" alt="Love padlocks at the Pont des Arts, Paris, France (2014) " /></p>
<p>Photo Dietmar Rabich <a href="https://commons.wikimedia.org/wiki/File:Paris,_Pont_des_Arts_--_2014_--_1422.jpg">Wikimedia Commons CC-BY-SA</a></p>
<p>A <a href="https://blog.cryptpad.org/2024/03/18/Pour-un-usage-securise-de-CrytpPad/">French translated version</a> is also available.</p>
<p>You're looking for a privacy-focused collaboration tool?
Well, you already found it!
But what does “privacy” in this context actually mean?
And how is it technically enforced?
Are there any additional precautions needed for an extra-safe usage of CryptPad?</p>
<p>In this blog post we will answer these and other questions.
We will show you in which scenarios CryptPad is secure, and give you ideas for
concrete actions for using CryptPad safely.
While we do as much as possible to make CryptPad secure, its security also
depends on how you use it.</p>
<h2>🧑🏫 Preliminaries</h2>
<h3>🗺 Threat model</h3>
<p>When speaking of security or privacy, we should always define the scenario we
are speaking of.
This scenario is the so-called <a href="https://ssd.eff.org/glossary/threat-model"><em>threat
model</em></a> which defines the
<a href="https://ssd.eff.org/glossary/capability">adversarial capabilities</a>.
In general, we aim to think of them to be as powerful as possible.
If we can defend against a strong
<a href="https://ssd.eff.org/glossary/adversary">adversary</a>,
we can also defend against a weaker one.</p>
<p>The first assumption about the adversarial capabilities follows directly from
CryptPad's architecture.
CryptPad is a web application: you visit the website of your
<a href="https://docs.cryptpad.org/en/user_guide/instances.html">instance</a> (e.g.,
<a href="https://cryptpad.fr/">https://cryptpad.fr</a>) and automatically download the client code that will be
executed locally on your computer.
If you receive bogus code from this server, you cannot establish any security,
as this bogus code may, as an example, send all your documents in plaintext to
the server.
Hence, you must trust the server to not run any <em>active</em>
<a href="https://ssd.eff.org/glossary/attack">attacks</a> (i.e., not to run
a modified CryptPad server software).</p>
<p>We nevertheless defend against an <em>honest-but-curious</em> (i.e., passive) server.
The second assumption is thus that the server plays according to the rules, but
could try to infer sensitive information by analyzing all the data it receives.
This scenario includes the possibility that a third-party gets access to the
server and can see all data and logs.
CryptPad has already defended against such an adversary in the past when <a href="https://newsrnd.com/tech/2022-06-24-data-confiscated-from-pirate-party-servers.SJxeH5I79q.html">a
third-party instance was seized by the
police</a>.
We therefore consider this scenario to be highly realistic.</p>
<p>Lastly, we assume the attackers to have network capability.
This would be the case for the system administrator managing the network
in your office, your <a href="https://en.wikipedia.org/wiki/Internet_service_provider">internet service
provider</a>, or secret
services as well as many others.
The attackers may even use active network capabilities, that is they can sniff
your web traffic, and also replay, drop or modify data sent over the network.</p>
<!-- ### 🔎 Security and Privacy -->
<!-- The notions of _security_ and _privacy_ are often mixed, however they do not -->
<!-- refer to the same concept. -->
<!-- In the context of CryptPad, the two notions can be differentiated as follows: -->
<!-- * **Security:** An adversary cannot read or modify your documents, your -->
<!-- messages, or the teams your belonging to. -->
<!-- * **Privacy:** An adversary cannot link your activity to other profiles, your -->
<!-- name or to any of your sensitive data. -->
<!-- CryptPad aims to give you both. -->
<!-- However, as any other website you're visiting, the server can see your -->
<!-- [IP address](https://ssd.eff.org/glossary/ip-address) and your ["user -->
<!-- agent"](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/User-Agent) -->
<!-- (browser and [operating system](https://ssd.eff.org/glossary/operating-system)). -->
<h3>🔑 Cryptography</h3>
<p>One of the key features of CryptPad is <a href="https://ssd.eff.org/glossary/end-to-end-encryption">end-to-end
encryption</a>. Let us give you
a rough idea of what encryption and authentication are. There are three main
building blocks:</p>
<ol>
<li><strong>Symmetric Encryption</strong> (or secret key encryption) works similar to a box
with a lock: We can put something into the box and lock the box by key
(encryption).
Only someone with the key can unlock the box and access the content
(decryption) and modify it.
Since the same key is used to lock and unlock the box, this scheme is dubbed
<em>symmetric</em>.
We can further make copies of the key and distribute it to people whom we
trust, so that they can all lock and unlock the box.</li>
<li><strong>Asymmetric Encryption</strong> (or public key encryption: PKE for short) differs
from symmetric encryption in that a different key is used for encryption
(namely, the <em>public key</em>) and decryption (the <em>private key</em>).
You can imagine asymmetric encryption as the following system: you distribute
open locks (the public encryption key) to everyone and keep the (secret
decryption) key to yourself. Then, if someone wants to send you a message,
they put it in a box and close a lock on it.
Thus, only you can open it while anyone can produce a locked box for you.<p><img alt="Box with a lock" src="https://blog.cryptpad.org/images/unsplash-lock_on_a_box.jpg" /></p>
</li>
<li><strong>Digital Signatures</strong> are closely related to physical seals: Only the
persons in possession of the seal (which we call the <em>signing key</em>) can sign,
but all other people can verify the authenticity of a document using the
public <em>verification key</em> of the emitter.
In addition, digital signatures also guarantee that no one is able to modify
the sealed content without readers noticing it. A property that regular
seals don’t enjoy.<br />
Note that there is a symmetric variant of this primitive called <a href="https://en.wikipedia.org/wiki/Message_authentication_code"><em>message
authentication
code</em></a>. However,
it is rarely used as an independent building block and is jointly used with
symmetric encryption to achieve <a href="https://en.wikipedia.org/wiki/Authenticated_encryption">authenticated
encryption</a>, that
further guarantees that messages are not tampered. As we exclusively use
authenticated encryption in CryptPad, we usually use “symmetric encryption”
instead in the explanations for simplicity, but actual guarantees are
stronger.<p><img alt="Physical seal" src="https://blog.cryptpad.org/images/unsplash-sealed_letter.jpg" /></p>
</li>
</ol>
<p>For CryptPad, we combine all of these building blocks to achieve different
goals. We will explain the usage below in the section pertaining to Documents.</p>
<h2>🧗 The Basics</h2>
<p>We outline some basic measurements that allow you to significantly increase the
security of your CryptPad usage:</p>
<!-- ensure that you are using an instance that is up-to-date
ie. compare against https://github.com/xwiki-labs/cryptpad
https://cryptpad.org/instances/ only lists third-party hosts that
have updated in a reasonable amount of time
-->
<ul>
<li>CryptPad is <a href="https://ssd.eff.org/glossary/open-source-software">open source</a>
software and as such there are <a href="https://cryptpad.org/instances/">various
instances</a> running it. While we host the
<a href="https://cryptpad.fr/">flagship instance</a> you might choose a different one
depending on the jurisdiction for instance.</li>
<li>Ensure that you are connecting to the chosen CryptPad instance over
<a href="https://ssd.eff.org/module/what-should-i-know-about-encryption#transport-layer-encryption-example-https">HTTPS</a>.</li>
<li>All security mechanisms are only as strong as your password is.
If your password is easily guessable, attackers can get full access to all your
data stored on CryptPad.
We recommend you to either generate a random password using a <a href="https://ssd.eff.org/module/animated-overview-using-password-managers-stay-safe-online">password
manager</a> or to <a href="https://www.eff.org/dice">choose
multiple words</a> in case the password needs to be
memorizable.
Use this password only for CryptPad to avoid other services leaking it.</li>
<li>Log out of CryptPad after each session to require the password to
access your data on CryptPad. Otherwise, anybody with access to your device
can also access your data on CryptPad.</li>
<li>Use <a href="https://ssd.eff.org/glossary/two-factor-authentication">two-factor
authentication</a> in
your account to add protection against phishing by adding a temporal factor to
your login.
<a href="https://blog.cryptpad.org/2024/01/09/tutorial-two-factor-authentication/">A user guide</a> is available
in this blog.</li>
</ul>
<h2>🧑 Contacts</h2>
<p>As we will show below, adding your peers as CryptPad contacts lets you more
easily and safely share documents.
You can moreover restrict access to a document to specific contacts and exchange
text messages with them.</p>
<p>The easiest way to add someone to your contacts is to <a href="https://docs.cryptpad.org/en/user_guide/collaboration.html#add-a-contact">share the link to your
profile</a>
over a secure communication to your peer and request to add each other as
contacts.</p>
<p>⚠️ Note that usernames are not unique on CryptPad.
Depending on context, it may be wise to verify a received contact request
through another secure channel.</p>
<h2>📄 Documents</h2>
<p>CryptPad uses symmetric encryption with a per-document secret key to make
your documents unreadable for anyone who has no access to their corresponding
keys. CryptPad also allows you to differentiate between read-only and write
accesses to a document. For that, anyone wanting to modify a document needs to
prove that they own the private signing key linked to the document. For this,
they sign their modifications and other people working on the same document can
verify that the modification was indeed done by an authorized person before
accepting the changes.</p>
<h3>♻ Sharing</h3>
<p>CryptPad keeps these technical details “under the hood” and provides a simple
interface to <a href="https://docs.cryptpad.org/en/user_guide/share_and_access.html#sharing-a-link">share
documents</a>
via links. Such a link essentially contains the symmetric key for encryption and
decryption, for verifying signatures as well as the one for issuing signatures
(in case of read/write access) in a <strong>non-revokable manner</strong>.</p>
<p>
<img alt="Share via link" style="border-radius: 10px" src="https://blog.cryptpad.org/images/docs-modal-share-link.png" />
</p>
<p>⚠️ This implies that the document is only as safe as the <strong>weakest</strong>
communication channel used to send these links.</p>
<!-- maybe worth giving an example of a channel here -->
<p>If you consider a channel to be unsafe, or if it is publicly accessible, you
may want to isolate some of your documents from it. For instance, you can limit
the sending of edit links to <a href="https://signal.org/">Signal</a> chats with
disappearing messages.</p>
<!-- I'm not sure we ever refer to the mailbox system in public documents, so maybe we can find another term to express this rather than the internal name
Fabrice: Agreed -->
<p>Another possibility to safely share the access is to <a href="https://docs.cryptpad.org/en/user_guide/share_and_access.html#sharing-with-contacts">send it over CryptPad to your
contacts</a>.
It internally uses the
<a href="https://docs.cryptpad.org/en/dev_guide/general.html#encryption">“mailbox”</a>
system for internal communications, without the CryptPad server knowing better.
This way, you do not have to use a secondary (potentially insecure) communication
channel.</p>
<p>
<img alt="Share with contacts" style="border-radius: 10px" src="https://blog.cryptpad.org/images/docs-modal-share-contacts.png" />
</p>
<p>⚠️ Note that CryptPad documents contain the full edit history by design. It is
easily accessible to anyone from the <a href="https://docs.cryptpad.org/en/user_guide/apps/general.html#document-history">user
interface</a>.
If you made a manipulation error, such at past some text you didn’t want to
share, while producing the document <strong>before</strong> sharing it, we recommend that you
copy-paste the version you want to share for collaboration in a new pad before
sending it to sanitize the history (it also helps to track changes afterward).</p>
<h3>⛔ Restricting Access</h3>
<p>As CryptPad operates with static keys, granted shared accesses are not revokable.
This means that by default anyone who was granted access will forever be able to
read (and modify) a document.
To prevent this, you can shut down access to a document using the
<a href="https://docs.cryptpad.org/en/user_guide/share_and_access.html#access-list">Access
List</a>
feature.</p>
<p>
<img alt="Access List" style="border-radius: 10px" src="https://blog.cryptpad.org/images/docs-modal-access-list.png" />
</p>
<p>This way, only the selected persons have access to the document, independently
of who has received the sharing link.</p>
<p>Also make sure you or your <a href="https://docs.cryptpad.org/en/user_guide/collaboration.html#teams">team</a>
is set as “owner” when you create documents.
This will give you full control including the possibility to destroy a document
if it contains sensitive information or the link escapes your control.</p>
<h3>🔒 Per-Document Passwords</h3>
<p>For additional safety, you can <a href="https://docs.cryptpad.org/en/user_guide/share_and_access.html#access-tab">protect a document with a
password</a>.
The document is then only available if you have both, the sharing link and the
password.
This is especially useful for the case where you do not have a secure
communication channel to share the link, as you can send the link and the
password over two <em>distinct</em> channels (e.g., text messaging and email).
This way, the attacker has to monitor on both channels at the same time which
makes it a lot more difficult.</p>
<!-- maybe "listen" or "monitor" would be clearer than "sniff" ? -->
<!-- agreed -->
<!-- a diagram of this might be nice... like how David's shredder-unshredder image shows things being unreadable in transit, we could show two independent but readable things being combined? -->
<p>When you share documents with your contacts directly on CryptPad, communications
are encrypted, and we assume that you want to give them access.
Therefore, the password is remembered and sent with the document when you share
it.
The recipient, or yourself, are not asked for it when opening the document.
This implicitly assumes that the security of CryptPad drive is at least as
strong as the communication channels used to share the document.</p>
<h3>💨 Self-Destruction</h3>
<p>CryptPad allows you to make <a href="https://docs.cryptpad.org/en/user_guide/security.html#self-destructing-documents">self-destructing
documents</a>
which will be destroyed either after the set expiration time or after the shared
document was opened the first time.</p>
<p>This feature is especially useful if you have to share sensitive data that
should not be accessible forever.
You could use it to share a password to a peer for example.</p>
<h2>🕵️ Anonymity</h2>
<!-- it should be noted who this is hidden from. Peers in the same document can't determine that you're using Firefox/Safari, but the server can -->
<p>CryptPad only provides a weak form of anonymity and does not hide your
<a href="https://ssd.eff.org/glossary/ip-address">IP address</a> or your <a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/User-Agent">“user
agent”</a>
(browser and <a href="https://ssd.eff.org/glossary/operating-system">operating system</a>).
The server can furthermore theoretically link IP addresses of people who are often collaborating on the same documents.
Of course, we do not run these analytics for our flagship instance, but we want
you to have to trust us as little as possible.
You may want therefore use the following tools and techniques:</p>
<ul>
<li>The <a href="https://www.torproject.org/download/">Tor browser</a> to connect to
CryptPad and hide your IP address.</li>
<li>A burner account that is only used for specific high-risk actions such as
working on a small set of documents or publishing sensitive information to
prevent the possibility of linking IP addresses of collaborating people.</li>
<li><a href="https://tails.boum.org/">Tails</a> for leaving no traces on your local device.</li>
</ul>
<h2>💡 Other Tools</h2>
<p>CryptPad is designed to be a general, easy-to-use office suite.
As such it may not always fit your specific needs.
We redirect you to other tools and services that are not affiliated to CryptPad
for the following actions:</p>
<ul>
<li>A <a href="https://ssd.eff.org/module/animated-overview-using-password-managers-stay-safe-online">password
manager</a>
to have control over your passwords.</li>
<li><a href="https://securedrop.org/">Secure Drop</a> for whistleblowing.</li>
<li><a href="https://signal.org/">Signal</a> for secure real-time messaging.</li>
</ul>
<h2>📚 References</h2>
<p>About CryptPad:</p>
<ul>
<li>The <a href="https://docs.cryptpad.org/en/user_guide/security.html">security section</a>
in our user guide explains the use of CryptPad's security features.</li>
<li>The talk <a href="https://peertube.xwiki.com/w/jAP48FTXpi9CpJnb8SSVDh">“Living on the Edge with CryptPad: privacy, distributed
computation, and architectures of
resilience”</a> is an
extended explanation about the concepts behind CryptPad.</li>
<li>We have published a <a href="https://blog.cryptpad.org/2023/02/02/Whitepaper/">white paper</a>
describing the security mechanisms and the cryptography used in CryptPad. This
document is intended for people who are already familiar with cryptography.</li>
</ul>
<p>More general:</p>
<ul>
<li>The <a href="https://ssd.eff.org/">surveillance self-defense guide</a> by the Electronic
Frontier Foundation (EFF)</li>
</ul>
<h2>🙋 Questions?</h2>
<p>We are happy to help you and answer your questions regarding this blog post.
You can reach us on <a href="https://forum.cryptpad.org/">our forum</a>,
<a href="https://matrix.to/#/#cryptpad:matrix.xwiki.com">Matrix</a>,
<a href="https://fosstodon.org/@cryptpad">Mastodon</a>, or
<a href="mailto:contact@cryptpad.fr">Email</a>.</p>
<h2>🙏 Acknowledgements</h2>
<p>This project is part of <a href="https://nlnet.nl/project/CryptPad-Blueprints/">CryptPad
Blueprints</a>, which is funded
through the <a href="https://nlnet.nl/entrust">NGI0 Entrust</a> Fund, a fund established by
<a href="https://nlnet.nl/">NLnet</a> with financial support from the European Commission's
<a href="https://ngi.eu/">Next Generation Internet</a> program, under the aegis of DG
Communications Networks, Content and Technology under grant agreement
N° 101069594.</p>
CryptPad Funding Status January 20242024-03-08T00:00:00Zhttps://blog.cryptpad.org/2024/03/08/CryptPad-Funding-Status-January-2024/A summary of our budget for the year 2023 and planning for 2024<p>With the start of the new year it is time for another update on the funding of the CryptPad project. A lot has happened since <a href="https://blog.cryptpad.org/2023/02/09/CryptPad-Funding-Status-January-2023/">this time last year</a>, so we are coming back with more information on how the project is going.</p>
<h2>Expectations for 2023</h2>
<p>Last year we gave three possible evolution for the 2023 revenue compare to the 2022 budget depending on the funding we would have been able to secure:</p>
<table>
<thead>
<tr>
<th style="text-align:center">Year</th>
<th style="text-align:center">Total Revenue (KEuros)</th>
<th style="text-align:center">Total Costs (KEuros)</th>
<th style="text-align:center">Balance (KEuros)</th>
</tr>
</thead>
<tbody>
<tr>
<td style="text-align:center">2022</td>
<td style="text-align:center">257,2</td>
<td style="text-align:center">307</td>
<td style="text-align:center">-49,8</td>
</tr>
<tr>
<td style="text-align:center">Planned 2023 - Safe</td>
<td style="text-align:center">505</td>
<td style="text-align:center">495</td>
<td style="text-align:center">10</td>
</tr>
<tr>
<td style="text-align:center">Planned 2023 - Mid Level</td>
<td style="text-align:center">685</td>
<td style="text-align:center">630</td>
<td style="text-align:center">55</td>
</tr>
<tr>
<td style="text-align:center">Planned 2023 - Dream</td>
<td style="text-align:center">905</td>
<td style="text-align:center">835</td>
<td style="text-align:center">70</td>
</tr>
</tbody>
</table>
<p><img src="https://blog.cryptpad.org/images/2023-budget-chart-possible.png" alt="bar chart comparing the figures in the table above" /></p>
<p>This all depended on the evolution of two large projects. One being the German State project, "Sovereign Workplace Project" in which CryptPad is participating and the French "Sovereign Collaborative Cloud" project which we expected to sign at the beginning of the year. We know that in any case we believe we would be able to grow the team.</p>
<h2>What happened in 2023</h2>
<p>What actually happened is that the "Sovereign Workplace project" went as planned, keeping us quite busy during the year, with the release of the Diagram application and a lot of work on accessibility and security. On the French project side, we started later than planned with the different project starting around the mid-year, reducing a little the budget for 2023. Now these projects have started and we are actively working on them.</p>
<p>Also in October we were happy to hire Fabrice Mouhartem, a Cryptography Engineer who qualifies for the young PhD status, allowing us to have 2 years of funding from the French state under the CIR Young PhD program.</p>
<p>From a financial point of view here are the financial resources we have been able to count on for 2023:</p>
<table>
<thead>
<tr>
<th style="text-align:center">Year</th>
<th style="text-align:center">Subscriptions (KEuros)</th>
<th style="text-align:center">Donations (KEuros)</th>
<th style="text-align:center">Research Projects (KEuros)</th>
<th style="text-align:center">Client Roadmap Funding (KEuros)</th>
<th style="text-align:center">Other Client Revenue (Cloud / Support) (KEuros)</th>
<th style="text-align:center">Crédit Impôt Recherche Tax Cut (KEuros)</th>
<th style="text-align:center">Extra Crédit Impôt Recherche (PHD) (KEuros)</th>
<th style="text-align:center">Total (KEuros)</th>
</tr>
</thead>
<tbody>
<tr>
<td style="text-align:center">2022</td>
<td style="text-align:center">46,5</td>
<td style="text-align:center">12,7</td>
<td style="text-align:center">100</td>
<td style="text-align:center"></td>
<td style="text-align:center"></td>
<td style="text-align:center">58</td>
<td style="text-align:center">40</td>
<td style="text-align:center">257</td>
</tr>
<tr>
<td style="text-align:center">Planned 2023 - Safe</td>
<td style="text-align:center">60</td>
<td style="text-align:center">25</td>
<td style="text-align:center">0</td>
<td style="text-align:center">200</td>
<td style="text-align:center">110</td>
<td style="text-align:center">110</td>
<td style="text-align:center">0</td>
<td style="text-align:center">505</td>
</tr>
<tr>
<td style="text-align:center">Planned 2023 - Mid Level</td>
<td style="text-align:center">60</td>
<td style="text-align:center">25</td>
<td style="text-align:center">200</td>
<td style="text-align:center">200</td>
<td style="text-align:center">110</td>
<td style="text-align:center">90</td>
<td style="text-align:center">0</td>
<td style="text-align:center">685</td>
</tr>
<tr>
<td style="text-align:center">Planned 2023 - Dream</td>
<td style="text-align:center">60</td>
<td style="text-align:center">25</td>
<td style="text-align:center">300</td>
<td style="text-align:center">300</td>
<td style="text-align:center">150</td>
<td style="text-align:center">70</td>
<td style="text-align:center">0</td>
<td style="text-align:center">905</td>
</tr>
<tr>
<td style="text-align:center">Real 2023</td>
<td style="text-align:center">54,5</td>
<td style="text-align:center">25,7 + 12k Exceptional revenue (*)</td>
<td style="text-align:center">216</td>
<td style="text-align:center">223</td>
<td style="text-align:center">10</td>
<td style="text-align:center">48</td>
<td style="text-align:center">25.5</td>
<td style="text-align:center">614.7</td>
</tr>
</tbody>
</table>
<p>Some donations received in bitcoin have increased value during 2023. We sold them now and retrieved them from bitcoin exchanges with a win of 12k.</p>
<p>As you can see this is slightly lower than the "mid level" we expected from 2023. This is due to the research project starting later than planned. This is however more than doubling our budget from 2022 which allowed us to increase the size of the team during the year.</p>
<p>On the spending side:</p>
<table>
<thead>
<tr>
<th style="text-align:center">Year</th>
<th style="text-align:center">Number of Employees (Full-time Equivalent) (KEuros)</th>
<th style="text-align:center">Team Salaries (KEuros)</th>
<th style="text-align:center">Other costs (KEuros)</th>
<th style="text-align:center">Hosting Costs (KEuros)</th>
<th style="text-align:center">Other Client Revenue (Cloud / Support) (KEuros)</th>
<th style="text-align:center">Crédit Impôt Recherche Tax Cut (KEuros)</th>
<th style="text-align:center">Extra Crédit Impôt Recherche (PHD) (KEuros)</th>
<th style="text-align:center">Total (KEuros)</th>
</tr>
</thead>
<tbody>
<tr>
<td style="text-align:center">2022</td>
<td style="text-align:center">4</td>
<td style="text-align:center">272</td>
<td style="text-align:center">35</td>
<td style="text-align:center">0 (*)</td>
<td style="text-align:center"></td>
<td style="text-align:center">58</td>
<td style="text-align:center">40</td>
<td style="text-align:center">257</td>
</tr>
<tr>
<td style="text-align:center"></td>
<td style="text-align:center"></td>
<td style="text-align:center"></td>
<td style="text-align:center"></td>
<td style="text-align:center"></td>
<td style="text-align:center">110</td>
<td style="text-align:center">110</td>
<td style="text-align:center">0</td>
<td style="text-align:center">505</td>
</tr>
<tr>
<td style="text-align:center">Planned 2023 - Mid Level</td>
<td style="text-align:center">7-8</td>
<td style="text-align:center">550</td>
<td style="text-align:center">80</td>
<td style="text-align:center">0 (*)</td>
<td style="text-align:center">110</td>
<td style="text-align:center">90</td>
<td style="text-align:center">0</td>
<td style="text-align:center">685</td>
</tr>
<tr>
<td style="text-align:center">Planned 2023 - Dream</td>
<td style="text-align:center">8+</td>
<td style="text-align:center">750</td>
<td style="text-align:center">85</td>
<td style="text-align:center">0 (*)</td>
<td style="text-align:center">150</td>
<td style="text-align:center">70</td>
<td style="text-align:center">0</td>
<td style="text-align:center">905</td>
</tr>
<tr>
<td style="text-align:center">Real 2023</td>
<td style="text-align:center">7</td>
<td style="text-align:center">528</td>
<td style="text-align:center">101</td>
<td style="text-align:center">0 (*)</td>
<td style="text-align:center">10</td>
<td style="text-align:center">48</td>
<td style="text-align:center">25.5</td>
<td style="text-align:center">614.7</td>
</tr>
</tbody>
</table>
<h1>2023 Financial Status</h1>
<p>From the financial point of view the year of 2023, after doubling the size of the team and our spending, the budget has a small negative of <strong>-15K</strong>. Also we haven't recovered the negative <strong>€50k of 2022</strong>.</p>
<p>In 2023 we wanted to start selling CryptPad support or cloud services to organizations, and on this part we are running later than planned, although interest has been picking up in this area in the last few weeks. We have had delays to deliver an automated Cloud service and also SSO features which are necessary to propose CryptPad to companies. Also while we have a little increase in subscriptions for "<a href="http://cryptpad.fr/">cryptpad.fr</a>" and donations (around 35% from 2022), these <strong>represent only 13% of our revenue</strong>.</p>
<p>This makes us increasingly dependent from research projects and client roadmap funding, as you can see below with the 2024 budget. This has a tendency to direct our roadmap to more complex work which is not always the one that is the most requested by our individual users. This is also risky on the longer term as we risk not being able to maintain the same team size on CryptPad if we don't find more projects or funding.</p>
<p>While we hope to be able to create recurrent revenue with enterprise clients in 2024, <strong>you can help make CryptPad more sustainable</strong> by helping us increase subscriptions and donations. To subscribe to <a href="http://cryptpad.fr/">cryptpad.fr</a>, visit <a href="https://cryptpad.fr/accounts/">https://cryptpad.fr/accounts/</a> and to donate on Open Collective visit <a href="https://opencollective.com/cryptpad">https://opencollective.com/cryptpad</a></p>
<p><img src="https://blog.cryptpad.org/images/2024-budget-chart.png" alt="bart chart of the evolution of the CryptPad budget from 2019 to 2023" /></p>
<h2>What did we do in 2023 with our funding</h2>
<p>You can find all the statuses of the Year 2023 on our blog in the status-update section:</p>
<p><a href="https://blog.cryptpad.org/tags/status-update/">https://blog.cryptpad.org/tags/status-update/</a></p>
<p>In particular in 2023 we have worked on the following:</p>
<ul>
<li>We almost finished the work on the NLNet BluePrints project funded by NGI Entrust, publishing the security white paper of CryptPad: <a href="https://blog.cryptpad.org/2023/02/02/Whitepaper/">https://blog.cryptpad.org/2023/02/02/Whitepaper/</a></li>
<li>We delivered a new Diagram application based on <a href="http://draw.io/">draw.io</a>: <a href="https://blog.cryptpad.org/2023/08/18/status-2023-summer-02/">https://blog.cryptpad.org/2023/08/18/status-2023-summer-02/</a>, funded by the Sovereign Workplace Project from the German Government. Through this project we have also delivered a NextCloud integration: <a href="https://blog.cryptpad.org/2023/12/01/status-2023-11/">https://blog.cryptpad.org/2023/12/01/status-2023-11/</a></li>
<li>As part also of the German Government project, there has been a lot of work on security and accessibility. Since this summer we have fixed many accessibility issues <a href="https://github.com/cryptpad/cryptpad/issues?q=label%3AAccessibility+is%3Aclosed+">https://github.com/cryptpad/cryptpad/issues?q=label%3AAccessibility+is%3Aclosed</a> and also setup accessibility tests and more general integration tests.</li>
<li>We also worked on 2FA and SSO as part of the NLNet CryptPad Auth project funded by the NGI Assure program. This allowed is to deliver the CryptPad SSO plugin <a href="https://github.com/cryptpad/sso">https://github.com/cryptpad/sso</a> and also the 2FA functionality available since 5.4.0 this summer.</li>
<li>There has been also many bug fixes and improvements, with more than 1296 commits in the core repository but also other repositories such as sso, nextcloud-open-in-cryptpad, helm and our onlyoffice repositories: <a href="https://github.com/cryptpad/">https://github.com/cryptpad/</a></li>
</ul>
<h2>2024 Funding & Budget</h2>
<p>Last year, we were waiting for the finalization of the French BPI projects which were finally signed in the mid-year. XWiki SAS has been happy to be part of the three projects selected (<a href="https://xwiki.com/en/Blog/France-2030-funding-XWiki-and-CryptPad/">https://xwiki.com/en/Blog/France-2030-funding-XWiki-and-CryptPad/)</a>.</p>
<p>Thanks to these projects we have funding for the next 3 years for the CryptPad project which allows to have a basis for the team, however we also have a lot of engagement of things to work on. The funding is very much directed towards the integration APIs and the OnlyOffice integration in the project.</p>
<p>Also CryptPad was selected to join the German "Sovereign Workplace" project, now called openDesk (<a href="https://xwiki.com/en/Blog/XWiki-joins-OpenDesk/">https://xwiki.com/en/Blog/XWiki-joins-OpenDesk/)</a>. During 2023 we have received significant funding, in particular for the Diagram application, the NextCloud integration, but also security and accessibility. For 2024, however we don't know if we'll get funding. The project is currently more in deployment mode and also in transition to the ZenDis organization (Zentrum Digitale Soveränität).</p>
<p>We also hope to be able to receive more funding through the "CryptPad Cloud" offer and also through CryptPad support contracts. If you are a company, education institution or any organization and wish to run your own CryptPad instance, check our cloud offering and also our support offering at <a href="https://cryptpad.org/use-case/enterprise/">https://cryptpad.org/use-case/enterprise/</a>. Subscribing to these offers will help the CryptPad project improve.</p>
<h1>Expected funding for 2024</h1>
<p>You can see in this table the details of the funding of the CryptPad project we expect for 2024:</p>
<table>
<thead>
<tr>
<th style="text-align:center">Year</th>
<th style="text-align:center">Subscriptions (KEuros)</th>
<th style="text-align:center">Donations (KEuros)</th>
<th style="text-align:center">Research Projects (KEuros)</th>
<th style="text-align:center">Client Roadmap Funding (KEuros)</th>
<th style="text-align:center">Other Client Revenue (Cloud / Support) (KEuros)</th>
<th style="text-align:center">Crédit Impôt Recherche Tax Cut (KEuros)</th>
<th style="text-align:center">Extra Crédit Impôt Recherche (PHD) (KEuros)</th>
<th style="text-align:center">Total (KEuros)</th>
</tr>
</thead>
<tbody>
<tr>
<td style="text-align:center">2022</td>
<td style="text-align:center">46,5</td>
<td style="text-align:center">12,7</td>
<td style="text-align:center">100</td>
<td style="text-align:center"></td>
<td style="text-align:center"></td>
<td style="text-align:center">58</td>
<td style="text-align:center">40</td>
<td style="text-align:center">257</td>
</tr>
<tr>
<td style="text-align:center">2023</td>
<td style="text-align:center">54,5</td>
<td style="text-align:center">25,7 + 12k Exceptional revenue (*)</td>
<td style="text-align:center">216</td>
<td style="text-align:center">223</td>
<td style="text-align:center">10</td>
<td style="text-align:center">48</td>
<td style="text-align:center">25.5</td>
<td style="text-align:center">614.7</td>
</tr>
<tr>
<td style="text-align:center">2024 (Expected)</td>
<td style="text-align:center">65</td>
<td style="text-align:center">30</td>
<td style="text-align:center">293</td>
<td style="text-align:center">50 to 150</td>
<td style="text-align:center">0 to 100</td>
<td style="text-align:center">24</td>
<td style="text-align:center">101</td>
<td style="text-align:center">513 to 763</td>
</tr>
</tbody>
</table>
<p>We have guaranteed funding from the French BPI project for 2024, regular subscriptions and donations and also CIR Tax cuts. This brings us 513k of guaranteed revenue. We can then expect from 50 to 150k of funding of our roadmap from the Sovereign Workplace project and from 0 to 100k of client revenue for CryptPad Cloud and Support.</p>
<p>On the spending side we expect the following:</p>
<table>
<thead>
<tr>
<th style="text-align:center">Year</th>
<th style="text-align:center">Number of Employees (Full-time Equivalent) (KEuros)</th>
<th style="text-align:center">Team Salaries incl. cost increase (KEuros)</th>
<th style="text-align:center">Other costs (KEuros)</th>
<th style="text-align:center">Extra hires (KEuros)</th>
</tr>
</thead>
<tbody>
<tr>
<td style="text-align:center">2022</td>
<td style="text-align:center">4</td>
<td style="text-align:center">272</td>
<td style="text-align:center">35</td>
<td style="text-align:center">0 (*)</td>
</tr>
<tr>
<td style="text-align:center">2023</td>
<td style="text-align:center">7</td>
<td style="text-align:center">528</td>
<td style="text-align:center">101</td>
<td style="text-align:center">0 (*)</td>
</tr>
<tr>
<td style="text-align:center">2024 (Expected)</td>
<td style="text-align:center">8 to 9</td>
<td style="text-align:center">523</td>
<td style="text-align:center">80</td>
<td style="text-align:center">50 to 100k</td>
</tr>
</tbody>
</table>
<p>We would like to hire during 2024 as we also see new contracts coming in.</p>
<p>And the following balance:</p>
<table>
<thead>
<tr>
<th style="text-align:center">Year</th>
<th style="text-align:center">Total Revenue (KEuros)</th>
<th style="text-align:center">Total Costs (KEuros)</th>
<th style="text-align:center">Balance (KEuros)</th>
</tr>
</thead>
<tbody>
<tr>
<td style="text-align:center">2019</td>
<td style="text-align:center">153,5</td>
<td style="text-align:center">160</td>
<td style="text-align:center">-6,5</td>
</tr>
<tr>
<td style="text-align:center">2020</td>
<td style="text-align:center">236,5</td>
<td style="text-align:center">242</td>
<td style="text-align:center">-5,5</td>
</tr>
<tr>
<td style="text-align:center">2021</td>
<td style="text-align:center">267</td>
<td style="text-align:center">254</td>
<td style="text-align:center">13</td>
</tr>
<tr>
<td style="text-align:center">2022</td>
<td style="text-align:center">257,2</td>
<td style="text-align:center">307</td>
<td style="text-align:center">-49,8</td>
</tr>
<tr>
<td style="text-align:center">2023</td>
<td style="text-align:center">614.7</td>
<td style="text-align:center">614</td>
<td style="text-align:center">0.7</td>
</tr>
<tr>
<td style="text-align:center">2024 (Expected)</td>
<td style="text-align:center">563 to 763</td>
<td style="text-align:center">603 to 703</td>
<td style="text-align:center">+40 to +100</td>
</tr>
</tbody>
</table>
<h2>What does it mean for CryptPad</h2>
<p>Last year we have hired in order to prepare for larger projects. We doubled the team's size, hiring 5 people of which one did not stay. While we have not fully balanced the budget we have made the right choice, as 2024 is now looking good and we are already balancing the budget. This is thanks to the long 4 year French BPI project which gives us visibility. We also hope that thanks to the German Sovereign Workplace project and also new sales on CryptPad Cloud and also support contracts we can increase this budget and continue to hire.</p>
<p><strong>This also means we will hope to have new hires during the year. If the CryptPad project is something that matters to you, contact us. We don't yet have job posting up at <a href="https://cryptpad.org/jobs/">https://cryptpad.org/jobs/</a> but check our fediverse account for news on this during the year.</strong></p>
<h3>You can also help CryptPad grow faster and be more sustainable</h3>
<p>On the cash flow side, XWiki SAS has also done good sales and is able to cover the short term needs, though given the growth of both XWiki and CryptPad, we do expect that it won't be easy to hire as fast as we would like. This is why, although we do have projects coming up, the help of our community is more than welcome.</p>
<p>Beyond the need of cash to hire faster, it is still important to bring additional, independent funding to CryptPad through <strong><a href="http://cryptpad.fr/">cryptpad.fr</a> <a href="https://cryptpad.fr/accounts/">subscriptions</a> or through regular (monthly or yearly) <a href="https://opencollective.com/cryptpad">donations</a> or through <a href="https://cryptpad.org/pricing/enterprise/">enterprise clients</a></strong>, as this would increase recurrent revenue which is needed.</p>
<p><strong>For CryptPad to be less dependent on short or medium term projects, the recurrent funding for the maintenance of the core software is <strong>essential.</strong></strong></p>
<p>Our users, paying users and donors are our credibility. When we discuss with potential customers or project partners, each user is key, each instance being installed, each pad being opened, each mention of CryptPad. You are our credibility.</p>
<p>We'd like to thank all of you and encourage anyone to join them on <a href="http://cryptpad.fr/">cryptpad.fr</a> or <a href="https://opencollective.com/cryptpad">opencollective</a>.</p>
<p>If you want to know more about how at XWiki SAS we area approaching the financing of Free and Open Source software you can watch the FOSDEM presentation that I did this year: <a href="https://fosdem.org/2024/schedule/event/fosdem-2024-1830-20-years-of-open-source-building-xwiki-and-cryptpad/">https://fosdem.org/2024/schedule/event/fosdem-2024-1830-20-years-of-open-source-building-xwiki-and-cryptpad/</a>. It includes a lot of information about XWiki but also financial information about CryptPad. This can give you a better overview of the challlenge but also pleasure of building a company contribution Free and Open Source software.</p>
February 2024 status2024-03-07T00:00:00Zhttps://blog.cryptpad.org/2024/03/07/status-2024-02/5.7 Documentation, Le Monde using CryptPad, FOSDEM recap, Post-mortems for recent CryptPad.fr outages<p>This status post is a bit late, to make up for it we are treating you to a larger-than-usual serving of news and content.</p>
<h3>📚 5.7 Documentation with a new accessibility section</h3>
<p>We have updated our documentation to <a href="https://docs.cryptpad.org/">version 5.7</a>. Alongside documenting new features we are introducing a <a href="https://docs.cryptpad.org/en/user_guide/accessibility.html">new accessibility section</a>. The first thing in this section is a list of channels to provide accessibility feedback including a <a href="https://matrix.to/#/#cryptpad-accessibility:matrix.xwiki.com">new dedicated chat room</a> in our <a href="https://matrix.to/#/#cryptpad:matrix.xwiki.com">Matrix space</a>, and a dedicated email address. We plan to expand this in future, for example with a thorough list of keyboard shortcuts and navigation.</p>
<h3>📰 Le Monde is using CryptPad again</h3>
<p><img src="https://blog.cryptpad.org/images/lemonde-youtube-thumbnail.png" alt="Video thumbnail with title in french "C'est la faute des riches?"" /></p>
<p>We are delighted to see CryptPad used once again by French newspaper Le Monde. This time sharing the <a href="https://cryptpad.fr/pad/#/2/pad/view/y7CGhVOTkDMwbIUEA0W-bqTl9qbXnCPkGiTdgZWqebw/">list of references</a> behind a <a href="https://www.youtube.com/watch?v=JQDRb7jE9qQ">video analysing the disproportionate contribution of rich people to climate change</a>.</p>
<h3>📢 FOSDEM</h3>
<p><img src="https://blog.cryptpad.org/images/tshirst_cryptpad_xwiki.jpg" alt="photo of two people wearing a CryptPad and XWiki t-shirts next to each other" /></p>
<p>As stated in the previous status report, CryptPad was present at <a href="https://fosdem.org/">FOSDEM</a> along with XWiki.
It is the biggest free and open-source European event, where communities of different projects can meet, exchange ideas and collaborate.</p>
<p>CryptPad was present in multiple forms, first with presentations, which recorded videos are available in the following links:</p>
<ul>
<li>Fabrice presented “<a href="https://fosdem.org/2024/schedule/event/fosdem-2024-3126-securely-collaborate-with-cryptpad/">Securely collaborate with CryptPad</a>”;</li>
<li>Clément and Wieland presented “<a href="https://fosdem.org/2024/schedule/event/fosdem-2024-3274-opendesk-the-open-source-collaborative-suite/">openDesk - The Open Source collaborative suite</a>“</li>
<li>Ludovic, our CEO shared his experience in “<a href="https://fosdem.org/2024/schedule/event/fosdem-2024-1830-20-years-of-open-source-building-xwiki-and-cryptpad/">20 Years of Open Source building XWiki and CryptPad</a>”</li>
</ul>
<!-- - “[Cristal: a new Wiki UI to rule them all](https://fosdem.org/2024/schedule/event/fosdem-2024-1831-cristal-a-new-wiki-ui-to-rule-them-all/)” (?) -->
<p>In a more relaxed fashion, XWiki and CryptPad organized a <a href="https://xwiki.com/en/Blog/XWiki-and-CryptPad-FOSDEM-meetup/">community meetup</a> with their team on Saturday night, where we exchanged with the community more casually.</p>
<p>All in all we were very glad to exchange with the community during this event and we hope to see you again in future events!</p>
<h3>🤕 Post-mortems for recent <a href="http://cryptpad.fr/">CryptPad.fr</a> outages</h3>
<p>Users of our flagship instance <a href="http://cryptpad.fr/">CryptPad.fr</a> may have noticed some unexpected downtime in the last couple of months. There are 4 recent outages that we'd like to provide some information about, including steps that we are taking to prevent these issues from happening again. Sorry the details below get quite technical, that can't really be avoided if we want to provide a transparent account of these incidents.</p>
<p>For context, we started migrating <a href="http://cryptpad.fr/">cryptpad.fr</a> user data to a new storage back-end system in October 2023. This was a long process where we needed to synchronize more than 4,5 TB of data from our old inefficient file-system to a new one based on BTRFS. The final step of this migration to the new storage system took place on December 13th, 2023 (all dates and times are CET). Some time later we ran into issues:</p>
<h4>Friday January 12th 2024, 16:00</h4>
<ul>
<li>No log-in for accounts with <a href="https://blog.cryptpad.org/2024/01/09/tutorial-two-factor-authentication/">two-factor authentication</a> (2FA) enabled</li>
<li>No access to uploaded static files (blobs: images, PDFs, etc) and no upload of new files</li>
<li>Spreadsheet documents opening as blank documents</li>
</ul>
<p>Due to human error, blobs weren't served anymore by the Nginx web server. The running user was changed during a maintenance task but we forgot to update the <code>/var/cache/nginx/</code> directory access rights. We realized our mistake when users reported the issue during the weekend and fixed it on Monday January 15th at 10:30.</p>
<h4>Friday January 19th 2024, 7:30</h4>
<ul>
<li>No log-in for accounts with 2FA enabled</li>
<li>Impossible to create new documents</li>
<li>Existing documents and drives only shown as read-only</li>
</ul>
<p>Our backup system was creating too many snapshots of the BTRFS filesystem because of a race condition. These snapshots took all the available space in the BTRFS pool which made the storage become read-only. We did not have appropriate monitoring in place on the new system to spot this mistake in time to prevent an outage.</p>
<p>The issue was fixed by identifying and fixing the race condition in our in-house backup software, and adding more space to the server. Service resumed around 9:30 that morning. We then added some monitoring scripts to our Icinga instance with regular, automated checks to be sure the issue wouldn't arise again.</p>
<h4>Tuesday January 23th 2024, 13:00</h4>
<ul>
<li>No log-in for accounts with 2FA enabled</li>
<li>Impossible to create new documents</li>
<li>Existing documents and drives only shown as read-only</li>
</ul>
<p>With similar symptoms to the previous outage, this one was caused by our failure to make the disk we added the previous week fully available to BTRFS (a filesystem balancing operation was needed to spread the data among the different disks). This resulted in space running out again and producing the same "read-only" effects for our users.</p>
<p>This took us a bit longer to figure out, service was only restored after 2.5h at around 15:30. Following this we adapted the monitoring scripts on our Icinga instance so the metadata part of the pool is also checked.</p>
<h4>Tuesday February 13th 2024, 14:00</h4>
<ul>
<li>Disconnections when editing documents and accessing the drive</li>
</ul>
<p>In this case the server was rebooted while a resource-intensive BTRFS balancing operation was running (still recovering from the last outage). Because this operation was <em>paused</em> but not <em>canceled</em>, it prevented the BTRFS pool from being mounted again.</p>
<p>The issue was fixed by adding the <code>skip_balance</code> option to the mount command, with service resuming at around 15:00.</p>
<p>In summary you will have spotted a pattern of compounded teething issues as we got used to the new storage back-end in our production conditions. Beyond adding monitoring, we plan to be more mindful of the load applied on our server and eventually refactor its architecture to be better suited to the needs of our flagship instance.</p>
<p>We'd like to apologise to our users, free and paying, for the inconvenience caused by these issues. We are grateful for your patience and your trust.</p>
<h3>🔎 Contributions to cryptographic research</h3>
<p>CryptPad is also contributing in theoretical research with contributions <a href="https://eurocrypt.iacr.org/2024/acceptedpapers.php">accepted</a> at <a href="https://iacr.org/meetings/eurocrypt/">Eurocrypt</a> one of the most reputable conferences in cryptography, hosted by the <a href="https://iacr.org/">International Association for Cryptologic Research</a> (IACR), and at the <a href="https://csrc.nist.gov/Events/2024/fifth-pqc-standardization-conference">NIST Post-Quantum standardization Conference</a>, which is the organism leading the current cryptographic effort toward post-quantum transition.</p>
<p>Both results present a scalable post-quantum signature scheme, named Raccoon, that offers nice properties with regard to thresholdization and masking. Threshold signatures allow guaranteeing that a quorum of users collaborated to produce a signature, henceforth alleviating the single point of failure that certificate authorities represents for instance: some companies already <a href="https://www.securityweek.com/mozilla-may-reject-uae-firms-root-inclusion-request/">attempted to exploit this loophole</a> in the past.</p>
<p>Moreover, masking is important for hardware implementations of cryptography, especially on embedded devices, as a popular mitigation to <a href="https://en.wikipedia.org/wiki/Side-channel_attack">side channel cryptanalysis</a>.</p>
<p>The full version of this work is available in the <a href="https://ia.cr/2024/184">IACR preprint archive</a> and more information can be found on the <a href="https://raccoonfamily.org/">Raccoon signature website</a>. This is the result of the joint effort of Shuichi Katsumata, Mary Maller, Fabrice Mouhartem, Rafael del Pino, Thomas Prest and Markku-Juhani Saarinen.</p>
<!--
- https://eurocrypt.iacr.org/2024/acceptedpapers.php
- Threshold Raccoon: Practical Threshold Signatures from Standard Lattice Assumptions
- Shuichi Katsumata, Mary Maller, Rafael del Pino, **Fabrice Mouhartem**, Thomas Prest, Markku-Juhani Saarinen
- PQShield LTD & AIST, PQShield LTD & Ethereum Foundation, PQShield SAS, **XWiki SAS (CryptPad)**, PQShield LTD & Tampere University
- https://csrc.nist.gov/Events/2024/fifth-pqc-standardization-conference
- Threshold Raccoon
- Rafael del Pino Thomas Espitau, Shuichi Katsumata, Mary Maller, **Fabrice Mouhartem**, Thomas Prest, Markku-Juhani Saarinen, Kaoru Takemure
-->
<h3>🔭 Up next</h3>
<ul>
<li>We are nearing full-draft status on the Blueprints R&D website which we are hoping to launch before the next status update</li>
<li>A new blog post in the <a href="https://blog.cryptpad.org/tags/tutorials/">tutorial series</a> is to be released on how to make the most of CryptPad’s security from a user standpoint</li>
<li>The team is working hard on features for 5.8 which is planned for the end of Q1 2024 (also the end of this month!)</li>
</ul>
No one cares about open-source, until …2024-02-15T00:00:00Zhttps://blog.cryptpad.org/2024/02/15/no-one-cares-intil/If you follow privacy news, you have probably heard that Skiff, an end-to-end encrypted productivity suite, announced that it has been acquired by Notion. We could not resist chiming in since Skiff was compared with CryptPad in the past.<p><img src="https://blog.cryptpad.org/images/skiff-migrate-data.png" alt=""Migrating your data" Skiff website telling users how to get their data out of their products that will shut down in 6 months." /></p>
<p>If you follow privacy news, you have <a href="https://arstechnica.com/gadgets/2024/02/encrypted-email-service-skiff-gets-acquired-will-shut-down-in-six-months/">probably heard</a> that Skiff, an end-to-end encrypted productivity suite, announced that it has been acquired by Notion. Its suite of products (email, documents, contacts, calendar) will “sunset” in 6 months time. Some other elements such as community Discord chat and open-source code repositories were <a href="https://blog.notesnook.com/the-skiff-privacy-fiasco/">unceremoniously shut down with immediate effect</a>.</p>
<p>There have been plenty of posts and takes already, so we will not elaborate too much further. But we also could not resist chiming in since <a href="https://www.youtube.com/watch?v=-4MpHf4XOMw">Skiff was compared with CryptPad in the past</a>. While this is a really unfortunate moment for Skiff users, it is by no means a surprise.</p>
<blockquote>
<p>We’re extremely excited to accelerate our mission by joining forces with Notion’s world-class team.<br />
<a href="https://skiff.com/data-migration">Skiff website</a></p>
</blockquote>
<p>The mission here was to maximise returns for the Venture Capital investors that gave Skiff <a href="https://techcrunch.com/2024/02/09/notion-acquires-privacy-focused-productivity-platform-skiff/">$14.2 million</a>. The Skiff founders have “accelerated” and the mission is complete, we wish them well for it.</p>
<p>For the users however, there will not be much of value left behind. For obvious privacy reasons their data will not be handed to Notion automatically so they are left with a 6 months to move their data elsewhere by themselves.</p>
<p>Although talking about open-source is sure to get you yawns at dinner parties, this episode really illustrates that it can mean anything from empty gesturing to an actual commons that people can use and build upon. While Skiff was presented as open-source, the back-end never was so it was not possible to self-host it. In addition, the type of license used (<a href="https://github.com/skiff-org/skiff-apps/blob/main/LICENSE">CC-BY-NC-SA</a>) is meant for artworks and more geared towards showing the code than making the service operable by others.</p>
<p>In comparison to Skiff, CryptPad is missing a few features such as email or NFT storage. However it is also not tied to any investor's returns, and importantly is <em>fully</em> open-source. If the team stopped working on it tomorrow, the hundreds of third-party CryptPad instances would continue running freely and people would continue to have the right to improve and maintain the code.</p>
<p>Whether it's a technical outage or an acquisition like Skiff's, we don't think it's good karma to prey on the disgruntled users of our competition. We're also aware that CryptPad is not ready to serve all of the same use-cases as Skiff. We wish people well in finding new solutions that work for them. We also would like for this moment to encourage everyone to reflect on the ownership structure of the tools that they rely on, and perhaps to favour building some genuine commons rather than products that can simply vanish because of conflicting interests.</p>
January 2024 status2024-02-02T00:00:00Zhttps://blog.cryptpad.org/2024/02/02/status-2024-01/CryptPad 5.7.0 and FOSDEM talks<h2>🚀 CryptPad 5.7.0</h2>
<p>This release includes some features that could not be included into 5.6.0, namely instance invitations and support for images in diagrams. It also includes bug fixes in the drive, calendar and many other places.</p>
<h3>📇 Invitation links and user directory</h3>
<p>Instance administrators can now issue invitation links that can be used to create one account each, even if registration is closed on the instance. An optional User Directory can help keep track of the known accounts on the instance. This feature is designed for the needs of enterprise customers who use their own instance, hence allowing administrators access to more information than on a public-facing service</p>
<h3>🖼️ Support for images in the Diagram app</h3>
<p>Diagram documents now support embedding images.</p>
<p>5.7.0 also includes a lot of bug fixes and improvements. See the <a href="https://github.com/cryptpad/cryptpad/releases/tag/5.7.0">release notes on GitHub</a> for the full list.</p>
<h2>📢 FOSDEM</h2>
<p>CryptPad will be well represented at FOSDEM this year.</p>
<ul>
<li>🎙️ Saturday, Feb 3rd, from 12:00 to 12:25 Fabrice will present “<a href="https://fosdem.org/2024/schedule/event/fosdem-2024-3126-securely-collaborate-with-cryptpad/">Securely collaborate with CryptPad</a>”. This talk will give an overview of CryptPad, show the results of the <a href="https://nlnet.nl/project/CryptPad-Blueprints/">nlnet Blueprints</a> project as well as some future directions.</li>
</ul>
<p>From the XWiki side, multiple events are also organised:</p>
<ul>
<li>🎙️ Saturday, Feb 3rd, from 16:40 to 17:05 Ludovic & Manuel will present <a href="https://fosdem.org/2024/schedule/event/fosdem-2024-1831-cristal-a-new-wiki-ui-to-rule-them-all/">Cristal: a new Wiki UI to rule them all</a>, the new Wiki UI developed by XWiki to allow modularly creating wiki environments from heterogenous sources.</li>
<li>🎙️ Saturday, Feb 3rd, from 14:00 to 14:45 Clément and Wieland will present <a href="https://fosdem.org/2024/schedule/event/fosdem-2024-3274-opendesk-the-open-source-collaborative-suite/">openDesk - The Open Source collaborative suite</a>, an open-source collaborative suite that embeds a part of CryptPad in it.</li>
<li>🎙️ Sunday, Feb 4th, from 9:00 to 9:50 Ludovic will also present <a href="https://fosdem.org/2024/schedule/event/fosdem-2024-1830-20-years-of-open-source-building-xwiki-and-cryptpad/">20 Years of Open Source building XWiki and CryptPad</a>, where we will learn about the XWiki journey as a FOSS company.</li>
<li>🚀 XWiki will also organize <a href="https://fosdem.org/2024/schedule/track/collaboration-and_content-management/">the collaboration and content management track</a> at FOSDEM where some of the above presentations will take place.</li>
</ul>
<p>Finally, you are free to meet CryptPad and XWiki members <!-- actors? --> for a refresher on Saturday evening:</p>
<ul>
<li>🍻 Saturday, Feb 3rd, from 19:00 to 00:00, Brussels time: our first ever post-FOSDEM meetup, packed with open-source talks, beer, and snacks. Register here to meet the XWiki and cryptpad communities: <a href="https://xwiki.com/en/Blog/XWiki-and-CryptPad-FOSDEM-meetup/">https://xwiki.com/en/Blog/XWiki-and-CryptPad-FOSDEM-meetup/</a></li>
</ul>
<h2>🔭 Next up</h2>
<ul>
<li>We will get to work on 5.8.0</li>
<li>We hope to release the Blueprints website in the coming weeks</li>
</ul>
Setup 2FA for CryptPad2024-01-09T00:00:00Zhttps://blog.cryptpad.org/2024/01/09/tutorial-two-factor-authentication/A guide to setup two-factor authentication (2FA) on your favorite CryptPad instance.<p>In this tutorial we will see how to set up two-factor authentication (or 2FA) in
CryptPad from an end-user point of view. To make a long story short you can look
at <a href="https://docs.cryptpad.org/en/user_guide/user_account.html#security-privacy">the documentation</a> for the concise explanation.</p>
<p>The main purpose of this tutorial is to accompany you through every step and to
help you understand what is going on behind the scene.</p>
<h2>Why does it matter?</h2>
<p>Multi-factor authentication is a general term to describe authentication methods
relying on the combination of multiple ways to confirm you identity. Ideally,
these should live in different domains:</p>
<ul>
<li>Something I know: a knowledge that only the authenticating user is aware
of, traditionally a password or a passphrase, but secret questions also fells
into this category;</li>
<li>Something I have: a form of data that the user can store, but doesn't
have to remember. It is usually a cryptographic key that is stored in a device
(an authentication device, your smartphone, a USB flash drive, and so on);</li>
<li>Something I am: everything that is inherent to the identity of the user,
such as biometry for instance.</li>
</ul>
<p>The purpose of multi-factor authentication is to strengthen the usual
username-password authentication method (which fells into the "something I know"
category), so it does not act as a single-point of failure. With multi-factor
authentication, even if your password leaks by any means, no one should be able
to impersonate you based on this information alone. Similarly, biometric data
inherent to users should not be used as a unique authentication factor as their
secrecy cannot be guaranteed.</p>
<p><a href="https://blog.cryptpad.org/2023/08/18/status-2023-summer-02/">CryptPad 5.4.0</a> introduced 2FA using a
<a href="https://en.wikipedia.org/wiki/Time-based_one-time_password">time-based
one-time-password</a>
(or TOTP) approach. The core idea is that upon initialization, a common
<strong>secret</strong> is agreed on between CryptPad and the user. Then, the <strong>current
time</strong> is used to agree on a common value based on these two pieces of
information.</p>
<p>As a consequence, if you are managing your own CryptPad instance, you
have to make sure that the date and time of your server remain fairly accurate
(up to a 30 seconds shift), using
<a href="https://en.wikipedia.org/wiki/Network_Time_Protocol">NTP</a> for instance.</p>
<h2>Prerequisites</h2>
<ul>
<li>A running CryptPad instance with version <code>>= 5.4.0</code>;</li>
<li>A CryptPad account on this instance (or you can <a href="https://docs.cryptpad.org/en/user_guide/user_account.html">create
one</a> now)</li>
<li>An external device that supports TOTP (for instance a smartphone with an
authenticator application, like <a href="https://getaegis.app/">Aegis</a>, that can be
found on <a href="https://f-droid.org/en/packages/com.beemdevelopment.aegis/">F-Droid</a>
or <a href="https://play.google.com/store/apps/details?id=com.beemdevelopment.aegis">Google Play
Store</a>).
