Debunking the Zero-Sum Game
Building new certification governance models and open technologies suitable to deliver radically-unprecedented IT security to all citizens' communications and transactions, and then to critical societal IT and AI systems, while solidly enabling legitimate constitutional lawful access.
Radically increase IT and AI trustworthiness
Promote the creation and wide adoption of new dual-use IT security certification body, and an compliant open computing base and ecosystem, that radically-exceed state-of-the-art in user-trustworthiness of IT and AI systems, while increasing public safety, cyber-investigation capabilities and economic growth. Initially for strategic communications and transactions.
Cybersecurity is a governance problem
All and every software, hardware and processes that are critically involved in an IT service provisioning or lifecycle – from CPU design to fabrication, from hosting room access to standard setting – are subject to extreme verification relative to complexity, or to extremely resilient cyber-social oversight, based on offline citizen-witness or citizen-jury processes. We reconceptualize the cybersecurity of a given critical IT system as the by-product of the intrinsic resilience, accountability, and competency of organizational and cyber-social processes.
Why a new Certification Body and open ecosystem?
Even the most secure IT certifications and technologies available today offer levels of trustworthiness – and trustworthiness measurability – that are radically-lower than what is required by many narrow- or wide-market critical societal use cases. This problem extends to critical AI systems, which rely on such IT for their most critical sub-systems.
Extreme accountability and competency
The statute of the Trustless Computing Association and its planned Trustless Computing Certification Body are conceived to ensure they will sustainably remain extremely user-accountable, citizens-accountable, ethical and technically-proficient. By statute, it’s decision-making power will be transferred to a mix of end-users, informed random-sampled citizens, democratic nations, and top ethical cybersecurity experts.
A Quest for Freedom within & through IT
Trustless Computing Association and its spin-off startup TRUSTLESS.AI are primarily the fruit of 17 years of the single-minded quest by Rufo Guerreschi to realize the potential of ICT to radically improve individual civil freedoms and democratic participation, by founding multiple NGOs and startups in the areas of e-participation, free software, and bleeding-edge privacy-enhancing technologies and standards. In 2013, he crossed path with Roberto Gallo, on a similar quest with similar determination – and highly complementary skills – creating a steel bond that lasts to this day.
Trustless Computing Certification Body & CivicNet
Since 2014, the Trustless Computing Association has been promoting and building the Trustless Computing Certification Body, a new dual-use IT security certification body and schema, aimed at ultra-high, radically-unprecedented levels of trustworthiness; while at once solidly enabling legit lawful access. Both such goas are achieved primarily through (1) extreme levels of ethical and public security-review in relation to complexity of all tech and processes critically-involved in the entire lifecycle, down toCPU design and chip fabrication oversight; and through (2) extreme levels of citizen-accountability, independence, and technical proficiency of the governance and socio-technical process, including the wide utilisation of citizen-witness and citizen-jury based oversight processes.
In parallel, our public and private partners, our spin-off startup TRUSTLESS.AI, and our 15-25M€ TRUSTLESS Dual-Use Initiave are building SeeVik Net: a Trustless-Computing-compliant low-royalty open computing base, ecosystem and IT service. While initially offering high-level certifications targeted at the confidentiality, integrity and non-repudiability of the most critical civilian and governmental transactions and communications,TCCB will expand to other sub-domains, and to ultra-high availability use cases. It aims to be complementary, synergic and inspirational for existing and upcoming cybersecurity certifications. It will strongly promote downward compatibility in respect to EU Secret, eIDAS Qualified, Common Criteria EAL4, SOG-IS, and inspire future certification schemas within the new European Cybersecurity Certification Framework.