Father
Professional
- Messages
- 2,602
- Reaction score
- 837
- Points
- 113
After a year of development, the release of the CENO 2.1.0 mobile web browser was published, designed to organize access to information in conditions where direct access to information is impossible, for example, when Internet segments are disconnected from the global network as a result of failures or malicious actions. The browser is based on the GeckoView engine (used in Firefox for Android), which is enhanced with the ability to exchange data through a decentralized P2P network, in which users participate in redirecting traffic to external gateways that provide access to information. The project's developments are distributed under the MIT license. Ready-made builds are available in Google Play.
The P2P functionality is included in a separate Ouinet library, which can be used in any application. The CENO browser and the Ouinet library allow you to access information in situations up to a complete shutdown of the Internet, for example, as a result of global crashes. In this case, the content can be distributed from the cache or local storage devices.
The project uses content caching on the side of each user, while maintaining a decentralized cache of popular content. When a user opens the site, the downloaded content is cached on the local system and becomes available to participants in the P2P network who cannot directly access the resource or gateways. Only data directly requested from that device is stored on each device. Identification of cached pages is performed using the hash from the URL. All additional data associated with the page, such as images, scripts, and styles, is grouped and returned together by a single ID.
To gain access to new content that cannot be directly accessed, special proxy gateways (injectors) are used, which are placed in external undamaged parts of the network where it is still possible to establish a connection. Information between the client and the gateway is encrypted using public key-based encryption. Digital signatures are used to identify gateways and prevent the introduction of malicious gateways, and the keys of the gateways supported by the project are included in the browser's delivery.
To access the gateway when it is directly unavailable, it supports connecting via a chain through other users who act as a proxy for forwarding traffic to the gateway (data is encrypted with the gateway key, which does not allow transit users through whose systems the request is transmitted to break into the traffic or determine the content). Client systems do not send external requests on behalf of other users, but either return data from the cache, or are used as a link to establish a tunnel to the proxy gateway.
The browser initially tries to deliver regular requests directly, and if the direct request fails, it searches the distributed cache. If there is no URL in the cache, information is requested through connecting to the proxy gateway or accessing the gateway through another user. Sensitive data, such as cookies, is not stored in the cache.
Each system in the P2P network is provided with an internal identifier that is used for routing in the P2P network, but is not tied to the user's physical location. The reliability of information transmitted and stored in the cache is ensured through the use of digital signatures (Ed25519). The transmitted traffic is encrypted using TLS. A distributed hash table (DHT) is used to access information about the network structure, participants, and cached content. If necessary, in addition to HTTP, uTP or Tor can be used as a transport.
At the same time, CENO does not provide anonymity and information about sent requests is available for analysis on participants ' devices (for example, the hash can be used to determine that the user accessed a specific site). For confidential requests, such as those that require you to connect to your account in mail and social networks, you can use a separate private tab, where data is requested only directly or through a proxy gateway, but without accessing the cache and without settling in the cache.
Among the changes in the new release:
The browser engine is synchronized with the components of Firefox 123.1.0.
Improved display of content download sources.
Dark design mode is enabled by default.
Added a setting for exporting full application logs.
Added a page to wait for connection during startup.
Added a setting to control whether bridge mode is enabled.
Updated the default list of recommended sites.
The P2P functionality is included in a separate Ouinet library, which can be used in any application. The CENO browser and the Ouinet library allow you to access information in situations up to a complete shutdown of the Internet, for example, as a result of global crashes. In this case, the content can be distributed from the cache or local storage devices.
The project uses content caching on the side of each user, while maintaining a decentralized cache of popular content. When a user opens the site, the downloaded content is cached on the local system and becomes available to participants in the P2P network who cannot directly access the resource or gateways. Only data directly requested from that device is stored on each device. Identification of cached pages is performed using the hash from the URL. All additional data associated with the page, such as images, scripts, and styles, is grouped and returned together by a single ID.
To gain access to new content that cannot be directly accessed, special proxy gateways (injectors) are used, which are placed in external undamaged parts of the network where it is still possible to establish a connection. Information between the client and the gateway is encrypted using public key-based encryption. Digital signatures are used to identify gateways and prevent the introduction of malicious gateways, and the keys of the gateways supported by the project are included in the browser's delivery.
To access the gateway when it is directly unavailable, it supports connecting via a chain through other users who act as a proxy for forwarding traffic to the gateway (data is encrypted with the gateway key, which does not allow transit users through whose systems the request is transmitted to break into the traffic or determine the content). Client systems do not send external requests on behalf of other users, but either return data from the cache, or are used as a link to establish a tunnel to the proxy gateway.
The browser initially tries to deliver regular requests directly, and if the direct request fails, it searches the distributed cache. If there is no URL in the cache, information is requested through connecting to the proxy gateway or accessing the gateway through another user. Sensitive data, such as cookies, is not stored in the cache.
Each system in the P2P network is provided with an internal identifier that is used for routing in the P2P network, but is not tied to the user's physical location. The reliability of information transmitted and stored in the cache is ensured through the use of digital signatures (Ed25519). The transmitted traffic is encrypted using TLS. A distributed hash table (DHT) is used to access information about the network structure, participants, and cached content. If necessary, in addition to HTTP, uTP or Tor can be used as a transport.
At the same time, CENO does not provide anonymity and information about sent requests is available for analysis on participants ' devices (for example, the hash can be used to determine that the user accessed a specific site). For confidential requests, such as those that require you to connect to your account in mail and social networks, you can use a separate private tab, where data is requested only directly or through a proxy gateway, but without accessing the cache and without settling in the cache.
Among the changes in the new release:
The browser engine is synchronized with the components of Firefox 123.1.0.
Improved display of content download sources.
Dark design mode is enabled by default.
Added a setting for exporting full application logs.
Added a page to wait for connection during startup.
Added a setting to control whether bridge mode is enabled.
Updated the default list of recommended sites.