It will later be referred as <em>authentication device</em>.</li>
</ul>
<h2>Step-by-step user guide to setup 2FA on Cryptpad</h2>
<p>Now that we have everything we need, let us start. The first step is to
open your Security & Privacy settings:<br />
<strong>User menu</strong> (top-right avatar to access) > <i class="fa fa-gear"></i>
<strong>Settings</strong> > <i class="fa fa-lock"></i> <strong>Security & Privacy</strong></p>
<p>Then look for the “<strong>Two-Factor Authentication (2FA)</strong>” section:</p>
<p><img src="https://blog.cryptpad.org/images/2fa-initialization.png" alt="2FA is not initialized yet" /></p>
<p>Now, you can enter your password to initiate the process. Once you validate, it
should show an alert telling you to store a recovery code that will be useful to
disable 2FA in case you don't have access to your authentication device anymore.
Thus, you should store it in a safe place:</p>
<ul>
<li>recoverable even if you lose your authentication device;</li>
<li>accessible even if you don't have access to your CryptPad account;</li>
<li>separated from your password;</li>
<li>not easily accessible for a third party.</li>
</ul>
<p>These make your mobile phone or a “Recovery Code” file in your CryptDrive a bad
idea. However, you can use an encrypted USB flash drive or a <a href="https://www.cnil.fr/en/what-you-should-know-about-our-standard-digital-safe-boxes">digital safe
box/vault</a> for instance.</p>
<p><img src="https://blog.cryptpad.org/images/2fa-recovery-code.png" alt="2FA recovery code" /></p>
<p>Once you stored this recovery code in a safe place, you can click on the “<i class="fa fa-check"></i> <strong>Done</strong>” button, then “<strong>Continue</strong>”.</p>
<p><img src="https://blog.cryptpad.org/images/2fa-recovery-code-done.png" alt="2FA recovery code done" /></p>
<p>Then, it should show you a <a href="https://en.wikipedia.org/wiki/QR_code">QR code</a> that
contains the common secret between CryptPad and yourself.</p>
<p><strong>Warning.</strong> This is sensitive information, make sure that no one is spying on
your screen at this point of time.</p>
<p><img src="https://blog.cryptpad.org/images/2fa-qr-code.png" alt="QR Code" /></p>
<p>You can now scan the QR code with your authentication device, for instance Aegis
on android would open the form shown hereunder upon scanning the QR Code,
allowing you to customize the entry in the application. It could prove useful if
you have many CryptPad accounts for instance to distinguish them in a glance.</p>
<p><img src="https://blog.cryptpad.org/images/2fa-aegis-create.png" alt="Aegis scanner" width="50%" /></p>
<p>Once validated, your CryptPad 2FA verification token would appear as an item in a
list in the application, with a progress bar telling you how long the shown
verification code remains valid.</p>
<p><img src="https://blog.cryptpad.org/images/2fa-aegis-show.png" alt="Aegis scanner" width="50%" /></p>
<p>Now, it leaves you to enter this verification code in the CryptPad webpage and
validate with the “<i class="fa fa-check"></i> <strong>ENABLE 2FA</strong>” button.</p>
<p>One this is done, you should see the following text:</p>
<p><img src="https://blog.cryptpad.org/images/2fa-activated.png" alt="2FA is active on this account" /></p>
<p>Congratulations! Your account is now set up to use 2FA using with TOTP.</p>
<p>Note that you will be disconnected for all your other sessions once it's done,
you have to log in again in these sessions with your verification code.</p>
<p>This is done as usual, with the difference that after typing your login and
password, a validation code from your authentication device will be requested.</p>
<h2>More information</h2>
<h3>Disabling 2FA</h3>
<p>When <strong>disabling 2FA</strong>, you need a final verification code, so don't
remove it from your authentication device <em>before</em> removing it from CryptPad.
Otherwise, you would need to retrieve your recovery code from its safe space. Or
in a last resort, see the “I lost my recovery code!” section below to see how to
use human intervention by contacting your instance administrators.</p>
<h3>What is this text box above the QR Code?</h3>
<p>Upon generating the shared secret between you and the server, that is given to
you in the form of a QR Code, you can also notice that there is a text box above
the QR code that contains a <em>uniform resource identifier</em> (URI for short). This
<a href="https://github.com/google/google-authenticator/wiki/Key-Uri-Format">otpauth
URI</a>
represents the secret in a plaintext manner and allows to easily import it into
applications that don't rely on a QR code scanner, for instance a password
manager.</p>
<p>As we said previously, it is not recommended to store your password and your
2FA secret in the same place, as it makes your password manager a single-point
of failure.</p>
<h2>I lost my recovery code!</h2>
<h3>User guide</h3>
<p>Good thing you use an encrypted flash drive to store your recovery code, however
its data <a href="https://en.wikipedia.org/wiki/Flash_memory#Limitations">got corrupted</a>
on the way. What to do now?</p>
<p>Stay calm, it is possible for an administrator to disable 2FA for you provided
that you send the relevant information.</p>
<p>For that when logging in, after typing your username and password, there is a link under the verification code prompt:</p>
<p><img src="https://blog.cryptpad.org/images/2fa-recovery-request.png" alt="Unable to get a code? Recover your account" /></p>
<p>You can then click on the “<strong>Recover your account</strong>” link, that will ask your
username and password again. Once that done, you end up in the page asking for
your recovery code, however there is also a section to unfold “<i class="fa
fa-caret-right"></i> <strong>Forgot recovery code</strong>” which shows a data-block that
you can give to an instance administrator so that they can disable 2FA for your account.</p>
<p>Now, you can contact your instance administrator, politely explaining the
situation and attaching this data block, and patiently wait for their answer.</p>
<h3>Administrator guide</h3>
<p>As an instance administrator, upon receiving a request to disable 2FA and
verifying the identity of the requesting party, you have to go to the database
section of the administration panel:
<strong>User menu</strong> > <i class="fa fa-gears"></i> <strong>Administration</strong> > <i class="fa fa-database"></i> <strong>Database</strong></p>
<p>There you can go to the <strong>2FA Recovery</strong> section and paste the data-block that
the forgetful user sent you:</p>
<p><img src="https://blog.cryptpad.org/images/2fa-admin-disabling.png" alt="Disabling 2FA for admins" /></p>
<p>Then you just have to hit the “<strong>DISABLE</strong>” button and the “<strong>Are you sure?</strong>”
confirmation to validate the user's query.</p>
<h2>Good practices</h2>
<p>Activating and using 2FA in itself doesn't guarantee that your account would
remain safe whatever what happens, it is just another safety net.</p>
<p>However, to ensure that it works as intended, there are some mistakes to avoid.
For instance, some password managers can act as a storage for your 2FA secrets
and even generate the verification codes for you. In the event that your
password is also stored there, then you create a new <a href="https://en.wikipedia.org/wiki/LastPass#2022_customer_data_and_partially-encrypted_vault_theft">single-point of
failure</a>
in your password manager. For the sake of honesty, we should mention that is it
still way better than not having any 2FA at all (as it adds a temporal factor in
what your password manager outputs in case of phishing attacks for instance). It
should be avoided in an ideal world, but we are not living in this world.</p>
<p>In general, you should avoid at all cost storing your passwords, secret keys and
recovery keys in a place where it is easily accessible (for instance in a
<code>my_passwords.csv</code> file in the clear on your drive, or in a plaintext cloud
storage).
The use of a password manager makes it easier for users to manage this part as
long as one sets up the appropriate measures to keep it secure, for instance
with the use of a strong primary password, or not leaving your <a href="https://support.mozilla.org/en-US/kb/password-manager-remember-delete-edit-logins#w_protecting-your-passwords">computer
unattended in an unlocked
state</a>.</p>
<h2>See also</h2>
<p>For further information about multi-factor authentication and password
management, you can see:</p>
<ul>
<li>Wikipedia. <a href="https://en.wikipedia.org/wiki/Multi-factor_authentication">Multi-Factor Authentication</a>.</li>
<li>NIST blog. <a href="https://www.nist.gov/blogs/cybersecurity-insights/back-basics-whats-multi-factor-authentication-and-why-should-i-care">Back to Basics: What’s multi-factor authentication - and why should I care?</a></li>
<li>NIST Topics. <a href="https://www.nist.gov/itl/smallbusinesscyber/guidance-topic/multi-factor-authentication">Multi-factor authentication</a>.</li>
<li><i class="fa fa-file-pdf-o"></i> NIST. <a href="https://csrc.nist.gov/csrc/media/Presentations/2022/multi-factor-authentication-and-sp-800-63-digital/images-media/Federal_Cybersecurity_and_Privacy_Forum_15Feb2022_NIST_Update_Multi-Factor_Authentication_and_SP800-63_Digital_Identity_%20Guidelines.pdf">NIST Update: Multi-Factor Authentication and SP 800-63 Digital Identity Guidelines</a>.</li>
<li><i class="fa fa-file-pdf-o"></i> 🇫🇷 ANSSI. <a href="https://cyber.gouv.fr/publications/recommandations-relatives-lauthentification-multifacteur-et-aux-mots-de-passe">Recommendations about multi-factor authentication and passwords</a>. October 2021.</li>
</ul>
December 2023 status2024-01-04T00:00:00Zhttps://blog.cryptpad.org/2024/01/04/status-2023-12/CryptPad 5.6.0, Presentation at Grenoble-Alpes, start on CryptPad Cloud<p>We present the December 2023 status post, and the team's best wishes to you and yours for 2024. This post was slightly delayed as all of our pre-holiday-break energies were focused on releasing CryptPad 5.6.0.</p>
<h2>🚀 CryptPad 5.6.0 released</h2>
<h3>🔑 SSO</h3>
<p>This release paves the way for the much awaited Single-Sign-On (SSO) authentication in CryptPad instances. The 2nd piece of this feature is a plugin which we will release in January 2024. After this we will wrap up the <a href="https://nlnet.nl/project/CryptPad-Auth/">AUTH project</a> making CryptPad not only more secure with Two-Factor Authentication (2FA) but also easier to integrate with identity providers and existing security infrastructure.</p>
<p>Speaking of 2FA, this release also adds the option to make it mandatory for all users of an instance.</p>
<h3>🗓️☑️ Form and Calendar improvements</h3>
<p>The Form editor now allows to duplicate a question. Calendar events now have a description field. Both applications received lots of improvements (e.g. mobile usability) and bug fixes.</p>
<h3>♿ Accessibility improvements to the drive and toolbars</h3>
<p>Finally we are continuing to improve accessibility across CryptPad. In this release the toolbar becomes much more navigable with the keyboard and (most) menus can be used with arrow keys. We will keep pushing on this until full Web Content Accessibility Guidelines (WCAG) compliance.</p>
<p>Please see the <a href="https://github.com/cryptpad/cryptpad/releases/tag/5.6.0">changelog</a> for the full list of improvements.</p>
<h3>🎁 More teams for CryptPad<nolink>.fr subscribers</nolink></h3>
<p>This release includes a setting to set the number of teams for subscribed users of an instance. We have increased this limit on <a href="http://cryptpad.fr/">Cryptpad.fr</a> from 3 to 10 teams after receiving requests from our supporters. Enjoy these responsibly as joining many teams with lots data in each may impact loading time.</p>
<h2>🎙️ Presentation at Grenoble-Alpes University</h2>
<p><img src="https://blog.cryptpad.org/images/slide-penguins.png" alt="Slide demonstrating CryptPad's encrypted collaboration between some cute penguin characters" /></p>
<p>For his first public speaking since joining the team in October, Fabrice presented CryptPad at the <a href="https://www-ljk.imag.fr/spip.php?article35&id=657c64a4a12e9fe262398bc5&type=SEMINAIRE">Jean Kuntzmann Lab seminar</a> on December 20th. The presentation centered on the cryptography used in the project and the challenges ahead. The <a href="https://blog.cryptpad.org/images/2023-12-20-FM-CryptPad-talk.pdf">slide deck</a> is available for more details.</p>
<h2>☁️ CryptPad Cloud</h2>
<p>At the end of 2023, a few clients showed interest in having their own CryptPad instance hosted and maintained by XWiki (our parent company). While it is still early days, it is safe to say that we will be increasing efforts to make CryptPad easier to test-deploy and customize in 2024. More on this soon!</p>
<h2>🔭 Next up</h2>
<ul>
<li>XWiki CEO Ludovic Dubost is preparing our yearly budget update. It will be published on this blog in the coming weeks.</li>
<li>With all of the work now completed, we will be looking to officially wrap up our <a href="https://nlnet.nl/project/CryptPad-Auth/">AUTH</a> and <a href="https://nlnet.nl/project/CryptPad-Blueprints/">Blueprints</a> projects with NGI.</li>
</ul>
November 2023 status2023-12-01T00:00:00Zhttps://blog.cryptpad.org/2023/12/01/status-2023-11/Capitole du Libre, Nextcloud integration, Call for testimonials, Team News<h2>🎪 Capitole du Libre</h2>
<p>November 18 and 19, the <em>Capitole du Libre</em> was held in Toulouse, France. It is an annual meeting for free and open ways enthusiasts.
During this event, Cryptpad was present on a stand that was quite well-received by curious attendees, as well as during two talks by Ludovic Dubost and Clément Aubin about <a href="https://cfp.capitoledulibre.org/cdl-2023/talk/PWQ8UQ/">FOSS as a job</a> and <a href="https://cfp.capitoledulibre.org/cdl-2023/talk/GTQZDS/">OpenDesk</a>.</p>
<p>▶️ Videos should be online at some point in the future on the <a href="https://www.youtube.com/channel/UCceC8Q8hThsWwmhqkjclcZg/videos">Capitole du Libre YouTube channel</a>.</p>
<h2>📬 Nextcloud integration</h2>
<p><img src="https://blog.cryptpad.org/images/nextcloud-app.png" alt="screenshot of the Nextcloud application" /></p>
<p>Wolfgang has been hard at work on our Nextcloud application this month, receiving feedback and fixing issues. This <a href="https://apps.nextcloud.com/apps/openincryptpad">Open in CryptPad</a> integration is part of <a href="https://xwiki.com/en/Blog/XWiki-joins-OpenDesk/">OpenDesk</a>. It provides encrypted real-time collaborative sessions on diagram documents stored on a Nextcloud instance. If this is of interest to you please check out the application in the Nextcloud app store and our <a href="https://github.com/cryptpad/nextcloud-open-in-cryptpad">source code repository</a>.</p>
<h2>💌 Still collecting testimonials</h2>
<p>Quick reminder that we are still collecting nice words about why you love CryptPad through our <a href="https://cryptpad.fr/form/#/2/form/view/1NDX7MEkhzNz1FCrcjCxmvjgIj24QjWNncZygR60Ch8/">Testimonials Survey</a>. We already have <a href="https://cryptpad.org/testimonials/">lots of individual submissions</a> but please keep them coming. We are especially grateful if you are able to endorse our project on behalf of an organization, company, or institution.</p>
<h2>🏠 Team news</h2>
<p>Unfortunately Faye did not renew her contract with us after 6 months in the team. We are thankful for her contributions to CryptPad and wish her the very best on her future endeavors.</p>
<h2>🔭 What's next</h2>
<ul>
<li>We are still at work on CryptPad 5.6 which we are hoping to release before the end of the year</li>
<li>Looking ahead, we are thinking about next year's priorities. There's no doubt that improving our OnlyOffice integrations (esp. Document and Presentation) will be high on that list</li>
<li>We're thinking about contributions to this blog beyond the monthly status, perhaps more tutorials, let us know if there is anything you would like us to cover!</li>
</ul>
October 2023 status2023-11-02T00:00:00Zhttps://blog.cryptpad.org/2023/11/02/status-2023-10/Planning 5.6.0, Community translation program, press & presentation<h2>🚀 5.5.0 is out, now planning 5.6.0</h2>
<p>This month we released <a href="https://github.com/cryptpad/cryptpad/releases/tag/5.5.0">CryptPad 5.5.0</a> with the features that we covered in detail in the <a href="https://blog.cryptpad.org/2023/10/03/status-2023-09/">September status post</a>.</p>
<p>We are now shifting our attention to the next release, 5.6.0, which is planned for the end of the calendar year.</p>
<p>With the recent growth of the team (+6 people in 2023, an increase of over 200%), we are still refining our work processes. For this release cycle we are testing GitHub Projects to triage and track issues. You can follow current work in the <a href="https://github.com/orgs/cryptpad/projects/7">5.6.0 project</a>. The pull-requests addressing these issues and implementing features are visible in the <a href="https://github.com/cryptpad/cryptpad/milestone/4">5.6.0 milestone</a> as they are awaiting review and being merged into the <code>staging</code> branch. A higher level view including research projects is still available on our <a href="https://cryptpad.fr/kanban/#/2/kanban/view/PLM0C3tFWvYhd+EPzXrbT+NxB76Z5DtZhAA5W5hG9wo/">public roadmap</a>.</p>
<p><img src="https://blog.cryptpad.org/images/github-project-preview.png" alt="preview of the 5.6.0 Project on GitHub" /></p>
<h2>🎁 Community translation program</h2>
<p>As you may know CryptPad is available in many languages (19 at the time of writing). The development team maintains the English and French translations, and other languages are translated by volunteers in the community. Unfortunately we are not able to compensate people financially for translation work but we offer free plans on <a href="http://cryptpad.fr/">CryptPad.fr</a> as a token of gratitude (this means increased storage and priority support). We have been doing this informally for some time but have now taken the time to <a href="https://docs.cryptpad.org/en/how_to_contribute.html#community-translation-program">document this "program" officially</a>.</p>
<h2>📰 Press & presentation</h2>
<p>Our CEO Ludovic Dubost was <a href="https://www.websiteplanet.com/blog/ludovic-dubost-interview/">interviewed by Website Planet</a> about open-source and the control of "cloud" infrastructure.</p>
<p>David will present CryptPad at the <a href="https://opensourceinnovation.eu/">Open Research Webinar</a> organized by <a href="https://www.ow2.org/">OW2</a> and <a href="https://www.eclipse.org/research/">Eclipse Foundation</a> on 7th November. The event is online and <a href="https://www.eventbrite.fr/e/open-research-webinar-november-7-tickets-718514866307">free to attend if registered</a>.</p>
<p>We were also happy to read <a href="https://www.lemonde.fr/pixels/article/2023/10/14/face-aux-gafam-les-chatons-sortent-les-griffes_6194362_4408996.html">a small mention of CryptPad</a> in French newspaper Le Monde, as part of an article about ethical hosting collective <a href="https://www.chatons.org/">CHATONS</a>.</p>
<h2>🔭 What's next</h2>
<ul>
<li>Work on supporting Single Sign On with various identity providers</li>
<li>Ongoing work on accessibility and mobile support</li>
<li>More things to include in the upcoming 5.6.0 release</li>
</ul>
September 2023 status2023-10-03T00:00:00Zhttps://blog.cryptpad.org/2023/10/03/status-2023-09/CryptPad 5.5.0 nearly ready, Daria and Diana stay on the team and Fabrice joins<p>After two "summer statuses" we resume our monthly updates.</p>
<h2>🚀🔭 CryptPad 5.5 coming soon</h2>
<p>The team is preparing the latest version of CryptPad. At the time of writing we are planning to deploy 5.5 to <a href="http://cryptpad.fr/">CryptPad.fr</a> this week and make it available on GitHub shortly after if all goes well. Highlights for this release will include:</p>
<h3>Moderation and deletion features</h3>
<p>Instance administrators will now have the option to archive a whole account, including all documents where the account is the only owner. This enables admins to take stronger action in moderation cases where more than a single document is in breach of the instance's terms of service.</p>
<p>We also took this opportunity to better communicate <em>why</em> a document is not accessible. Previously, CryptPad would display confusing messages such as this one if a document had been deleted or if its password was changed:</p>
<blockquote>
<p>The document you are trying to open no longer exists or is protected with a new password. Enter the correct password to access the content.</p>
</blockquote>
<p>With 5.5.0 CryptPad will give more information in cases where the document or account was:</p>
<ul>
<li>Deleted by an owner</li>
<li>Deleted by an admin (user account or document)</li>
<li>Deleted for inactivity (documents not stored in a user drive and inactive)</li>
<li>Protected with a new password (user account or document)</li>
</ul>
<h3>OnlyOffice upgrade</h3>
<p>CryptPad 5.5.0 includes an upgraded version of OnlyOffice applications (7.3.3.60) and fixes some import/export bugs for office documents.</p>
<h3>End-to-end testing</h3>
<p>For this release we are making use of the end-to-end testing suite that Zuzanna has been developing for the last few months. It has been a <em>lot</em> of work to program all of the test cases using <a href="https://playwright.dev/">Playwright</a> but these efforts are finally starting to pay off as the tests have already identified a few bugs. We'll continue these efforts to improve the quality assurance of CryptPad in future releases.</p>
<h3>Acessibility and mobile fixes</h3>
<p>With Daria and Diana's internships coming to an end, we are releasing their contributions. They mostly have to do with improvements related to <a href="https://github.com/orgs/cryptpad/projects/5">accessibility</a> and using CryptPad on <a href="https://github.com/orgs/cryptpad/projects/6">mobile</a>.</p>
<h2>🧑🔬 🧑🔬 Daria and Diana are joining the team</h2>
<p>Speaking of Daria and Diana, we are happy to announce that they will remain on the team after their internships finish. They will each take a part time role while also completing the last year of their studies. Their work will continue to focus on improving the CryptPad front-end for better accessibility and mobile usability, two areas that need a lot of continued improvement.</p>
<h2>🧑🔬 Fabrice joins the team</h2>
<p>We have another addition to the team this month: <a href="https://fmouhart.epheme.re/">Fabrice Mouhartem</a>. Fabrice is a cryptography researcher who completed his PhD at École Nationale Supérieure (ENS) in Lyon, France (2018). His recent post-docs at ENS and PQShield focused on building provable cryptographic protocols based on both classical and post-quantum assumptions. His role on the CryptPad team will be split between research on how to get CryptPad post-quantum ready, and contributing features and bug fixes to the code. We look forward to having Fabrice's expertise on the team!</p>
<h2>🔭 What's next</h2>
<ul>
<li>Continuing work on our document API and authentication features</li>
<li>Wrapping up the Blueprints project with a website that details all outcomes and provides a place for future research and prototypes</li>
</ul>
Summer 2023 status - part 22023-08-18T00:00:00Zhttps://blog.cryptpad.org/2023/08/18/status-2023-summer-02/CryptPad 5.4.0, New Diagram app, 2 Factor Authentication<p>As promised, this is the second part of our summer status. It is all about the new 5.4.0 version of CryptPad which is now live and released.</p>
<h2>🚀 CryptPad 5.4.0</h2>
<p>We deployed the new version to our <a href="https://cryptpad.fr/">flagship instance</a> on July 20th. With members of the team taking summer breaks, we took our time to test the new features, bring the <a href="https://docs.cryptpad.org/">documentation</a> up to date, gather feedback and translations. We released <a href="https://github.com/cryptpad/cryptpad/releases/tag/5.4.0">5.4.0 on GitHub</a> on August 10th. The major new feature are:</p>
<h3>🎨 New Diagram app</h3>
<p>The Diagram application is an integration of <a href="https://www.drawio.com/">Draw.io</a> into CryptPad's encrypted real-time collaboration.</p>
<p><a class="btn" href="https://cryptpad.fr/diagram/"><i class="fa fa-external-link"></i> Try the Diagram app on cryptpad.fr</a></p>
<p><img src="https://blog.cryptpad.org/images/diagram-screenshot.png" alt="screenshot of the new diagram application" /></p>
<h3>🔑🔑 2 Factor Authentication</h3>
<p>You can now protect your account with 2 factor authentication using one-time passwords.</p>
<p>How-to for your <a href="http://cryptpad.fr/">Cryptpad.fr</a> account:</p>
<ol>
<li>Settings > Security & Privacy</li>
<li>Enter your password</li>
<li>Save the recovery code</li>
<li>Snap the QR code with a 2FA app of your choice</li>
<li>Confirm with a code</li>
<li>✅ 2FA is enabled</li>
</ol>
<p>2FA is the first deliverable for the <a href="https://nlnet.nl/project/CryptPad-Auth/">CryptPad AUTH</a> project, ahead of the upcoming SSO features. We are very grateful to NLnet and NGI Assure for the support in making CryptPad more secure.</p>
<h3>🎁 and more</h3>
<ul>
<li>We dropped Bower, an <a href="https://github.com/cryptpad/cryptpad/issues/295#issuecomment-1373267211">outdated tool</a> to manage client-side dependencies</li>
<li>In addition to the Diagram application, Mermaid.js is also upgraded to 10.2.4 adding more diagram types such as <a href="https://mermaid.js.org/syntax/mindmap.html">mindmap</a> and <a href="https://mermaid.js.org/syntax/timeline.html">timeline</a></li>
<li>New setting to destroy all of the documents you own in one click</li>
<li>The full release notes are <a href="https://github.com/cryptpad/cryptpad/releases/tag/5.4.0">on GitHub</a></li>
</ul>
<h2>🚀 🪂 CryptPad 5.4.1</h2>
<p>Even though we had plenty of time to test things on <em>our</em> instance, problems occured after the release with a number of configuration issues and <a href="https://github.com/cryptpad/cryptpad/commit/a3772cf92c448e893cf8e021cfe9149939d3fd6c">typos</a> causing upgrading issues on other instances. We are tracking these and will release <a href="https://github.com/cryptpad/cryptpad/milestone/3">5.4.1</a> ASAP to make the fixes available.</p>
<h2>🔭 Next up</h2>
<ul>
<li>We'll be resuming monthly status updates at the end of each month starting with September</li>
<li>SSO authentication features are next on the roadmap for the AUTH project</li>
<li>We are in the final talks for an exciting new hire for the team, we'll say more in the next couple of months</li>
</ul>
Summer 2023 status - part 12023-07-17T00:00:00Zhttps://blog.cryptpad.org/2023/07/17/status-2023-summer-01/Late update: Summer internships & hackathon projects<p>We missed the June 2023 status as the end of the month was busy with summer internships and travel to the annual XWiki seminar for part of the team. To catch up, here is a "Summer status" format which will be staggered mid-July and mid-August before we resume monthly schedule in September.</p>
<h2>🩴🧢 Summer internships</h2>
<p>We are delighted to welcome Daria Burghelea and Diana Voineag to the team for 3 months internships as part of the <a href="https://stagiipebune.ro/">Stagii pe Bune</a> program in Romania. Daria started on June 26th with a focus on front-end work including <a href="https://github.com/orgs/cryptpad/projects/5">accessibility issues</a>. Diana started last week on July 10th and will be focusing on end-to-end testing and screenshot automation at first.</p>
<h2>💡 Seminar hackathon projects</h2>
<p>Each year the XWiki seminar includes a one day hackathon where teams mix and work on experimental or neglected. We had two CryptPad projects this time</p>
<h3>📁🌳 Where to save? tree view</h3>
<p>Documents and files are saved to the root of the Drive by default in a few cases, for example when adding an image to a document, or when opening a linked shared by someone and choosing to store it. This can lead to a cluttered drive, and provides little visibility on what is happening when something is stored. This project was about prototyping a new tree view that would allow users to pick a specific folder when storing something new in their drive.</p>
<p>The sprint resulted in a usable prototype, see the screenshot below and the <a href="https://github.com/cryptpad/cryptpad/tree/hackathon-treeview">branch on GitHub</a>.
We will do our best to fix the remaining issues and release this in a future version of CryptPad.</p>
<p><img src="https://blog.cryptpad.org/images/2023-hackathon-where-to-save.png" alt="screenshot of the image upload dialog including a new folder tree to select where the image will be saved" /></p>
<h3>📱🪲 Mobile bug hunt</h3>
<p>Issues with using CryptPad on mobile may be the number one source of negative feedback we get about the product. While none of these neatly fit into our funded projects, we took the hackathon opportunity to list as many mobile bugs as we could. The result is a <a href="https://github.com/orgs/cryptpad/projects/6">list of 41 issues</a></p>
<h2>🔭 Next up</h2>
<ul>
<li>We are working on <a href="https://github.com/cryptpad/cryptpad/milestone/1">CryptPad 5.4</a> and looking forward to releasing it soon. Part 2 of the summer status will bring more details</li>
<li>Members of the team will be taking well deserved breaks during the coming weeks</li>
</ul>
May 2023 status2023-06-01T00:00:00Zhttps://blog.cryptpad.org/2023/06/01/status-2023-05/GitHub re-org, Docker container, Faye joins the team<h2>🗃️ GitHub re-organization</h2>
<p>Although the team unanimously agrees that there are <a href="https://sfconservancy.org/GiveUpGitHub/">very good reasons to leave GitHub</a>, we have decided to stay there for a little while longer. CryptPad has been on GitHub since the very beginning, that is nearly 9 years of building visibility for the project. On top of this the team is changing and growing a lot currently. I feel that our priority should be to spend our time learning how to work well together rather than undertaking a big move on top of our workload.</p>
<p>To make the most out of our remaining time on GitHub, we are doing some reorganization. We are moving to the <a href="https://github.com/cryptpad">CryptPad Organization</a> which we created a couple years back but never used. The move is currently ongoing. The main CryptPad repository, documentation, and blog have been moved, the rest of our projects and packages are still under <a href="https://github.com/xwiki-labs">XWiki Labs</a> and will follow in the coming weeks. GitHub should redirect requests to the old location but you can now use <code>git clone https://github.com/cryptpad/cryptpad.git</code> to get the latest code.</p>
<p>We will keep our eye on a few great open-source forge projects (for example <a href="https://forgejo.org/">Forgejo</a> self-hosted or as part of <a href="https://codeberg.org/">Codeberg</a>) to prepare a move out of GitHub in future.</p>
<h2>🐳 Docker container</h2>
<p>There has long been a demand for deploying CryptPad using Docker. As long as the team was <em>tiny</em> (2 or 3) we did not have the resources to maintain a container, so Docker was a "community" effort thanks to <a href="https://github.com/promasu">Promasu</a> volunteering his time 🙏 2 years ago with <a href="https://github.com/cryptpad/cryptpad/releases/tag/3.17.0">3.17.0</a> we even made a point of moving all Docker related files to their <a href="https://github.com/xwiki-labs/cryptpad-docker">own repository</a>.</p>
<p>Today the team has a bit more capacity (6) and some of our <a href="https://blog.cryptpad.org/2023/02/09/CryptPad-Funding-Status-January-2023/">ongoing projects for 2023</a> include funding for Docker and Kubernetes deployment. We will therefore be able to move the dockerfile back to main CrytpPad repository and maintain it for each new release. We want to thank Promasu for all the work done over many years. It has become harder for him to find the time to do this work so we are happy to take it forward. Expect an update on the new container in a future status post and/or in the changelog!</p>
<h2>🧑🔬 Faye joins the team</h2>
<p>We are delighted to welcome Faye Duxovni to the team as a privacy and cryptography engineer. Her focus will be on CryptPad's security and on making cryptography useful to people. She was previously at Element working on technical specifications as well as user-facing implementations for their end-to-end encrypted chat. We are thrilled to have Faye and her expertise on board!</p>
<h2>🔭 Next steps</h2>
<ul>
<li>Turning our attention back to the <a href="https://www.drawio.com/">Draw.io</a> integration prototype and working towards its release</li>
<li>Preparing for the XWiki annual seminar at the end of the month</li>
<li>Getting ready to welcome Daria and Diana, our two summer interns as part of the <a href="https://stagiipebune.ro/">Stagii pe Bune</a> program in Romania</li>
</ul>
April 2023 status2023-05-03T00:00:00Zhttps://blog.cryptpad.org/2023/05/03/status-2023-04/5.3 release, new status pages, and some team updates<h2>🚀 CryptPad 5.3</h2>
<p>At the time of writing we are in the last stages of wrapping up CryptPad 5.3 for release. This version upgrades all of the OnlyOffice applications (Spreadsheet, Document, Presentation) to version 7.1. We improved the Form application with Condorcet voting results (ordered list questions) as well as bug fixes and minor tweaks. Please see the <a href="https://github.com/xwiki-labs/cryptpad/releases/tag/5.3.0">Changelog</a> for the full details.</p>
<h2>🚦 New status pages</h2>
<p><img src="https://blog.cryptpad.org/images/status-page.png" alt="status page screenshot" /></p>
<p>We are introducing two new pages to check on the status of CryptPad and its related services. <a href="https://uptime.cryptpad.org/status/cryptpad">🚦 CryptPad Status</a> shows the availability of our flagship instance <a href="http://cryptpad.fr/">CryptPad.fr</a> and all other sites maintained by the development team (documentation, project website, this blog, and so on). <a href="https://uptime.cryptpad.org/status/public-instances">🚦 CryptPad Instances Status</a> shows all <a href="https://cryptpad.org/instances/">public instances listed on our website</a>.</p>
<p>We are very grateful to <a href="https://uptime.kuma.pet/">Uptime Kuma</a> for providing a simple, easy to use, and <a href="https://github.com/louislam/uptime-kuma">open-source</a> monitoring tool.</p>
<h2>🛠️ Team</h2>
<p>There is more movement on the team this month. Unfortunately Arnaud Laprévote will not stay with XWiki, so he will also stop contributing to CryptPad's business and research efforts. We thank Arnaud for the ideas, leads, and projects generated in the last few months and whish him well for future endeavours.</p>
<p>On the hiring front, we are in the last stages of contractual work for a great <a href="https://cryptpad.org/jobs/#privacy-eng">Privacy and Cryptography Engineer</a>. We hope to report some exciting news on this in the next monthly status!</p>
<h2>🔭 Next up</h2>
<p>We will be pushing forward on the various research projects in the next month. Some partnerships have now officially been announced so we will say more about them soon. Most importantly we will be planning which of our prototype features to prioritize for the next release!</p>
March 2023 status2023-03-31T00:00:00Zhttps://blog.cryptpad.org/2023/03/31/status-2023-03/Welcoming Zuzanna to the team, and saying goodbye to Aaron and Theo<h2>👩🔬 Zuzanna Łudzik joins the team</h2>
<p>Last week we welcomed Zuzanna to the team as a junior developer. She studied neuroscience and climate science before retraining as a software engineer and working for charities and educational companies. She will start by looking at how to improve Quality Assurance for CryptPad, and will no doubt end up contributing to more areas.</p>
<h2>👋 Farewell to Aaron MacSween</h2>
<p>This month was Aaron's last with the team, as <a href="https://blog.cryptpad.org/2022/12/29/stepping-down/">he announced</a> at the end of 2022 he will be taking a well-deserved holiday before focusing on his work as an independent privacy and security researcher.</p>
<p>On behalf of the whole team I'd like to thank Aaron for the 7 years of relentless work he has committed to CryptPad. By this I don't just mean 5400+ commits on our <code>main</code> branch but also all the work as project lead: securing grants to fund the project, driving the roadmap, all while endlessly monitoring prod, building a customer base, and making CryptPad known and used by thousands.</p>
<p>Aaron we wish you the very best in your future endeavours, and we hope that you'll be back to visit!</p>
<p><img src="https://blog.cryptpad.org/images/Cryptpad-2.png" alt="screenshot of the CryptPad 2.0.0 homepage" /></p>
<p>As a farewell postcard, this is CryptPad 2.0.0 released around the time Aaron became project lead in 2018. Note that Sheets, shared folders, Teams, Contacts, and so many other features are missing...</p>
<h2>👋 Farewell to Theo von Arx</h2>
<p>We are also saying good bye to Theo as his 6 months of work on <a href="https://nlnet.nl/project/CryptPad-Blueprints/">Blueprints</a> are coming to an end. Theo has been applying his cryptography expertise to CryptPad to both document how it currently works and pave the way for future developments. These contributions will help improve the product in months and years to come. We are very grateful to Theo for all the work he produced. The <a href="https://blog.cryptpad.org/2023/02/02/Whitepaper/">Cryptpad whitepaper</a> is already published and we will be gathering all the other outputs in a dedicated R&D website in the coming weeks. Theo is going to start a PhD at ETH Zurich and we wish him the very best on his future projects!</p>
<h2>🔭 Next up</h2>
<p>With all of these changes in the team we have been busy with handing off various projects (AUTH, Blueprints) and onboarding. Following our quarterly schedule we should have released a new version of CryptPad about now, but we are pushing this back to prioritize team communication and workload management.</p>
<p>As mentioned <a href="https://blog.cryptpad.org/2023/02/28/status-2023-02/">last month</a>, we have lots of prototypes around, as well as improvements to Forms and OnlyOffice. We will package some of these into a new release in the coming weeks. Maybe even before the next status!</p>
February 2023 status2023-02-28T00:00:00Zhttps://blog.cryptpad.org/2023/02/28/status-2023-02/Lots of prototypes and CryptPad AUTH officially starts<h2>🚧 Lots of prototypes</h2>
<p>Since the start of the year we have been working on a few projects in parallel, so we are accumulating prototypes for a variety of new experimental features:</p>
<h3>Nextcloud</h3>
<p><img src="https://blog.cryptpad.org/images/proto-nextcloud.png" alt="screenshot of CryptPad code app running in Nextcloud" /></p>
<p>Wolfgang and Yann have been working on an integration with <a href="https://nextcloud.com/">Nextcloud</a>. A minimal CryptPad instance (as in limited to the Code/Markdown application for now) opens documents in temporary collaborative editing sessions, with all changes synced back to Nextcloud for storage.</p>
<h3>Diagrams</h3>
<p><img src="https://blog.cryptpad.org/images/proto-diagram.png" alt="screenshot of Diagram app in CryptPad" /></p>
<p>Wolfgang has been working on integrating <a href="https://www.diagrams.net/">Draw.io</a> as a CryptPad application. Early tests are looking very promising, there are still a few key challenges ahead such as import/export, inserting images, increasing security (CSP headers).</p>
<h3>Notes</h3>
<p><img src="https://blog.cryptpad.org/images/proto-notes.png" alt="the Code and Markdown Slide apps merging into the Notes app" /></p>
<p>Yann and David are working on the early stages of Notes, a new application that will combine the current Code and Markdown Slides apps. We plan on supporting different "modes" that will 1) preserve existing features and 2) improve the visibility and experience of using Markdown on CryptPad. Yann currently has most existing Code features working in <a href="https://codemirror.net/">CodeMirror 6</a> (current apps use CodeMirror 5). Next steps are to use <a href="https://revealjs.com/">reveal.js</a> for the slide mode and to design a single-pane note mode with Markdown inline preview.</p>
<h3>Yjs</h3>
<p>As part of our <a href="https://blog.cryptpad.org/tags/blueprints/">Blueprints project</a>, Theo has put together a working prototype of CryptPad's Code application over <a href="https://yjs.dev/">Yjs</a>. This will likely remain at an experimental stage for now, but it will be made available with the other project deliverables.</p>
<hr />
<p>As you may have noticed, each of these prototypes integrates or relies on other open-source projects. CryptPad wouldn't exist without this broader ecosystem so we encourage you to check out and support all of these projects: <a href="https://nextcloud.com/">Nextcloud</a>, <a href="https://www.diagrams.net/">Draw.io</a>, <a href="https://codemirror.net/">CodeMirror</a>, <a href="https://revealjs.com/">reveal.js</a>, and <a href="https://yjs.dev/">Yjs</a>. We will in turn make all of these prototypes available and open-source when they are ready, whether or not they are integrated into a future version of CryptPad.</p>
<h2>🔑 🪪 AUTH officially starts</h2>
<p>We are happy to announce that we have finally signed off the <a href="https://nlnet.nl/project/CryptPad-Auth/">CryptPad AUTH</a> project with NLNet, as part of the <a href="https://nlnet.nl/assure/">NGI ASSURE</a> grant programme. The project's main goal is to make CryptPad more secure by adding support for external authentication methods. We will be working to add suport for two main types of services: identity providers (such as OpenID, LDAP, etc) and two factor authenticators (such as Time-based One-time Passwords). We know these are much requested features for many people looking to integrate CryptPad with existing infrastructure (e.g. in enterprise) so we look forward to making them available.</p>
<h2>🔭 Next up</h2>
<ul>
<li>The various prototypes presented here are all part of different projects and partnerships with their own time-frames. We will be aligning those with our own roadmap and planning how and when each of them will make their way into future versions of CryptPad.</li>
<li>We are <a href="https://fosstodon.org/@cryptpad/109875016889111728">still hiring</a> please look at our <a href="https://cryptpad.org/jobs/">available roles</a> and share them with anyone who might be interested.</li>
</ul>
CryptPad Funding Status January 20232023-02-09T00:00:00Zhttps://blog.cryptpad.org/2023/02/09/CryptPad-Funding-Status-January-2023/A summary of our budget for the year 2022 and planning for 2023<p>It's been since January 2021 that we haven't given a funding status to our community, especially to everyone supporting us on Open Collective. We are sorry about that. The reason is that we have been very busy working on European Union (EU) projects and also working to secure some larger funding for the years 2023-2026. We'll come back to that later in this post.</p>
<p>First some news about how 2022 went.</p>
<h2>2022 Financial Status</h2>
<p>From the financial point of view the year of 2022 is negative by <strong>€50k</strong>. So the TL;DR for this post is that you can help us cover the losses of 2022 in 2023 by donating on <a href="https://opencollective.com/cryptpad">Open Collective</a>.</p>
<p>On the revenue side, for 2022 we have been accepted for 2 grants of 50k each from NLnet through Next Generation Internet (NGI) Assure and NGI Zero Entrust, which is €50k less than last year. The special research tax credit, or Crédit Impôt Recherche (CIR) in French, for 2022 for hiring a PhD graduate gives us €40k for the last year. Subscriptions and donations have increased to a total of €59k (from €49k) for a total funding of <strong>€199k</strong>.</p>
<p>On the spending side we have increased spending on 2022 to <strong>€249k</strong>, through some raises, hiring <a href="https://blog.cryptpad.org/2022/10/28/status-2022-10/">Theo</a> for the NGI Zero Entrust project and also hiring <a href="https://blog.cryptpad.org/2022/08/30/status-2022-08/">Mathilde</a> and <a href="https://blog.cryptpad.org/2022/11/28/status-2022-11/">Arnaud</a> to prepare the future, bringing the final balance to -€50k.</p>
<p>However during 2022 we have also worked hard to find some new funding for 2023,which is why we decided to hire anyway to prepare for this. This turned out to be the right decision, because just before the end of the year, we have received some funding to implement Diagrams inside CryptPad and also a 10K$ donation from a large company.</p>
<p><img src="https://blog.cryptpad.org/images/2023-budget-chart.png" alt="chart showing the balance of resources vs spending for the years 2019 to 2022" /></p>
<h2>What did we do in 2022 with our funding</h2>
<p>In particular we released version 5.0 with a new, more modern and minimalist design with rounded corners and simpler colors, but many other improvements and additions to all our apps.</p>
<p>Here is a summary of our achievements in 2022.</p>
<ul>
<li><a href="https://blog.cryptpad.org/2022/12/21/status-2022-12/">December</a>: new form settings, improved team drive onboarding</li>
<li><a href="https://blog.cryptpad.org/2022/10/28/status-2022-10/">October</a>: new forum, repeating calendar events</li>
<li><a href="https://blog.cryptpad.org/2022/09/29/status-2022-09/">September</a>: new features for instance administrators</li>
<li><a href="https://blog.cryptpad.org/2022/04/27/status-2022-04/">April</a>: project website, public instance list</li>
<li><a href="https://blog.cryptpad.org/2022/03/29/March-2022-status-catching-up-on-recent-news/">March</a>: INTEROFFICE project wrap up, bug bounty program</li>
</ul>
<p>We also started the work on the CryptPad Auth project bringing SSO and MFA to CryptPad which is still in progress, and we published the CryptPad White Paper to describe the <a href="https://blog.cryptpad.org/2023/02/02/Whitepaper/">security of CryptPad</a>.</p>
<h2>2023 Funding & Budget</h2>
<p>At the beginning of 2022 we have applied to a French Banque Publique d'Investissement (BPI) program called « Development of Cloud-based collaborative Office suite" ( Développement de suites bureautiques cloud de travail collaboratif ») in partnership with other French companies. We decided to join multiple consortiums, which have been successfully selected for the final validation step. We are now expecting the projects (unless there is a bad surprise) to be signed by BPI France at the beginning of 2023. We expect these projects to bring significant funding for 2023 to 2026 to CryptPad, but we cannot yet confirm those. The funding planned for BPI will include investment on the OnlyOffice components, on the integration with other platforms (including implement Open with CryptPad APIs), improve the Docker & Kubernetes deployment of CryptPad.</p>
<p>Secondly we are happy that we have now received a sponsorship from a state project in Germany, to develop a CryptPad <a href="http://draw.io/">Draw.io</a> integration and provide a diagram editor and build an API to integrate CryptPad as an editor for NextCloud text and diagrams. The full extend and the scope of the funding is in finalization and still needs to be confirmed but we expect it to cover:</p>
<ul>
<li>the integration of <a href="http://draw.io/">Draw.io</a> providing a professional diagram editor to CryptPad</li>
<li>an integration API</li>
<li>a Nextcloud integration to open and store CryptPad documents in Nextcloud</li>
<li>the Docker and Kubernetes packaging</li>
<li>accessibility of the general CryptPad UI, the text and diagram editors</li>
<li>security work</li>
</ul>
<p>We expect this funding to significantly accelerate the development of CryptPad this year.</p>
<p>Therefore, XWiki SAS has decided to anticipate the hiring in the CryptPad team to prepare for the growth in 2023.</p>
<p>For 2023, the budget will increase significantly with a larger team. Theo will finish his 6 month contract at the end of March, as planned, to start his PhD. We also hired Wolfgang, who has started in January to complete the team and allow us to prepare the projects planned in 2023.</p>
<p>Aaron the current technical lead of CryptPad will <a href="https://blog.cryptpad.org/2022/12/29/stepping-down/">take a break from the project and leave us end of March 2023</a>. He has already passed on the project leadership to David, now the technical leadership will be passed on to Yann. <strong>Aaron has been an incredible lead to bring the project to this status which allowed larger organizations to believe in this project.</strong></p>
<p>With all this, before including the BPI projects, the budget for the team will be reaching <strong>€500k of spending</strong> and we won't have the extra PhD help we had for 2020-2022. This budget will not be covered only with subscriptions and donations, which we expect to be around <strong>€80k.</strong> We already expect €300k from the large German project, which would allow to balance the budget but not cover the loss of 2022. This budget only includes one new hire (Wolfgang) in the team and a part-time web developer.</p>
<p>With the BPI funding, we expect the revenue to reach <strong>€600k to €800k</strong>, which would allow us to accelerate hiring in the team, while being careful on long term funding of the team.</p>
<h2>CryptPad funding over the years</h2>
<p>You can see in this table the details of the funding of the CryptPad project inside XWiki SAS throughout the years</p>
<table>
<thead>
<tr>
<th style="text-align:left">Year</th>
<th style="text-align:left">Total Revenue</th>
<th style="text-align:left">Total Costs</th>
<th style="text-align:left">Balance</th>
</tr>
</thead>
<tbody>
<tr>
<td style="text-align:left">2019</td>
<td style="text-align:left">153,5</td>
<td style="text-align:left">160</td>
<td style="text-align:left">-6,5</td>
</tr>
<tr>
<td style="text-align:left">2020</td>
<td style="text-align:left">236,5</td>
<td style="text-align:left">242</td>
<td style="text-align:left">-5,5</td>
</tr>
<tr>
<td style="text-align:left">2021</td>
<td style="text-align:left">267</td>
<td style="text-align:left">254</td>
<td style="text-align:left">13</td>
</tr>
<tr>
<td style="text-align:left">2022</td>
<td style="text-align:left">257,2</td>
<td style="text-align:left">307</td>
<td style="text-align:left">-49,8</td>
</tr>
<tr>
<td style="text-align:left">Planned 2023 - Safe</td>
<td style="text-align:left">505</td>
<td style="text-align:left">495</td>
<td style="text-align:left">10</td>
</tr>
<tr>
<td style="text-align:left">Planned 2023 - Mid Level</td>
<td style="text-align:left">685</td>
<td style="text-align:left">630</td>
<td style="text-align:left">55</td>
</tr>
<tr>
<td style="text-align:left">Planned 2023 - Dream</td>
<td style="text-align:left">905</td>
<td style="text-align:left">835</td>
<td style="text-align:left">70</td>
</tr>
</tbody>
</table>
<p>All data in thousands of Euros</p>
<p><img src="https://blog.cryptpad.org/images/2023-budget-chart-possible.png" alt="bar chart comparing the figures in the table above" /></p>
<p>Additional details about the source of the funding and the costs. As you can see most of the costs of the CryptPad project are the team salaries. Some additional costs cover structure costs for XWiki SAS (office, HR, activities, trips, etc..). In terms of revenue we can count of the subscriptions and donations which cover part of the budget and the french tax cut "Crédit Impôt Recherche" covering part of the salaries. The main part of our funding in the last years has been European Research Project in particular from the Next Generation Internet Program. As explained before, this should change in 2023 with the arrival of a large project from Germany and the French research projects.</p>
<h2>Financial Resources</h2>
<table>
<thead>
<tr>
<th style="text-align:center"></th>
<th style="text-align:center">Subscriptions</th>
<th style="text-align:center">Donations</th>
<th style="text-align:center">Research Projects</th>
<th style="text-align:center">Client Roadmap</th>
<th style="text-align:center">Client Service</th>
<th style="text-align:center">CIR*</th>
<th style="text-align:center">CIR PHD**</th>
</tr>
</thead>
<tbody>
<tr>
<td style="text-align:center">2019</td>
<td style="text-align:center">10</td>
<td style="text-align:center">4,5</td>
<td style="text-align:center">100</td>
<td style="text-align:center"></td>
<td style="text-align:center"></td>
<td style="text-align:center">39</td>
<td style="text-align:center"></td>
</tr>
<tr>
<td style="text-align:center">2020</td>
<td style="text-align:center">20</td>
<td style="text-align:center">8,5</td>
<td style="text-align:center">109</td>
<td style="text-align:center"></td>
<td style="text-align:center"></td>
<td style="text-align:center">59</td>
<td style="text-align:center">40</td>
</tr>
<tr>
<td style="text-align:center">2021</td>
<td style="text-align:center">35</td>
<td style="text-align:center">14</td>
<td style="text-align:center">150</td>
<td style="text-align:center"></td>
<td style="text-align:center"></td>
<td style="text-align:center">28</td>
<td style="text-align:center">40</td>
</tr>
<tr>
<td style="text-align:center">2022</td>
<td style="text-align:center">46,5</td>
<td style="text-align:center">12,7</td>
<td style="text-align:center">100</td>
<td style="text-align:center"></td>
<td style="text-align:center"></td>
<td style="text-align:center">58</td>
<td style="text-align:center">40</td>
</tr>
<tr>
<td style="text-align:center">Planned 2023 - Safe</td>
<td style="text-align:center">60</td>
<td style="text-align:center">25</td>
<td style="text-align:center">0</td>
<td style="text-align:center">200</td>
<td style="text-align:center">110</td>
<td style="text-align:center">110</td>
<td style="text-align:center">0</td>
</tr>
<tr>
<td style="text-align:center">Planned 2023 - Mid Level</td>
<td style="text-align:center">60</td>
<td style="text-align:center">25</td>
<td style="text-align:center">200</td>
<td style="text-align:center">200</td>
<td style="text-align:center">110</td>
<td style="text-align:center">90</td>
<td style="text-align:center">0</td>
</tr>
<tr>
<td style="text-align:center">Planned 2023 - Dream</td>
<td style="text-align:center">60</td>
<td style="text-align:center">25</td>
<td style="text-align:center">300</td>
<td style="text-align:center">300</td>
<td style="text-align:center">150</td>
<td style="text-align:center">70</td>
<td style="text-align:center">0</td>
</tr>
</tbody>
</table>
<p>* CIR: Crédit Impôt Recherche Tax Cut<br />
** CIR PHD: Extra Crédit Impôt Recherche for the first two years of hiring a PhD graduate<br />
All data in thousands of Euros</p>
<h2>Spending</h2>
<table>
<thead>
<tr>
<th style="text-align:center"></th>
<th style="text-align:center">Number of Employees (Full-time Equivalent)</th>
<th style="text-align:center">Team Salaries</th>
<th style="text-align:center">Other costs</th>
<th style="text-align:center">Hosting Costs</th>
</tr>
</thead>
<tbody>
<tr>
<td style="text-align:center">2019</td>
<td style="text-align:center">2</td>
<td style="text-align:center">141</td>
<td style="text-align:center">19</td>
<td style="text-align:center">0 (*)</td>
</tr>
<tr>
<td style="text-align:center">2020</td>
<td style="text-align:center">3</td>
<td style="text-align:center">210</td>
<td style="text-align:center">32</td>
<td style="text-align:center">0 (*)</td>
</tr>
<tr>
<td style="text-align:center">2021</td>
<td style="text-align:center">3</td>
<td style="text-align:center">212</td>
<td style="text-align:center">42</td>
<td style="text-align:center">0 (*)</td>
</tr>
<tr>
<td style="text-align:center">2022</td>
<td style="text-align:center">4</td>
<td style="text-align:center">272</td>
<td style="text-align:center">35</td>
<td style="text-align:center">0 (*)</td>
</tr>
<tr>
<td style="text-align:center">Planned 2023 - Safe</td>
<td style="text-align:center">6</td>
<td style="text-align:center">420</td>
<td style="text-align:center">75</td>
<td style="text-align:center">0 (*)</td>
</tr>
<tr>
<td style="text-align:center">Planned 2023 - Mid Level</td>
<td style="text-align:center">7-8</td>
<td style="text-align:center">550</td>
<td style="text-align:center">80</td>
<td style="text-align:center">0 (*)</td>
</tr>
<tr>
<td style="text-align:center">Planned 2023 - Dream</td>
<td style="text-align:center">8+</td>
<td style="text-align:center">750</td>
<td style="text-align:center">85</td>
<td style="text-align:center">0 (*)</td>
</tr>
</tbody>
</table>
<p>All data in thousands of Euros</p>
<p>(*) XWiki SAS is sponsoring the hosting and infrastructure management of the <a href="http://cryptpad.fr/">cryptpad.fr</a> service as well as the development servers.</p>
<h2>What does it mean for CryptPad</h2>
<p>Overall, even if the budget for 2022 is not balanced and the budget for 2023 not yet completed, as we are waiting for the signature of the BPI Projects, this is incredibly good news for CryptPad. In 2022, we have continued to grow, securing funding for Single Sign-On (SSO, CryptPad Auth) and for documenting the Cryptography (CryptPad Blueprints). We have also seen an increased interest of CryptPad through the consortiums, for both the BPI and the German project. The promise of an end-to-end encrypted collaboration solution is becoming real. These projects are needed because the work required to achieve this is immense.</p>
<p>We just came back from FOSDEM where we had 3 presentations from our team and have been talking to the community, giving away CryptPad t-shirts to our users. Our stock went away quickly as we are happy to see that more and more people know and use CryptPad.</p>
<p>We are therefore optimistic that in 2023, it will be a great year of growth for CryptPad and that we will also be able to secure the funding for the following years. However over the long term we have not yet guaranteed the sustainability of CryptPad. For this we would need more recurrent revenue from subscriptions, donations and clients.</p>
<p><strong>This also means we will have new hires during the year. If the CryptPad project is something that matters to you, check our jobs postings: <a href="https://cryptpad.org/jobs/">https://cryptpad.org/jobs/</a></strong></p>
<h2>You can help CryptPad grow faster and be more sustainable</h2>
<p>On the cash flow side, XWiki SAS has also done good sales and is able to cover the short term needs, though given the growth of both XWiki and CryptPad, we do expect that it won't be easy to hire as fast as we would like. This is why, although we do have projects coming up, the help of our community is more than welcome.</p>
<p>Beyond the need of cash to hire faster, it is still important to bring additional, independent funding to CryptPad through <strong><a href="http://cryptpad.fr/">cryptpad.fr</a> <a href="https://cryptpad.fr/accounts/">subscriptions</a> or through regular (monthly or yearly) <a href="https://opencollective.com/cryptpad">donations</a> or through <a href="https://cryptpad.org/pricing/enterprise/">enterprise clients</a></strong>, as this would increase recurrent revenue which is needed.</p>
<p><strong>For CryptPad to be less dependent on short or medium term projects, the recurrent funding for the maintenance of the core software is <strong>essential.</strong></strong></p>
<p>Our users, paying users and donors are our credibility. When we discuss with potential customers or project partners, each user is key, each instance being installed, each pad being opened, each mention of CryptPad. You are our credibility.</p>
<p>We'd like to thank all of you and encourage anyone to join them on <a href="http://cryptpad.fr/">cryptpad.fr</a> or <a href="https://opencollective.com/cryptpad">Open Collective</a>.</p>
CryptPad White Paper2023-02-02T00:00:00Zhttps://blog.cryptpad.org/2023/02/02/Whitepaper/We proudly present the CryptPad white paper summarizing the use of cryptography in CryptPad.<p><img src="https://blog.cryptpad.org/images/whitepaper-diagram.png" alt="Figure: Key derivation for a form" /></p>
<p>We proudly present the <a href="https://blog.cryptpad.org/images/whitepaper.pdf">CryptPad white paper</a>
summarizing the use of cryptography in CryptPad.
