Here is short and very technical overview of the three components that make Safing awesome.
The Portmaster is an application firewall that enforces application profiles on processes.
Being an application firewall means tightly integrating with the kernel of the underlying OS (via network filter APIs or kernel modules) to gain needed information (associate network packets to processes) and control (block or deny network connections).
Application profiles describe an application’s behavior in the sense of how it interacts with the Internet: Does it connect to a fixed set of domains? Is it a peer to peer application? Does it interact with the local network? Should TLS be enforced and checked? etc.
Profiles represent an application as experienced by the user, not as defined by technology - making them easy to understand and superior to other common application classification approaches. They can be either created by users themselves or - most of the times - obtained through Stamp (explained later).
Gate17 brings together several state of the art network technologies and gives them a new spicy twist 🌶️.
The goal of Gate17 is to protect connection data as well as metadata from surveillance capitalism.
Adapted core concepts:
The new spicy twist 🌶️:
A final note: You may have noted that Gate17 is, in some aspects, similar to the Tor Project. The key difference is, that Gate17 focuses on speed and usability, but does not claim to match Tor’s level of security. We will provide a in-depth comparison in the future.
Stamp is an online community where participants “stamp” (ie. tag, categorize) domains and applications (used by Portmaster for application profiles) to serve as a data source for any kind of network filter. Contributions are rewarded with reputation that gives them more influence on the platform. This reputation system will be blockchain-based in the future. Stamp is a separate project that is backed by Safing.