The paper is targeted at people who are familiar with cryptography, but
obviously available for everyone interested in CryptPad.</p>
<p><a class="btn" href="https://blog.cryptpad.org/images/whitepaper.pdf"><i class="fa fa-file-pdf-o"></i> White Paper PDF - 355kB</a></p>
<p>In this white paper, we discuss CryptPad's underlying threat model, and explain
the communication between the server and the client.
We present the encryption of documents as the core functionality of CryptPad.
We further show how the login mechanism works and how we establish secure
communication between different users.
Finally, we discuss how we enable secure communication and access control within
a team.</p>
<p>This white paper is part of the <a href="https://nlnet.nl/project/CryptPad-Blueprints/">CryptPad Blueprints
Project</a> and is funded through
the <a href="https://nlnet.nl/entrust">NGI0 Entrust Fund</a>. We thank
<a href="https://nlnet.nl/">NLnet</a> for their support. All of the project's outputs, including this white paper, will be made available through a dedicated website as the project progresses.</p>
<p>We wish you a good read!
You can reach us with any questions or comments on <a href="https://forum.cryptpad.org/">our forum</a>,
<a href="https://matrix.to/#/#cryptpad:matrix.xwiki.com">Matrix</a>,
<a href="https://fosstodon.org/@cryptpad">Mastodon</a>, or
via <a href="mailto:contact@cryptpad.fr">Email</a>.</p>
<!-- <iframe src="/images/whitepaper.pdf#view=fit&toolbar=0&navpanes=0" width="100%" height="450px"></iframe> -->
January 2023 status2023-01-31T00:00:00Zhttps://blog.cryptpad.org/2023/01/31/status-2023-01/New pricing for hosted instances, Wolfgang joins the team, CryptPad Blueprints officially starts, FOSDEM presentations<p><img src="https://blog.cryptpad.org/images/instance-education.png" alt="screenshot of customized cryptpad instance for education" /></p>
<h2>🎟️ New pricing for hosted instances</h2>
<p>The project site has <a href="https://cryptpad.org/pricing/">new pages</a> dedicated to <a href="https://cryptpad.org/pricing/education/">Education</a>, <a href="https://cryptpad.org/pricing/nonprofit/">Nonprofits</a>, and <a href="https://cryptpad.org/pricing/enterprise/">Enterprise</a>. This is an opportunity to showcase some instance customizations and put forward some key arguments for CryptPad in each of these sectors. We are also launching our pricing range for managed instances, with the following basis:</p>
<ul>
<li>Enterprise</li>
<li>Nonprofit (50% off Enterprise)</li>
<li>Education (50% off Enterprise + only staff are counted)</li>
</ul>
<p>While self-hosting remains a free option for everyone, managed instances are a way for companies and organizations to contribute to the long-term stability of the project.</p>
<h2>🧑🔬 Wolfgang joins the team</h2>
<p>We are thrilled to welcome Wolfgang Ginolas to the team. He started first thing in 2023 as an R&D Engineer, bringing 14 years of experience in full-stack software development. Wolfgang will tackle some of the important challenges ahead, such as improving OnlyOffice integrations, and many more...</p>
<h2>🔬🔭 CryptPad Blueprints officially starts</h2>
<p>Even though work has started since Theo <a href="https://blog.cryptpad.org/2022/10/28/status-2022-10/">joined the team back in October</a>, the CryptPad <a href="https://nlnet.nl/project/CryptPad-Blueprints/">Blueprints</a> project has now been fully signed-off as part of the <a href="https://nlnet.nl/entrust/">NGI0 Entrust fund</a>.</p>
<p><em>Blueprints</em> is perhaps the most R&D project we have done to date. It is about thoroughly documenting the use of cryptography in CryptPad, and paving the way towards the "next generation" of the project. This will be done through a set of deliverables that range from documentation to experimental prototypes, including but not limited to:</p>
<ul>
<li>Whitepaper documenting the use of cryptography in CryptPad
<ul>
<li>Including a detailed threat model</li>
</ul>
</li>
<li>Guide for users on how to use CryptPad in the most secure way</li>
<li>Experimental prototypes and/or mockups for future features:
<ul>
<li>Offline first editing with Conflict Free Replicated Data Types (CRDTs)</li>
<li>Perfect forward secrecy for a more fine-grained degree of access control e.g. to the document history</li>
<li>Account-recovery mechanism making use of social secret sharing</li>
</ul>
</li>
</ul>
<p>Look for these as we start publishing outcomes in the coming weeks and months. If you'd like to hear about this work from Theo himself, catch his presentation at FOSDEM this Saturday Feb. 4th, which brings us to:</p>
<h2>📢 FOSDEM presentations</h2>
<p>A few people of the team will be at FOSDEM in Brussels this weekend, so please come say hi if you are around. We'll be giving the following presentations</p>
<h3>Whom Do You Trust?</h3>
<p>Privacy and Collaboration in CryptPad</p>
<p>Speaker: Theo von Arx (Cryptography researcher, CryptPad team)<br />
Day: Saturday<br />
Start: 15:00<br />
End: 15:25<br />
Location: UA2.118 (Henriot)</p>
<p><a href="https://fosdem.org/2023/schedule/event/security_whom_do_you_trust/">https://fosdem.org/2023/schedule/event/security_whom_do_you_trust/</a></p>
<h3>The Importance of Collaborative Applications for European Digital Sovereignty</h3>
<p>Progress and challenges of alternatives facing the BigTechs</p>
<p>Speaker: Ludovic Dubost (XWiki CEO)<br />
Day: Saturday<br />
Start: 15:45<br />
End: 16:45<br />
Location: H.1301 (Cornil)</p>
<p><a href="https://fosdem.org/2023/schedule/event/sovcloud_the_importance_of_collaborative_applications_for_european_digital_sovereignty/">https://fosdem.org/2023/schedule/event/sovcloud_the_importance_of_collaborative_applications_for_european_digital_sovereignty/</a></p>
<h3>Privacy and Collaboration</h3>
<p>How CryptPad lets you have both</p>
<p>Speaker: David Benqué (Project lead, CryptPad team)<br />
Day: Saturday<br />
Start: 18:00<br />
End: 18:25<br />
Location: K.4.601</p>
<p><a href="https://fosdem.org/2023/schedule/event/collab_cryptpad/">https://fosdem.org/2023/schedule/event/collab_cryptpad/</a></p>
<h2>🔭 Next up</h2>
<ul>
<li>Similar to <em>Blueprints</em>, CryptPad <a href="https://nlnet.nl/project/CryptPad-Auth/">AUTH</a> has been in the final stage of approval for some time, so we are looking forward to getting it over the line and start implementing new authentication features.</li>
<li>We have a number of big partnership projects lined up for 2023, each with the potential for adding new and important features to CryptPad in the year(s) to come. We hope to be able to say more in the next monthly status.</li>
</ul>
Stepping down2022-12-29T00:00:00Zhttps://blog.cryptpad.org/2022/12/29/stepping-down/After seven years of contributing to CryptPad's code and having led the project since 2018, I have decided that it is time for me to take a step back to pursue some new goals.<p>After seven years of contributing to CryptPad's code and having led the project since 2018, I have decided that it is time for me to take a step back to pursue some new goals.
I plan to take an extended holiday, after which I'll focus on growing my practice as an independent privacy and security researcher.</p>
<p>Not that long ago we had to try convince people just to test the platform.
Now, I've lost track of all the times its usage doubled or more overnight, leaving us scrambling to solve new scaling issues.
I am truly grateful that I had the opportunity to be a part of this journey and to have spent this time alongside some fantastic colleagues.</p>
<p>Going forward the team will be led by David, who you may have known up until now as our design lead.
Since 2019, David has been the bridge between our users' needs and the platform's engineering requirements.
That design work is at the core of our mission - to make privacy and encryption accessible to a much broader audience - and I am confident the team will thrive as it begins this new chapter.</p>
<p>I will remain on the team for a few more months to ensure that this transition happens smoothly, but naturally, David will have the support of the rest of the team.
Yann has been a part of CryptPad since the very beginning, well before I moved from Canada to France to join the effort.
Mathilde has taken on the role of platform administrator and community organizer since the summer.
We will have a new member joining in January, and there are still <a href="https://cryptpad.org/jobs/">open positions on the team</a> which you might be able to fill.
I am leaving the project in excellent hands.</p>
<p>And of course, CryptPad is not just the product of our team's work, but also the sum of many contributions from the wider community.
I'm very thankful for the support of our past and present funders from BPI France, Mozilla, members of Europe's NGI initiative, subscribers on <a href="http://cryptpad.fr/">CryptPad.fr</a>, and everyone who has donated to our <a href="https://opencollective.com/cryptpad#category-CONTRIBUTE">OpenCollective campaign</a>.</p>
<p>Once again, thank you to all of you who helped make these last seven years what they were, and have a great 2023!</p>
December 2022 status2022-12-21T00:00:00Zhttps://blog.cryptpad.org/2022/12/21/status-2022-12/CryptPad 5.2.0 and 5.2.1, Bitwarden Open Source Security Summit, and a sneak peek to 2023<h2>🚀 New version (and fixes)</h2>
<p>This month we released <a href="https://github.com/xwiki-labs/cryptpad/releases/tag/5.2.0">CryptPad 5.2.0</a>, introducing some new and long-requested features</p>
<h3>📊 New Forms settings</h3>
<p><img src="https://blog.cryptpad.org/images/new-form-settings.png" alt="preview of the new forms settings dialog" /></p>
<ul>
<li>Submit multiple times and/or edit and delete past responses</li>
<li>Notifications for form owners</li>
<li>Form authors can delete all responses</li>
<li>JSON export</li>
</ul>
<p>The settings area was getting crowded, so we refactored them into a modal window with a summary in the main editor view.</p>
<h3>🗓️ 🔁 Repeating Calendar events</h3>
<p>We already <a href="https://blog.cryptpad.org/2022/10/28/status-2022-10/">talked about this back in October</a> but the feature is now available to everyone.</p>
<ul>
<li>Quick default patterns (daily, weekly, etc)</li>
<li>Custom patterns</li>
<li>Edit this, future, or all events</li>
</ul>
<h3>🤝 Team drive on-boarding improvements</h3>
<ul>
<li>Invite links can now be used a set number of times instead of only once</li>
<li>Set the initial role for links instead of inviting everyone as viewer and promoting manually</li>
</ul>
<h3>🩹 Bug fixes</h3>
<p>Following the release we identified a few bugs with help from the community. We released the fixes as <a href="https://github.com/xwiki-labs/cryptpad/releases/tag/5.2.1">CryptPad 5.2.1</a>.</p>
<h2>🛡️ Bitwarden Open Source Security Summit</h2>
<p>David did a quick presentation of CryptPad at the Open Source Security Summit 2022 organized by <a href="https://bitwarden.com/">Bitwarden</a> on 8th December. The individual speaker videos should be available on their <a href="https://www.youtube.com/playlist?list=PL-IZTwAxWO4VMST3rtJTQPvNc277Xh1wW">YouTube channel</a> in the coming weeks.</p>
<h2>🔭 What's next</h2>
<p>We are excited to welcome another team member first thing in the new year, a senior developer that we will introduce soon.</p>
<p>We are also looking forward to implementing some important new features next year, namely Single-Sign-On and Multi-factor authentication. We will be doing this thanks to a grant from <a href="https://nlnet.nl/project/CryptPad-Auth/">NLNet and NGI ASSURE</a>. There will be much more information to come on this when the project starts.</p>
How to setup TLS certificates for CryptPad2022-12-12T00:00:00Zhttps://blog.cryptpad.org/2022/12/12/tutorial-nginx-tls-acme/A complete tutorial about Nginx TLS configuration with acme.sh<p>Hello!</p>
<p>This is the first of a new series of articles for the CryptPad blog. Let me introduce you to: tutorials! 📚</p>
<p>Today we'll be diving into an important step during CryptPad setup when deploying your own instance: TLS certificate generation.</p>
<h2>Prerequisites</h2>
<ul>
<li>You have read and followed the installation steps in the <a href="https://docs.cryptpad.org/en/admin_guide/">administrator guide</a>.</li>
<li>You are already familiar with Linux or UNIX systems, a command line text editor and basic command line use.
Unless stated otherwise, all commands listed in this article are meant to be run as superuser, <code>root</code>.</li>
<li>You have two different domains available, it's a strong requirement <a href="https://docs.cryptpad.org/en/admin_guide/installation.html#admin-domain-config">explained in the documentation</a>. You know how to setup their DNS zone file and have added proper entries for both IPv4 & IPv6.</li>
</ul>
<h2>Dependencies</h2>
<p>As Nginx is a basic requirement for CryptPad we'll assume that <a href="https://nginx.org/en/linux_packages.html#Debian">you have already installed it</a>. However, we still need a way to generate our TLS certificates.</p>
<p>Luckily, since 2015 and thanks to <a href="https://letsencrypt.org/">Let's Encrypt</a>, something that was once expensive and kind of a hassle to setup has been greatly simplified. Now you can get TLS certificates for free and provision them in a super simple way thanks to a variety of clients available. We will focus on <a href="https://github.com/acmesh-official/acme.sh">acme.sh</a>, <em>a pure Unix shell script implementing ACME client protocol</em>.</p>
<p>Let's start by cloning the git repository.</p>
<pre class="language-bash"><code class="language-bash"><span class="token function">git</span> clone https://github.com/acmesh-official/acme.sh.git</code></pre>
<p>Then move inside the new folder and install it by specifying an email address for the account registration:</p>
<pre class="language-bash"><code class="language-bash"><span class="token builtin class-name">cd</span> ./acme.sh<br />./acme.sh <span class="token parameter variable">--install</span> <span class="token parameter variable">-m</span> my@example.com</code></pre>
<p>This command should produce the following output.</p>
<pre><code>[Fri 02 Dec 2022 09:13:23 AM CET] It is recommended to install socat first.
[Fri 02 Dec 2022 09:13:23 AM CET] We use socat for standalone server if you use standalone mode.
[Fri 02 Dec 2022 09:13:23 AM CET] If you don't use standalone mode, just ignore this warning.
[Fri 02 Dec 2022 09:13:23 AM CET] Installing to /root/.acme.sh
[Fri 02 Dec 2022 09:13:23 AM CET] Installed to /root/.acme.sh/acme.sh
[Fri 02 Dec 2022 09:13:23 AM CET] Installing alias to '/root/.bashrc'
[Fri 02 Dec 2022 09:13:23 AM CET] OK, Close and reopen your terminal to start using acme.sh
[Fri 02 Dec 2022 09:13:23 AM CET] Installing cron job
38 0 * * * "/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh" > /dev/null
[Fri 02 Dec 2022 09:13:23 AM CET] Good, bash is found, so change the shebang to use bash as preferred.
[Fri 02 Dec 2022 09:13:24 AM CET] OK
[Fri 02 Dec 2022 09:13:24 AM CET] Install success!
</code></pre>
<p>You can safely ignore the socat warning since we won't use the standalone mode.</p>
<h2>Configuration</h2>
<h3><a href="http://acme.sh/">acme.sh</a></h3>
<p>It's a great ACME client because of its simplicity and the fact that it just works and then gets out of your way.</p>
<p>The maintainers of <a href="http://acme.sh/">acme.sh</a> have a sponsored partnership with ZeroSSL to set up their Certificate Authority (CA) as <a href="http://acme.sh/">acme.sh</a>'s default. But ZeroSSL free services can be unreliable. That's why we prefer Let's Encrypt, which is more reliable and also operated by a nonprofit organization.</p>
<p>We need to change a single parameter to switch the CA from ZeroSSL to Let's Encrypt.
We do this with the following command:</p>
<pre class="language-bash"><code class="language-bash">acme.sh --set-default-ca <span class="token parameter variable">--server</span> letsencrypt</code></pre>
<p>Which produces this result:</p>
<pre class="language-bash"><code class="language-bash"><span class="token punctuation">[</span>Fri 02 Dec <span class="token number">2022</span> 09:22:27 AM CET<span class="token punctuation">]</span> Changed default CA to: https://acme-v02.api.letsencrypt.org/directory</code></pre>
<h3>Nginx</h3>
<p>Now we can configure Nginx!</p>
<p>First we create a directory where the ACME token will be put for authenticating before certificates retrieval.</p>
<pre class="language-bash"><code class="language-bash"><span class="token function">mkdir</span> <span class="token parameter variable">-p</span> /var/www/le_root/.well-known/acme-challenge</code></pre>
<p>Then we create a directory where the certificates will be stored when installed.</p>
<pre class="language-bash"><code class="language-bash"><span class="token function">mkdir</span> <span class="token parameter variable">-p</span> /etc/ssl/lets-encrypt/your-main-domain.com</code></pre>
<p>We also need to create an Nginx configuration file for <a href="http://acme.sh/">acme.sh</a> webroot.</p>
<pre class="language-nginx"><code class="language-nginx"><span class="token directive"><span class="token keyword">cat</span> <<EOT >> /etc/nginx/letsencrypt-webroot<br />location ^~ /.well-known/acme-challenge</span> <span class="token punctuation">{</span><br /> <span class="token directive"><span class="token keyword">allow</span> all</span><span class="token punctuation">;</span><br /> <span class="token directive"><span class="token keyword">expires</span> -1</span><span class="token punctuation">;</span><br /> <span class="token directive"><span class="token keyword">add_header</span> Cache-Control no-store</span><span class="token punctuation">;</span><br /> <span class="token directive"><span class="token keyword">alias</span> /var/www/le_root/.well-known/acme-challenge/</span><span class="token punctuation">;</span><br /><span class="token punctuation">}</span><br />EOT</code></pre>
<p>We link it to the default Nginx configuration file, pasting those lines below the <code>listen</code> directive in <code>/etc/nginx/conf.d/default.conf</code>:</p>
<pre class="language-nginx"><code class="language-nginx"><span class="token comment"># Let's Encrypt webroot</span><br /><span class="token directive"><span class="token keyword">include</span> letsencrypt-webroot</span><span class="token punctuation">;</span></code></pre>
<p>Then we check if everything is sound.</p>
<pre class="language-bash"><code class="language-bash">nginx <span class="token parameter variable">-t</span></code></pre>
<p>Finally, if we get no warning or errors, we reload the configuration to apply the last changes.</p>
<pre class="language-bash"><code class="language-bash">nginx <span class="token parameter variable">-s</span> reload</code></pre>
<h2>Certificate generation</h2>
<p>Now that we have configured <a href="http://acme.sh/">acme.sh</a> & Nginx we can finally issue our certificates. We'll validate them against two domains, the main one and the one dedicated to the sandbox.</p>
<pre class="language-bash"><code class="language-bash">acme.sh <span class="token parameter variable">--issue</span> <span class="token parameter variable">-d</span> your-main-domain.com <span class="token parameter variable">-d</span> your-sandbox-domain.com <span class="token parameter variable">-w</span> /var/www/le_root/</code></pre>
<p>This command should produce the following output.</p>
<pre><code>[Fri 02 Dec 2022 09:23:23 AM CET] Using stage ACME_DIRECTORY: https://acme-staging.api.letsencrypt.org/directory
[Fri 02 Dec 2022 09:23:23 AM CET] Creating domain key
[Fri 02 Dec 2022 09:23:23 AM CET] The domain key is here: /root/acme/.acme.sh/your-main-domain.com/your-main-domain.com.key
[Fri 02 Dec 2022 09:23:23 AM CET] Single domain='your-main-domain.com'
[Fri 02 Dec 2022 09:23:24 AM CET] Getting domain auth token for each domain
[Fri 02 Dec 2022 09:23:24 AM CET] Getting webroot for domain='your-main-domain.com'
[Fri 02 Dec 2022 09:23:25 AM CET] Getting new-authz for domain='your-main-domain.com'
[Fri 02 Dec 2022 09:23:25 AM CET] The new-authz request is ok.
[Fri 02 Dec 2022 09:23:26 AM CET] Verifying:your-main-domain.com
[Fri 02 Dec 2022 09:23:27 AM CET] Success
[Fri 02 Dec 2022 09:23:27 AM CET] Verify finished, start to sign.
[Fri 02 Dec 2022 09:23:27 AM CET] Cert success.
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
[Fri 02 Dec 2022 09:23:28 AM CET] Your cert is in /root/acme/.acme.sh/your-main-domain.com/your-main-domain.com.cer
[Fri 02 Dec 2022 09:23:28 AM CET] Your cert key is in /root/acme/.acme.sh/your-main-domain.com/your-main-domain.com.key
[Fri 02 Dec 2022 09:23:28 AM CET] The intermediate CA cert is in /root/acme/.acme.sh/your-main-domain.com/ca.cer
[Fri 02 Dec 2022 09:23:28 AM CET] And the full chain certs is there: /root/acme/.acme.sh/your-main-domain.com/fullchain.cer
</code></pre>
<p>After retrieving the certificates we will now install them in their proper directory. We'll also specify the command to be run for reloading Nginx after the certificates auto-renewal.</p>
<pre class="language-bash"><code class="language-bash">acme.sh --install-cert <span class="token parameter variable">-d</span> your-main-domain.com <span class="token parameter variable">-d</span> your-sandbox-domain.com <span class="token punctuation">\</span><br />--key-file /etc/ssl/lets-encrypt/your-main-domain.com/key <span class="token punctuation">\</span><br />--fullchain-file /etc/ssl/lets-encrypt/your-main-domain.com/cert <span class="token punctuation">\</span><br /><span class="token parameter variable">--reloadcmd</span> <span class="token string">"systemctl reload nginx.service"</span></code></pre>
<p>This command should produce the following output.</p>
<pre><code>[Fri 02 Dec 2022 09:25:38 AM CET] Installing key to:/etc/ssl/lets-encrypt/your-main-domain.com/key
[Fri 02 Dec 2022 09:25:38 AM CET] Installing full chain to:/etc/ssl/lets-encrypt/your-main-domain.com/cert
[Fri 02 Dec 2022 09:25:38 AM CET] Run reload cmd: systemctl reload nginx.service
[Fri 02 Dec 2022 09:25:38 AM CET] Reload success
</code></pre>
<h2>Going forward</h2>
<p>Now you just have to continue the installation process described in <a href="https://docs.cryptpad.org/en/admin_guide/installation.html#install-and-configure-nginx">the administrator guide</a>, copying the example configuration file provided and edit it to match your configuration.</p>
<h2>Summary</h2>
<p>It's done! In this tutorial we've seen how to install <a href="http://acme.sh/">acme.sh</a>, adapt Nginx configuration to handle TLS certificates generation and what are the next steps going forward. Thank you very much for reading this far, and for your interest in CryptPad!</p>
<p>In case of need, don't hesitate to join the <a href="https://forum.cryptpad.org/">community forum</a> or the <a href="https://matrix.to/#/#cryptpad:matrix.xwiki.com">Matrix space</a>. You can also follow CryptPad on the fediverse with the <a href="https://fosstodon.org/@cryptpad">official Mastodon account</a>.</p>
<p>Have a great day!</p>
November 2022 status2022-11-28T00:00:00Zhttps://blog.cryptpad.org/2022/11/28/status-2022-11/New blog design, Arnaud Laprévote joins the team, Le Monde uses CryptPad, Social media channels<p><img src="https://blog.cryptpad.org/images/2022-new-blog.png" alt="Screenshot of the new blog design split between light and dark mode" /></p>
<h2>🎨 New blog design</h2>
<p>You may have noticed the refreshed design of <a href="https://blog.cryptpad.org/">our blog</a>. In addition to providing a clearer overview of recent posts it now supports dark mode, gives us more control over the content of the RSS feed, and is overall much easier to maintain than the previous setup. We would like to thank <a href="https://www.11ty.dev/">Eleventy</a> for providing such a great and open-source static site generator!</p>
<h2>🧑💼 Arnaud Laprévote joins the team</h2>
<p>We welcome another new member to the team this month. Arnaud Laprévote, who you may have met in our <a href="https://blog.cryptpad.org/2022/11/17/FR-education-2022-11/">last post</a> (in French) has extensive experience in the French open-source software industry. He was previously CEO of <a href="https://en.wikipedia.org/wiki/Mandriva_Linux">Mandriva</a> and Lybero, and worked in research at France's <em>National Institute for Research in Digital Science and Technology</em> (INRIA). Arnaud's role will involve managing research project across our team and parent company XWiki. He will also lead business efforts such as selling managed CryptPad instances and other partnerships.</p>
<h2>📰 Le Monde uses CryptPad</h2>
<p>We were happy to see French national newspaper Le Monde <a href="https://www.lemonde.fr/international/video/2022/11/17/comment-les-stocks-d-armes-et-de-munitions-de-la-russie-ont-ete-severement-entames-par-des-attaques-ciblees-ukrainiennes_6150240_3210.html">use CryptPad to share the sources of an article</a>. This enables their journalists in the field in Ukraine, as well as anyone accessing the content, to protect their privacy.</p>
<h2>📢 Social media channels</h2>
<p>We have followed a "Fediverse first" approach to our social media presence for a long time. We provide an alternative to the big platforms when it comes to collaborative office suites, so it seems logical to use alternative social media such as <a href="https://fosstodon.org/@cryptpad">Mastodon</a>, <a href="https://peertube.xwiki.com/c/cryptpad_channel/videos">PeerTube</a> or <a href="https://pixelfed.social/cryptpad_design">Pixelfed</a> for our communication.</p>
<p>Until now we used Twitter to re-post our Mastodon content, and also monitored the account for any questions or mentions. Given the current events unfolding at Twitter, and the many abhorrent stances taken by its new CEO, we <a href="https://nitter.net/cryptpad/status/1590277396431015938">asked our followers</a> what we should do with the account. We will respect the preference of 77.5% of the 40 voters and keep the account active for now. We will however divest the time spent monitoring Twitter and have disabled cross posting. We encourage our followers to join the wave of people moving to Mastodon and the Fediverse.</p>
<h2>🔭 Next up</h2>
<p>We are working on features for the next version of CryptPad, due for release before the end of the calendar year. In addition to <a href="https://blog.cryptpad.org/2022/10/28/status-2022-10/">repeating events in Calendar</a> we are also making a number of long-requested improvements to Forms.</p>
CryptPad et le monde de l'éducation en France2022-11-17T00:00:00Zhttps://blog.cryptpad.org/2022/11/17/FR-education-2022-11/🇫🇷 Post in French - Le Journal Officiel a publié le 15 novembre 2022 une réponse du ministre de l'Éducation Nationale à une question parlementaire<p>Le Journal Officiel a publié le 15 novembre 2022 une réponse du ministre de l'Éducation Nationale à une question parlementaire ( <a href="https://questions.assemblee-nationale.fr/q16/16-971QE.htm">https://questions.assemblee-nationale.fr/q16/16-971QE.htm</a> ). Le député Philippe Latombe interrogeait le ministre sur l'usage de la suite bureautique Microsoft Office 365 dans sa version gratuite par les élèves et les enseignants. Le ministre a rappelé dans sa réponse les instructions qui ont été transmises au rectorat. Le résumé : comme Office 365 (ou l'équivalent chez Google) tombe sous le droit extra-européen, <strong>ces solutions sont interdites</strong>.</p>
<p>La communauté CryptPad, son équipe de développement et la société qui soutient ce développement (XWiki SAS), sont très heureuses de ce rappel. Les académies peuvent d'ors et déjà utiliser <a href="https://cryptpad.fr/">https://cryptpad.fr</a> directement, même sans compte.</p>
<p>En Allemagne, par exemple, le secteur éducatif a depuis longtemps compris le besoin essentiel de se protéger du modèle GAFAM. Au-delà de la surveillance et autres exploitations commerciales des données produites en milieu scolaire, <a href="https://www.hrw.org/StudentsNotProducts">soulignées par Human Rights Watch,</a> ces entreprises conditionnent l'apprentissage et les usages futurs des élèves. De nombreuses structures éducatives utilisent CryptPad en Allemagne, et nous sommes en discussion avec plusieurs partenaires pour amplifier ces usages.</p>
<p>CryptPad est une suite bureautique complète, chiffrée de bout en bout, avec les plus hautes exigences concernant la sécurité, la confidentialité et l'absence de traçabilité des usages. Le chiffrement et le déchiffrement se font dans le navigateur, donc aucune donnée non chiffrée ne quitte l'appareil des utilisateur·ices. Aucune donnée personnelle n'est demandée pour créer un compte, pas même une addresse email. Les administrateur·ices du système ne peuvent pas accéder aux documents ou comptes, et les logs sont réduits au minimum. Ces données chiffrées sont hébergées en France par OVH.</p>
<p>CryptPad est un logiciel libre, vous pouvez donc mettre en place votre propre serveur sans que nous n'en ayons la moindre idée. Évidemment, si vous souhaitez que le projet perdure, nous ne saurions trop vous conseiller de <a href="https://opencollective.com/cryptpad/contribute">nous soutenir que ce soit par un don, si possible récurrent</a>, un abonnement sur la plateforme <a href="https://cryptpad.fr/">https://cryptpad.fr</a>, un achat de service à l'équipe de développement, ou bien en contribuant directement au développement.</p>
<p>Vous souhaitez avoir plus d'informations ou de l'aide ? <a href="https://cryptpad.fr/form/#/2/form/view/kk-fRzy7YTN+SEYUNWxElLb5pLwTS2DXZtp4sOcnoYQ/">Remplissez ce questionnaire</a> (données stockées dans <a href="http://cryptpad.fr/">cryptpad.fr</a>, chiffrées de bout en bout 😉 ) et nous nous ferons un plaisir de revenir vers vous pour vous aider.</p>
October 2022 status2022-10-28T00:00:00Zhttps://blog.cryptpad.org/2022/10/28/status-2022-10/Repeating events in Calendar, Filter by document type in the drive, Theo joined the team, and more...<h2>📰 Review from Ubuntu Buzz</h2>
<p>CryptPad received <a href="https://www.ubuntubuzz.com/2022/10/cryptpad-review-google-docs-forms-alternative-and-a-self-hosting-bliss.html">an in-depth and positive review from Ubuntu Buzz</a>. They had already covered our Forms application <a href="https://www.ubuntubuzz.com/2022/01/how-to-create-online-forms-with-cryptpad-an-alternative-to-google-forms.html">earlier this year</a> and it great to see them keep up to date with our work. Thank you Ade Malsasa Akbar!</p>
<h2>🗓️🔁 Repeating events in Calendar</h2>
<p>We are happy to announce that you can now repeat calendar events on <a href="https://cryptpad.fr/">Cryptpad.fr</a>. This feature will be included in CryptPad 5.2, the next version planned for the end of 2022. We have received regular requests for this feature since the release of the Calendar application in <a href="https://blog.cryptpad.org/2021/05/26/status-may-2021/">May 2021</a>. At the time we stretched the scope of our <em>Dialogue</em> research project (funded by NLNet/NGI Zero) to include this new Calendar app, and this meant we had to <a href="https://blog.cryptpad.org/2021/04/26/status-april-2021/">compromise</a> on what features to include. We are glad to be adding this now and hope that it will make Calendar even more useful.</p>
<p><img src="https://blog.cryptpad.org/images/calendar-repeat-schedule.png" alt="The calendar application with a weekly schedule of repeating tasks" /></p>
<p><img src="https://blog.cryptpad.org/images/calendar-repeat-event.png" alt="Event creation dialog for a "weekly checkup" meeting" /></p>
<h2>🎛️ Filter by document type in the drive</h2>
<p>You can now filter documents by type in the drive. This feature was developed by Maxime Cesson, our summer intern, and is now available on <a href="https://cryptpad.fr/">Cryptpad.fr</a>.</p>
<p><img src="https://blog.cryptpad.org/images/drive-filter.png" alt="The document type filter in the drive" /></p>
<h2>👨🔬 Theo joined the team</h2>
<p>Theo has officially joined the team, and begun his investigation of how cryptography is used in CryptPad. He has started adding comments to the code, writing documentation, reviewing the state of the art, and drafting a whitepaper that will summarise his findings.</p>
<!-- XXX non dark theme diagram, re-export as Mermaid SVG and use their light/dark themes -->
<p><img src="https://blog.cryptpad.org/images/mermaid-diagram-theo-intro.png" alt="Key derivation for editable documents" /></p>
<h2>📢 Forum open to the public</h2>
<p>Our <a href="https://forum.cryptpad.org/">forum</a> is now <a href="https://blog.cryptpad.org/2022/10/03/Forum-launch/">officially open to the public</a>. We have started receiving feedback through this new channel and it is already proving easier to keep track of it than in ephemeral chats and/or GitHub issues. If you have requests, bug reports, or any questions about CryptPad please <a href="https://forum.cryptpad.org/">join and let us know</a>.</p>
<h2>🌐 New public instances</h2>
<p>This month we welcome two new CryptPad instances to our <a href="https://cryptpad.org/instances/">list of public instances</a>. The Netherlands-based non-profit <a href="https://disroot.org/">Disroot</a> is one of them, meaning that CryptPad instance are now available in 8 jurisdictions: Germany, Canada, Czech Republic, Netherlands, USA, Austria, Italy & France.</p>
<h2>🔭 Next up</h2>
<p>We are currently starting work on another set of long-requested features, this time in Forms. These <a href="https://forum.cryptpad.org/t/forms">improvements</a> will make Forms suitable for even more use-cases, and make existing ones easier. We also hope to finalise agreements for some new research projects, after which we'll be in a better position to talk about our plans for 2023!</p>
Welcome to the CryptPad forum!2022-10-03T00:00:00Zhttps://blog.cryptpad.org/2022/10/03/Forum-launch/We are opening a new forum as the central place for feedback and discussion around CryptPad<p><img src="https://blog.cryptpad.org/images/forum-launch.png" alt="the cryptpad forum logo surrounded by two party poppers" /></p>
<p>We are opening <a href="https://forum.cryptpad.org/">a new forum</a> as the central place for feedback and discussion around CryptPad. At the moment we receive feature requests, bug reports, and other feedback through various channels:</p>
<ul>
<li><a href="https://matrix.to/#/#cryptpad:matrix.xwiki.com">Matrix chat</a> (great for synchronous communication, not ideal for keeping track of ideas over time)</li>
<li><a href="https://github.com/xwiki-labs/cryptpad/issues">GitHub issues</a> (great for developers, not ideal for people who don't write code)</li>
<li>Support tickets on <a href="http://cryptpad.fr/">CryptPad.fr</a> (only visible by the sender and the instance admins)</li>
<li>Email, word of mouth, and anything else that gets lost if we don't write it down</li>
</ul>
<p>This forum is now the main place to submit feedback such as feature requests, ideas for improvements, and bug reports. It will allow the community to keep track of these discussions and contribute to them. We hope this place becomes part living documentation part pre-roadmap for the project.</p>
<p>We thank the <a href="https://flarum.org/">Flarum</a> team for providing an open-source forum that is simple and easy to use.</p>
<p>This forum is part of the CryptPad project and as such our <a href="https://github.com/xwiki-labs/cryptpad/blob/main/CODE_OF_CONDUCT.md">Code of Conduct</a> applies. Please familiarize yourself with it before posting.</p>
<p>We look forward to reading your feedback on how you use CryptPad and how to improve it!</p>
<p><a href="https://forum.cryptpad.org/">Join us on the CryptPad Forum!</a></p>
September 2022 status: The team keeps growing2022-09-29T00:00:00Zhttps://blog.cryptpad.org/2022/09/29/status-2022-09/Theo will be joining us in October and we have signed another hire to start in January 2023<h2>5.1 release</h2>
<p>This month we released <a href="https://github.com/xwiki-labs/cryptpad/releases/tag/5.1.0">CryptPad 5.1</a> that includes:</p>
<ul>
<li>New features for instance adminstrators. We added a "Database" tab in the admin panel that makes it easier to review metadata on user accounts and documents in cases where malicious activity is reported.</li>
<li>New translations in Spanish and Portugese (Portugal) thanks to the work of volunteers.</li>
<li>Many smaller improvements and bug fixes such as asciidoc syntax highlighting in Code documents.</li>
</ul>
<iframe src="https://fosstodon.org/@cryptpad/109040856162389039/embed" class="mastodon-embed" style="max-width: 100%; border: 0" width="400" allowfullscreen="allowfullscreen"></iframe><script src="https://fosstodon.org/embed.js" async="async"></script>
<h2>The team keeps growing</h2>
<p>We're happy to welcome Theo to the team starting in October. He has recently completed a master in cyber security at ETH Zurich. Theo will relocate to Paris for 6 months to work on documenting the use of cryptography in CryptPad and pave the way for future developments.</p>
<p>We are also happy to announce that we have signed with antoher new hire, a senior developer from Germany. We will give more details on this when they join the team full-time in January 2023.</p>
<h2>Next up</h2>
<p>We took advantage of the XWiki seminar hackathon last week to set up a <a href="https://forum.cryptpad.org/">new forum for CryptPad</a> using <a href="https://flarum.org/">Flarum</a>. We will be sharing the details shortly. This new forum will centralize discussions around CryptPad, part living documentation part pre-roadmap for the project.</p>
<p>Calendar improvements didn't quite make it into 5.1, but they are coming along nicely. The much-requested feature of recurring events will defintely be part of the next release, and deployed to <a href="http://cryptpad.fr/">Cryptpad.fr</a> before that.</p>
August 2022 status: Hi and bye to new team members2022-08-30T00:00:00Zhttps://blog.cryptpad.org/2022/08/30/status-2022-08/The end of Maxime's internship and Mathilde's first month<p>Monthly status posts are back!</p>
<h2>End of Maxime's internship</h2>
<p>August 31st is Maxime Cesson's last day with the CryptPad team. His 2 months with us have been very productive. Maxime went from "zero-knowledge" of JavaScript to having his code deployed in production in a few weeks.</p>
<p>He addressed <a href="https://github.com/xwiki-labs/cryptpad/issues?q=is%3Aissue+is%3Aopen+label%3A%22Junior+friendly%22+label%3A%22Fixed+in+staging%22+">a number of "junior friendly" issues</a> as well as the not-so-junior <a href="https://github.com/xwiki-labs/cryptpad/issues/438">document type filter for the drive</a>. Some of these features are already live on <a href="http://cryptpad.fr/">cryptpad.fr</a> and they will all be included in the next version of CryptPad. We are very happy with Maxime's contributions and wish him all the best for his future endeavours. He will go on to complete the last year of his studies while working in cyber-security.</p>
<h2>Mathilde's first month</h2>
<p>Mathilde Blanchemanche joined the team full-time on August 1st as instance administrator for <a href="http://cryptpad.fr/">cryptpad.fr</a>. Effectively her role incudes support, engaging with the community (on Matrix, Github, and possibly new platforms coming soon), managing the bug-fixing pipeline, and more things that we are still figuring out.</p>
<p>Mathilde has hit the ground running. She brought us to INBOX ZERO on support tickets after just over a week on the job, and has engaged with countless GitHub issues that were left without a response, sometimes for years.</p>
<p>This will continue into next month and beyond. In addition, she will contribute to user-research for some features we have in mind, and continue planning how to improve our efficiency and openness in dealing with incoming bug-reports and feature-requests.</p>
<h2>Next up</h2>
<p>We are planning to release CryptPad 5.1 in the next couple of weeks. This will include improvements to the admin panel for better moderation, a much requested improvement to the Calendar app, and more!</p>
Against #chatcontrol2022-05-19T17:05:00Zhttps://blog.cryptpad.org/2022/05/19/against-chatcontrol/Something terrible is happening in the EU and we need help to stop it<p>Something terrible is happening in the EU and we need help to stop it. Many people are very busy and understandably don't have the time to engage deeply with politics. I'll start with a brief summary and link to some resources on simple actions you can take to help prevent a bad law from being passed.</p>
<p><img src="https://blog.cryptpad.org/images/chatcontrol-cryptpad-graphic.png" alt="no #ChatControl - EU citizens, make your voices heard to stop this dangerous proposal. It would do nothing to protect the most vulenerable, and put everone at risk. Contact your MEP. Give feedback through the EU portal" /></p>
<h2>The short version</h2>
<p>The office of the <a href="https://ec.europa.eu/home-affairs/index_en">European Commission's' Directorate-General for Migration and Home Affairs</a> recently <a href="https://ec.europa.eu/commission/presscorner/detail/en/ip_22_2976">announced new legislation</a>, so called #chatcontrol, which would mandate that online platforms scan user-generated content like text, images, and videos to detect instances of child sexual abuse materials (CSAM) and grooming behaviour.</p>
<p>This policy would extend to providers of encrypted platforms (like CryptPad) through a practice known as <a href="https://www.internetsociety.org/resources/doc/2020/fact-sheet-client-side-scanning/">client-side scanning</a>. In this approach, encrypted platform providers are expected to deploy code to your device which will access and use your encryption keys against you, analyzing your private content and reporting back to the provider if it matches a set of rules defined by a government agency. All of this would be applied indiscriminantly with no need for a court order or reasonable suspicion.</p>
<p>This proposal already faces opposition from members of the European parliament, but they are the minority and they require more public support in order to stop this law from passing. Patrick Breyer, a former judge and current member of European parliament wrote a <a href="https://www.patrick-breyer.de/en/posts/messaging-and-chat-control/">comprehensive and accessible analysis</a> of what the law would mean for citizens. If you don't have time to read the full article, skip to the <a href="https://www.patrick-breyer.de/en/posts/messaging-and-chat-control/#WhatYouCanDo"><strong>what you can do</strong></a> section to see how to join those organizing to oppose this proposal on social media and beyond.</p>
<p>Such a system will affect people from around the world, not just Europe, but it is primarily Europeans who can do something about it. If you are a European resident or citizen you can also check <a href="https://mepwatch.eu/9/vote.html?v=134463">how your EU representatives voted</a> on <a href="https://european-pirateparty.eu/parliament-approves-chatcontrol/">the precursor to this legislation</a>. From there it is possible to find your representatives contact information <a href="https://www.europarl.europa.eu/meps/en/home">by name or by country</a>.</p>
<h2>An overview of #chatcontrol</h2>
<p>It's extremely useful to have short, descriptive names like "<a href="https://twitter.com/hashtag/chatcontrol" title="The chat control hashtag on Twitter">#chatcontrol</a>" for laws like this so that they can easily become a part of a broad public conversation. That said, some people have taken it to mean that these laws would only apply to messaging services and email. Our team read through the full proposal the day after it was released, and it's obvious that our flagship instance (<a href="https://cryptpad.fr/">cryptpad.fr</a>) would be an eligible target if the upcoming parliamentary vote passes.</p>
<p>That would mean that at any time we could be served with a "detection order" and be expected to begin scanning the data of all of our users for illicit content. The people proposing this legislation would like the public to believe the classic argument that <a href="https://en.wikipedia.org/wiki/Nothing_to_hide_argument"><em>"if you have nothing to hide, you have nothing to fear"</em></a>, that the surveillance mechanisms they want to deploy are reliable and safe, but that simply isn't true.</p>
<h3>Client-Side Scanning is an experimental technology</h3>
<blockquote>
<p>[Client-Side Scanning] has been promoted as a magical technological fix for the conflict between the privacy of people’s data and communications and the desire by intelligence and law enforcement agencies for more comprehensive investigative tools. A thorough analysis shows that the promise of CSS solutions is an illusion.</p>
<p>from <a href="https://arxiv.org/abs/2110.07450">The Risks of Client-Side Scanning report</a></p>
</blockquote>
<p>In October 2021 a group of fourteen broadly respected experts in the fields of cryptography, privacy, security, and digital policy collectively published a report of the risks of deploying client-side scanning as a tool for combatting child abuse. The report makes it very clear that the technologies are highly experimental and unreliable. They suffer from high rates of both false negatives (failing to detect their intended targets) and false positives (incorrectly identifying benign content as harmful). Worse still, these detection tools are usually trained with biased data sets that are far less accurate when applied to underrepresented subjects. Typically this means people of color, members of the LGBTQ+ community, and people with disabilities, making it very likely that this surveillance will disproportionately affect people who are already marginalized.</p>
<p>If that wasn't bad enough, that only assesses how these tools perform under ideal circumstances. Things get far worse when we consider <em>adversarial scenarios</em>; cases where certain people are deliberately trying to manipulate the likelihood of false negatives or false positives. In recent years researchers have demonstrated techniques where an image can be imperceptively modified to avoid or trigger detection. This means it's not only possible for people distributing CSAM to become practically invisible, but that the next meme you download to your device might have been manipulated to have you flagged as a sexual predator.</p>
<p>It probably sounds like the techniques involved are incredibly sophisticated, and they are, but that sophistication is matched by publicly available tooling. For context, researchers from Apple developed an algorithm intended to accurately detect CSAM and it was <a href="https://twitter.com/matthew_d_green/status/1428179884954853379">broken within 48 hours</a>. Since then, many people have tinkered with different approaches and improved on the initial results, often <a href="https://gist.github.com/unrealwill/c480371c3a4bf3abb29856c29197c0be">publishing their code for anyone to use</a>. If client-side scanning is mandated in the EU then it is practically guaranteed that tools for evading or abusing it will become widespread and progressively easier to use.</p>
<h3>Deeper risks</h3>
<blockquote>
<p>"The ability of citizens to freely use digital devices, to create and store content, and to communicate with others depends strongly on our ability to feel safe in doing so. The introduction of scanning on our personal devices—devices that keep information from to-do notes to texts and photos from loved ones—tears at the heart of privacy of individual citizens. Such bulk surveillance can result in a significant chilling effect on freedom of speech and, indeed, on democracy itself."</p>
<p>from <a href="https://arxiv.org/abs/2110.07450">The Risks of Client-Side Scanning report</a></p>
</blockquote>
<p>There is broad consensus among people familiar with the proposed technologies that they are not sufficiently accurate for widespread deployment. That might be good enough to stop this bill, but it's likely that we'll just have to fight such legislation again in the near future when scanning technologies become marginally more accurate. There are deeper reasons why it's important to say not only that such an approach is unacceptable now, but that it will <em>never</em> be acceptable.</p>
<p>First, tools for encryption remain widely available, and distributors of CSAM can always continue to use existing file hosting platforms to host data that they have encrypted themselves. We can't eliminate encryption because it is key not only to protect civil liberties, but for basic tasks like online commerce. So there will always be a deeper, darker hole where predators can hide, meanwhile everyone else's privacy will be in jeopardy.</p>
<p>Second, it's crucial that we critique not just the technology that would be deployed, but the people deploying it. Databases of CSAM are extremely sensitive in nature and obviously can't be reviewed by the public. As a natural consequence, it is impossible to independently verify that other types of media are not added to the database. A system that scans for CSAM today can be used tomorrow to detect and report criticism of the government, or its police force.</p>
<p>We don't have to look far into the past or beyond Europe's borders to find examples of data misuse. The <a href="https://www.berlin.de/en/news/coronavirus/6493422-6098215-luca-app-how-the-digital-contact-tracing.en.html">Luca app</a> which was intended strictly for COVID19 contact tracing in Germany was <a href="https://www.washingtonpost.com/world/2022/01/13/german-covid-contact-tracing-app-luca/">illegally accessed by police</a> early in 2022 to investigate a suspicious death.</p>
<p>Finally, and perhaps most horrifying of all, is the risk that in trying to stop the distribution of CSAM, the agencies carrying out this task might inadvertently reveal information from their database of known material. <a href="https://arxiv.org/abs/2108.13873">Model-extraction attacks</a> are a technique for reverse-engineering machine learning (ML) models, such as the ones used to detect CSAM videos and grooming text in the EU proposal. By making a large number of queries against an ML system and observing the results an attacker can learn what qualities it searches for. With that information it becomes possible to apply those qualities to synthetic images, producing results that are remarkably similar to those in the secret database of training data. The website <a href="https://thispersondoesnotexist.com/">this person does not exist</a> serves as an example of the level of detail that can be expected.</p>
<p>Our position, and the consensus of experts on the matter, is that client-side scanning is far worse than a <em>slippery slope</em> which <em>might possibly lead to abuse</em> at some distant date in the future. Its risks are so numerous and its safeguards so inadequate that it's fair to question whether it could ever be safely deployed.</p>
<h2>What this law will could mean for CryptPad's future</h2>
<p>Client-side scanning is fundamentally incompatible with privacy. It cannot be implemented responsibly, and its adverse affects will further entrench existing inequalities in society. Knowing this, it would be unethical for us to deploy such a system against our own users.</p>
<p>If this proposal passes its vote and becomes mandatory within the EU we will most likely have to move away from acting as a service provider. This would eliminate revenue which accounts for approximately one third of our budget and put extraordinary pressure on our team when we are already severely under-resourced for the goals we are trying to accomplish.</p>
<p>On a positive note, CryptPad is better prepared for this eventuality than many other platforms by virtue of being open-source. Anyone with the required expertise can host a server, meaning that even without active involvement from our team, our work can provide continued benefits to the public, which is our ultimate goal regardless of whether Europe enforces indiscriminate surveillance. To that end, we recently compiled <a href="https://cryptpad.org/instances/">a list of publicly available CryptPad instances</a> hosted by trustworthy third-parties, and we welcome new additions to this list.</p>
<p>In the longer term, however, being unable to offer our platform as a commercial service will make it very difficult for us to continue improving the software at our current pace. We will become increasingly dependent on <a href="https://opencollective.com/cryptpad" title="CryptPad's open collective campaign">donations</a> to continue, and it's possible that our opposition to this policy will affect our eligibility for research projects funded by the European Commission.</p>
<p>In recent years Europe has earned a solid reputation as a welcome home to leaders in the field of privacy-preserving technologies. As such, we are far from alone in opposing this legislation (see statements from <a href="https://european-pirateparty.eu/chat-control-leaked-commission-paper-eu-mass-surveillance-plans/">The European Pirate Party</a>, <a href="https://www.ccc.de/en/updates/2022/eu-kommission-will-alle-chatnachrichten-durchleuchten">the Chaos Computer Club</a>, <a href="https://tutanota.com/blog/posts/eu-surveillance-csam/">Tutanota</a>, <a href="https://protonmail.com/blog/joint-statement-eu-encryption/">Protonmail</a>, <a href="https://edri.org/our-work/protecting-digital-rights-and-freedoms-in-the-legislation-to-effectively-tackle-child-abuse/">EDRi</a>). I'm confident the people working to strengthen safeguards for privacy will find ways to continue, even if they are forced to do so elsewhere. What is less certain is how much damage will be done to people's trust in elected officials and public institutions. It's vital that we organize to defeat this legislation, and work to strengthen institutions so that such a proposal is never considered again.</p>
<blockquote>
<p>Given recent experience in multiple countries of hostile-state interference in elections and referenda, it should be a national-security priority to resist attempts to spy on and influence law-abiding citizens. CSS makes law-abiding citizens more vulnerable with their personal devices searchable on an industrial scale. Plainly put, it is a dangerous technology. Even if deployed initially to scan for child sex-abuse material, content that is clearly illegal, there would be enormous pressure to expand its scope. We would then be hard-pressed to find any way to resist its expansion or to control abuse of the system.</p>
<p>from <a href="https://arxiv.org/abs/2110.07450">The Risks of Client-Side Scanning report</a></p>
</blockquote>
April 2022 status: The public instance list goes live2022-04-27T13:53:00Zhttps://blog.cryptpad.org/2022/04/27/status-2022-04/We have been talking about our project site for a while ... Last week we added an important feature to the site: the list of public CryptPad instances.<p>We have been talking about <a href="https://cryptpad.org/">our project site</a> for a while. Its main purpose is to improve communication about CryptPad (the open-source project) and to differentiate it from <a href="https://cryptpad.fr/">Cryptpad.fr</a> (the flagship instance we administer). Last week we added an important feature to the site: <a href="https://cryptpad.org/instances/">the list of public CryptPad instances</a>.</p>
<p><img src="https://blog.cryptpad.org/images/project-site-preview.png" alt="Screenshot of the updated project site. Clicking "Try CryptPad" takes visitors to the public instance list" /></p>
<p>The purpose of this list is to make the meaning of "open-source" clearer, as most people don't otherwise know or care about it: CryptPad can be hosted by anyone who likes, and they are free to offer the service, even in a commercial capacity. For us the development team, this list is also a new way for instance administrators to contribute to the project. <a href="https://cryptpad.fr/">Cryptpad.fr</a> exists to provide financial support for development through its paid plans. Administering this instance, for example responding to support tickets, is a significant part of our workload. When a third-party instance accepts to take care of "free" users and their associated support questions it effectively helps us to dedicate more time to improving CryptPad itself for everyone.</p>
<p>Publishing this list is not straightforward however, especially for a privacy-focused project like CryptPad. What if we inadvertently direct people to a careless or malicious instance that puts their data at risk? To address this we put in place <a href="https://docs.cryptpad.fr/en/admin_guide/admin_panel.html#list-my-instance-in-public-directories">a set of criteria</a> that an instance has to meet in order to be listed:</p>
<ul>
<li>It has to be up-to-date with the latest version, meaning the latest security fixes will be applied</li>
<li>It has to pass a comprehensive series of tests to ensure all recommended security settings are enabled</li>
<li>Some basic information has to be provided such as the location where encrypted data is hosted and a privacy policy</li>
</ul>
<p>In addition to this the instance administrators have, of course, to opt-in for their instance to be listed.</p>
<p>As of today the list is still short, with only 2 instances aside from <a href="http://cryptpad.fr/">CryptPad.fr</a>. However we expect to see this number rise as more of the ~20 administrators who have opted in bring their instance in line with the requirements.</p>
<iframe src="https://social.weho.st/@cryptpad/108073662309134459/embed" class="mastodon-embed" style="max-width: 100%; border: 0" width="400" allowfullscreen="allowfullscreen"></iframe><script src="https://social.weho.st/embed.js" async="async"></script>
<p>In addition to the list requirements, we have released two versions this month that take a stronger stance on enforcing correct configuration for <em>all</em> CryptPad instances. We want to prevent CryptPad from providing a false sense of security to users while being misconfigured by administrators and actually putting user information at risk. This is why from version <a href="https://github.com/xwiki-labs/cryptpad/releases/tag/4.14.0">4.14.0</a> and <a href="https://github.com/xwiki-labs/cryptpad/releases/tag/4.14.1">4.14.1</a> CryptPad will not work unless the security guarantees we expect are actually implemented.</p>
<p>Over the coming weeks we plan to add more information to the <a href="https://cryptpad.org/">project site</a>. Some time ago we launched <a href="https://cryptpad.fr/form/#/3/form/view/0684aee21b4a36ed9dc41cfca9a27246/">a survey</a> in which we asked people to tell us what they love about CryptPad. Their responses will be displayed on the home-page. We will also be promoting hosted instances with "Your Own CryptPad" aimed at different sectors: education, NGOs, and enterprise. These will be installed and maintained by the development team for organizations who want the benefits of their own instance.</p>
March 2022 status: catching up on recent news2022-03-29T17:37:08Zhttps://blog.cryptpad.org/2022/03/29/March-2022-status-catching-up-on-recent-news/The beginning of 2022 has been sufficiently busy that we decided to skip two of our usual monthly status update blog posts. Things have not calmed down that much in March, but we didn't want to go any longer without an update.<p>The beginning of 2022 has been sufficiently busy that we decided to skip two of our usual monthly status update blog posts. Things have not calmed down that much in March, but we didn't want to go any longer without an update.</p>
<h2>DAPSI wrap-up and FOSDEM</h2>
<p><img src="https://blog.cryptpad.org/images/dapsi-what-normally-happens.png" alt="A diagram depicting a client sending content to a server for conversion" /></p>
<p>In January we concluded the INTEROFFICE project which was sponsored by <a href="https://dapsi.ngi.eu/">NGI DAPSI</a>. The DAPSI project administrators arranged a final event where all the projects they'd funded summarized their results in brief five-minute pitches. David Benqué, our design lead, managed to fit our most interesting results into this limited timespan. His presentation is available <a href="https://www.youtube.com/watch?v=RQ9Ll-1UEF4&t=2437s">on YouTube</a>.</p>
<p><img src="https://blog.cryptpad.org/images/dapsi-with-interoffice.png" alt="A diagram depicting a server sending a conversion engine to a client" /></p>
<p>Approximately two weeks later David gave a somewhat longer presentation at FOSDEM, titled <strong>INTEROFFICE: Making CryptPad more interoperable with common office formats</strong>, in the <em>Collaborative Information and Content Management Applications</em> dev room. The talk's description, video recording, slides, and links to related talks from the same track can be found on <a href="https://fosdem.org/2022/schedule/event/collabinteroffice/">FOSDEM's website</a>.</p>
<p>Even more information about the project can be found on DAPSI's website, where we are listed as one of the program's <a href="https://dapsi.ngi.eu/success-story-interoffice-collaborating-on-office-documents-without-giving-up-privacy/">success stories</a>.</p>
<h2>Intigriti bug bounty program and new releases</h2>
<p>Late in 2021 we were invited to participate in a bug bounty program coordinated by <a href="https://www.intigriti.com/">Intigriti</a> and <a href="https://ec.europa.eu/info/news/european-commissions-open-source-programme-office-starts-bug-bounties-2022-jan-19_en">sponsored</a> by the European Commission. The program began in mid-January and continued up until mid-March, with independent security researchers probing CryptPad's code looking for issues which could negatively impact users.</p>
<p>Our 4.13 release addressed a number of security issues which are described in its <a href="https://github.com/xwiki-labs/cryptpad/releases/tag/4.13.0">release notes</a>, however, we've noticed that relatively few third-party instance administrators have applied these updates. Furthermore, many that have updated have not done so correctly, and in some cases this means that their users' data may be at risk.</p>
<p>Up until now we've tried to make it <em>easier to configure CryptPad correctly</em> by providing our <a href="https://docs.cryptpad.fr/en/admin_guide/installation.html">admin installation guide</a>, including clear and detailed explanations of the update process in each release's notes, as well as shipping a built-in diagnostics page which tells administrators what they need to correct. The trouble with this approach is that many admins don't read the docs, the release notes, or review the diagnostics page. With this in mind, we're starting to consider that the only reliable way to communicate with admins is through the platform's code.</p>
<p>Starting with our upcoming 4.14 release we plan to shift our strategy towards making CryptPad <em>harder to configure incorrectly</em>. We have made a number of changes that cause misconfigured instances to abort loading entirely, rather than proceed without the expected level of security.</p>
<p>We are also expanding our definition of <em>correct configuration</em> to include things like <em>privacy policies</em> and <em>terms of service</em>. If an instance permits registration of user accounts but has not included either of these links then the diagnostics page will suggest that they add such pages or deactivate registration.</p>
<p>Some of these features are already live on <a href="https://cryptpad.fr/">cryptpad.fr</a>, and we plan to tag the latest code as a release on GitHub as soon as we've finalized its notes.</p>
<h2>What's next</h2>
<p>Our <a href="https://github.com/xwiki-labs/cryptpad/releases/4.7.0">4.7.0 release</a> release introduced an option permitting administrators to opt-in to inclusion in a directory of public instances. At the time no such directory existed because we wanted to confirm that there was actually interest from a sufficient number of administrators. At this point there are nineteen admins who have indicated their interest, ten of which are running an up-to-date instance which passes its tests, so we're moving forward with the project.</p>
<p>We've decided to make the 4.14 release the last major version of the 4.0 cycle and have begun preparing for a 5.0 release. We're going to introduce a new look for CryptPad with a simpler home page, with more information moved out of the platform itself and onto our project site (<a href="https://cryptpad.org/">cryptpad.org</a>), which will also host the public instance directory.</p>
<p>Since our team consists of only three full-time developers we're trying to create more ways for the community to get involved with the direction of the open-source project. We've created <a href="https://matrix.to/#/#cryptpad:matrix.xwiki.com">a space on the federated Matrix network</a> where members of the community can connect with each other. It offers dedicated rooms for instance administrators, developers, translators, and general discussion about the project's roadmap and governance.</p>
<p>As always, if you like what we're doing and would like to support our continued effort, you can donate through <a href="https://opencollective.com/cryptpad">our OpenCollective campaign</a> or purchase a subscription for a premium account on <a href="https://cryptpad.fr/">cryptpad.fr</a>.</p>
Preparing for 20222021-12-30T12:52:20Zhttps://blog.cryptpad.org/2021/12/30/Preparing-for-2022/With the end of the year nearly upon us I am keeping up my tradition of writing a retrospective of what the CryptPad team has done over the past twelve months and an overview of our plans for the next twelve.<p>With the end of the year nearly upon us I am keeping up my tradition of writing a <a href="https://blog.cryptpad.org/tags/retrospective/">retrospective</a> of what the CryptPad team has done over the past twelve months and an overview of our plans for the next twelve.</p>
<h2>The year in retrospect</h2>
<h3>NGI research</h3>
<p>We've been very fortunate to have received continued support from the European Commission's <a href="https://www.ngi.eu/">Next Generation Internet Initiative</a>. We completed two research projects funded by <a href="https://nlnet.nl/PET/">NGI0 PET</a> and launched a new project funded by <a href="https://dapsi.ngi.eu/">NGI DAPSI</a> which will wrap up in January.</p>
<p>We released the last components of the <a href="https://nlnet.nl/project/Cryptpad-Communities/"><em>CryptPad for Communities</em> project</a> which made the platform quite a bit easier to set up and administrate. We deployed our <a href="https://docs.cryptpad.fr/en/admin_guide/index.html">administrator guide</a>, added a variety of configuration options on the <a href="https://docs.cryptpad.fr/en/admin_guide/admin_panel.html">admin panel</a>, and developed an instance diagnostics page to automatically detect common configuration issues and suggest remediations.</p>
<p>NGI0 also funded this year's <a href="https://nlnet.nl/project/CryptPadForms/"><em>Dialogue</em> project</a> which comprised of a new <em>Form</em> app and a variety of supporting features, including a new <em>calendar</em> app, an internal reminders API, and more admin panel features for broadcasting instance-wide announcements.</p>
<p>In <a href="https://blog.cryptpad.org/2021/04/26/status-april-2021/">our April status update</a> we introduced the DAPSI-funded <em>INTEROFFICE</em> project, through which we've aimed to improve interoperability with other platforms through the use of common file extensions. Unlike most online platforms which convert between formats on their cloud infrastructure, we've had to develop new methods which process data entirely in your browser so that your private data is never revealed to anyone.</p>
<p><img src="https://blog.cryptpad.org/images/expected-conversion-workflows.png" alt="A graph of desired workflows for conversion between different formats based on the results of our user studies" /></p>
<p>Our <a href="https://blog.cryptpad.org/2021/10/21/Announcing-new-apps/">October status update</a> went further, announcing our integration of OnlyOffice's Document and Presentation editors. These are fully open-source and available to anyone self-hosting the platform but remain in <em>early access</em> for premium users on <a href="https://cryptpad.fr/">CryptPad.fr</a>. This phased release model is new for us, but so far it's been very effective as a means to solicit quality feedback from a few active users without us getting overwhelmed by duplicated bug reports.</p>
<h3>Community contributions</h3>
<p>Each new feature we add to the platform requires text in the form of labels for buttons, descriptions of the effects of different account and document settings, and of course various warnings, prompts, and error messages. CryptPad is hosted on hundreds of different servers all around the world and used by people who don't necessarily speak English or French. As such, all that text needs to be translated.</p>
<p>For the past few years, German-speaking members of our community have very reliably kept up with all the new text we've added, and have even gone as far as to translate our user guide. This year they've been joined by native speakers of Japanese, Russian, and Brazilian Portuguese to make the platform more accessible to a much broader range of people.</p>
<p><img src="https://blog.cryptpad.org/images/translations-status-2021-12.png" alt="Status of CryptPad's translations as of December 2021 with six languages at least 99% complete" /></p>
<h3>Project maintenance and administration</h3>
<p>Revenue from premium accounts on <a href="http://cryptpad.fr/">CryptPad.fr</a> goes towards answering premium support tickets first. Any funds that are left over are combined with donations to our <a href="https://opencollective.com/cryptpad">OpenCollective campaign</a> to fund all the work that isn't covered by our research grants. That allows us to review translations, keep our documentation up to date, write detailed release notes, triage bug reports, and answer questions submitted via email or social media.</p>
<p>This year there have been multiple occasions when a new version of a major browser broke support for critical features, forcing us to drop whatever we were doing at the time and find alternative solutions for these regressions. When code isn't simply rotting out from underneath us, there are always critical security notices that need to be attended to, most recently with the sudden disclosure of <a href="https://en.wikipedia.org/wiki/Log4Shell">vulnerabilities in the log4j library</a>.</p>
<p>This year we saw an increasing number of subscriptions and donations from our supporters which allowed us to keep up with these surprises and to catch up on a bit of a backlog of maintenance. It helped that 2021 was overall somewhat less surprising than 2020, but we don't want to rely on that continuing to be the case.</p>
<h2>What the future holds</h2>
<p>Our general plan for the coming year is to scale back the proportion of our budget which is covered by European research grants and to focus more heavily on projects sponsored directly by clients. To that end, we'll soon add a number of pages to our project website (<a href="https://cryptpad.org/">CryptPad.org</a>) which will differentiate the open-source project from our commercial offering on <a href="http://cryptpad.fr/">CryptPad.fr</a>. We'll list various support packages tailored for <em>education</em>, <em>enterprises</em>, and <em>NGOs</em>.</p>
<p><img src="https://blog.cryptpad.org/images/cryptpad-org-2021-12.png" alt="Screenshot of CryptPad.org, providing general information about the open-source project" /></p>
<p>Earlier this year we included options in the platform's admin panel to allow administrators to mark their instance as intended for public usage, and to opt-in to inclusion in a directory of public instances. We wanted to wait and see if there was sufficient interest in such a listing before we went to the trouble of building it. The good news is that at this point 11 operators have opted in, so it seems worthwhile to build. The bad news is that a number of these don't seem to be configured correctly. We plan to reach out to these administrators in the near future to rectify these concerns before including them in the directory.</p>
<h3>Wrapping up our the INTEROFFICE project</h3>
<p>The last remaining milestone for our INTEROFFICE project is to publish our client-side office conversion utilities as an open-source software library usable outside of CryptPad. After that our work and that of the other grantees will be evaluated by NGI DAPSI's expert reviewers, but this won't be the end of our efforts to improve office functionality.</p>
<p>Local computation (executing functions on your device instead of one in the cloud) is a critical component of privacy-respecting software, but there are other clear advantages to it. It enables more functionality to continue to operate when you are offline or on an unstable network connection. It also makes it feasible to host web services on less powerful devices, potentially making network infrastructure accessible to a wider audience. We hope that these diverse interests will align more developers to work toward the same goals for the public's benefit.</p>
<p>We plan to present the results of this project at FOSDEM in early February and hopefully to continue working with the broader community to make this approach the norm.</p>
<h3>Stronger and more diverse authentication measures</h3>
<p>Many administrators of third-party instances will be happy to hear that we're going to start working on adding support for identity provider services like LDAP and SSO. This will allow them to restrict who can access their services, adding an extra layer of security for existing users of their service.</p>
<p>We'll complement this top-down approach to security with another bottom-up method, employing various second-factor authentication methods to give individual users more control over access to their account. We hope to introduce both app-based TOTP and emailed magic links. We'll publish a survey in the near future to determine how to prioritize these and possibly other methods.</p>
<h3>Better support for offline access</h3>
<p>With all of our pending research projects wrapping up we're going to revisit some promising prototypes which we developed in late 2020. We experimented with using the <a href="https://developer.mozilla.org/en-US/docs/Web/API/Service_Worker_API">Service Worker API</a> to cache CryptPad's browser code, allowing it to be loaded as normal even while fully offline. The basic concept is pretty simple, but it required a lot of additional controls in the UI to choose to operate offline, to update the cached version, to allow persistent storage on the device to be used, and so on.</p>
<p>Solving these basic usability problems related to offline functionality will provide a solid basis for us to develop CryptPad to be more like a mobile or desktop application, paving the way for more advanced (and highly requested) features like filesystem synchronization.</p>
<h3>Accessibility</h3>
<p>We've corresponded with a number of groups that aim to improve the state of accessibility in open-source software, but we've lacked the time to follow through on their recommendations in a meaningful way. This is going to be a clear priority for our team with dedicated time on our roadmap in the new year.</p>
<h3>Hiring</h3>
<p>There's a lot more that we would like to do in 2022, but realistically the work described above is likely to take a lot of time to get right. In order to accomplish more of our goals we'll need to hire additional team members, possibly as many as three.</p>
<p>If you are a web application developer with an interest in privacy and usability we want to hear from you. Our team works remotely, but for accounting purposes we'd prefer candidates from within the EU. We offer flexible working hours, competitive salaries for western Europe, four-day weeks every second week, and the opportunity to serve the public interest through free software.</p>
<p>If you think you could help us accomplish our goals, send us (<a href="mailto:jobs@cryptpad.fr">jobs@cryptpad.fr</a>) a brief introduction and a CV or resume indicating your relevant qualifications or experience. We tend to receive a disproportionate number of applications from certain demographics. To account for that bias, we'd like to encourage members of communities that are underrepresented in the tech industry to overcome their hesitation and apply. We want to hear to from you!</p>
<h2>Get ready!</h2>
<p>We've gotten this far because we've had your help. You've introduced CryptPad to friends, family, and colleagues. You've written <a href="https://marker.io/blog/write-bug-report">great bug reports</a> that have helped us find and fix stubborn problems. You've <a href="https://social.weho.st/@cryptpad">boosted</a>, <a href="https://twitter.com/cryptpad">retweeted</a>, and <a href="https://pixelfed.social/cryptpad_design">liked</a> our updates. You've <a href="https://weblate.cryptpad.fr/projects/cryptpad/app/">translated the platform</a> for your community, <a href="https://cryptpad.fr/accounts/">subscribed to a premium subscription</a>, <a href="https://opencollective.com/cryptpad">donated to our cause</a>, all of which have had a tremendous impact.</p>
<p>We're extremely grateful for all your support, proud of what we've created together, and excited to continue this journey with you in the new year!</p>
<p>See you in 2022!</p>
November 2021 status: Talks and testimonials2021-11-24T15:12:48Zhttps://blog.cryptpad.org/2021/11/24/status-2021-11/This month we released some minor fixes with 4.12.1. We have been busy making preparations for the upcoming upgrade to OnlyOffice 6.4.2.<p>This month we released some minor fixes with <a href="https://github.com/xwiki-labs/cryptpad/releases/tag/4.12.1">4.12.1</a>. We have been busy making preparations for the upcoming upgrade to OnlyOffice 6.4.2. This will include the much-requested conditional formatting in Sheets and dark mode support. We have also spent time considering strategy and long-term goals as we prepare the project website, which brings us to:</p>
<h2>Call for project site testimonials</h2>
<p>As we have <a href="https://blog.cryptpad.org/2021/09/15/Relocating-our-blog/">mentioned before</a> we are currently working on a project website for CryptPad. This will be used to promote the project and to better communicate the distinction between CryptPad and <a href="http://cryptpad.fr/">cryptpad.fr</a> (the flagship instance).</p>
<p>The new site will include a public instance list, new pricing for hosted instances, and pages tailored to various sectors such as NGOs, education, and enterprise.</p>
<p>We are planning to include testimonials on the site. If you use CryptPad and have a few minutes to share some words of support using <a href="https://cryptpad.fr/form/#/2/form/view/1NDX7MEkhzNz1FCrcjCxmvjgIj24QjWNncZygR60Ch8/">our new survey</a>, that would be much appreciated.</p>
<h2>Recent and upcoming talks</h2>
<p>Ludovic presented CryptPad at the <a href="https://www.campus-du-libre.org/prog.php">Campus du Libre</a> on 6th November in Lyon. We don't have video (yet) but the <a href="https://www.campus-du-libre.org/Supports/CampusDuLibre2021-CryptPad.pdf">slides are online</a> (in French).</p>
<p>David will present CryptPad to a healthcare and free software audience on December 10th as part of <a href="https://www.gnuhealthcon.org/2021/">GNU Health Con 2021</a>.</p>
<p><img src="https://blog.cryptpad.org/images/GHcon.png" alt="Promotion image for CryptPad at GNU Health Con 2012" /></p>
<p>That's it for this month. We are looking forward to launching the new OnlyOffice editors, you will probably read about that in the next status update.</p>
October 2021 status: A pitch and a farewell 2021-10-27T10:57:29Zhttps://blog.cryptpad.org/2021/10/27/status-2021-10/This month we released CryptPad 4.12 with some much anticipated new applications.<p>This month we released CryptPad <a href="https://github.com/xwiki-labs/cryptpad/releases/4.12.0">4.12</a> with some much anticipated new applications.</p>
<h2>NGI DAPSI Pitch Day</h2>
<p>On the first day of the month we took part in the DAPSI Pitch Day. All of the funded projects gave updates on their progress. We were in very good company alongside <a href="https://delta.chat/">Delta Chat</a>, <a href="https://postmarketos.org/">postmarketOS</a>, and <a href="https://dapsi.ngi.eu/meet-the-round-2-innovators-moving-to-phase-2/">many more</a>. All projects were succesful in moving to phase 2.</p>
<p><a href="https://twitter.com/cryptpad/status/1443875782376542231"><img src="https://blog.cryptpad.org/images/DAPSI_pitch_tweet.png" alt="Tweet from NGI DAPSI about the pitch day" /></a></p>
<p>We were happy to present the progress on INTEROFFICE, our project to improve the import/export of popular office formats to/from CryptPad. Most of the technical work on Web Assembly converters is done. This means all conversions happen in the browser (rather that on the server like in most other tools) and we can do this without seeing any of the content that is being converted.</p>
<p>Part of the project is to release this work as open-source packages so other projects can benefit from this work. We are planning to do this in December once the libraries have been thoroughly tested on CryptPad.</p>
<p><img src="https://blog.cryptpad.org/images/open-in_preview.png" alt="Preview of the new "Open in..." feature. Right clicking a compatible file in the drive shows this menu" /></p>
<p>CryptPad users will benefit too, with new functionality becoming available on the platform. Files in popular formats such as .docx, .xlsx, .pptx, .odt, .ods, and .odp are no longer being treated only as static files once they are uploaded to CryptPad. A new menu item called "Open in ..." makes them editable in the corresponding application. Which brings us to:</p>
<h2>Two new app releases</h2>
<p>We have long been planning to add OnlyOffice's Document and Presentation applications to CryptPad, completing the suite that started with Spreadsheet in 2019. The improved inter-operability we built with INTEROFFICE makes this a good time to finally release these applications, to make the most our of the new imports and exports. As part of the <a href="https://github.com/xwiki-labs/cryptpad/releases/4.12.0">4.12 release</a> we launched these new apps as "early access", which means only subscribers on <a href="http://cryptpad.fr/">cryptpad.fr</a> can create new documents and they are available on other instances if administrators opt-in. We <a href="https://blog.cryptpad.org/2021/10/21/Announcing-new-apps/">wrote about this in more detail in our last post</a>.</p>
<p><img src="https://blog.cryptpad.org/images/OO-doc-preview.png" alt="Preview of the new Document application." /></p>
<p><img src="https://blog.cryptpad.org/images/OO-slide-preview.png" alt="Preview of the new Presentation application." /></p>
<p>This launch made us reconsider our current release schedule. We may revisit this in the near future and move towards a slower pace where each release would have bigger changes. This would potentially come with a more readable naming scheme as well, perhaps taking a leaf out of Canonical's playbook where Ubuntu releases are time-stamped rather than numbered. We will come back to this, likely in the new year, and write about any changes here.</p>
<h2>NGI0 PET coming to an end</h2>
<p>This month marks the end of the <a href="https://nlnet.nl/PET">NGI0 <em>Privacy Enhancing Technologies</em></a> program (previously known as NLnet PET), that will wrap up on October 31st. CryptPad has benefited a lot from this funding, with 3 projects over 3 years. To name but a few, these are some of the major features that were made possible through this support:</p>
<ul>
<li>Teams (incl. team drive, roles, etc)</li>
<li>Full documentation for users, administrators, and developers</li>
<li>Calendars</li>
<li>The Form application</li>
</ul>
<p>We are very thankful for this ongoing support. NGI0 created an approachable way for development teams like ours to access funds from the European Commission, creating real impact with minimal red tape. The fund was established by NLnet with financial support from the European Commission's <a href="https://ngi.eu/">Next Generation Internet</a> programme, under the aegis of DG Communications Networks, Content and Technology under <a href="https://cordis.europa.eu/project/id/825310">grant agreement No 825310</a>.</p>
<p>This concludes this month's updates. Next up for the team is some thorough testing of the new applications and fixing any issues that get reported by early-access testers. Besides this we will be continuing with work on INTEROFFICE towards the project conclusion in January 2022.</p>
Announcing two new applications in early access: Document and Presentation2021-10-21T11:14:03Zhttps://blog.cryptpad.org/2021/10/21/Announcing-new-apps/Today we are beginning to roll out some major new features for CryptPad. We have integrated the two remaining OnlyOffice editors for text documents and presentations into CryptPad's real-time encrypted collaboration engine. This completes the OnlyOffice suite, as spreadsheets have been available for some time.<p>Today we are beginning to roll out some major new features for CryptPad. We have integrated the two remaining <a href="https://www.onlyoffice.com/">OnlyOffice</a> editors for text documents and presentations into CryptPad's real-time encrypted collaboration engine. This completes the OnlyOffice suite, as spreadsheets have been available for some time. Like our spreadsheet editor, these two new applications <a href="https://docs.cryptpad.fr/en/FAQ.html#what-is-the-relationship-between-cryptpad-and-onlyoffice">only rely on OnlyOffice's client-side components, not its server</a>.</p>
<p>This work is combined with our ongoing efforts to improve import and export of documents funded by <a href="https://dapsi.ngi.eu/">NGI DAPSI</a>. As a result CryptPad will be much more inter-operable with existing office suites and their file formats, for example with the ability to import and export <em>docx</em>, <em>pptx</em>, and <em>xslx</em> files, as well as the open document formats <em>odt</em>, <em>odp</em>, and <em>ods</em>. Additionally, documents in these formats that are uploaded to CryptPad will no longer be treated only as static files. A new "Open in" menu makes them editable in the corresponding CryptPad application.</p>
<p><img src="https://blog.cryptpad.org/images/OO-doc-preview.png" alt="Preview of the new Document application." /></p>
<p><img src="https://blog.cryptpad.org/images/OO-slide-preview.png" alt="Preview of the new Presentation application." /></p>
<p>When we launched OnlyOffice spreadsheets <a href="https://github.com/xwiki-labs/cryptpad/releases/2.16.0">at the beginning of 2019</a> we were inundated with support tickets as teething issues inevitably surfaced. As a team of three people handling both development and the administration of <a href="http://cryptpad.fr/">cryptpad.fr</a>, support is a key part of our work but also the most time consuming. With two new OnlyOffice applications included in this launch we are very conscious of the risk that our effort to provide an accessible service interferes with our practical ability to improve its underlying technology. The solution we have settled on is to launch the new Document and Presentation applications as <em>early access</em>.</p>
<p>On <a href="http://cryptpad.fr/">cryptpad.fr</a> this means that — at least for now — only people with a subscription will be able to create new documents and presentations in the new applications. They will see a warning that these applications are experimental and should not yet be trusted with important data. Anyone else will be able to open and/or edit these documents as normal when they are shared. Based on how this initial period goes, we'll decide how and when to relax these limitations.</p>
<p>To be clear, CryptPad is free software and will remain as such. The code for these new integrations is freely available, and will be available to all other CryptPad instances if the administrators choose to enable early-access applications.</p>
<p>We think this gradual rollout will result in a smoother launch and ultimately in a better experience with CryptPad for everyone. We are not interested in putting paywalls around various parts of the platform but we do have to find ways to manage our workloads in order to continue developing it. Projects such as NGI DAPSI come with deadlines that have to be met in order for us to receive their funding.</p>
<p><em>Early access</em> means that everything remains open-source, and eventually will be available to everyone. It rewards people who support the project with a first view of much anticipated applications. This is a new thing for us, but we believe this delay to access new applications is a relatively minor step. The bigger picture is that we are working towards the long-term success of CryptPad. This involves being fully funded by our users while they currently account for only 1/3 of our budget (subscriptions on <a href="http://cryptpad.fr/">cryptpad.fr</a> and donations combined). EU research projects such as NGI DAPSI currently cover the remaining 2/3. We have more ideas to encourage people to support the project, and to involve them in the future of the platform. One of them is giving subscribers a vote on our roadmap to decide which new features get prioritized. We will come back to this in due course.</p>
<p>Everyone benefits from sustainable open-source. Our recent work has advanced the state of the art in document conversion in the browser, rather than on the server where user data is exposed. This will be released independently of CryptPad so other projects can reuse it. If you are eager to see this in action, and to test the new Document and Presentation applications, please consider subscribing to a plan on <a href="https://cryptpad.fr/">cryptpad.fr</a> to help make CryptPad sustainable for everyone.</p>
September 2021 status: Changing seasons2021-09-27T16:44:43Zhttps://blog.cryptpad.org/2021/09/27/status-2021-09/September is always a busy month for us as many people return from holidays to their regular schedules. Along with the changing of the physical seasons, we're marking a number of project milestones as well.<p>September is always a busy month for us as many people return from holidays to their regular schedules. Along with the changing of the physical seasons, we're marking a number of project milestones as well.</p>
<h2>Dropping support for Internet Explorer</h2>
<p>Microsoft's Office365 platform officially stopped supporting Internet Explorer 11 in August, and we decided it was a good time to do the same. Up until our <a href="https://github.com/xwiki-labs/cryptpad/releases/tag/4.11.0">4.11 release</a> we were careful to maintain compatibility with this browser that had not received any new features since 2013. Moving on from IE lets us rely on modern functionality, simplifying our code and making CryptPad smaller and faster to load.</p>
<h2>End of NLnet PET</h2>
<p>As described in our <a href="https://social.weho.st/web/statuses/106901028968963691">toots</a> and <a href="https://twitter.com/cryptpad/status/1435901167524007936">tweets</a> on September 9th, <em>4.11</em> also included significant improvements to our <em>Forms</em> app. With this second round of changes deployed we are nearly ready to close our <a href="https://nlnet.nl/project/CryptPadForms/">third and final NLnet PET project</a> before NLnet foundation concludes their NGI0 <em>Privacy-Enhancing Technologies</em> program.</p>
<p>NLnet's advocacy for open-source software and direct support of its developers has had an incredible impact on our project and hundreds of others like it. If you haven't already done so, now is a great time to skim through the list of <a href="https://nlnet.nl/project/current.html">projects they've funded</a> to count how many of them you personally use!</p>
<h2>DAPSI Phase 2</h2>
<p>We're also approaching a milestone for the <a href="https://dapsi.ngi.eu/">NGI DAPSI</a> project that we've been working on in parallel. We'll present our latest research into client-side file format conversion, including some prototypes that we hope to deploy later in the year and our findings from the survey on file format conversion requirements that closed earlier this month. If all goes well we will receive a second round of funding to continue with the proposed work plan.</p>
<h2>A brief pause in our regular release schedule</h2>
<p>The next few weeks are likely to be quite intense for us. We'll be focused on wrapping up our current projects and preparing to launch a new round of projects for 2022. There are several very promising opportunities on our horizon and it looks like we're going to have to hire to be able to follow through on all of our plans.</p>
<p>We'll announce exactly what positions we're looking to fill within our team and provide updates to our roadmap as soon as a few more details are finalized. A number of important deadlines happen to coincide in a short timespan, so we'll take a short break from our regular release cycle and resume our usual pace later in October.</p>
<p>Until then, thanks to all our supporters!</p>
Relocating our blog2021-09-15T08:32:06Zhttps://blog.cryptpad.org/2021/09/15/Relocating-our-blog/This is just a quick announcement to say that we've moved our blog from blog.cryptpad.fr to blog.cryptpad.org.<p>This is just a quick announcement to say that we've moved our blog from <strong><a href="http://blog.cryptpad.fr/">blog.cryptpad.fr</a></strong> to <strong><a href="http://blog.cryptpad.org/">blog.cryptpad.org</a></strong>. Visitors to the old URL will be automatically redirected to the new one. Anyone who has subscribed to its RSS feed will continue to get updates for the new address.</p>
<p>This blog is the first of a few services that we plan to host under the <em><a href="http://cryptpad.org/">CryptPad.org</a></em> domain. Our goal is to provide some better separation between <em>CryptPad</em> (the open-source project) and <em><a href="http://cryptpad.fr/">CryptPad.fr</a></em> (the public instance that we host). In the near future we plan to introduce a project website featuring general information, an overview of our roadmap and finances, and a directory of public instances.</p>
August 2021 status: Forms hackathon and a new social media account2021-08-26T13:25:32Zhttps://blog.cryptpad.org/2021/08/26/status-2021-08/This month the team has been operating at reduced capacity as we took turns taking much needed breaks. There is less than usual to report on so this status update will be a short one.<p>This month the team has been operating at reduced capacity as we took turns taking much needed breaks. There is less than usual to report on so this status update will be a short one. Rest assured however that lots of things are in preparation for the near future.</p>
<p>We released CryptPad version <a href="https://github.com/xwiki-labs/cryptpad/releases/tag/4.10.0">4.10.0</a> with some inital improvements to Forms.</p>
<h2>Forms hackathon</h2>
<p>August was the time for the yearly XWiki seminar (held mostly virtually again this year). During the traditional hackathon sprint we worked on presenting Form responses in a more appealing and useful way, using basic bar charts.</p>
<p><img src="https://blog.cryptpad.org/images/forms_chart_timeline.png" alt="Experiments with Charts.css" /></p>
<p>We experimented with <a href="https://chartscss.org/">Charts.css</a> at first, and were impressed. In the end there were too many tweaks necessary to make it work with CryptPad styles, so we ended up re-implementing our own minimal table-based bar charts. These are now used on the response page to show a timeline of responses and visualise question results.</p>
<p><img src="https://blog.cryptpad.org/images/forms_graphs.png" alt="The new graphs on the Form response page" /></p>
<p>We will re-use these charts where relevant on the rest of the platform. For example the admin panel now <a href="https://pixelfed.social/p/cryptpad_design/334240738311278592">shows a graph of instance performance</a>.</p>
<p>There is a lot more coming to Forms. We are currently working on a host of new features and improvements to address issues and requests raised during our research over the summer. All of this will be covered in next month's post (hopefully), for now I will leave you with this teaser:</p>
<iframe src="https://pixelfed.social/p/cryptpad_design/336067660808851456/embed?caption=true&likes=false&layout=full" class="pixelfed__embed" style="max-width: 100%; border: 0" width="400" allowfullscreen="allowfullscreen"></iframe><script async="" defer="" src="https://blog.cryptpad.org/js/pixelfed-embed.js"></script>
<h2>@cryptpad_design on Pixelfed</h2>
<p>As you may have noticed, the image above is embedded from the <a href="https://pixelfed.social/cryptpad_design">@cryptpad_design</a> account on <a href="https://pixelfed.org/">Pixelfed</a>. This is a new experiment in communicating about the design work that goes into CrytpPad. Pixelfed is part of the fediverse, so you can follow from accounts on Mastodon, Pleroma, etc (there is also an <a href="https://pixelfed.social/users/cryptpad_design.atom">RSS feed</a>). Followers will get sneak previews of upcoming features, random screenshots, and highlights of FOSS design tools. Subscribe if that sounds interesting to you.</p>
<p>This wraps up our news for this month. The team is busy with Forms v2 and there will be lots to talk about in the near future. In the meantime, <a href="https://cryptpad.fr/form/#/2/form/view/kdhTrcywvS+ToQ3r4DI75sbfz+uyUPlHRWJhyWF7pVI/">our research survey about document import/export</a> is still open for feedback to inform our future work improving document conversions.</p>
July 2021 status: Research on Forms and file import/export2021-06-29T11:24:33Zhttps://blog.cryptpad.org/2021/06/29/status-july-2021/This month we released two versions of CryptPad. 4.8.0 included some early work on INTEROFFICE format conversions. 4.9.0 addressed some early feedback on the Forms application as well as requests for a way to add links (URLs) to the Drive and to share them with contacts.<p>This month we released two versions of CryptPad. <a href="https://github.com/xwiki-labs/cryptpad/releases/tag/4.8.0">4.8.0</a> included some early work on <a href="https://dapsi.ngi.eu/meet-interoffice-and-its-cryptpad-project/">INTEROFFICE</a> format conversions. <a href="https://github.com/xwiki-labs/cryptpad/releases/tag/4.9.0">4.9.0</a> addressed some early feedback on the Forms application as well as requests for a way to add links (URLs) to the Drive and to share them with contacts.</p>
<p>During both release cycles, since the launch of Forms last month, we have been conducting a lot of research. First about the use of the Forms application itself, and now also to inform work on INTEROFFICE.</p>
<h2>Forms survey and interviews</h2>
<p><img src="https://blog.cryptpad.org/images/forms-usage-pie-chart.png" alt="The majority of more than 300 participants in our survey indicated that they use forms in a professional or research context" /></p>
<p>The first thing we did after launching the new Forms application was to use it to survey people on <a href="http://cryptpad.fr/">cryptpad.fr</a>. We asked them about their use of online forms and recruited some volunteers for one-to-one interviews. These are still ongoing. Once they are complete and analyzed, we will use all of the findings to inform the next round of developments on Forms.</p>
<p>In the meantime, <a href="https://github.com/xwiki-labs/cryptpad/releases/tag/4.9.0">4.9.0</a> included some minor improvements (e.g. randomizing ordered-list questions) and bug fixes based on early feedback. Unfortunately one of the bugs affected our own <a href="https://cryptpad.fr/form/#/2/form/view/kdhTrcywvS+ToQ3r4DI75sbfz+uyUPlHRWJhyWF7pVI/">survey about file import/export</a> (see next section). We found that setting an expiration date far enough into the future (above 23 days) caused the Submit button to disappear. So if you filled it out and weren't able to submit, know that this is now fixed!</p>
<h2>INTEROFFICE survey</h2>
<p>We have started work on INTEROFFICE, our project about improving conversion between document formats in CryptPad (and in the browser in general). We already have some knowledge of requested conversions from a couple years worth of support tickets and feature requests. However after seeing the relatively high number of responses to the Forms survey (300+), we decided to conduct one for file import/export to get even more insight into what people use and request.</p>
<p>The <a href="https://cryptpad.fr/form/#/2/form/view/kdhTrcywvS+ToQ3r4DI75sbfz+uyUPlHRWJhyWF7pVI/">File import/export survey</a> will be open until the 8th of September. Please fill it out if you haven't already, and now you can actually submit!</p>
<h2>Other news</h2>
<p>The work on INTEROFFICE also includes a series of business mentoring sessions as part of the DAPSI project. This month we started putting some of the advice received into practice by preparing a new project website that we hope to launch this fall. This will include a list of public instances to share the load of free users with <a href="http://cryptpad.fr/">cryptpad.fr</a>. The project site will be separate from the flagship instance and it will offer a range of services to host your own instance, from one day installation help to fully managed service.</p>
<p><img src="https://blog.cryptpad.org/images/cryptpad-in-japanese.png" alt="CryptPad's home page in Japanese" /></p>
<p>🇯🇵 CryptPad is now fully translated to Japanese. Big thanks to <a href="https://mstdn.progressiv.dev/@suguru">@suguru@mstdn.progressiv.dev</a> for all the work!</p>
<p>This wraps up our news for the month. The coming cycle will be on the quiet side as the team takes turns taking much needed breaks.</p>
June 2021 status: Forms and a call to instance administrators2021-06-28T11:24:33Zhttps://blog.cryptpad.org/2021/06/28/status-june-2021/This month we released two versions of CryptPad. 4.6 was a stability update addressing many minor issues while the team prepared for 4.7 and a major new feature: the new Forms application.<p>This month we released two versions of CryptPad. <a href="https://github.com/xwiki-labs/cryptpad/releases/tag/4.6.0">4.6</a> was a stability update addressing many minor issues while the team prepared for <a href="https://github.com/xwiki-labs/cryptpad/releases/tag/4.7.0">4.7</a> and a major new feature: the new <em>Forms</em> application.</p>
<h2>Say hello to Forms!</h2>
<p><img src="https://blog.cryptpad.org/images/form-preview.png" alt="Preview of the new Form application" /></p>
<p>The <em>Poll</em> application in CryptPad was aimed at choosing a meeting date between a group of people. However it had some major shortcomings including "all or nothing" edit rights where participants could modify other people's answers. Part of our <a href="https://nlnet.nl/project/CryptPadForms/">Dialogue</a> project proposal was to address these issues in a complete re-write of the application. Another aspect of the project aims to provide a new application for online surveys beyond simple polls.</p>
<p>The new <em>Form</em> application is an answer to both of these proposals. Polls are now one of 8 question types that can be added to an online form. Earlier in the project we <a href="https://blog.cryptpad.fr/2021/04/26/status-april-2021/">spun out the reminders API element of forms into a full blown calendar app</a>. With <em>Forms</em> we are merging a variety of use cases into one application. As we have <a href="https://social.weho.st/@cryptpad/106419898274848746">indicated</a> polls created with the old application remain available, but the creation of new ones is discouraged and all our future development efforts will be directed at <em>Forms</em>.</p>
<p>We released the first Beta version of forms with CryptPad <a href="https://github.com/xwiki-labs/cryptpad/releases/tag/4.7.0">4.7.0</a> (on June 16th). There are many things we still want to improve, including:</p>
<ul>
<li>Export of responses (e.g. to .CSV)</li>
<li>Better visualization of responses (e.g. with simple bar charts)</li>
<li>"Required" questions that would print an error if left empty</li>
<li>Notifications for form authors (e.g. when someone has responded)</li>
<li>A default "poll" template to make it easy to replicate the behaviour of the deprecated <em>Poll</em> app</li>
</ul>
<p>We are gathering feedback on these and anything else that might be improved, using the <em>Form</em> app itself for a feedback survey that is open until <strong>July 12th</strong>. Please <a href="https://cryptpad.fr/form/#/2/form/view/gYs4QS7DetInCXy0z2CQoUW6CwN6kaR2utGsftDzp58/">let us know of any comments on the application</a> and what you would like to see improved, especially if you use online forms regularly. We really appreciate the time of nearly 100 people who have already sent in their comments. These will inform our work as we improve <em>Forms</em> this summer.</p>
<p>Details on how to use the <em>Form</em> application are available in the <a href="https://docs.cryptpad.fr/en/user_guide/apps/form.html">CryptPad User Guide</a>.</p>
<h2>A call to instance administrators</h2>
<p>This month we sent out our first—and last—mass email to CryptPad instance administrators. This was a strange feeling for a team that spends most of its time working on ways to <strong>not</strong> know anything about its users. However we felt that version 4.7.0 was a good time to remind all admins to upgrade to latest version, and to ask for their consent for future communications as this is now managed directly from the admin panel.</p>
<p>First of all, how did we have their email? The configuration for a new instance includes providing an email contact for the administrator, and this is sent to the development team in the daily "ping" that lets us know how many declared CryptPad instances are active. This is all detailed in the configuration file that admins read when setting up their instance.</p>
<p>In both releases this month we have made improvements to the administration panel of CryptPad instances. More settings, such as the setup for the Support ticket mailbox, are now available from the panel rather than buried in configuration files. This also includes new settings for administrators to manage how they communicate (or not) with the development team.</p>
<p>The "mass email" was to encourage all administrators to upgrade to the latest 4.7.0 version in order to 1) benefit from all of the new features and security improvements made to CryptPad in the last few months (or years depending on the version they were on) and 2) manage further communication with the development team going forward. These communications will include security notifications and other things such as inclusion in a directory of open instances that we are working on setting up.</p>
<hr />
<p>There is one last bit of news to wrap up: CryptPad is now included in <a href="https://catalogue.numerique.gouv.fr/solutions/cryptpad">Catalogue GouvTech, a software directory curated by the French state</a></p>
<p>The next month will be spent improving <em>Forms</em> and starting work on our <a href="https://blog.cryptpad.fr/2021/04/26/status-april-2021/">INTEROFFICE project</a> for <a href="https://dapsi.ngi.eu/">DAPSI</a>, working towards improved import/export and document conversions from within CryptPad.</p>
May 2021 status: Communities wrap up and initial work on Forms2021-05-26T14:05:00Zhttps://blog.cryptpad.org/2021/05/26/status-may-2021/This month we released CryptPad 4.5.0, featuring the public debut of the Calendar application that was in beta since 4.4.0.<p>This month we released CryptPad <a href="https://github.com/xwiki-labs/cryptpad/releases/4.5.0">4.5.0</a>, featuring the public debut of the Calendar application that was <a href="https://blog.cryptpad.fr/2021/04/26/status-april-2021/">in beta since 4.4.0</a>.</p>
<p>We reached a couple of milestones this month with over 100K registered users on <a href="http://cryptpad.fr/">cryptpad.fr</a>, the end of the Communities project, and the start of Interoffice (DAPSI).</p>
<p><img src="https://blog.cryptpad.org/images/calendar-dark.png" alt="The calendar application shown in dark mode, now ready for public use!" /></p>
<h2>Wrapping up the Communities project</h2>
<p>Besides Calendars, CryptPad 4.5.0 also introduced <em>restricted registrations</em> for administrators who want to limit access to their instance.</p>
<p>On the documentation side, version 4.5.0 was in fact the first <em>complete</em> release with all three guides: User, Developer, and <a href="https://docs.cryptpad.fr/en/admin_guide/index.html">the new Administrator guide</a> with instructions to install and maintain a CryptPad instance in production. Additionally, admins can now check that their installation is complete and well configured with an improved <code>/checkup/</code> page.</p>
<p>The <a href="https://github.com/xwiki-labs/cryptpad-documentation">documentation GitHub repo</a> remains open for feedback and/or contributions, and please see <a href="https://weblate.cryptpad.fr/projects/user-guide/">Weblate</a> for translations of the User Guide (note that the developer and admin guides are in English only to keep translation of the user guide manageable).</p>
<p>Restricted registrations and the admin guide were the remaining two deliverables for the <a href="https://nlnet.nl/project/Cryptpad-Communities/">Communities project</a>. For a summary of all features implemented for this project over the last few months, visit our <a href="https://cryptpad.fr/kanban/#/2/kanban/view/PLM0C3tFWvYhd+EPzXrbT+NxB76Z5DtZhAA5W5hG9wo/">public roadmap</a> and filter with the "communities" tag.</p>
<p>While we are on the topic of wrapping up projects, Aaron took part in the <a href="https://www.ngi.eu/event/ngi_trust-webinar-results-6/?instance_id=519">6th NGI TRUST Results Webinar</a> and summarised our work for that project which <a href="https://blog.cryptpad.fr/2021/02/24/status-feb-2021/">we completed last February</a></p>
<h2>Preparations for Forms</h2>
<p>With some projects completed we can now turn another major milestone ahead: the <a href="https://nlnet.nl/project/CryptPadForms/">Dialogue project</a> and a new app: Forms. This will allow for the creation of surveys and questionnaires with use-cases ranging from finding a meeting date to conducting research in a secure and private manner. We are only in the initial stages of development but once completed the Forms app will gradually replace our current Polls and their many shortcomings (such as anyone being able to modify anyone else's answers). If you use Polls currently, rest assured that the new app will provide the same functionality and more. The migration strategy remains to be finalised but existing Polls will remain available through the transition.</p>
<h2>Coverage</h2>
<p>Finally, the team took part in a couple of events this month. Ludovic Dubost was <a href="https://www.capdigital.com/en/dapsi-2nd-open-call-results-are-out-discover-one-of-the-winners-xwiki/">interviewed about INTEROFFICE</a>, our upcoming project as part of the DAPSI grant.</p>
<p>CryptPad was featured as part the of the <a href="https://3rd.obfuscationworkshop.org/">3rd Workshop on Obfuscation</a>, a fascinating online event running on open-source software. We presented the poster below in the exhibition space. Click for <a href="https://cryptpad.fr/file/#/2/file/LSBSej8liq5+v+igXgS6vDXA/">the PDF version</a>.</p>
<p><img src="https://blog.cryptpad.org/images/cryptpad-poster.png" alt="The CryptPad poster presented at the workshop" /></p>
April 2021 status: Calendars and a major new research project2021-04-26T14:05:43Zhttps://blog.cryptpad.org/2021/04/26/status-april-2021/This month we released CryptPad 4.4.0, and 4.5.0 is just around the corner: a new calendar app, improvements for instance administrators, and a new research project<p>This month we released CryptPad <a href="https://github.com/xwiki-labs/cryptpad/releases/4.4.0">4.4.0</a>, and 4.5.0 is just around the corner. From a user perspective, these two releases bring some major new functionality in the form of a calendar app. We have also made some improvements for instance administrators by introducing instance-wide "broadcasts". Finally there are some exciting things on the horizon as we have secured funding for a new research project.</p>
<h2>Calendar</h2>
<p>The new calendar app made its debut as a <a href="https://social.weho.st/@cryptpad/106064064521575394">BETA preview</a> in 4.4.0 and will be fully released in 4.5.0. This application is not directly funded by any of our current research projects, but rather makes the most out of the <a href="https://nlnet.nl/project/CryptPadForms/">Dialogue project</a> funded by NLNet/NGI Zero. For Dialogue, we have planned a full re-write of our current Polls app as well as a new Survey app (see <a href="https://cryptpad.fr/kanban/#/2/kanban/view/PLM0C3tFWvYhd+EPzXrbT+NxB76Z5DtZhAA5W5hG9wo/">our roadmap</a> for more details). Both of these include a <strong>Reminders API</strong> to notify authors, for example when surveys are completed. Rather than limit this API to the upcoming apps, we took this as an opportunity to bring full calendar functionality to CryptPad. When it is released, the calendar app will include the following features:</p>
<ul>
<li>Creation of calendars and events for CryptPad users and teams.</li>
<li>A typical calendar UI with month, week, and day views, drag and "resize" events, etc thanks to <a href="https://ui.toast.com/tui-calendar">Toast UI</a>.</li>
<li>Sharing calendars similarly to any other CryptPad document (access rights, sharing with contacts, via a link, etc).</li>
<li>Import/Export of .ics files for interoperability with other calendar apps.</li>
<li>Setting reminders for events, and receiving reminders as CryptPad notifications.</li>
</ul>
<p><img src="https://blog.cryptpad.org/images/BETA-calendar-preview.png" alt="A beta preview of the calendar application" /></p>
<p>We are aware that some features are missing, such as recurring events. This is likely to generate some "feature request" messages from users that we will have no funded time to address. However our hope is that this initial feature set still brings enough benefits to CryptPad users on the whole to make it worthwhile.</p>
<h2>Admin Broadcasts</h2>
<p>Another part of the Dialogue project is to enable administrators to <strong>broadcast</strong> messages to all users on their instance. This is now possible as of version 4.4.0, with the following use-cases available in the Broadcast tab of the Administration panel:</p>
<ul>
<li><strong>Maintenance</strong>: to notify users of planned work that may disturb their use of the platform. Admins enter a start and end time and users receive notifications prior and during the planned maintenance.</li>
<li><strong>Survey</strong>: to direct users to a survey via an external link. Admins enter the survey URL and users receive a notification and a survey link in the user menu. Users of <a href="https://cryptpad.fr/">cryptpad.fr</a> can make use of this with our new survey to gather feedback on their usage.</li>
<li><strong>Custom message</strong>: to send any message as a notification to all instance users. The message can be translated in all languages available on CryptPad, and will be seen by new users registering as long as it remains active.</li>
</ul>
<p>Instance administrators are set to receive more support as we wrap up our <a href="https://nlnet.nl/project/Cryptpad-Communities/">Communities</a> project. The last of our 3 documentation guides will cover instance installation and administration, and the only remaining feature of the project will allow admins to restrict registration on their instance.</p>
<p>While we are on the topic of administration, we have added <a href="https://github.com/xwiki-labs/cryptpad/commit/4d5d809447130710728ea85caf53c38f084ebb26">one line</a> to the <a href="https://github.com/xwiki-labs/cryptpad/blob/main/docs/example.nginx.conf">example Nginx configuration</a> for CryptPad.</p>
<pre class="language-diff"><code class="language-diff"><span class="token inserted-sign inserted"><span class="token prefix inserted">+</span><span class="token line"> add_header Permissions-Policy interest-cohort=();</span></span></code></pre>
<p>This opts the instance out of <a href="https://www.eff.org/deeplinks/2021/03/googles-floc-terrible-idea">Google's FLoC network</a>, we encourage all administrators to make this change.</p>
<h2>INTEROFFICE for DAPSI</h2>
<p>Finally, we are delighted to announce that we have secured €100K in funding from the <a href="https://dapsi.ngi.eu/">NGI Data Portability & Services Incubator</a> (DAPSI). Our project is called INTEROFFICE: INTER-operable Office File Formats Integrated with Client-side Encryption.</p>
<p>Our focus in this project will be to develop solutions for converting documents to/from popular office formats (.xlsx, .docx, .odt, .csv, etc). There are, of course, already solutions to this problem but none that operate solely <em>in the browser</em> which makes them unsuitable for CryptPad. Our experience with .xslx import/export in CryptPad Sheets has been useful to us in scoping out this space, and in confirming how lacking it currently is. Our goal with INTEROFFICE is to bring multi-format document conversions to the client, and to CryptPad, which we hope will:</p>
<ul>
<li>Address a common barrier to the adoption of CryptPad (unsupported office formats).</li>
<li>Make it easier for users to retain local copies of their documents, integrate them in broader office workflows, or simply leave the platform with their data.</li>
<li>Make CryptPad more versatile and useful.</li>
<li>Make it easier for anyone else working in this space to do client-side document conversions since we plan to release this work as open-source modules.</li>
</ul>
<p>We are excited to start work on this, and will use future monthly status posts to keep everyone updated on progress.</p>
March 2021 status: Public roadmap and Spreadsheet updates2021-03-29T11:58:46Zhttps://blog.cryptpad.org/2021/03/29/status-march-2021/This month we released two versions of CryptPad, 4.2 and 4.3. Both improved CryptPad's stability and performance<p>This month we released two versions of CryptPad, 4.2 and 4.3. Both improved CryptPad's stability and performance:</p>
<ul>
<li>Version 4.2 saw Offline mode extended to Teams, shared folders within teams, and files. <a href="https://social.weho.st/@cryptpad/105825790198276067">Summary on Mastodon</a></li>
<li>Version 4.3 focused on improving "intensive" use cases, defined as 1200+ concurrent viewers on the same document, or 10+ editors all writing at once. <a href="https://social.weho.st/@cryptpad/105950727247053276">Summary on Mastodon</a></li>
</ul>
<p>In this status we'll focus on long requested updates to Spreadsheets and on other activities of note for the month.</p>
<h2>Spreadsheet updates</h2>
<p>We made a couple of important updates to the Spreadsheets application this month. First we enabled OnlyOffice's <em>Strict</em> collaboration mode, in addition to the <em>Fast</em> mode that was already integrated. In Fast mode, which remains the default, new edits are synchronized automatically between users as they are made. In Strict mode, users "lock" cells as they edit them and they have to manually save their changes in order for them to be sent to other users. The benefit of Strict mode is that it allows users to <strong>Undo</strong> their unsaved changes. The lack of undo in sheets has been a recurring point in user feedback. This goes some way towards addressing these requests, at least within the constraints of OnlyOffice collaboration. There are more details on how to switch between modes in our <a href="https://docs.cryptpad.fr/en/user_guide/apps/sheets.html#undo-and-collaboration-modes">Spreadsheet documentation</a>.</p>
<p>The other notable change is the update to OnlyOffice 6.2 in our 4.3 release. Aside from small user-interface polish, this update introduces <strong>pivot tables</strong> and improved graphs.</p>
<h2>Open Tech Will Save Us</h2>
<p>David presented CryptPad on the monthly <a href="https://matrix.org/open-tech-will-save-us/">Open Tech Will Save Us</a> Matrix/Element meetup. Episode 11 was an art & design special with a great lineup:</p>
<ul>
<li><strong>Gaelle from Element</strong> presents all things Voice & Video including recent UX improvements, upcoming features like voice messages, and bleeding edge designs for Voice & Video rooms</li>
<li><strong>David Benqué</strong> <a href="https://matrix.to/#/@dbenque:matrix.xwiki.com">@dbenque:matrix.xwiki.com</a>, Designer at <a href="https://cryptpad.fr/">CryptPad</a>, presenting the open source & end-to-end encrypted collaboration suite. <a href="https://social.weho.st/web/accounts/43149">@cryptpad@social.weho.st</a> <a href="https://twitter.com/cryptpad">@cryptpad</a></li>
<li><strong><a href="https://www.davidrevoy.com/">David Revoy</a></strong>, known for his artwork, <a href="https://www.peppercarrot.com/">Pepper & Carrot webcomic</a> and <a href="https://www.davidrevoy.com/categorie3/tutorials-brushes-extras">design tutorials</a> in the Open Source space, performs a digital painting demo, and speaks about his use of open tools!</li>
</ul>
<iframe width="560" height="315" sandbox="allow-same-origin allow-scripts allow-popups" src="https://peertube.xwiki.com/videos/embed/592e5cf6-733d-4482-b9fc-14f53ed03145" frameborder="0" allowfullscreen=""></iframe>
<h2>Public Roadmap</h2>
<p>We have been working to make more use of CryptPad itself to communicate about the project. The first major step in this direction is the introduction of our <a href="https://cryptpad.fr/kanban/#/2/kanban/view/PLM0C3tFWvYhd+EPzXrbT+NxB76Z5DtZhAA5W5hG9wo/">Public Roadmap Kanban</a> where we detail all of the research projects we are currently working on. We summarise each project, funding amount, and associated features. Using the tags feature to filter one project gives an overview of its completion status. We find this very useful and hope you will find it informative.</p>
<p><a href="https://cryptpad.fr/kanban/#/2/kanban/view/PLM0C3tFWvYhd+EPzXrbT+NxB76Z5DtZhAA5W5hG9wo/"><img src="https://blog.cryptpad.org/images/roadmap-kanban.png" alt="The Public Roadmap Kanban" /></a></p>
<p>The next steps planned in this direction include a review of the onboarding document (the first document that is placed in new user's CryptDrives), as well as a rewrite of the Privacy Policy for <a href="http://cryptpad.fr/">cryptpad.fr</a>. This last one is nearly complete and will be published as a rich text document.</p>
<h2>Cleaned up translations</h2>
<p>We have started an effort to reduce the amount of work needed to translate CryptPad. As the development team we maintain English and French, and an active German speaking community maintains the German translation in near real-time for which we are very grateful. We want to encourage people to translate CryptPad in other languages, and to complete the many languages where the translation has been started but not completed.</p>
<p>Past efforts towards this have included moving the Frequently Asked Questions out of the platform to <a href="https://docs.cryptpad.fr/en/FAQ.html">a dedicated page in the documentation</a>. This month we have taken further steps with automated scripts to detect un-used translations. These were left over from previous versions of CryptPad and were sometimes hard to detect in the code. There is now less work for translators, and better assurance that no time will be wasted translating text that isn't actually used in the product.</p>
<p>We are keeping this in mind for future versions and will do our best to facilitate the work of community translators as much as we can. If you are interested in translating CryptPad, please head over to our <a href="https://weblate.cryptpad.fr/projects/cryptpad/app/">Weblate instance</a>.</p>
<p>This wraps up our monthly status update. There is more to look forward to in April as we move to complete our <em>Communities</em> project, and exciting things on the horizon for CryptPad's interoperability with office formats.</p>
Feb. 2021 status: Dark mode and organisation plans2021-02-24T11:57:52Zhttps://blog.cryptpad.org/2021/02/24/status-feb-2021/This is a new format of post we are starting on the blog: publishing the monthly updates that were until now only circulated in the internal XWiki newsletter.<p>This is a new format of post we are starting on the blog: publishing the monthly updates that were until now only circulated in the internal XWiki newsletter. This will be an opportunity to regularly catch up on new features, research projects, funding/budget updates, and any other relevant news.</p>
<h2>FOSDEM presentations</h2>
<p>Aaron and David presented different aspects of CryptPad at FOSDEM 2021. Please see the <a href="https://blog.cryptpad.fr/2021/02/03/CryptPad-at-FOSDEM-2021/">updated blog post</a> for videos of both presentations.</p>
<h2>Dark mode</h2>
<p>This month we followed up on the rebranding started with version 4.0 by thoroughly refactoring how styles, especially colors, are applied across CryptPad. This allows for better maintainance and easier customisation. The first custom theme is the long requested <strong>dark mode</strong>.</p>
<p>CryptPad will now follow the browser or operating system preference by default, and switch to a dark theme accordingly. The theme can also be set manually in Settings > Appearance.</p>
<p><img src="https://blog.cryptpad.org/images/dark-drive.png" alt="The CryptDrive in dark mode" /></p>
<p>Following the introduction of the dark theme in our 4.2 release, we noticed a few problems and got to work on correcting them. The most noticeable issue was the use of a dark background for rich text documents. Wanting to offer a "true" dark mode, we had intially switched the editor itself to a dark background, and made the default text color contrast with that automatically. It soon became apparent that this was a problematic choice in rich text documents where users are able to set colors for text. It may lead to text being un-readable depending on the theme used. One particularly painful example was a document about making web content accessible written in black text on a dark background. We reverted our decision and opted for a light background in the editor even when the rest of the interface is dark. There is a reason mainstream editors such as Microsoft Word do it this way. You can expect more polish on the dark theme in the upcoming 4.3 release.</p>
<p><img src="https://blog.cryptpad.org/images/dark-shame.png" alt="Web accessibility guide shown with black text on a dark background" /></p>
<p><em>The web content accessibility guide that prompted us to revert our decision on the dark theme rich text editor. <a href="https://cryptpad.fr/pad/#/2/pad/view/nOPkDL0nzbEi1DXnpEED0nqORBPF6pqS3SOUrKBqV9o/embed/">The guide</a> is by AccessiBloc.</em></p>
<h2>Organization plans</h2>
<p>On <a href="http://cryptpad.fr/">cryptpad.fr</a>, another long-awaited feature were the <strong>Organization plans</strong>. We have been communicating this pricing on request for the last few months but the plans are now <a href="https://cryptpad.fr/accounts/#org">live in the cryptpad.fr interface</a>. These bigger plans have the additional option to download a personalised signed Data Processing Agreement (DPA) for organsations that need to demonstrate they operate according to the GDPR.</p>
<p>These plans come with 1 business day support and increased storage shared between a number of user accounts, priced as follows:</p>
<ul>
<li><strong>25 Users</strong> with 100GB of storage for 500€ a year (ex. VAT)</li>
<li><strong>100 Users</strong> with 150GB of storage for 1000€ a year (ex. VAT)</li>
</ul>
<p>An additional On Premises option is available for organizations that require their own CryptPad instance, with installation and maintainance support by the development team.</p>
<p>We were happy to welcome the first couple of subscribers on these plans and hope that they will contribute to making CryptPad financially sustainable in the longer term.</p>
<p><img src="https://blog.cryptpad.org/images/dark-accounts.png" alt="The new organization plans on cryptpad.fr in dark mode." /></p>
<h2>A popular toolkit</h2>
<p>We had an unexpected spike in traffic early in the month after the following tweet linked to a toolkit made on <a href="http://cryptpad.fr/">cryptpad.fr</a>.</p>
<blockquote class="twitter-tweet"><p lang="en" dir="ltr">Here’s an updated toolkit by people on the ground in India if you want to help. (They removed their previous document as it was outdated.)<a href="https://twitter.com/hashtag/StandWithFarmers">#StandWithFarmers</a> <a href="https://twitter.com/hashtag/FarmersProtest">#FarmersProtest</a> <a href="https://cryptpad.fr/pad/#/2/pad/view/ehTz+drfKPwi4fP5dn0mivwVCKhwNe7OD1YHDiBUj0Y/">https://cryptpad.fr/pad/#/2/pad/vi...</a></p>— Greta Thunberg (@GretaThunberg) <a href="https://twitter.com/GretaThunberg/status/1357054451769606147">February 3, 2021</a></blockquote>
<p>This brought a lot of traffic to the service, as illustrated by the spike below. While this was a surprise, our infrastructure was prepared for it and held up very well.</p>
<p><img src="https://blog.cryptpad.org/images/greta-stonks.png" alt="graph showing a big spike in visits to CryptPad.fr" /></p>
<h2>Delivered: NGI Trust project: Secure Mobile Collaboration</h2>
<p>We have wrapped up this exploratory project about using CryptPad on mobile devices. There will be dedicated posts about this project in the near future. This project allowed us to scope out, in depth, the options available to make CryptPad work as an "app". As a summary of our findings, here is what we plan to include in the new Frequently Asked Questions section of our documentation that will be part of the next release:</p>
<hr />
<h3>FAQ: Are you planning a mobile app?</h3>
<p>We are not planning a dedicated mobile application for the following reasons:</p>
<ul>
<li>It would dramatically increase the amount of code that has to be developed and maintained, effectively creating other "versions" of CryptPad for iOS and Android.</li>
<li>CryptPad is open source and can be hosted by anyone who wants to offer the service. Therefore, users of a mobile application would have to specify which CryptPad instance they want to connect to, which would be confusing. To complicate things further, each instance may be running a different version of the software, depending on whether or not the latest updates were applied by the administrators.</li>
</ul>
<p>To address these problems, the development team is working on making CryptPad a "Progressive Web App". This means that it can be used on mobile through the web browser, behaving like an application while being the same software that runs on desktop browsers. This has the benefit of turning every CryptPad instance into a web app provider, rather than putting the burden of choosing the right instance on the user.</p>
<hr />
<p>This approach has already started to inform new developments for CryptPad, for example the use of IndexedDB for caching documents which is already deployed. Further improvements will follow, including a full "offline" mode.</p>
<p>This wraps up our first monthly status post. In March we will be shifting back to our NLNet Communities project and attempt to finish the outstanding deliverables around documentation for developers and instance administrators.</p>
CryptPad at FOSDEM 20212021-02-03T18:56:52Zhttps://blog.cryptpad.org/2021/02/03/CryptPad-at-FOSDEM-2021/The CryptPad team is taking part in the 2021 online edition of FOSDEM. We will use this opportunity to reflect on the past year from a couple of different perspectives.<p>(this post was edited on 24th Feb. 2021 to include links to videos and corrections)</p>
<p>The CryptPad team is taking part in the 2021 online edition of <a href="https://fosdem.org/2021/">FOSDEM</a>. We will use this opportunity to reflect on the past year from a couple of different perspectives.</p>
<p>Aaron MacSween's presentation is about the technical challenges faced by the team this year. The massive influx of users working from home pushed us to scale CryptPad to accomodate an additional 60K weekly active users. This was made easier by the platform's unique architecture, where most of the "expensive" work involving cryptography happens on the client rather than the server. Additional challenges involved a <a href="https://blog.cryptpad.fr/2020/12/16/The-outage-of-December-8th-2020-a-postmortem/">27 hour outage</a> due to a cooling malfunction at our hosting provider. While the outage itself was out of our control, it brought into sharp relief that our procedures to mitigate uncertainty had not scaled with our user-base. Aaron will speak about what we plan to do to avoid such situations in future.</p>
<p>In the design devroom, I will reflect on my first year as the designer on the CryptPad team. My work has been spread across many different areas, from UI design to answering support tickets, writing the product and documentation, as well as visual identity. All of these elements boil down to one thing: communication. I will show some examples of work produced this year as attempts to improve how CryptPad communicates, from onboarding to daily-use. I will conclude with one of the challenges for the year ahead: accessibility. Communication is all well and good, but of no use if it cannot be heard on a screen reader.</p>
<p>Talks are pre-recorded and will be aired on <strong>Saturday 6th February</strong>. For more information, abstracts, and broadcast time with Q&A session, see the indications below.</p>
<p>This blog post will be updated with video embeds once these are available.</p>
<h3><a href="https://fosdem.org/2021/schedule/event/cryptpad/">Living on the edge with CryptPad</a></h3>
<ul>
<li><strong>Speaker</strong>: Aaron MacSween</li>
</ul>
<p>Due to unforeseen circumstances, Aaron was unable to include his presentation in the FOSDEM track. However he still recorded it so we are making it available here and on our PeerTube channel.</p>
<p><a href="https://peertube.xwiki.com/videos/watch/96a0c839-3e29-4ffd-b6e3-201bc3c6bc36">Watch on the CryptPad Peertube channel</a></p>
<h3><a href="https://fosdem.org/2021/schedule/event/communicating_cryptpad/">Communicating CryptPad</a></h3>
<ul>
<li><strong>Speaker</strong>: David Benqué</li>
<li><strong>Track</strong>: <a href="https://fosdem.org/2021/schedule/track/open_source_design/">Open Source Design devroom</a></li>
<li><strong>Room</strong>: <a href="https://fosdem.org/2021/schedule/room/ddesign/">D.design</a></li>
<li><strong>Day</strong>: <a href="https://fosdem.org/2021/schedule/day/saturday/">Saturday</a></li>
<li><strong>Start</strong>: <a href="https://fosdem.org/2021/schedule/day/saturday/#1330">13:30</a> (CET)</li>
<li><strong>End</strong>: <a href="https://fosdem.org/2021/schedule/day/saturday/#1350">13:50</a> (CET)</li>
</ul>
<p><a href="https://peertube.xwiki.com/videos/watch/5339bbc1-ec4b-46ef-b064-6060d40ea272">Watch on the CryptPad Peertube channel</a></p>
No plan survives first contact with the enemy2020-12-31T22:27:34Zhttps://blog.cryptpad.org/2020/12/31/No-plan-survives-first-contact-with-the-enemy/In 2019 we finished a four-year research project that had covered the majority of CryptPad's development costs. We had some worries about how we would continue to fund our team, but we were fortunate enough to meet and form a good relationship with members of Europe's Next Generation Internet Initiative.<p>In 2019 we finished a four-year research project that had covered the majority of CryptPad's development costs.
We had some worries about how we would continue to fund our team, but we were fortunate enough to meet and form a good relationship with members of Europe's <a href="https://www.ngi.eu/">Next Generation Internet Initiative</a>.</p>
<p>We received 50000 Euros from <a href="https://nlnet.nl/">NLnet</a> as a part of their <a href="https://nlnet.nl/PET/">NGI0 Privacy Enhancing Technologies</a> grant program.
Though we'd planned to finish this project (<a href="https://nlnet.nl/project/Cryptpad/">CryptPad Teams</a>) before the end of 2019, research projects at this scale require a faster pace than we were used to.
We'd had an intern join our team over the summer, our plan didn't really account for vacation days, another salaried worker joined our team in November, and in general there were just many distractions that made everything take a bit longer than expected</p>
<p>We mostly made up a lot of the difference with an increasing number of <a href="https://opencollective.com/cryptpad">donations</a> and subscriptions via our <a href="https://cryptpad.fr/accounts/">premium accounts portal</a>, and we had written a number of new grant proposals for the coming year.
Our second NLnet proposal (<a href="https://nlnet.nl/project/Cryptpad-Communities/">CryptPad for Communities</a>) had already been accepted, but we were waiting to sign the final contract before making any announcements.
So, with 2020 on the horizon I wrote <a href="https://blog.cryptpad.fr/2019/12/31/Looking-back-looking-forward/">an article</a> which alluded to our plans while we waited to hear back about which of our remaining proposals would be accepted.</p>
<h2>2020's projects</h2>
<p>In early 2020 we were still finishing up the final components of <em>CryptPad Teams</em>.
In addition to the remaining technical features we were also required to complete two audits of the platform: one to assess CryptPad's accessibility and another quick scan of its security features.
We didn't really know how long these would take, and we hadn't budgeted additional time for them, so these delayed our other projects and added a little bit to our 2019 deficit.</p>
<p>We already knew to expect another 50000 Euros from NLnet for our <em>Communities</em> project, but since the status of our other proposals was still uncertain we decided to attend the <a href="https://opencollective.com/open-source-speed-dating/events/open-source-speed-dating-fosdem-2020-96f78c6c">Open-Source Speed Dating session</a> at <a href="https://archive.fosdem.org/2020/">FOSDEM</a>.
Two of our team members pitched a project to speed up CryptPad's page loading times, making for a total of three pending proposals.</p>
<p>As it turned out, we heard about all three projects in the space of a few days and all three were accepted.
We weren't expecting all of these proposals to be successful, so we had to adjust a lot of our plans to ensure we could manage all of their respective deadlines, but on paper it all seemed manageable.</p>
<h3>CryptPad for communities</h3>
<p>We'd already begun working on <strong>Communities</strong>' features quite early in the year.
The project included a number of high-level themes, but the overall goal was to make it easier for groups of various sizes to adopt or transition to CryptPad instead of proprietary alternatives.</p>
<p>Firstly, we'd heard from small businesses and social initiatives that they wanted to use CryptPad but needed some new features before they could make the switch.
We made major changes to our Kanban, rich text, and spreadsheet editors.</p>
<p>CryptPad's admin panel, which used to be very limited, now features a variety of controls for adding or modifying quotas for particular users, along with a variety of other configuration options to make it easier to run your own CryptPad instance.
We still need to add the ability to restrict registration and unregistered usage, but we expect to deliver this in early 2021.</p>
<p>Finally, we launched <a href="https://docs.cryptpad.fr/en/">our documentation platform</a>, which is available in English, French, and (courtesy of some dedicated contributors) German.
There is currently only a user guide, but we'll soon offer a thorough installation guide for admins and some technical documentation for contributors.</p>
<h3>Secure Mobile Collaboration</h3>
<p>The goal of this project was to experiment with different technologies and ultimately prototype some dedicated mobile and desktop apps for CryptPad.
Our intent was to make CryptPad usable on mobile devices while also improving security by distributing static builds of our source code with cryptographic signatures so their authenticity could be verified.</p>
<p>We pitched this project to <a href="https://www.ngi.eu/ngi-projects/ngi-trust/">NGI TRUST</a> at the end of November 2019 and framed it as an experiment since we weren't sure we'd be able to maintain dedicated apps in addition to the web platform we already offer.
Nevertheless, we know that mobile support is important to our users and we wanted to dedicate time to investigate our options.</p>
<p>We expect to finish this project soon but our approach has diverged from its early goals in some very notable ways.
For now I'll just say that a lot of time and effort has gone towards addressing the intended problems and that you can expect a dedicated blog post or two about this in the near future.</p>
<h3>Dialogue</h3>
<p>Not long after proposing <em>Communities</em> to NLnet we pitched this third <em>PET</em> project.
It can take several months for these proposals to pass through their various stages of review, and each project only funds our team for part of the year, so it's important that we line up our next project before the current ones finish.
At the same time, we can't (legally) get paid by multiple funding bodies for the same work, so we need to ensure that projects don't overlap.</p>
<p>We applied for this and the NGI TRUST grant concurrently, but we didn't expect to win both.
NLnet's deadlines are considerably less strict, however, so we've prioritized SMC and saved <a href="https://nlnet.nl/project/CryptPadForms/">Dialogue</a> for the coming year.
All <em>NGI0 PET</em> projects have to be completed by late 2021, so we expect this to be our last.</p>
<p>CryptPad is currently specialized mostly for real-time document editing, and our cryptographic permissions system reflects that.
The main idea behind this project is to develop a new set of applications with different permission schemes that support more granular permissions for document components instead of all-or-nothing permissions for whole documents.</p>
<p>We already offer a <em>poll</em> application, but it uses the same <em>editor/viewer</em> roles as our document editors, which really doesn't match users' expectations.
This current implementation will be phased out in favour of the new scheme to support distinct roles for authors (who can ask questions and determine who can answer them), responders (who can submit answers), and viewers (who can see responses).
We're also going to add support for more complex surveys with multiple questions, implement a reminder system to notify authors and viewers when their polls have closed, and add some more instance admin functionality so that we and other people hosting CryptPad can communicate with their users via the existing notification system.</p>
<h3>MOSS</h3>
<p>The requirements of <a href="https://www.mozilla.org/en-US/moss/">Mozilla's Open-Source Support</a> program were considerably less formal than those of NLnet and NGI TRUST.
We received 10000 USD, which converted to about 9000 Euros at the time we received it, and we promised to use it to improve page loading times.
There wasn't any contract or formal definition of how we'd planned to do this, and no deadline given.</p>
<p>This funding model was extremely helpful for us this year and did a fantastic job of living up to its name and goal of supporting open-source.
Our European funding partners provide all or most of their financial support as their deliverables or the entire project are completed.
By contrast, MOSS solved some immediate cash-flow issues during this difficult year and afforded us the flexibility to fulfill our promises in between our other deadlines.</p>
<p>So far we've followed up on these goals by profiling page loading times on different devices to determine where to best spend our efforts.
We've made a number of small optimizations on the client along with some big server improvements that were frequently the cause of bottlenecks when establishing a new connection to the server.
There's still much more to do in this regard, and we plan to post ongoing updates as we find more room for improvement.</p>
<h2>A year of surprises</h2>
<p>With the exception of our MOSS grant, everything I've mentioned so far was planned and proposed late in 2019.
We'd set our objectives for 2020 early on and had carefully considered how we could coordinate our multiple projects and how their features could complement each other.
As you might imagine, very little went according to plan.</p>
<p>i vaguely recall a few headlines about a respiratory illness being discovered in China late last year, but I didn't give it much thought and obviously didn't foresee the impact it would have on our plans for the year, let alone everything else it affected.
As the epidemic became more widespread, was upgraded to pandemic status, and triggered lockdowns across the world increasingly more people moved to working online.
Previously, I was happy with our success when we saw ten to fifteen thousand users in a week, but those numbers quickly doubled, tripled, and quadrupled in a matter of months as offices and classrooms started relying heavily on our platform.</p>
<p><img src="https://blog.cryptpad.org/images/2020-users.png" alt="Unique IPs per visiting CryptPad.fr per day" /></p>
<p>We made some significant changes to our server code to keep up with demand and eliminated some of our client's code that was particularly expensive for the server.
The precise technical details of exactly what we did to adapt to the dramatic increase in usage deserve their own article, but in general we suddenly had to pay a lot more attention to our infrastructure than was previously the case.
We started regularly allocating more disk space to the server and, as 2020 ends, we now store more than six times more user data than we did this time last year.</p>
<p>One major lesson we've learned, however, is that it's been far easier to scale our infrastructure than manual support for the platform.
Our surge of new users came along with a matching increase in support tickets, emails, GitHub iissues, and questions on social media.
We prioritized the documentation that we were writing as a part of our <em>Communities</em> project, however, we still had to take time to answer the questions of people who hadn't found those docs or whose questions were not clearly answered therein.</p>
<p>We're still working to streamline this process, but our ability to respond to individual questions is a frequent bottleneck for our team.
This typically makes it more difficult to stay on top of our usual development cycle, and leaves less time than we'd like for promoting the project via public events or blog articles.
Having too many users is a fantastic problem to have, though, so this is less a complaint and more an acknowledgement of a challenge that we need to address.
We can't afford to be just <em>a team of software developers</em> that also happen to <em>maintain and support a platform</em> when both activities are equally important to our continued success.</p>
<h2>Conclusion</h2>
<p>After the year we've had it's tempting to view the future as increasingly uncertain, but the reality is that nothing was ever certain to begin with.
We're still making plans for 2021, but our plans now include more caveats and fallbacks to (hopefully) lessen the impact of whatever else we don't see coming.</p>
<p>With all the unexpected stress of this year it's difficult to remember the good things, but we've had an incredible increase in support from our users.
Contributors have helped to add some significant features to the platform this year and have <a href="https://weblate.cryptpad.fr/projects/cryptpad/app/">translated CryptPad</a> into a number of languages.
In the past two months subscriptions and donations have covered one of our three team members' salaries.
Our yearly revenue has once again <em>more than doubled</em> compared to the previous twelve months, and if these trend continues we'll be able to fund our current team's salaries without having to depend on grants.</p>
<p>There's a lot more to be said about our goals for the future, but we still have a number of projects to complete, so for now I'll prefer not to think too far ahead.
Instead, I'll leave you with a bit of a teaser for our upcoming 4.0.0 release...</p>
<p><img src="https://blog.cryptpad.org/images/NYE-2020.png" alt="CryptPad 4.0.0, coming in January 2021!" /></p>
<p>Thanks so much to everyone who's supported us in any way throughout this difficult year.</p>
<p>We wish you all the best in 2021!</p>
Recent interviews and presentations2020-12-18T10:55:11Zhttps://blog.cryptpad.org/2020/12/18/Recent-interviews-and-presentations/CryptPad and the team have received some attention recently through various channels: a Reddit AMA thread, podcast, presentation, and blog interview.<p>CryptPad and the team have received some attention recently through various channels: a Reddit AMA thread, podcast, presentation, and blog interview. Whether you prefer to read, watch or listen there is a way for you to get an up-to-date presentation of CryptPad.</p>
<p>Aaron MacSween was invited for an <a href="https://www.reddit.com/r/privacy/comments/k1uonq/im_aaron_macsween_project_lead_for_cryptpad_the/">Ask Me Anything (AMA) thread on r/privacy</a> on Reddit. The thread started on November 27th 2020 and lasted for a couple of days. 98 questions were raised about everything from CryptPad's business model, to future development plans, the broader state of open-source software, and the EU's recent debates against encryption.</p>
<p>Aaron was also a guest on the <a href="https://www.jamesmullarkey.com/2020/11/imagine-google-docs-but-without-the-spyware-with-aaron-macsween/">We Don't Stream podcast</a> in an episode titled <em>Imagine Google Docs but without the spyware</em>. This was a general presentation of CryptPad, the origin story and the motivations behind it. Each guest is asked to nominate an NGO to encourage donations. Aaron chose the <a href="https://supporters.eff.org/donate/join-eff-today">Electronic Frontier Foundation</a> so please consider supporting them.</p>
<p>Ludovic Dubost was <a href="https://www.websiteplanet.com/blog/interview-ludovic-dubost/">interviewed on Website Planet</a>, answering questions about XWiki and CryptPad. The interview covers the founding of XWiki, the effects of the COVID crisis on the company and CryptPad, as well as the future of the open-source industry.</p>
<p>Ludovic also presented CryptPad at <a href="https://eslib.re/2020/">esLibre 2020</a>, a Spanish open-source conference organised this year by King Juan Carlos University. Like many others this year this was a "virtual" event, the video is available on our <a href="https://peertube.xwiki.com/videos/watch/019829b0-908c-48dd-88a4-6e9799b986f9">PeerTube channel</a>. Ludovic covered the background of the project and gave a demo-tour of CryptPad.</p>
The outage of December 8th, 2020 - a postmortem2020-12-16T15:30:00Zhttps://blog.cryptpad.org/2020/12/16/The-outage-of-December-8th-2020-a-postmortem/On December 8th, 2020 a malfunction in the water-cooling system at a data-center in Roubaix, France caused an unrecoverable error in the physical machine which hosts CryptPad.fr.<p>On December 8th, 2020 a malfunction in the water-cooling system at a data-center in Roubaix, France caused an unrecoverable error in the physical machine which hosts <a href="http://cryptpad.fr/">CryptPad.fr</a>. The service was unavailable for approximately 27 hours while we diagnosed a corrupted OS, provisioned a new server, and migrated user data to the new system.</p>
<h2>What happened</h2>
<p>Our team works remotely across three different timezones, so for the sake of simplicity I'll summarize the timeline of the service outage in Central European Time (CET) using a 24-hour clock.</p>
<h3>December 8, 05:30 - Server update deployed</h3>
<p>I occasionally start my working days very early in the morning when we have as few users connected as possible. On the days where a server restart is necessary, I do it at this time to minimize the number of active users that might be inconvenienced by the momentary service interruption.</p>
<p>During the process of deploying a minor patch to optimize how the service loads and evicts document metadata I noticed that our monthly full-disk backup was running. We run a less intensive incremental backup on a daily basis, but having a regular full-disk backup ensures that restoration does not become increasingly difficult over time.</p>
<p>We've been breaking our records for the highest ever number of concurrent users on <a href="http://cryptpad.fr/">CryptPad.fr</a> on a regular basis, so I tend to pay close attention to how our server is performing and how small changes in our code affect its performance.</p>
<p><img src="https://blog.cryptpad.org/images/3000-connections.png" alt="A record number of concurrently connected clients, as reported by our admin panel" /></p>
<p>My colleagues hadn't started their shifts yet, but I left a message informing them that the server would probably be under more load than usual. We were considering also deploying an update to our client code, but we usually avoid doing so on backup days to help ensure that things go smoothly.</p>
<p><img src="https://blog.cryptpad.org/images/poor-server-performance.png" alt="Me jinxing our server for the day" /></p>
<h3>December 8, 12:42 - CryptPad goes down</h3>
<p>CryptPad is developed by a company called <a href="https://xwiki.com/">XWiki</a>. We host everything using virtual machines provisioned on the same dedicated physical servers as the rest of the company's infrastructure. Performance metrics and monitoring for our other sites suggests that the host machine did not fail instantly, rather, its performance degraded over a relatively short period of time. Some services failed sooner as the host system tried to de-prioritize less critical systems.</p>
<p>The last line in our server's log was written to the disk at 12:42. I was away from my desk to eat a meal, so I didn't notice that anything had gone wrong. I returned to find some user reports sent at around 13:00 that the service had been unavailable for some time. We occasionally receive such reports that turn out to be user error (typos in URLs or DNS problems), but in this case it was easy to confirm as a systemic problem since my CryptPad tabs were also disconnected.</p>
<p>My first assumption was that an error in the the code I'd deployed earlier in the day that had caused the server to crash. I tried to log into our servers from my terminal with no success, then tried to ping the server's domain name, then its raw IP address, at which point I realized that the machine was completely powered down or otherwise unreachable.</p>
<p>The last time we were surprised with this kind of outage was in <a href="https://www.theregister.com/2017/11/09/ovh_datacenters_go_titsup/">November 2017</a> when a power outage and a generator failure took several data-centers completely offline. That outage lasted 3.5 hours, which seemed very bad at the time, but I was expecting something similar.</p>
<h3>December 8, 13:35 - Infra is on it</h3>
<p>Since the same physical infrastructure hosts a large number of sites the outage had been noticed by many of our company's employees almost instantly. We have lots of monitoring in place to send warnings when things are performing poorly (or not at all), but I learned via our company's internal chat service that at least one of our physical servers had had a critical failure and that Kevin (our resident infra expert) was working on it. CryptPad's track record for uptime until this point was very good, and most of that was due to Kevin, so I tried to leave him alone so he could focus on diagnosing and possibly fixing the problem. Since there didn't seem to be anything I could do on that front to help the situation I started to respond to the related GitHub issues and messages in our public chat channel to inform our users what was going on.</p>
<p>At this point I also noticed several messages from my colleagues congratulating me on my five-year anniversary at the company. I'd forgotten the date, and grateful as I was for the wishes, this wasn't how I'd expected to celebrate the milestone.</p>
<h3>December 8, 15:00 - Host machine comes back online</h3>
<p>By 15:00 the physical server that had gone offline had been powered back up. This meant that VMware (the software we use to host many virtual machines on one very powerful machine) was running again, though some more work was needed to bring many of its hosted VMs back online. Kevin immediately began running a range of integrity checks to confirm that the hardware was functioning correctly before relaunching services. Some VMs that required fewer resources were able to be re-launched very quickly, but CryptPad requires more storage than most of the wikis we host, and disk checks tend to require more time than other diagnostics.</p>
<p>At 15:40 these disk integrity checks were interrupted when one of the data-center technicians (who I'm sure was also having a bad day) had to take the server back offline to transfer our hardware to a new location in the same building. Access was restored just a few minutes later, but we had to restart our integrity checks.</p>
<h3>December 8, 16:20 - First disk integrity check completes</h3>
<p>Forty minutes after the manual intervention, the first of three disk checkups had completed. VMware was reporting that all systems were operational, however, the VM that usually hosts our API server was failing to boot. Kevin was able to launch a Debian rescue system from a live disk and mount the system for inspection, but there was still no obvious indication why the system wouldn't boot. He proceeded to launch checks for the remaining two disks while he continued to search for the cause of the failure.</p>
<h3>December 8, 18:30 - Initial failure traced to a cooling malfunction</h3>
<p>Throughout the duration of this downtime Kevin had been on and off the phone with the data-center technicians getting updates about what had happened and whether we should expect any further problems. By 18:30 we were informed of the cooling system's malfunction. While it was somewhat comforting to know that the problem had nothing to do with code we'd written, it was also frustrating to be reminded that there will likely always be physical events like this that we can neither control nor predict.</p>
<p><img src="https://blog.cryptpad.org/images/physical-internet.png" alt="" /></p>
<p>As twitter user <a href="https://twitter.com/RimaSghaier/status/1336398196109697025">@RimaSghaier</a> noted, the internet is still <em>very physical</em>.</p>
<h3>December 8, 19:30 - File transfer commences</h3>
<p>By 19:30, between myself, Kevin, Ludovic (the company's CEO), and one of Ludovic's friends who has some more experience with the intricacies of bootable filesystems, we'd made no progress diagnosing why the affected VM would not boot outside of the environment of the rescue disk. We had access to all the system's files and all of the integrity checks had passed, but there seemed to be problem with the root filesystem. We decided that the safest thing to do was to provision a new VM and begin transferring the relevant files. We could interrupt the process if we discovered the reason for the failure, but it was already late in the day and we had no promising leads.</p>
<p>It took only a few minutes to provision a nearly identical VM and we immediately began transferring files via the data-center's internal network. Unfortunately, there was around 750GB of data to transfer at a variable rate that did not seem very promising.</p>
<p>Until this point I'd been very hopeful that <em>at any minute</em> we would find some trick to get the original server back online. As it became increasingly apparent that this was unlikely and that we'd need to wait for the file transfer to finish we shifted our focus to damage control.</p>
<p>The API server that hosts our database and Nodejs server had been offline, but we actually serve our static assets (HTML, Javascript, etc) from a different machine that had stayed online. I'd been distracted by the actual system outage and hadn't thought to update our front-end to inform all our users of what was going on, though I had been posting to our <a href="https://social.weho.st/@cryptpad">Mastodon</a> and <a href="https://twitter.com/cryptpad">Twitter</a> accounts.</p>
<p>I hacked together and deployed some very basic HTML as quickly as I could, explaining what was happening and directing users to our social media for updates. This was deployed by 19:43.</p>
<p><img src="https://blog.cryptpad.org/images/cryptpad-down-page.png" alt="CryptPad's down page" /></p>
<h3>December 8, 20:00 - I try to get some sleep</h3>
<p>Finally, after about 7 hours of downtime and a 14.5 hour shift on my part, we left the servers alone to continue their work and decided to get some rest for the following day. We expected the file transfer to take at least 10 more hours to complete, so I set my alarm for the following morning and called it a day.</p>
<h3>December 9, 16:14</h3>
<p>December 9th was not especially eventful. I spent most of the day idly monitoring the progress of the network file transfer. I was far too distracted to be productive with anything else, and anyway it seemed prudent to save my energy for when the transfer completed.</p>
<p>By about 13:30 the transfer was 90% complete and I began to pre-configure as much as possible on the new system so that we could bring everything back up as quickly as possible. I prepared and reviewed a list of final tasks with Kevin and Yann in the final 30 minutes of the transfer, and we started working as soon as it finished.</p>
<p>We were able to complete the system's setup in around 20 minutes, including a last-minute configuration fix to restrict the service to our IP addresses before we launched it. This restriction allowed us to access CryptPad as normal before anyone else. We took about ten minutes to test the platform, loading any documents we'd been editing leading up to the crash and confirming that everything was behaving as expected.</p>
<p>Finally, by 16:14, after a bit more than 27 hours of downtime, we removed the IP address restriction and removed the downtime notice I'd deployed the evening before.</p>
<h2>Difficulties and lessons learned</h2>
<p>I'll start by saying in very simple terms that <em>this experience <strong>sucked</strong></em>. I know it was very frustrating for our users who couldn't access their documents while the server was offline. I certainly had a terrible two shifts. It was stressful for everyone on our team, and I suspect it was similarly unpleasant for the data-center technicians as well.</p>
<p>It should be more obvious given the root meaning of the word <em>internet</em>, but we all depend on many systems functioning to maintain our daily routines. The majority of our users only contact us to report bugs. Kevin and I mostly end up chatting when one of us notices irregular server behaviour. We only contact OVH when our servers have problems, and they probably don't deal too much with their municipal electricity and fuel providers except when their power goes out and they fall back to using generators. <em>We are most aware of the systems that sustain us when they break</em>.</p>
<p>On a positive note, though, I was pleasantly surprised by how understanding people were about the situation. One of our paying users cancelled their subscription, but it seems the outage served to remind many people that there are humans working on this project, and so we've actually seen an increase in the rate of donations and subscriptions in the week since. We greatly appreciate everyone's generosity!</p>
<p>Some users seem to have understandably lost some confidence in our platform, as we've seen slightly fewer users at the usual peak hours (2700 concurrent connections instead of 3000). On the other hand, it seems like the downtime page led to a significant increase in our follower count on social media.</p>
<p>Many of our users rely on CryptPad as a persistent home for their documents, and in these cases downtime is very inconvenient. During the outage, however, I learned about <a href="https://github.com/tosterkamp/random-redirect">this software</a> which randomly redirects users to publicly hosted instances of open-source software platforms. If you use CryptPad as a place to collaborate rather than a place to store documents, then you could try <a href="https://cryptpad.random-redirect.de/">cryptpad.random-redirect.de</a> to find alternatives. If you host a CryptPad instance you could even inquire about adding your server to the list. One of the great things about open-source software is that failures that affect one server or service do not need to have global effects.</p>
<p>Despite the positive aspects of our community's response to this event, I regret that it took so long migrate to a new machine. The simple fact is that while we (mostly Kevin and Ludovic) have put in a lot of effort to making sure that our hosting infrastructure is reliable, we were unprepared for the task of rapidly migrating our entire database to a new machine. We're hosting about six times more data now than we were at the start of the year. Until now we've had little cause to consider the increasing difficulty of managing this growing dataset and with everything else that has happened this year there has been little opportunity to do so. This event made it abundantly clear that we're going to have to find the required time.</p>
<h2>What we plan to do</h2>
<p>It would be an understatement to say that I have a bit of an idealist stance when it comes to software. This is why I work on open-source, privacy-preserving tech. It's terrible that modern, web-based software is as fragile as it is. That said, the alternative of emailing static documents to colleagues (or between devices) also makes it difficult to be productive.</p>
<p>It's a bit ridiculous that a broken cooling system in northern France can mean that our 20,000 daily active users lose the ability to edit or even read their documents for more than a day. More frustrating is the fact that we were very nearly in a good position to mitigate many of the adverse effects of this outage. We've been working on some new <em>offline-first</em> functionality in CryptPad over the last few months and, as noted above, we were considering deploying the first phase of these improvements the day of the outage.</p>
<p>Our first offline features were deployed yesterday as a part of our <a href="https://github.com/xwiki-labs/cryptpad/releases/3.25.0">3.25.0 release</a>. Now, every time you load a document in CryptPad you're also populating an advanced cache in your browser. For now this only has the effect of reducing the total time to load cached documents, since we still wait for confirmation from the server that this is the most recent version of the content before removing the loading screen.</p>
<p>Our next step will be to merge a branch of our code which will instead load and display the last known state of any document in your local cache in offline mode, regardless of whether you're able to reach our database server. This would have alleviated some of the inconvenience of our outage, since users were still able to load the platform's HTML and JavaScript that would have at least let them access cached documents.</p>
<p>The next major feature will be the use of <a href="https://developer.mozilla.org/en-US/docs/Web/API/Service_Worker_API">service-workers</a> to enable browsers to use very advanced caching policies and load our client-side code even while entirely offline, allowing full access to cached documents under almost any circumstance. We expect to deploy these updates in early January 2021 as a part of our upcoming <em>4.0.0</em> release.</p>
<p><a href="https://www.cs.jhu.edu/~huang/paper/grayfailure-hotos17.pdf">One of my favourite academic papers</a> defines the term <strong>gray failures</strong>, in which well-intentioned attempts to introduce redundancy into online systems can paradoxically increases the likelihood of service degradation or interruptions. In the last few weeks both Amazon and Google (some of the richest companies on the planet, in case you haven't heard of them) have experienced severe service outages. There are very few easy answers in this area, but we're going to learn from this situation and work on solutions that would have helped at least let us recover more quickly.</p>
<p>If the next data-center failure happens in another three years I hope it will only last a small fraction of the time, and that our software will be so resilient you'll hardly notice. In the meantime our team greatly appreciates all your support!</p>
CryptPad Funding Status July 20202020-07-03T18:04:09Zhttps://blog.cryptpad.org/2020/07/03/CryptPad-Funding-Status-July-2020/We have not been very active on the CryptPad blog lately, however, we have been very active making new releases to CryptPad.<p>We have not been very active on the CryptPad blog lately, however, we have been very active making <a href="https://github.com/xwiki-labs/cryptpad/releases/">new releases to CryptPad</a>.</p>
<p>We have also published some news about our funding on our <a href="https://opencollective.com/cryptpad#section-updates">Open Collective page</a> and in particular the <a href="https://opencollective.com/cryptpad/updates/cryptpad-funding-status-july-2020">July 2020 funding status article</a>.</p>
<p>Ludovic, for the CryptPad team.</p>
Looking back, looking forward2019-12-31T16:06:16Zhttps://blog.cryptpad.org/2019/12/31/Looking-back-looking-forward/It was four years ago when I first started working full-time on CryptPad. At that point fewer than 10 people used the service on a weekly basis.<p>It was four years ago when I first started working full-time on CryptPad.
At that point fewer than 10 people used the service on a weekly basis.
Our development team was included in that list, often multiple times since we visited from both our office and our homes.</p>
<p>In those early days the platform was much more of a toy than a tool.
There was no <em>CryptDrive</em> for storing documents, no login, markdown rendering, file upload, kanban, or whiteboard.
It was the first of four years of a research project in which we were responsible for building a variety of collaborative editors.
We mostly used CryptPad to prototype new technologies before committing to a much more complex integration into the larger project.
Nobody insisted that our editors include the extra privacy features we designed, yet, among our small team we definitely hoped they would catch on.</p>
<p>We knew that as long as we produced viable editors and passed our project's yearly reviews we didn't have to worry about our jobs.
It felt like we were supposed to take risks and we certainly did.
The stakes were low.
Sometimes if we wanted to test the platform together we'd just push our code to our production server.
Occasionally we'd edit files directly on the server to cut out additional steps.
We did our work as quickly as we could without having to worry about the consequences because nobody was relying on us for their safety.</p>
<p>It was an exciting time.</p>
<h2>Two thousand and nineteen</h2>
<p>Our situation today is drastically different.
Privacy is very much in the public eye, although the news is more often bad than good.
In any case, instead of ten weekly visitors <a href="https://blog.cryptpad.org/cryptpad.fr">CryptPad.fr</a> now supports more than ten thousand.</p>
<p>Many of those that trust us to protect their information have no cause to use our service other than the very reasonable expectation that nobody will access their content without their consent.
We're pleased to be able to offer this peace of mind and we appreciate that we need this demographic and its expectations to become the norm if those with more extreme requirements are to blend in with the crowd.
As the saying goes: <em>privacy is a team sport</em>.</p>
<p>As proud as I am of the project's advancement since our humble beginnings, I still feel as though we've been playing this sport defensively in these last 365 days.
We began the year with the knowledge that our stable funding was about to dry up and that our efforts to sustain the project via subscriptions and donations were not going to be enough.
At the same time, increasingly more of our time was occupied just keeping up with regular issues: answering emails, fixing bugs, and managing a progressively more complex codebase.
Meanwhile, we had to consider the effects of every change on those users whose physical safety occasionally depends on their privacy.</p>
<p>Fortunately for us and our community we received an enormous amount of support from Europe's <a href="https://www.ngi.eu/">Next Generation Internet initiative</a>, both in terms of publicity through the presentation of <a href="https://blog.cryptpad.fr/2019/02/22/Heading-to-Barcelona/">an NGI award</a> and monetary contributions through the <a href="https://nlnet.nl/PET/">NLnet PET</a> grant program.
We've still had to cope with an endless stream of feature requests and correspondences, but the funding definitely addressed our existential worries for a time.</p>
<p>In the course of our <a href="https://blog.cryptpad.fr/2019/05/27/Our-future-is-collaborative/">CryptPad Teams</a> project we struggled to balance all the responsibilities of our position and as a result it's taken somewhat longer to complete the project than we planned.
I now have a better appreciation of how much easier a project can appear in its planning compared to its execution.
The opportunity to go slightly over budget on a small project has been a welcome learning experience that I hope not to repeat.</p>
<h2>Looking forward</h2>
<p>At this stage in our project it isn't enough for our team to try to keep up with tickets on our issue tracker.
Reactionary decisions won't make our project sustainable, nor will they effectively serve the community that has helped us get this far.
That's why in 2020 we're going to focus on project governance and providing a cohesive vision with the hope of getting more of our stakeholders directly involved in its success.</p>
<p>I spent a large part of this holiday season making small changes to make it easier to correctly configure a CryptPad instance.
Starting in January we're going to continue this effort to support the 300 independent instance administrators with a radical overhaul of our documentation, along with simplified guides for users and more detailed guides for contributors.</p>
<p>Our immediate roadmap will also feature further development of our admin panel to ensure that community instances can be governed by team members lacking advanced technological expertise.
Beyond that we're looking forward to some big improvements to the tools that are most essential to effectively coordinate distributed groups of people, namely our rich text, spreadsheet, and kanban apps.</p>
<p>There's still a lot of work we can do to improve the social integrations first proposed in our <em>Teams</em> project.
We'll continue to streamline the process of onboarding new team members and add in some even more advanced controls for very sensitive data.</p>
<p>I've been hesitant to commit to development time that doesn't yet have a source of funding but in the coming year I hope to be able to deliver an improved experience for users of mobile and touch-enabled devices.</p>
<h2>How you can help</h2>
<p>Privacy should not be a luxury item.
CryptPad has been built largely with public money and we're committed to continuing its development as a public good.
Continued monetary contributions via donations enable us to offer our services to users regardless of whether they can contribute themselves.</p>
<p>Along with subscriptions to our platform, our independent revenue helps to finance all the minor tasks that don't easily fit into the narrative of a successful grant proposal.
Every cent of these revenue streams go back into development and we do our best to get the most value out of your contributions.</p>
<p>There are, of course, many other ways you can contribute.
Any publicity you can generate will free us to spend less time marketing and more time improving the software and its documentation.
Sharing our messages on social media with your followers helps a lot, so please follow us on the <a href="https://social.weho.st/@cryptpad">Fediverse</a> and <a href="https://twitter.com/cryptpad">Twitter</a>.
We especially appreciate personal messages that tell the world exactly what it is you love about CryptPad.</p>
<p>We're also happy to support and publicize offline events promoting the project.
If you're comfortable speaking in public and would like to represent us in your community feel free to contact us about and we'll see how we can help.</p>
<p>As we produce <a href="https://github.com/xwiki-labs/cryptpad-guide/">more documentation</a> we'll also need help reviewing it and keeping it up to date.
Every little bit helps, whether it's a page or a line of documentation corrected.
Finally, we welcome any efforts to translate CryptPad into a new language or to help those already working on our <a href="https://weblate.cryptpad.fr/projects/cryptpad/app/">existing translations</a>.</p>
<h2>Wishes for 2020</h2>
<p>I made a deliberate choice in naming the most recent cycle of releases after extinct animals.
We are living through a major extinction event and growing list of crises.
More than ever we need a hopeful vision of the future.</p>
<p>I'm personally grateful for the opportunity to offer tools to support these endeavors.</p>
<p>Embrace private spaces.<br />
Connect with those around you.<br />
Organize and build a better future together.</p>
<p>See you in 2020!</p>
Yesterday I made a mess2019-06-14T17:29:33Zhttps://blog.cryptpad.org/2019/06/14/Yesterday-I-made-a-mess/Normally when I write a blog post it's because I have exciting news to share. This time it's not a fun occasion because the only good news I have is that the bad news isn't permanent.<p>Normally when I write a blog post it's because I have exciting news to share.
This time it's not a fun occasion because the only good news I have is that the bad news isn't permanent.</p>
<p>The bad news is that during some database maintenance yesterday (June 13th) I accidentally removed some of the data from users' encrypted drives.
The good news is that these files were archived, not deleted, and that everything can be recovered.</p>
<p>Before I get into the details of why this happened I'd like to clarify which user data was archived and how to check if your account was one of those affected.</p>
<h2>How to tell if you were affected</h2>
<p>First off, everything is related to my actions administrating the database of <a href="https://cryptpad.fr/">CryptPad.fr</a>.
Users of other instances have nothing to worry about unless their administrator did the exact same thing as I did, which is unlikely.</p>
<p>Secondly, the issue is limited to shared folders and non-owned files contained within them.
If you don't use shared folders you won't be affected.</p>
<p>Thirdly, as far as we can tell you need to have visited <a href="http://cryptpad.fr/">CryptPad.fr</a> between May 28th and June 13th in order to have run some incorrect code.</p>
<p>Finally, nothing was archived unless it had not been active within the preceding 90 days.
In the case of shared folders, this would mean any change to the content or structure of the shared folder, such as adding or removing a document or renaming or moving any of its contents.
In the case of pads, if a user with the rights to edit the document loaded it without making any changes, that would classify it as active.</p>
<p>To summarise:</p>
<p>Some of your data could have been archived if you visited <a href="https://cryptpad.fr/">https://CryptPad.fr</a> between May 28th and June 13th (2019) and have one or more shared folders in your CryptDrive which have not been modified within the last 90 days.</p>
<h2>Checking if you were affected</h2>
<p>It should be fairly easy to tell if your account was affected by opening your CryptDrive.
Affected shared folders will be visible in the tree on the left of your drive because they'll have lost their titles, as highlighted in red below:</p>
<p><img src="https://blog.cryptpad.org/images/archived-shared-folder-appearance.png" alt="archived shared folders" /></p>
<h2>How we're going to handle this</h2>
<p>As I said, none of the data was deleted, just archived.
It's still on the same server that hosts the rest of our database, it's just been moved to a different location to make it inaccessible.</p>
<p>I've already restored all of those files which were archived except for 237 cases.
Affected Users that visited <a href="http://cryptpad.fr/">CryptPad.fr</a> between the removal and restoration of the data would have automatically created a new folder in the same location as the old one, and that complicates things for us.
Since we don't know whether they might have decided to put new documents in that folder in the meantime, it's dangerous for us to overwrite the new data with the old.</p>
<p>It's going to take us a few days to figure out if we can use some fancier methodology to identify what data we can safely reinstate.
In the meantime, we've already fixed the underlying issues that caused this data to be miscategorized, and developed some new tooling for safely diagnosing and restoring archived data.</p>
<p>Since we know that those affected by this error visited since our last release day and that they had content older than 90 days, we assume they're going to come back to the platform.
If you do come back and see something resembling the image above, please do let us know by emailing us at <a href="mailto:contact@cryptpad.fr">contact@cryptpad.fr</a>.
We can manually restore any files that haven't already been restored.</p>
<p>I'm very sorry for any inconvenience this might have caused and I'm grateful that the damage wasn't worse.
I'll take this as an opportunity to prove my commitment to protecting user data, whether it be from surveillance or from my own mistakes.</p>
<h2>Post-mortem</h2>
<p>With all the practical details addressed for those who only have the time to make sure their own data is safe, I'll go further into the specifics for anyone who might be interested.</p>
<h3>The pinning race condition (May 28th)</h3>
<p>On May 28th we released <a href="https://github.com/xwiki-labs/cryptpad/releases/2.23.0">CryptPad <em>Xenops</em></a>.
It introduced notifications for users through the use of something we've been calling "encrypted mailboxes".
Each registered user now has a mailbox through which any other user can send messages, currently for friend requests, and soon for other features.</p>
<p>While we were implementing the function which loads new messages from this mailbox we introduced a bug which caused some other functions to be executed in the wrong order.
I personally reviewed the code but didn't see the bug.</p>
<p>Registered users are able to send instructions to the server not to delete data that is relevant to them.
We call this process <em>"pinning"</em> and it's done every time a user uses the service.</p>
<p>What should have happened is that users should have loaded their drive, then loaded their shared folders, then pinned all the contained files.
Instead, they loaded their drive and then started loading their shared folders and started the pinning process in parallel.
This caused what's called a race condition, which means that two things happen at the same time, and sometimes they happen in different orders.</p>
<p>Race conditions are especially annoying because sometimes they only occur under certain circumstances, so these bugs tend to slip past basic testing unless you already know what you're looking for.
In our case, losing the race meant that files weren't pinned and consequently the server didn't have an accurate notion of which data was worth keeping.</p>
<h3>Running out of space (June 3rd)</h3>
<p>Several months ago a user contacted us saying that data had disappeared from their drive.
This was quite scary from our perspective as for every user that contacts us about something we can generally assume that there are many more that had the same issue, but didn't say anything.</p>
<p>We spent several days debugging their problem and developing tools which would analyze the history of their drive without exposing any of their encrypted content to us.
In the end, it turned out that the files didn't ever exist in their history, so it wasn't a matter of us losing that data.
Nevertheless, the situation was stressful enough that we turned off all of our scripts for deleting inactive data until we could sort out a more reliable methodology for handling data.</p>
<p>With that regular process not in place, and with increasingly more users visiting our service, our database continued to grow at an accellerating pace.
On June 3rd we started receiving automated emails from XWiki's infrastructure services that we were down to 20% of our disk space.
We had been meaning to handle this problem for some time but with 33 emails arriving in our inboxes each day we finally decided to prioritize it.</p>
<h3>Replaced the race condition (June 6th)</h3>
<p>After the <em>Xenops</em> release we noticed an error that was occurring in our browser consoles fairly regularly and decided to debug it.
We tracked it down and fixed it, but since we weren't looking for the other race condition described above, we managed to change the code in such a way that a functionally identical race condition was still present.
We fixed one issue, but pads still weren't being pinned reliably.</p>
<h3>Incorrect data archival (June 13th)</h3>
<p>Having proceeded with fixing a variety of other bugs, I turned my attention back to solving our storage issue.
Deleting data hadn't become any less scary than it had always been so I proceeded with caution, implementing an archival system that would move inactive data to what we termed <em>"cold storage"</em> for a set period before removing it permanently.</p>
<p>I implemented some code for iterating over our complete database and used that to create a script for checking the most recent modifications to user data.
I read through it a number of times, tested it on my local database and had my colleague review it and test it on his machine.
Before using it on our production database I made sure to also write and test a script that would restore archived files in case anything went wrong.</p>
<p>I think I must have sat in front of my laptop and stared at my screen for between five and ten minutes before I hit enter on the command to run the script.
I had the code for the script on another monitor, and I double-checked it before deciding to proceed.
I reloaded my drive to make sure everything was still there once it finished running, and it was.
After twenty minutes or so of testing everything seemed alright, so I went on with my day.</p>
<p>Later on we finally noticed that there was a problem with one of our user accounts, specifically with a shared folder having disappeared.
We stayed at the office late into the evening to figure out what had happened, and ended up tracking the problem to the pinning logic before deciding to follow up on it in the morning.</p>
<h3>Final debugging and restoration (June 14th)</h3>
<p>With as restful a night as I could manage under the circumstances, I came back to the office this morning with a bit of perspective on the issue.
I wrote up a pad which collected all the information we had into one place, identifying the circumstances under which we believed the problem could occur.</p>
<p>I reviewed the script which restored archived files, making sure that it would not overwrite any user data if utilized.
My colleague implemented a fix for the race condition which contributed to the pinning issue, which I deployed as soon as I could review it.</p>
<p>After writing a few more scripts I was able to determine the number of shared folders which had been replaced with conflicting entries with the same identifiers (237).
Knowing this number allowed me to determine how to handle the issue.
If the number was significantly smaller it might have been easier to handle, but the order of magnitude is such that we'll have to figure out an automated way to deal with the issue or else spend the next few weeks responding to emails and manually recovering files.</p>
<p>With a better grasp on the situation and with some confidence that it wasn't the database processing scripts which were incorrect, I restored the archived files with the exception of those which conflicted with the production database.</p>
<h2>Conclusion</h2>
<p>If I've learned anything in my time working on CryptPad it's that I should appreciate the reasons why the majority of the software industry doesn't work with encrypted database as we do.
Even on a good day it can be a harder job than it would otherwise be.
On a day like today we end up having to reason with what the clientside code would have done under various circumstances and think about what information we can access.</p>
<p>In any case, I'm very happy that we decided to turn off our deletion scripts months ago.
Had they still been active, this relatively mild pinning and archival bug would have resulted in data loss.</p>
<p>While we can tell that 237 shared folders were affected, we still have to think about how the absence of that data would be handled by the code for user's CryptDrives.
To further complicate things, we have to think beyond what our code would do and into what users might have done in reaction to what they saw.
If they saw and removed the now-empty shared folders in their drive, they no longer have the encryption keys to decrypt them even though we've now restored the underlying data.
Because we've spent so much time trying to protect our users' privacy we can't actually ascertain if they've interacted with this part of their drive at all.</p>
<p>On one hand, it makes my life that much more stressful to have to figure out the answers to these problems.
On the other, I'm hopeful that by doing this work now I'll help pave the way for more developers to create services which offer similar protection for their users' data.</p>
<p>As stated above, if this particular mistake affected you, don't hesitate to contact us.
Otherwise, I can only hope that the way we handle it ensures that you continue to trust us with your data.</p>
Our future is collaborative2019-05-27T12:20:22Zhttps://blog.cryptpad.org/2019/05/27/Our-future-is-collaborative/For anyone that doesn't have the time or interest to read the rest of this article, the short version is that the CryptPad team has received a 50000 Euro grant from NLnet foundation. This funding will be directed towards the design and development of team-centric features in a project we're calling CryptPad Teams.<p>For anyone that doesn't have the time or interest to read the rest of this article, the short version is that the CryptPad team has received a 50000 Euro grant from <a href="https://nlnet.nl/foundation/">NLnet foundation</a>. This funding will be directed towards the design and development of <em>team-centric</em> features in a project we're calling <em>CryptPad Teams</em>.</p>
<p>If you're still reading, I assume you want to know more about our plans and our relationship with NLnet.</p>
<h2>Some backstory...</h2>
<p>Up until the end of March 2019 our team's work was funded by the <a href="https://open-paas.org/">OpenPaaS project</a>, a four-year French research project in which CryptPad was only a minor component.
Our role was to produce a set of collaborative editors for the open-source platform.
It was never stated that our contributions should be delivered as a standalone platform, but having a self-contained code-base that we could easily update and deploy simplified our job.</p>
<p>CryptPad had already been prototyped as a part of a previous research project, though its scope was considerably smaller than what would be required by OpenPaaS.
Since the platform was being developed with businesses and other large institutions in mind, confidentiality was a concern and a stated requirement of the project.
Even so, I think it's fair to say nobody expected us to make privacy such an central part of our design.</p>
<p>In many organizations these design choices might have been seen as digressions.
We've been fortunate to have had a lot of support from our employer, (<a href="https://www.xwiki.com/">XWiki SAS</a>).
Consequently, we were able to nurture a prototype such that it grew into a platform, a product, and a community.
Still we knew all along that our role in the OpenPaaS project would come to an end, and that without external funding it would be difficult to continue with the momentum we'd established.</p>
<h2>Support from our community</h2>
<p>As an active member of the community concerned about privacy issues, I know there are a lot of people that are suspicious of government money.
While I understand that this distrust is justified by a lot of history, I'm very satisfied with what I consider <em>the European software model</em> of funding work public work with public money, keeping in mind that I'm a Canadian that's lived in France for the past few years.</p>
<p>Without the social investment we've received so far it would have been very difficult to create a product of sufficient quality that anyone would pay for it.
I often hear people rebutt this point by saying that a lot of <em>free-software</em> is produced <em>for free</em> by volunteers.
Personally I'm in the camp that believes that the people writing that software deserve the same financial stability that is enjoyed by those producing software with proprietary or extractive business models, but that's a bit beyond the scope of this article.</p>
<p>In any case, before going on to talk about the very generous contribution we've received, I wanted to acknowledge the support up until now from individuals and organizations that use CryptPad.
Since the end of our last project and the beginning of this new one, we've been sustained by a mix of the revenue generated by <a href="https://accounts.cryptpad.fr/#/?on=cryptpad.fr">subscriptions to CryptPad.fr</a> and <a href="https://opencollective.com/cryptpad">donations to our OpenCollective campaign</a>.
These contributions help to keep CryptPad going in such brief periods when we haven't secured larger sources of funding as well as providing alternatives should such opportunities cease to be available.</p>
<p>You can expect another post in the near future about the status of our crowdfunding campaign where we'll go over our crowdfunding campaign in more depth.</p>
<h2>NLnet and the <em>Next Generation Internet</em></h2>
<p>You might recall that we recently <a href="https://blog.cryptpad.fr/2019/02/22/Heading-to-Barcelona/">visited Barcelona</a> to receive an <em>NGI award</em> for <em>privacy and trust-enhanced technologies</em>.
Those awards were organized as a part of the <a href="https://www.ngi.eu/">NGI initiative</a>, funded by the European Union's <a href="https://ec.europa.eu/programmes/horizon2020/en">Horizon 2020 research program</a>.</p>
<p>As a part of the initiative, NLnet has been made responsible for distributing a rather large sum of money to smaller projects through the administration of <a href="https://nlnet.nl/discovery/">Search and Discovery</a> and <a href="https://nlnet.nl/PET/">Privacy (and trust) Enhancing Technologies</a>.
By delegating these enormous tasks to NLnet the EU has recognized their excellent track record for supporting projects that actively contribute towards an open information society.</p>
<p>Naturally we're very happy to receive the financial support, but beyond that the foundation has offered a variety of other resources which they have at their disposal by way of having played a strong role in the European free software community.
They've offered expertise in accessibility, documentation, security auditing, internationalization, and legal matters surrounding software licensing, among other things.</p>
<p>Finally, it's worth mentioning that for all of this support that we'll receive, the amount of time we've spent writing the initial proposal and following up until the point of signing a contract has been remarkably brief.
Whether considering the delay between submission and acceptance or the actual time spent on documents and correspondence, they've kept the bureaucracy to an absolute minimum.
For a small team like ours, this makes a massive difference in our ability to access such funding and to put more of our time towards the activities the money is meant to support.</p>
<h2>What <em>CryptPad Teams</em> will entail</h2>
<p>This purpose of this grant is to develop technologies which enhance the public's ability to preserve their privacy.
Our contract defines the milestones which we must reach in order to get paid.
I voluntarily included a stipulation that we would not consider a goal complete until its components were publicly accessible as source code and in our hosted platform.
This was meant to ensure that the outcomes benefit our community of users and developers alike.</p>
<p>Starting with CryptPad 2.23.0 we'll introduce support for personal encrypted mailboxes for registered users.
We're not looking to replace e-mail or the other platforms which are focused on encrypted messaging, this will just be a simple feature which will allow users to interact with each other more effectively whether or not they are online at the same time.</p>
<p>Our first use-case for this is an improved version of our "friend request" which currently requires that both users be online.
You'll be able to send friend requests from user's profile pages and they'll see a notification the next time they visit CryptPad.
Going forward we'll use the same system to offer friends access to documents directly through the sharing menu, instead of having to send URLs over potentially insecure mediums like unencrypted email or messengers.
Similarly, friends will be able to request the ability to edit documents that they can view, as well as to request "ownership" over documents which they should be able to delete.</p>
<p>As minor as some of this functionality might sound, we believe they'll make a positive and significant impact on users' privacy.
We want to minimize how often they have to directly handle the encryption keys which protect the contents of their documents.</p>
<p>After these initial steps we'll begin offering first-class support for teams within CryptPad, allowing users to define groups of friends so that they can delegate access quickly and effectively.
Teams will integrate with shared folders and will eventually offer features targeting various types of groups, whether hierarchical as is customary in many businesses or on a more ad-hoc basis as might be expected with friends or other self-organizing groups.
Team members will benefit from better oversight as to who can access particular documents, reducing the likelihood that they'll accidentally leak private information.
We want to offer users better oversight into the activity of documents in their CryptDrives, both to make it easier to quickly join editing sessions with friends, as well as to make it noticeable when access to a document has leaked outside of its intended audience.</p>
<h2>The hard part</h2>
<p>Different groups have different levels of trust among their members.
It's difficult to build these features in a manner that's fast to use with friends while still preventing your boss from spying on you.
We're committed to thinking through all of these cases to keep our users safe, and to acting on users concerns if we don't get it right the first time.</p>
<p>We're excited to begin this project and grateful to everyone supporting our efforts, financially or otherwise.
<em>Teams</em> is the first grant we've received <em>explicitly</em> for the development of CryptPad, and we couldn't have gotten here without help.
As always, if you have ideas, concerns, or questions feel free to <a href="https://cryptpad.fr/contact.html">contact us</a>.</p>
Join the team2019-03-18T17:31:21Zhttps://blog.cryptpad.org/2019/03/18/Join-the-team/We've been making a big deal of our funding status for the last while, and for good reason. CryptPad has largely been funded by the OpenPaaS research and development project, funded by BPIFrance...<p>We've been making a big deal of our funding status for the last while, and for good reason.
CryptPad has largely been funded by the <a href="https://open-paas.org/">OpenPaaS</a> research and development project, funded by <a href="http://www.bpifrance.com/">BPIFrance</a>.
We're very happy with the results of the past four years of work, but this support will terminate at the end of March 2019.</p>
<p>While this change is a bit scary for us, it also means that we'll be free to pursue new research projects.
Europe is investing in technologies that promote human-centric values, so there are many opportunities that align with our goals.
We have been actively seeking funding from a variety of sources, and though things are currently uncertain for us, it's quite likely that <strong>our team will need to expand</strong> to prepare for upcoming obligations.</p>
<h2>The skills we want</h2>
<p>We're looking for <em>web technologists</em> and <em>product designers</em> with experience in <a href="https://en.wikipedia.org/wiki/Privacy_engineering">privacy engineering</a>.
If you already use CryptPad, encrypted messengers, or other similar communication systems to protect your personal data, that knowledge will be an asset.
If you use unencrypted platforms and have a good understanding of the personal and societal trade-offs, that will count in your favour as well.</p>
<p>This field is fairly young, so we're open to any experience you have, not just what you've learned in a professional or academic context.</p>
<p>In terms of technical skills, our daily work typically includes:</p>
<ul>
<li>Clientside Javascript (ES5) and cross-platform browser APIs</li>
<li>Nodejs</li>
<li>CSS3 and LESS</li>
<li>HTML5</li>
<li>BASH</li>
<li>GIT</li>
<li>SSH, information security, and basic system administration</li>
</ul>
<p>We're interested in incorporating skills we don't already have, so don't panic if you're unfamiliar with anything listed above.</p>
<p>Perhaps more important than the technical skills are the so-called <em>soft skills</em>:</p>
<ul>
<li>Empathizing with users and prioritizing improvements based on their impact</li>
<li>Communicating well within a team (including asking for clarification if your goals are ever unclear)</li>
<li>Managing your time well (we avoid micro-managing and working overtime)</li>
<li>Reasoning about pragmatic security</li>
<li>Consideration of both immediate tasks and long-term goals</li>
</ul>
<h2>What we offer</h2>
<p>XWiki SAS has been developing open-source software for the last 15 years, and we rely on the open-source tooling internally.
Joining our team means learning how to run a sustainable business while giving away our product for free (without selling user data).</p>
<p>Otherwise you can expect:</p>
<ul>
<li>A relaxed work environment (in <em>Paris, France</em> or <em>Iasi, Romania</em>) with part-time remote work
<ul>
<li>or negotiable full-time if relocation is not possible or desireable</li>
</ul>
</li>
<li>To develop portable skills using open-source software</li>
<li>International travel (at our expense) when promoting the company or our projects</li>
<li>Opportunities for advancement, training, and other benefits</li>
<li>The chance to shape the future of an exciting project with your personal view of responsible data handling</li>
<li>To become an expert in privacy-enhancing technologies (we're literally an <em>award-winning team</em>) <img src="https://blog.cryptpad.org/images/xwiki-awards-tweet.png" alt="Awards for XWiki and CryptPad" /></li>
</ul>
<h2>A special note to researchers</h2>
<p>We're very interested in distributed systems, data science (as an adversary against privacy), and human-computer interaction.
If you are knowledgeable about any of these, some intersection, or anything else that might be relevant, that's great!</p>
<p>If you have recently attained a PhD from an institution recognized by the EU, there are subsidies which can help us pay your salary.
We have authored two peer-reviewed papers to date, so we can offer continued involvement in the research community if you desire.</p>
<h2>Caveats</h2>
<p>Sorting through CVs can be a lot of work, though a little transparency on some issues might help lighten the burden on our side.
Below are some things to consider before contacting us.</p>
<p>As stated above, our ability to hire will be based on the status of some pending proposals.
We don't currently know how many positions will be available, and our timeline on when we could hire is fuzzy at best.
We'd like to have your profile ready so we can act quickly once we know more.</p>
<p>We can't compete with the salaries offered by companies in Silicon Valley, though they are comparable to other European businesses.
As a consolation, you'll be directly involved in determining how we move forward, and you'll gain insight into the exciting European research ecosystem.</p>
<p>Our funding sources tend to place restrictions limiting those funds to residents of European member states.
I moved to France from Canada to work on CryptPad several years ago, but things are generally simpler if you're already here.
Don't let that stop you from contacting us, though!</p>
<p>We understand that talent comes in many forms, and we welcome new ideas.
We're willing to make exceptions for promising candidates, but we'd like to know that you care about the topic.
There are probably better options available if you just want <em>a job</em>.</p>
<h2>If you are interested...</h2>
<p>Contact us at <a href="mailto:jobs@cryptpad.fr">jobs@cryptpad.fr</a> with a recent CV and a brief introduction explaining what you'd bring to the team.</p>
CryptPad funding status March 2019 - Thanks to our 100 backers!2019-03-11T20:00:00Zhttps://blog.cryptpad.org/2019/03/11/CryptPad-funding-status-March-2019/The beginning of the year has been busy. We traveled to Barcelona to officially receive our NGI Award. Spreadsheet functionality was officially released in CryptPad and our funding has been progressing since our last status in November.<p><img src="https://blog.cryptpad.org/images/cryptpad-funding-blog-cover-generic.png" alt="" /></p>
<p>The beginning of the year has been busy.
We <a href="https://blog.cryptpad.org/2019/02/22/Heading-to-Barcelona/">traveled to Barcelona</a> to officially receive our NGI Award.
Spreadsheet functionality was officially released in CryptPad and our funding has been progressing since <a href="https://blog.cryptpad.org/2018/12/09/CryptPad-funding-status-November-2018/">our last status in November</a>.</p>
<p>We have seen a spike of both new subscriptions and growing usage of <a href="https://cryptpad.fr/">CryptPad.fr</a> in the last few months.
You can see the numbers in <a href="https://cryptpad.fr/sheet/#/2/sheet/view/ppScrSTQQy7gQ6gwYG2pSvNzedP0mHhhFHWwPl5P+Vk/embed/present/">the new spreadsheet function launched in January</a> (though this functionality is still restricted to registered users).</p>
<p><img src="https://blog.cryptpad.org/images/cryptpad-201902-funding.png?v=2" alt="CryptPad funding details" /></p>
<p>We now have more than 100 backers from 23 countries around the world.</p>
<p><img src="https://blog.cryptpad.org/images/cryptpad-201902-funding-countries.png" alt="CryptPad funding by country" /></p>
<p>While this cannot yet fund our two developers we are happy that the funding is progressing.
We will reach a first goal of 6k by the end of the OpenPaaS-NG project ending this month.
We have also candidated to the <a href="https://nlnet.nl/news/2019/20190201-call.html">NLNet Privacy and Trust Enhancing Technology funding call</a>.</p>
<p>Now we need more help!
First we need to be able to sustain our team, but also we need to be able to expand, especially if we want to have Open Source software in the Zero-Knowledge space.
Proprietary software providing some form of Zero-Knowledge will probably start growing with extensive funding.
If we want independent free-software alternatives for this type of software, then we need to group our effort and fund open source solutions like CryptPad.
We have ambitious objectives for CryptPad and we cannot achieve these with only two developers.</p>
<p>On the subject of funding, CryptPad will be presented at the <a href="https://fundthecode.org/">Fund the Code</a> event on March 19th in Paris, with XWiki SAS (CryptPad's parent company) sponsoring the event.</p>
<p>Since the launch of the campaign we have published a <a href="https://blog.cryptpad.org/tags/roadmap/">roadmap for CryptPad</a> of what we would like to achieve with the funding.
It's also available on the <a href="https://opencollective.com/cryptpad/#about">OpenCollective web site</a>.
Check it out and see our ambitious objectives for this project.
We are already making progress on this roadmap.</p>
<p>To finish, I'd like to give progress on CryptPad's usage.
We are now reaching close to 250 instances of CryptPad running around the world, and the official <a href="http://cryptpad.fr/">cryptpad.fr</a> instance is growing regularly.
The growth of CryptPad noticed in November has not stopped and now we have more than 1500 weekly drive users (from 1000 in November), more than 7000 weekly pad users (from 6000 in November).</p>
<p><img src="https://blog.cryptpad.org/images/cryptpad-201902-driveuniqueweek.png" alt="cryptpad drive stats" />
<img src="https://blog.cryptpad.org/images/cryptpad-201902-padsuniqueweek.png" alt="cryptpad pad stats" /></p>
<p>A special note to our German users where CryptPad is growing quickly.
We have noticed on Twitter that teachers promoting are CryptPad in their community and there are now more users from Germany than from the US, making it the top country representing 25% of the <a href="http://cryptpad.fr/">CryptPad.fr</a> users and also of the CryptPad hosted instances.</p>
<p><img src="https://blog.cryptpad.org/images/cryptpad-201902-countries.png" alt="cryptpad countries" /></p>
<p><a href="https://cryptpad.fr/">Try CryptPad</a>, love it, <a href="https://opencollective.com/cryptpad/">take care of it</a>, and even better <a href="https://github.com/xwiki-labs/cryptpad">come help</a>!</p>
<p>Ludovic Dubost & the CryptPad Team</p>
Looking for translators2019-03-11T11:12:50Zhttps://blog.cryptpad.org/2019/03/11/Looking-for-translators/Our mission is to make privacy-enhancing technologies accessible to people from all over the world. We get a lot of attention for the technology that we build, but that technology may be of limited use to those who can't understand what it's doing.<p>Our mission is to make privacy-enhancing technologies accessible to people from all over the world.
We get a lot of attention for the technology that we build, but that technology may be of limited use to those who can't understand what it's doing.
I'm not talking about <em>how the cryptography in CryptPad works</em>, but the simple matter of reading the text displayed on the screen.</p>
<p>CryptPad has been translated into <em>nine different languages</em>, but only a third of those translations are complete.
Members of the development team are fluent in English and French, so those are easily maintained, but the rest are beyond our ability.</p>
<p><img src="https://blog.cryptpad.org/images/translations-status.png" alt="translations status" /></p>
<p>The other translations were written by contributors, but our required format made them difficult to maintain, so we understand why so many have become out of date.
With that in mind, we've decided to adopt the open-source <a href="https://weblate.org/en/">Weblate translation platform</a> for our project to make the process more manageable.
If you're familiar with CryptPad and fluent in any language other than English or French, <em>we'd love your help</em> translating the project.</p>
<p>You don't have to do it alone, and it doesn't need to be done all at once.
Weblate allows translators to change one string at a time in a nice web interface, with issues sorted by type.</p>
<p><img src="https://blog.cryptpad.org/images/weblate-interface.png" alt="Weblate translation interface" /></p>
<p>Anyone can register an account on our instance (<a href="https://weblate.cryptpad.fr/">weblate.cryptpad.fr</a>).
From there, we can appoint <em>reviewers</em> for each language who will receive notifications any time their language receives a suggested update.</p>
<p>If you'd like to translate CryptPad into a new language, that will require a little more involvement on our part, but we'd be very happy to help.
Our <a href="https://github.com/xwiki-labs/cryptpad/blob/master/customize.dist/translations/README.md">translation guide</a> has more detailed information, but you can always <a href="mailto:weblate@cryptpad.fr">contact us</a> if you'd like to help.</p>
<p>Even if your preferred language is already translated, we still welcome improvements to the existing translations.
Feel free to sign up and make suggestions, or stop by <a href="https://riot.im/app/#/room/#cryptpad:matrix.org">our chat room</a> if you find any part of the platform difficult to understand.</p>
Heading to Barcelona2019-02-22T11:08:09Zhttps://blog.cryptpad.org/2019/02/22/Heading-to-Barcelona/There's a fairly long list of people who have helped make CryptPad what it is today, but on a day-to-day basis its improvements are driven primarily by myself and a colleague who would rather push code than take credit for his work.<p>There's a fairly long list of people who have helped make CryptPad what it is today, but on a day-to-day basis its improvements are driven primarily by myself and a colleague who would rather push code than take credit for his work.
As <a href="https://en.wikipedia.org/wiki/Privacy_engineering">privacy engineers</a> we're most excited about building and deploying new features that help people move away from less private platforms.
Even so, it's important to step away from building new things occasionally to both promote what we've done so far and ask people what they think of it.</p>
<p>Since our small team handles everything related to the project (including development, deployment, support, and promotion) the coming release will take place three weeks after <a href="https://github.com/xwiki-labs/cryptpad/releases/tag/2.17.0">our last</a> to allow us to focus on meeting users.
As <a href="https://blog.cryptpad.fr/2018/11/13/CryptPad-receives-NGI-Startup-Award/">previously announced</a>, we've been invited to the <a href="https://awards.ngi.eu/">NGI awards</a> which will be colocated with the <a href="https://www.mwcbarcelona.com/about/">Mobile World Congress</a> in Barcelona.</p>
<p>I'll be accepting the NGI startup award for <em>Privacy and trust-enhanced technologies</em> along with Ludovic Dubost (my boss and the CEO of XWiki).
If you'll be in the city at the same time I encourage you to reach out to us via Twitter (<a href="https://twitter.com/cryptpad">@cryptpad</a>, <a href="https://twitter.com/ldubost">@ldubost</a>, <a href="https://twitter.com/fc00ansuz">@fc00ansuz</a>) or Mastodon (<a href="https://framapiaf.org/@ldubost">@ldubost</a>, <a href="https://social.weho.st/@cryptpad">@cryptpad</a>).</p>
<p>I plan to announce our plans for the coming months in a more formal roadmap, however, if we meet in person I'll be happy to muse about the project's trajectory in a casual setting.
Come say hi, tell me what you'd like to see, and you might see it land in an upcoming release!</p>
CryptPad funding status November 20182018-12-09T20:00:00Zhttps://blog.cryptpad.org/2018/12/09/CryptPad-funding-status-November-2018/I've now let a few months pass since the last August status. I'm sorry about that as I have been very busy with XWiki SAS activities as well as conferences including CryptPad talks.<p><img src="https://blog.cryptpad.org/images/cryptpad-funding-blog-cover-generic.png" alt="" /></p>
<p>I've now let a few months pass since the last August status. I'm sorry about that as I have been very busy with XWiki SAS activities as well as conferences including CryptPad talks.</p>
<p>I use this occasion to post the links to the different talks we had to present CryptPad and our goals:</p>
<ul>
<li><a href="https://cryptpad.fr/slide/#/2/slide/view/HUJaxog3vrIJpJJ37-kDAecBJN7Y8yblLtjQEYrUSWU/embed/present/">Toulouse Capitole du Libre (French)</a></li>
<li><a href="https://cryptpad.fr/slide/#/2/slide/view/d9tE0ekARv6YYcDroYIrLQelPpwnUbYNMQnLYHJXpDk/embed/present/">Paris Open Source Summit in the Privacy Track (French)</a></li>
<li>Paris Open Source Summit in the Solutions Track (English by Aaron)</li>
</ul>
<p>We have also been busy preparing some other funding opportunities for CryptPad which we believe can help bring more development to the project. Rest assured we are hard at work to make it happen. By the way, if you are an independent developer in Europe and you would like to be funded to work on a CryptPad project, contact us, we could have an opportunity for you.</p>
<p>Also I wanted to announce that in addition to the NGI Award "Privacy and Trust Enhanding Technologies" received last month for CryptPad, XWiki SAS has now also received an award at the Paris Open Source Summit from the CNLL (Conseil National du Logiciel Libre). This award "Enterprise Award for an Open and Ethical Digital" (Prix de l'Entreprise pour un numérique ouvert et éthique), recognizes XWiki SAS' involvement in sustainable free software development for the last 15 years. This of course includes our involvement in CryptPad and working hard to bring this free software solution to life and sustain its development. We are very proud of it and are committed to honor this award in the future.</p>
<p>Again we are grateful for our donators and subscribers as well as to all that relay our communications about the CryptPad crowdfunding campaign.</p>
<p>In the last three months we have received 1000 Euros from subscriptions and donations. this number has been growing in particular since we have launched yearly payments for subscriptions.</p>
<p>We have now exceeded 4000 Euros in funding for CryptPad since the beginning, including 1000 Euros of donations. This funding comes from 65 different sources from 19 different countries. 26 donators are coming through Open Collective.</p>
<p><img src="https://blog.cryptpad.org/images/cryptpad-201811-revenues-details.png" alt="cryptpad funding details" />
<img src="https://blog.cryptpad.org/images/cryptpad-201811-countries.png" alt="cryptpad funding by type" />
<img src="https://blog.cryptpad.org/images/cryptpad-201811-revenuesources.png" alt="cryptpad funding by country" /></p>
<p>While this cannot yet fund our two developers we are happy that the funding is progressing. We hope to continue to grow subscriptions and donators and have between 6k and 10k Euros by the end of the OpenPAAS NG project which currently funds us. Progressively we are getting close to secure funding for the project.</p>
<p>Now we need more help ! First we need to be able to sustain our team, but also we need to be able to expand, especially if we want to have Open Source software in the Zero-Knowledge space. Proprietary closed source software providing some form of Zero-Knowledge will probably start growing with extensive funding. If we want independent free-software alternatives for this type of software, then we need to group our effort and fund open source solutions like CryptPad. We have ambitious objectives for CryptPad and we cannot achieve these with only two developers.</p>
<p>Since the launch of the campaign we have also published a <a href="https://blog.cryptpad.org/tags/roadmap/">roadmap for CryptPad</a> of what we would like to achieve with the funding. It's also available on the <a href="https://opencollective.com/cryptpad/#about">OpenCollective web site</a>. Come check it out and see our ambitious objectives for this project. We are already making progress on this roadmap.</p>
<p>Aaron and Yann, our CryptPad developers, have released the shared folders feature, one of the most demanded feature. We have also worked on improving the reliability of the synchronization engine (chainpad).</p>
<p>To finish, I'd like to give progress on CryptPad's usage. We are now reaching close to 200 instances of CryptPad running around the world, and the official <a href="http://cryptpad.fr/">cryptpad.fr</a> instance is growing regularly. We have seen a surge in the last weeks, maybe related to the conferences, and we have now more than 1000 drive users, and 6000 pad visitors per week. The activity has almost doubled in 4 month.</p>
<p><img src="https://blog.cryptpad.org/images/cryptpad-201811-stats-drive.png" alt="cryptpad drive stats" />
<img src="https://blog.cryptpad.org/images/cryptpad-201811-stats-pads.png" alt="cryptpad pad stats" /></p>
<p><a href="https://cryptpad.fr/">Try CryptPad</a>, love it, <a href="https://opencollective.com/cryptpad/">take care of it</a>, and even better <a href="https://github.com/xwiki-labs/cryptpad">come help</a> !</p>
<p>Ludovic Dubost & the CryptPad Team</p>
CryptPad receives NGI Startup Award2018-11-13T15:29:32Zhttps://blog.cryptpad.org/2018/11/13/CryptPad-receives-NGI-Startup-Award/Europe's Next Generation Internet initiative awarded CryptPad the Privacy and trust-enhanced technologies startup award<p><img src="https://blog.cryptpad.org/images/cryptpad_ngi_award.png" alt="" /></p>
<p><strong>Europe recognizes Privacy, and it's starting with CryptPad</strong></p>
<p>Europe's Next Generation Internet initiative (<a href="https://www.ngi.eu/">NGI.eu</a>) awarded CryptPad the Next Generation Internet’s <a href="https://awards.ngi.eu/winners-startup-awards">Privacy and trust-enhanced technologies startup award</a>. The NGI Startup Awards recognize Europe’s most disruptive entrepreneurs who are advancing revolutionary products, solutions and services destined to have a major impact on the internet of the future.</p>
<p>Of course XWiki SAS and the CryptPad team are very proud of this award for a project that was started 4 years ago by Caleb James DeLisle as part of a French research project funding realtime editing in XWiki. The first commit <a href="https://github.com/xwiki-labs/cryptpad/commit/1508c7ba71f5de5e51f061fbef45bc1f18493832">"<strong>and so it begins</strong>"</a> was premonitory of a long and important project.</p>
<p>But most importantly we are very happy that privacy enhancing technologies are getting recognized. We strongly believe that users of internet technologies should be able to control their privacy and the security of their data, and unfortunately this is not the case today. The dominating business model of the Internet is advertisement based on exploiting user data ("Your data is their data"). Cloud providers have full access to most of users' and companies' private data, which is being exposed to many risks.</p>
<blockquote>
<p><em>Our promise is that our software <strong>cannot</strong> spy on its users, and that your data is safe.</em></p>
</blockquote>
<p>We are also very happy that our users and supporters are recognized. Since we launched our online service <a href="http://cryptpad.fr/">CryptPad.fr</a> as part of the OpenPaaS-NG research project, funded by BPI France, CryptPad's usage and support has continously grown. With more than 10000 users weekly and also the support from paying users and donations through our Open Collective, we are all participating in helping restore our privacy.</p>
<p>It is difficult for all of us to give up powerful Internet services and software which bring us great value, but at the same time we do not like to see how our data is being used for advertisement, political means or malicious hacking. Today this NGI Award is showing that it is possible to take back our privacy, while getting powerful and easy to use services. We built CryptPad to show how far a team can go to empower users and increase their expectation of privacy from online services. While it was previously accepted that collaborative editing meant sacrificing confidentiality, we’ve not only proven that private editing is possible, but we’ve made our entire platform open source to ensure that this technology remains available.</p>
<h3>Want to be a part of it?</h3>
<ul>
<li>Use CryptPad and other Zero Knowledge services every day, tell us what you like and what we can do better.</li>
<li>Talk to your friends and colleagues about Zero Knowledge, show them CryptPad and explain that this is what the cloud can be.</li>
<li><a href="https://www.xwiki.com/en/jobs/">Candidate to XWiki SAS</a> to join our team.</li>
</ul>
<h3>Show your support</h3>
<ul>
<li>Buy an upgraded account from <a href="http://cryptpad.fr/">Cryptpad.fr</a>, run by the CryptPad development team, or contribute to our <a href="https://opencollective.com/cryptpad">Open Collective</a></li>
<li>If you install the Open Source code of CryptPad on your own servers, consider buying a support contract.</li>
<li>If you’re a web developer, think about Zero Knowledge for your next web app.</li>
</ul>
<h2>About CryptPad and XWiki SAS</h2>
<p>CryptPad is an open-source, web-based suite of collaborative editors which employs client-side cryptography to ensure that the server is not able to access the contents of users’ documents.
It offers a variety of editors and other multi-user applications: rich text, code editing with syntax highlighting and markdown preview, presentations, polls for scheduling, kanbans for project management, and whiteboards for collaborative illustration.</p>
<p>CryptPad is being actively developed by XWiki SAS and is currently funded by BPI France as part of the OpenPaaS NG research project. For the last 14 years, XWiki SAS has built Open Source Collaboration Software and provided professional services allowing organizations to better organize their information.</p>
<h2>About the NGI Initiative and awards</h2>
<p>NGI is Europe’s new approach to creating a more human-centric internet. It invites citizens and communities striving for values like openness, inclusivity, transparency, privacy, cooperation, and data protection to provide input, and thus to help to guide the European Next Generation Internet funding agenda. NGI is a European Commission initiative which is being implemented by project partners throughout Europe.</p>
<p>The overall mission of the Next Generation Internet initiative is to re-imagine and re-engineer the Internet for the third millennium and beyond. We envision the information age will be an era that brings out the best in all of us. We want to enable human potential, mobility and creativity at the largest possible scale – while dealing responsibly with our natural resources. In order to preserve and expand the European way of life, we shape a value-centric, human and inclusive Internet for all.</p>
CryptPad funding status August 20182018-09-12T14:14:16Zhttps://blog.cryptpad.org/2018/09/12/CryptPad-funding-status-August-2018/We have now passed the summer since we have started the OpenCollective for CryptPad and started our campaign for funding CryptPad and ensuring its future in 2019, so I wanted to give an update on this funding initiative.<p><img src="https://blog.cryptpad.org/images/cryptpad-funding-blog-cover-generic.png" alt="" /></p>
<p>We have now passed the summer since we have started the OpenCollective for CryptPad and started our campaign for funding CryptPad and ensuring its future in 2019, so I wanted to give an update on this funding initiative.</p>
<p>First we are highly grateful to all that have responded positively and also that have relayed our campaign. We do feel stronger with the help of our community and it motivates us more.</p>
<p>We have now received a few more contributions during this month of August, and in particular a 100 Euro donation from Matthieu Herrb. In July we had received a commitment from the <a href="https://c3w.at/">C3Wien Community</a> in Austria, to contribute 360 Euros / year as well as some of their members to whom our communication was relayed. We have also received a few donations for more than 50 Euros coming from the USA and Germany (thanks <a href="https://twitter.com/mikegoelzer">Michael Goelzer</a>, KimoNine, shibayashi) and also monthly donations (thanks <a href="https://twitter.com/dangagliar">Daniele Gagliardi</a> and an anonymous backer !) and one time donations reaching now more than <a href="https://opencollective.com/cryptpad/#contributors">10 donators through OpenCollective</a>.</p>
<p>We also had new subscribers to the CryptPad subscriptions and in total now we can count on 40 participants to CryptPad funding for a total now of 320 Euros for the month of August and 2250 Euros since subscriptions started last year. This funding originates from 11 different countries around the world.</p>
<p><img src="https://blog.cryptpad.org/images/cryptpad-countries-201808.png" alt="funding by country" /></p>
<p>XWiki SAS is also matching the donations we received since the beginning of the campaign and we are now reaching a budget of 2614 Euros on OpenCollective.</p>
<p>This amount is of course still low and not enough to guarantee funding next year for CryptPad, but it's a start without much communication about the funding of CryptPad and about the long term objectives of this project. We still have 7 months to grow this funding to contribute to the development of CryptPad.</p>
<p>Now we need more help ! First we need to be able to sustain our team, but also we need to be able to expand, especially if we want to have Open Source software in the Zero-Knowledge space. Proprietary closed source software providing some way of Zero-Knowledge will probably start growing with extensive funding. If we want independent free-software alternatives for this type of software, then we need to group our effort and fund open source solutions like CryptPad.</p>
<p>Since the launch of the campaign we have also published a <a href="https://blog.cryptpad.org/tags/roadmap/">roadmap for CryptPad</a> of what we would like to achieve with the funding. It's also available on the <a href="https://opencollective.com/cryptpad/#about">OpenCollective web site</a>. Come check it out and see our ambitious objectives for this project. Aaron and Yann, our CryptPad developers, are already hard at work and the shared folders feature, one of the most demanded features, is already advancing very fast. During the summer there are has been <a href="https://github.com/xwiki-labs/cryptpad/releases">3 new releases of CryptPad</a></p>
<p><a href="https://cryptpad.fr/">Try CryptPad</a>, love it, <a href="https://opencollective.com/cryptpad/">take care of it</a>, and even better <a href="https://github.com/xwiki-labs/cryptpad">come help</a> !</p>
<p>Ludovic Dubost & the CryptPad Team</p>
CryptPad funding status after one month2018-08-04T11:26:23Zhttps://blog.cryptpad.org/2018/08/04/CryptPad-funding-status-after-one-month/It's been a month now that we have started the OpenCollective for CryptPad and started our campaign for funding CryptPad and insuring it's future in 2019, so I wanted to give a status on this funding initiative.<p><img src="https://blog.cryptpad.org/images/cryptpad-funding-blog-cover.png" alt="one month funding status" /></p>
<p>It's been a month now that we have started the OpenCollective for CryptPad and started our campaign for funding CryptPad and insuring it's future in 2019, so I wanted to give a status on this funding initiative.</p>
<p>First we are highly grateful to all that have responded positively and also that have relayed our campaign. We do feel stronger with the help of our community and it motivates us more.</p>
<p>In particular we have received a commitment from the <a href="https://c3w.at/">C3Wien Community</a> in Austria, to contribute 360 Euros / year as well as some of their members to whom our communication was relayed. We have also received a few donations for more than 50 Euros coming from the USA and Austria (thanks <a href="https://twitter.com/mikegoelzer">Michael Goelzer</a>, KimoNine, shibayashi) and also monthly donations (thanks <a href="https://twitter.com/dangagliar">Daniele Gagliardi</a> and an anonymous backer !) and one time donations reaching now more than <a href="https://opencollective.com/cryptpad/#contributors">10 donators through OpenCollective</a>.</p>
<p>We also had new subscribers to the CryptPad subscriptions and in total now we can count on 30 participants to CryptPad funding for a total now of 750 Euros for the month of July and 2000 Euros since subscriptions started last year. This funding originates from 11 different countries around the world and actually not yet from France our home country who has funded the beginning of CryptPad with the OpenPAAS project.</p>
<p><img src="https://blog.cryptpad.org/images/cryptpad-countries.jpg" alt="funding by country" /></p>
<p>This amount is of course still low and not enough to guarantee funding next year for CryptPad, but it's a start without much communication about the funding of CryptPad and about the long term objectives of this project.</p>
<p>Now we need more help ! First we need to be able to sustain our team, but also we need to be able to expand, especially if we want to have Open Source software in the Zero-Knowledge space. Proprietary closed source software providing some way of Zero-Knowledge will probably start growing with extensive funding. If we want independent free-software alternatives for this type of software, then we need to group our effort and fund open source solutions like CryptPad.</p>
<p>Since the launch of the campaign we have also published a <a href="https://blog.cryptpad.org/tags/roadmap/">roadmap for CryptPad</a> of what we would like to achieve with the funding. It's also available on the <a href="https://opencollective.com/cryptpad/#about">OpenCollective web site</a>. Come check it out and see our ambitious objectives for this project. Aaron and Yann, our CryptPad developers, are already hard at work and the shared folders feature, one of the most demanded features, is already advancing very fast.</p>
<p>We want also to take the opportunity to thank Caleb James De Lisle, the creator of CryptPad, who has left XWiki SAS at the end of July to pursue his own projects (CJDNS and others). Caleb has done incredible work first creating CryptPad and also on XWiki SAS managing our research projects for the last few years. CryptPad's development is in good hands with Aaron and Yann who have been the main commiters of the project in the last year. In the last few month he has helped setup the Open Collective and the roadmap to help fund CryptPad in the future. I will now relay him on this aspect and we are a looking for a new team member to <a href="https://www.xwiki.com/en/jobs/research-and-development-lead">join our research funding initiative and lead CryptPad on the non-technical aspects</a>. I'm sure Caleb won't fully leave us and at least be a regular adviser to the project.</p>
<p><a href="https://cryptpad.fr/">Try CryptPad</a>, love it, <a href="https://opencollective.com/cryptpad/">take care of it</a>, and even better <a href="https://github.com/xwiki-labs/cryptpad">come help</a> !</p>
<p>Ludovic Dubost & the CryptPad Team</p>
Making CryptPad CSS 3 times faster, by loading it twice2018-07-20T12:00:59Zhttps://blog.cryptpad.org/2018/07/20/Making-CryptPad-CSS-3-times-faster-by-loading-it-twice/In CryptPad development, we have always tried to push the limits of the technology.<script src="https://cryptpad.fr/common/media-tag-nacl.min.js"></script>
<p>In CryptPad development, we have always tried to push the limits of the technology. As you might know, we don't minify any of our javascript code and we have no build system, yet CryptPad is still faster than many similar projects which do. In recent profiling, we determined that the biggest cause of slow loading was compilng of less stylesheets.</p>
<p>All of the styles for CryptPad are written in <a href="http://lesscss.org/">Less</a> CSS templating language and because we don't have a build system, when you load a page on CryptPad, it downloads the less compiler and runs it in your browser. When the less has been compiled the first time, it is cached in the browser's <a href="https://developer.mozilla.org/en-US/docs/Web/API/Window/localStorage">localStorage</a> so that it doesn't need to be compiled again (until next release). Unfortunately, the way we structured CryptPad Less code led to this taking a long time.</p>
<p>CSS by its nature is very much like object inheritence, a design pattern popular in the 1990s which has <a href="https://link.springer.com/chapter/10.1007/1-85233-856-3_23">since</a> <a href="https://codeburst.io/inheritance-is-evil-stop-using-it-6c4f1caf5117">been</a> <a href="http://neethack.com/2017/04/Why-inheritance-is-bad/">discredited</a>. In a bid to keep our styles under control, we decided to make heavy use of Less <a href="http://lesscss.org/features/#mixins-feature">mixins</a>. The idea was that we didn't want our CSS code to "speak until it was spoken to".</p>
<p>Something like the following would be very problematic if it were dumped on the global scope, but it is never output until it is called:</p>
<pre><code>.example_header() {
a {
color: red;
}
}
</code></pre>
<p>So then the code which uses it can invoke it only in the exact place where it ought to be used.</p>
<pre><code>@include "example.less";
.cp-app-pad {
.cp-padheader {
.cp-padheader-left {
.example_header();
}
}
}
</code></pre>
<p>If you're a CSS purist, you're probably pulling your hair out now, because <em>the right way</em> is to use html classes. The thing is, we do, but because CryptPad is made up of many different pieces of open source software, we cannot control all of the HTML and sometimes things <a href="https://github.com/xwiki-labs/cryptpad/blob/2.4.0/customize.dist/src/less2/include/ckeditor-fix.less">aren't so simple</a>. Using mixins gave us an extra layer of safety and allowed us to write CSS feeling quite confident that it would not end up changing things where it wasn't supposed to.</p>
<img src="https://blog.cryptpad.org/images/Strip-CSS-respect-650-finalenglish1.jpg" />
<center data-yeah-i-know-a-center-tag="so sue me">*Cascading works great, until you include one CSS file that was written by this guy.*</center>
<h2>Parameterized mixins</h2>
<p>An excellent feature of Less is parameterized mixins, that is, templates with arguments. One of our biggest templates is called <code>.toolbar_main()</code> and this builds the toolbar at the top of CryptPad as well as the user-list on the lefthand side. In order to make the customizable colors with the same HTML structure, we opted to use a parameterized mixin like this:</p>
<pre><code>.toolbar_main (
@color: @colortheme_default-color, // Color of the text for the toolbar
@bg-color: @colortheme_default-bg, // color of the toolbar background
@warn-color: @colortheme_default-warn, // color of the warning text in the toolbar
@barWidth: 600px // width of the toolbar
) {
/// a lot of code here, using colors based on the parameters,
/// but lightened or darkened using less functions.
};
</code></pre>
<p>Then each app would call <code>.toolbar_main()</code> with its own color parameters, and get a nice toolbar, customized to that app's color theme. Again, this is not the only way to do it, but having the ability to generate CSS with highly specific color rules proved to be extremely useful for overriding leaked styles coming from the software that we integrate.</p>
<h2>State explosion</h2>
<p>What we didn't think about at that time was the effect that the proliferation of CryptPad Apps would have on the amount of CSS being generated. We started with just a few styles and just a few apps to apply those styles on.</p>
<p><media-tag src="https://files.cryptpad.fr/blob/ba/baf60fc13e35117c60337bbd93ee1dd43ede9280fe5aa583" data-crypto-key="cryptpad:9nEx58X4nrmTYmi5i8K8bb6DvTRemmYubZbU1J1dDa0="></media-tag></p>
<p>But as we added more and more CryptPad apps, the same CSS was being generated and applied over and over...</p>
<p><media-tag src="https://files.cryptpad.fr/blob/1b/1b5e6189a55efb7ea30ff1cc128597ce76b158fd659d6f45" data-crypto-key="cryptpad:tvxTuU3P5nqqQ75TMRsjehvOjljlkSGzpZTgrfhgGSg="></media-tag></p>
<p>Then as our styles become more complex, the CSS which was being copy/pasted by less compiler became bigger and bigger</p>
<p><media-tag src="https://files.cryptpad.fr/blob/83/8398106a4ee0109630793846cabfdecaa8ee80313cca7e37" data-crypto-key="cryptpad:qy+1nKYU8sQiQR88IgqyxAfspxZiEN8Q3NkBI2qpPOA="></media-tag></p>
<p>The total of all our less code in the entire project was only 235k, and it was compiling to over <strong>1.3 megabytes of CSS</strong>. We cache the compiled CSS by placing it in <a href="https://developer.mozilla.org/en/docs/Web/API/Window/localStorage">localStorage</a>, but still, every time a new version of CryptPad was released, the CSS needed to be recompiled and this was dominating the loading time.</p>
<h2>Building a Linker for CSS</h2>
<p>If you have experience with C/C++, you might recognize this problem. It is as if there was no linker and the only way to reuse code was to use preprocessor <code>#include</code> over and over again.</p>
<p>Since by this point, we had a significant amount of Less which was designed this way, rewriting it was not an option, so we started looking for ways to <em>link</em> it rather than copy/pasting it over and over again. Fortunately most of the bigger mixins only applied rules to specific classes, so moving them up to the root level would not cause trouble, though to be safe, we wanted to only load the styles that were necessary.</p>
<p>If we would indicate to the javascript code which loaded the Less that a particular Less file was needed, it could be compiled, cached and included <em>separately</em>, and thus it could be reused across apps. In order to keep the Less API as close to the same as possible, we decided to put that indication inside of the <code>.<filename>_main()</code> mixin.</p>
<p>So <code>.dropdown_main()</code> went from this:</p>
<pre><code>.dropdown_main () {
// all the code here
}
</code></pre>
<p>To this:</p>
<pre><code>.dropdown_main () {
--LessLoader_require: LessLoader_currentFile();
};
& {
// all the code here
}
</code></pre>
<p>Two important things to note: firstly <code>LessLoader_currentFile()</code> is a function which we created (as the name implies, it's defined in <code>LessLoader.js</code>), it simply expands to the current function name. Secondly, when a less file is included with the <code>reference</code> flag (e.g. <code>@include (reference) "./dropdown.less";</code>) the content is not output but the mixins are made available, so moving the code down to the bottom of <code>dropdown.less</code> would cause it not to end up in the compilation of <code>app-pad.less</code>.</p>
<p>The resulting CSS from this contains something like this:</p>
<pre><code>--LessLoader_require: "/customize/src/less/include/dropdown.less";
</code></pre>
<p>LessLoader would then simply scan for <code>--LessLoader_require:</code> and trigger loading of those files, which are still parsed by Less, but are the same for every CryptPad app.</p>
<h3>Parameters with CSS variables</h3>
<p>In this example, I intentionally left out the parameterized mixins. Solving this was slightly more complicated and in order to do it, we made use of a reasonably new feature in web browsers: <a href="https://developer.mozilla.org/en-US/docs/Web/CSS/Using_CSS_variables">CSS variables</a>.</p>
<p>Today, one can write in CSS the following:</p>
<pre><code>:root {
--color-should-be: brown;
}
// potentially much later...
.element {
color: var(--color-should-be);
}
</code></pre>
<p>and the element text will be brown. Discovering this was a breakthrough because it meant that the arguments could be turned into variables in <code>app-pad.less</code> and then made use of in <code>toolbar.less</code>. However, there are limitations to what you can do with CSS variables. For example, this doesn't work:</p>
<pre><code>:root {
--hack-boolean: 1;
}
// later on...
@media screen and (max-width: calc(var(--hack-boolean) * 100000000)) {
// HAHAHA I MADE AN IF STATEMENT
:root { --lets-define-another-variable: "lol"; }
}
</code></pre>
<center>*If this worked, I'd probably be using it*</center>
<br />
<h4>Scoped CSS variables</h4>
<p>What does work, however, is specifying different values of the same variable at different scopes, so this does work:</p>
<pre><code>.my-button { --button-color: red; }
.my-popup-window .my-button { --button-color: blue; }
// later on...
.my-button {
background-color: var(--button-color);
}
</code></pre>
<p>But possible uses/abuses of this feature were not investigated.</p>
<h4>Making it work</h4>
<p>Following the general principle of <a href="https://www.joelonsoftware.com/2005/05/11/making-wrong-code-look-wrong/">keeping the variable definition close to the usage</a>, we put the variable definitions inside of the <code>.<filename>_main()</code> mixin and the usages below in the same file. In order to avoid namespace collisons, we prefixed all variables with the name of the file. A simplified version of avatar.less looks like this:</p>
<pre><code>.avatar_main(@width) {
--LessLoader_require: LessLoader_currentFile();
--avatar-width: @width;
}
& {
&.cp-avatar {
...
.cp-avatar-default, media-tag {
width: var(--avatar-width);
</code></pre>
<p>In some cases, we needed to introduce additional variables because of the use of Less functions such as <a href="http://lesscss.org/functions/#color-operations">lighten() and darken()</a>, which obviously cannot work on CSS variables. So we used the following pattern in many places:</p>
<pre><code>.help_main (@color, @bg-color) {
--LessLoader_require: LessLoader_currentFile();
@help-bg-color-l15: lighten(@bg-color, 15%);
@help-text-color: contrast(@help-bg-color-l15, #fff, #000); //@color;
@help-link-color: contrast(@help-bg-color-l15, lighten(spin(@bg-color, 180), 10%), darken(spin(@bg-color, 180), 10%));
--help-bg-color-l15: @help-bg-color-l15;
--help-text-color: @help-text-color;
--help-link-color: @help-link-color;
};
</code></pre>
<h3>Results</h3>
<p>After carefully planning and studying solutions, we managed a fairly non-invasive refactoring of the styles which took Less compile time down from almost 3 seconds to around 900ms. For simplistic pages like the front page, the number dropped to around 200ms.</p>
<p>The key result is that a person who has never seen CryptPad before will see the main page right away instead of waiting 3 or more seconds to compile all the less for the entire project.</p>
<h2>But wait, what about Internet Explorer ?</h2>
<p>This question is the bane of many web developers' existance. In this case, the problem is that <a href="https://developer.microsoft.com/en-us/microsoft-edge/platform/status/csscustompropertiesakacssvariables/">Internet Explorer has no CSS variables</a>. Last week we changed CryptPad so that when you use it, your browser will let us know if it doesn't support CSS variables. This is done using the <a href="https://blog.cryptpad.fr/2017/07/07/cryptpad-analytics-what-we-cant-know-what-we-must-know-what-we-want-to-know/#What-we-collect-because-we-want-to-know">feedback mechanism</a> which is an opt-out collection of information such as how often particular features are used and whether certain things are supported by the browsers of people using CryptPad.</p>
<p>What we found is that in the past week, we saw about 50 unique users who are running browsers which don't support CSS variables. With our approximately 4500 unique users per week, this is a little over 1%.</p>
<h3>Making an acceptable fallback</h3>
<p>The One Percent jokes asside, it's hard to justify making CryptPad 300% slower for everyone who tries it for the first time, just to satisfy about 1% of the userbase. But at the same time, it's sad to drop support for a browser which at the current moment does work with CryptPad.</p>
<p>The solution we devised was to specify default values and then override them.</p>
<p>For example:</p>
<pre><code> .cp-markdown-toolbar {
...
button {
// IE sees this (variable compiled by less)
color: @toolbar-color;
// everyone else sees this
color: var(--toolbar-color);
</code></pre>
<p>The only question remaining was how to specify the defaults in a way that was simple for us when we worked on the less files. Most of our <code>.<filemane>_main()</code> parameterized mixins already had default values in case they were called without parameters, so we already knew what sane defaults would be. What we decided to do was create a new mixin called <code>.<filename>_vars()</code>, which would assign a set of Less variables based on the arguments.</p>
<p>The final result looked like this:</p>
<pre><code>.help_vars (
@color: @colortheme_default-color,
@bg-color: @colortheme_default-bg
) {
@help-bg-color-l15: lighten(@bg-color, 15%);
@help-text-color: contrast(@help-bg-color-l15, #fff, #000); //@color;
@help-link-color: contrast(@help-bg-color-l15, lighten(spin(@bg-color, 180), 10%), darken(spin(@bg-color, 180), 10%));
}
.help_main (@color, @bg-color) {
--LessLoader_require: LessLoader_currentFile();
.help_vars(@color, @bg-color);
--help-bg-color-l15: @help-bg-color-l15;
--help-text-color: @help-text-color;
--help-link-color: @help-link-color;
};
& {
.help_vars();
.cp-help-container {
position: relative;
background-color: @help-bg-color-l15;
background-color: var(--help-bg-color-l15);
</code></pre>
<p>Going through it step-by-step, the <code>.help_vars()</code> mixin takes parameters but it defines default values, then it creates some Less variables which are accessed after it is used. <code>.help_main()</code> calls <code>.help_vars()</code> and passes it arguments, then takes it's results and assigns them to CSS variables. Then the main block of the Less file also calls <code>.help_vars()</code> but without any arguments, so the defaults are used. Then in the main block, each usage of a CSS variable also has the usage of the less variable. The less variable provides the default value, the one which IE will see, and then the CSS variable provides the specified value, the one which will be different per CryptPad application.</p>
<h2>There you have it</h2>
<p>Every Less file now gets loaded twice, first it is loaded by the <code>@include (reference)</code> call, where it is parsed in order to expose the <code>.<filename>_main()</code> mixin, then it is loaded a second time as an independent file. Importantly, however, once it is compiled it is stored into localStorage and the toolbar CSS which is compiled when you go to the Rich Text app is the exact same CSS which will be used when you go to the Code/Markdown app. This feature is available in the <code>staging</code> branch of the CryptPad project and will be on <a href="http://cryptpad.fr/">CryptPad.fr</a> in the next release.</p>
<p>We could make it even faster, by separating the main content of the Less files from the <code>.<filename>_vars()</code> and <code>.<filename>_main()</code> mixins, essentially making header files, in C/C++ parlance. And if we find in future profiling that less compiling remains a signficant performance penalty, there's a good chance that we will.</p>
CryptPad Roadmap2018-07-13T12:41:04Zhttps://blog.cryptpad.org/2018/07/13/CryptPad-Roadmap/CryptPad was started as an experimental platform as part of the OpenPaaS::NG research project. Since then it has developed into a suite of editors for many different types of documents, all without ever leaking the content that you edit to the server or the server operators.<p>CryptPad was started as an experimental platform as part of the <a href="http://ng.open-paas.org/">OpenPaaS::NG research project</a>. Since then it has developed into a suite of editors for many different types of documents, all without ever leaking the content that you edit to the server or the server operators. Now, in order to keep the project moving, we need your help.</p>
<p>We have created a roadmap of the features which we would like to develop over the next year and <strong>we're hoping to raise 60,000€</strong> to finance it. Fortunately, <strong>XWiki SAS is willing to match your donations euro-for-euro</strong>. XWiki SAS is a company with open source at its heart and it was the company where CryptPad was first envisioned. XWiki SAS normally sells days of development time at about 1,000€ each, but since this project is dear to our hearts, we are also discounting the structure costs (things like the office and business taxes) for this project. <strong>We believe in CryptPad, but in order to succeed, we need you to believe in it too</strong>.</p>
<p>The following is a 48 week roadmap which will fund one developer to work on CryptPad. You can donate to this roadmap on <a href="https://opencollective.com/cryptpad">https://opencollective.com/cryptpad</a> or on <a href="https://accounts.cryptpad.fr/#/donate">https://accounts.cryptpad.fr/#/donate</a>, if you would like to make a donation by wire transfer or by cryptocurrency, please get in touch with us at <a href="mailto:sales@cryptpad.fr">sales@cryptpad.fr</a> and if you are involved in EU research projects and would like to work with us and this cutting edge Privacy Enhancing Technology, please contact <a href="mailto:research@xwiki.com">research@xwiki.com</a>.</p>
<h1>Goal 1 - Spreadsheets & Office Documents</h1>
<p>CryptPad is excellent for quick editing of meeting notes and plans, and it is able to store and view images and PDF files, but it does not allow editing of more complex types of files such as spreadsheets and word documents. Fortunately there is an open source web-based editor called OnlyOffice which allows editing these complex document types, but it is a highly complex piece of software and we will need time and effort to integrate it into CryptPad. Even after it is fully integrated, the conversion of xlsx files to OnlyOffice's internal format will still need to be carried out be specialized software either on the user's computer, or on a cloud service (not Zero-Knowledge!). However, we think that editing of spreadsheets and other documents in OnlyOffice is achievable without leaking any of the content back to the CryptPad server, so your spreadsheets will remain a secret.</p>
<ul>
<li>Spreadsheets, documents and presentations in CryptPad</li>
<li>Realtime collaborative editing of office documents</li>
<li>No import/export for now, this will come later</li>
<li>No embedding of images from CryptPad until later</li>
</ul>
<p>We expect office file editing will take <strong>30 days, a cost of €7,500</strong></p>
<h1>Goal 2 - Comments on Rich Text Pads</h1>
<p>Many people use a workflow which includes the use of comments in a document. This is already standard in Google Docs and we need to be able to support it in CryptPad, in order to add comments we will need to add some HTML into the document without causing any problems for CKEditor (our rich text editor) and without causing it to be treated as part of the pad and synced over the wire.</p>
<ul>
<li>In the rich text pad, you will be able to add a comment by selecting some text, right clicking it and clicking "add comment"</li>
<li>Comments will be shown in the right margin and associated with the text which highlighted them</li>
<li>Comments will be able to be replied to, or "resolved" (they will no longer be shown, but still be visible in history of the document)</li>
<li>If you delete the text with which a comment was associated, the comment will automatically be resolved</li>
</ul>
<p>We expect Comments on Rich Text Pads to take about <strong>10 days of development, a cost of €2,500</strong></p>
<h1>Goal 3 - Contacts and Messaging</h1>
<p>To be able to easily share documents and get the attention of a person, we would like to implement Contacts and Messaging in CryptPad, currently we have a rudimentry implementation which allows chatting with contacts, but the contact request feature needs to be stabilized with a better process for contact requests, better integration with pad-sharing menu and more clear notifications. We would also like to add a small chat window in each document so that everyone working on that document can chat about it. Finally, we would like to add the ability to at-reference someone when writing a comment on a pad, which will cause a message to be sent to them.</p>
<ul>
<li>The share menu will include a list of contacts with whom you can share the pad</li>
<li>You will be able to email somebody a link which will invite them to become a contact of yours</li>
<li>Messages (pads shared with you, comments referencing you) will be shown in the upper-right when you come to CryptPad</li>
<li>When writing a comment (Goal 2), you will be able to at-reference a contact (with auto-complete) and they will be notified</li>
<li>Replying to (and resolving) a comment will also cause the author of the comment and anyone who replied to be notified</li>
</ul>
<p>We expect Contacts and Messaging to take about <strong>20 days of development, a cost of €5,000</strong></p>
<h1>Goal 4 - Shared Drive</h1>
<p>When planning a significant project, often there is the need to have many pads for the different aspects of the project. Currently all of the collaborators on the project must share all of the pad links with each other and they must each organize them in their personal drives. Personal drive organization is a nice feature because it allows each person to organize their work the way that makes the most sense to them, but sometimes it is more advantageous to have a folder in everybody's drive which contains pads that are shared between all of them.</p>
<p>Shared folders are complicated to implement. Unlike your personal drive which is just one realtime object (essentially it's a pad), each shared folder must be a separate realtime object. Also, like a user account, a shared folder must be able to own pads, otherwise pads in that folder which are not in anyone's personal drive risk being deleted by the server as per our expiration policy.</p>
<ul>
<li>You will be able to create a shared drive, just like you create a pad</li>
<li>In your drive, you will be able to explore inside of the shared drive and organize it just like a folder</li>
<li>You will be able to share the link to the Shared Drive with other people, when they click the link, it will import the shared drive into their personal drive</li>
</ul>
<p>We expect Shared Drive to take about <strong>20 days of development, a cost of €5,000</strong></p>
<h1>Goal 5 - Federated Messaging</h1>
<p>There are about 150 CryptPad instances in existence, operated by people and organizations who want the privacy which CryptPad offers and also the additional security guarantee, decentralization and customization of their own instance. We want to support this usage while still allowing people on one instance to chat and message people on another instance. We want to support the ability to add contacts (Goal 3) with people registered on a different instance. You will then be able to at-reference them in a comment or share a pad with them using the share menu as you would with a person using the same instance as you.</p>
<ul>
<li>When you are on a pad or shared folder on somebody else's instance, you will be able to import it to your instance</li>
<li>Clicking a link to become a contact will work, even if you are registered on a different instance</li>
<li>Once you have made a contact, all features in Contacts and Messaging will function across instances</li>
</ul>
<p>We expect Federated Messaging to take about <strong>30 days of development, a cost of €7,500</strong></p>
<h1>Goal 6 - Better permissions</h1>
<p>Initially, all pads were "open" pads, meaning they were accessible to anyone and there was no owner. Open pads are deleted automatically when they have not been touched in 3 months, unless a registered user has a reference to them. Once we added the ability to have registered users, we needed to make sure that users would not have the pads in their drive disappear off the server, so we implemented what we call pinning. Pinning is a way of claiming that a pad is important to you and that it should not be deleted. However, this left a problem, still pads had no owner, meaning nobody had the right to delete them. Once a pad was created, there was no way to delete it which was a serious problem for pads contining confidential information.</p>
<p>In order to allow pads to be deleted, we implemented <em>owned pads</em>, and the splash screen registered users now see when they create a new pad. So now you can delete it from the server when you are done with it. However, two problems remain:</p>
<ol>
<li>The owner of a pad is the person who created it and there is no way to add owners or share ownership</li>
<li>There is no way to revoke access once it has been given</li>
</ol>
<p>In order to solve #1, we will add the ability to share ownership with other people. For solving #2 in a Zero-Knowledge compatible way, we will need to introduce the concept of redirects, links which re-direct to the actual ID and key of the pad. Revoking access will be a matter of changing the pad's ID and then updating all of the redirects which are <em>not</em> to be revoked. This will allow the creation of pads which can only be viewed by registered users who are invited. Even view-only links to a pad will be able to be revoked by the owners of that pad.</p>
<ul>
<li>Pads which are only accessible by people invited, or members of a group</li>
<li>Grant and revoke access</li>
<li>Create new links to a pad, and revoke them</li>
</ul>
<p>We expect better permissions will take about <strong>40 days of development, a cost of €10,000</strong></p>
<h1>Goal 7 - Color-by-author</h1>
<p>After something is typed into a pad, the person who typed cannot be determined, we would like to change this and allow the etherpad-like behavior of shading the text differently based on who typed it. This will require getting the author from each patch in the stream of changes to the pad and making it available to the pad structure. In CryptPad there is a special message type which is called a checkpoint, it replaces the entire pad so that when a new person arrives in the pad, they don't need to download more history than the previous 2 checkpoints. We will need to take special care to preserve the editor of each piece of the document when we create checkpoints, finally we will need to be able to shade the text based on it's author, without either messing up CKEditor or causing the shading to be sent over the wire as if it were part of the pad.</p>
<ul>
<li>When an option is selected, text in the rich text app will be shaded with a color based on the author of that text</li>
<li>The user list will show users who have joined and then left again, along with the color of their changes</li>
<li>Right-clicking on the text will show the name of the person who wrote it (including whether they are one of your contacts)</li>
</ul>
<p>We expect Color-by-author to take about <strong>20 days of development, a cost of €5,000</strong></p>
<h1>Goal 8 - Offline and Suggested Edits</h1>
<p>Like color-by-author, Offline and Suggested Edits is a reasonably complicated feature to implement. When working on a complex document, it is nice to be able to propose a change without actually changing the document, or make a change while disconnected from the internet and then have someone (maybe you) merge it later. However, this is complicated because when it comes time to merge that change, the document may have significantly changed, necessitating a smart merge.</p>
<p>Rich text pads in CryptPad are stored in a quazi-html representation so patching and merging is anything but simple. The operational transformation done normally on pads takes advantage of the fact that divergences are small and infrequent so merging usually works ok. This feature will require development of a smart merging algorithm for the rich text app as well as for any other app for which one would like to have suggested edits and offline.</p>
<ul>
<li>Suggestion mode, your change is shown shaded and can be accepted or rejected, it will be attached to a comment so you can explain it</li>
<li>When offline, you are automatically put into suggestion mode instead of read-only mode</li>
</ul>
<p>We expect Offline and Suggested Edits to take <strong>40 days of development, a cost of €10,000</strong></p>
<h1>Goal 9 - All the little things</h1>
<p>Even though it doesn't get a lot of press, a significant amount of time is spent just fixing bugs, handling pull requests and doing releases. We want to keep CryptPad a community project and so we want to make sure that when someone makes a pull-request to the project, that request can be properly handled. Also, because CryptPad makes such use of modern HTML5 features, new releases of Chrome and Firefox typically introduce new bugs in CryptPad. There is rarely enough time to handle all of the issues which crop up, but we need to allocate time to handle some of them. This roadmap allocates the time of one person for 48 weeks, which means 24 releases, we need at least 1 day per release just to perform the release and write the release notes and fix miscellanious issues which appear.</p>
<ul>
<li>Keep on fixing bugs in CryptPad</li>
<li>Handle pull requests and make releases</li>
</ul>
<p>We expect all the little things to take <strong>30 days of development, a cost of €7,500</strong></p>
CryptPad #ZeroKnowledge Free Software needs funding2018-07-06T14:37:18Zhttps://blog.cryptpad.org/2018/07/06/CryptPad-ZeroKnowledge-Free-Software-needs-funding/On October 31, 2014 the CryptPad project was first published, back then it was nothing more than a simple rich text pad and a horribly ugly front page.<p><a href="http://blog.ludovic.org/xwiki/bin/view/Blog/Aidez%20le%20projet%20libre%20CryptPad">Version française ? 🇫🇷</a></p>
<p>On October 31, 2014 the CryptPad project was first published, back then it was nothing more than a simple rich text pad and a horribly ugly front page. Since then the project has blossemed with financing from <a href="https://www.xwiki.com/en/">XWiki SAS</a> and the <a href="https://open-paas.org/">OpenPaaS::NG</a> research project.</p>
<p>Now we are turning a corner, the OpenPaaS::NG project will end in April of 2019 and in order to keep improving, CryptPad will need new sources of funding.</p>
<p>Until now, the vast majority of CryptPad code has been developed by XWiki SAS and with the future of research financing in question, we want to be completely clear about our intentions. We don't want to take financing that is incompatible with the open spirit of CryptPad so while we will look for research projects, subscriptions and donations, we want to maintain the community spirit of CryptPad.</p>
<ol>
<li><strong>We will continue to host</strong> <a href="https://cryptpad.fr/:">https://cryptpad.fr/:</a> We want to thank everyone who has subscribed to paid accounts, with your support (currently 1,5K/year) this server pays for itself and we consider this a valuable public service which should continue.</li>
<li><strong>XWiki SAS will continue to fund the team through the OpenPAAS project till the end of the project</strong>. Following this our intention is to try to keep at least 1 developer active on the project (50,000€ per year) using alternative funding or through new research projects. If we can't find a research project we'll evaluate our capacity to keep it alive based on the subscriptions and contributions we have received.</li>
<li><strong>We will begin making the CryptPad finances public</strong>: All of the money that comes in and goes out of the CryptPad project, including the money paid by subscriptions to <a href="https://cryptpad.fr/">https://cryptpad.fr/</a> will be published so that you can see how the project earns and spend money, and be convinced that it's worth supporting us. You will be able to follow the project's finances by going to <a href="https://opencollective.com/cryptpad">CryptPad on OpenCollective</a></li>
</ol>
<p>Currently, the funding from our subscriptions and donations is not enough to finance even one developer, nevermind the present team of two. We need your help to grow this revenue through April 2019 and show that this can take over funding even if we don't find a research project before then. All revenue received till April 2019 will be used to fund development after April 2019.</p>
<h2>What we would like to do</h2>
<p>So far, we have not been very transparent about our roadmap, we have a <a href="https://cryptpad.fr/code/#/1/view/R1kZC1mY9khSsrLCyJT+CA/t5Eey4SVS+TpaZWmhrCTvIP50IzX7GR4gnud9UclR6Y/present/">tech tree</a> which shows in simple terms what features we would like to have and what technologies need to be developed in order to get those features working.</p>
<p>In the medium term, we would like to see CryptPad evolve into a generic platform with installable apps, a cryptographically enforced access control system, and federation with PGP-compatible messaging.</p>
<ul>
<li><strong>Installable Apps</strong>: There are not a lot of differences between the rich text pad, the code pad, the slide deck and the kanban board. They are all layered on top of the same CryptPad base infrastructure, but still it is not possible to create a new one without changing a few things in the CryptPad core. We would like to change this so that a new app can be added without changing anything else.</li>
<li><strong>Cryptographically enforced Access Controls</strong>: Initially CryptPad had a very simple access control system, you share the link and that shares the pad. We added the ability to <em>publish</em> pads via read-only links and to assign a password to a pad, but we still don't have the ability to share a pad with a group of people, or importantly, revoke access once it has been given. Traditional access controls are simple because the server is trusted to give and revoke access, however with CryptPad the server doesn't have access to begin with so it must be done cryptographically. In the context of federation, cryptographic access controls are even more important since servers in the network can be run by anybody.</li>
<li><strong>Federation and Messaging</strong>: The weakness in CryptPad security has always been securely sharing the pad link. Today there are about 150 CryptPad instances installed around the world, and we would like to allow people on different instances to share pads and send eachother messages. Furthermore, since we already have client-side encryption, we could easily extend messaging to support PGP for sharing of pad links and messages.</li>
</ul>
<p>Fundamentally, our goal is as it always has been, to promote Zero Knowledge and an alternative to the Google Docs / Office365 hegemony on cloud office technology. However, this is not something we can do alone, we will need your help to move it forward.</p>
<h2>How you can help</h2>
<p>You can help CryptPad in a number of ways, if you're a programmer then you can contribute code, if you're a philanthropist and believe in these ideas then you can finance the roadmap or finance just particular features. What everyone can do is use CryptPad and spread the word and show people that it is possible to collaboratively edit documents without giving all the data to the server admins.</p>
<ul>
<li><strong>Contribute code</strong>: If you are a programmer and you are using CryptPad, help make it better, talk to us about what you would like to do with CryptPad and we will do our best to find a way that your code can be integrated.</li>
<li><strong>Take a subscription</strong>: Every subscription helps bring a little more money into the project and this will be re-invested to make the CryptPad project better. Every subscription we get makes us believe more in the project we do and the ability to make it financially sustainable. <a href="https://accounts.cryptpad.fr/">Subscribe</a>.</li>
<li><strong>Sponsor a feature</strong>: This is one of the best ways to make sure CryptPad will improve because you can both help the project and help guide the project roadmap at the same time.</li>
<li><strong>Get support</strong>: If you've installed your own CryptPad in a business setting, you can get support for your installation and also help foster development of the project.</li>
<li><strong>Just donate</strong>: If you don't know what to sponsor, if you don't need a subscription, or if you want to sponsor more than the value of a subscription, just donate ! Even if it is not a lot of money, this is important to us as it allows to prove that the project matters. <a href="https://opencollective.com/cryptpad">Donate on opencollective.com</a></li>
<li><strong>Get us in a funded research project</strong>: If you are a research organization or have experience with getting European research funding, particularly in a security oriented project, get us on board to participate in the project. This will allow us to fund the project.</li>
<li><strong>Spread the word</strong>: The more CryptPad is used and the more it's known, the more we can convince potential financers to fund the project, this is also proves that people are interested in it. <a href="https://twitter.com/intent/tweet?text=Check%20out%20the%20%40CryptPad%20project%2C%20it%27s%20an%20open%20source%20collaborative%20editor%20and%20drive%20and%20it%27s%20end-to-end%20encrypted%20so%20the%20server%20sees%20nothing.%20%23e2ee%20%23ZeroKnowledge">Tweet about CryptPad</a></li>
</ul>
<p>To see information about our budget and goals and to make a donation, check out <a href="https://opencollective.com/cryptpad">CryptPad on OpenCollective</a>.</p>
<h2>Come have a chat</h2>
<p>We're on <a href="https://twitter.com/cryptpad">Twitter</a> and <a href="http://social.weho.st/@cryptpad">Mastodon</a> and we have a CryptPad <a href="https://riot.im/app/#/room/#cryptpad:matrix.xwiki.com">chat room on Matrix</a>. Come talk with us and participate to help with the project.</p>
<p>If you are a Web or Research professional, are intereted in our objectives and have experience in research, come talk to us as <a href="https://www.xwiki.com/en/jobs/research-and-development-lead">we're interested in hiring a person</a> to help us win and execute research projects and guide CryptPad to make it functionally and economically successful.</p>
Faster loads with SharedWorker & ServiceWorker2018-06-22T21:21:58Zhttps://blog.cryptpad.org/2018/06/22/Faster-loads-with-SharedWorker-ServiceWorker/When CryptPad was first created, the only thing to load was the CryptPad code itself and the pad which you were editing. Recently edited pads were remembered in the browser's localStorage which was not portable between computers but allowed some recent history to be kept.<p>When CryptPad was first created, the only thing to load was the CryptPad code itself and the pad which you were editing. Recently edited pads were remembered in the browser's <a href="https://developer.mozilla.org/en-US/docs/Web/API/Window/localStorage">localStorage</a> which was not portable between computers but allowed some recent history to be kept.</p>
<p>However, we wanted to allow people to login and manage their pads on all of their devices so we created the CryptDrive. Anyone who has used CryptPad but never logged in is encouraged to <a href="https://cryptpad.fr/register">register and login</a> (it's free) and check out their drive. CryptDrive is basically just a realtime pad containing a JSON structure with links to all of your pads as well as their titles and other information. When you update the title of a pad, it changes the pad itself but it also changes your drive so that you can see the title of the pad in your drive. This is of course not perfect because if someone else changes the title of a pad, your drive will not be updated until you look at the pad again, but doing everything with the server completely blind to the content isn't easy, and this works reasonably well.</p>
<p>However, CryptDrive causes an additional delay when loading CryptPad because whenever you load a document, you are actually loading two realtime instances. Since the drive is loaded over and over for every pad you view, it was obvious to us that we could make it more efficient using communication inside the browser.</p>
<h2>First idea: Messages between tabs</h2>
<p>Tabs (or windows) in a browser which are on the same website are able to <a href="http://krasimirtsonev.com/blog/article/Using-Local-Storage-as-a-communication-channel">communicate using localStorage</a> and so it seemed like a good solution to just have one tab claim the role of managing the drive and then when another tab is opened, it would message the first. However, this seemingly easy solution becomes a nightmare when you consider what happens when that tab is closed. The drive that everyone is relying on goes away and all of the other tabs are without a drive so they need to <a href="https://martin.kleppmann.com/2016/02/08/how-to-do-distributed-locking.html">flip a coin</a> to decide which tab should become the keeper of the drive, then that tab needs to download the drive before it can service events, all the while any of the buttons which affect the drive (for instance deleting the pad) cannot possibly function. This idea was soon scrapped...</p>
<h2>Enter ServiceWorker</h2>
<p>Recently, the HTML5 working group created a new standard called <a href="https://developer.mozilla.org/en-US/docs/Web/API/ServiceWorker">ServiceWorker</a> which for someone making a webapp seems like a dream come true. ServiceWorkers:</p>
<ul>
<li>Are side-processes which are created one-per-website and live in the background.</li>
<li>Can intercept HTTP requests from your main javascript (excellent for caching!).</li>
<li>Is suspended when the last tab is closed, and re-launched when the user returns.</li>
<li>Are stored in suspended state even when the browser is turned off.</li>
<li>Supported by <a href="https://caniuse.com/#search=serviceworker">every modern browser</a>.</li>
</ul>
<p>When the website loads a worker, if the worker is already running it will not load and will instead defer to the existing worker. Communicating between workers and tabs which are on the website is possible via a <a href="https://developer.mozilla.org/en-US/docs/Web/API/Client/postMessage">postMessage()</a> API and then the ServiceWorker can postMessage() which will reach all tabs that are navigated to the website.</p>
<p>One limitation of this design is versioning. Because the ServiceWorker would stay alive potentially forever, we needed to identify a way to upgrade it if a new version of CryptPad is released. This is quite important for CryptPad as version mismatches can lead to catastrophic conflicts between different browsers working on the same document.</p>
<p>Though updating is non-trivial, we were able to solve it by sending version messages between different components of CryptPad and informing them whether they need to update (or even if they can <em>optionally</em> update). Since this seemed like a solvable problem, we tried creating an experimental implementatiton of ServiceWorkers in CryptPad, and then the fun started...</p>
<h3>ServiceWorkers in Firefox</h3>
<p>Since Firefox 48, Firefox has begun following Chrome's model and running <a href="https://developer.mozilla.org/en-US/Firefox/Multiprocess_Firefox">different processes</a> for rendering the different tabs in the browser. However, this isolation has a side-effect that when you attempt to launch a ServiceWorker, it <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1438945">may launch even though one already exists for the same website</a>, because the other one exists in a different tab which happens to be operating in a different process. However, the postMessage() requests from tabs go out to all of the ServiceWorkers so this bug can be worked around.</p>
<p>Unfortunately we encountered some more issues with Firefox which we found not worth debugging. Our CryptDrive is a Javascript object which is represented in the encrypted realtime document as JSON and there is an ES6 <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Proxy">Proxy</a> object in order to allow every change to the drive to be propagated to the underlying realtime object. In Firefox the proxy did not work when used in a ServiceWorker and at times our ServiceWorker simply stopped running.</p>
<h3>Reporting bugs in browsers</h3>
<p>One might think these are great opportunities to report issues with Firefox, and when we find an <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1434278">issue which we think will affect lots of people</a> especially if it is a regression, we don't hesitate to report it, but usually it is not clear how to reproduce the issue, whether there might be some error in our usage of the API which is being smoothed over by Chrome, or whether the component being reported on is a priority, in that case rather rain low quality bug reports down upon the poor browser developers, we spend our limited time trying to make CryptPad better. In the case of ServiceWorker in Firefox, our conclusion is that in effect the technology remains experimental and shouldn't be relied upon.</p>
<h2>SharedWorker to the rescue</h2>
<p>Fortunately there is another technology called <a href="https://developer.mozilla.org/en-US/docs/Web/API/SharedWorker">SharedWorker</a> which is essentially identical to a plain vanilla WebWorker but can communicate with all tabs which are navigated to the site. Unfortunately this technology is only supported in <a href="https://caniuse.com/#feat=sharedworkers">Chrome and Firefox</a>, but the support for this technology, we found, really works!</p>
<p>However, Firefox still has the <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1438945">issue</a> with of multiple SharedWorkers being created for multiple tabs, but since this issue is fixable we were able to go ahead with it anyway. For browsers which have no SharedWorker, they would fallback to plain old WebWorker. Though this seems like it would be a problem, it is in fact quite fine because actions done in the drive by another WebWorker are the same as actions done in the drive by another device, they need to be encrypted and sent to the server in order to persist anyway.</p>
<h2>Faster CryptPad</h2>
<p>Coming in the release on Tuesday June 26, 2018, we will have a new SharedWorker based CryptPad instance, that means when you use Chrome or Firefox, the first time you open CryptPad, it will load your drive, but then every tab you open after that will communicate with the SharedWorker managing the drive and therefore pads will load nearly twice as fast.</p>
Signing CryptPad2018-06-15T12:07:05Zhttps://blog.cryptpad.org/2018/06/15/Signing-CryptPad/CryptPad was designed with a view that privacy should be default and cryptography should be invisible. In order to do this, we made use of the web-app model so people could just go to cryptpad.fr and immediately begin using the app, no installation necessary. However, this model has a known flaw...<p>CryptPad was designed with a view that privacy should be default and cryptography should be invisible. In order to do this, we made use of the web-app model so people could just go to <a href="http://cryptpad.fr/">cryptpad.fr</a> and immediately begin using the app, no installation necessary. However, this model has a known flaw, the server can decide what client-side code it will send to any given user, allowing a compromized server to serve code with a back-door vulnerability.</p>
<p>Recently, I did an experiment to make CryptPad more secure against these types of attacks by signing the code. CryptPad is a unique webapp, even without considering the encryption aspect. There is no build system, the code we write is exactly the same as what your web browser runs. All of the CryptPad html, javascript and resources are static files which are served by a plain old web server. The data persistance is managed by an API server which the web browser communicates with using an HTML5 WebSocket. Finally, in order to add a layer of security against possible Cross Site Scripting attacks, CryptPad makes use of a <a href="https://blog.cryptpad.fr/2017/08/30/CryptPad-s-new-Secure-Cross-Domain-Iframe/">cross domain iframe</a>, protecting your encryption keys from the majority of the CryptPad code in the same way that your online bank is protected from that sketchy porn site open in another tab.</p>
<p>Since CryptPad has no build system, there are many small javascript files which must be loaded. To do this, CryptPad uses <a href="http://requirejs.org/">RequireJS</a>. While many small files are generally considered to be bad for website performance, RequireJS uses the HTML5 <a href="https://developer.mozilla.org/en-US/docs/Web/HTML/Element/script">async attribute</a> to tell the browser not to block loading of other things while waiting for the scripts to load. Secondly, RequireJS also allows version numbers to be added to the script URLs which allows us to cache almost everything in the browser. Finally, we use the <a href="https://en.wikipedia.org/wiki/HTTP/2">HTTP/2</a> protocol to serve resources because it allows multiple requests to be sent at the same time, while HTTP/2 is incompatible with WebSocket, this is ok because the web-app is served from a different server from the API server.</p>
<h2>Chain of Trust</h2>
<p>Just one corrupted script is enough to render the security of an entire web-app useless, so in CryptPad we needed the signing to cover all javascript files. Fortunately there is a new HTML5 technology called <a href="https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity">Subresource Integrity</a> which allows putting the hash of a script in a script tag attribute and makes the browser verify the script before executing it.</p>
<p>Insecure, some.website can serve you anything:</p>
<pre><code><script
src="https://some.website/path/to/script.js"
></script>
</code></pre>
<p>Secure, only one possible script can be sent by some.website or else the web browser will throw an error and refuse to run the script:</p>
<pre><code><script
src="https://some.website/path/to/script.js"
integrity="sha256-G1KwaJYUEDsA1SD/6Wt4z0laskKzIwgqgs5cYH0CW/o="
></script>
</code></pre>
<p>So rather than signing every script, I only needed to make a list of hashes of every script, and sign that. What I needed was a way to generate a <em>manifest</em>, and so I developed a small program which could hash all of the javascript files in CryptPad and generate a manifest file. The content of the manifest looks something like this:</p>
<pre><code>"files": {
"assert": {
"frame": {
"frame.js": "BrN2JNnK4QJCztw3PyRRPAsEwSq5lczTBrRkzdLAFow=",
"respond.js": "yO0KFMHiCdE1fXFWPVaFB+Mmh37OCl/UNPpXrYtWF7A="
},
"main.js": "ABf3uhmYVHWaHX6vhK8K2jAUY8XqRjjMJ2FqXVGLZE0=",
"translations": {
"main.js": "50Ami2eghyXcGKGYTaDK1vUeEuAEG7kcpvUoCKbUaUU="
</code></pre>
<p>It contains a JSON tree which mirrors the files that are part of the CryptPad codebase and the hashes of the files for the Subresource Integrity check. Once the <code>manifest.js</code> file was created, then I needed a javascript file which would load and verify it. Since the manifest is different every time a new release is made, the verification of the manifest needed to be via <em>signing</em>. The manifest hash was signed along with a version number and those were placed in a file called <code>version.txt</code> and <code>version.txt</code> is loaded using a file called <code>sboot.js</code>. The hash of <code>sboot.js</code> was included directly into the html files which are cached, so <code>sboot.js</code> can never be changed at all.</p>
<h2>Loading process</h2>
<h3>index.html</h3>
<p>First, the browser loads the html file, the html file contains a single script tag loading <code>sboot.js</code></p>
<pre><code><script
async
data-bootload="/customize/template.js"
src="/common/sboot.js?ver=8IaxCUqjpzoP7AEPEk%2B%2BVQ%2BBk83mRdXx4dK%2BXvSNPcI%3D"
integrity="sha256-8IaxCUqjpzoP7AEPEk++VQ+Bk83mRdXx4dK+XvSNPcI="
></script>
</code></pre>
<p>There is a custom attribute called <code>data-bootload</code> which indicates which javascript file should be loaded for that <code>html</code> file.</p>
<h3>sboot.js</h3>
<p>When <code>sboot.js</code> gets loaded, it downloads and then verifies <code>version.txt</code> which is a signed message containing the CryptPad version number and the hash of <code>manifest.js</code>. The content that is signed looks something like this:</p>
<pre><code>[85,"h+tOXVmYBWMmiVDylXvnRq28LWRVs6xy+goBwNEELZk="]
</code></pre>
<p>The version number (85) is not the CryptPad version but rather an auto-incrementing number which is stored in the browser localStorage and prevents the server from downgrading the version of CryptPad. After the signature/version check completes successfully, <code>sboot.js</code> loads <code>manifest.js</code> like the following:</p>
<pre><code><script
async
src="/customize/manifest.js?ver=h%2BtOXVmYBWMmiVDylXvnRq28LWRVs6xy%2BgoBwNEELZk%3D"
integrity="sha256-h+tOXVmYBWMmiVDylXvnRq28LWRVs6xy+goBwNEELZk="
></script>
</code></pre>
<p>You will notice that the hash is used also in the URL of <code>manifest.js</code>, this allows the server to signal that the files are immutable and can be cached by the browser forever which makes CryptPad load faster next time.</p>
<p>After <code>manifest.js</code> loads, <code>sboot.js</code> finds the hash of <code>require.js</code> in the manifest and then manually loads <code>require.js</code> in the same way. Once <code>require.js</code> is loaded, <code>sboot.js</code> configures require to use the hashes from the manifest for every file it loads, then it uses require to load <code>boot2.js</code>.</p>
<h3>boot2.js</h3>
<p>This file is not needed for security, but unlike <code>sboot.js</code>, it can easily be changed from release to release and it contains any code which should be run before the main CryptPad code. Things such as additional requirejs configuration and shims for missing browser APIs are placed here. After <code>boot2.js</code> is complete, it reads the <code>data-bootload</code> attribute from the html file and invokes require to load that.</p>
<h2>Further development</h2>
<p>While this system provides excellent security, it is still not perfect. If the root html file is compromized then it can alter the chain of trust, or scrap it completely. With a very long cache header, the browser will store the html file essentially forever, but if the user triggers a hard reload with the F5 key, then the cache will be flushed.</p>
<p>The root html file can be signed using pgp and then verified using the <a href="https://github.com/tasn/webext-signed-pages">signed pages</a> chrome extension. But signed pages is not able to prevent the loading of the website even if the signature is invalid and it only takes 1 second for the keys in localStorage to be leaked.</p>
<p>If the root html file was <em>generated</em> by the server each load, it could contain a secret key which is used to encrypt the keys in the localStorage, thus rendering them unusable if the html file is re-loaded, and meaning that the user must re-enter their password and would then be able to see that the signature on the html file is invalid, however unless signed pages can ignore the key inside of the html file when verifying the signature, it would have to be re-signed every time, pushing the pgp key onto the server, which we are worried about being compromized.</p>
<p>There are also a number of configuration files in the CryptPad project which are in fact javascript files and would thus be signed by the release manager, preventing anyone hosting CryptPad from changing them so it may be a long time before this project is merged into CryptPad mainline, however it is available and you can experiment with it by checking out the <a href="https://github.com/xwiki-labs/cryptpad/tree/code-integrity">code-integrity</a> branch of the CryptPad project.</p>
One year of biweekly releases2018-02-23T14:37:15Zhttps://blog.cryptpad.org/2018/02/23/One-year-of-biweekly-releases/Approximately one year ago, we published an article about our intention to follow a biweekly release schedule. Since then, we've thought of every second Tuesday as release day.<p>Approximately one year ago, we published an article about our intention to follow a <a href="https://blog.cryptpad.org/2017/02/24/Announcing-biweekly-releases/">biweekly release schedule</a>.
Since then, we've thought of every second Tuesday as <em>release day</em>.
Starting with <a href="https://github.com/xwiki-labs/cryptpad/releases/tag/1.0.0">the letter A</a> on February 21st, 2017 and ending with <a href="https://github.com/xwiki-labs/cryptpad/releases/tag/1.25.0">the letter Z</a> on January 30th, 2018, we went through the whole latin alphabet.</p>
<p>Throughout this self-imposed regimen, we managed to meet each deadline, though on occasion we had to stay at the office later than usual.
Any time a release was more difficult than expected, we considered what went wrong and added a counter-measure to our release checklist (in CryptPad, naturally).
Each release became easier than the one before, but even so, we found there were some drawbacks to this rigid schedule.</p>
<h2>Changing our pace</h2>
<p>Having a regular rhythm for our releases trained us to break up complex features into components that could be implemented within a two week period.
With that in mind, not all tasks fit neatly within two weeks, and those larger tasks have had a tendency to get pushed to the next release.
So, now that we've finished one full year of releases, we've started to look more closely at those larger features which we've inadvertently neglected.
The tendency to procrastinate on especially difficult features is just another challenge to approach, but it's been one which is somewhat more difficult to summarize within a <em>to do</em> list.</p>
<p>As of CryptPad v1.26.0, we're no longer following the strict biweekly schedule.
To be clear, this doesn't mean we're slowing down development.
We're still <em>working on CryptPad consistently</em>.
We still plan to <em>deliver features to users</em> as soon as they are stable.
We still plan to <em>deploy on Tuesdays</em>, since it's as early in the week as possible without falling on a Monday and deploying on a Friday is a <em>terrible idea</em>.</p>
<img src="https://blog.cryptpad.org/images/iamdevloper_deploy_on_friday.jpeg" alt="Should I release on a Friday?" style="width:50%;" />
<p>Some releases might happen in a single week.
Others might take stretch to three weeks or a full month, but we'll do our best not to take any longer than that.
We try to be as transparent as possible with our plans, and so users should expect each release to also specify the projected date for the following release.</p>
<h2>What's coming next...</h2>
<p>In the last year, we tried to find a balance between improving user security through the use of our <a href="https://blog.cryptpad.org/2017/08/30/CryptPad-s-new-Secure-Cross-Domain-Iframe/">sandboxing techniques</a>, and implementing the productivity features necessary for people to consider the security improvements an <em>added bonus</em> rather than an impractical ideology.
The core of our philosophy is that <em>security</em> and <em>ease of use</em> must be packaged together in order for tools like CryptPad to benefit users.</p>
<p>While CryptPad is considerably more than a <em>proof-of-concept</em>, we don't consider it anywhere close to being finished.
As heavy users of CryptPad ourselves, we are aware of its rough edges.
Our community has been very supportive with our continued development, though, so we're excited to be able to improve the following areas!</p>
<h3>Sharing</h3>
<p>We spend a lot of time passing links between each other when collaborating on a project.
In order to do so <em>privately</em>, the sender and the receiver must both use an encrypted messenger, or else the message could be intercepted by a malicious third-party.
The necessity of having to use a second tool makes it so that CryptPad must always be used as <em>part of the solution</em>, rather than solving a user's problem outright.</p>
<p>We'd like to approach this problem with two improvements:</p>
<ol>
<li>integrate our existing encrypted messenger better with the rest of CryptPad's functionality (as per <a href="https://github.com/xwiki-labs/cryptpad/issues/79">this issue</a>)</li>
<li>develop a method of sharing entire folder structures from a users drive, so that sharing can scale to support large-scale projects, a feature we call <em>Workgroups</em></li>
</ol>
<h3>Layered protection</h3>
<p>Even if the link for a pad is shared securely, there is the possibility that somebody discovers that link through other (possibly malicious) means.
We're interested in developing CryptPad's basic two-tier permission system (edit/view) to address such concerns.
This could be accomplished in very different ways:</p>
<ul>
<li>add the ability to protect a pad with a password, so that anyone who finds the link must also know a secret value in order to retrieve the pad's history from the server</li>
<li>add the ability to encrypt messages such that only a designated set of users can decrypt them using public-key cryptography</li>
</ul>
<p>So far CryptPad only features a very limited set of cryptographic techniques.
Going forward, we hope to find ways to implement a more granular permission system which does not rely on the server behaving correctly.
Some of these features are more in the realm of <em>applied-cryptography research</em> than <em>web application development</em>, so it's very likely they'll be implemented later, but we're excited about them nevertheless.</p>
<h3>Increased trustworthiness</h3>
<p>Even though CryptPad performs its encryption in your browser, there is always the possibility that a compromised server could send malicious code to the browser which would cause it to reveal its secrets.
We're interested in developing features which would mitigate these kinds of attacks against users, through a combination of modern browser features like <a href="https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity">sub-resource integrity</a>, and perhaps a registry of verified code signatures signed by us, the developers.</p>
<p>It's very difficult to make a web application secure against those responsible for delivering its source to your browser.
We're actively searching for any kind of technique for securing that makes CryptPad a more robust platform for storing your data privately, even against ourselves.</p>
<h3>Password usability</h3>
<p>CryptPad's login system looks quite conventional at first glance, since it has a field for a <em>user-name</em> and <em>password</em> like most other web applications.
Unlike those other applications, we never learn your user-name and password.
Instead, your browser uses those fields to generate a unique secret value which you use to encrypt your drive, and accomplish a range of other tasks.
The downside of this approach is that if a user forgets their username or password, we can't help them gain access to their documents.
If we could, we'd be able to access their documents ourselves.</p>
<p>Fortunately, we're not the only team building web applications that use cryptography, and so there has been some research into how to improve password-based workflows without revealing secrets data to the server's host (us).
We've already received emails from users who've inadvertently locked themselves out of their accounts with no way to recover their data, and that's a situation we'd like to help people avoid, so this is a feature we're looking forward to offering.</p>
<h3>More applications</h3>
<p>Lots of users have requested that we add a few more applications to CryptPad, and we've been listening!
We plan to add support for spreadsheets, and possibly other applications so that people don't have to fall back to using an unencrypted CryptPad alternative.</p>
<h3>Scalability</h3>
<p>One advantage CryptPad has over other conventional collaboration platforms is that a lot of the difficult computation is run in the users' browsers, rather than on our server.
This means that we can support a very large number of clients without a noticeable decrease in performance.
Even so, the number of people using <em><a href="http://cryptpad.fr/">CryptPad.fr</a></em> and the amount they use it has increased dramatically.</p>
<p>Though excessive popularity is a wonderful problem to have, we'd like to avoid a situation where users have difficulty accessing our service, so improved scalability is something we'd like to work on.</p>
<h2>Conclusion</h2>
<p>We haven't yet decided how long we intend for this release cycle to last, and we don't have a set list of the exact goals we'd like to accomplish.
We're taking a step back to decide where we'd like to go next.</p>
<p>We recognize that CryptPad's growth over the last year was driven largely by word of mouth between friends and colleagues who care about privacy.
By moving towards a more flexible schedule, we hope to make it easier to adapt to the frequent feedback we receive from people using CryptPad to help them accomplish a multitude of goals.</p>
<p>We're very interested in hearing what you think about this change.
Feel free to reach out to us through any of the methods listed on <a href="https://cryptpad.fr/contact.html">our contact page</a>.</p>
CryptPad's new Secure Cross-Domain Iframe2017-08-30T16:53:00Zhttps://blog.cryptpad.org/2017/08/30/CryptPad-s-new-Secure-Cross-Domain-Iframe/CryptPad version 1.14 (Codename Ouroboros) has been released and the most exciting new feature is one you cannot even see.<script src="https://cryptpad.fr/common/media-tag-nacl.min.js"></script>
<p>CryptPad version 1.14 (Codename <a href="https://en.wikipedia.org/wiki/Ouroboros">Ouroboros</a>) has been released and the most exciting new feature is one you cannot even see. As you may remember from the <a href="https://blog.cryptpad.org/2017/03/06/Security-growing-pains/">Security Growing Pains</a> post, <a href="https://en.wikipedia.org/wiki/Content_Security_Policy">Content Security Policy</a> is a significant part of CryptPad's security model, and it is unfortunately incompatible with <a href="https://ckeditor.com/">CKEditor</a>, the Open Source text editor used in CryptPad.</p>
<p>With this release, we have done a significant re-architecture of the CryptPad codebase. Starting with the /pad/ application, the CryptPad UI has begun a process of moving into an iframe which is hosted on a different domain: <em><a href="http://sandbox.cryptpad.info/">sandbox.cryptpad.info</a></em>. Moving the visual content to a different domain means that even in the event of a <a href="https://en.wikipedia.org/wiki/Cross-site_scripting">Cross-site scripting</a> security vulnerability, most of your private information such as the pads in your CryptDrive, will not be at risk.</p>
<p>In this version we updated only the /pad/ application to use the cross-domain iframe because it is the only app which requires <em>inline script</em>. This prevented us from using Content Security Policy to block the most significant vector for Cross Site Scripting attacks but now with the cross-domain iframe, such attacks are mitigated.</p>
<p><media-tag src="https://files.cryptpad.fr/blob/b5/b5cd676935a5b23c158f38a84b7f3dfd3dc96ab3aafddd62" data-crypto-key="cryptpad:FBD19VUsNtgIxwjMGSOZcswciQzDixfuBY7dVWVwRG0=" data-attr-width="50%"></media-tag></p>
<p>Going forward, we plan to implement a standardized CryptPad application API so that new applications can be developed, installed and used in CryptPad. Today, the CryptPad API which is exposed to apps such as /pad/ and /code/ is not standardized and there is no clear line between the apps themselves and the CryptPad internals. As we move toward the a standard app API, we will define a standard representation of a CryptPad application with such additional aspects as the app's color-scheme and icons.</p>
<p>Fundementally, this unexciting change to CryptPad begins a new phase in development, we plan to move from a set of integrated prepackaged applications to an ecosystem of applications for collaborating on different types of content with the same encryption under the hood.</p>
<h2>But Wait, There's more</h2>
<p>The pictures in this blog post are not hosted on the blog, they are in fact Zero Knowledge files uploaded on CryptPad. They
can be seen on this blog because it is using the <a href="https://github.com/UCF-project/media-tag">Media Tag</a> which was developed as part of the UCF Project with the support of <a href="http://www.systematic-paris-region.org/">Systematic</a>, <a href="https://www.bpifrance.fr/">BPIFrance</a> and the <a href="https://www.paris.fr/">City of Paris</a>.</p>
<p><media-tag src="https://files.cryptpad.fr/blob/3c/3c9b5b3fb00b7dc35e15851606132585e8b69b06a51556eb" data-crypto-key="cryptpad:VE4raHL5VFReAXxioTaFZwt6q2jpxX+bdFHAFeoivZQ=" data-attr-width="40%"></media-tag></p>
<p>Media Tag allows files on CryptPad to be included in any website (such as this blog). All you have to do to include a file from CryptPad is simply include the Media Tag loader and then add a Media Tag to your document, just like the following:</p>
<pre class="language-html"><code class="language-html"><span class="token comment"><!-- At the top of your HTML file --></span><br /><span class="token tag"><span class="token tag"><span class="token punctuation"><</span>script</span> <span class="token attr-name">src</span><span class="token attr-value"><span class="token punctuation attr-equals">=</span><span class="token punctuation">"</span>https://cryptpad.fr/common/media-tag-nacl.min.js<span class="token punctuation">"</span></span><span class="token punctuation">></span></span><span class="token script"></span><span class="token tag"><span class="token tag"><span class="token punctuation"></</span>script</span><span class="token punctuation">></span></span><br /><br /><span class="token comment"><!-- Where you'd like the image to be located --></span><br /><span class="token tag"><span class="token tag"><span class="token punctuation"><</span>media-tag</span> <span class="token attr-name">src</span><span class="token attr-value"><span class="token punctuation attr-equals">=</span><span class="token punctuation">"</span>https://files.cryptpad.fr/blob/3c/3c9b5b3fb00b7dc35e15851606132585e8b69b06a51556eb<span class="token punctuation">"</span></span> <span class="token attr-name">data-crypto-key</span><span class="token attr-value"><span class="token punctuation attr-equals">=</span><span class="token punctuation">"</span>cryptpad:VE4raHL5VFReAXxioTaFZwt6q2jpxX+bdFHAFeoivZQ=<span class="token punctuation">"</span></span><span class="token punctuation">></span></span><span class="token tag"><span class="token tag"><span class="token punctuation"></</span>media-tag</span><span class="token punctuation">></span></span></code></pre>
<p>With this you can embed files from your CryptDrive into any website you want.</p>
CryptPad's New Direction2017-08-18T12:14:39Zhttps://blog.cryptpad.org/2017/08/18/CryptPad-s-New-Direction/CryptPad was born on Halloween 2014, at that time it was a skunkworks project inside of XWiki SAS. The UI was hidious green and white and the only feature was the CKEditor based pad. We have come a long way.<blockquote>
<p>If you are hosting CryptPad, please make sure you are up to date. <a href="https://github.com/xwiki-labs/cryptpad/releases/tag/1.13.0">CryptPad 1.13.0 (Naiad)</a> fixed a major security issue.</p>
</blockquote>
<p>CryptPad was born on Halloween 2014, at that time it was a skunkworks project inside of XWiki SAS. The UI was hidious green and white and the only feature was the CKEditor based pad. We have come a long way.</p>
<p><img src="https://blog.cryptpad.org/images/cryptpad_old_mainpage.png" alt="Old CryptPad Main Page" /></p>
<p>As was mentioned in <a href="https://blog.cryptpad.org/2017/06/02/Building-mutually-beneficial-relationships/">Building Mututally Beneficial Relationships</a>, CryptPad cannot ever be great without people developing the software as their daily job. We have been able to develop this project with the generous support of <a href="http://www.bpifrance.fr/">BPI France</a> and the <a href="http://ng.open-paas.org/">OpenPaaS::NG</a> but that support only finances a small team and it will not continue indefinitely.</p>
<p>Starting with this release, we are adopting a new look and a reinforced dedication to making a quality product for people whose time is valuable. We're starting this by upgrading the logo and the informational pages.</p>
<p><img src="https://blog.cryptpad.org/images/cryptpad_new_mainpage.png" alt="New CryptPad Main Page" /></p>
<p>Our lovable fist logo was created one night by grabbing a screen shot of an ascii generator. It was a time when I was racing to get <em>something</em> working to prove that CryptPad was an idea worth pursuing. Now times have changed. CryptPad is finally something that I'm starting to feel proud of, and the logo represented the last reminents of a time when everything was a rush and quality was an afterthought.</p>
<p>We also have introduced a lot of new features such as:</p>
<ul>
<li>New front page which allows creating a pad in 1 click</li>
<li>Clickable links in pads when viewed in read-only mode</li>
<li>File-picker for embedding media in a pad in Markdown mode</li>
<li>You can now have your preference between tabs and spaces, when editing in the code editor</li>
</ul>
<p><img src="https://blog.cryptpad.org/images/cryptpad_pdf.png" alt="Registered users can uploading and view PDF Files" /></p>
<p>But more than features, we have focused on making CryptPad easier to use. It's now easier to paste text into the pad without breaking the formatting and we have additional tool-tips to help explain different features of CryptPad.</p>
<p>Going forward from today we plan to make CryptPad easier to use, more secure and more extensible. We are rewriting the pad logic in order to run in a cross-domain iframe which will make use of the browser's <a href="https://en.wikipedia.org/wiki/Same-origin_policy">Same Origin Policy</a> as a sandbox to block most of the code from accessing the decryption keys.</p>
<p>This will open the door to 3rd party applications developed for CryptPad which can be protected by the same cryptography as CryptPad and which have limited access to the CryptPad system.</p>
CryptPad Analytics & Privacy - What we can't know, what we must know, what we want to know2017-07-07T13:41:02Zhttps://blog.cryptpad.org/2017/07/07/cryptpad-analytics-what-we-cant-know-what-we-must-know-what-we-want-to-know/CryptPad is a Zero Knowledge cloud application, this means we have designed it such that we do not have any access to the content which is hosted on our server. However, there are other things which we do collect and it is important that privacy-minded users understand what we are collecting and why<p>CryptPad is a Zero Knowledge cloud application, this means we have designed it such
that we do not have any access to the content which is hosted on our server.
However, there are other things which we do collect and it is important that
privacy-minded users understand what we are collecting and why. There are four
types of information:</p>
<ul>
<li>What we can't know: This is data that CryptPad app encrypts so we will never have
access to it</li>
<li>What we must see but don't collect: This is information which we don't bother
to store but because of how the technology works, we necessarily have access to it.</li>
<li>What we must know: This is metadata which we cannot help but see because of the
way the technology works</li>
<li>What we want to know: This is information which we really want to know in order
to make CryptPad better every day</li>
</ul>
<p>We want to know everything about <em>people</em>, we want to know how <em>people</em> use CryptPad,
why <em>people</em> use CryptPad and how we can make their experience easier. However, we
don't want to know anything at all about <em>you</em>.</p>
<p>This poses a challenge because we want to collect as much aggregate information as we
can in order to make a great web service, but we don't want to collect data that can
be <em>linked</em> in order to tell a story about you.</p>
<h2>What we can't know</h2>
<p>There are a few things which the Zero Knowledge design of CryptPad does not allow
us to know at all. These include (obviously) your password and the content of your
pads, but less obviously, the titles of your pads, the names of the contributors and
your username (you can even have the same username as someone else on the system, we
won't know). The types of your pads are also unknown to us though we could make
educated guesses by looking at the encrypted data.</p>
<p><em>It is our promise to you that we will never collect this information.</em></p>
<h2>What we could know but don't bother to collect</h2>
<p>There are also some things which we don't really want to know but we cannot avoid
seeing it anyway. This includes most importantly the IP addresses of people who
edited a specific pad. Technically we know your
<a href="https://en.wikipedia.org/wiki/IP_address">IP address</a> because it's how you
communicate with our server, but most of the actual operations are done using
commands sent down a <a href="https://en.wikipedia.org/wiki/WebSocket">WebSocket</a>.
Once the WebSocket is established, we assign you a random ID and this is how
you are referenced, what appears in our server logs looks like this:</p>
<pre><code>198.167.222.70 - - [06/Jul/2017:20:47:45 +0200] "GET /pad/ HTTP/1.1"
304 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36
(KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36" "-"
</code></pre>
<p>Notice there is no pad ID in there, the pad ID is not in the URL so it doesn't go
in the server logs by default.</p>
<p>Compare this with EtherPad:</p>
<pre><code> IP Address Pad ID
198.167.222.70 - - [06/Jul/2017:11:54:37 -0700] "GET /p/UNWnpczTkq HTTP/1.1"
200 8920 "https://pad.meshwith.me/" "Mozilla/5.0 (Macintosh; Intel Mac OS X
10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109
Safari/537.36"
</code></pre>
<p><em>You cannot verify that we're not collecting this so best assume that we are.</em></p>
<h2>What we must know</h2>
<p>There are some things which we need to know in order for CryptPad to function
properly, we need to know which pads are in your drive in order to impose
storage limits on logged-in users and to expire pads which nobody cares about.
However, we don't know much about who you are. Since we don't know your username,
to us you are identified by a public signing key, something like this:</p>
<p><code>YIBzjPr3beuGgfHNglGfo3xq-dquxsj4Bst-ze7mL9A</code></p>
<p>We know that <code>YIBzjPr3beuGgfHNglGfo3xq-dquxsj4Bst-ze7mL9A</code> has 392 MB of data in
their CryptDrive including a pad of some type which has the ID
<code>fe382219b10c0396de63d2bab7942390</code> and an uploaded which we know as
<code>ff2fdf9bb99ecc89d29d780780de10efdac14ed15e93b235</code>. One of these pads that they
have is actually their drive itself, but we don't strictly know which one (again,
we can take guesses based on the size of the patches). You can find out what your
signing key is by looking at in your <a href="https://cryptpad.fr/settings">settings page</a>.</p>
<p>We also know when each pad was last accessed so that we can know to delete pads
which are not in anybody's CryptDrive and have not been opened in a long time.</p>
<h3>Why we can't avoid collecting IP addresses</h3>
<p>Being able to know how many <em>different</em> people are using CryptPad is very important
to us. One rather rude person decided to try to crash our server by creating 647,533
pads. They didn't put much thought into their attack because what they were doing
was not actually creating pads, but it illustrates the problem that if we don't
know how many <em>different</em> people are using the server, we don't have any idea
whether we are popular or under attack. Worse, we don't know what features have
widespread support vs. which ones are only popular with a few prolific users.</p>
<p>One obvious thought is to simply run the IP addresses through a hash function the
way we traditionally hash passwords. However this sadly cannot work because there
are only 4.2 billion IPv4 addresses and constructing a
<a href="https://en.wikipedia.org/wiki/Rainbow_table">rainbow table</a> to get back the
original IP addresses would take only about 1 day of computer time. So in the end
we simply log the IP addresses and don't worry about it.</p>
<h3>What a pad looks like to us</h3>
<p>A pad is stored as a file which represents a sequence of encrypted <em>patches</em>.
These patches change the content of the pad from nothing to whatever it becomes in
the end. A typical message looks something like this:</p>
<pre><code>[0,"69d46337f826c0ecd881be59c119a527","MSG","fe382219b10c0396de63d2bab7942390","51Q...."]
</code></pre>
<p>It starts with a zero and then your temporary random ID, then it contains the word
MSG and the ID of the pad which it is sent to, this format is exactly the same as
what is sent on the wire. Finally it contains the encrypted patch which tells us
essentially nothing except it gives us a rough idea of just how big the change was.</p>
<p>Occasionally the client will send a <em>checkpoint</em>, this is a special patch which
removes all of the content and then puts it all back again. To us, a checkpoint
looks the same as anything else, it is a big ball of encrypted data, except in this
case it is flagged as a checkpoint so the server knows it can send only part of
the history of the pad instead of all of it. However, they do give us a good idea
of how big the pad actually is at that time.</p>
<h2>What we collect because we want to know</h2>
<p>What we really want to understand is your <em>experience</em> with CryptPad and how we can
make that experience better. So therefore we collect quite a number of data-points
about where people click and what their browser supports. For example we collect
the dimensions of your browser. Not because we want to know who you are but because
we want to know that types of browsers we need to support.</p>
<pre><code>198.167.222.70 - - [06/Jul/2017:21:26:15 +0200]
"HEAD /common/feedback.html?DIMENSIONS:752x1440=1499369175085 HTTP/1.1" 200 0
"https://cryptpad.fr/settings/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5)
AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36" "-"
</code></pre>
<p>You can see an exhaustive list of things that we collect by checking out the
<a href="https://github.com/xwiki-labs/cryptpad/search?p=2&q=Cryptpad.feedback&type=&utf8=%E2%9C%93">feedback functionality</a> in the CryptPad source code but
as of the time of this writing, we are collecting feedback about the following
things (usually we just collect the fact that an event occurred, not more).</p>
<ul>
<li>Clicking "upgrade account"</li>
<li>Clicking "support cryptpad"</li>
<li>Presentation: clicking on "print slides"</li>
<li>Registering and logging in</li>
<li>Opening your recent pads as an anonymous user</li>
<li>Clicking any CKEditor button such as "bold" or "italic"</li>
<li>Displaying the drive as icons or as a list</li>
<li>Creating and using templates</li>
<li>Showing and hiding the userlist or CKEditor menu bar</li>
<li>Whether your browser is missing certain important features like
<a href="https://developer.mozilla.org/en/docs/Web/JavaScript/Reference/Global_Objects/Proxy">Proxy</a>,
<a href="https://developer.mozilla.org/en/docs/Web/JavaScript/Reference/Global_Objects/Array/isArray">isArray</a>
or <a href="https://developer.mozilla.org/en/docs/Web/API/Window/localStorage">localStorage</a></li>
<li>Which type of pad you are using</li>
<li>The dimensions of your browser window</li>
<li>When you have changed your display name</li>
<li>Whether you have migrated your CryptDrive from the legacy format</li>
</ul>
<p>If you are worried about what we might do with this data, you can disable
feedback collection in your <a href="https://cryptpad.fr/settings/">settings page</a>. But
keep in mind that if you disable it we cannot help but know, because your IP
address will be in the tiny minority of addresses which access the site but don't
send feedback messages.</p>
<h2>What we can learn from the data</h2>
<h3>1. People mostly use CryptPad to make a plain old pad</h3>
<p>But the code/markdown pad and the CryptDrive are catching up.
<img src="https://blog.cryptpad.org/images/Analytics-padtypes.png" alt="Unique IPs per pad type" /></p>
<h3>2. Activity has been on a very slow rise but with a few spikes</h3>
<p>This chart shows unique IPs per day hitting CryptPad. You can things are relatively
flat over time except for a big day in June and then some increased activity in July
after the UI improvements were rolled out.
<img src="https://blog.cryptpad.org/images/Analytics-uniques.png" alt="Unique IPs per day" /></p>
<h3>3. Browser window dimensions are all over the map</h3>
<p>This chart shows bubbles which are bigger depending on how many different IPs
report the same browser window dimensions. Tragically it seems that there is no
way to predict what aspect ratio a device using CryptPad is going to have.
<img src="https://blog.cryptpad.org/images/Analytics-browserdimensions.png" alt="Browser window dimensions" /></p>
<h3>4. Lots of pads are made and then abandoned</h3>
<p>The first chart shows in blue the number of pads created each day and the number
of pads which become "abandoned" (have not been touched in 2 weeks). This says
that perhaps pads are considered ephemeral and not to be used for the long term.
<img src="https://blog.cryptpad.org/images/Analytics-createdabandoned.png" alt="Created vs. abandoned pads" /></p>
<p>Here we can see the evolution of pads which have been accessed within the last
day the last week and the last month. There is slow but steady growth in the
pads active in the past month.
<img src="https://blog.cryptpad.org/images/Analytics-activepads.png" alt="Number of active pads" /></p>
<h3>5. People use CryptPad for a while, then leave</h3>
<p>We measured 15,000 IP addresses which came to CryptPad just to look at one pad and
then left, but of the 13,000 who stayed longer than that we analyzed the time when
they first arrived and the time when they made their last visit. About 630 IP
addressses have been continually using CryptPad for all 45 days.
<img src="https://blog.cryptpad.org/images/Analytics-peopleleave.png" alt="Number of IPs continuing to access CryptPad" />
We want to make CryptPad a useful tool for helping people get organized and make
their projects succeed. So whenever people decide that CryptPad is not the right
answer for them, we care about what went wrong and how we can make it better.</p>
<h2>How we analyze this data</h2>
<p>We do all of our analysis ourselves, and we don't share any of this data with Google
or other data companies. We're thankful to
<a href="https://www.elastic.co/products/kibana">Kibana/ElasticSearch</a> and
<a href="https://www.elastic.co/products/logstash">LogStash</a> for making it possible to do
in depth analysis on our own computers without resorting to a cloud service.</p>
CryptPad Jackalope - File Upload, PDF and Pictures2017-06-21T12:48:48Zhttps://blog.cryptpad.org/2017/06/21/CryptPad-Jackalope-file-upload-pdf-and-pictures/Yesterday we released CryptPad v1.9.0 Jackalope, we have some exciting new features which we've been working on for a long time.<p>Yesterday we released CryptPad v1.9.0 Jackalope, we have some exciting new features
which we've been working on for a long time. As part of the
<a href="https://github.com/UCF-project">UCF project</a> we have implemented a Zero Knowledge
<code>media-tag</code> in CryptPad for displaying and downloading encrypted files stored in
CryptPad. Starting now, you can upload files by clicking the upload button or
dragging them into your CryptDrive. You can also view pictures and PDF files in
CryptPad and you can drag-and-drop pictures <strong>directly</strong> into presentations. In the
next release we will hopefully be adding drag-and-drop pictures into the pad.</p>
<p><img src="https://blog.cryptpad.org/images/CryptPad_drive_with_upload.png" alt="CryptDrive Upload" /></p>
<h2>Filenames</h2>
<p>We also made a significant but less visible improvement to the CryptDrive. When you
make a new pad in CryptPad, it has a <em>title</em>, which anyone in the pad can change, and
it has a <em>filename</em> which it how the pad is shown in your CryptDrive. Because anyone
at any time can change the <em>title</em> of a pad, the only way to know the titles of all
the pads in your drive is to load each and every one of them which would take a long
time. But the <em>filename</em> is your unique way to refer to a pad, it lives only in
<em>your</em> CryptDrive and it is the same no matter what <em>title</em> someone gives to the pad.</p>
<p>Now the CryptDrive UI shows only one name for a pad, this name is just the <em>title</em>
of the pad at the last time you'd accessed it <strong>unless</strong> you assign it your own
<em>filename</em>.</p>
<h2>Slide Preview</h2>
<p>When you're using the CryptPad slide app to make a quick presentation, now you can
see your presentation in the righthand pane while you type. Since presentations are
written in Markdown, this means you get a live action preview of what your
presentation slides are going to look like.</p>
<p><img src="https://blog.cryptpad.org/images/CryptPad_slide_upload_and_preview.png" alt="Slide Preview and Drag & Drop" /></p>
<h2>Try it now</h2>
<p>Head over to <a href="https://cryptpad.fr/">cryptpad.fr</a> and give CryptPad a try !</p>
Building mutually beneficial relationships2017-06-02T13:52:47Zhttps://blog.cryptpad.org/2017/06/02/Building-mutually-beneficial-relationships/You ever wonder why Open Source software always seems to be slightly harder to use and slightly buggier and slightly less polished than proprietary competitors?<p><em>People hosting instances of CryptPad should read at least the
<a href="https://blog.cryptpad.org/2017/06/02/Building-mutually-beneficial-relationships/#Changes-in-CryptPad">Changes in CryptPad</a>
section</em></p>
<p><em>Thanks to Scott Alexander for some of the
<a href="http://slatestarcodex.com/2014/07/30/meditations-on-moloch/">ethical foundations</a>
of this post.</em></p>
<hr />
<p>You ever wonder why Open Source software always seems to be slightly harder to use and slightly buggier and slightly less <em>polished</em> than proprietary competitors?</p>
<p>How about this: Why is it that good people who want to make good things somehow
end up making evil things for evil corporations which sell them to other good
people who would (presumably) rather buy good things.</p>
<h2>It's all about incentives</h2>
<p>It's hard to talk about incentives without sounding like a miserly tool, but if
we're going to hack ourselves out of a situation that nobody really wants to be in,
we're going to need to understand them pretty well.</p>
<ul>
<li>Why is Open Source habitually <em>90% of the way there</em> ?</li>
<li>Why is Facebook more addictive than it is useful ?</li>
<li>Why is it that when you get something for free, even from a well funded
government program, it's reliably worse than something you buy?</li>
</ul>
<p>It's all about incentives.</p>
<h3>In a restaurant, you're the customer</h3>
<p>I love going to restaurants. I have no car and few possessions so restaurants are
the way I spend my income. Not only do I love food but I love the relationship
which I have with restaurateurs. When I walk into a restaurant, I want to be fed
delicious food and they want to be paid, not only that, they want me to be happy
so I will return many times and bring my friends. I want them to be happy so they
will give me bigger portions and maybe a little dessert on the house. Our
incentives are aligned perfectly. We are practically a team.</p>
<h3>In a soup kitchen, you're just a user</h3>
<p>It is hard to deny the importance of soup kitchens to the fabric of society.
Part of what makes us able to claim to be civilized is the fact that we don't let
people simply die if they're down on their luck. Soup kitchens, however, are not
restaurants. When you walk into a soup kitchen, you are generally greeted kindly
but there is a subtle distinction from a restaurant, at a restaurant you're the
customer and at a soup kitchen you're just a <em>user</em>. Many soup kitchens are
organized around religious groups and evangelizing their belief is a significant
part of their motivation, but even secular organizations are motivated by some
sort of a higher calling.</p>
<h3>Open Source is a soup kitchen</h3>
<p>I've been developing Open Source both professionally and personally for 7 years
and I'm going to tell you something that many Open Source developers won't admit.
Open Source software is not made for you. Sometimes Open Source developers are
motivated by the Free Software ideology and they imagine their code as
transforming the world, sometimes they just want to solve some problem for
themselves and they give away the resulting code. Open Source software is almost
never developed for the simple purpose of making another person's life a little
easier.</p>
<h2>If you aren't the customer you're the product</h2>
<p>This aphorism has become popular with the rise of ad-tech and social network
websites. The phrase invokes an image of free services coming like free grain
because you are, in fact, the pig on his way to slaughter. In some way this is
true, Silicon Valley business models are becoming disturbingly like human
farming.</p>
<p>However, the phrase also invokes an image of an evil entrepreneur plotting to
enslave humanity by creating a slick social network. If 1 in 1000 companies is
successful then logic implies there must be thousands of evil entrepreneurs
running around everywhere. If this is true then where are all of the failed
evil plotters? I've never met an entrepreneur who was anything less than an
aspiring saint.</p>
<p>I think the real reason why social networks become human farms is because people
don't want to pay for development of web services and stuck between a successful
human farm and a failing soup kitchen, entrepreneurs begrudgingly choose to farm.</p>
<h2>Breaking out</h2>
<p>If we're ever going to stop living in a world of farms and soup kitchens, we're
going to need to get serious about incentives. Part of my intention in starting
the CryptPad project is to build something that is not a farm nor a soup kitchen.
I want to have a mutually beneficial relationship with every one of CryptPad's
users, including you. I don't want to be a charity worker beholden to an NGO or
a post office clerk drawing a paycheck from the state. I want you to be my boss,
I want to obsess about making your life better, I want fair exchange of value
and aligned incentives.</p>
<h2>Changes in CryptPad</h2>
<p><a href="https://blog.cryptpad.org/2017/05/23/CryptPad-use-it-love-it-support-it/">As you may already know</a>,
<a href="http://cryptpad.fr/">cryptpad.fr</a> now limits your data storage and allows you to buy an account which
will raise that limit. The code for limits and accounts is also in the CryptPad
codebase and turned on by default. If you are installing CryptPad, you have
three choices.</p>
<ol>
<li>Leave it exactly as it is: People will be limited to 50MB of storage and they
will see a <em>Support CryptPad</em> button. In the development time this donated money
buys, we will pay special consideration to the needs of CryptPad admins like you.</li>
<li>Share the revenue: If you specify some configuration parameters and send us
an <a href="mailto:sales@cryptpad.fr">email</a>, the donation button will become an
<em>Upgrade Account</em> button, allowing them to take a plan with additional storage
quota. When people upgrade their account on your server, we will credit you 50%
of the revenue earned. This helps us pay the cost of development and helps you
pay the cost of hosting.</li>
<li>Disable the donate button: If you do this, we hope you will help CryptPad in
some other way such as by taking an on-premises support contract.</li>
</ol>
<p>If you run a public CryptPad instance, please don't increase the 50MB per user
storage limit. This limit is what makes people subscribe and what pays for
CryptPad development. Running a CryptPad instance which offers a "better deal"
is effectively using the project against itself.</p>
<p>Finally, new versions of CryptPad always check for new or expired accounts from
our account server. We have added a parameter called <em>adminEmail</em> which will be
sent along with the domain and version of CryptPad you're running. This way we
can notify you if we're aware of any a serious problems with your CryptPad
instance. We take your privacy seriously and will never sell your email or send
you marketing spam. If, however, you want to keep your CryptPad instance
completely hidden from us, you can set this parameter to <strong>false</strong> and it will
never query the account server.</p>
<h2>Coming next</h2>
<p>Our objective is to help you collaborate, stay organized and get things done
faster and easier. We want to provide maximum value to you and we want you to
provide value to us so that we can continue doing it. As was said in the
previous post, the big issues which we are planning to tackle soon are:</p>
<ul>
<li>File upload for PDF and image embedding</li>
<li>Text coloring based on the authors of the document</li>
<li>Workgroups for team collaboration</li>
<li>Zero Knowledge spreadsheets</li>
</ul>
<p>As always, we will be continuing to put great effort into understanding your
problems, how you go about solving them, and how we can make little changes to
make CryptPad fit your needs better.</p>
<p>Caleb</p>
CryptPad - use it, love ❤️ it, support it2017-05-23T18:40:35Zhttps://blog.cryptpad.org/2017/05/23/CryptPad-use-it-love-it-support-it/It's been another release day in our little team. Today we released CryptPad v1.7.0 (Hodag). The biggest new feature in this version is that when you create a /code/ pad, the default highlighting is in markdown syntax and there it is rendered in realtime while you type.<p>It's been another release day in our little team. Today we released
<a href="https://github.com/xwiki-labs/cryptpad/releases/tag/1.7.0">CryptPad v1.7.0 (Hodag)</a>. The biggest new feature in this version is that when you create a <em>/code/</em> pad, the default highlighting is in markdown syntax and there it is rendered in realtime while you type. Try it out by making a pad at <a href="https://cryptpad.fr/code">cryptpad.fr/code</a>.</p>
<p>In this release we also completed something much more important and central to the future of CryptPad. We finished our first version of the payment server which allows you to take a subscription and help support the work that we do.</p>
<p>Starting with this release we are now imposing a 50MB storage limit for our anonymous users and a 3 month expiration of pads which are not stored by a registered user.</p>
<p>Instant collaboration is the vision of CryptPad and we are committed to continuing to provide that and even providing 50MB of persistent storage for anyone who is willing to sign up.</p>
<p>For people who are ready to take the next step, we are now providing subscriptions which will improve how you organize your information while helping CryptPad to grow and improve.</p>
<h2>Plans</h2>
<ol>
<li>Personal (5GB storage, 5€/month ex. VAT)
<ul>
<li>This is best for an individual using lots of pads for collaboration and note taking. For the price of a sandwich you can stay organized on all of your devices while also keeping your privacy private.</li>
</ul>
</li>
<li>Standard (20GB storage, 10€/month ex. VAT)
<ul>
<li>For the price of lunch, you can have 20GB of storage, enough for not only pads but also for the soon to launch File Upload which will allow Zero Knowledge storage of files such as pictures and PDF documents. With the Standard plan you can add one more friend for free.</li>
</ul>
</li>
<li>Team (50GB storage, 15€/month ex. VAT)
<ul>
<li>If you're ready to extend your usage of CryptPad to an entire team, we are ready to help you succeed. With a Team plan you get 50GB of data storage in CryptPad, plenty for files and pads. You also get to add <strong>five</strong> people to your plan and you get professional support available in English and French.</li>
</ul>
</li>
</ol>
<p>Our goal is to make the best collaboration tool available while still being unable to sell or leak your content. Help us succeed, helping you stay organized and help show the world that Zero Knowledge Cloud is possible.</p>
<h2>For Admins</h2>
<p>If you're hosting your own instance of CryptPad, there are a few things you'll need to do when you upgrade to Hodag. The limits code is still somewhat of a mess and while we get it tied down, you'll need to do a bit of work to disable it.</p>
<p>First there is a serverside per-user storage limit defined in <code>config.js</code> You'll want to set this to a big number like so:</p>
<p>defaultStorageLimit: Number.MAX_SAFE_INTEGER</p>
<p>Then there is <code>customize/application_config.js</code>. If you're not familiar with <code>/customize/</code>, you can create this directory and then copy <code>application_config.js</code> over from the <code>/customize.dist/</code> directory so it will not be overwritten. The server will try looking in <code>/customize/</code> first.</p>
<p>Inside of <code>application_config.js</code> you'll need to update the <code>enablePinLimit</code> line like so:</p>
<p>enablePinLimit = false;</p>
<p>If you're using your own CryptPad installation in a business context, please consider contacting <a href="mailto:sales@cryptpad.fr">sales@cryptpad.fr</a> for an on-premises support contract. You'll get help with upgrades and early information about security issues.</p>
<h2>What's Next</h2>
<p>In the coming months, we're hoping to roll out text coloring based on the authors of the document as well as file upload for PDF and image embedding. Eventually we plan to add Zero Knowledge spreadsheets and workgroups for team collaboration.</p>
You gotta log in2017-05-17T12:22:52Zhttps://blog.cryptpad.org/2017/05/17/You-gotta-log-in/It's been two and a half years since the first commit to CryptPad, we no longer have the hideous white and green color-scheme and we're on our third URL format.<p>It's been two and a half years since the <a href="https://github.com/xwiki-labs/cryptpad/commit/1508c7ba71f5de5e51f061fbef45bc1f18493832">first commit to CryptPad</a>,
we no longer have the hideous white and green color-scheme and we're on our third URL format.
More importantly we now have a CryptDrive with folders instead of just remembering a few recent
pads in the browser's local storage.</p>
<p>The success of CryptPad as a tool for organizing and collaboration makes us glad to be working on
the technology, but our desire to avoid collecting metadata has lead to an unsustainable situation.</p>
<blockquote>
<p><em>We can't store data we don't understand for people we don't know</em></p>
</blockquote>
<p>There has been a proliferation of pads which are not accessed after a while and we don't know who
made them or even what type of pad they are. We know that a great many of them are "test pads",
if for no other reason, because we made a lot of them. Eventually we will be forced to delete old
data but we don't want to delete anything important.</p>
<p>Starting a few weeks ago we implemented a system called pinning. When you are logged in, your
browser tells CryptPad all of the things in your drive. We don't know what's in them but we know
they're important so we shouldn't delete them. Right now you can log in to CryptPad, go to your
<a href="https://cryptpad.fr/settings/">Settings Page</a> and click the <strong>Usage</strong> button to see how much data
you are pinning.</p>
<p>We recognize many users of CryptPad would like to use it anonymously and we will continue to support
anonymous pads, but soon they will begin to be removed from storage after 3 months of inactivity.
We've also simplified the anonymous CryptDrive because we want to send the message loud and clear
that <em>pads in the anonymous drive are not safe from deletion</em>.</p>
<p>So please register and log in, you'll get 50MB of pinning quota with the full features of CryptDrive
and you can be sure that none of your pads will ever be removed from the server.</p>
Funding CryptPad2017-04-20T12:15:09Zhttps://blog.cryptpad.org/2017/04/20/Funding-CryptPad/CryptPad started as a novel idea: provide a means for people to collaborate on the web, without their data being exposed to the server that connects them<p>CryptPad started as a novel idea:</p>
<blockquote>
<p>provide a means for people to collaborate on the web, without their data being exposed to the server that connects them</p>
</blockquote>
<p>Since its conception as one developer's hobby project, this idea has grown organically into a team of core developers, a community of contributors, and a growing number of people who collaborate with CryptPad every day.</p>
<h2>How we're able to do this work</h2>
<p>CryptPad is a part of the OpenPaaS-NG project, which is funded by <a href="http://www.bpifrance.fr/">BPIFrance</a>.
As mentioned in <a href="https://blog.cryptpad.fr/2017/04/01/Exciting-news/">our April 1st post</a>, this funding only applies to 50% of our expenses.
I joked that the other 50% was being covered by our new partners (the <em><strong>NSA</strong></em>), but in fact, the remainder is still covered entirely by <a href="http://xwiki.com/">XWiki SAS</a>.</p>
<p>We have a fair amount of autonomy when it comes to deciding what features we will develop.
With that in mind, however, there are some long term goals that come as a part of OpenPaaS, some that stem from XWiki, and some that come from feedback from our userbase.</p>
<p>We recognize that however people's goals may differ, ultimately everyone with an interest in the project would like to see it continue to receive attention.</p>
<p>By operating as part of an established company that has a history of building open source software, we're able to leverage experience and resources that would not be as readily available if we were to attempt to build the same thing in our free time.
Our ability to solicit research funding means that individuals who wish to see the project prosper are not solely responsible for its livelihood.</p>
<p>Since the <a href="https://open-paas.org/">OpenPaaS-NG project</a> is only funded until 2019, we've been searching for other means of funding.
Until 2019, any additional revenue would serve to ease the load on our employer.
We hope that by the time the project finishes, we will have solidified a stream of income which is stable enough to make CryptPad entirely self-sustaining.</p>
<h2>Our new funding strategies</h2>
<p>Many of the largest web companies operate by offering free services to anyone who wants to use them.
They offset the costs of these services by selling user data to whoever will buy it, or by selling ad space to anyone who wants to sell to their market.</p>
<p>We've chosen not to pursue either of these options.
Instead, we want to appeal to those who value the work we're doing, and provide options for supporting it, so that we can continue to improve CryptPad.
We're willing to bet on a trend that other privacy-conscious enterprises have demonstrated, that people are <em>willing to pay not to be a product themselves</em>.</p>
<p>To be perfectly clear, we will continue to develop our code in the open.
Anybody who wants to install CryptPad for themselves will still be able to do so.
Additionally, the features CryptPad now offers will continue to be available under the current terms.
Going forward, however, we will offer certain additional functionality as premium features.</p>
<h3>Paid hosting</h3>
<p><a href="https://cryptpad.fr/">CryptPad.fr</a> hosts an ever-increasing amount of data.
So far, this hasn't been a concern, but as more people take interest in the project this won't be something that we can sustain.</p>
<p>In many cases, people create a pad as a test of the software, and forget about it once they understand how things work.
In other situations, people use CryptPad to collaborate on reports, code, or presentations.
At some point, those projects are finished, and those documents are forgotten.</p>
<p>To address this problem, we've implemented <strong>pinning</strong>, which is a way of telling the server that you want a pad to continue to be available.
Anonymous pads, that is, <em>those which aren't pinned by a registered user</em>, are liable to be removed after 90 days of not having been read or modified.
We believe this time is sufficient to distinguish valuable information from that which is safe to remove.</p>
<ul>
<li>Pinning will only be available to registered users.</li>
<li>Pinning will take effect following our next release, on April 25th, 2017</li>
<li>Everything that is in your drive will be automatically pinned.
<ul>
<li>new files will be pinned once you add them to your drive</li>
<li>removing a file from your drive's trash will unpin it</li>
</ul>
</li>
<li>Unpinned files which have not been accessed for at least 90 days will be removed
<ul>
<li>effective July 24th, 2017 (90 days from April 25th)</li>
</ul>
</li>
<li>Registration is free, but we plan to offer users a limited amount of storage space for pinning.</li>
<li>For additional storage, you'll have the option of paying a modest fee for an increased quota.</li>
<li>We'll have more information about pricing soon.</li>
</ul>
<h3>Support contracts for private installations</h3>
<p>If you've decided to host CryptPad yourself, we fully understand.
Like you, we use free software, and know the benefits of taking responsibility for your own infrastructure.</p>
<p>If you're using CryptPad to host critical information, however, you might consider purchasing a support contract.
We're still figuring out the details of our support contracts, however, this approach has proven to be of valuable to XWiki's many customers in the past.
You can see an example of XWiki's pricing <a href="http://www.xwiki.com/en/products/pricing-onpremise">here</a>.</p>
<p>If you plan to use CryptPad for your business, consider that it might be more time and cost effective to have us install and configure everything than to learn to administrate it on your own.
Otherwise, if you find that you're comfortable setting everything up in a basic configuration, but you'd like help configuring your server to behave in a special way, we'll be there to help.</p>
<h3>Sponsored development of open source features</h3>
<p>If there's a particular feature you'd like to see implemented within CryptPad, we're able to dedicate development time to build it into the software in the best way possible.</p>
<p>Sponsored development allows us to build features to suit particular users' needs.
By integrating those features into the official, open source version of CryptPad, we ensure that they will be used by as many people as possible.
This helps us refine those features to be even more useful for you, and ensures that they will continue to be supported well into the future.</p>
<h2>What's next</h2>
<p>Since we announced our <a href="https://blog.cryptpad.fr/2017/02/24/Announcing-biweekly-releases/">bi-weekly release schedule</a>, we've tried to make sure that each release contains an exciting feature.
This time around, we've had to set some time aside to implement pinning, as well as code for reporting the size used by any one user's drive.
We realize this isn't especially interesting for most of you, but it will be necessary for some more advanced features which we hope to share with you soon.</p>
<p>By providing a quota system for our registered users, we will be able to offer encrypted file upload capabilities.
You'll be able to upload images, and embed them in presentations and pads, a process which has been somewhat difficult so far.
Our decision to limit users' upload capacity is intended less to make a profit, and more to limit abuse.</p>
<p>We recognize that disk space is getting cheaper all the time, and that cloud hosting services will be able to offer more competitive pricing.
Our aim isn't to compete with the giants in the cloud industry, but simply to finance our ongoing research into privacy-friendly collaboration.
There is still much to do, but working together, we can accomplish great things.</p>
What is Zero Knowledge2017-03-24T14:42:03Zhttps://blog.cryptpad.org/2017/03/24/What-is-Zero-Knowledge/We have gotten a lot of questions about the concept of Zero Knowledge, the vision and ethics as well as the exact meaning.<p>We have gotten a lot of questions about the concept of Zero Knowledge, the vision and ethics as well as the exact meaning.</p>
<ul>
<li>What is Zero Knowledge?</li>
<li>How can encryption in the browser be secure?</li>
<li>What about metadata?</li>
<li>Most importantly: How to know if a service is Zero Knowledge?</li>
</ul>
<p>I wanted to write a blog post to clarify what Zero Knowledge is all about. Zero Knowledge has two meanings, it can refer to a <em>Zero Knowledge Proof</em>, an obscure mathematical construct with few real-world uses but it can also refer to something with a very real-world meaning: web services which encrypt your content so that they themselves cannot read it. You may be wondering how this can be secure when a web administrator can quietly change their site to an unencrypted version at any time. This is a real problem, there is currently no way to verify the content (and code) of a website, but we need not despair. Even though we cannot prove that a website is <em>secure</em>, we can check that they are promising to make themselves blind to your content and they make that promise knowing if break it they might get caught.</p>
<h2>Security is probabilistic</h2>
<p>Consider the security software you use every day such as your web browser with HTTPS, your phone and your computer's operating system. Have you ever stopped to check that software for "backdoors" (intentionally inserted which break your security)? If you have then you are one of the tiny group of heroes who dedicate their time to making the world a bit more robust and I salute you for it. If you're like the rest of us, you just hope that the authors of that software were honest enough and protective enough of their reputations to avoid inserting a backdoor when it means potentially getting caught. Zero Knowledge is based on the same logic, just as software makers can surreptitiously add a backdoor to their software, Zero Knowledge websites can serve a backdoor to the user. However, just as software makers who insert backdoors in their software risk getting caught, Zero Knowledge web app providers who insert backdoors in their website also risk being caught.</p>
<h2>The metadata question</h2>
<p>Metadata is a serious issue. Former CIA director Michael Hayden said of the agency: "We kill people based on metadata". I don't want to belittle the importance of data which is not the actual content, but at the same time we must recognize that there is a huge uphill climb fix this issue. While the CryptPad project tries not to collect metadata when it can be avoided, we also recognize that other cloud providers may collect more or less metadata than us in order to provide their services. Fundamentally, we accept that a service qualifies as Zero Knowledge as long as the <em>content</em> is protected from the server operators. We are committed to studying ways to develop new, more secure solutions to the metadata issue but the spirit of Zero Knowledge is about more ethical solutions which are immediately actionable.</p>
<h2>How to know if a service is Zero Knowledge</h2>
<p>Zero Knowledge is about trust, nobody can read over and verify all of the code of all of the Zero Knowledge services available, but there are some heuristics which you can use when choosing a service.</p>
<h3>1. Is it primarily Open Source ?</h3>
<p>Services which are primarily Open Source are easier to evaluate both for accidental security mistakes and for potentially nefarious behavior. Furthermore, when a company commits their software to Open Source they make a statement that they are in the business of being an ethical provider for the long term and are not just riding the wave of a popular term.</p>
<h3>2. Were you warned about losing your password ?</h3>
<p>True Zero Knowledge services must protect your data from themselves using something you know and they don't, such as your password... In the event that you lose your password and you are using a true Zero Knowledge service, your content will be inaccessible to you and to the service - the locks that keep them out will keep you out as well. Check for this warning.</p>
<h3>3. Does it claim to be Zero Knowledge or End-to-end Encrypted ?</h3>
<p>This is perhaps the most important question, because when a service provider makes the public statement that they are Zero Knowledge, they show they are prepared to risk their reputation if they are discovered to be storing your content in a way they can access. Some Zero Knowledge providers prefer the term <em>End-to-end Encrypted</em> which has gained significant popularity with messaging apps. There is no functional difference between a Zero Knowledge application and one which advertizes End-to-end Encryption.</p>
<h2>Talk to us</h2>
<p>CryptPad is developed by a team of 3 people with generous financing from BPIFrance through the <a href="http://ng.open-paas.org/about-us.html">OpenPaaS::NG Research Project</a>. Our mission is to make Cloud Computing more ethical by promoting Zero Knowledge Cloud Services and show young entrepreneurs that it is possible to make a living while being ethical with peoples' data. Meet us in our IRC/Matrix channel on Freenode and at: <a href="https://riot.im/app/#/room/#cryptpad:matrix.org">https://riot.im/app/#/room/#cryptpad:matrix.org</a></p>
Security growing pains2017-03-06T11:04:58Zhttps://blog.cryptpad.org/2017/03/06/Security-growing-pains/Update: The issue mentioned in this blog post was assigned CVE-2017-1000051 by Distributed Weakness Filing, thanks Martin Gubri for applying for the number.<p><em>Update: The issue mentioned in this blog post was assigned <a href="https://github.com/distributedweaknessfiling/DWF-CVE-2017-1000000/blob/f2e15ac3468dd382d9ffa3d5acc032c106f3248c/CVE-2017-1000051.json">CVE-2017-1000051</a> by Distributed Weakness Filing, thanks Martin Gubri for applying for the number.</em></p>
<p>To sum things up:</p>
<ol>
<li><a href="https://github.com/Framartin">Martin Gubri</a> volunteered to help us with security testing and found multiple XSS vulnerabilities</li>
<li>We learned things and improved our security in multiple ways and we have plans to build even further improvements</li>
<li>Update all the things</li>
</ol>
<h2>Exactly what happened</h2>
<p>Late Tuesday night after work, I got an email from Martin Gubri telling me that he had found multiple XSS vulnerabilities in CryptPad.
This is not fun news for anybody, but as the browser stores encryption keys, it is especially bad news.
I want to reiterate what I said in <a href="https://blog.cryptpad.fr/2017/02/20/Time-to-Encrypt-the-Cloud/" title="Time to Encrypt the Cloud">our first blog post</a>, CryptPad is just a regular web app but with provable ethics, it is not designed to provide military grade security.</p>
<p>Though we could have waited until our next release to fix this issue, we decided that we could not feel good working on new features while knowing about an issue which could harm our users.
However, we wanted to fix the systemic issue which caused XSS to be possible in the first place, not just the symptoms which we became aware of.</p>
<p>CryptPad uses a modern web feature called <a href="https://en.wikipedia.org/wiki/Content_Security_Policy">Content Security Policy</a> to prevent attacks such as this one.
Content Security Policy allows a web server to mandate that javascript can only be loaded from domains which are explicitly authorized.
Unfortunately, CKEditor <a href="https://dev.ckeditor.com/ticket/8584">makes heavy usage of inline scripts</a> (scripts which are written directly into the HTML file), so we had made an exception for inline script which represents the most common type of XSS.
When Martin did a review of our application, he found multiple places where we had not been properly escaping HTML content and sadly all of these were attackable despite our Content Security Policy.</p>
<h2>How we reacted</h2>
<p>For me, a security bug does not come alone, it is always the result of multiple failures at different levels.
Zero Knowledge is about resilient software for resilient society and we allowed ourselves to rely entirely on proper escaping.</p>
<p>On Thursday, March 6th, 2017, we deployed and released a set of patches to our previous <a href="https://github.com/xwiki-labs/cryptpad/releases/tag/1.1.0">Bunyip release</a>, which we're calling <a href="https://github.com/xwiki-labs/cryptpad/releases/tag/1.1.1">1.1.1 <em>Bunyip's Revenge</em></a>.
This not only sanitizes XSS in places where we know about but it also implements a strong Content Security Policy everywhere except inside of the CKEditor iframe, which insists on injecting script tags.</p>
<p>It is important to upgrade as soon as possible because XSS attacks can potentially give an adversary access to all of your pads.
If you're using <a href="http://cryptpad.fr/">cryptpad.fr</a> on the website then there's nothing you need to do, everything is fixed.</p>
<h2>Moving forward</h2>
<p>We want to find and pioneer better ways of protecting your data on CryptPad.
We also hope to foster a whole movement of Zero Knowledge web services which feature layered security, protecting users from external threats as well as the mistakes that developers are sure to make.</p>
<p>Spurred on by the revelation of our own errors, we have reinvigorated a conversation about moving each of the <em>apps</em> such as CKEditor into a <a href="https://www.html5rocks.com/en/tutorials/security/sandboxed-iframes/">sandboxed iframe</a> where they would be unable to access any of the cryptographic keys or other pads.
This introduces some difficulty on our end, as we want to provide a resilient platform while making Zero Knowledge an approachable subject for web developers.</p>
<p>Finally I would like to also publically thank our friend <a href="https://github.com/kpcyrd"><em>kpcyrd</em></a> for finding another XSS issue back in early December of 2016, before we had official releases or a blog where we could give him credit for his work.</p>
Announcing biweekly releases2017-02-24T16:26:03Zhttps://blog.cryptpad.org/2017/02/24/Announcing-biweekly-releases/When I joined the research team at XWiki a little over a year ago, CryptPad was very much an experiment. We had ideas of what we wanted to accomplish, but we didn't know whether it would work at all...<p>When I joined the research team at <a href="http://www.xwiki.com/en/team/">XWiki</a> a little over a year ago, CryptPad was very much an experiment.
We had ideas of what we wanted to accomplish, but we didn't know whether it would work at all, let alone how we were going to get there.</p>
<p>We've come a long way since then.
Having proven that <em>zero knowledge, real time collaborative editing</em> in the browser was possible, we've been thinking about an even more difficult task:</p>
<blockquote>
<p>How do we make this something that <em>anybody</em> can use?</p>
</blockquote>
<h2>How we've gotten here</h2>
<p>We've built CryptPad from a number of small pieces.
In some cases, we were lucky enough to find existing software libraries which solved our problems.
We love when this happens because it keeps us from having to reinvent the wheel, leaving more time for unsolved problems.</p>
<p>When you try to build something that nobody has built before, however, you run into problems that nobody else cares about.
We've had to build a lot of our own components, and some of them have been incredibly complicated.</p>
<p>Some bugs only become obvious under very odd circumstances, when users with different browsers do very specific sequences or combinations of actions.
Our growing userbase has been critical in helping us to identify these kinds of issues, and things have been improving steadily.</p>
<h2>What we've learned</h2>
<p>Our longest delays have come from working on tough problems that managed to get tangled up with smaller bug fixes, which kept them from reaching our users.
At the end of 2016, however, most of these big, complicated issues were coming to a close.
Our team took some much-needed vacation time, and upon returning we started working to release and deploy a tagged version of our codebase.</p>
<p>Our newest features went live to <a href="https://cryptpad.fr/">CryptPad.fr</a> on Tuesday, the 14th of February.
Some of them are big enough that we'll probably dedicate entire blog posts to them, but the release notes are <a href="https://github.com/xwiki-labs/cryptpad/tree/1.0.0">on GitHub</a>.</p>
<h2>Our new release policy</h2>
<p>In the interest of getting feedback from our users more quickly, we've decided to adopt a two week release cycle.
We're going to focus on delivering features that directly improve your experience.</p>
<p>The live site will run code from our latest <em>master</em> branch, while the upcoming release will be on the <a href="https://github.com/xwiki-labs/cryptpad/tree/staging">staging</a> branch.</p>
<p>Each release will come with a set of notes detailing what we did, and known issues that didn't quite make it into that version.
We'll work on getting those issues fixed in the following cycle.</p>
<p>Whenever we deploy these big updates, we'll announce when we expect the next one to arrive.
Since we started on a Tuesday, we expect to deploy again on Tuesday, February the 28th, 2017.</p>
<h2>Codenamed releases</h2>
<p>Since it's difficult to remember versions of the software if they have names like <code>1.0.0</code>, we've decided to give each one a more memorable codename.
With there being 26 letters in the Latin alphabet, and 26 two week releases in the year, we started looking for alphabetical lists from which we could choose names.
We didn't look for very long until we thought of <em>Cryptids</em>...</p>
<blockquote>
<p><em>an animal whose existence or survival is disputed or unsubstantiated, such as the yeti</em></p>
</blockquote>
<p>We quickly settled on picking a name from this list every two weeks, starting with the letter A, and proceding through the alphabet.
For version <code>1.0.0</code>, we went with <a href="https://en.wikipedia.org/wiki/Agogwe">Agogwe</a>.</p>
<p>There won't necessarily be much significance to the name we choose, but we hope that nobody will worry if we choose a particularly frightening cryptid for a given release.
Some of the code is bound to be difficult and scary to write, but we want your experience to be <em>as easy as possible</em>.</p>
<p>As always, if you have any feedback you'd like to share, we want to hear it!
<a href="https://cryptpad.fr/contact.html">Contact us</a> and let us know how you use Cryptpad.</p>
<p>If you aren't using CryptPad yet, give it a try at <a href="https://cryptpad.fr/">CryptPad.fr</a>!</p>
Time to Encrypt the Cloud2017-02-20T17:54:02Zhttps://blog.cryptpad.org/2017/02/20/Time-to-Encrypt-the-Cloud/From typing a business letter to taking pictures with friends, the internet has changed every part of our lives. We don't just share information with people, we also want it synced across our computers, tablets, and phones.<p>From typing a business letter to taking pictures with friends, the internet has changed every part of our lives.
We don't just share information with people, we also want it synced across our computers, tablets, and phones.</p>
<p>Modern technology allows us to do this, but it does so by sending all our data to <em>the Cloud</em>.</p>
<p>A lot of what we think of as the Cloud is owned by multinational corporations like Google.
Though they may seem like innocent custodians of our data, behind the scenes they are often using it to target us with advertising.</p>
<h2>There is little that one person can do</h2>
<p>Terms of service are long, vague documents which usually don't address knowledge <em>derived</em> from your data.
More sinister: you can never really know if they're cheating.
Ad networks don't tell you how they know or even what they know.
They just show you ads, based on what they discovered about you... <em>somehow</em>.</p>
<h2>What's your personal information worth?</h2>
<ul>
<li>Normally $0.0005 - $0.0021 per person</li>
<li>Pregnant in your second trimester? $0.11 (<em>52 times as much</em>)</li>
<li>Have a specific health condition? $0.26 (<em>123 times as much</em>)</li>
</ul>
<p>This is only going to get worse.
Artificial Intelligence technology is maturing and Silicon Valley is using it to derive even more value from <em>us</em>, its most valuable products.</p>
<p>The result of this will be a veritable weapon of mass manipulation.
The tragedy is, manipulating people to get what you want is not that complex.
We don't need to wait for the AI singularity, all we need is a deep mind with the cleverness of a spoiled 5 year old.</p>
<blockquote>
<p><em>All data, over time, approaches deleted, or public.</em></p>
<p>--Quinn Norton</p>
</blockquote>
<p>While we must seek to use services with ethical foundations, we must also recognize that once we give up our data, we are at the mercy of economics.
Companies which don't <em>extract maximum value</em> from our data will eventually be acquired by those which do.</p>
<h2>Zero Knowledge</h2>
<p>Fortunately we don't have to go back to the typewriter age.
Using basic cryptography, the cloud can make information available across your devices without being able to read the data which it stores.</p>
<p>We do this by adding a hash character (#) to a link.
By design, browsers don't share anything after this character.
That means we can share encryption keys just by sharing links.
Furthermore, a username and password can be made into a secret key which allows a person's private data to be kept encrypted using their login credentials.</p>
<h2>How do we know you're secure?</h2>
<p>Zero Knowledge web apps are not intended to <em>make you secure</em>, they're intended to be <em>provably ethical</em>.
This cannot be overstated, for too long we have been forced to choose between "James Bond" security protocols which are too difficult to use, and slick web apps which monetize your data.</p>
<blockquote>
<p><em>Our promise to you is that our business model is not to spy on you, and it never will be</em>.</p>
</blockquote>
<p>We hope that the security community will join us in building user-friendly, Zero Knowledge services.
Privacy is a social problem as much as it is a mathematical one, and it is time we take that seriously.</p>
<h2>What we're going to do</h2>
<p>We are going to show the world that web apps can be elegant and usable while still respecting privacy in a verifiable way.
We cannot easily prove that we've never collected any data but we can prove we're not doing it systematically.</p>
<p>To start off this conversation, we have developed <a href="https://cryptpad.fr/">CryptPad</a>, the first ever Zero Knowledge Realtime Collaborative Editor.
We are aiming to make it the most user friendly, most productive collaboration tool available, and still Zero Knowledge.</p>
<p>Finally, we have chosen to make the CryptPad project <a href="https://github.com/xwiki-labs/cryptpad">Open Source</a>.
We did this not only because Open Source is in our culture, but also because we want Zero Knowledge web apps to become the universal standard.</p>
<h3>The plan in four steps</h3>
<ol>
<li>Develop the most user friendly collaboration tool available which is also Zero Knowledge.</li>
<li>Use this tool to explain the problem and show that an alternative is possible.</li>
<li>Open Source the work we do so that others can also build Zero Knowledge apps.</li>
<li>Foster a culture where privacy by default is a baseline expectation.</li>
</ol>
<h2>How you can help</h2>
<ul>
<li>Use CryptPad and other Zero Knowledge services evey day, tell us what you like and what we can do better.</li>
<li>Show your support: Buy an upgraded account (<em>coming soon</em>) from us, the people who are developing the code.</li>
<li>If you install the Open Source code of CryptPad on your own servers, consider buying a support contract.</li>
<li>Talk to your friends and colleagues about Zero Knowledge, show them CryptPad and explain that this is what the cloud can be.</li>
<li>If you're a web developer, think about Zero Knowledge for your next web app.</li>
</ul>
<h2>Other Zero Knowledge Services</h2>
<h3>Open Source</h3>
<ul>
<li>Sync backups to Google or Dropbox and force them to become Zero Knowledge
<ul>
<li><a href="https://cryptomator.org/">https://cryptomator.org/</a></li>
<li>Source Code: <a href="https://github.com/cryptomator/cryptomator">https://github.com/cryptomator/cryptomator</a></li>
</ul>
</li>
<li>Easy chrome extension for gmail users to send & receive end-to-end encrypted email
<ul>
<li><a href="https://cryptup.org/">https://cryptup.org/</a></li>
<li>Source Code: <a href="https://github.com/tomholub/cryptup-chrome">https://github.com/tomholub/cryptup-chrome</a></li>
</ul>
</li>
<li>Send and receive end-to-end encrypted email using your normal email account (Mobile, Desktop version coming soon)
<ul>
<li><a href="https://prettyeasyprivacy.com/">https://prettyeasyprivacy.com/</a></li>
<li><a href="https://cacert.pep.foundation/trac">https://cacert.pep.foundation/trac</a></li>
</ul>
</li>
<li>Send end-to-end encrypted text messages on a phone or computer
<ul>
<li><a href="https://wire.com/en/">https://wire.com/en/</a></li>
<li><a href="https://github.com/wireapp/">https://github.com/wireapp/</a></li>
</ul>
</li>
<li>Send end-to-end encrypted text messages on your phone
<ul>
<li><a href="https://whispersystems.org/">https://whispersystems.org/</a></li>
<li>Source Code: <a href="https://github.com/whispersystems">https://github.com/whispersystems</a></li>
</ul>
</li>
<li>Type or paste a message and give the link to friends
<ul>
<li><a href="https://ncry.pt/">https://ncry.pt/</a> (Source code: <a href="https://github.com/luggs-co/ncrypt">https://github.com/luggs-co/ncrypt</a>)</li>
<li><a href="https://privatebin.net/">https://privatebin.net/</a> (Source code: <a href="https://github.com/PrivateBin/PrivateBin">https://github.com/PrivateBin/PrivateBin</a>)</li>
</ul>
</li>
<li>Chat online with lots of people at once
<ul>
<li><a href="https://riot.im/">https://riot.im/</a> <strong>NOTE:</strong> End-to-end encryption mode in beta so currently disabled by default</li>
<li>Source code: <a href="https://github.com/vector-im">https://github.com/vector-im</a></li>
</ul>
</li>
</ul>
<h3>Proprietary</h3>
<p>While we value Open Source, the need for Zero Knowledge Cloud is paramount and we respect the
decision of some organizations to keep parts of their codebases proprietary.</p>
<ul>
<li>Data backup
<ul>
<li><a href="https://www.boxcryptor.com/en">https://www.boxcryptor.com/en</a></li>
<li><a href="https://whisp.ly/en">https://whisp.ly/en</a></li>
<li><a href="https://www.sync.com/">https://www.sync.com/</a></li>
<li><a href="https://www.pcloud.com/">https://www.pcloud.com</a></li>
<li><a href="https://spideroak.com/personal/spideroak-one">https://spideroak.com/personal/spideroak-one</a></li>
</ul>
</li>
<li>Chat and instant messaging
<ul>
<li><a href="https://spideroak.com/personal/semaphor">https://spideroak.com/personal/semaphor</a></li>
</ul>
</li>
<li>Send and receive end-to-end encrypted email
<ul>
<li><a href="https://protonmail.com/">https://protonmail.com/</a></li>
</ul>
</li>
<li>Web of trust and proof of identity
<ul>
<li><a href="https://keybase.io/">https://keybase.io/</a></li>
</ul>
</li>
</ul>
<p>An important one which we forgot? <a href="https://cryptpad.fr/contact.html">Get in touch</a>!</p>
<h3>Updated</h3>
<ul>
<li>August 9, 2017, Wire is now fully Open Source, yay</li>
</ul>